CN102195782A - Two-way identity authentication method with integration of identity and password for mailing system - Google Patents
Two-way identity authentication method with integration of identity and password for mailing system Download PDFInfo
- Publication number
- CN102195782A CN102195782A CN2011101510652A CN201110151065A CN102195782A CN 102195782 A CN102195782 A CN 102195782A CN 2011101510652 A CN2011101510652 A CN 2011101510652A CN 201110151065 A CN201110151065 A CN 201110151065A CN 102195782 A CN102195782 A CN 102195782A
- Authority
- CN
- China
- Prior art keywords
- user
- server
- identity
- password
- private key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Abstract
The invention relates to a two-way identity authentication method with integration of identity and a password for a mailing system, which belongs to the technical field of computer network safety. The technical scheme can be summarized as follows: adopting the identity way, combining with the dynamic random password, and mutually authenticating the identity of a user and the identity of a server while hiding the password of the user. The two-way identity authentication method has the benefit of solving the problem of two-way identity authentication in the existing mailing system. The two-way authentication technology is integrated in the two-way identity authentication method, so that the server can not get the password of the user and the two-way identity authentication of the user and the server can be achieved.
Description
Technical field
The present invention relates to the computer network security technology field, the identity identifying method under the highly confidential mailing system of particularly a kind of needs refers to the mailing system bidirectional identity authentication method that a kind of identity and password merge mutually especially.
Background technology
The extensive use of Email relates to the every aspect of national economy, military affairs, politics, and national network safety is had most penetrating influence.Yet in the e-mail system of extensive use at present, majority all lacks complete safe mechanism, for example: when the user logins the E-mail address, only use the hashed value of user password to authenticate to mail server, and for fixing password, its corresponding hashed value is fixed, if have the assailant to wish to obtain this user's password, only need to use simple off-line dictionary attack to get final product.Cryptographic system based on password was the mainstream technology of carrying out authentication before public key cryptography is born always, early stage system such as famous Knight and Kerberos all uses password to carry out authenticating user identification, this technology is simple and easy to understand, use very conveniently, in most e-mail system, widely use.But also the characteristics of this simplicity can be pretended to be this user after making the assailant crack user cipher by dictionary attack just.While, existing secure e-mail system carried out step by step owing to its authentication, and the authentication between multistage and the cross-certification that may exist, make that administration overhead is too huge after this class safe e-mail system scale expands to a certain degree, can't large-scale application.And have some e-mail systems such as PGP (Pretty Good Privacy), S/MIME (Secure/Multipurpose Internet Mail Extensions) etc. to consider the safety problem of Email, used some security mechanism, for example: use hashing algorithm that the back is signed, encrypted to Mail Contents and transmit, use public-key and private key techniques openly and by authority's third party is carried out signature authentication with addresser and receiver's PKI as special annex.The organizations and individuals' of all next stage certificate of certification is responsible for authentication by the tissue of upper level, and authentication mutually between the tissue of upper level makes whole mailing system form a tree-shaped chain of trust relationship.Though this type systematic can reach the purpose that ensures mail security, owing to broken away from password mechanism, the user uses inconvenience, needs to be familiar with again using method.And because authentication is carried out step by step, the authentication between multistage, and the cross-certification that may exist make that administration overhead is too huge after this class safe e-mail system scale expands to a certain degree, are unfavorable for large-scale application.And in this type systematic, the authentication relationship inequality between each mail server, any country and organize can be not relieved with the authentication power transfer to other countries or tissue.In addition, when ciphertext was transmitted, this type systematic mainly used external commercial symmetric key encryption algorithm such as AES etc., and does not use China existing merchant's Data Encryption Standard SMS4.So this class safe e-mail system never is used widely in China.Existing bidirectional identity authentication method based on dynamic password and digital certificate needs to preserve last verify data and also need to transmit certificate chain in verification process, occupies transmission bandwidth.
Summary of the invention
The mailing system bidirectional identity authentication method that the object of the present invention is to provide a kind of identity and password to merge mutually, overcome the authentication defective in the existing e-mail system, the two-way authentication technology is incorporated wherein, make server itself can not obtain user's password and private key, and reach the bidirectional identity authentication of user and server.Thereby have the trusting relationship of equality between mail reception person and mail server, the PKI system key generator, and no longer be the level trusting relationship.
