CN101867923B - Heterogeneous wireless network secure access authentication method based on identity self-confirmation - Google Patents
Heterogeneous wireless network secure access authentication method based on identity self-confirmation Download PDFInfo
- Publication number
- CN101867923B CN101867923B CN201010199149.9A CN201010199149A CN101867923B CN 101867923 B CN101867923 B CN 101867923B CN 201010199149 A CN201010199149 A CN 201010199149A CN 101867923 B CN101867923 B CN 101867923B
- Authority
- CN
- China
- Prior art keywords
- field
- access authentication
- network
- vector
- identity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a heterogeneous wireless network secure access authentication method based on identity self-confirmation, mainly aiming at solving the problems of low switching efficiency, high on-line computing quantity and high storage expense of heterogeneous wireless network secure access authentication in the prior art. The method comprises the steps of: 1) system initialization setup, establishing system parameters; 2) using a mobile terminal (MT) to send access authentication vector Auth1 to a target network (VN); 3) using the target network (VN) to send access authentication vector Auth2 to the mobile terminal (MT); 4) using the mobile terminal (MT) to send access authentication vector Auth3 to the target network (VN), using the VN to test and verify the identity of the MT, and calculating a session key (K); and 5) using the target network (VN) to send access authentication vector Auth4 to the mobile terminal (MT), using the MT to test and verify the network identity of the VN, calculating the session key (K), and completing two-way authentication. The method has the advantages of low communication overhead and high safety, and can be applied to the heterogeneous wireless network secure access field with higher requirements for switching time delay, QoS, on-line computing quantity, the storage expense and access safety.
Description
Technical field
The invention belongs to the wireless network communication technique field, relate to a kind of mutual authentication method, be mainly used in the heterogeneous network that handover delay, QoS, on-line calculation, storage overhead and access security property are had relatively high expectations and insert the field.
Background technology
A principal character of next generation wireless communication network system is exactly the wireless access technology that merges various isomeries, for the user provides all the time, ubiquitous seamless network insertion service.Typical access technology has 3G, WLAN, WMN, WiMax and WSN etc.Each network internal all has the access authentication technique of oneself, like the SIM mechanism of GSM network, the AKA mechanism of 3G network.3GPP has proposed the 3GPP-WLAN interconnection architecture, adopts EAP-AKA access authentication agreement.But, also there is not a kind of general access authentication scheme for all isomerization access networks.
For wireless network, its safety issue is much serious more than cable network.Simultaneously, the existence of various heterogeneous networks makes the communications security between network and the user seem more outstanding.Before user access network, access network need carry out authentication to the user.Diverse network all has the own specific application target and the scope of application, and access authentication technique varies, and single access technology no longer is applicable to the network environment of isomery.
There is the following defective in existing 2G/3G network access authentication agreement:
1, DSE arithmetic poor expandability, and the resisting denying function can not be provided.
2, the authentication protocol (Identity-based schemes) based on identity leaks user identity easily and the user is followed the trail of, and receives the attack of pseudo-base station easily.
3, based on the authentication of trusted third party (TTP-based schemes) when the user roams into the strange land network, far removed between customer access network and the home network, the transmission of Ciphering Key will increase offered load.
4, for based on certificate authentication protocol (Certificate-based schemes) or Public Key Infrastructure(PKI); When accesses network and user do not know each other PKI; Both sides must transmit public key certificate through the radio channel of resource-constrained and verify, have seriously increased offered load, computation burden and propagation delay time.
5, be difficult to the realization user of equity and the two-way authentication of network.GSM authentication based on SIM can not realize two-way authentication, and 3G AKA authenticated and network are in not reciprocity status.
The access authentication agreement of 3GPP-WLAN heterogeneous interconnects standard is EAP-AKA.This EAP-AKA is based on the AKA agreement of 3GPP, and adopts the EAP agreement of ietf standardization that it is implemented in user's 3GPP-WLAN access authentication.Still there is certain safety limitation in this agreement:
1, user identity is not maintained complete secrecy.When the user did not have available pseudorandom identity, EAP-AKA can not provide user identity confidentiality completely, prevented the tracking of assailant's malice.
