CN101162999A - Method of authenticating identification based common key cryptosystem and encryption address in network - Google Patents
Method of authenticating identification based common key cryptosystem and encryption address in network Download PDFInfo
- Publication number
- CN101162999A CN101162999A CNA2006101319838A CN200610131983A CN101162999A CN 101162999 A CN101162999 A CN 101162999A CN A2006101319838 A CNA2006101319838 A CN A2006101319838A CN 200610131983 A CN200610131983 A CN 200610131983A CN 101162999 A CN101162999 A CN 101162999A
- Authority
- CN
- China
- Prior art keywords
- ibc
- cga
- address
- identity
- mobile
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention provides an identity-based public-key cryptography system (IBC) and the authentication method of CGA (Cryptographically Generated Addresses) in a mobile IPv6 network. In the method, a mobile node obtains owned public and private keys via an identity identifier registered on the identity-based public-key cryptography system (IBC) and configures an IPv6 address via the owned public key. Only by knowing the identifier of a communication peer, the mobile node can use the public parameters of the system to calculate the public key of the communication peer in order to carry out message encryption or signature authentication, whereas the private key of the mobile node can be obtained only by the center of the IBC cryptography system and the mobile node. The method resolves three problems at the same time, the first problem is the ownership of IPv6 addresses, the second problem is the authentication property of message sources, that is, messages come from the owers of addresses, and the third problem is the trust property which is resolved by the IBC, that is, a message source is an authentic entity.
Description
Technical field
Belong to Internet technology based on the common key cryptosystem (IBC) of identity and the authentication method of CGA in the mobile IP v 6 network and move the IPV6 communication technical field.
Background technology
Mobile IP v 6 is a kind of simple extendible global Internet mobile IP v 6 solution, makes node still can keep ongoing communication when changing Access Network.Security mechanism in the mobile IP v 6 network is the hot issue of current research, carry out the attack of various ways such as person's spoofed IP v6 open to attack address, data redirection in neighbours'discovery, routing optimality and the network switching process at mobile node (MN), a large amount of research of very easily cause the paralysis of network and the leakage of private data. is intended to improve the security feature of Mobile IPv 6 Network; The method that RFC3972 (non-patent literature 1) has proposed Cryptographically Generated Address (CGA) guarantees the confidentiality of exchanges data in the Neighbor Discovery Protocol (RFC3971, Secure Neighbor Discovery Protocol) and has solved " address owner " problem (Address Ownership Problem) the draft draft-ietf-mipshop-cga-cba-00.txt of .MIPSHOP working group (non-patent literature 2) to have proposed a kind of security of guaranteeing mobile node execution route optimization process in the MIPv6 network with CGA and Credit Based Authorization (CBA) method. Also have to discuss use CGA sets up security association between mobile node (MN) and the mobile anchor node (MAP) in the hierarchical mobile IPv 6 network draft literary composition draft-haddad-mipshop-hmipv6-security-06.txt in addition, and the document used of discussion IPSEC agreement such as draft-ietf-mip6-cn-ipsec-03.txt and these research work of draft-ietf-mip6-ikev2-ipsec-06.txt. are that the research of the fail safe in the mobile IP v 6 network and realization are opened up the game and proposed new challenge in the mobile IP v 6 network.
Proposed in the security mechanism at these, CGA has brought into play important effect.Dispose the scheme that produces the IPv6 address as a kind of with the cryptography method, CGA has advantageously overcome the defective of PKIX (PKI, Public Key Infrastructure) without any need for the support of PKIX.When CGA and a private key signature were coefficient, behind the CGA authentication success, it can answer two problems definitely: 1) the IPv6 address of this CGA correspondence had declared to be had by certain network entity; 2) this message comes from the owner of this CGA address.Yet CGA itself can not solve trust problem, and promptly it can not confirm problem 3) owner of this CGA address is a believable entity.The usual method that solves trust problem is to seek help from PKIX PKI, yet the complexity of PKI makes that its application in the extremely strong mobile IP v 6 network of mobility and dynamic is both uneconomical also unrealistic.(IdentityBased Cryptosystem IBC) can be used as good the substituting of PKI based on the common key cryptosystem of identity.IBC is proposed in 1984 by Shamir the earliest, its objective is hope can be directly with user's identity information as PKI, carry out encryption and decryption and signature verification, thereby avoid the authentication of complexity and thorny public key management problem.Effective and the safe enciphering and deciphering algorithm of IBC up to calendar year 2001 just by Boneh, independent respectively propose (non-patent literature 3) of Franklin and Cocks, just started one research boom thereupon, and obtained scheme, agreement of many outstanding practicalities etc. gradually based on the identity public key system.