Above-mentioned purpose of the present invention is achieved through the following technical solutions:
The mailing system bidirectional identity authentication method that identity and password merge mutually, be that the two-way authentication technology is incorporated in the existing mailing system, make server itself can not obtain user's password, and reach the bidirectional identity authentication of user and server, its concrete steps are as follows:
1. server initialization system parameter T=(p, a, b, g, P
Pub, q, h, H, I, H
1, I
1), the selection of parameter process is as follows:
1.1 choose a prime number finite field F
p, choose field element a, b ∈ F
pSatisfy equation: E:y
2≡ x
3+ ax+b (modp), wherein 4a
3+ 27b
2≠ 0 (mod p);
1.2 at curve E (F
p) on choose a basic point g=(x
g, y
g), and calculate the rank q that g is ordered, h=#E (F
p)/q; These parameters satisfy following condition: #E (F
p) ≠ p; p
B≠ 1 (mod q), wherein 1≤B<20; H≤4; P, q also must satisfy p=2 mod 3 and p=6q-1;
2. selected server identification ID
S, generate server identification ID
SCorresponding private key d
S, its step is as follows:
2.1 with ID
SBe mapped to elliptic curve E (F
p) on some Q
S
2.2 calculating private key: d
S=sQ
S
3. the user registers at mail server, by the selected user's of user identify label ID
UAnd user password pwd; By server authentication User Identity ID
UUniqueness; The hash value h (pwd) of server end storage user password, h represents hash algorithm; And provide this user's private key d
U, this private key d
UGenerate by server;
4 users use the sign ID of mail server
SFollowing information encrypted sends to mail server then:
Wherein || expression connects,
The expression XOR, pwd represents user password, and h represents hash algorithm, and g represents a basic point, and x is a random number, g
xThe x power of expression g, ID
UThe sign of representative of consumer U;
5. after server is received information encrypted, at first use the private key d of oneself
SBe decrypted, obtain message
Then according to user ID in the database
UCryptographic Hash h (pwd) with
Carry out XOR, obtain x, calculate g
x, and compare to confirm user ID with the information of receiving
UThe correctness of password pwd come identifying user identity; At last, mail server is selected a disposable dynamic password y, with this user's identity ID
UEncrypting messages M=x||y also sends to this user;
6. the user deciphers x||y, and compares the authentication server identity with he x of transmission.
Private key for user d in the described step 3
UThe step that is generated by server is as follows:
With ID
UBe mapped to elliptic curve E (F
p) on some Q
U, i.e. function H in the step (1.4)
1
Calculate private key: d
U=sQ
U
User in the described step 4 uses the sign ID of mail server
SThe step that information is encrypted is as follows:
With server identification ID
SBe mapped to elliptic curve E (F
p) on the some Q on q rank
S
Select a random train σ, r=H is set
1(σ, M), wherein M is above-mentioned message:
Calculate ciphertext
Wherein
E is the bilinearity mapping function of a weil pairing.
Mail server in the described step 5 is selected a disposable dynamic password y, with this user's identity ID
UEncrypting messages M=x||y and to send to this user's encrypting step as follows:
Identify label ID with the user
UBe mapped to elliptic curve E (F
p) on the some Q on q rank
U
Select a random train σ, r=H is set
1(σ, M), wherein M is above-mentioned message: M=x||y;
Calculate ciphertext
Wherein
E is the bilinearity mapping function of a weil pairing.
The present invention compares with the identity identifying method in the existing mailing system, and advantage of the present invention and good effect are as follows:
1. in the transmission of user password, adopt
Form transmission, although user's password information form with hash value in server database exists, but but be variant in transmission with the user password hash value, promptly carry out XOR and obtain, make the assailant to decode user cipher by means such as dictionary attacks by a random number of choosing with the user.
2. guaranteeing to be held as a hostage in server domain name by the two-way authentication that realizes server and user causes under the situation that mail server is replaced, and the user can discern false server; Also can make server affirmation user identity and exchange initial information with the user.
Embodiment:
Further specify detailed content of the present invention and embodiment thereof below.
