CN103414559A - Identity authentication method based on IBE-like system in cloud computing environment - Google Patents

Identity authentication method based on IBE-like system in cloud computing environment Download PDF

Info

Publication number
CN103414559A
CN103414559A CN201310188994XA CN201310188994A CN103414559A CN 103414559 A CN103414559 A CN 103414559A CN 201310188994X A CN201310188994X A CN 201310188994XA CN 201310188994 A CN201310188994 A CN 201310188994A CN 103414559 A CN103414559 A CN 103414559A
Authority
CN
China
Prior art keywords
pub
eid
ciphertext
hash
following formula
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201310188994XA
Other languages
Chinese (zh)
Other versions
CN103414559B (en
Inventor
江枚元
凌捷
柳毅
钟奇
郭圣昌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
GuangZhou ZhongChangKangDa Information Technology Co Ltd
Guangdong University of Technology
Original Assignee
GuangZhou ZhongChangKangDa Information Technology Co Ltd
Guangdong University of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by GuangZhou ZhongChangKangDa Information Technology Co Ltd, Guangdong University of Technology filed Critical GuangZhou ZhongChangKangDa Information Technology Co Ltd
Priority to CN201310188994.XA priority Critical patent/CN103414559B/en
Publication of CN103414559A publication Critical patent/CN103414559A/en
Application granted granted Critical
Publication of CN103414559B publication Critical patent/CN103414559B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Abstract

The invention discloses an identity authentication method based on an IBE-like system in a cloud computing environment. The identity authentication method includes that a client obtains identity information and passwords of a registered user; the client initializes system parameters; registration data, a signature message and other parameters are sent to a cloud server; the cloud server verifies the signature message; the received registration information is verified; the cloud server generates summary information based on the registration data; after a comprehensive treatment of the summary information, an encrypted ciphertext is obtained and is sent to the client; and after the client receives the encrypted ciphertext, the encrypted ciphertext is decrypted and verified. According to the invention, security issues brought by key escrow, key distribution and the like are avoided with high reliability; meanwhile, a dual signature authentication mode is used for authentication in the certification process, avoiding loopholes caused by one-way authentication and improving security; and response is fast, bandwidth utilization rate is high, and the identity authentication method can be widely used for authentication in the cloud computing environment.

Description

The identity identifying method based on class IBE system under a kind of cloud computing environment
Technical field
The present invention relates to a kind of identity identifying method, particularly the identity identifying method based on class IBE system under a kind of cloud computing environment.
Background technology
In traditional IBE system, the most important thing is PKG(Private Key Generator), it is the private key generating center, PKG is after receiving user's identity information, according to user's identity information, use master key as the user, to produce the key that comprises accordingly public private key pair, and by trusted channel, private key is transmitted to the user.The identity identifying method of this pattern, private key for user is produced and is forwarded by the third-party institution, caused the safe trust problem of key distribution and trustship, thereby key management becomes the most thorny issue.And under cloud computing environment, when the user carries out data interaction by user side and cloud service end, if adopt the identity identifying method of this pattern, need to introduce third party's trust authority, will bring the problems such as huge authentication, key distribution and key escrow, improved the complexity of cloud computing process, also increased simultaneously the traffic overhead of proof procedure, affect efficiency and the quality of cloud computing, and, the storage of key data and management have also been brought to insecurity.
Summary of the invention
In order to solve above-mentioned technical problem, the purpose of this invention is to provide efficient, high reliability under a kind of cloud computing environment and the identity identifying method based on class IBE system of safety.
The technical solution adopted for the present invention to solve the technical problems is:
The identity identifying method based on class IBE system under a kind of cloud computing environment comprises:
S1, user side obtain registered user's identity information M IdAnd password code password, and, after password code is carried out to the computing of Hash hash, obtain hash password code Pwd;
S2, user side carry out the system parameters initialization, obtain registered user's master key S and system parameters T, and then generate the first PKI EID UWith the first private key d eid
S3, by registered user's log-on message M kCarry out the computing of Hash hash, generate the first ciphertext summary DK s, and then coupling system parameter T and the first private key d eidAfter generating signature message DK, by log-on data M reg, the first PKI EID U, the first ciphertext summary DK sDK sends to the cloud service end with the signature message;
S4, cloud service end are verified signature message DK, if be verified, continue execution step S5, otherwise finish;
S5, the log-on message M to receiving kAfter carrying out the computing of Hash hash, whether the result that checking obtains equals the first ciphertext summary DK sIf,, continue execution step S6, otherwise finish;
S6, cloud service end are according to log-on data M regGenerate the first encryption parameter RU pubWith the second private key RU PE, and produce one for this registered user being carried out to the identification code λ of identify label, then to the first encryption parameter RU pubAfter with identification code λ, carrying out the computing of Hash hash, obtain summary info D;
S7, employing the first encryption parameter RU pubWith the second private key RU PEAfter summary info D is encrypted, obtain the second summary ciphertext DS, and then adopt the first PKI EID UTo the second summary ciphertext DS, the first encryption parameter RU pubAfter with identification code λ, being encrypted, obtain encrypting ciphertext FS, and will encrypt ciphertext FS and send to user side;
S8, user side adopt the first private key d after receiving and encrypting ciphertext FS eidTo encrypting ciphertext FS, be decrypted, reduction obtains the second summary ciphertext DS, the first encryption parameter RU pubWith identification code λ, then adopt the first encryption parameter RU pubWith the first PKI EID UAfter the second summary ciphertext DS is decrypted, obtain summary info D;
S9, user side are to the first encryption parameter RU pubAfter with identification code λ, carrying out the computing of Hash hash, whether the result that obtains of checking equals summary info D, if, authentication success;
Described log-on message M kComprise identity information M IdWith hash password code Pwd, described log-on data M regComprise identity information M Id, hash password code Pwd and system parameters T.
Further, described step S2 comprises:
S21, obtain a finite field Fp who is characterized as prime number p, and on finite field Fp, choose field element a, b, make field element a, and b meets the equation of elliptic curve E (Fp):
Y 3=x 2+ ax+b (modp), wherein 4a 3+ 27b 2≠ 0 (modp);
S22, on elliptic curve E (Fp), choose a basic point G, and calculate the rank q of basic point G, and then calculate respectively two q rank group G that G is ordered 1And G 2, G 1And G 2Meet following bilinear map condition:
G 1×G 1→G 2
S23, the rank #E (Fp) that adopts following formula to calculate elliptic curve E (Fp) remove the business h obtained in the rank of basic point G q:
h=#E(F p)/q
Wherein, business h meets h≤4, and #E (Fp), p, q meet the following conditions:
# E ( Fp ) ≠ p # p t ≠ 1 ( mod q ) p = 2 mod 3 p = 6 q - 1
In following formula, t is constant, and 1≤t<20;
S24, generation the first random number S and satisfied
Figure DEST_PATH_GDA0000379948440000041
S is registered user's master key, and calculates the second encryption parameter: P pub=SG, and then choose 4 hash function H, Q, H 1And Q 1:
H : F p 2 &RightArrow; { 0,1 } n ,
Q : { 0,1 } n &RightArrow; F p 2 ,
H 1:{0,1} n×{0,1} n→F q
Q 1:{0,1} n→{0,1} n
Wherein,
Figure BDA00003217893600044
Be a finite group and
Figure BDA00003217893600045
N is natural number;
S25, according to following formula, can obtain system parameters T and be:
T=(p,a,b,G,p pub,q,h,H,Q,H 1,Q 1);
Simultaneously can obtain message space M is M={0,1} n, cryptogram space C is C=G 1* { 0,1} n
S26, according to identity information M IdGenerate the first PKI EID U, and then by the first PKI EID UBe mapped to a some E on elliptic curve E (Fp) p, and calculate the first PKI d eid: d eid=sE p.
Further, described step S3 comprises:
S31, according to the log-on message M of following formula by the registered user kCarry out the computing of Hash hash, generate the first ciphertext summary DK s:
DK S=Hash(M k<M id,Pwd>);
S32, choose an integer k, k satisfies condition: 0<k<n;
S33, calculate β according to following formula, if the result obtained is β=0, return to step S32, on the contrary execution step S34:
kG = ( x 1 , y 1 ) &beta; = x 1 mod n ;
S34, calculate ω according to following formula, if the result obtained is ω=0, return to step S32, on the contrary execution step S35:
K * = k - 1 mod n &omega; = K * { DK S + d eid } mod n ;
S35, the message DK=(β, ω) that obtains signing, and then by log-on data M reg, the first PKI EID U, the first ciphertext summary DK sDK sends to the cloud service end with the signature message.
Further, described step S4 comprises:
Whether S41, judgement signature message DK meet the following conditions:
&beta; > 0 &omega; < n ,
If continue execution step S42, otherwise finish;
S42, calculate w according to following formula:
u = &omega; - 1 mod n &mu; 1 = ( DK S u ) mod n &mu; 2 = ( &beta;u ) mod n &mu; 1 G + &mu; 2 EID U = ( x 0 , y 0 ) w = x 0 mod n
S43, judge whether w equals β, if, be verified, continue execution step S5, otherwise finish.
Further, described step S6 comprises:
S61, cloud service end are chosen the second random number R cAfter master key S' as this registered user's interactive authentication, adopt following formula in conjunction with log-on data M regIn system parameters T generate the first encryption parameter RU pub: RU pub=R cG;
S62, by the first PKI EID UBe mapped to a some EID on elliptic curve E (Fp) pAfter, according to following formula, calculate the second private key RU PE: RU PE=R cEID p
S63, cloud service end produce one for this registered user being carried out to the identification code λ of identify label, then according to following formula to the first encryption parameter RU pubAfter with identification code λ, carrying out the computing of Hash hash, obtain summary info D:
D = Hash ( RU pub , &lambda; ) .
Further, described step S7 comprises:
S71, adopt the first encryption parameter RU according to following formula pubWith the second private key RU PEAfter being encrypted, summary info D obtains the second summary ciphertext DS:
DS = EC ( D , r , RU pub , RU pE )
Wherein, r=H 1(σ, D), and σ is the first random train;
S72, adopt the first PKI EID according to following formula UTo the second summary ciphertext DS, the first encryption parameter RU pubAfter with identification code λ, being encrypted, after obtaining encrypting ciphertext FS, and will encrypting ciphertext FS and send to user side:
FS = EC ( DS , RU pub , &lambda; , EID U , R , P pub )
Wherein, R=H 1(π, DS, RU pub, λ), π is the second random train, P pubFor the second encryption parameter in system parameters T.
Further, described step S8 comprises:
S81, user side adopt the first private key d according to following formula after receiving and encrypting ciphertext FS eidTo encrypting ciphertext FS, be decrypted, reduction obtains the second summary ciphertext DS, the first encryption parameter RU pubWith identification code λ: (DS, RU pub, λ)=DC (P pub, d eid, FS);
S82, adopt the first encryption parameter RU according to following formula pubWith the first PKI EID UAfter the second summary ciphertext DS is decrypted, obtain summary info D:D=DC (RU pub, DS, EID U).
The invention has the beneficial effects as follows: the identity identifying method based on class IBE system under a kind of cloud computing environment of the present invention, do not need third party's trust authority such as PKG, adopt user side directly and the cloud service end mode of carrying out communication carry out authentication, reduced the complexity that authentication brings to the cloud computing process, reduced expense, the safety problem of having avoided key escrow, key distribution etc. to bring, have high reliability.And in verification process, adopted the two-way signature authentication mode to authenticate, and avoided the leak caused due to unilateral authentication, improved fail safe, and fast response time, bandwidth availability ratio is high.
Embodiment
The invention provides the identity identifying method based on class IBE system under a kind of cloud computing environment, comprising:
S1, user side obtain registered user's identity information M IdAnd password code password, and, after password code is carried out to the computing of Hash hash, obtain hash password code Pwd;
S2, user side carry out the system parameters initialization, obtain registered user's master key S and system parameters T, and then generate the first PKI EID UWith the first private key d eid
S3, by registered user's log-on message M kCarry out the computing of Hash hash, generate the first ciphertext summary DK s, and then coupling system parameter T and the first private key d eidAfter generating signature message DK, by log-on data M reg, the first PKI EID U, the first ciphertext summary DK sDK sends to the cloud service end with the signature message;
S4, cloud service end are verified signature message DK, if be verified, continue execution step S5, otherwise finish;
S5, the log-on message M to receiving kAfter carrying out the computing of Hash hash, whether the result that checking obtains equals the first ciphertext summary DK sIf,, continue execution step S6, otherwise finish;
S6, cloud service end are according to log-on data M regGenerate the first encryption parameter RU pubWith the second private key RU PE, and produce one for this registered user being carried out to the identification code λ of identify label, then to the first encryption parameter RU pubAfter with identification code λ, carrying out the computing of Hash hash, obtain summary info D;
S7, employing the first encryption parameter RU pubWith the second private key RU PEAfter summary info D is encrypted, obtain the second summary ciphertext DS, and then adopt the first PKI EID UTo the second summary ciphertext DS, the first encryption parameter RU pubAfter with identification code λ, being encrypted, obtain encrypting ciphertext FS, and will encrypt ciphertext FS and send to user side;
S8, user side adopt the first private key d after receiving and encrypting ciphertext FS eidTo encrypting ciphertext FS, be decrypted, reduction obtains the second summary ciphertext DS, the first encryption parameter RU pubWith identification code λ, then adopt the first encryption parameter RU pubWith the first PKI EID UAfter the second summary ciphertext DS is decrypted, obtain summary info D;
S9, user side are to the first encryption parameter RU pubAfter with identification code λ, carrying out the computing of Hash hash, whether the result that obtains of checking equals summary info D, if, authentication success;
Described log-on message M kComprise identity information M IdWith hash password code Pwd, described log-on data M regComprise identity information M Id, hash password code Pwd and system parameters T.
Be further used as preferred embodiment, described step S2 comprises:
S21, obtain a finite field Fp who is characterized as prime number p, and on finite field Fp, choose field element a, b, make field element a, and b meets the equation of elliptic curve E (Fp):
Y 3=x 2+ ax+b (modp), wherein 4a 3+ 27b 2≠ 0 (modp);
S22, on elliptic curve E (Fp), choose a basic point G, and calculate the rank q of basic point G, and then calculate respectively two q rank group G that G is ordered 1And G 2, G 1And G 2Meet following bilinear map condition:
G 1×G 1→G 2
S23, the rank #E (Fp) that adopts following formula to calculate elliptic curve E (Fp) remove the business h obtained in the rank of basic point G q:
h=#E(F p)/q
Wherein, business h meets h≤4, and #E (Fp), p, q meet the following conditions:
# E ( Fp ) &NotEqual; p # p t &NotEqual; 1 ( mod q ) p = 2 mod 3 p = 6 q - 1
In following formula, t is constant, and 1≤t<20;
S24, generation the first random number S and satisfied
Figure DEST_PATH_GDA0000379948440000092
S is registered user's master key, and calculates the second encryption parameter: P pub=SG, and then choose 4 hash function H, Q, H 1And Q 1:
H : F p 2 &RightArrow; { 0,1 } n ,
Q : { 0,1 } n &RightArrow; F p 2 ,
H 1:{0,1} n×{0,1} n→F q
Q 1:{0,1} n→{0,1} n
Wherein,
Figure BDA00003217893600095
Be a finite group and
Figure BDA00003217893600096
N is natural number;
S25, according to following formula, can obtain system parameters T and be:
T=(p,a,b,G,p pub,q,h,H,Q,H 1,Q 1);
Simultaneously can obtain message space M is M={0,1} n, cryptogram space C is C=G 1* { 0,1} n
S26, according to identity information M IdGenerate the first PKI EID U, and then by the first PKI EID UBe mapped to a some E on elliptic curve E (Fp) p, and calculate the first PKI d eid: d eid=sE p.
Be further used as preferred embodiment, described step S3 comprises:
S31, according to the log-on message M of following formula by the registered user kCarry out the computing of Hash hash, generate the first ciphertext summary DK s:
DK S=Hash(M k<M id,Pwd>);
S32, choose an integer k, k satisfies condition: 0<k<n;
S33, calculate β according to following formula, if the result obtained is β=0, return to step S32, on the contrary execution step S34:
kG = ( x 1 , y 1 ) &beta; = x 1 mod n ;
S34, calculate ω according to following formula, if the result obtained is ω=0, return to step S32, on the contrary execution step S35:
K * = k - 1 mod n &omega; = K * { DK S + d eid } mod n ;
S35, the message DK=(β, ω) that obtains signing, and then by log-on data M reg, the first PKI EID U, the first ciphertext summary DK sDK sends to the cloud service end with the signature message.
Be further used as preferred embodiment, described step S4 comprises:
Whether S41, judgement signature message DK meet the following conditions:
&beta; > 0 &omega; < n ,
If continue execution step S42, otherwise finish;
S42, calculate w according to following formula:
u = &omega; - 1 mod n &mu; 1 = ( DK S u ) mod n &mu; 2 = ( &beta;u ) mod n &mu; 1 G + &mu; 2 EID U = ( x 0 , y 0 ) w = x 0 mod n
S43, judge whether w equals β, if, be verified, continue execution step S5, otherwise finish.
Be further used as preferred embodiment, described step S6 comprises:
S61, cloud service end are chosen the second random number R cAfter master key S' as this registered user's interactive authentication, adopt following formula in conjunction with log-on data M regIn system parameters T generate the first encryption parameter RU pub: RU pub=R cG;
S62, by the first PKI EID UBe mapped to a some EID on elliptic curve E (Fp) pAfter, according to following formula, calculate the second private key RU PE: RU PE=R cEID p
S63, cloud service end produce one for this registered user being carried out to the identification code λ of identify label, then according to following formula to the first encryption parameter RU pubAfter with identification code λ, carrying out the computing of Hash hash, obtain summary info D:
D=Hash(RU pub,λ)。
Be further used as preferred embodiment, described step S7 comprises:
S71, adopt the first encryption parameter RU according to following formula pubWith the second private key RU PEAfter being encrypted, summary info D obtains the second summary ciphertext DS:
DS=EC(D,r,RU pub,RU pE)
Wherein, r=H 1(σ, D), and σ is the first random train;
S72, adopt the first PKI EID according to following formula UTo the second summary ciphertext DS, the first encryption parameter RU pubAfter with identification code λ, being encrypted, after obtaining encrypting ciphertext FS, and will encrypting ciphertext FS and send to user side:
FS=EC(DS,RU pub,λ,EID U,R,P pub)
Wherein, R=H 1(π, DS, RU pub, λ), π is the second random train, P pubFor the second encryption parameter in system parameters T.
Be further used as preferred embodiment, described step S8 comprises:
S81, user side adopt the first private key d according to following formula after receiving and encrypting ciphertext FS eidTo encrypting ciphertext FS, be decrypted, reduction obtains the second summary ciphertext DS, the first encryption parameter RU pubWith identification code λ: (DS, RU pub, λ)=DC (P pub, d eid, FS);
S82, adopt the first encryption parameter RU according to following formula pubWith the first PKI EID UAfter the second summary ciphertext DS is decrypted, obtain summary info D:D=DC (RU pub, DS, EID U).
A specific embodiment of the present invention is as follows:
The identity identifying method based on class IBE system under a kind of cloud computing environment comprises:
S1, user side obtain registered user's identity information M IdAnd password code password, and, after password code is carried out to the computing of Hash hash, obtain hash password code Pwd; Pwd=Hash (password).
S2, user side carry out the system parameters initialization, obtain registered user's master key S and system parameters T, and then generate the first PKI EID UWith the first private key d eid:
S21, obtain a finite field Fp who is characterized as prime number p, and on finite field Fp, choose field element a, b, make field element a, and b meets the equation of elliptic curve E (Fp):
Y 3=x 2+ ax+b (modp), wherein 4a 3+ 27b 2≠ 0 (modp);
S22, on elliptic curve E (Fp), choose a basic point G, and calculate the rank q of basic point G, and then calculate respectively two q rank group G that G is ordered 1And G 2, G 1And G 2Meet following bilinear map condition:
G 1×G 1→G 2
The G point coordinates is: G=(x G, y G);
S23, the rank #E (Fp) that adopts following formula to calculate elliptic curve E (Fp) remove the business h obtained in the rank of basic point G q:
h=#E(F p)/q
Wherein, business h meets h≤4, and #E (Fp), p, q meet the following conditions:
# E ( Fp ) &NotEqual; p # p t &NotEqual; 1 ( mod q ) p = 2 mod 3 p = 6 q - 1
In following formula, t is constant, and 1≤t<20;
Formula p=2mod3 means that p asks the result of mould to equal 2 to 3, and in the related operation of elliptic curve, modulo operator number is to be placed on formula finally to locate, and the application also adopts this form, for example, and front formula 4a 3+ 27b 2≠ 0 (modp) means (4a 3+ 27b 2) to p, ask the result of mould to be not equal to 0;
S24, generation the first random number S and satisfied
Figure DEST_PATH_GDA0000379948440000132
S is registered user's master key, and calculates the second encryption parameter: P pud=SG, and then choose 4 hash function H, Q, H 1And Q 1:
H : F p 2 &RightArrow; { 0,1 } n ,
Q : { 0,1 } n &RightArrow; F p 2 ,
H 1:{0,1} n×{0,1} n→F q
Q 1:{0,1} n→{0,1} n
Wherein,
Figure BDA00003217893600141
For random number field, Be a finite group and
Figure BDA00003217893600143
N is natural number;
S25, according to following formula, can obtain system parameters T and be:
T=(p,a,b,G,p pub,q,h,H,Q,H 1,Q 1);
Simultaneously can obtain message space M is M={0,1} n, cryptogram space C is C=G 1* { 0,1} n
Message space M and cryptogram space C are the intermediate variables that in proof procedure, user side need to be used, and be used to carrying out the encryption and decryption computing, are not described in detail here;
S26, according to identity information M IdGenerate the first PKI EID U, and then by the first PKI EID UBe mapped to a some E on elliptic curve E (Fp) p, and calculate the first PKI d eid: d eid=sE p.
Identity information M IdComprise registered user's the attribute information such as E-mail address, identification card number, telephone number, phone number, user name, can directly in above attribute information, choose one as the first PKI EID U.
S3, by registered user's log-on message M kCarry out the computing of Hash hash, generate the first ciphertext summary DK s, and then coupling system parameter T and the first private key d eidAfter generating signature message DK, by log-on data M reg, the first PKI EID U, the first ciphertext summary DK sDK sends to the cloud service end with the signature message:
S31, according to the log-on message M of following formula by the registered user kCarry out the computing of Hash hash, generate the first ciphertext summary DK s:
DK S=Hash(M k<M id,Pwd>);
S32, choose an integer k, k satisfies condition: 0<k<n;
S33, calculate β according to following formula, if the result obtained is β=0, return to step S32, on the contrary execution step S34:
kG = ( x 1 , y 1 ) &beta; = x 1 mod n ;
S34, calculate ω according to following formula, if the result obtained is ω=0, return to step S32, on the contrary execution step S35:
K * = k - 1 mod n &omega; = K * { DK S + d eid } mod n ;
In following formula, K* is the intermediate variable in computational process.
S35, the message DK=(β, ω) that obtains signing, and then by log-on data M reg, the first PKI EID U, the first ciphertext summary DK sDK sends to the cloud service end with the signature message.
S4, cloud service end are verified signature message DK, if be verified, continue execution step S5, otherwise finish:
Whether S41, judgement signature message DK meet the following conditions:
&beta; > 0 &omega; < n ,
If continue execution step S42, otherwise finish;
S42, calculate w according to following formula:
u = &omega; - 1 mod n &mu; 1 = ( DK S u ) mod n &mu; 2 = ( &beta;u ) mod n &mu; 1 G + &mu; 2 EID U = ( x 0 , y 0 ) w = x 0 mod n
In following formula, u, μ 1, μ 2And w is the intermediate variable of computational process.
S43, judge whether w equals β, if, be verified, continue execution step S5, otherwise finish.
Here, at first the cloud service end is verified the signature message DK that user side sends, if be verified, proves that the message such as this signature message DK that user side sends belong to this registered user, therefore continues to carry out next step.
S5, the log-on message M to receiving kAfter carrying out the computing of Hash hash, whether the result that checking obtains equals the first ciphertext summary DK sIf,, continue execution step S6, otherwise finish; Here, checking registered user's log-on message M kAfter true, the cloud service end allows the operations such as access of user side, if checking registered user's log-on message M kNot true, refuse the operation requests of user side.
S6, cloud service end are according to log-on data M regGenerate the first encryption parameter RU pubWith the second private key RU PE, and produce one for this registered user being carried out to the identification code λ of identify label, then to the first encryption parameter RU pubAfter with identification code λ, carrying out the computing of Hash hash, obtain summary info D:
S61, cloud service end are chosen the second random number R cAfter master key S' as this registered user's interactive authentication, adopt following formula in conjunction with log-on data M regIn system parameters T generate the first encryption parameter RU pub: RU pub=R cG;
S62, by the first PKI EID UBe mapped to a some EID on elliptic curve E (Fp) pAfter, according to following formula, calculate the second private key RU PE: RU PE=R cEID p
S63, cloud service end produce one for this registered user being carried out to the identification code λ of identify label, then according to following formula to the first encryption parameter RU pubAfter with identification code λ, carrying out the computing of Hash hash, obtain summary info D:
D=Hash(RU pub,λ)。
Step S4, S5 have guaranteed that to the user side that the cloud service end operates be legal.And in order to guarantee that user side is not operated by the non-cloud service end deception line correlation of going forward side by side, user side also needs the cloud service end is verified, as described in step S7~S9.
S7, employing the first encryption parameter RU pubWith the second private key RU PEAfter summary info D is encrypted, obtain the second summary ciphertext DS, and then adopt the first PKI EID UTo the second summary ciphertext DS, the first encryption parameter RU pubAfter with identification code λ, being encrypted, obtain encrypting ciphertext FS, and will encrypt ciphertext FS and send to user side:
S71, adopt the first encryption parameter RU according to following formula pubWith the second private key RU PEAfter being encrypted, summary info D obtains the second summary ciphertext DS:
DS=EC(D,r,RU pub,RU pE)
Wherein, r=H 1(σ, D), and σ is the first random train;
S72, adopt the first PKI EID according to following formula UTo the second summary ciphertext DS, the first encryption parameter RU pubAfter with identification code λ, being encrypted, after obtaining encrypting ciphertext FS, and will encrypting ciphertext FS and send to user side:
FS=EC(DS,RU pub,λ,EID U,R,P pub)
Wherein, R is intermediate variable and R=H 1(π, DS, RU pub, λ), π is the second random train, P pubFor the second encryption parameter in system parameters T, same, EC representative is encrypted computing, can adopt method commonly used at present to be encrypted, and the detailed algorithm of cryptographic calculation is not described here.
S8, user side adopt the first private key d after receiving and encrypting ciphertext FS eidTo encrypting ciphertext FS, be decrypted, reduction obtains the second summary ciphertext DS, the first encryption parameter RU pubWith identification code λ, then adopt the first encryption parameter RU pubWith the first PKI EID UAfter the second summary ciphertext DS is decrypted, obtain summary info D:
S81, user side adopt the first private key d according to following formula after receiving and encrypting ciphertext FS eidTo encrypting ciphertext FS, be decrypted, reduction obtains the second summary ciphertext DS, the first encryption parameter RU pubWith identification code λ: (DS, RU pub, λ)=DC (P pub, d eid, FS);
S82, adopt the first encryption parameter RU according to following formula pubWith the first PKI EID UAfter the second summary ciphertext DS is decrypted, obtain summary info D:D=DC (RU pub, DS, EID U).DC representative is decrypted computing, can adopt method commonly used at present to be decrypted, and the detailed algorithm of decrypt operation is not described here.
S9, user side are to the first encryption parameter RU pubAfter with identification code λ, carrying out the computing of Hash hash, (the RU of Hash as a result that checking obtains pub, λ) whether equal summary info D, if authentication success, verified and the legitimacy of cloud service end prevented that cloud service end identity is counterfeit.
The first encryption parameter RU pubWith the second encryption parameter P pubBe in system parameters T the parameter can be applicable in encryption or decrypting process.
The M of log-on message described in the application kComprise identity information M IdWith hash password code Pwd:M k=<M Id, Pwd>, described log-on data M regComprise identity information M Id, hash password code Pwd and system parameters T:M reg=<M Id, Pwd, T>.
The present invention does not need third party's trust authority such as PKG, adopt user side directly and the cloud service end mode of carrying out communication carry out authentication, reduced the complexity that authentication brings to the cloud computing process, reduced expense, the safety problem of having avoided key escrow, key distribution etc. to bring.The first private key d eidBe mainly used in authentication and audit, authentication during only for user side login cloud service end, authentication does not just recycle the first private key d after finishing eidOperate, can not cause the excessive problem of user side authority.
The present invention has adopted elliptic curve in the authentication process, according to the discreteness feature of elliptic curve, this identity identifying method can be resisted and pretend to be attack.And the present invention has adopted random number in user side authentication and cloud service end verification process, can well prevent Replay Attack.Simultaneously, utilize the two-way signature authentication mode to authenticate to user side and cloud service end, during user's signature, adopted the first private key d eid, the cloud service end adopts the first PKI EID accordingly UVerify, guarantee the legitimacy of the user side conducted interviews.After the legitimacy of the user side that the checking of cloud service end conducts interviews, adopt the first encryption parameter RU pubWith the second private key RU PEThe information that user side sends is signed, the first PKI EID that the recycling user side sends UAfter encryption, send to user side and authenticate, this method has realized the bidirectional safe authentication of user side and cloud service end, has avoided the leak caused due to unilateral authentication, has improved fail safe.
This method has been utilized elliptic curve in verification process, although the elliptic curve cryptography amount of calculation is relatively large, but with respect to other public key system algorithms, in the situation that key length equates, its fail safe is higher, thereby meeting under the condition of same security intensity, this method amount of calculation is on the contrary still less.And because this method does not adopt third party's trust authority, thereby protocol architecture is simple, do not need the operations such as key agreement, distribution, user side and cloud service end direct interaction information, reduced the communicate by letter consumption of request with response, communication mode makes response speed faster end to end, and network bandwidth utilization factor is higher.
More than that better enforcement of the present invention is illustrated, but the invention is not limited to described embodiment, those of ordinary skill in the art also can make all equivalent variations or replacement under the prerequisite without prejudice to spirit of the present invention, the modification that these are equal to or replacement all are included in the application's claim limited range.

Claims (7)

1. the identity identifying method based on class IBE system under a cloud computing environment, is characterized in that, comprising:
S1, user side obtain registered user's identity information M IdAnd password code password, and, after password code is carried out to the computing of Hash hash, obtain hash password code Pwd;
S2, user side carry out the system parameters initialization, obtain registered user's master key S and system parameters T, and then generate the first PKI EID UWith the first private key d eid
S3, by registered user's log-on message M kCarry out the computing of Hash hash, generate the first ciphertext summary DK s, and then coupling system parameter T and the first private key d eidAfter generating signature message DK, by log-on data M reg, the first PKI EID U, the first ciphertext summary DKs and signature message DK send to the cloud service end;
S4, cloud service end are verified signature message DK, if be verified, continue execution step S5, otherwise finish;
S5, the log-on message M to receiving kAfter carrying out the computing of Hash hash, whether the result that checking obtains equals the first ciphertext summary DK sIf,, continue execution step S6, otherwise finish;
S6, cloud service end are according to log-on data M regGenerate the first encryption parameter RU pubWith the second private key RU PE, and produce one for this registered user being carried out to the identification code λ of identify label, then to the first encryption parameter RU pubAfter with identification code λ, carrying out the computing of Hash hash, obtain summary info D;
S7, employing the first encryption parameter RU pubWith the second private key RU PEAfter summary info D is encrypted, obtain the second summary ciphertext DS, and then adopt the first PKI EID UTo the second summary ciphertext DS, the first encryption parameter RU pubAfter with identification code λ, being encrypted, obtain encrypting ciphertext FS, and will encrypt ciphertext FS and send to user side;
S8, user side adopt the first private key d after receiving and encrypting ciphertext FS eidTo encrypting ciphertext FS, be decrypted, reduction obtains the second summary ciphertext DS, the first encryption parameter RU pubWith identification code λ, then adopt the first encryption parameter RU pubWith the first PKI EID UAfter the second summary ciphertext DS is decrypted, obtain summary info D;
S9, user side are to the first encryption parameter RU pubAfter with identification code λ, carrying out the computing of Hash hash, whether the result that obtains of checking equals summary info D, if, authentication success;
Described log-on message M kComprise identity information M IdWith hash password code Pwd, described log-on data M regComprise identity information M Id, hash password code Pwd and system parameters T.
2. the identity identifying method based on class IBE system under a kind of cloud computing environment according to claim 1, is characterized in that, described step S2 comprises:
S21, obtain a finite field Fp who is characterized as prime number p, and on finite field Fp, choose field element a, b, make field element a, and b meets the equation of elliptic curve E (Fp):
Y 3=x 2+ ax+b (modp), wherein 4a 3+ 27b 2≠ 0 (modp);
S22, on elliptic curve E (Fp), choose a basic point G, and calculate the rank q of basic point G, and then calculate respectively two q rank group G that G is ordered 1And G 2, G 1And G 2Meet following bilinear map condition:
G 1×G 1→G 2
S23, the rank #E (Fp) that adopts following formula to calculate elliptic curve E (Fp) remove the business h obtained in the rank of basic point G q:
h=#E(F p)/q
Wherein, business h meets h≤4, and #E (Fp), p, q meet the following conditions:
Figure RE-FDA0000379948430000031
In following formula, t is constant, and 1≤t<20;
S24, generation the first random number S and satisfied , S is registered user's master key, and calculates the second encryption parameter: P pub=SG, and then choose 4 hash function H, Q, H 1And Q 1:
Figure RE-FDA0000379948430000033
H 1:{0,1} n×{0,1} n→F q
Q 1:{0,1} n→{0,1} n
Wherein,
Figure RE-FDA0000379948430000034
Be a finite group and
Figure RE-FDA0000379948430000035
N is natural number;
S25, according to following formula, can obtain system parameters T and be:
T=(p,a,b,G,p pub,q,h,H,Q,H 1,Q 1);
Simultaneously can obtain message space M is M={0,1] n, cryptogram space C is C=G 1* { 0,1} n
S26, according to identity information M IdGenerate the first PKI EID U, and then by the first PKI EID UBe mapped to a some E on elliptic curve E (Fp) p, and calculate the first PKI d eid: d eid=sE p.
3. the identity identifying method based on class IBE system under a kind of cloud computing environment according to claim 2, is characterized in that, described step S3 comprises:
S31, according to the log-on message M of following formula by the registered user kCarry out the computing of Hash hash, generate the first ciphertext summary DK s:
DK S=Hash(M k<M id,Pwd>);
S32, choose an integer k, k satisfies condition: 0<k<n;
S33, calculate β according to following formula, if the result obtained is β=0, return to step S32, on the contrary execution step S34:
Figure FDA00003217893500041
S34, calculate ω according to following formula, if the result obtained is ω=0, return to step S32, on the contrary execution step S35:
Figure FDA00003217893500042
S35, the message DK=(β, ω) that obtains signing, and then by log-on data M reg, the first PKI EID U, the first ciphertext summary DK sDK sends to the cloud service end with the signature message.
4. the identity identifying method based on class IBE system under a kind of cloud computing environment according to claim 3, is characterized in that, described step S4 comprises:
Whether S41, judgement signature message DK meet the following conditions:
Figure FDA00003217893500043
If continue execution step S42, otherwise finish;
S42, calculate w according to following formula:
Figure FDA00003217893500044
S43, judge whether w equals β, if, be verified, continue execution step S5, otherwise finish.
5. the identity identifying method based on class IBE system under a kind of cloud computing environment according to claim 4, is characterized in that, described step S6 comprises:
S61, cloud service end are chosen the second random number R cAfter master key S' as this registered user's interactive authentication, adopt following formula in conjunction with log-on data M regIn system parameters T generate the first encryption parameter RU pub: RU pub=R cG;
S62, by the first PKI EID UBe mapped to a some EID on elliptic curve E (Fp) pAfter, according to following formula, calculate the second private key RU PE: RU PE=R cEID p
S63, cloud service end produce one for this registered user being carried out to the identification code λ of identify label, then according to following formula to the first encryption parameter RU pubAfter with identification code λ, carrying out the computing of Hash hash, obtain summary info D:
D=Hash(RU pub,λ)。
6. the identity identifying method based on class IBE system under a kind of cloud computing environment according to claim 5, is characterized in that, described step S7 comprises:
S71, adopt the first encryption parameter RU according to following formula pubWith the second private key RU PEAfter being encrypted, summary info D obtains the second summary ciphertext DS:
DS=EC(D,r,RU pub,RU pE)
Wherein, r=H 1(σ, D), and σ is the first random train;
S72, adopt the first PKI EID according to following formula UTo the second summary ciphertext DS, the first encryption parameter RU pubAfter with identification code λ, being encrypted, after obtaining encrypting ciphertext FS, and will encrypting ciphertext FS and send to user side:
FS=EC(DS,RU pub,λ,EID U,R,P pub)
Wherein, R=H 1(π, DS, RU pub, λ), π is the second random train, P pubFor the second encryption parameter in system parameters T.
7. the identity identifying method based on class IBE system under a kind of cloud computing environment according to claim 6, is characterized in that, described step S8 comprises:
S81, user side adopt the first private key d according to following formula after receiving and encrypting ciphertext FS eidTo encrypting ciphertext FS, be decrypted, reduction obtains the second summary ciphertext DS, the first encryption parameter RU pubWith identification code λ: (DS, RU pub, λ)=DC (P pub, d eid, FS);
S82, adopt the first encryption parameter RU according to following formula pubWith the first PKI EID UAfter the second summary ciphertext DS is decrypted, obtain summary info D:D=DC (RU pub, DS, EID U).
CN201310188994.XA 2013-05-20 2013-05-20 A kind of identity identifying method of based on class IBE system under cloud computing environment Active CN103414559B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310188994.XA CN103414559B (en) 2013-05-20 2013-05-20 A kind of identity identifying method of based on class IBE system under cloud computing environment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310188994.XA CN103414559B (en) 2013-05-20 2013-05-20 A kind of identity identifying method of based on class IBE system under cloud computing environment

Publications (2)

Publication Number Publication Date
CN103414559A true CN103414559A (en) 2013-11-27
CN103414559B CN103414559B (en) 2016-08-10

Family

ID=49607545

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310188994.XA Active CN103414559B (en) 2013-05-20 2013-05-20 A kind of identity identifying method of based on class IBE system under cloud computing environment

Country Status (1)

Country Link
CN (1) CN103414559B (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104901935A (en) * 2014-09-26 2015-09-09 易兴旺 Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem)
CN105099690A (en) * 2014-05-19 2015-11-25 江苏博智软件科技有限公司 OTP and user behavior-based certification and authorization method in mobile cloud computing environment
CN106022081A (en) * 2016-01-21 2016-10-12 李明 Card reading method for identity-card card-reading terminal, and terminal and system for identity-card card-reading
CN108540291A (en) * 2018-03-23 2018-09-14 西安电子科技大学 Data integrity verification method in the cloud storage of identity-based
CN110874800A (en) * 2019-11-08 2020-03-10 腾讯科技(深圳)有限公司 Data transfer method and device, electronic equipment and computer readable storage medium
CN111277583A (en) * 2020-01-15 2020-06-12 东方红卫星移动通信有限公司 Identity authentication method for monitoring system of mobile cloud computing
CN113259136A (en) * 2021-07-07 2021-08-13 浙江宇视科技有限公司 Multi-client cooperative authentication method, device, equipment and medium for feature recognition
CN113472953A (en) * 2021-07-03 2021-10-01 深圳市壹通道科技有限公司 E-commerce platform privacy number voice communication method and system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102710605A (en) * 2012-05-08 2012-10-03 重庆大学 Information security management and control method under cloud manufacturing environment
US20130007845A1 (en) * 2011-06-30 2013-01-03 International Business Machines Corporation Authentication and authorization methods for cloud computing security platform

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130007845A1 (en) * 2011-06-30 2013-01-03 International Business Machines Corporation Authentication and authorization methods for cloud computing security platform
CN102710605A (en) * 2012-05-08 2012-10-03 重庆大学 Information security management and control method under cloud manufacturing environment

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
ZHI-HUA ZHANG ETC: "An Indentity-Based Authentication Scheme In Cloud Computing", 《2012 INTERNATIONAL CONFERENCE ON INDUSTRIAL CONRTOL AND ELECTRONICS ENGINEERING》, 31 December 2012 (2012-12-31), pages 984 - 986 *
杨一等: "一种基于类IBE系统的身份认证体系研究", 《鹭江职业大学学报》, vol. 13, no. 1, 31 March 2005 (2005-03-31), pages 45 - 49 *

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105099690A (en) * 2014-05-19 2015-11-25 江苏博智软件科技有限公司 OTP and user behavior-based certification and authorization method in mobile cloud computing environment
CN104901935A (en) * 2014-09-26 2015-09-09 易兴旺 Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem)
CN106022081A (en) * 2016-01-21 2016-10-12 李明 Card reading method for identity-card card-reading terminal, and terminal and system for identity-card card-reading
CN106022081B (en) * 2016-01-21 2019-06-28 李明 A kind of card reading method of identity card card-reading terminal, identity card card-reading terminal and system
CN108540291A (en) * 2018-03-23 2018-09-14 西安电子科技大学 Data integrity verification method in the cloud storage of identity-based
CN108540291B (en) * 2018-03-23 2020-08-04 西安电子科技大学 Identity-based data integrity verification method in cloud storage
CN110874800A (en) * 2019-11-08 2020-03-10 腾讯科技(深圳)有限公司 Data transfer method and device, electronic equipment and computer readable storage medium
CN110874800B (en) * 2019-11-08 2023-10-20 腾讯科技(深圳)有限公司 Data transfer method, device, electronic equipment and computer readable storage medium
CN111277583A (en) * 2020-01-15 2020-06-12 东方红卫星移动通信有限公司 Identity authentication method for monitoring system of mobile cloud computing
CN113472953A (en) * 2021-07-03 2021-10-01 深圳市壹通道科技有限公司 E-commerce platform privacy number voice communication method and system
CN113259136A (en) * 2021-07-07 2021-08-13 浙江宇视科技有限公司 Multi-client cooperative authentication method, device, equipment and medium for feature recognition

Also Published As

Publication number Publication date
CN103414559B (en) 2016-08-10

Similar Documents

Publication Publication Date Title
EP3642997B1 (en) Secure communications providing forward secrecy
CN106789042B (en) Authentication key negotiation method for user in IBC domain to access resources in PKI domain
CN102594558B (en) Anonymous digital certificate system and verification method of trustable computing environment
KR20190073472A (en) Method, apparatus and system for transmitting data
CN103414559A (en) Identity authentication method based on IBE-like system in cloud computing environment
US20130191632A1 (en) System and method for securing private keys issued from distributed private key generator (d-pkg) nodes
CA2990656A1 (en) Mutual authentication of confidential communication
CN103780618A (en) Method for cross-isomerism domain identity authentication and session key negotiation based on access authorization ticket
CN104270249A (en) Signcryption method from certificateless environment to identity environment
US11870891B2 (en) Certificateless public key encryption using pairings
CN104767612A (en) Signcryption method from certificateless environment to public key infrastructure environment
CN110535626B (en) Secret communication method and system for identity-based quantum communication service station
CN104639315A (en) Dual-authentication method and device based on identity passwords and fingerprint identification
CN104301108A (en) Signcryption method based from identity environment to certificateless environment
CN104821880A (en) Certificate-free generalized proxy signcryption method
CN111277412B (en) Data security sharing system and method based on block chain key distribution
CN106713349B (en) Inter-group proxy re-encryption method capable of resisting attack of selecting cipher text
CN105610773A (en) Communication encryption method of electric energy meter remote meter reading
CN114726546B (en) Digital identity authentication method, device, equipment and storage medium
CN114036539A (en) Safety auditable Internet of things data sharing system and method based on block chain
CN112104453A (en) Anti-quantum computation digital signature system and signature method based on digital certificate
CN102970144A (en) Identity-based authentication method
CN111416712B (en) Quantum secret communication identity authentication system and method based on multiple mobile devices
CN110519226B (en) Quantum communication server secret communication method and system based on asymmetric key pool and implicit certificate
KR20090020869A (en) System and method of transmitting/receiving encrypted data in a communication system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant