CN102761556A - Method to protect communication security and privacy function of mobile client - Google Patents

Method to protect communication security and privacy function of mobile client Download PDF

Info

Publication number
CN102761556A
CN102761556A CN2012102598824A CN201210259882A CN102761556A CN 102761556 A CN102761556 A CN 102761556A CN 2012102598824 A CN2012102598824 A CN 2012102598824A CN 201210259882 A CN201210259882 A CN 201210259882A CN 102761556 A CN102761556 A CN 102761556A
Authority
CN
China
Prior art keywords
client
message
mobile service
tpm
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN2012102598824A
Other languages
Chinese (zh)
Inventor
何骏
常朝稳
贾洪勇
董建强
梁松涛
刘熙胖
刘长河
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhengzhou Xinda Jiean Information Technology Co Ltd
Original Assignee
Zhengzhou Xinda Jiean Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhengzhou Xinda Jiean Information Technology Co Ltd filed Critical Zhengzhou Xinda Jiean Information Technology Co Ltd
Priority to CN2012102598824A priority Critical patent/CN102761556A/en
Publication of CN102761556A publication Critical patent/CN102761556A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

The invention relates to a method to protect a communication security and privacy function of a mobile client. The method comprises the following steps: combining a direct anonymous authentication (DAA) protocol and a transport layer security (TLS) protocol, and utilizing the identity privacy of a DAA protocol protection client with an NFC (Near Field Communication) function, as well as the privacy between the TLS protocol protection client and a server; reading the service website information and a website connecting with the server by the client with the NFC function, realizing the protection for the client identity privacy and the communication privacy through operating a modified TLS protocol between the client and the server; adopting an ellipse curve cryptography to realize the DAA protocol, wherein the client with a DAA certificate can complete the signature; and combining the DAA protocol and the TLS protocol so as to uniformly realize the anonymity and privacy of the communication between the mobile client and the server.

