CN103118009A - Authentication key exchange method and system - Google Patents
Authentication key exchange method and system Download PDFInfo
- Publication number
- CN103118009A CN103118009A CN201310005726XA CN201310005726A CN103118009A CN 103118009 A CN103118009 A CN 103118009A CN 201310005726X A CN201310005726X A CN 201310005726XA CN 201310005726 A CN201310005726 A CN 201310005726A CN 103118009 A CN103118009 A CN 103118009A
- Authority
- CN
- China
- Prior art keywords
- authenticate key
- key exchange
- key
- authenticate
- identity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention belongs to the technical field of network safety and provides an authentication key exchange method and a system. According to the authentication key exchange method, a first authentication key exchanging part exchanges information according to public parameters, a service authentication request and an authentication key, confirms corresponding threshold access structure and calculation ciphertext, and calculates a first sharing session key by combining with an identity private key, and a second authentication key exchanging part calculates a second sharing session key according to the sherohold access structure, an identity public key, an identity ciphering public key, the ciphertex and an attribute set private key. According to the authentication key exchange method and the system, no complex management and identification of a public key certificate are needed, implicit key authentication is achieved, requirement of privacy safe application is satisfied, anonymous communication and anonymous access of a receiving part and a sending part are achieved, and executing time and the cost of communication are reduced by the adoption of one round of interaction.
Description
Technical field
The invention belongs to network safety filed, relate in particular to a kind of authenticate key switching method and system.
Background technology
Authenticate and key exchange protocol is a kind of in order to guaranteeing the important protocol of Network Communicate Security, and it will authenticate and cipher key change combines, and guarantee the secure communication of open network environment, is the basic module of structure safety, complexity and upper-layer protocol.
Along with the proposition based on the identification cipher system, the ID-based cryptography IKE has appearred.This agreement need not complicated public key certificate management and differentiates, but the each side that requires to participate in the authenticate key exchange all need have definite identity information, is unfavorable for realizing the personal secrets services such as anonymous communication and the control of information anonymous access.
Summary of the invention
The object of the present invention is to provide a kind of authenticate key switching method, be intended to solve existing ID-based cryptography IKE requirement and participate in each side and have definite identity information, be unfavorable for realizing the problem of personal secrets service.
The present invention is achieved in that a kind of authenticate key switching method, and described method comprises:
Step S1: calculate the property set private key of the identity public key of identity ciphering public keys, the first authenticate key exchange side and identity private key, the second authenticate key exchange side, and set up common parameter;
Step S2: service authentication request and authenticate key exchange message that described the first authenticate key exchange root sends according to described common parameter and described the second authenticate key exchange side, determine corresponding thresholding access structure, calculate ciphertext, and calculate first in conjunction with described identity private key and share session key, described the second authenticate key exchange root calculates second according to described thresholding access structure, described identity public key, described identity ciphering public keys, described ciphertext, described property set private key and shares session key.
Another object of the present invention is to provide a kind of authenticate key switching system, described system comprises:
Initialization unit, the identity public key and identity private key, the authenticate key that are used for calculating identity ciphering public keys, authenticate key exchange one side exchange the opposing party's property set private key, and set up common parameter;
The first authenticate key exchange side as described authenticate key exchange one side, be used for service authentication request and authenticate key exchange message according to described common parameter and described authenticate key exchange the opposing party transmission, determine corresponding thresholding access structure, calculate ciphertext, and calculate first in conjunction with identity private key and share session key;
The second authenticate key exchange side as described authenticate key exchange the opposing party, be used for sending described service authentication request and described authenticate key exchange message to described the first authenticate key exchange side, and according to described thresholding access structure, described identity public key, described identity ciphering public keys, described ciphertext, the shared session key of described property set private key calculating second.
Authenticate key switching method provided by the invention and system are integrated with encryption attribute and identity ciphering, have following advantage: 1, relatively traditional public key cryptography, and the method and system need not complicated public key certificate management and differentiate; 2, owing to only having the user who satisfies corresponding authentication access structure could set up consistent session key with the user with identity, thereby realized the implicit expression key authentication, and realized to the side's real name of communicating by letter, to authentication and the session key exchange mode of communication the opposing party anonymity, satisfied growing personal secrets application demand, as transmit leg/recipient's anonymous communication and anonymous access control etc.; 3, owing to being to adopt one to take turns alternately, thereby greatly reduced the expense of time of implementation and the traffic.
