CN101247223B - 一种基于可信第三方的实体双向鉴别方法 - Google Patents

一种基于可信第三方的实体双向鉴别方法 Download PDF

Info

Publication number
CN101247223B
CN101247223B CN2008100176465A CN200810017646A CN101247223B CN 101247223 B CN101247223 B CN 101247223B CN 2008100176465 A CN2008100176465 A CN 2008100176465A CN 200810017646 A CN200810017646 A CN 200810017646A CN 101247223 B CN101247223 B CN 101247223B
Authority
CN
China
Prior art keywords
entity
message
party
trusted
checking
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN2008100176465A
Other languages
English (en)
Other versions
CN101247223A (zh
Inventor
铁满霞
曹军
赖晓龙
黄振海
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Iwncomm Co Ltd
Original Assignee
China Iwncomm Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Iwncomm Co Ltd filed Critical China Iwncomm Co Ltd
Priority to CN2008100176465A priority Critical patent/CN101247223B/zh
Publication of CN101247223A publication Critical patent/CN101247223A/zh
Priority to KR1020107021533A priority patent/KR101483818B1/ko
Priority to EP09717387.6A priority patent/EP2257021B1/en
Priority to KR1020137014220A priority patent/KR101483895B1/ko
Priority to PCT/CN2009/070629 priority patent/WO2009109136A1/zh
Priority to JP2010549004A priority patent/JP5370373B2/ja
Priority to US12/920,931 priority patent/US8510565B2/en
Application granted granted Critical
Publication of CN101247223B publication Critical patent/CN101247223B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0884Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer And Data Communications (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

本发明涉及一种基于可信第三方的实体双向鉴别方法。该方法包括以下步骤:1)实体B向实体A发送消息1;2)实体A收到消息1后,向可信第三方TP发送消息2;3)可信第三方TP收到消息2后,检查实体A和实体B是否合法;4)可信第三方TP检查完实体A和实体B的合法性后,向实体A返回消息3;5)实体A收到消息3后,进行验证;6)实体A完成对消息3的验证后,向实体B发送消息4;7)实体B收到消息4后,进行验证,完成鉴别。本发明简化了协议的运行条件,降低了对鉴别实体的计算能力要求,可满足资源较差的网络设备的高安全性需求。