2, there is redirection attack.The assailant can initiate false AP and attack particularly not high as far as security requirement WLAN.This attack can cause the bill dispute between the Virtual network operator, redirected user's data in the lower WLAN of other safe classes.
Authentication mechanism based on identity self-confirmation obviously can be fit to heterogeneous network safety access field.But at present 3G network inner propose based on certificate scheme PKBP/SPAKA from verification public key; Adopt a believable CA (Certificate Authority) to link to each other with the access network of zones of different; User's public and private key is all issued by CA, does not make full use of the advantage of self-confirmation PKI.On the other hand, in verification process, owing to will transmit lot of data, also increased on-line calculation simultaneously, thus PKBP/SPAKA not only efficient is low with respect to traditional symmetric cryptography scheme, and memory space is excessive.
Summary of the invention
The objective of the invention is to overcome the deficiency of above-mentioned prior art; Propose a kind of for solving the problem that existing program exists in the background technology; A kind of heterogeneous wireless network secure access authentication method based on identity self-confirmation is provided,, reduces on-line calculation to improve the access authentication efficient of heterogeneous wireless network; Reduce the expense of memory space, realize the two-way authentication between user and the network.
For realizing above-mentioned purpose, the present invention includes following steps:
1) system initialization setup sets up system parameters;
2) portable terminal MT sends access authentication vector Auth1 and gives objective network VN, and if VN complete, then calculates parameters for authentication V ≡ (P through this vectorial integrality of message integrity code MIC check
e+ TID) mod n and preserve V, wherein, P is the PKI of MT, and TID is the temporary identity of MT, and e is the PKI of user attaching network HN, and n is the product of two big prime numbers; Otherwise abandon this grouping, terminate agreement;
3) objective network VN sends access authentication vector Auth2 and gives portable terminal MT, and whether the random number N 1 among the MT checking access authentication vector Auth2 is the numerical value of oneself choosing, if not then abandoning Auth2; Terminate agreement, if the numerical value of oneself choosing, again through this vectorial integrality of message integrity code MIC check; If, do not abandon this grouping, terminate agreement through check; If complete, then calculate parameters for authentication V
V≡ (P
V e+ ID
V) mod n and preserve V
V, wherein, P
VBe the PKI of VN, ID
VIt is the network identity of VN; Otherwise abandon this grouping, terminate agreement;
4) portable terminal MT sends access authentication vector Auth3 and gives objective network VN; Whether the random number N 2 among the VN checking access authentication vector Auth3 is the random number of oneself choosing; If not then abandoning this vector and terminate agreement, if the random number of oneself choosing is checked this vectorial integrality through message integrity code MIC; If complete, then verify equality
Whether set up,, then accept the access request of MT, and calculate both sides' session key if checking is passed through
S wherein
VBe the private key of VN, g is multiplicative group (Z/nZ)
*The maximum order element, y is a field among the access authentication vector Auth3, and y=x+S * C
V, parameters for authentication t is a field among the access authentication vector Auth1, and x is the integer that MT selects at random, and S is the private key of MT, C
VIt is the random number that VN produces; Otherwise, termination protocol, user's access authentication failure;
5) objective network VN sends access authentication vector Auth4 and gives portable terminal MT, and whether the random number N 1 among the MT checking access authentication vector Auth4 is the random number of oneself choosing, if not then abandoning this vector and termination protocol; If the random number of oneself choosing, through this vectorial integrality of message integrity code MIC check, if not through check; Then abandon this grouping; If terminate agreement complete, is then verified equality
Whether set up,, then accept the network identity of VN, and calculate both sides' session key K=(P if checking is passed through
V e+ ID
V)
S, both sides' session key K is consistent, accomplishes two-way authentication, and wherein S is the private key of MT, y
VBe a field among the access authentication vector Auth4, and y
V=x
V+ S
V* C, parameters for authentication t
VBe a field among the access authentication vector Auth2, x
VBe the integer that VN selects at random, S
VBe the private key of VN, C is the random number that MT produces; Otherwise, termination protocol, two-way authentication failure.