Description of drawings
Fig. 1 is the flow chart of authenticate key switching method provided by the invention;
Fig. 2 is in the present invention, the interaction figure of the first authenticate key exchange side and the second authenticate key exchange side;
Fig. 3 is the structure chart of authenticate key switching system provided by the invention;
Fig. 4 is in Fig. 3, the structure chart of initialization unit;
Fig. 5 is in Fig. 3, the structure chart of the first authenticate key exchange side and the second authenticate key exchange side;
Fig. 6 is in the present invention's one example, the structure chart of Internet of Things Mobile RFID system.
Embodiment
In order to make purpose of the present invention, technical scheme and advantage clearer, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, is not intended to limit the present invention.
Problem for prior art exists the present invention proposes a kind of authenticate key switching method, and the method is integrated with encryption attribute and identity ciphering, and adopts one to take turns interactive mode.
Fig. 1 shows the flow process of authenticate key switching method provided by the invention, comprising:
Step S1: calculate the property set private key of the identity public key of identity ciphering public keys, the first authenticate key exchange side and identity private key, the second authenticate key exchange side, and set up common parameter.Step S1 further comprises:
Step S11: utilize given security parameter λ, setting up rank is the first Bilinear Groups G of prime number p
0, the second double line group G
1With the 3rd Bilinear Groups G
2, and the bilinear map e:G that sets up non degenerate and can effectively calculate
0* G
1→ G
2Afterwards, from the first Bilinear Groups G
0Generator in choose at random the first generator g and the second generator P, and satisfy g ≠ P; From the second double line group G
1Generator in choose at random the 3rd generator h.Wherein, the position of prime number p is long is the λ bit.
Step S12: choose the first hash function
The second hash function H
1: { 0,1}
*→ G
1 *With the 3rd hash function H
2: G
2→ { 0,1}
λChoose at random afterwards
And α ≠ γ, wherein,
The multiplication of integers group of expression mould p.
Step S13: calculate identity ciphering public keys P
pub=P
α
Step S14: utilize given required attribute space U={a
1..., a
MAnd the maximum authorization set attribute of given access structure number m(2≤m≤M), set up common parameter
Wherein, u=g
α γ, v=e (g
α, h), set
And in D, element is unequal mutually, and note set D
i={ d
1..., d
i(1≤i≤m-1),
And
Set
Step S15: the identity public key that calculates the first authenticate key exchange side
And identity private key
Wherein, the open identity ID of the first authenticate key exchange side
S∈ { 0,1}
*
Step S16: the property set private key that calculates the second authenticate key exchange side
Wherein, A
CBe the property set of the second authenticate key exchange side, and have
Step S2: service authentication request and authenticate key exchange message that the first authenticate key exchange root sends according to common parameter and the second authenticate key exchange side, determine corresponding thresholding access structure, calculate ciphertext, and calculate first in conjunction with identity private key and share session key, the second authenticate key exchange root calculates second according to thresholding access structure, identity public key, identity ciphering public keys, ciphertext, property set private key and shares session key.As shown in Figure 2, step S2 further comprises:
Step S21: the second authenticate key exchange side chooses the first temporary private
Calculate the authenticate key exchange message according to the first temporary private
And send service authentication request and authenticate key exchange message to described the first authenticate key exchange side.
Step S22: the first authenticate key exchange root is determined corresponding thresholding access structure (A according to the service authentication request
S, t) as certification policy.Wherein,
And 1≤t≤s=|A
S|≤m.
Step S23: the first authenticate key exchange side chooses the second temporary private
According to thresholding access structure, the second temporary private and common parameter, calculate ciphertext.
In the present invention, ciphertext comprises the first ciphertext C
1With the second ciphertext C
2, and
Wherein, calculating the second ciphertext C
2The time, need index is launched, utilize afterwards common parameter
In
Calculate.