Description

The method of protection mobile client communication security and privacy function
Technical field
The present invention relates to the confidentiality of communicating by letter between mobile client that a kind of protection possesses the NFC communication function and the server; The privacy of client identity be can protect simultaneously again, the protection mobile client communication security of client identity information and the method for privacy function do not revealed.
Background technology
Along with developing rapidly of mobile computing, increasing important service such as shopping at network, internet bank trade are accomplished through portable terminal (mobile phone, panel computer).The convenient, fast completion mobile service that appears as of NFC (short-range communication) provides technical support.More and more mobile equipment has possessed the NFC communication module, and these equipment can read the supporting NFC label of businessman, thereby starts mobile service according to the data that obtain easily.This business model has all proposed very high requirement to confidentiality in the process of exchange and anonymity.Existing solution is to utilize the confidentiality of transaction data between tls protocol (Transport Layer Security) protection portable terminal and the server, utilizes DAA authentication (directly anonymous authentication) to realize the anonymous authentication of portable terminal to server.Tls protocol is mainly used in and between client and server, accomplishes key agreement, utilizes the key structure of consulting out to go out an escape way.When between NFC mobile device and server, moving tls protocol, might expose some privacies of NFC equipment.Though the privacy that DAA can portable terminal, the anonymity that it has just accomplished identity proves, does not realize bipartite key agreement, therefore still can't ensure the fail safe of interactive information after the authentication.Existing these methods can only realize single target, can't both guarantee the confidentiality of communicating by letter, and can protect the anonymity of portable terminal simultaneously again.How to be directed against this problem, to combine DAA agreement and tls protocol, the anonymity and the confidentiality of communicating by letter between unified realization portable terminal and the server need to propose new technical scheme.
Summary of the invention
The objective of the invention is to overcome the deficiency that exists in the prior art and provide a kind of and combine DAA agreement and tls protocol, unified anonymity and the protection mobile client communication security of confidentiality and the method for privacy function of communicating by letter between portable terminal and the server of realizing.
The objective of the invention is to realize like this:
A kind of client that possesses the NFC communication function of can protecting is with the confidentiality of communicating by letter between the server; Can protect simultaneously protection mobile client communication security and the method for privacy function of the privacy of identities of client again; It is characterized in that: combine the direct same Transport Layer Security of anonymous authentication agreement (DAA) (TLS); Utilize the DAA protocol protection to possess the privacy of identities of the client of NFC function, utilize the confidentiality of communicating by letter between tls protocol protection client and the server simultaneously; Possess the server website information in the client reading tag of NFC communication function, Connection Service device network address is utilized the tls protocol that operation was revised between described client and the server, realizes the protection to client identity privacy and communication security; Described DAA agreement adopts elliptic curve cipher technology (ECC) to realize that client has the DAA certificate, can accomplish signature; The described modification that Handshake Protocol in the tls protocol is partly carried out is following, replaces the client identity that sends in the general T LS agreement with a nonce that produces in the identity at certificate issuance center and the key exchange process.
A kind of method of protecting mobile client communication security and privacy function, it is characterized in that: concrete steps are following:
Step 1: the mobile service certificate center is responsible for the granting of a plurality of mobile service security protocol parameters; This center operation initialization algorithm; For portable terminal and mobile service server generate various essential parameters, also send public key certificate simultaneously to the mobile service server:
1), generates promise parameter
Figure 164032DEST_PATH_IMAGE001
: in this step; Selection has enough three crowds
Figure 981685DEST_PATH_IMAGE002
of big Prime Orders; Generator makes
Figure 80408DEST_PATH_IMAGE004
for crowd
Figure 197902DEST_PATH_IMAGE003
selects respectively at random;
Figure 495208DEST_PATH_IMAGE005
; Simultaneously, also to select a bilinear mappings:
Figure 437757DEST_PATH_IMAGE006
; Next be to select random Harsh function
Figure 688741DEST_PATH_IMAGE007
,
Figure 109358DEST_PATH_IMAGE008
;
Figure 581927DEST_PATH_IMAGE009
; The last arithmetic operation of TPM in crowd
Figure 492114DEST_PATH_IMAGE010
, is let the subclass of parameter
Figure 417345DEST_PATH_IMAGE001
be that the parameter of TPM preferentially is set to
Figure 567594DEST_PATH_IMAGE012
before at
Figure 283243DEST_PATH_IMAGE001
by strict restriction;
2), generate signature and certificate parameter
Figure 42438DEST_PATH_IMAGE013
: select two hash functions;
Figure 804857DEST_PATH_IMAGE014
and
Figure 986440DEST_PATH_IMAGE015
, final setting
Figure 254742DEST_PATH_IMAGE016
;
3), generate publisher's parameter
Figure 154564DEST_PATH_IMAGE017
; For each
Figure 720675DEST_PATH_IMAGE018
; Step below carrying out: select two random integers:
Figure 819081DEST_PATH_IMAGE019
; Publisher's private key
Figure 445234DEST_PATH_IMAGE020
; Calculate then
Figure 832353DEST_PATH_IMAGE021
and
Figure 248160DEST_PATH_IMAGE022
; Publisher's PKI
Figure 404335DEST_PATH_IMAGE023
is set to
Figure 201390DEST_PATH_IMAGE024
; Then; Open parameters through the publisher derives
Figure 872542DEST_PATH_IMAGE025
; Finally; For each publisher
Figure 46035DEST_PATH_IMAGE018
,
Figure 869765DEST_PATH_IMAGE017
is set to
Figure 837721DEST_PATH_IMAGE026
;