The present invention is owing to be incorporated into the heterogeneous wireless network access authentication with the mechanism of identity self-confirmation, thereby has the following advantages:
1, efficient is high, practices thrift communication overhead.Have only four times in the whole access authentication procedure alternately, do not need the participation of trusted third party, also need not transmit digital certificate, thereby practice thrift communication overhead, improve the efficient of access authentication.
2, on-line calculation is little.Do not need compute signature, need not carry out encryption and decryption yet, reduced on-line calculation Ciphering Key.
3, storage overhead is few.The present invention is based on identity self-confirmation, need based on digital certificate machine-processed, need not safeguard PKIX PKI and storage of public keys certificate, thereby reduce storage overhead as tradition.
4, two-way authentication, the user need not trust complete network.The present invention adopts the authentication techniques based on identity self-confirmation; Realized the two-way authentication between user and the network; User's private key oneself is selected, and PKI is calculated, is self-confirmation by user's identity, need trust complete network unlike the traditional authentication schemes that kind.
Description of drawings
The heterogeneous wireless network handoff scenario sketch map that Fig. 1 uses for the present invention.
Fig. 2 is a safe access authentication flow chart of the present invention.
Embodiment
The enforcement of method of the present invention relates to three entities, and the one, portable terminal MT, the 2nd, user attaching network HN, the 3rd, the objective network VN that MT need insert, as shown in Figure 1.Wherein MT can be the user who has multimode terminal, and HN and VN can be access network elements such as base station BS or focus AP, and have the function of certificate server, and AS1 and AS2 are certificate servers; After system parameters set up to be accomplished, HN just no longer participated between MT and the VN in the agreement implementation process, in follow-up repetition authentication, also no longer needs HN.
Referring to Fig. 2, the concrete implementation method of scheme is following:
Wherein system parameters comprises:
N: the product of two big prime numbers;
E: the PKI of user attaching network HN and satisfy gcd (e, φ (n))=1, φ (n) is the Euler's function of n;
D: the private key of user attaching network HN and satisfy e * d ≡ 1 (mod φ (n));
G: multiplicative group (Z/nZ)
*The maximum order element;
H: strong one-way hash function and h:{0,1}
*→ (Z
n)
*
P: the PKI of portable terminal MT and satisfy P=(g
-S-TID)
dMod n;
S: the private key of portable terminal MT;
P
V: the PKI of objective network VN and satisfied
S
V: the private key of objective network VN;
V: the parameters for authentication that portable terminal MT produces and satisfy V=g
-S(mod n);
V
V: the parameters for authentication that objective network VN produces and satisfied
TID: the temporary identity information of portable terminal MT;
ID
V: the network identity of objective network VN.
Wherein, but the open parameters of user attaching network HN be (n, e, g, h).
System parameters to set up process following:
Portable terminal MT selects a big integer S as private key at random, and user attaching network HN issues PKI P to portable terminal MT, and portable terminal MT is through the correctness of the PKI e checking P of user attaching network HN.Objective network VN obtains public private key pair (P from user attaching network HN in the same way
V, S
V).Before access authentication, portable terminal MT and objective network VN have obtained the other side's PKI, and obtained user attaching network HN open parameters (n, e, g, h).Portable terminal MT can use temporary identity information TID to replace permanent identity information in the middle of actual, and the prevention user is followed the trail of.In follow-up repetition authentication, no longer need step 1.
Step 2, portable terminal MT generates access authentication vector Auth1, and sends to objective network VN;
This access authentication vector Auth1 comprises following content successively:
TID field: the temporary identity information of portable terminal MT;
P field: the PKI of portable terminal MT;
N1 field: the random number that portable terminal MT produces;
T field: the integer that portable terminal MT produces: t ≡ g
x(mod n), x are the integers that portable terminal MT selects at random;
MIC field: the one-way hash value that portable terminal MT uses strong one-way hash function h that all message before this field are calculated;
Objective network VN receives after the access authentication vector Auth1, at first through the integrality of message integrity code MIC check message, if pass through check, then calculates parameters for authentication V ≡ (P
e+ TID) mod n, and preservation V; Otherwise abandon Auth1, terminate agreement.