Description

一种基于可信第三方的实体双向鉴别方法
技术领域
本发明涉及一种基于可信第三方的实体双向鉴别方法。
背景技术
采用非对称密码技术的实体鉴别方法可分为两种类型,即单向鉴别和双向鉴别。鉴别的唯一性或时效性由时变参数进行标识,常被用作时变参数的有时间标记、顺序号和随机数等。若采用时间标记或顺序号作为时变参数,则单向鉴别只需要采用一次消息传递,双向鉴别需要采用两次消息传递;若采用随机数作为时变参数,则单向鉴别需要采用两次消息传递,双向鉴别需要采用三次消息传递或四次消息传递(即两次消息传递的并行鉴别)。
不论上述哪种鉴别机制,在运行之前或运行当中,验证者必须具有声称者的有效公开密钥,否则鉴别过程会受到损害或不能成功完成。在此,以双向鉴别的三次传递方法为例进行说明:
参见图1,权标TokenAB=RA||RB||B||Text3||sSA(RA||RB||B||Text2),TokenBA=RB||RA||A||Text5||sSB(RB||RA||A||Text4)。其中,X为实体区分符,该鉴别系统有A和B两个鉴别实体;CertX表示实体X的证书;sSX表示实体X的签名;RX表示实体X产生的随机数;Text为可选文本字段。
三次传递鉴别机制运行过程详述如下:
1)实体B发送随机数RB、可选项文本Text1给实体A;
2)实体A发送权标TokenAB、可选项证书CertA给实体B;
3)实体B收到实体A发送的消息后,执行以下步骤:
3.1)通过检验实体A的证书或通过别的方式确保拥有实体A的有效公开密钥。
3.2)获取实体A的公钥后,验证步骤2)中的TokenAB的签名,校验区分符B的正确性,并检查步骤1)中发送的随机数RB和TokenAB中的随机数RB是否相符,实体B完成对实体A的验证;
4)实体B发送权标TokenBA、可选项证书CertB给实体A;
5)实体A收到实体B发送的包括TokenBA的消息后,执行以下步骤:
5.1)通过检验实体B的证书或通过别的方式确保拥有实体B的有效公开密钥;
5.2)获取实体B的公钥后,验证4)中的TokenBA的签名,校验区分符A的正确性,并检查步骤2)中发送的随机数RA和TokenBA中的随机数RA是否相符及1)中收到的随机数RB和TokenBA中的随机数RB是否相符;实体A完成对实体B的验证。
可见,三次传递鉴别机制欲运行成功必须确保实体A和B分别拥有对方的有效公开密钥,而如何获得对方公开密钥及其有效性,协议本身并没有涉及。这一保障需求条件在目前很多应用环境下都不能满足,比如通信网络通常采用实体鉴别机制实现用户接入控制功能,在鉴别机制成功完成前,禁止用户访问网络,因而在鉴别之前用户无法或难以访问证书机构获得对端实体网络接入点公开密钥的有效性。
目前通信网络通常需要在用户和网络接入点之间完成双向鉴别,以确保合法用户接入合法网络,因此对于网络实体而言,在鉴别之前若不需知晓通信对端实体的有效公开密钥,而是在鉴别过程中完成对端实体公开密钥的验证,则不仅完善了传统的实体鉴别机制,而且使其在实际应用中具有良好的可行性和易用性。另外,不论上述哪种鉴别机制,鉴别实体都需要进行公钥计算,而公钥计算比较耗时,这对于计算能力较弱的鉴别实体而言,鉴别协议难以得到应用。因此,协议的设计应在保障鉴别功能的基础上,尽可能减少鉴别实体的公钥计算次数。
发明内容
本发明为解决背景技术中存在的上述技术问题,而提出一种基于可信第三方的实体双向鉴别方法。
本发明的技术解决方案是:一种基于可信第三方的实体双向鉴别方法,其特殊之处在于:该方法包括以下步骤:
1)实体B向实体A发送消息1,消息1包括时变参数RB、身份标识IDB、权标TokenBA、可选项文本Text1;
2)实体A收到消息1后,向可信第三方TP发送消息2,消息2包括时变参数RA和RB、身份标识IDA和IDB、权标TokenAT和TokenBA、可选项文本Text1和Text2;
3)可信第三方TP收到消息2后,检查实体A和实体B是否合法;
4)可信第三方TP检查完实体A和实体B的合法性后,向实体A返回消息3,消息3包括权标TokenTA和可选项文本Text3或者包括权标TokenTA1和TokenTA2;
5)实体A收到消息3后,进行验证;
6)实体A完成对消息3的验证后,向实体B发送消息4,消息4包括权标TokenTA和可选项文本Text3或者包括权标TokenTA2;
7)实体B收到消息4后,进行验证,完成鉴别。
上述步骤3)中检查实体A和实体B是否合法的具体步骤如下:若消息2中实体A和实体B的身份标识为证书,则验证权标TokenBA和TokenAT中实体B和实体A的签名,若验证不通过,则直接丢弃消息2;否则检查实体A和实体B证书的有效性,若无效,则直接丢弃消息2或返回消息3;若有效,返回消息3,执行步骤4);
上述步骤3)中检查实体A和实体B是否合法的具体步骤如下:若消息2中实体A和实体B的身份标识为区分符,则搜索并检查实体A和实体B相应的公钥及其有效性;若搜索不到对应的公钥或公钥无效,则直接丢弃消息2或返回消息3;若搜索到且有效,则再验证权标TokenBA和TokenAT中实体B和实体A的签名,若验证不通过,则直接丢弃消息2;若验证通过,则返回消息3,执行步骤4);