The mailing system bidirectional identity authentication method that identity of the present invention and password merge mutually, be that the two-way authentication technology is incorporated in the existing mailing system, make server itself can not obtain user's password, and reach the bidirectional identity authentication of user and server, its concrete steps are as follows:
1. server initialization system parameter T=(p, a, b, g, P
Pub, q, h, H, I, H
1, I
1), the selection of parameter process is as follows:
1.1 choose a prime number finite field F
p, choose field element a, b ∈ F
pSatisfy equation: E:y
2≡ x
3+ ax+b (mod p), wherein 4a
3+ 27b
2≠ 0 (mod p);
1.2 at curve E (F
p) on choose a basic point g=(x
g, y
g), and calculate the rank q that g is ordered, h=#E (F
p)/q; These parameters satisfy following condition: #E (E
p) ≠ p; p
B≠ 1 (mod q), wherein 1≤B<20; H≤4; P, q also must satisfy p=2mod3 and p=6q-1;
1.3 generate a random number
S is the master key of system, and calculates P
Pub=sg;
2. selected server identification ID
S, generate server identification ID
SCorresponding private key d
S, its step is as follows:
2.1 with ID
SBe mapped to elliptic curve E (F
p) on some Q
S, i.e. function H in 1.4
1
2.2 calculating private key: d
S=sQ
S
3. the user registers at mail server, by the selected user's of user identify label ID
UAnd user password pwd; By server authentication User Identity ID
UUniqueness; The hash value h (pwd) of server end storage user password, h represents hash algorithm; And provide this user's private key d
S, this private key d
SGenerate by server; Concrete generation step is as follows:
3.1 with ID
UBe mapped to elliptic curve E (F
p) on some Q
U, i.e. function H in the step 1.4
1
3.2 calculating private key: d
U=sQ
U
4. the user uses the sign ID of mail server
SFollowing information encrypted sends to mail server then:
Wherein || expression connects,
The expression XOR, pwd represents user password, h represents hash algorithm, as SHA-256, MD2, MD4, MD5 ..., g represents a basic point, x is a random number, g
xThe x power of expression g, ID
UThe sign of representative of consumer U, encrypting step is as follows:
4.1 as step 2.1, with server identification ID
SBe mapped to elliptic curve E (F
p) on the some Q on q rank
S
4.2 select a random train σ, r=H be set
1(σ, M), wherein M is the message of foregoing description:
4.3 calculating ciphertext
Wherein
E is the bilinearity mapping function of a weil pairing.
5. after server is received information encrypted, at first use the private key d of oneself
SBe decrypted, obtain message
Then according to user ID in the database
UCryptographic Hash h (pwd) with
Carry out XOR, obtain x, calculate g
x, and compare to confirm user ID with the information of receiving
UThe correctness of password pwd come identifying user identity;
Clearer for mark, establish the ciphertext form and be
Decryption step is as follows:
5.1 calculate
5.2 calculate
5.3r=H
1(σ, M), whether checking U equates with rP; If unequal, then deciphering is failed and is withdrawed from; Otherwise the plaintext M in the output step 5.2.
If g by calculating
xWith the g that obtains in the message
xEquate, the authentication success of server to the user then is described;
At last, mail server is selected a disposable dynamic password y, with this user's identity ID
UEncrypting messages M=x||y also sends to this user, and encrypting step is as follows:
Similar step 2.1 is with user's identify label ID
UBe mapped to elliptic curve E (F
p) on the some Q on q rank
U
Select a random train σ, r=H is set
1(σ, M), wherein M is the message of foregoing description: M=x||y;
Calculate ciphertext
Wherein
E is the bilinearity mapping function of a weil pairing;
6. the user deciphers x||y, and compares the authentication server identity with he x of transmission.That is: the user uses the private key d of oneself
UDeciphering obtains message M=x||y, and compares with he x of transmission, the authentication server identity, and in the interacting message afterwards message y is sent to server, can carry out the secondary checking of server to user identity;
Clear for mark, establish the cryptographic algorithm pattern and be
Decryption step is as follows:
6.1 calculate
6.2 calculate
6.3r=H
1(σ, M), whether checking U equates with rP; If unequal, then deciphering is failed and is withdrawed from; Otherwise the plaintext M in the output step 6.2.