4), generate the TPM parameter: according to the endorsement key that self embeds, TPM generates a pair of public and private key: ; In addition, TPM also will generate a privately owned secret data
Figure 379878DEST_PATH_IMAGE028
; Finally; For the corresponding main frame
Figure 572962DEST_PATH_IMAGE029
of each TPM, its open parameters
Figure 711820DEST_PATH_IMAGE011
is set to
Figure 295248DEST_PATH_IMAGE030
;
5), issue public ginseng: the open parameters of final whole system is set to
Figure 853618DEST_PATH_IMAGE031
;
Step 2: the mobile service certificate center sends common parameter and the certificate that agreement needs to portable terminal and mobile service server;
Step 3: the part that joins request of operation DAA agreement between portable terminal and the mobile service certificate center; The adding agreement operates in the TPM module
Figure 838892DEST_PATH_IMAGE032
of given portable terminal; Mobile terminal host
Figure 24016DEST_PATH_IMAGE029
, and between the mobile service certificate center
Figure 94741DEST_PATH_IMAGE033
;
1), promoter: send request by the mobile service certificate center, calculate as follows simultaneously:
;
Figure 50244DEST_PATH_IMAGE035
, ; Certificate issuer is to mobile terminal to send message
Figure 134930DEST_PATH_IMAGE037
;
2), after mobile terminal host receives this message, transmit to the TPM that is embedded in wherein;
3), after TPM receives message, respond, and carry out following computing:
Figure 992027DEST_PATH_IMAGE038
if
Figure 400192DEST_PATH_IMAGE040
; Then think and mistake occurred; Stop computing; Otherwise, calculate following steps:
Figure 445508DEST_PATH_IMAGE041
Figure 653767DEST_PATH_IMAGE042
Figure 202560DEST_PATH_IMAGE043
Figure 290602DEST_PATH_IMAGE044
Figure 619952DEST_PATH_IMAGE045
Figure 222151DEST_PATH_IMAGE047
1), the TPM module is sent message to mobile terminal host; After mobile terminal host is received message, send message
Figure 284359DEST_PATH_IMAGE048
to the mobile service certificate center through the GPRS/3G network;
2), the mobile service certificate center receives above-mentioned message, carries out following computing:
If that the mobile service certificate center is preserved be not in the message of receiving; Stop computing so, the operation of terminate agreement; Otherwise calculate as follows:
Figure 872652DEST_PATH_IMAGE050
; if
Figure 36917DEST_PATH_IMAGE051
; Then stop computing, and the operation of termination protocol; Otherwise calculate as follows:
Figure 632295DEST_PATH_IMAGE053
, mobile service certificate center calculate
Figure 10186DEST_PATH_IMAGE041
in advance);
if
Figure 673249DEST_PATH_IMAGE054
; Stop computing so; The operation of terminate agreement; Otherwise, carry out following computing:
For in all revocation lists; if
Figure 480985DEST_PATH_IMAGE056
; The operation of terminate agreement so, otherwise carry out following computing:
Figure 290547DEST_PATH_IMAGE057
Figure 796615DEST_PATH_IMAGE058
Figure 75149DEST_PATH_IMAGE059
Send message
Figure 310138DEST_PATH_IMAGE061
to mobile terminal host, with this as anonymous credential;
3) after, mobile terminal host is received this message; Therefrom extract B; Send B to TPM; After TPM receives message B, calculate
Figure 800157DEST_PATH_IMAGE062
, send D to the mobile service certificate center then;
4), after the mobile service certificate center receives D, carry out following computing:
Judge
Figure 238091DEST_PATH_IMAGE063
and
Figure 924288DEST_PATH_IMAGE064
; As long as one of them is false, with regard to the operation of standstill agreement;
Step 4: when the user gets into the NFC label area; The user presses close to label to portable terminal, and portable terminal reads the content in the NFC label through the NFC passage, read information after; Portable terminal connects the website that mobile service can be provided through the GPRS/3G network; Move signature algorithm simultaneously, calculate anonymous signature, initiate the operation of DAA-TLS agreement by portable terminal;
Step 5: mobile client
Figure 193595DEST_PATH_IMAGE065
is selected random number
Figure 307044DEST_PATH_IMAGE066
;
Figure 564367DEST_PATH_IMAGE067
is session id,
Figure 788675DEST_PATH_IMAGE065
to mobile service server
Figure 115751DEST_PATH_IMAGE068
sends
Figure 462419DEST_PATH_IMAGE069
;
Step 6: mobile service server is selected random number
Figure 637366DEST_PATH_IMAGE070
; Select secret value
Figure 631998DEST_PATH_IMAGE071
at random; Calculate
Figure 87250DEST_PATH_IMAGE072
; To
Figure 987073DEST_PATH_IMAGE073
with the computing of signing of the private key of server; Obtain
Figure 615500DEST_PATH_IMAGE074
, send message (
Figure 651589DEST_PATH_IMAGE075
) to portable terminal I then;
Step 7: after client I receives message; Select secret value
Figure 589327DEST_PATH_IMAGE076
at random; Calculate
Figure 710867DEST_PATH_IMAGE077
; Utilize the PKI of server that signature
Figure 80668DEST_PATH_IMAGE074
is verified; Checking is through
Figure 299160DEST_PATH_IMAGE078
calculated in the back; All message of utilizing the DAA private key that client is sent and receiving are done the signature computing; Obtain
Figure 96215DEST_PATH_IMAGE079
; Send message
Figure 705051DEST_PATH_IMAGE080
to server;
Figure 426013DEST_PATH_IMAGE081
wherein is as the identify label of client; Wherein, the detailed process of utilizing the DAA private key that transmission message is signed is following:
1) if ; so; Otherwise
Figure 563099DEST_PATH_IMAGE084
; Wherein,
Figure 274703DEST_PATH_IMAGE085
expression basic platform title; It is a property value that has creditable calculation modules equipment; Calculate ;
Figure 858842DEST_PATH_IMAGE087
;
Figure 176691DEST_PATH_IMAGE088
;
Figure 754303DEST_PATH_IMAGE089
;
Figure 739576DEST_PATH_IMAGE090
,
Figure 49335DEST_PATH_IMAGE091
; TPM module in being embedded in portable terminal is sent order
Figure 667529DEST_PATH_IMAGE092
; After TPM receives above-mentioned message; Carry out following computing:
Figure 720936DEST_PATH_IMAGE093
;
Figure 560716DEST_PATH_IMAGE094
,
Figure 103692DEST_PATH_IMAGE057
;
Figure 661713DEST_PATH_IMAGE095
,
Figure 564816DEST_PATH_IMAGE096
;
Figure 524681DEST_PATH_IMAGE097
,
Figure 176242DEST_PATH_IMAGE098
;
2), TPM sends message
Figure 18297DEST_PATH_IMAGE099
to mobile terminal host; After mobile terminal host is received message; The data of grasping according to oneself with receive that the content of message carries out following computing:
Figure 413506DEST_PATH_IMAGE100
, final
Figure 227878DEST_PATH_IMAGE079
signature value that generates;
Step 8: the mobile service server terminal is verified signature after receiving this message, if checking is passed through, just generates the original material of session key, and then, accomplishes the generation of final session key according to the tls protocol standard,