上述步骤5)中实体A中的具体验证步骤如下:验证TokenTA或TokenTA1中可信第三方TP的签名,并检查消息2中的时变参数RA与TokenTA或TokenTA1中的时变参数RA是否相符,相符则得到实体B的验证结果PubB
上述步骤7)中实体B中的具体验证步骤如下:验证TokenTA或TokenTA2中可信第三方TP的签名,并检查消息1中的时变参数RB与TokenTA或TokenTA2中的时变参数RB是否相符,相符则得到实体A的验证结果PubA
上述时变参数可为随机数、时间标记或顺序号。
在上述步骤1)之前,还可添加步骤0),即首先实体A向实体B发送消息0,实体B收到消息0后再向实体A发送消息1,消息0包括时变参数RA、身份标识IDA、可选项文本Text0。
本发明采用三实体构架,鉴别实体在鉴别之前需获得可信第三方的的公钥或证书,并获得可信第三方颁发给自己的用户证书或将自己的公钥交给可信第三方保管,而无需事先知晓对端鉴别实体的有效公开密钥。在协议运行中,鉴别实体的公开密钥及其有效性通过可信第三方的搜索和验证,自动传递给所需的对端;在协议运行中,鉴别实体的验证签名工作尽可能交由通常计算能力较强的可信第三方完成。本发明相比传统鉴别机制,定义了公开密钥的在线检索和鉴别机制,实现了对它的集中管理,简化了协议的运行条件,降低了对鉴别实体的计算能力要求,可满足资源较差的网络设备的高安全性需求。
附图说明
图1为现有技术中三次传递鉴别机制的鉴别示意图;
图2为本发明的鉴别示意图。
具体实施方式
参见图2,本发明的方法涉及三个实体,两个鉴别实体A和B,一个可信第三方TP(Trusted third Party),可信第三方TP为鉴别实体A和B的可信第三方。将这种通过可信第三方TP实现两实体A、B之间对等鉴别的系统,称之为三元对等鉴别TePA(Tri-element Peer Authentication)系统。图2中,ValidX表示证书CertX的有效性;PublicKeyX为实体X的公钥;IDX为实体X的身份标识,由证书CertX或者实体的区分符X表示;PubX表示实体X的验证结果,由证书CertX及其有效性ValidX组成或者由实体X及其公钥PublicKeyX组成,Token为权标字段,定义如下:
TokenBA=sSB(RB||IDB||Text1))
TokenAT=sSA(RA||RB||IDA||IDB||Text2)
TokenTA=RA||RB||PubA||PubB||sSTP(RA||RB||PubA||PubB||Text3)
TokenTA1=RA||PubB||Text4||sSTP(RA||PubB||Text4)
TokenTA2=RB||PubA||Text5||sSTP(RB||PubA||Text5)
其具体流程如下:
1)实体B向实体A发送消息1,消息1包括时变参数RB、身份标识IDB、权标TokenBA、可选项文本Text1;
2)实体A收到消息1后,向可信第三方TP发送消息2,消息2包括时变参数RA和RB、身份标识IDA和IDB、权标TokenBA和TokenAT以及可选项文本Text1和Text2;
3)可信第三方TP收到消息2后,检查实体A和实体B是否合法;
其中:若消息2中实体A和实体B的身份标识为证书,则验证权标TokenBA和TokenAT中实体B和实体A的签名,若验证不通过,则直接丢弃消息2;否则检查实体A和实体B证书的有效性,若无效,则直接丢弃消息2或返回消息3;若有效,返回消息3,执行步骤4)。
若消息2中实体A和实体B的身份标识为区分符,则搜索并检查实体A和实体B相应的公钥及其有效性;若搜索不到对应的公钥或公钥无效,则直接丢弃消息2或返回消息3;若搜索到且有效,则再验证权标TokenBA和TokenAT中实体B和实体A的签名,若验证不通过,则直接丢弃消息2;若验证通过,则返回消息3,执行步骤4)。
4)可信第三方TP检查完实体A和实体B的合法性后,向实体A返回消息3,消息3包括权标TokenTA和可选项文本Text3或者包含权标TokenTA1和TokenTA2;
5)实体A收到消息3后,进行验证。验证TokenTA或TokenTA1中可信第三方TP的签名,并检查消息2中的时变参数RA与TokenTA或TokenTA1中的时变参数RA是否相符,相符则得到实体B的验证结果PubB
6)实体A完成对消息3的验证后,向实体B发送消息4,消息4包括权标TokenTA和可选项文本Text3或者包括权标TokenTA2;
7)实体B收到消息4后,进行验证。验证TokenTA或TokenTA2中可信第三方TP的签名,并检查消息1中的时变参数RB与TokenTA或TokenTA2中的时变参数RB是否相符,相符则得到实体A的验证结果PubA
需说明的是:
1、本发明中的时变参数可采用随机数、时间标记或顺序号。
2、在某些情况下,便于协议执行,协议的启动可由实体A激活,即实体A首先向实体B发送消息0,实体B收到消息0之后,再开始上述的7个步骤。此时,消息0包括时变参数RA、身份标识IDA、可选项文本Text0,消息1中的权标TokenBA=sSB(RA||RB||IDA||IDB||Text1)。