The present invention proposes associating IBC and CGA mechanism to a kind of method that mobile node authenticates, the IPv6 address of using this mechanism configuration to produce can solve three problems: 1) the IPv6 address of this CGA correspondence has declared to be had by certain network entity; 2) this message comes from the owner of this CGA address; 3) owner of this CGA address is a believable entity.Present authentication mechanism can not solve this three problems simultaneously.
Summary of the invention
The purpose of this invention is to promote the security feature of mobile IP v 6 network, and overcomes the deficiency of conventional public-key infrastructure PKI on performance and extensibility.Common key cryptosystem and CGA (hereinafter to be referred as IBC-CGA) based on identity will provide services such as key management, trust agent for the user, and solved address owner's problem, made the recipient of message be sure of that this IPv6 address is taken by a believable network entity.
In IBC-CGA, a believable third party is arranged, i.e. KDC (KDC, KeyDistribution Center), mobile node must could obtain legal IBC-ID, IBC PKI (IBC-PK) and private key (IBC-PR) in the registration of KDC place.
Suppose that mobile node MN 1 will use IBC-CGA mechanism to send signature information for mobile node MN 2, mobile node 1 is carried out the following step successively, and Fig. 3 describes this five steps in detail
Step1.MN1 is at the IBC-ID of KDC KDC place registration oneself, and obtains legal IBC-PK and IBC-PR, as among Fig. 3 304;
The message that the legal IBC-PR signature that Step2.MN1 obtains with registration will send oneself, signature algorithm is IBC-Sig (), as among Fig. 3 305;
CGA address of legal IBC-PK configuration that Step3.MN1 obtains with registration, concrete method is consistent with RFC3972, as among Fig. 3 306;
Step4.MN1 produces an IBC-CGA parameter, comprises subnet prefix, calculates indispensable parameter (referring to RFC3972) and the IBC-ID of CGA, as among Fig. 3 307
Step5.MN1 sends to MN2 to initial data together with signature and IBC-CGA parameter, as among Fig. 3 308.
It is as follows that mobile node 2 receives the step of after the data data being verified, Fig. 4 describes this four steps in detail:
Step1. obtain the sign of MN1 by the IBC-ID of the MN1 that comprises in the IBC-CGA argument structure, as among Fig. 4 401;
Step2. calculate the PKI of MN1 correspondence by the IBC-ID of MN1, as among Fig. 4 402;
Step3. by PKI the CGA of MN1 configuration is verified that the detailed step of checking is seen RFC3972, as among Fig. 4 403;
Step4. by PKI the data signature field is verified that the signature verification algorithm is IBC-Checksig (), as among Fig. 4 404;
[non-patent literature 1] Aura, T., " Cryptographically Generated Addresses (CGA) ", and RFC3972, March 2005.
[non-patent literature 2] J.Arkko, C.vogt, W.Haddad, " Applying CryptographicallyGenerated Addresses and Credit-Based Authorization to Mobile IPv6 ", draft-ietf-mipshop-cga-cba-00.txt, August 13,2006.
[non-patent literature 3] Dan Boneh, Matt Franklin, " Identity-Based Encryption from the WeilPairing ", LNCS 2139, Springer-Verlag Berlin Heidelberg 2001.
Description of drawings
Fig. 1 is based on the architecture of the common key cryptosystem IBC of identity
Fig. 2 is the structural representation of portable terminal among the present invention
Fig. 3 is the signature process flow chart in the IBC-CGA system
Fig. 4 is the flow chart of signature verification in the IBC-CGA system
Fig. 5 is the data structure of IBC-CGA parameter
Fig. 6 is the modular structure schematic diagram of KDC among the present invention
Embodiment
Fig. 1 has said that in detail it comprises following components based on the architecture of the common key cryptosystem IBC of identity:
● KDC (KDC), be responsible for to produce, provide, backup and managing I BC system initialization and the necessary system parameters of operation, as among Fig. 1 102;
● end entity is user, application program or the equipment of using system safety function, as among Fig. 1 101 and 103;
● end entity and KDC register the flow process with key distribution, as among Fig. 1 104,105,106,107;
● the information signature verification process between the end entity, as among Fig. 1 108;
Fig. 2 is the modular structure schematic diagram of portable terminal.In Fig. 2, the 201st, radio network interface, 202 are based on the encrypted signature module of the common key cryptosystem of identity, 203 are to use the PKI configuration of IBC system to produce the module of CGA address, among Fig. 2 204,205,206,207 is respectively power supply unit, control part, storage part and the UIF portion of portable terminal.