Step S24: fit part of private key of the first authenticate key exchange reef knot calculates first and shares session key
Step S25: first authenticate key change of direction the second authenticate key exchange side sends ciphertext and thresholding access structure.
Step S26: the second authenticate key exchange root judges that according to the thresholding access structure whether property set AC satisfies access structure, namely judges A
CWhether satisfy | A
C∩ A
S| 〉=t is execution in step S27, otherwise stops authentication.
Step S27: the second authenticate key exchange root calculates second and shares session key according to identity public key, identity ciphering public keys, ciphertext, property set private key.
In the present invention, step S27 comprises again following substep:
Step S271: choose set C
S, satisfy
And | C
S|=t.
Step S272: according to aggregating algorithm, calculate
Wherein, W is
The array that set element forms, B is
The array that set element forms.The following a kind of optimal way that shows aggregating algorithm:
Step S273: calculate
Step S274: definition
By in the property set private key of the second authenticate key exchange side
The private key composition calculates
Step S275: calculate
Step S276: calculate
Step S277: calculate
Further, after step S2, the present invention can also comprise:
In the present invention, it is identical that the first shared session key and second is shared session key, and its consistency is described as follows:
Fig. 3 shows the structure of authenticate key switching system provided by the invention, for convenience of explanation, only shows part related to the present invention.
Specifically, authenticate key switching system provided by the invention comprises: initialization unit 11, the identity public key and identity private key, the authenticate key that are used for calculating identity ciphering public keys, authenticate key exchange one side exchange the opposing party's property set private key, and set up common parameter; The first authenticate key exchange side 12 as authenticate key exchange one side, be used for service authentication request and authenticate key exchange message according to common parameter and authenticate key exchange the opposing party transmission, determine corresponding thresholding access structure, calculate ciphertext, and calculate first in conjunction with identity private key and share session key; The second authenticate key exchange side 13 as authenticate key exchange the opposing party, be used for sending service authentication request and authenticate key exchange message to the first authenticate key exchange side 12, and according to thresholding access structure, identity public key, identity ciphering public keys, ciphertext, the shared session key of property set private key calculating second.
As shown in Figure 4, initialization unit 11 can comprise: first chooses module 111, is used for utilizing given security parameter λ, and setting up rank is the first Bilinear Groups G of prime number p
0, the second double line group G
1With the 3rd Bilinear Groups G
2, and the bilinear map e:G that sets up non degenerate and can effectively calculate
0* G
1→ G
2, afterwards, from the first Bilinear Groups G
0Generator in choose at random the first generator g and the second generator P, and satisfy g ≠ P; From the second double line group G
1Generator in choose at random the 3rd generator h, wherein, prime number p the position long be the λ bit; Second chooses module 112, is used for choosing the first hash function
The second hash function H
1: { 0,1}
*→ G
1 *With the 3rd hash function H
2: G
2→ { 0,1}
λ, choose at random afterwards
And α ≠ γ; The first computing module 113 is used for calculating identity ciphering public keys P
pub=P
αSet up module 114, be used for utilizing given required attribute space U={a
1..., a
MAnd the maximum authorization set attribute of given access structure number m(2≤m≤M), set up common parameter
Wherein, u=g
α γ, v=e (g
α, h), set
And in D, element is unequal mutually, and is designated as D
i={ d
1..., d
i(1≤i≤m-1),
And
Set
The second computing module 115 be used for to calculate the identity public key of the first authenticate key exchange side
And identity private key
Wherein, the open identity ID of the first authenticate key exchange side
S∈ { 0,1}
*The 3rd computing module 116 be used for to calculate the property set private key of the second authenticate key exchange side
Wherein, A
CBe the property set of the second authenticate key exchange side, and have
As shown in Figure 5, the first authenticate key exchange side 12 can comprise: the thresholding access structure is confirmed module 121, is used for according to the service authentication request, determines corresponding thresholding access structure (A
S, t) as certification policy, wherein,
And 1≤t≤s=|A
S|≤m; The 4th computing module 122 is used for according to thresholding access structure and common parameter, calculates ciphertext, to the description of this ciphertext and computational methods as mentioned above, is not repeated herein; The 5th computing module 123 is used for calculating first in conjunction with identity private key and shares session key
The first sending module 124 is used for sending ciphertext and thresholding access structure to the second authenticate key exchange side.