Claims (7)

1.一种基于可信第三方的实体双向鉴别方法,其特征在于:该方法包括以下步骤:
1)实体B向实体A发送消息1,消息1包括时变参数RB、身份标识IDB、权标TokenBA、可选项文本Text1;
2)实体A收到消息1后,向可信第三方TP发送消息2,消息2包括时变参数RA和RB、身份标识IDA和IDB、权标TokenAT和TokenBA、可选项文本Text1和Text2;
3)可信第三方TP收到消息2后,检查实体A和实体B是否合法;
4)可信第三方TP检查完实体A和实体B的合法性后,向实体A返回消息3,消息3包括权标TokenTA和可选项文本Text3或者包括权标TokenTA1和TokenTA2;
5)实体A收到消息3后,进行验证;
6)实体A完成对消息3的验证后,向实体B发送消息4,消息4包括权标TokenTA和可选项文本Text3或者包括权标TokenTA2;
7)实体B收到消息4后,进行验证,完成鉴别。
2.根据权利要求1所述的基于可信第三方的实体双向鉴别方法,其特征在于:所述步骤3)中检查实体A和实体B是否合法的具体步骤如下:若消息2中实体A和实体B的身份标识为证书,则验证权标TokenBA和TokenAT中实体B和实体A的签名,若验证不通过,则直接丢弃消息2;否则检查实体A和实体B证书的有效性,返回消息3。
3.根据权利要求1所述的基于可信第三方的实体双向鉴别方法,其特征在于:所述步骤3)中检查实体A和实体B是否合法的具体步骤如下:若消息2中实体A和实体B的身份标识为区分符,则搜索并检查实体A和实体B相应的公钥及其有效性;若搜索不到对应的公钥或公钥无效,则返回消息3;若搜索到且有效,则再验证权标TokenBA和TokenAT中实体B和实体A的签名,若验证不通过,则直接丢弃消息2;若验证通过,则返回消息3。
4.根据权利要求1或2或3所述的基于可信第三方的实体双向鉴别方法,其特征在于:所述步骤5)中实体A中的具体验证步骤如下:验证TokenTA或TokenTA1中可信第三方TP的签名,并检查消息2中的时变参数RA与TokenTA或TokenTA1中的时变参数RA是否相符,相符则得到实体B的验证结果PubB
5.根据权利要求4所述的基于可信第三方的实体双向鉴别方法,其特征在于:所述步骤7)中实体B中的具体验证步骤如下:验证TokenTA或TokenTA2中可信第三方TP的签名,并检查消息1中的时变参数RB与TokenTA或TokenTA2中的时变参数RB是否相符,相符则得到实体A的验证结果PubA
6.根据权利要求5所述的基于可信第三方的实体双向鉴别方法,其特征在于:所述时变参数可为随机数、时间标记或顺序号。
7.根据权利要求6所述的基于可信第三方的实体双向鉴别方法,其特征在于:在所述步骤1)之前,还包括步骤0),即首先实体A向实体B发送消息0,实体B收到消息0后再向实体A发送消息1,消息0包括时变参数RA、身份标识IDA及可选项文本Text0。
CN2008100176465A 2008-03-06 2008-03-06 一种基于可信第三方的实体双向鉴别方法 Active CN101247223B (zh)

Priority Applications (7)