Fig. 6 is the modular structure schematic diagram of KDC.In Fig. 6, the 601st, the network interface of KDC, the 602nd, the key production module of KDC, be responsible for producing, provide, back up and managing I BC system initialization and the necessary system parameters of operation, the 603rd, key management module is responsible for initialization (being provided by the key production center) IBC system parameters<q, G1, G2
N, P, P
Pub, H
1, H
2, accept the application of name administrative center, generation has comprised the ID certificate of designated terminal entity (name) private key and it has been returned to name administrative center.
Fig. 5 is the data structure that the IBC-CGA system need carry out transmission parameter when carrying out address validation.In Fig. 5, the 501st, the parameter of employed one 16 byte when generating CGA, the 502nd, represent the value of 8 bytes of subnet prefix, the 503rd, when generating CGA, produce the counter of collision, 504 are based on the identify label of identity public key cryptographic system, and its length is unfixing, and the 505th, optional extension field.
The IBC system will implement according to the principle of Fig. 7: KDC generates the system parameters<q of the overall situation, G1, and G2,
N, P, P
Pub, H
1, H
2, wherein, G1, G2 are that rank are the group (among Fig. 7 701) of q,
Be the mapping (among Fig. 7 702) of G1 * G1 → G2, hash function H1:{0,1}
*→ G1
*, H2:G2 → and 0,1}
n(among Fig. 7 703), picked at random s ∈ Z
q *, P ∈ G
1, P
Pub=sP (among the figure 704), the master key of system is s, has only the key production center of IBC to know in (among the figure 705).Portable terminal is after the registration ID of KDC, and the method that obtains PKI from ID is: Q
ID=H
1(ID) ∈ G
1 *(shown among Fig. 7 706), the computational methods that obtain private key from ID are: d
ID=sQ
ID(shown among Fig. 7 707), because the confidentiality of s, system can guarantee that the private key of portable terminal only has KDC and portable terminal to know.After obtaining public private key pair, portable terminal to the cryptographic algorithm of information is: select r ∈ Z at random
q *, calculate ciphertext
(shown among Fig. 7 708), decipherment algorithm: V H
2(e (d
ID, U))=M (shown among Fig. 7 709); Signature algorithm: select r ∈ Z at random
q *, the signature message of message M is:
(shown among Fig. 7 709).
Claims (8)
1. based on authentication method in the mobile IP v 6 network of the common key cryptosystem (IBC) of identity and the IPv6 address (CGA) that utilizes cryptography method to produce (below abbreviate IBC-CGA as), it is characterized in that:
(a) common key cryptosystem based on identity (IBC) of the authentication module of portable terminal employing carries out the signature authentication of message;
(b) the IPv6 network address of a CGA of the configuration of the PKI in the used for mobile terminal IBC system.
2. method according to claim 1 wherein also comprises, the realization module of the common key cryptosystem based on identity that disposes on the portable terminal (IBC).
3. method according to claim 1 wherein also comprises, the common key cryptosystem (IBC) based on identity is applied to method in the mobile Ipv6 network.
4. method according to claim 1 wherein also comprises, mobile node uses the mechanism of CGA to guarantee that message is to transmit from the owner of address under the framework of IBC scheme, but does not comprise the concrete grammar that the CGA address generates.
5. realization module according to claim 2 wherein also comprises the algorithm flow that uses IBC and CGA that data are signed.
6. method according to claim 3 comprises also that wherein portable terminal uses the PKI in the IBC system to dispose the method for its Ipv6 address of generation as the input parameter of CGA algorithm.
7. method according to claim 3 wherein also comprises generating the data structure of CGA address institute operation parameter.