Step 3, objective network VN generates access authentication vector Auth2, and sends to portable terminal MT.
This access authentication vector Auth2 comprises following content successively:
ID
VField: the network identity of objective network VN;
P
VField: the PKI of objective network VN;
N1 field: the random number that portable terminal MT produces;
N2 field: the random number that objective network VN generates;
t
VField: the integer that objective network VN produces and
x
VIt is the integer that VN selects at random;
C
VField: the integer that objective network VN selects at random;
The MIC field: message integrity code is the one-way hash value that objective network VN uses strong one-way hash function h that all message before this field are calculated;
Receive the access authentication vector Auth2 of objective network VN transmission as portable terminal MT after, judge at first whether the random number N 1 among the access authentication vector Auth2 is the numerical value of oneself choosing, if not then abandoning Auth2, terminate agreement; If the numerical value of oneself choosing then through the integrality of message integrity code MIC check message, if pass through check, then calculates parameters for authentication V
V≡ (P
V e+ ID
V) mod n, and preserve V
VOtherwise abandon this grouping, terminate agreement.
Step 4, portable terminal MT generates access authentication vector Auth3, and sends to objective network VN.
This access authentication vector Auth3 comprises following content successively:
Y field: integer and y=x+S * C that portable terminal MT calculates
V, x is the integer that MT selects at random;
N2 field: the random number that objective network VN generates;
C field: the integer that portable terminal MT selects at random;
The MIC field: message integrity code is the one-way hash value that portable terminal MT uses strong one-way hash function h that all message before this field are calculated;
Receive the access authentication vector Auth3 of portable terminal MT transmission as objective network VN after, judging at first whether the random number N 2 among the access authentication vector Auth3 is the random integers of oneself choosing, is not then to abandon this vector and termination protocol; Otherwise integrality through message integrity code MIC check message; If not through check; Abandon this grouping; Agreement is ended; Otherwise whether checking equality
is set up, if checking is passed through; Then accept the access request of portable terminal MT; And calculate both sides' session key
otherwise termination protocol, and user's access authentication failure, wherein t is the field among the access authentication vector Auth1 that objective network VN prestores in the step 2.
Step 5, objective network VN generates access authentication vector Auth4, and sends to portable terminal MT.
This access authentication vector Auth4 comprises following content successively:
y
VInteger and y that field: VN calculates
V=x
V+ S
V* C, x
VIt is the integer that VN selects at random;
N1 field: the random number that portable terminal MT produces;
MIC field: message integrity code, the one-way hash value that objective network VN uses strong one-way hash function h that all message before this field are calculated;
Receive the access authentication vector Auth4 of objective network VN transmission as portable terminal MT after, judging at first whether the random number N 1 among the access authentication vector Auth4 is the random integers of oneself choosing, is not then to abandon this vector and termination protocol; Otherwise, through the integrality of message integrity code MIC check message, if, abandon this grouping, terminate agreement not through check; Otherwise, the checking equality
Whether set up,, then accept the network identity of objective network VN, and calculate both sides' session key K=(P if checking is passed through
V e+ ID
V)
SOtherwise termination protocol, two-way authentication failure, wherein t
VIt is the field among the access authentication vector Auth2 that portable terminal MT prestores in the step 3.
If the agreement correct execution, through above safe access authentication procedure, portable terminal MT and objective network VN will accomplish two-way authentication, and set up shared session key K.
The term explanation
AKA: Authentication and Key Agreement agreement
EAP-AKA: the AKA agreement of band Extensible Authentication Protocol
WLAN: WLAN
Wi-MAX: wireless MAN
WMN: wireless mesh network
WSN: wireless sensor network
PKBP/SPAKA: the public key broadcasts agreement/based on authentication and IKE from verification public key.