Application Number Priority Date Filing Date Title
CN2008100176465A CN101247223B (zh) 2008-03-06 2008-03-06 一种基于可信第三方的实体双向鉴别方法
KR1020107021533A KR101483818B1 (ko) 2008-03-06 2009-03-04 신뢰성 있는 제 3자를 기반으로 한 양방향 엔티티 인증 방법
EP09717387.6A EP2257021B1 (en) 2008-03-06 2009-03-04 A bidirectional entity authentication method based on the credible third party
KR1020137014220A KR101483895B1 (ko) 2008-03-06 2009-03-04 신뢰성 있는 제 3자를 기반으로 한 양방향 엔티티 인증 방법
PCT/CN2009/070629 WO2009109136A1 (zh) 2008-03-06 2009-03-04 一种实用的基于可信第三方的实体双向鉴别方法
JP2010549004A JP5370373B2 (ja) 2008-03-06 2009-03-04 実用的な信頼できるサードパーティに基づくエンティティの双方向識別方法
US12/920,931 US8510565B2 (en) 2008-03-06 2009-03-04 Bidirectional entity authentication method based on the credible third party

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2008100176465A CN101247223B (zh) 2008-03-06 2008-03-06 一种基于可信第三方的实体双向鉴别方法

Publications (2)

Publication Number Publication Date
CN101247223A CN101247223A (zh) 2008-08-20
CN101247223B true CN101247223B (zh) 2010-06-09

Family

ID=39947455

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2008100176465A Active CN101247223B (zh) 2008-03-06 2008-03-06 一种基于可信第三方的实体双向鉴别方法

Country Status (6)

Country Link
US (1) US8510565B2 (zh)
EP (1) EP2257021B1 (zh)
JP (1) JP5370373B2 (zh)
KR (2) KR101483818B1 (zh)
CN (1) CN101247223B (zh)
WO (1) WO2009109136A1 (zh)

Families Citing this family (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101222328B (zh) * 2007-12-14 2010-11-03 西安西电捷通无线网络通信股份有限公司 一种实体双向鉴别方法
CN101247223B (zh) * 2008-03-06 2010-06-09 西安西电捷通无线网络通信有限公司 一种基于可信第三方的实体双向鉴别方法
CN101527718B (zh) 2009-04-16 2011-02-16 西安西电捷通无线网络通信股份有限公司 一种建立三元对等鉴别可信网络连接架构的方法
CN101540676B (zh) * 2009-04-28 2012-05-23 西安西电捷通无线网络通信股份有限公司 一种适合三元对等鉴别可信网络连接架构的平台鉴别方法
CN101572705B (zh) * 2009-06-08 2012-02-01 西安西电捷通无线网络通信股份有限公司 一种实现双向平台认证的系统及方法
CN101645776B (zh) 2009-08-28 2011-09-21 西安西电捷通无线网络通信股份有限公司 一种引入在线第三方的实体鉴别方法
CN101640593B (zh) 2009-08-28 2011-11-02 西安西电捷通无线网络通信股份有限公司 一种引入在线第三方的实体双向鉴别方法
CN101635624B (zh) * 2009-09-02 2011-06-01 西安西电捷通无线网络通信股份有限公司 引入在线可信第三方的实体鉴别方法
CN101674182B (zh) 2009-09-30 2011-07-06 西安西电捷通无线网络通信股份有限公司 引入在线可信第三方的实体公钥获取、证书验证及鉴别的方法及系统
JP5624219B2 (ja) * 2010-10-13 2014-11-12 西安西▲電▼捷通▲無▼綫▲網▼絡通信股▲分▼有限公司Chinaiwncomm Co., Ltd. ネットワークアクセス制御方法およびシステム
CN101997688B (zh) * 2010-11-12 2013-02-06 西安西电捷通无线网络通信股份有限公司 一种匿名实体鉴别方法及系统
CN101984577B (zh) 2010-11-12 2013-05-01 西安西电捷通无线网络通信股份有限公司 匿名实体鉴别方法及系统
CN103312670A (zh) * 2012-03-12 2013-09-18 西安西电捷通无线网络通信股份有限公司 一种认证方法及系统
CN103312499B (zh) * 2012-03-12 2018-07-03 西安西电捷通无线网络通信股份有限公司 一种身份认证方法及系统
JP6238858B2 (ja) * 2014-08-28 2017-11-29 三菱電機株式会社 データ処理システム及び検証装置及び検証方法及びプログラム
CN106571919B (zh) * 2015-10-10 2019-10-29 西安西电捷通无线网络通信股份有限公司 一种实体身份有效性验证方法及其装置
CN106572064B (zh) 2015-10-10 2019-10-29 西安西电捷通无线网络通信股份有限公司 一种多ttp参与的实体身份有效性验证方法及装置
CN106571920B (zh) * 2015-10-10 2019-09-27 西安西电捷通无线网络通信股份有限公司 一种多ttp参与的实体身份有效性验证方法及装置
CN106571921B (zh) * 2015-10-10 2019-11-22 西安西电捷通无线网络通信股份有限公司 一种实体身份有效性验证方法及其装置
US9722803B1 (en) * 2016-09-12 2017-08-01 InfoSci, LLC Systems and methods for device authentication
US10419226B2 (en) 2016-09-12 2019-09-17 InfoSci, LLC Systems and methods for device authentication
CN106682490B (zh) * 2016-12-02 2019-09-20 青岛博文广成信息安全技术有限公司 Cfl人工免疫计算机模型建设方法
US11463439B2 (en) 2017-04-21 2022-10-04 Qwerx Inc. Systems and methods for device authentication and protection of communication on a system on chip
WO2019045914A1 (en) * 2017-09-01 2019-03-07 InfoSci, LLC DEVICE AUTHENTICATION SYSTEMS AND METHODS
US20220070161A1 (en) * 2019-03-04 2022-03-03 Hitachi Vantara Llc Multi-way trust formation in a distributed system