As shown in Figure 5, the second authenticate key exchange side 13 can comprise: the second sending module 131, be used for sending service authentication request and authenticate key exchange message to the first authenticate key exchange side, the description of this authenticate key exchange message is not repeated herein as mentioned above; Judge module 133 is used for according to the thresholding access structure, judgement property set A
CWhether satisfy access structure, namely judge A
CWhether satisfy | A
C∩ A
S| 〉=t; The 6th computing module 132 is used for as judge module 133 judgement property set A
CWhen satisfying access structure, according to identity public key, identity ciphering public keys, ciphertext, property set private key, calculate second and share session key.Wherein, as above step S271 is described to step S278 for the process of the 6th computing module 132 calculating the second shared session keys, is not repeated herein.
Due in the prior art, Internet of Things Mobile RFID system is widely applied in fields such as identification automatically, mobile payment, information inquiries, also brought serious personal secrets problem in the user friendly while, for example, the information of RFID tag is maliciously followed the tracks of and is monitored etc. by information service provider by mobile communication terminal in unauthorized access, system, therefore, be necessary application authorization key exchange method and system in Internet of Things Mobile RFID system, to set up safe communication link.The below is the above-mentioned authenticate key switching method of explanation and system as an example of Internet of Things Mobile RFID system example just:
As shown in Figure 6, this Internet of Things Mobile RFID system comprises at least: mobile communication terminal, privacy management service system and information service system, realize interconnected by mobile network or other wireless network between the three.Wherein, mobile communication terminal is equivalent to the second authenticate key exchange side, and it has been embedded in the radio-frequency identification reader/writer chip; Information service system as the service background of mobile communication terminal, can be for example electronic product code information service system (Electronic Product Code Information Services, EPCIS), and it is equivalent to the first authenticate key exchange side; Be integrated with above-mentioned initialization unit 11 in the privacy management service system.
At first, the initialization unit 11 in the privacy management service system is carried out above-mentioned steps S1, realizes system initialization, is not repeated herein.Wherein, in initialization unit 11 processes, thresholding access structure (A
S, be t) that the owner of electronic product code label is according to label information COS S
TYPEThe access control policy of customization.
Afterwards, before carrying out reliable communication, mobile communication terminal sends service authentication request and authenticate key exchange message to information service system, and this service authentication request comprises electronic product code and label information thereof.Information service system is determined the thresholding access structure after receiving service authentication request and authenticate key exchange message, calculate ciphertext, and calculates first and share session key, its computational process as above step S23 and step S24 described, be not repeated herein.
Afterwards, information service system sends to mobile communication terminal with thresholding access structure, ciphertext, and mobile communication terminal is according to as above step S26 is to step S27, and session key is shared in calculating second.
In this example, only have the mobile communication terminal user that satisfies corresponding access control policy and the real information service system of the required access of user, could set up consistent session key, thereby realized the implicit expression key authentication between mobile communication terminal user and information service system, both sides use session key to carry out corresponding information service subsequently, thereby have guaranteed information integrity and confidentiality; In addition, mobile communication terminal user registers and obtains its property set private key with true identity in the privacy management service system, carry out attribute deciphering and session key according to access structure in the authenticate key exchange process, thereby gain access, therefore, assailant and information service system can't be obtained personal part really of mobile communication terminal user, can only obtain the fuzzy identity (being the part property set) of mobile communication terminal user from access structure, realize the anonymity of mobile communication terminal user.
In sum, authenticate key switching method provided by the invention and system are integrated with encryption attribute and identity ciphering, have following advantage: 1, relatively traditional public key cryptography, and the method and system need not complicated public key certificate management and differentiate; 2, owing to only having the user who satisfies corresponding authentication access structure could set up consistent session key with the user with identity, thereby realized the implicit expression key authentication, and realized to the side's real name of communicating by letter, to authentication and the session key exchange mode of communication the opposing party anonymity, satisfied growing personal secrets application demand, as transmit leg/recipient's anonymous communication and anonymous access control etc.; 3, owing to being to adopt one to take turns alternately, thereby greatly reduced the expense of time of implementation and the traffic; 4, there is certain deviation in the property set that uses due to the ciphertext policy attribute cryptographic algorithm Password-Enabled side of thresholding access structure and deciphering side, thereby easily realizes access control policy flexibly, more can effectively protect deciphering person's privacy of identities.