Claims (4)
1. the mailing system bidirectional identity authentication method that merges mutually of an identity and password, be that the two-way authentication technology is incorporated in the existing mailing system, make server itself can not obtain user's password, and reach the bidirectional identity authentication of user and server, its concrete steps are as follows:
(1) server initialization system parameter T=(p, a, b, g, P
Pub, q, h, H, I, H
1, I
1), the selection of parameter process is as follows:
(1.1) choose a prime number finite field F
p, choose field element a, b ∈ F
pSatisfy equation: E:y
2≡ x
3+ ax+b (modp), wherein 4a
3+ 27b
2≠ 0 (modp);
(1.2) at curve E (F
p) on choose a basic point g=(x
g, y
g), and calculate the rank q that g is ordered, h=#E (F
p)/q; These parameters satisfy following condition: #E (F
p) ≠ p; p
B≠ 1 (mod q), wherein 1≤B<20; H≤4; P, q also must satisfy p=2mod3 and p=6q-1;
(2) selected server identification ID
S, generate server identification ID
SCorresponding private key d
S, its step is as follows:
(2.1) with ID
SBe mapped to elliptic curve E (F
p) on some Q
S
(2.2) calculate private key: d
S=sQ
S
(3) user registers at mail server, by the selected user's of user identify label ID
UAnd user password pwd; By server authentication User Identity ID
UUniqueness; The hash value h (pwd) of server end storage user password, h represents hash algorithm; And provide this user's private key d
U, this private key d
UGenerate by server;
(4) user uses the sign ID of mail server
SFollowing information encrypted sends to mail server then:
Wherein || expression connects,
The expression XOR, pwd represents user password, and h represents hash algorithm, and g represents a basic point, and x is a random number, g
xThe x power of expression g, ID
UThe sign of representative of consumer U;
(5) after server is received information encrypted, at first use the private key d of oneself
SBe decrypted, obtain message
Then according to user ID in the database
UCryptographic Hash h (pwd) with
Carry out XOR, obtain x, calculate g
x, and compare to confirm user ID with the information of receiving
UThe correctness of password pwd come identifying user identity; At last, mail server is selected a disposable dynamic password y, with this user's identity ID
UEncrypting messages M=x||y also sends to this user;
(6) user deciphers x||y, and compares the authentication server identity with he x of transmission.
2. identity according to claim 1 and the mailing system bidirectional identity authentication method that password merges mutually is characterized in that: the private key d in the described step (3)
UThe step that is generated by server is as follows:
With ID
UBe mapped to elliptic curve E (F
p) on some Q
U, i.e. function H in the step (1.4)
1
Calculate private key: d
U=sQ
U
3. identity according to claim 1 and the mailing system bidirectional identity authentication method that password merges mutually, it is characterized in that: the user in the described step (4) uses the sign ID of mail server
SThe step that information is encrypted is as follows:
With server identification ID
SBe mapped to elliptic curve E (F
p) on the some Q on q rank
S
Select a random train σ, r=H is set
1(σ, M), wherein M is above-mentioned message:
Calculate ciphertext
Wherein
E is the bilinearity mapping function of a weil pairing.
4. identity according to claim 1 and the mailing system bidirectional identity authentication method that password merges mutually is characterized in that: the mail server in the described step (5) is selected a disposable dynamic password y, with this user's identity ID
UEncrypting messages M=x||y and to send to this user's encrypting step as follows:
Identify label ID with the user
UBe mapped to elliptic curve E (F
p) on the some Q on q rank
U
Select a random train σ, r=H is set
1(σ, M), wherein M is above-mentioned message: M=x||y;
Calculate ciphertext
Wherein
E is the bilinearity mapping function of a weil pairing.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2011101510652A CN102195782A (en) | 2011-06-07 | 2011-06-07 | Two-way identity authentication method with integration of identity and password for mailing system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2011101510652A CN102195782A (en) | 2011-06-07 | 2011-06-07 | Two-way identity authentication method with integration of identity and password for mailing system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN102195782A true CN102195782A (en) | 2011-09-21 |
Family
ID=44603209
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2011101510652A Pending CN102195782A (en) | 2011-06-07 | 2011-06-07 | Two-way identity authentication method with integration of identity and password for mailing system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102195782A (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103905437A (en) * | 2014-03-22 | 2014-07-02 | 哈尔滨工程大学 | Remote protocol authentication method based on passwords |