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH08297638A (ja) 1995-04-26 1996-11-12 Nippon Telegr & Teleph Corp <Ntt> 利用者認証方式
JPH08335208A (ja) * 1995-06-08 1996-12-17 Nippon Telegr & Teleph Corp <Ntt> 代理認証方法及びシステム
US5794221A (en) * 1995-07-07 1998-08-11 Egendorf; Andrew Internet billing method
AU2001284754B2 (en) * 2000-08-08 2008-01-10 Wachovia Corporation Internet third-party authentication using electronic tickets
US7370351B1 (en) * 2001-03-22 2008-05-06 Novell, Inc. Cross domain authentication and security services using proxies for HTTP access
US7155608B1 (en) 2001-12-05 2006-12-26 Bellsouth Intellectual Property Corp. Foreign network SPAM blocker
DE60314871T2 (de) 2002-05-24 2008-03-13 Telefonaktiebolaget Lm Ericsson (Publ) Verfahren zur authentifizierung eines anwenders bei einem zugang zu einem dienst eines diensteanbieters
JP2004015665A (ja) * 2002-06-10 2004-01-15 Takeshi Sakamura 電子チケット流通システムにおける認証方法およびicカード
CN100428667C (zh) 2003-12-01 2008-10-22 中国电子科技集团公司第三十研究所 一种采用公开密钥密码算法数字签名模式的强鉴别方法
JP4714482B2 (ja) * 2005-02-28 2011-06-29 株式会社日立製作所 暗号通信システムおよび方法
CN101064605B (zh) 2006-04-29 2011-02-16 华为技术有限公司 一种多主机网络的aaa系统及认证方法
CN100495963C (zh) * 2006-09-23 2009-06-03 西安西电捷通无线网络通信有限公司 一种公钥证书状态的获取及验证方法
CN101247223B (zh) 2008-03-06 2010-06-09 西安西电捷通无线网络通信有限公司 一种基于可信第三方的实体双向鉴别方法

Also Published As

Publication number Publication date
KR20100116697A (ko) 2010-11-01
US8510565B2 (en) 2013-08-13
KR101483895B1 (ko) 2015-01-16
KR101483818B1 (ko) 2015-01-16
KR20130084315A (ko) 2013-07-24
JP5370373B2 (ja) 2013-12-18
EP2257021A4 (en) 2014-08-20
EP2257021A1 (en) 2010-12-01
EP2257021B1 (en) 2019-05-08
JP2011514082A (ja) 2011-04-28
US20110004767A1 (en) 2011-01-06
WO2009109136A1 (zh) 2009-09-11
CN101247223A (zh) 2008-08-20