Process to anonymous signature verification is following: cancel the private key
Figure 863390DEST_PATH_IMAGE055
in the tabulation for all; If
Figure 130423DEST_PATH_IMAGE101
returns authentication failed so; If
Figure 391640DEST_PATH_IMAGE102
and
Figure 60519DEST_PATH_IMAGE103
returns authentication failed; If
Figure 53883DEST_PATH_IMAGE104
be perhaps, return authentication failed; Calculate ;
Figure 642843DEST_PATH_IMAGE107
;
Figure 869425DEST_PATH_IMAGE108
;
Figure 111051DEST_PATH_IMAGE109
,
Figure 464803DEST_PATH_IMAGE110
; if
Figure 842694DEST_PATH_IMAGE111
; Return signature verification failure, if equate then return the signature verification success.
The invention has the beneficial effects as follows:
The confidentiality of communicating by letter between NFC equipment need guarantee the client simultaneously when accomplishing mobile service anonymity and client and the server; Existing solution generally only realizes a target; Basically there is not scheme that anonymity and confidentiality can be provided simultaneously; The DAA-SIGMA agreement that Jesse Walker proposes just the exploring of theory, combines the DAA agreement, for IKE provides anonymous authentication property with IKE.But, in reality, seldom use, so DAA-SIGMA does not have practicality because the SIGMA agreement is a kind of IKE that is used for theory analysis.The present invention is directed to these problems, combine the tls protocol of DAA agreement, be applied to NFC equipment simultaneously and accomplish in the scene of mobile service, anonymity and confidentiality are provided when communicating with the mobile service server for NFC equipment with extensive use in the reality.
Description of drawings
Fig. 1 DAA-TLS agreement flow chart.
Embodiment
A kind of client that possesses the NFC communication function of can protecting is with the confidentiality of communicating by letter between the server; Can protect simultaneously protection mobile client communication security and the method for privacy function of the privacy of identities of client again; It is characterized in that: combine the direct same Transport Layer Security of anonymous authentication agreement (DAA) (TLS); Utilize the DAA protocol protection to possess the privacy of identities of the client of NFC function, utilize the confidentiality of communicating by letter between tls protocol protection client and the server simultaneously; Possess the server website information in the client reading tag of NFC communication function, Connection Service device network address is utilized the tls protocol that operation was revised between described client and the server, realizes the protection to client identity privacy and communication security; Described DAA agreement adopts elliptic curve cipher technology (ECC) to realize that client has the DAA certificate, can accomplish signature; The described modification that Handshake Protocol in the tls protocol is partly carried out is following, replaces the client identity that sends in the general T LS agreement with a nonce that produces in the identity at certificate issuance center and the key exchange process.
As shown in Figure 1, a kind of method of protecting mobile client communication security and privacy function, concrete steps are following:
Step 1:The mobile service certificate center can be responsible for the granting of a plurality of mobile service security protocol parameters.Operation initialization algorithm in this center for portable terminal and mobile service server generate various essential parameters, also sends public affairs to the mobile service server simultaneously
The key certificate:
1) generates promise parameter .In this step; Selection has enough three crowds
Figure 969099DEST_PATH_IMAGE002
of big Prime Orders; Generator makes
Figure 545891DEST_PATH_IMAGE004
for crowd
Figure 313493DEST_PATH_IMAGE003
selects respectively at random;
Figure 629123DEST_PATH_IMAGE005
; Simultaneously, also to select a bilinear mappings:
Figure 579761DEST_PATH_IMAGE006
.Next be to select random Harsh function
Figure 462266DEST_PATH_IMAGE007
,
Figure 877067DEST_PATH_IMAGE008
.
Figure 819615DEST_PATH_IMAGE009
。In the present invention; The last arithmetic operation of TPM in crowd
Figure 257550DEST_PATH_IMAGE010
, is done to let the subclass of parameter
Figure 756796DEST_PATH_IMAGE001
be that the parameter
Figure 963786DEST_PATH_IMAGE011
of TPM can preferentially be set to
Figure 64783DEST_PATH_IMAGE012
before at
Figure 139552DEST_PATH_IMAGE001
by strict restriction like this.
2) generate signature and certificate parameter
Figure 289091DEST_PATH_IMAGE013
: select two hash functions;
Figure 930681DEST_PATH_IMAGE014
and
Figure 949453DEST_PATH_IMAGE015
, final setting
Figure 361980DEST_PATH_IMAGE016
.
3) generation publisher's parameter
Figure 452296DEST_PATH_IMAGE017
; For each
Figure 633878DEST_PATH_IMAGE018
; Step below carrying out: select two random integers:
Figure 902180DEST_PATH_IMAGE019
, publisher's private key
Figure 536423DEST_PATH_IMAGE020
.Calculate then and
Figure 466519DEST_PATH_IMAGE022
, publisher's PKI
Figure 92672DEST_PATH_IMAGE023
is set to
Figure 214212DEST_PATH_IMAGE024
.Then; Open parameters through the publisher derives
Figure 895598DEST_PATH_IMAGE025
; Finally; For each publisher
Figure 51773DEST_PATH_IMAGE018
,
Figure 848828DEST_PATH_IMAGE017
is set to
Figure 519980DEST_PATH_IMAGE026
.
4) generate the TPM parameter.According to the endorsement key that self embeds, TPM generates a pair of public and private key:
Figure 427894DEST_PATH_IMAGE027
.In addition, TPM also will generate a privately owned secret data
Figure 251624DEST_PATH_IMAGE028
.Finally; For the corresponding main frame
Figure 219580DEST_PATH_IMAGE029
of each TPM, its open parameters
Figure 315712DEST_PATH_IMAGE011
is set to
Figure 89633DEST_PATH_IMAGE030
.
5) issue common parameter.Finally, the open parameters of whole system is set to
Figure 954821DEST_PATH_IMAGE031
.
Step 2:The mobile service certificate center sends common parameter and the certificate that agreement needs to portable terminal and mobile service server.
Step 3:The part that joins request of operation DAA agreement adds the TPM module that agreement operates in given portable terminal between portable terminal and the mobile service certificate center
Figure 93678DEST_PATH_IMAGE032
, mobile terminal host , and the mobile service certificate center
Figure 501056DEST_PATH_IMAGE033
Between.