CN106921640A (en) * | 2015-12-28 | 2017-07-04 | 航天信息股份有限公司 | Identity identifying method, authentication device and Verification System |
CN107615797A (en) * | 2015-05-25 | 2018-01-19 | 邵通 | A kind of device, method and system of hiding subscriber identity data |
CN108737354A (en) * | 2017-04-25 | 2018-11-02 | 苏宁云商集团股份有限公司 | A kind of implementation method and its system of mobile payment security protection |
CN111049725A (en) * | 2019-10-25 | 2020-04-21 | 徐宏军 | Address creating mode, sending and receiving method, device and system of e-mail |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101594233A (en) * | 2009-06-26 | 2009-12-02 | 成都市华为赛门铁克科技有限公司 | Upload the method for information, the method and apparatus and the communication system of reception information |
-
2011
- 2011-06-07 CN CN2011101510652A patent/CN102195782A/en active Pending
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101594233A (en) * | 2009-06-26 | 2009-12-02 | 成都市华为赛门铁克科技有限公司 | Upload the method for information, the method and apparatus and the communication system of reception information |
Non-Patent Citations (1)
Title |
---|
初剑峰: "基于信任服务的IBE体系", 《中国博士学位论文全文数据库》 * |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103905437A (en) * | 2014-03-22 | 2014-07-02 | 哈尔滨工程大学 | Remote protocol authentication method based on passwords |
CN103905437B (en) * | 2014-03-22 | 2017-02-22 | 哈尔滨工程大学 | Remote protocol authentication method based on passwords |
CN107615797A (en) * | 2015-05-25 | 2018-01-19 | 邵通 | A kind of device, method and system of hiding subscriber identity data |
CN106921640A (en) * | 2015-12-28 | 2017-07-04 | 航天信息股份有限公司 | Identity identifying method, authentication device and Verification System |
CN108737354A (en) * | 2017-04-25 | 2018-11-02 | 苏宁云商集团股份有限公司 | A kind of implementation method and its system of mobile payment security protection |
CN108737354B (en) * | 2017-04-25 | 2020-11-10 | 苏宁易购集团股份有限公司 | Method and system for realizing mobile payment security protection |
CN111049725A (en) * | 2019-10-25 | 2020-04-21 | 徐宏军 | Address creating mode, sending and receiving method, device and system of e-mail |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104539423B (en) | A kind of implementation method without CertPubKey cipher system of no Bilinear map computing | |
US7634085B1 (en) | Identity-based-encryption system with partial attribute matching | |
CN105743646B (en) | A kind of Identity based encryption method and system | |
CN104052608B (en) | Certificate-free remote anonymous authentication method based on third party in cloud application | |
CN104767612B (en) | It is a kind of from the label decryption method without certificate environment to PKIX environment | |
CN107124268A (en) | A kind of privacy set common factor computational methods for resisting malicious attack | |
CN107135080B (en) | SM9 decryption method and device | |
CN102523093B (en) | Encapsulation method and encapsulation system for certificate-based key with label | |
CN104811302B (en) | Mix based on the elliptic curve without certificate and sign decryption method | |
CN103647642A (en) | Certificate-based agent heavy encryption method and system | |
CN103684794A (en) | Communication data encryption and decryption method based on DES (Data Encryption Standard), RSA and SHA-1 (Secure Hash Algorithm) encryption algorithms | |
CN104363218A (en) | Proxy re-encryption method and system on basis of certificate conditions | |
US20190356496A1 (en) | Public Key Infrastructure & Method of Distribution | |
CN103155481A (en) | Authenticated encryption for digital signatures with message recovery | |
CN104767611B (en) | It is a kind of from PKIX environment to the label decryption method without certificate environment | |
CN110113150A (en) | The encryption method and system of deniable authentication based on no certificate environment | |
CN108989054A (en) | A kind of cryptographic system and digital signature method | |
CN103297230B (en) | Information encipher-decipher method, Apparatus and system | |
CN106549963A (en) | Safe storage system based on HDFS | |
CN101710879A (en) | Novel identity-based privacy enhanced mail forwarding system | |
CN104200154A (en) | Identity based installation package signing method and identity based installation package signing device | |
CN102195782A (en) | Two-way identity authentication method with integration of identity and password for mailing system | |
Zhang et al. | Efficient and provably secure distributed signing protocol for mobile devices in wireless networks | |
Al-Janabi et al. | for Securing E-Mail | |
Agrawal et al. | Design of hybrid cryptography algorithm for secure communication |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20110921 |