Claims (6)
1. heterogeneous wireless network secure access authentication method based on identity self-confirmation comprises following steps:
1) system initialization setup sets up system parameters;
2) portable terminal MT sends access authentication vector Auth1 and gives objective network VN, and if VN complete, then calculates parameters for authentication V ≡ (P through this vectorial integrality of message integrity code MIC check
e+ TID) modn and preserve V, wherein, P is the PKI of MT, and TID is the temporary identity of MT, and e is the PKI of user attaching network HN, and n is the product of two big prime numbers; Otherwise abandon this vector, terminate agreement;
3) objective network VN sends access authentication vector Auth2 and gives portable terminal MT, and whether the random number N 1 among the MT checking access authentication vector Auth2 is the numerical value of oneself choosing, if not then abandoning Auth2; Terminate agreement, if the numerical value of oneself choosing, again through this vectorial integrality of message integrity code MIC check; If, do not abandon this vector, terminate agreement through check; If complete, then calculate parameters for authentication V
V≡ (P
V e+ ID
V) modn and preserve V
V, wherein, P
VBe the PKI of VN, ID
VIt is the network identity of VN; Otherwise abandon this vector, terminate agreement;
4) portable terminal MT sends access authentication vector Auth3 and gives objective network VN; Whether the random number N 2 among the VN checking access authentication vector Auth3 is the random number of oneself choosing; If not then abandoning this vector and terminate agreement, if the random number of oneself choosing is checked this vectorial integrality through message integrity code MIC; If complete, then verify equality
Whether set up,, then accept the access request of MT, and calculate both sides' session key if checking is passed through
S wherein
VBe the private key of VN, g is multiplicative group (Z/nZ)
*The maximum order element, y is a field among the Ciphering Key Auth3, and y=x+S * C
V, parameters for authentication t is a field among the Ciphering Key Auth1, and x is the integer that MT selects at random, and S is the private key of MT, C
VIt is the random number that VN produces; Otherwise, termination protocol, user's access authentication failure;
5) objective network VN sends access authentication vector Auth4 and gives portable terminal MT, and whether the random number N 1 among the MT checking access authentication vector Auth4 is the random number of oneself choosing, if not then abandoning this vector and termination protocol; If the random number of oneself choosing, through this vectorial integrality of message integrity code MIC check, if not through check; Then abandon this vector; If terminate agreement complete, is then verified equality
Whether set up,, then accept the network identity of VN, and calculate both sides' session key K=(P if checking is passed through
V e+ ID
V)
S, both sides' session key K is consistent, accomplishes two-way authentication, and wherein S is the private key of MT, y
VBe a field among the Ciphering Key Auth4, and y
V=x
V+ S
V* C, parameters for authentication t
VBe a field among the access authentication vector Auth2, x
VBe the integer that VN selects at random, S
VBe the private key of VN, C is the random number that MT produces; Otherwise, termination protocol, two-way authentication failure.
2. according to the said access authentication method of claim 1 based on identity self-confirmation, the described system initialization setup of step 1) wherein, the system parameters of foundation comprises:
The product n of two big prime numbers;
The PKI e of user attaching network HN;
The private key d of user attaching network HN;
Multiplicative group (Z/nZ)
*Maximum order element g;
Strong one-way hash function h;
The public private key pair of portable terminal MT (P, S);
Public private key pair (the P of objective network VN
V, S
V);
The V parameter that portable terminal MT produces, and V=g
-S(modn);
The V parameter that objective network VN produces
V, and
The temporary identity TID of portable terminal MT;
The network identity ID of objective network VN
V
3. according to the said access authentication method of claim 1, wherein step 2 based on identity self-confirmation) described access authentication vector Auth1, comprising:
TID field: the temporary identity information of agreement initiator MT;
P field: the PKI of agreement initiator MT;
N1 field: the random number that agreement initiator MT produces;
T field: the integer that agreement initiator MT produces: t ≡ g
x(modn), x is the integer that MT selects at random;
The MIC field: message integrity code is the one-way hash value that portable terminal MT uses strong one-way hash function h that all message before this field are calculated.