8. according to the method shown in the claim 4, wherein also comprise, utilize the PKI of portable terminal in the IBC system to verify the method for CGA address legitimacy, but do not comprise the concrete steps of CGA address validation.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2006101319838A CN101162999A (en) | 2006-10-15 | 2006-10-15 | Method of authenticating identification based common key cryptosystem and encryption address in network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2006101319838A CN101162999A (en) | 2006-10-15 | 2006-10-15 | Method of authenticating identification based common key cryptosystem and encryption address in network |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101162999A true CN101162999A (en) | 2008-04-16 |
Family
ID=39297839
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2006101319838A Pending CN101162999A (en) | 2006-10-15 | 2006-10-15 | Method of authenticating identification based common key cryptosystem and encryption address in network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101162999A (en) |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2009143721A1 (en) * | 2008-05-30 | 2009-12-03 | 华为技术有限公司 | Method, apparatus and system for processing dynamic host configuration protocol message |
| WO2010020190A1 (en) * | 2008-08-21 | 2010-02-25 | 西安西电捷通无线网络通信有限公司 | Method for enhancing the security of the multicast or broadcast system |
| WO2010045804A1 (en) * | 2008-10-21 | 2010-04-29 | 华为技术有限公司 | Cga signature verification method and device thereof |
| WO2010048865A1 (en) * | 2008-10-31 | 2010-05-06 | 成都市华为赛门铁克科技有限公司 | A method and device for preventing network attack |
| CN101741820A (en) * | 2008-11-13 | 2010-06-16 | 华为技术有限公司 | Method, system and device for recognizing and determining color graphic adapter (CGA) public key |
| CN101741545A (en) * | 2008-11-13 | 2010-06-16 | 中国科学院计算机网络信息中心 | Naming and communication method and system for Internet host computer |
| CN101808319A (en) * | 2010-03-16 | 2010-08-18 | 东南大学 | Method for protecting communication security between mobile anchor point and mobile node |
| CN107483209A (en) * | 2017-08-03 | 2017-12-15 | 淮阴工学院 | A kind of safe label decryption method based on heterogeneous system |
| CN107743132A (en) * | 2017-11-28 | 2018-02-27 | 江苏信源久安信息科技有限公司 | The identification of Internet of Things trusted identity and control method based on id password |
| CN108683508A (en) * | 2018-05-11 | 2018-10-19 | 越亮传奇科技股份有限公司 | Information of mobile terminal authentication method based on device-fingerprint |
| CN108702371A (en) * | 2016-03-08 | 2018-10-23 | 高通股份有限公司 | System, apparatus and method for generating the addresses dynamic IP V6 for being used for safety verification |
| CN109688243A (en) * | 2019-01-28 | 2019-04-26 | 重庆邮电大学 | Sensing node IPv6 address distribution method based on trusted identity mark |
-
2006
- 2006-10-15 CN CNA2006101319838A patent/CN101162999A/en active Pending
Cited By (24)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2009143721A1 (en) * | 2008-05-30 | 2009-12-03 | 华为技术有限公司 | Method, apparatus and system for processing dynamic host configuration protocol message |
| US8566584B2 (en) | 2008-05-30 | 2013-10-22 | Huawei Technologies Co., Ltd | Method, apparatus, and system for processing dynamic host configuration protocol message |
| CN101594230B (en) * | 2008-05-30 | 2012-06-27 | 华为技术有限公司 | Method, device and system for processing dynamic host configuration protocol (DHCP) message |
| WO2010020190A1 (en) * | 2008-08-21 | 2010-02-25 | 西安西电捷通无线网络通信有限公司 | Method for enhancing the security of the multicast or broadcast system |
| US8752126B2 (en) | 2008-08-21 | 2014-06-10 | China Iwncomm Co., Ltd | Method for enhancing the security of the multicast or broadcast system |
| US8589692B2 (en) | 2008-10-21 | 2013-11-19 | Huawei Technologies Co., Ltd. | Method and apparatus for verifying CGA signature |
| CN101729251B (en) * | 2008-10-21 | 2012-09-05 | 华为技术有限公司 | Method and device of CGA signature verification |
| WO2010045804A1 (en) * | 2008-10-21 | 2010-04-29 | 华为技术有限公司 | Cga signature verification method and device thereof |
| CN101404579B (en) * | 2008-10-31 | 2011-02-09 | 成都市华为赛门铁克科技有限公司 | Method and device for preventing network attack |
| US8499146B2 (en) | 2008-10-31 | 2013-07-30 | Chengdu Huawei Symantec Technologies Co., Ltd. | Method and device for preventing network attacks |
| WO2010048865A1 (en) * | 2008-10-31 | 2010-05-06 | 成都市华为赛门铁克科技有限公司 | A method and device for preventing network attack |
| CN101741545A (en) * | 2008-11-13 | 2010-06-16 | 中国科学院计算机网络信息中心 | Naming and communication method and system for Internet host computer |