One of ordinary skill in the art will appreciate that all or part of step that realizes in above-described embodiment method is can control relevant hardware by program to complete, described program can be in being stored in a computer read/write memory medium, described storage medium is as ROM/RAM, disk, CD etc.
The above is only preferred embodiment of the present invention, not in order to limiting the present invention, all any modifications of doing within the spirit and principles in the present invention, is equal to and replaces and improvement etc., within all should being included in protection scope of the present invention.
Claims (9)
1. an authenticate key switching method, is characterized in that, described method comprises:
Step S1: calculate the property set private key of the identity public key of identity ciphering public keys, the first authenticate key exchange side and identity private key, the second authenticate key exchange side, and set up common parameter;
Step S2: service authentication request and authenticate key exchange message that described the first authenticate key exchange root sends according to described common parameter and described the second authenticate key exchange side, determine corresponding thresholding access structure, calculate ciphertext, and calculate first in conjunction with described identity private key and share session key, described the second authenticate key exchange root calculates second according to described thresholding access structure, described identity public key, described identity ciphering public keys, described ciphertext, described property set private key and shares session key.
2. authenticate key switching method as claimed in claim 1, is characterized in that, described step S1 comprises:
Step S11: utilize given security parameter λ, setting up rank is the first Bilinear Groups G of prime number p
0, the second double line group G
1With the 3rd Bilinear Groups G
2, and the bilinear map e:G that sets up non degenerate and can effectively calculate
0* G
1→ G
2, afterwards, from described the first Bilinear Groups G
0Generator in choose at random the first generator g and the second generator P, and satisfy g ≠ P, from described the second double line group G
1Generator in choose at random the 3rd generator h, described prime number p the position long be the λ bit;
Step S12: choose the first hash function
The second hash function H
1: { 0,1}
*→ G
1 *With the 3rd hash function H
2: G
2→ { 0,1}
λ, choose at random afterwards
And α ≠ γ, wherein,
The multiplication of integers group of expression mould p;
Step S13: calculate identity ciphering public keys P
pub=P
α
Step S14: utilize given required attribute space U={a
1..., a
MAnd the maximum authorization set attribute of given access structure number m(2≤m≤M), set up common parameter
Wherein, u=g
α γ, v=e (g
α, h), set
And in D, element is unequal mutually, and note set D
i={ d
1..., d
i(1≤i≤m-1),
And
Set
Step S15: the identity public key that calculates described the first authenticate key exchange side
And identity private key
Wherein, the open identity ID of described the first authenticate key exchange side
S∈ { 0,1}
*
3. authenticate key switching method as claimed in claim 2, is characterized in that, described step S2 comprises:
Step S21: described the second authenticate key exchange side chooses the first temporary private, calculates the authenticate key exchange message according to described the first temporary private, and sends service authentication request and authenticate key exchange message to described the first authenticate key exchange side;
Step S22: described the first authenticate key exchange root is determined corresponding thresholding access structure (A according to described service authentication request
S, t), wherein,
And 1≤t≤s=|A
S|≤m;
Step S23: described the first authenticate key exchange side chooses the second temporary private, and according to described thresholding access structure, the second temporary private and described common parameter, calculates ciphertext;
Step S24: described the first authenticate key exchange reef knot closes described identity private key and calculates the first shared session key
Step S25: described the first authenticate key change of direction described the second authenticate key exchange side sends described ciphertext and described thresholding access structure;
Step S26: described the second authenticate key exchange root is according to described thresholding access structure, judges the property set A of described the second authenticate key exchange side
CWhether satisfy | A
C∩ A
S| 〉=t;
Step S27: the property set A when described the second authenticate key exchange side of judgement
CSatisfy | A
C∩ A
S| during 〉=t, described the second authenticate key exchange root calculates second and shares session key according to described identity public key, described identity ciphering public keys, described ciphertext, described property set private key.