1) promoter: send request by the mobile service certificate center, calculate as follows simultaneously:
Figure 220751DEST_PATH_IMAGE034
;
Figure 592826DEST_PATH_IMAGE035
,
Figure 663550DEST_PATH_IMAGE036
; Certificate issuer is to mobile terminal to send message
Figure 530006DEST_PATH_IMAGE037
.
2) after mobile terminal host is received this message, transmit to the TPM that is embedded in wherein.
3) after TPM receives message, respond, and carry out following computing:
Figure 369786DEST_PATH_IMAGE038
if
Figure 470783DEST_PATH_IMAGE040
; Then think mistake to have occurred, stop computing.Otherwise, calculate following steps:
Figure 765050DEST_PATH_IMAGE044
Figure 160259DEST_PATH_IMAGE045
Figure 859411DEST_PATH_IMAGE047
4) the TPM module is sent message
Figure 939494DEST_PATH_IMAGE048
to mobile terminal host; After mobile terminal host is received message, send message
Figure 138394DEST_PATH_IMAGE048
to the mobile service certificate center through the GPRS/3G network;
5) the mobile service certificate center is received above-mentioned message, carries out following computing:
If
Figure 807273DEST_PATH_IMAGE049
that the mobile service certificate center is preserved be not in the message of receiving; Stop computing so, the operation of terminate agreement.Otherwise calculate as follows:
Figure 862953DEST_PATH_IMAGE050
; if
Figure 617283DEST_PATH_IMAGE051
; Then stop computing, and the operation of termination protocol.Otherwise calculate as follows:
Figure 668809DEST_PATH_IMAGE052
Figure 192194DEST_PATH_IMAGE053
(mobile service centers can be calculated in advance a certificate good
Figure 684355DEST_PATH_IMAGE041
);
if
Figure 925981DEST_PATH_IMAGE054
; Stop computing so, the operation of terminate agreement.Otherwise, carry out following computing:
For
Figure 201104DEST_PATH_IMAGE055
in all revocation lists; if
Figure 657624DEST_PATH_IMAGE056
, the operation of terminate agreement so.Otherwise carry out following computing:
Figure 992791DEST_PATH_IMAGE057
Figure 784029DEST_PATH_IMAGE058
Figure 360821DEST_PATH_IMAGE060
Send message
Figure 444053DEST_PATH_IMAGE061
to mobile terminal host, with this as anonymous credential.
6) after mobile terminal host is received this message, therefrom extract B, send B to TPM.After TPM receives message B; Calculate
Figure 394691DEST_PATH_IMAGE062
, send D to the mobile service certificate center then.
7) after the mobile service certificate center is received D, carry out following computing:
Judge
Figure 277196DEST_PATH_IMAGE063
and
Figure 691997DEST_PATH_IMAGE064
; As long as one of them is false, with regard to the operation of standstill agreement.
Step 4:When the user got into the NFC label area, the user pressed close to label to portable terminal, can comprise various contents in the label, and portable terminal reads the content in the NFC label through the NFC passage, and for example placard, discount information, admission ticket are bought website etc.After having read information, portable terminal connects the website that mobile service can be provided through the GPRS/3G network, moves signature algorithm simultaneously, calculates anonymous signature.Initiate the operation of DAA-TLS agreement by portable terminal.
Step 5:Mobile client
Figure 634545DEST_PATH_IMAGE065
Select random number
Figure 885529DEST_PATH_IMAGE066
, Be session id,
Figure 778716DEST_PATH_IMAGE065
To the mobile service server
Figure 954482DEST_PATH_IMAGE068
Send
Figure 879713DEST_PATH_IMAGE069
Step 6:The mobile service server
Figure 104021DEST_PATH_IMAGE068
Select random number
Figure 474173DEST_PATH_IMAGE070
, select secret value at random
Figure 758524DEST_PATH_IMAGE071
, calculate
Figure 171050DEST_PATH_IMAGE072
, right
Figure 199049DEST_PATH_IMAGE073
With the computing of signing of the private key of server, obtain
Figure 380632DEST_PATH_IMAGE074
, then to portable terminal I send message (
Figure 570305DEST_PATH_IMAGE075
).
Step 7: after client I receives message, select secret value at random
Figure 470128DEST_PATH_IMAGE076
, calculate
Figure 98555DEST_PATH_IMAGE077
, the PKI that utilizes server is to signature
Figure 400223DEST_PATH_IMAGE074
Verify that checking is calculated through the back
Figure 760798DEST_PATH_IMAGE078
, utilize the DAA private key that client is sent and all message of receiving are done the signature computing, obtain , send message to server
Figure 330767DEST_PATH_IMAGE080
, wherein
Figure 221363DEST_PATH_IMAGE081
Identify label as client.Wherein, the detailed process of utilizing the DAA private key that transmission message is signed is following:
1) if
Figure 454636DEST_PATH_IMAGE082
;
Figure 63472DEST_PATH_IMAGE083
so, otherwise
Figure 364528DEST_PATH_IMAGE084
.Wherein,
Figure 375209DEST_PATH_IMAGE085
expression basic platform title is a property value that has creditable calculation modules equipment.Calculate
Figure 654750DEST_PATH_IMAGE086
;
Figure 750881DEST_PATH_IMAGE087
;
Figure 462486DEST_PATH_IMAGE088
;
Figure 389990DEST_PATH_IMAGE089
;
Figure 528848DEST_PATH_IMAGE090
,
Figure 112276DEST_PATH_IMAGE091
; TPM module in being embedded in portable terminal is sent order
Figure 175041DEST_PATH_IMAGE092
.After TPM receives above-mentioned message; Carry out following computing: ; ,
Figure 603114DEST_PATH_IMAGE057
;
Figure 656521DEST_PATH_IMAGE095
, ; , ;
2) TPM sends message
Figure 520908DEST_PATH_IMAGE099
to mobile terminal host; After mobile terminal host is received message; The data of grasping according to oneself with receive that the content of message carries out following computing:
Figure 215195DEST_PATH_IMAGE100
, just final
Figure 866756DEST_PATH_IMAGE079
signature value that generates.
Step 8:The mobile service server terminal is verified signature after receiving this message, if checking is passed through; Just can generate the original material of session key; And then, accomplish the generation of final session key according to the tls protocol standard, concrete steps can be with reference to the tls protocol standard.
Process to anonymous signature verification is following: cancel the private key
Figure 725122DEST_PATH_IMAGE055
in the tabulation for all; If
Figure 120331DEST_PATH_IMAGE101
returns authentication failed so.If
Figure 731441DEST_PATH_IMAGE102
and returns authentication failed.If
Figure 398100DEST_PATH_IMAGE104
be
Figure 659317DEST_PATH_IMAGE105
perhaps, return authentication failed.Calculate ;
Figure 321560DEST_PATH_IMAGE107
; ;
Figure 625951DEST_PATH_IMAGE109
,
Figure 211653DEST_PATH_IMAGE110
.if
Figure 641497DEST_PATH_IMAGE111
; Return signature verification failure, if equate then return the signature verification success.