| CN101741820A (en) * | 2008-11-13 | 2010-06-16 | 华为技术有限公司 | Method, system and device for recognizing and determining color graphic adapter (CGA) public key |
| CN101741820B (en) * | 2008-11-13 | 2013-12-18 | 华为技术有限公司 | Method, system and device for recognizing and determining color graphic adapter (CGA) public key |
| CN101741545B (en) * | 2008-11-13 | 2014-03-26 | 中国科学院计算机网络信息中心 | Naming and communication method and system for Internet host computer |
| US8737616B2 (en) | 2008-11-13 | 2014-05-27 | Huawei Technologies Co., Ltd. | Method and apparatus for identifying CGA public key, and method, apparatus, and system for determining CGA public key |
| CN101808319A (en) * | 2010-03-16 | 2010-08-18 | 东南大学 | Method for protecting communication security between mobile anchor point and mobile node |
| CN108702371A (en) * | 2016-03-08 | 2018-10-23 | 高通股份有限公司 | System, apparatus and method for generating the addresses dynamic IP V6 for being used for safety verification |
| CN107483209A (en) * | 2017-08-03 | 2017-12-15 | 淮阴工学院 | A kind of safe label decryption method based on heterogeneous system |
| CN107483209B (en) * | 2017-08-03 | 2020-06-16 | 淮阴工学院 | Secure signcryption method based on heterogeneous system |
| CN107743132A (en) * | 2017-11-28 | 2018-02-27 | 江苏信源久安信息科技有限公司 | The identification of Internet of Things trusted identity and control method based on id password |
| CN108683508A (en) * | 2018-05-11 | 2018-10-19 | 越亮传奇科技股份有限公司 | Information of mobile terminal authentication method based on device-fingerprint |
| CN109688243A (en) * | 2019-01-28 | 2019-04-26 | 重庆邮电大学 | Sensing node IPv6 address distribution method based on trusted identity mark |
| CN109688243B (en) * | 2019-01-28 | 2021-07-06 | 重庆邮电大学 | Sensing node IPv 6address allocation method based on trusted identity |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101162999A (en) | Method of authenticating identification based common key cryptosystem and encryption address in network | |
| Deng et al. | Threshold and identity-based key management and authentication for wireless ad hoc networks | |
| Li et al. | Efficient certificateless access control for industrial Internet of Things | |
| US20060023887A1 (en) | Threshold and identity-based key management and authentication for wireless ad hoc networks | |
| CN102318258A (en) | Identity based authenticated key agreement protocol | |
| CN103491540A (en) | Wireless local area network two-way access authentication system and method based on identity certificates | |
| CN101540669A (en) | Method for distributing keys and protecting information for wireless mobile communication network | |
| US20110055553A1 (en) | Method for controlling user access in sensor networks | |
| CN101977380A (en) | Wireless Mesh network identification method | |
| Wang et al. | A practical authentication framework for VANETs | |
| Li et al. | A certificateless key management scheme in mobile ad hoc networks | |
| Liu et al. | Efficient and anonymous authentication with succinct multi-subscription credential in SAGVN | |
| Ding et al. | Efficient authentication and key agreement protocol with anonymity for delay tolerant networks | |
| Ambareen et al. | LEES: a hybrid lightweight elliptic ElGamal-Schnorr-based cryptography for secure D2D communications | |
| Han et al. | Secure and efficient public key management in next generation mobile networks | |
| Van Besien | Dynamic, non-interactive key management for the bundle protocol | |
| Boualam et al. | Privacy Preservation Authentication Model for a Secure Infrastructure over Vehicular Communications. | |
| Daza et al. | On dynamic distribution of private keys over manets | |
| Bai | Comparative research on two kinds of certification systems of the public key infrastructure (PKI) and the identity based encryption (IBE) | |
| Weerasinghe et al. | ESAP: efficient and scalable authentication protocol with conditional privacy for secure vehicular communications | |
| Yasmin et al. | A pairing-free ID-based one-pass authenticated key establishment protocol for wireless sensor networks | |
| KR101042834B1 (en) | A Self-Certified Signcryption Method for Mobile Communications | |
| Dao et al. | Prefetched asymmetric authentication for infrastructureless D2D communications: feasibility study and analysis | |
| Masmoudi et al. | Building identity-based security associations for provider-provisioned virtual private networks | |
| Wang et al. | A unified security framework for multi-domain Wireless Mesh Networks |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| DD01 | Delivery of document by public notice |
Addressee: Bai Jianmin Document name: Notification that Application Deemed to be Withdrawn |
|
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20080416 |