6. authenticate key switching method as claimed in claim 3, is characterized in that, described step S27 comprises:
Step S272: according to aggregating algorithm, calculate
Wherein, W is
The array that set element forms, B is
The array that set element forms;
Step S273: calculate
Step S274: definition
By in the described property set private key of described the second authenticate key exchange side
The private key composition calculates
Step S276: calculate
Step S277: calculate
7. an authenticate key switching system, is characterized in that, described system comprises:
Initialization unit, the identity public key and identity private key, the authenticate key that are used for calculating identity ciphering public keys, authenticate key exchange one side exchange the opposing party's property set private key, and set up common parameter;
The first authenticate key exchange side as described authenticate key exchange one side, be used for service authentication request and authenticate key exchange message according to described common parameter and described authenticate key exchange the opposing party transmission, determine corresponding thresholding access structure, calculate ciphertext, and calculate first in conjunction with identity private key and share session key;
The second authenticate key exchange side as described authenticate key exchange the opposing party, be used for sending described service authentication request and described authenticate key exchange message to described the first authenticate key exchange side, and according to described thresholding access structure, described identity public key, described identity ciphering public keys, described ciphertext, the shared session key of described property set private key calculating second.
8. authenticate key switching system as claimed in claim 7, is characterized in that, described the first authenticate key exchange side comprises:
The thresholding access structure is confirmed module, is used for according to described service authentication request, determines corresponding thresholding access structure;
The 4th computing module is used for choosing the second temporary private, and according to described thresholding access structure, the second described common parameter of temporary private, calculates ciphertext;
The 5th computing module is used for calculating first in conjunction with described identity private key and shares session key;
The first sending module is used for sending described ciphertext and described thresholding access structure to described the second authenticate key exchange side;
Described the second authenticate key exchange side comprises:
The second sending module is used for sending described service authentication request and described authenticate key exchange message to described the first authenticate key exchange side;
Judge module is used for according to described thresholding access structure, judges whether the property set of described the second authenticate key exchange side satisfies access structure;
The 6th computing module, be used for when described judge module judges that the property set of described the second authenticate key exchange side satisfies access structure, according to described identity public key, described identity ciphering public keys, described ciphertext, described property set private key, calculate second and share session key.
9. authenticate key switching system as claimed in claim 7 or 8, it is characterized in that, described the second authenticate key exchange side is in Internet of Things Mobile RFID system, be embedded with the mobile communication terminal of radio-frequency identification reader/writer chip, described the first authenticate key exchange side is the information service system in described Internet of Things Mobile RFID system, and described initialization unit is built in privacy management service system in described Internet of Things Mobile RFID system.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310005726XA CN103118009A (en) | 2013-01-08 | 2013-01-08 | Authentication key exchange method and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310005726XA CN103118009A (en) | 2013-01-08 | 2013-01-08 | Authentication key exchange method and system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN103118009A true CN103118009A (en) | 2013-05-22 |
Family
ID=48416283
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310005726XA Pending CN103118009A (en) | 2013-01-08 | 2013-01-08 | Authentication key exchange method and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103118009A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103391193A (en) * | 2013-07-25 | 2013-11-13 | 中国科学院信息工程研究所 | Method for detecting bit security of public key cryptosystem |
CN106105137A (en) * | 2014-03-05 | 2016-11-09 | 高通股份有限公司 | Terminal use is used to combine the destruction logging in detection key exchange encryption channel |