Claims (2)

1. can protect the client that possesses the NFC communication function with the confidentiality of communicating by letter between the server for one kind; Can protect simultaneously protection mobile client communication security and the method for privacy function of the privacy of identities of client again; It is characterized in that: combine the direct same Transport Layer Security of anonymous authentication agreement (DAA) (TLS); Utilize the DAA protocol protection to possess the privacy of identities of the client of NFC function, utilize the confidentiality of communicating by letter between tls protocol protection client and the server simultaneously; Possess the server website information in the client reading tag of NFC communication function, Connection Service device network address is utilized the tls protocol that operation was revised between described client and the server, realizes the protection to client identity privacy and communication security; Described DAA agreement adopts elliptic curve cipher technology (ECC) to realize that client has the DAA certificate, can accomplish signature; The described modification that Handshake Protocol in the tls protocol is partly carried out is following, replaces the client identity that sends in the general T LS agreement with a nonce that produces in the identity at certificate issuance center and the key exchange process.
2. method of protecting mobile client communication security and privacy function, it is characterized in that: concrete steps are following:
Step 1: the mobile service certificate center is responsible for the granting of a plurality of mobile service security protocol parameters; This center operation initialization algorithm; For portable terminal and mobile service server generate various essential parameters, also send public key certificate simultaneously to the mobile service server:
1), generates promise parameter
Figure 279178DEST_PATH_IMAGE001
: in this step; Selection has enough three crowds of big Prime Orders; Generator makes for crowd
Figure 680258DEST_PATH_IMAGE003
selects respectively at random;
Figure 610354DEST_PATH_IMAGE005
; Simultaneously, also to select a bilinear mappings:
Figure 603718DEST_PATH_IMAGE006
; Next be to select random Harsh function
Figure 358047DEST_PATH_IMAGE007
,
Figure 173688DEST_PATH_IMAGE008
;
Figure 697073DEST_PATH_IMAGE009
; The last arithmetic operation of TPM in crowd
Figure 861338DEST_PATH_IMAGE010
, is let the subclass of parameter
Figure 165280DEST_PATH_IMAGE001
be that the parameter
Figure 705983DEST_PATH_IMAGE011
of TPM preferentially is set to
Figure 999135DEST_PATH_IMAGE012
before at by strict restriction;
2), generate signature and certificate parameter
Figure 462477DEST_PATH_IMAGE013
: select two hash functions;
Figure 869188DEST_PATH_IMAGE014
and
Figure 101586DEST_PATH_IMAGE015
, final setting
Figure 873233DEST_PATH_IMAGE016
;
3), generate publisher's parameter
Figure 636921DEST_PATH_IMAGE017
; For each
Figure 519426DEST_PATH_IMAGE018
; Step below carrying out: select two random integers: ; Publisher's private key ; Calculate then
Figure 314709DEST_PATH_IMAGE021
and ; Publisher's PKI
Figure 519481DEST_PATH_IMAGE023
is set to
Figure 632930DEST_PATH_IMAGE024
; Then; Open parameters through the publisher derives
Figure 620478DEST_PATH_IMAGE025
; Finally; For each publisher ,
Figure 171862DEST_PATH_IMAGE017
is set to
Figure 3683DEST_PATH_IMAGE026
;
4), generate the TPM parameter: according to the endorsement key that self embeds, TPM generates a pair of public and private key:
Figure 416210DEST_PATH_IMAGE027
; In addition, TPM also will generate a privately owned secret data
Figure 506525DEST_PATH_IMAGE028
; Finally; For the corresponding main frame of each TPM, its open parameters
Figure 143360DEST_PATH_IMAGE011
is set to ;
5), issue public ginseng: the open parameters of final whole system is set to
Figure 652369DEST_PATH_IMAGE031
;
Step 2: the mobile service certificate center sends common parameter and the certificate that agreement needs to portable terminal and mobile service server;
Step 3: the part that joins request of operation DAA agreement between portable terminal and the mobile service certificate center; The adding agreement operates in the TPM module
Figure 954037DEST_PATH_IMAGE032
of given portable terminal; Mobile terminal host
Figure 642508DEST_PATH_IMAGE029
, and between the mobile service certificate center
Figure 764047DEST_PATH_IMAGE033
;
1), promoter: send request by the mobile service certificate center, calculate as follows simultaneously:
Figure 946898DEST_PATH_IMAGE034
;
Figure 103073DEST_PATH_IMAGE035
, ; Certificate issuer is to mobile terminal to send message
Figure 571281DEST_PATH_IMAGE037
;
2), after mobile terminal host receives this message, transmit to the TPM that is embedded in wherein;
3), after TPM receives message, respond, and carry out following computing:
Figure 479194DEST_PATH_IMAGE038
Figure 489875DEST_PATH_IMAGE039
if ; Then think and mistake occurred; Stop computing; Otherwise, calculate following steps:
Figure 865547DEST_PATH_IMAGE041
Figure 577152DEST_PATH_IMAGE042
Figure 504656DEST_PATH_IMAGE043
Figure 643514DEST_PATH_IMAGE044
Figure 39991DEST_PATH_IMAGE045
Figure 555286DEST_PATH_IMAGE046
Figure 337297DEST_PATH_IMAGE047
1), the TPM module is sent message
Figure 647056DEST_PATH_IMAGE048
to mobile terminal host; After mobile terminal host is received message, send message
Figure 717780DEST_PATH_IMAGE048
to the mobile service certificate center through the GPRS/3G network;
2), the mobile service certificate center receives above-mentioned message, carries out following computing:
If
Figure 85701DEST_PATH_IMAGE049
that the mobile service certificate center is preserved be not in the message of receiving; Stop computing so, the operation of terminate agreement; Otherwise calculate as follows:
Figure 925481DEST_PATH_IMAGE050
; if
Figure 406141DEST_PATH_IMAGE051
; Then stop computing, and the operation of termination protocol; Otherwise calculate as follows:
Figure 26478DEST_PATH_IMAGE052
Figure 617996DEST_PATH_IMAGE053
, mobile service certificate center calculate
Figure 125332DEST_PATH_IMAGE041
in advance);
if
Figure 42472DEST_PATH_IMAGE054
; Stop computing so; The operation of terminate agreement; Otherwise, carry out following computing:
For
Figure 822210DEST_PATH_IMAGE055
in all revocation lists; if
Figure 279736DEST_PATH_IMAGE056
; The operation of terminate agreement so, otherwise carry out following computing:
Figure 94108DEST_PATH_IMAGE057
Figure 916571DEST_PATH_IMAGE058
Figure 694088DEST_PATH_IMAGE060
Send message
Figure 362967DEST_PATH_IMAGE061
to mobile terminal host, with this as anonymous credential;
3) after, mobile terminal host is received this message; Therefrom extract B; Send B to TPM; After TPM receives message B, calculate
Figure 418648DEST_PATH_IMAGE062
, send D to the mobile service certificate center then;
4), after the mobile service certificate center receives D, carry out following computing:
Judge
Figure 172977DEST_PATH_IMAGE063
and
Figure 723038DEST_PATH_IMAGE064
; As long as one of them is false, with regard to the operation of standstill agreement;
Step 4: when the user gets into the NFC label area; The user presses close to label to portable terminal, and portable terminal reads the content in the NFC label through the NFC passage, read information after; Portable terminal connects the website that mobile service can be provided through the GPRS/3G network; Move signature algorithm simultaneously, calculate anonymous signature, initiate the operation of DAA-TLS agreement by portable terminal;
Step 5: mobile client
Figure 246424DEST_PATH_IMAGE065
is selected random number
Figure 676268DEST_PATH_IMAGE066
; is session id,
Figure 255334DEST_PATH_IMAGE065
to mobile service server
Figure 898805DEST_PATH_IMAGE068
sends
Figure 542626DEST_PATH_IMAGE069
;
Step 6: mobile service server
Figure 271548DEST_PATH_IMAGE068
is selected random number ; Select secret value
Figure 910656DEST_PATH_IMAGE071
at random; Calculate ; To
Figure 632942DEST_PATH_IMAGE073
with the computing of signing of the private key of server; Obtain , send message (
Figure 680980DEST_PATH_IMAGE075
) to portable terminal I then;
Step 7: after client I receives message; Select secret value at random; Calculate
Figure 123780DEST_PATH_IMAGE077
; Utilize the PKI of server that signature
Figure 544397DEST_PATH_IMAGE074
is verified; Checking is through calculated in the back; All message of utilizing the DAA private key that client is sent and receiving are done the signature computing; Obtain
Figure 442001DEST_PATH_IMAGE079
; Send message to server;
Figure 653856DEST_PATH_IMAGE081
wherein is as the identify label of client; Wherein, the detailed process of utilizing the DAA private key that transmission message is signed is following:
1) if
Figure 715353DEST_PATH_IMAGE082
;
Figure 999704DEST_PATH_IMAGE083
so; Otherwise
Figure 225280DEST_PATH_IMAGE084
; Wherein,
Figure 253279DEST_PATH_IMAGE085
expression basic platform title; It is a property value that has creditable calculation modules equipment; Calculate
Figure 434862DEST_PATH_IMAGE086
;
Figure 686851DEST_PATH_IMAGE087
;
Figure 586674DEST_PATH_IMAGE088
; ;
Figure 768967DEST_PATH_IMAGE090
,
Figure 129542DEST_PATH_IMAGE091
; TPM module in being embedded in portable terminal is sent order ; After TPM receives above-mentioned message; Carry out following computing:
Figure 948779DEST_PATH_IMAGE093
;
Figure 839374DEST_PATH_IMAGE094
,
Figure 636429DEST_PATH_IMAGE057
;
Figure 58314DEST_PATH_IMAGE095
,
Figure 231807DEST_PATH_IMAGE096
;
Figure 304805DEST_PATH_IMAGE097
,
Figure 272761DEST_PATH_IMAGE098
;
2), TPM sends message
Figure 368893DEST_PATH_IMAGE099
to mobile terminal host; After mobile terminal host is received message; The data of grasping according to oneself with receive that the content of message carries out following computing:
Figure 392081DEST_PATH_IMAGE100
, final
Figure 257269DEST_PATH_IMAGE079
signature value that generates;
Step 8: the mobile service server terminal is verified signature after receiving this message, if checking is passed through, just generates the original material of session key, and then, accomplishes the generation of final session key according to the tls protocol standard,
Process to anonymous signature verification is following: cancel the private key
Figure 396127DEST_PATH_IMAGE055
in the tabulation for all; If returns authentication failed so; If
Figure 291587DEST_PATH_IMAGE102
and
Figure 276861DEST_PATH_IMAGE103
returns authentication failed; If
Figure 399669DEST_PATH_IMAGE104
be
Figure 470393DEST_PATH_IMAGE105
perhaps, return authentication failed; Calculate ;
Figure 425897DEST_PATH_IMAGE107
; ;
Figure 531090DEST_PATH_IMAGE109
,
Figure 388187DEST_PATH_IMAGE110
; if ; Return signature verification failure, if equate then return the signature verification success.
CN2012102598824A 2012-07-26 2012-07-26 Method to protect communication security and privacy function of mobile client Pending CN102761556A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2012102598824A CN102761556A (en) 2012-07-26 2012-07-26 Method to protect communication security and privacy function of mobile client