Similar Documents

Publication Publication Date Title
CN101247223B (zh) 一种基于可信第三方的实体双向鉴别方法
CN101222328B (zh) 一种实体双向鉴别方法
CN100553193C (zh) 一种基于可信第三方的实体双向鉴别方法及其系统
CN101640593B (zh) 一种引入在线第三方的实体双向鉴别方法
CN101635624B (zh) 引入在线可信第三方的实体鉴别方法
CN101645776B (zh) 一种引入在线第三方的实体鉴别方法
CN101674182B (zh) 引入在线可信第三方的实体公钥获取、证书验证及鉴别的方法及系统
CN101364876B (zh) 一种实现实体的公钥获取、证书验证及鉴别的方法
CN101286844B (zh) 一种支持快速切换的实体双向鉴别方法
CN101364875B (zh) 一种实现实体的公钥获取、证书验证及双向鉴别的方法
CN110069918A (zh) 一种基于区块链技术的高效双因子跨域认证方法
CN101442411A (zh) 一种p2p网络中对等用户结点间的身份认证方法

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C56 Change in the name or address of the patentee

Owner name: XI'AN IWNCOMM CO., LTD.

Free format text: FORMER NAME: XIDIAN JIETONG WIRELESS NETWORK COMMUNICATION CO LTD, XI'AN

CP01 Change in the name or title of a patent holder

Address after: High tech Zone technology two road 710075 Shaanxi city of Xi'an Province, No. 68 Xi'an Software Park A201

Patentee after: CHINA IWNCOMM Co.,Ltd.

Address before: High tech Zone technology two road 710075 Shaanxi city of Xi'an Province, No. 68 Xi'an Software Park A201

Patentee before: CHINA IWNCOMM Co.,Ltd.

EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20080820

Assignee: BEIJING ZHIXIANG TECHNOLOGY Co.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: 2016610000049

Denomination of invention: An entity bidirectional authentication method and its system based on trustable third party

Granted publication date: 20100609

License type: Common License

Record date: 20161117

LICC Enforcement, change and cancellation of record of contracts on the licence for exploitation of a patent or utility model
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20080820

Assignee: BEIJING FENGHUO LIANTUO TECHNOLOGY Co.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: 2017610000001

Denomination of invention: An entity bidirectional authentication method and its system based on trustable third party

Granted publication date: 20100609

License type: Common License

Record date: 20170106

LICC Enforcement, change and cancellation of record of contracts on the licence for exploitation of a patent or utility model
EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20080820

Assignee: SHANGHAI YU FLY MILKY WAY SCIENCE AND TECHNOLOGY CO.,LTD.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: 2017610000005

Denomination of invention: An entity bidirectional authentication method and its system based on trustable third party

Granted publication date: 20100609

License type: Common License

Record date: 20170317

EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20080820

Assignee: Beijing next Technology Co.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: 2017610000014

Denomination of invention: An entity bidirectional authentication method and its system based on trustable third party

Granted publication date: 20100609

License type: Common License

Record date: 20170601

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20080820

Assignee: HYTERA COMMUNICATIONS Corp.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: 2017610000015

Denomination of invention: An entity bidirectional authentication method and its system based on trustable third party

Granted publication date: 20100609

License type: Common License

Record date: 20170602

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20080820

Assignee: Beijing Hua Xinaotian network technology Co.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: 2017610000028

Denomination of invention: An entity bidirectional authentication method and its system based on trustable third party

Granted publication date: 20100609

License type: Common License

Record date: 20171122

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20080820

Assignee: ALPINE ELECTRONICS, Inc.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: 2017990000497

Denomination of invention: An entity bidirectional authentication method and its system based on trustable third party

Granted publication date: 20100609

License type: Common License

Record date: 20171222

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20080820

Assignee: SHENZHEN RAKWIRELESS TECHNOLOGY CO.,LTD.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: 2018610000006

Denomination of invention: An entity bidirectional authentication method and its system based on trustable third party

Granted publication date: 20100609

License type: Common License

Record date: 20180226

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20080820

Assignee: SHENZHEN M&W SMART CARD CO.,LTD.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: 2018610000008

Denomination of invention: An entity bidirectional authentication method and its system based on trustable third party