4. according to the said access authentication method based on identity self-confirmation of claim 1, the described access authentication vector of step 3) Auth2 wherein comprises:
ID
VField: the network identity of objective network VN;
P
VField: the PKI of objective network VN;
N1 field: the random number that agreement initiator MT produces;
N2 field: the random number that objective network VN generates;
t
VField: the integer that objective network VN produces:
x
VIt is the integer that objective network VN selects at random;
C
VField: the integer that objective network VN selects at random;
The MIC field: message integrity code is the one-way hash value that VN uses strong one-way hash function h that all message before this field are calculated.
5. according to the said access authentication method based on identity self-confirmation of claim 1, the described access authentication vector of step 4) Auth3 wherein comprises:
The integer that y field: MT calculates;
N2 field: the random number that objective network VN generates;
The integer that C field: MT selects at random;
The MIC field: message integrity code is the one-way hash value that MT uses strong one-way hash function h that all message before this field are calculated.
6. according to the said access authentication method based on identity self-confirmation of claim 1, the described access authentication vector of step 5) Auth4 wherein comprises:
y
VThe integer that field: VN calculates;
N1 field: the random number that agreement initiator MT produces;
The MIC field: message integrity code is the one-way hash value that VN uses strong one-way hash function h that all message before this field are calculated.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010199149.9A CN101867923B (en) | 2010-06-11 | 2010-06-11 | Heterogeneous wireless network secure access authentication method based on identity self-confirmation |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010199149.9A CN101867923B (en) | 2010-06-11 | 2010-06-11 | Heterogeneous wireless network secure access authentication method based on identity self-confirmation |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101867923A CN101867923A (en) | 2010-10-20 |
| CN101867923B true CN101867923B (en) | 2012-12-05 |
Family
ID=42959431
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010199149.9A Expired - Fee Related CN101867923B (en) | 2010-06-11 | 2010-06-11 | Heterogeneous wireless network secure access authentication method based on identity self-confirmation |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101867923B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103826218B (en) * | 2014-03-06 | 2016-10-19 | 湖南大学 | The pseudo random sequence generation method of wireless sensor network node and application process thereof |
| US9380044B2 (en) * | 2014-09-10 | 2016-06-28 | Cisco Technology, Inc. | Supporting differentiated secure communications among heterogeneous electronic devices |
| CN111669276B (en) * | 2019-03-07 | 2022-04-22 | 华为技术有限公司 | Network verification method, device and system |
| CN110572819B (en) * | 2019-07-27 | 2023-03-24 | 中国人民解放军战略支援部队信息工程大学 | Block chain-based multi-domain wireless Mesh network cross-domain authentication method and system |
| CN110572824B (en) * | 2019-07-27 | 2023-03-24 | 中国人民解放军战略支援部队信息工程大学 | Block chain-based heterogeneous wireless network switching authentication method and system |
| CN114189343A (en) * | 2020-09-14 | 2022-03-15 | 华为技术有限公司 | Mutual authentication method and device |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1668005A (en) * | 2005-02-21 | 2005-09-14 | 西安西电捷通无线网络通信有限公司 | An access authentication method suitable for wired and wireless network |
| CN101616410A (en) * | 2009-06-25 | 2009-12-30 | 中兴通讯股份有限公司 | A kind of cut-in method of cellular mobile communication networks and system |
| CN101699890A (en) * | 2009-10-30 | 2010-04-28 | 天津工业大学 | 3G-WLAN authentication method |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100488305C (en) * | 2006-09-23 | 2009-05-13 | 西安西电捷通无线网络通信有限公司 | Method of network access indentifying and authorizing and method of updating authorizing key |
-
2010
- 2010-06-11 CN CN201010199149.9A patent/CN101867923B/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1668005A (en) * | 2005-02-21 | 2005-09-14 | 西安西电捷通无线网络通信有限公司 | An access authentication method suitable for wired and wireless network |