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2012102598824A CN102761556A (en) 2012-07-26 2012-07-26 Method to protect communication security and privacy function of mobile client

Publications (1)

Publication Number Publication Date
CN102761556A true CN102761556A (en) 2012-10-31

Family

ID=47055877

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2012102598824A Pending CN102761556A (en) 2012-07-26 2012-07-26 Method to protect communication security and privacy function of mobile client

Country Status (1)

Country Link
CN (1) CN102761556A (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103475473A (en) * 2013-08-26 2013-12-25 广东数字证书认证中心有限公司 Digital signature method, digital signature equipment, password operation method in digital signature, and server
CN107743066A (en) * 2017-11-07 2018-02-27 中证技术股份有限公司 A kind of anonymity signature method and system supervised
CN110012097A (en) * 2019-04-04 2019-07-12 苏州足加新能源科技有限公司 Communication means between charging pile client and charging pile server
CN110677240A (en) * 2019-08-29 2020-01-10 阿里巴巴集团控股有限公司 Method and device for providing high-availability computing service through certificate issuing
US10790979B1 (en) 2019-08-29 2020-09-29 Alibaba Group Holding Limited Providing high availability computing service by issuing a certificate
CN112116475A (en) * 2020-09-22 2020-12-22 中国科学院沈阳计算技术研究所有限公司 Block chain-based distributed data transaction method and system
CN113315788A (en) * 2021-07-28 2021-08-27 北京电信易通信息技术股份有限公司 Lightweight protection method and system for sensitive data of video conference mobile terminal

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101146126A (en) * 2006-09-14 2008-03-19 索尼株式会社 Wireless communication system, wireless communication device, authentication method and program thereof
CN101482957A (en) * 2007-12-21 2009-07-15 北京大学 Credible electronic transaction method and transaction system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101146126A (en) * 2006-09-14 2008-03-19 索尼株式会社 Wireless communication system, wireless communication device, authentication method and program thereof
CN101482957A (en) * 2007-12-21 2009-07-15 北京大学 Credible electronic transaction method and transaction system

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
CHRISTIAN WACHSMANN 等: "Lightweight Anonymous Authentication with TLS and DAA for Embedded Mobile Devices", 《13TH INTERNATIONAL CONFERENCE,ISC 2010》 *
EMANUELE CESENA 等: "Anonymous Authentication with TLS and DAA", 《TRUST 2010,LNCS》 *
LIQUN CHEN 等: "On the Design and Implementation of an efficient DAA Scheme", 《9TH IFIP WG 8.8/11.2 INTERNATIONAL CONFERENCE,CARDIS 2010》 *

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103475473A (en) * 2013-08-26 2013-12-25 广东数字证书认证中心有限公司 Digital signature method, digital signature equipment, password operation method in digital signature, and server
CN103475473B (en) * 2013-08-26 2016-10-05 数安时代科技股份有限公司 Crypto-operation method and server in digital signature method and equipment, digital signature
CN107743066A (en) * 2017-11-07 2018-02-27 中证技术股份有限公司 A kind of anonymity signature method and system supervised
CN110012097A (en) * 2019-04-04 2019-07-12 苏州足加新能源科技有限公司 Communication means between charging pile client and charging pile server
CN110677240A (en) * 2019-08-29 2020-01-10 阿里巴巴集团控股有限公司 Method and device for providing high-availability computing service through certificate issuing
CN110677240B (en) * 2019-08-29 2020-07-10 阿里巴巴集团控股有限公司 Method, apparatus and medium for providing highly available computing services through certificate issuance
US10790979B1 (en) 2019-08-29 2020-09-29 Alibaba Group Holding Limited Providing high availability computing service by issuing a certificate
US10972272B2 (en) 2019-08-29 2021-04-06 Advanced New Technologies Co., Ltd. Providing high availability computing service by issuing a certificate
US11206137B2 (en) 2019-08-29 2021-12-21 Advanced New Technologies Co., Ltd. Providing high availability computing service by issuing a certificate
CN112116475A (en) * 2020-09-22 2020-12-22 中国科学院沈阳计算技术研究所有限公司 Block chain-based distributed data transaction method and system
CN112116475B (en) * 2020-09-22 2023-07-04 中国科学院沈阳计算技术研究所有限公司 Distributed data transaction method and system based on blockchain
CN113315788A (en) * 2021-07-28 2021-08-27 北京电信易通信息技术股份有限公司 Lightweight protection method and system for sensitive data of video conference mobile terminal

Similar Documents

Publication Publication Date Title
Qin et al. A secure and privacy-preserving mobile wallet with outsourced verification in cloud computing
CN109067539B (en) Alliance chain transaction method, alliance chain transaction equipment and computer readable storage medium
CA2701055C (en) Method of providing assured transactions using secure transaction appliance and watermark verification
CN108234115B (en) Information security verification method, device and system
CN102761556A (en) Method to protect communication security and privacy function of mobile client
Liu et al. State of the art: Secure mobile payment
CN103546567B (en) Without certificate cross-domain authentication method in a kind of credible cloud computing environment
CN109064324A (en) Method of commerce, electronic device and readable storage medium storing program for executing based on alliance's chain
CN108366069A (en) A kind of mutual authentication method and system
CN101183439A (en) Electronic bill processing system and processing method
CN104184588B (en) The undetachable digital signatures method of identity-based
Chen et al. A secure and efficient key authentication using bilinear pairing for NFC mobile payment service
KR101879758B1 (en) Method for Generating User Digital Certificate for Individual User Terminal and for Authenticating Using the Same Digital Certificate
CN102118251A (en) Security authentication method for internet banking remote payment based on multi-interface intelligent safety card
Saranya et al. Efficient mobile security for E health care application in cloud for secure payment using key distribution
CN102710611A (en) Network security authentication method and system
Gkaniatsou et al. Low-level attacks in bitcoin wallets
CN112435026B (en) Method and device for protecting file transaction information by using zero-knowledge proof and electronic equipment
CN102694781A (en) Internet-based system and method for security information interaction
Shao et al. IBE-BCIOT: an IBE based cross-chain communication mechanism of blockchain in IoT
Yeh et al. A robust mobile payment scheme with smart contract-based transaction repository
Chang et al. A secure and efficient authentication scheme for e-coupon systems
Saraswat et al. UpHaaR: Blockchain-based charity donation scheme to handle financial irregularities
CN104320253A (en) Two-dimension code authentication system and method based on CBS signature mechanism
CN103281180B (en) User is protected to access the bill generation method of privacy in a kind of network service

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20121031