CN111052672A (en) * | 2017-09-21 | 2020-04-21 | 华为技术有限公司 | Secure key transfer protocol without certificate or pre-shared symmetric key |
CN113761592A (en) * | 2021-08-18 | 2021-12-07 | 淮阴工学院 | Fuzzy identity-based data integrity detection method in cloud storage |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101282216A (en) * | 2007-04-02 | 2008-10-08 | 中国科学院研究生院 | Method for switching three-partner key with privacy protection based on password authentication |
US20110051912A1 (en) * | 2009-08-28 | 2011-03-03 | Sundaram Ganapathy S | Secure Key Management in Conferencing System |
-
2013
- 2013-01-08 CN CN201310005726XA patent/CN103118009A/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101282216A (en) * | 2007-04-02 | 2008-10-08 | 中国科学院研究生院 | Method for switching three-partner key with privacy protection based on password authentication |
US20110051912A1 (en) * | 2009-08-28 | 2011-03-03 | Sundaram Ganapathy S | Secure Key Management in Conferencing System |
Non-Patent Citations (3)
Title |
---|
HONGWEI LIU ETC.: "A General Threshold Encryption Scheme Based on", 《IEEE》, 23 June 2011 (2011-06-23) * |
朱炜玲等: "物联网移动RFID系统匿名访问控制认证密钥交换协议", 《信号处理》, vol. 28, no. 11, 30 November 2012 (2012-11-30) * |
魏江宏等: "多属性机构环境下的属性基认证密钥交换协议", 《电子与信息学报》, vol. 34, no. 2, 29 February 2012 (2012-02-29) * |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103391193A (en) * | 2013-07-25 | 2013-11-13 | 中国科学院信息工程研究所 | Method for detecting bit security of public key cryptosystem |
CN103391193B (en) * | 2013-07-25 | 2016-03-16 | 中国科学院信息工程研究所 | A kind of bit security detection method of common key cryptosystem |
CN106105137A (en) * | 2014-03-05 | 2016-11-09 | 高通股份有限公司 | Terminal use is used to combine the destruction logging in detection key exchange encryption channel |
CN111052672A (en) * | 2017-09-21 | 2020-04-21 | 华为技术有限公司 | Secure key transfer protocol without certificate or pre-shared symmetric key |
CN113761592A (en) * | 2021-08-18 | 2021-12-07 | 淮阴工学院 | Fuzzy identity-based data integrity detection method in cloud storage |
CN113761592B (en) * | 2021-08-18 | 2024-02-23 | 淮阴工学院 | Fuzzy identity-based data integrity detection method in cloud storage |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108566375A (en) | The method, terminal and storage medium of message communicating between multiterminal based on block chain | |
CN105245326B (en) | A kind of smart grid security communication means based on combination pin | |
Sanjuan et al. | Message queuing telemetry transport (MQTT) security: A cryptographic smart card approach | |
CN110011795A (en) | Symmetric group cryptographic key negotiation method based on block chain | |
CN104685826A (en) | Input consistency verification for two-party secure function evaluation | |
CN106845304A (en) | A kind of method and system for realizing reader and smart-tag authentication in rfid system | |
CN108924147A (en) | Method, server and the communication terminal that communication terminal digital certificate is signed and issued | |
CN102594551B (en) | Method for reliable statistics of privacy data on radio frequency identification (RFID) tag | |
CN103281194A (en) | Safe and lightweight class RFID ownership transferring method based on bilinear pairings | |
CN109243020A (en) | A kind of smart lock identity identifying method based on no certificate | |
CN100495964C (en) | A light access authentication method | |
CN105635135A (en) | Encryption system based on attribute sets and relational predicates and access control method | |
CN108199850A (en) | A kind of Anonymous Secure certifiede-mail protocol method for NFC | |
CN110380845A (en) | Quantum secret communication alliance chain method of commerce based on group's pool of symmetric keys, system, equipment | |
CN110046906A (en) | A kind of the two-way authentication method of commerce and system of MPOS machine and server | |
CN103118009A (en) | Authentication key exchange method and system | |
CN105376064A (en) | Anonymous message authentication system and message signing method thereof | |
CN110224816A (en) | Anti- quantum calculation application system and short distance energy-saving communication method and computer equipment based on key card and sequence number | |
CN103155480A (en) | Authentication device, authentication method, and program | |
CN108566385A (en) | The mutual authentication method of efficient secret protection based on cloud | |
Wang et al. | PANDA: Lightweight non-interactive privacy-preserving data aggregation for constrained devices | |
CN104320249B (en) | A kind of elastoresistance leakage encryption method of identity-based | |
Wu et al. | EBSS: A secure blockchain-based sharing scheme for real estate financial credentials | |
CN101521571B (en) | Method for authenticating safety unit and server side of mobile hardware | |
CN106230840A (en) | A kind of command identifying method of high security |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20130522 |