Granted publication date: 20100609

License type: Common License

Record date: 20180319

EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20080820

Assignee: SHENZHEN M&W SMART CARD CO.,LTD.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: 2018610000009

Denomination of invention: An entity bidirectional authentication method and its system based on trustable third party

Granted publication date: 20100609

License type: Common License

Record date: 20180320

Application publication date: 20080820

Assignee: SHENZHEN M&W SMART CARD CO.,LTD.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: 2018610000010

Denomination of invention: An entity bidirectional authentication method and its system based on trustable third party

Granted publication date: 20100609

License type: Common License

Record date: 20180322

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20080820

Assignee: BLACKSHARK TECHNOLOGIES (NANCHANG) Co.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: 2018610000012

Denomination of invention: An entity bidirectional authentication method and its system based on trustable third party

Granted publication date: 20100609

License type: Common License

Record date: 20180404

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20080820

Assignee: Sony Mobile Communications AB

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: 2018990000306

Denomination of invention: An entity bidirectional authentication method and its system based on trustable third party

Granted publication date: 20100609

License type: Common License

Record date: 20181123

EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20080820

Assignee: SHENZHEN UCLOUDLINK NEW TECHNOLOGY Co.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: X2019610000002

Denomination of invention: An entity bidirectional authentication method and its system based on trustable third party

Granted publication date: 20100609

License type: Common License

Record date: 20191010

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20080820

Assignee: HANGZHOU STRONG EDUCATION TECHNOLOGY Co.,Ltd.

Assignor: China IWNCOMM Co.,Ltd.

Contract record no.: X2021610000001

Denomination of invention: An entity bidirectional authentication method based on trusted third party

Granted publication date: 20100609

License type: Common License

Record date: 20210125

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20080820

Assignee: EKC communication technology (Shenzhen) Co.,Ltd.

Assignor: China IWNCOMM Co.,Ltd.

Contract record no.: X2021610000008

Denomination of invention: An entity bidirectional authentication method based on trusted third party

Granted publication date: 20100609

License type: Common License

Record date: 20210705

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20080820

Assignee: Guangzhou nengchuang Information Technology Co.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: X2021610000011

Denomination of invention: An entity bidirectional authentication method based on trusted third party

Granted publication date: 20100609

License type: Common License

Record date: 20211104

Application publication date: 20080820

Assignee: Xinruiya Technology (Beijing) Co.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: X2021610000012

Denomination of invention: An entity bidirectional authentication method based on trusted third party

Granted publication date: 20100609

License type: Common License

Record date: 20211104

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20080820

Assignee: SHENZHEN ZHIKAI TECHNOLOGY Co.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: X2022610000005

Denomination of invention: An entity bidirectional authentication method based on trusted third party

Granted publication date: 20100609

License type: Common License

Record date: 20220531

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20080820

Assignee: HISCENE INFORMATION TECHNOLOGY Co.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: X2023610000003

Denomination of invention: A Bidirectional Entity Authentication Method Based on Trusted Third Party

Granted publication date: 20100609

License type: Common License

Record date: 20230207

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20080820

Assignee: Beijing baicaibang Technology Co.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: X2023610000005

Denomination of invention: A Bidirectional Entity Authentication Method Based on Trusted Third Party

Granted publication date: 20100609

License type: Common License

Record date: 20230329

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20080820

Assignee: Shenzhen wisky Technology Co.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: X2023610000008

Denomination of invention: A Bidirectional Entity Authentication Method Based on Trusted Third Party

Granted publication date: 20100609

License type: Common License

Record date: 20230522

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20080820

Assignee: Beijing Digital Technology (Shanghai) Co.,Ltd.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: X2023610000012

Denomination of invention: A Bidirectional Entity Authentication Method Based on Trusted Third Party

Granted publication date: 20100609

License type: Common License

Record date: 20231114

EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20080820

Assignee: SHENZHEN JINGYI SMART TECHNOLOGY CO.,LTD.

Assignor: CHINA IWNCOMM Co.,Ltd.

Contract record no.: X2024610000002

Denomination of invention: A Bidirectional Entity Authentication Method Based on Trusted Third Party

Granted publication date: 20100609

License type: Common License

Record date: 20240520