| CN101616410A (en) * | 2009-06-25 | 2009-12-30 | 中兴通讯股份有限公司 | A kind of cut-in method of cellular mobile communication networks and system |
| CN101699890A (en) * | 2009-10-30 | 2010-04-28 | 天津工业大学 | 3G-WLAN authentication method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101867923A (en) | 2010-10-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Lai et al. | SE-AKA: A secure and efficient group authentication and key agreement protocol for LTE networks | |
| US9554270B2 (en) | Enhanced security for direct link communications | |
| Sadhukhan et al. | A secure and privacy preserving lightweight authentication scheme for smart-grid communication using elliptic curve cryptography | |
| KR100593576B1 (en) | Two Party Authentication and Key Matching Method | |
| US20110320802A1 (en) | Authentication method, key distribution method and authentication and key distribution method | |
| CN101867923B (en) | Heterogeneous wireless network secure access authentication method based on identity self-confirmation | |
| CN107181597B (en) | PMIPv6 authentication system and method based on identity agent group signature | |
| Wang et al. | Analysis and improvements over DoS attacks against IEEE 802.11 i standard | |
| Sun et al. | Privacy-preserving device discovery and authentication scheme for D2D communication in 3GPP 5G HetNet | |
| US11228429B2 (en) | Communication with server during network device during extensible authentication protocol—authentication and key agreement prime procedure | |
| Xu et al. | An anonymous handover authentication scheme based on LTE-A for vehicular networks | |
| CN102883325B (en) | Authentication server, mobile terminal and end to end authentication communication channel method for building up | |
| CN109768861A (en) | Massive D2D anonymous discovery authentication and key agreement method | |
| CN103929745A (en) | Wireless MESH network access authentication system and method based on privacy protection | |
| Li et al. | A lightweight roaming authentication protocol for anonymous wireless communication | |
| CN103781067A (en) | Authentication switching method with privacy protection in LTE (long term evolution)/LTE-A (LTE-advanced) network | |
| Haddad et al. | Secure and efficient uniform handover scheme for LTE-A networks | |
| Xu et al. | A secure and efficient message authentication scheme for vehicular networks based on LTE-V | |
| CN101778387B (en) | Method for resisting denial of service (DoS) attack for wireless local area network access authentication | |
| Kumar et al. | Design of a USIM and ECC based handover authentication scheme for 5G-WLAN heterogeneous networks | |
| Haddad et al. | Secure and efficient AKA scheme and uniform handover protocol for 5G network using blockchain | |
| Taha et al. | A link-layer authentication and key agreement scheme for mobile public hotspots in NEMO based VANET | |
| CN105848140A (en) | Safe end-to-end establishment method capable of achieving communication supervision in 5G network | |
| Zhu et al. | Research on authentication mechanism of cognitive radio networks based on certification authority | |
| Ouaissa et al. | New security level of authentication and key agreement protocol for the IoT on LTE mobile networks |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C53 | Correction of patent of invention or patent application | ||
| CB03 | Change of inventor or designer information |
Inventor after: Pei Qingqi Inventor after: Wang Xiang Inventor after: Xie Min Inventor after: Li Xiaoqing Inventor after: Liu Yang Inventor after: Li Hongning Inventor after: Pang Liaojun Inventor after: Li Peng Inventor before: Pei Qingqi Inventor before: Wu Yang Inventor before: Ning Ben Inventor before: Li Peng Inventor before: Liu Yang Inventor before: Pang Liaojun Inventor before: Xie Min Inventor before: Lai Qiqi Inventor before: Li Hongning Inventor before: Yang Liang Inventor before: Fang Shuailei Inventor before: Li Jingying |
|
| COR | Change of bibliographic data |
Free format text: CORRECT: INVENTOR; FROM: PEI QINGQI LIU YANG PANG LIAOJUN XIE MIN LAI QIQI LI HONGNING YANG LIANG FANG SHUAILEI LI JINGYING WU YANG NING BEN LI PENG TO: PEI QINGQI WANG XIANG XIE MIN LI XIAOQING LIU YANG LI HONGNING PANG LIAOJUN LI PENG |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20121205 Termination date: 20180611 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |