CN106105137A - 使用终端用户联合登录来检测密钥交换加密信道中的破坏 - Google Patents

使用终端用户联合登录来检测密钥交换加密信道中的破坏 Download PDF

Info

Publication number
CN106105137A
CN106105137A CN201580011495.0A CN201580011495A CN106105137A CN 106105137 A CN106105137 A CN 106105137A CN 201580011495 A CN201580011495 A CN 201580011495A CN 106105137 A CN106105137 A CN 106105137A
Authority
CN
China
Prior art keywords
peer device
provider
authentication response
identifier
peer
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201580011495.0A
Other languages
English (en)
Chinese (zh)
Inventor
P·T·恩古延
C·A·G·麦克唐纳德
G·伯恩斯
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qualcomm Inc
Original Assignee
Qualcomm Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qualcomm Inc filed Critical Qualcomm Inc
Publication of CN106105137A publication Critical patent/CN106105137A/zh
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • H04L9/0841Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/141Setup of application sessions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/70Services for machine-to-machine communication [M2M] or machine type communication [MTC]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/24Key scheduling, i.e. generating round keys or sub-keys for block encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer And Data Communications (AREA)
  • Mobile Radio Communication Systems (AREA)
CN201580011495.0A 2014-03-05 2015-03-05 使用终端用户联合登录来检测密钥交换加密信道中的破坏 Pending CN106105137A (zh)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US201461948433P 2014-03-05 2014-03-05
US61/948,433 2014-03-05
US14/638,290 US9954679B2 (en) 2014-03-05 2015-03-04 Using end-user federated login to detect a breach in a key exchange encrypted channel
US14/638,290 2015-03-04
PCT/US2015/019006 WO2015134771A1 (en) 2014-03-05 2015-03-05 Using end-user federated login to detect a breach in a key exchange encrypted channel

Publications (1)

Publication Number Publication Date
CN106105137A true CN106105137A (zh) 2016-11-09

Family

ID=54018515

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201580011495.0A Pending CN106105137A (zh) 2014-03-05 2015-03-05 使用终端用户联合登录来检测密钥交换加密信道中的破坏

Country Status (6)

Country Link
US (1) US9954679B2 (https=)
EP (1) EP3114808A1 (https=)
JP (1) JP2017516328A (https=)
KR (1) KR20160127747A (https=)
CN (1) CN106105137A (https=)
WO (1) WO2015134771A1 (https=)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108199851A (zh) * 2018-02-01 2018-06-22 北京华大智宝电子系统有限公司 一种数据安全传输方法、装置及系统
CN110582773A (zh) * 2017-05-23 2019-12-17 谷歌有限责任公司 使用发现与启动协议的移动辅助电视登入
CN113141671A (zh) * 2021-04-23 2021-07-20 Tcl通讯(宁波)有限公司 wifi设备的通信方法、设备和计算机可读存储介质

Families Citing this family (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10153966B1 (en) * 2015-03-12 2018-12-11 Alarm.Com Incorporated Hybrid mesh network monitoring signaling environment
US9900775B2 (en) * 2015-09-02 2018-02-20 International Business Machines Corporation On-device authorization of devices for collaboration and association
US10834586B2 (en) * 2016-07-29 2020-11-10 Amzetta Technologies, Llc System and method for controlling heterogeneous internet of things (IoT) devices using single application
US10291609B2 (en) * 2016-08-23 2019-05-14 Reavire, Inc. Vault appliance for identity verification and secure dispatch of rights
US10321313B2 (en) 2016-09-09 2019-06-11 Dell Products L.P. Enabling remote access to a service controller having a factory-installed unique default password
CN106572160B (zh) * 2016-10-24 2019-07-23 天津科技大学 一种物联网网关的通信信道扩展系统
US10789386B2 (en) * 2016-11-09 2020-09-29 Reavire, Inc. Dispatching identity information from secure hardware appliance
WO2018152533A1 (en) * 2017-02-20 2018-08-23 Lutron Electronics Co., Inc. Integrating and controlling multiple load control systems
CN107911483A (zh) 2017-12-12 2018-04-13 阿里巴巴集团控股有限公司 一种信息传输方法和装置
US11218466B2 (en) * 2018-10-31 2022-01-04 Salesforce.Com, Inc. Endpoint security
US11048793B2 (en) 2018-12-05 2021-06-29 Bank Of America Corporation Dynamically generating activity prompts to build and refine machine learning authentication models
US11120109B2 (en) 2018-12-05 2021-09-14 Bank Of America Corporation Processing authentication requests to secured information systems based on machine-learned event profiles
US11036838B2 (en) 2018-12-05 2021-06-15 Bank Of America Corporation Processing authentication requests to secured information systems using machine-learned user-account behavior profiles
US11176230B2 (en) 2018-12-05 2021-11-16 Bank Of America Corporation Processing authentication requests to secured information systems based on user behavior profiles
US11113370B2 (en) 2018-12-05 2021-09-07 Bank Of America Corporation Processing authentication requests to secured information systems using machine-learned user-account behavior profiles
US11159510B2 (en) * 2018-12-05 2021-10-26 Bank Of America Corporation Utilizing federated user identifiers to enable secure information sharing
US11372387B2 (en) 2020-03-03 2022-06-28 Charter Communications Operating, Llc Metadata-based smart home automation
DE102020110034A1 (de) * 2020-04-09 2021-10-14 Bundesdruckerei Gmbh Überwachungssystem mit mehrstufiger Anfrageprüfung
US12238101B2 (en) * 2021-03-09 2025-02-25 Oracle International Corporation Customizing authentication and handling pre and post authentication in identity cloud service
US11722499B1 (en) * 2022-02-05 2023-08-08 Uab 360 It Optimized messaging in a mesh network

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1833216B1 (en) * 2006-03-07 2010-07-14 Hitachi, Ltd. Method and system for mediation of authentication within a communication network
US20110314287A1 (en) * 2010-06-16 2011-12-22 Qualcomm Incorporated Method and apparatus for binding subscriber authentication and device authentication in communication systems
CN102355662A (zh) * 2011-06-10 2012-02-15 合肥联正电子科技有限公司 一种基于无线低成本设备的密钥交换方法
CN103118009A (zh) * 2013-01-08 2013-05-22 深圳大学 一种认证密钥交换方法及系统

Family Cites Families (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3253060B2 (ja) * 1997-12-25 2002-02-04 日本電信電話株式会社 相互認証方法及びその装置
US7055036B2 (en) * 2001-04-06 2006-05-30 Mcafee, Inc. System and method to verify trusted status of peer in a peer-to-peer network environment
US7596690B2 (en) * 2004-09-09 2009-09-29 International Business Machines Corporation Peer-to-peer communications
CN101395887B (zh) * 2006-04-11 2013-02-13 高通股份有限公司 用于绑定多个认证的方法和设备
EP1865656A1 (en) * 2006-06-08 2007-12-12 BRITISH TELECOMMUNICATIONS public limited company Provision of secure communications connection using third party authentication
JP4779988B2 (ja) * 2007-02-13 2011-09-28 トヨタ自動車株式会社 全固体リチウム二次電池
JP2009282561A (ja) * 2008-05-19 2009-12-03 Kddi Corp ユーザ認証システム、ユーザ認証方法およびプログラム
US20100228726A1 (en) 2009-02-06 2010-09-09 Slinker Scott W Determining associative intent in a database containing linked entities
WO2011128183A2 (en) 2010-04-13 2011-10-20 Telefonaktiebolaget L M Ericsson (Publ) Method and apparatus for interworking with single sign-on authentication architecture
US9350708B2 (en) * 2010-06-01 2016-05-24 Good Technology Corporation System and method for providing secured access to services
US8799656B2 (en) * 2010-07-26 2014-08-05 Intel Corporation Methods for anonymous authentication and key agreement
US8509431B2 (en) 2010-09-20 2013-08-13 Interdigital Patent Holdings, Inc. Identity management on a wireless device
US9237142B2 (en) * 2011-01-07 2016-01-12 Interdigital Patent Holdings, Inc. Client and server group SSO with local openID
KR20120091635A (ko) * 2011-02-09 2012-08-20 삼성전자주식회사 통신 시스템에서 인증 방법 및 장치
JP5865992B2 (ja) 2011-03-23 2016-02-17 インターデイジタル パテント ホールディングス インコーポレイテッド ネットワーク通信をセキュアにするためのシステムおよび方法
US8839395B2 (en) * 2011-05-13 2014-09-16 Cch Incorporated Single sign-on between applications
WO2012175667A1 (en) * 2011-06-22 2012-12-27 Nec Europe Ltd. Method and system for performing single sign-in user authentication
US10044713B2 (en) 2011-08-19 2018-08-07 Interdigital Patent Holdings, Inc. OpenID/local openID security
US9497627B2 (en) * 2011-09-29 2016-11-15 Interdigital Patent Holdings, Inc. Method and apparatus for enabling access to applications integrated with a visited network
US9392077B2 (en) * 2012-10-12 2016-07-12 Citrix Systems, Inc. Coordinating a computing activity across applications and devices having multiple operation modes in an orchestration framework for connected devices

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1833216B1 (en) * 2006-03-07 2010-07-14 Hitachi, Ltd. Method and system for mediation of authentication within a communication network
US20110314287A1 (en) * 2010-06-16 2011-12-22 Qualcomm Incorporated Method and apparatus for binding subscriber authentication and device authentication in communication systems
CN102355662A (zh) * 2011-06-10 2012-02-15 合肥联正电子科技有限公司 一种基于无线低成本设备的密钥交换方法
CN103118009A (zh) * 2013-01-08 2013-05-22 深圳大学 一种认证密钥交换方法及系统

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
MENEZES,VANSTONE,OORSCHOT: "Handbook of Applied Cryptography", 《CRC PRESS LLC,USA》 *

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110582773A (zh) * 2017-05-23 2019-12-17 谷歌有限责任公司 使用发现与启动协议的移动辅助电视登入
CN110582773B (zh) * 2017-05-23 2023-09-26 谷歌有限责任公司 使用发现与启动协议的移动辅助电视登入
CN108199851A (zh) * 2018-02-01 2018-06-22 北京华大智宝电子系统有限公司 一种数据安全传输方法、装置及系统
CN113141671A (zh) * 2021-04-23 2021-07-20 Tcl通讯(宁波)有限公司 wifi设备的通信方法、设备和计算机可读存储介质
CN113141671B (zh) * 2021-04-23 2023-06-20 Tcl通讯(宁波)有限公司 wifi设备的通信方法、设备和计算机可读存储介质

Also Published As

Publication number Publication date
US9954679B2 (en) 2018-04-24
US20150256337A1 (en) 2015-09-10
WO2015134771A1 (en) 2015-09-11
JP2017516328A (ja) 2017-06-15
EP3114808A1 (en) 2017-01-11
KR20160127747A (ko) 2016-11-04

Similar Documents

Publication Publication Date Title
US9954679B2 (en) Using end-user federated login to detect a breach in a key exchange encrypted channel
EP3047616B1 (en) A user interactive application enabled gateway
KR101770083B1 (ko) 물리적인 iot 디바이스를 식별하는 방법 및 장치
US9584482B2 (en) Access control lists for private networks of system agnostic connected devices
US9185641B2 (en) Using discoverable peer-to-peer services to allow remote onboarding of headless devices over a Wi-Fi network
US10149335B2 (en) Connectivity module for internet of things (IOT) devices
CN105684389B (zh) 基于对等方的认证
US9903940B2 (en) Entrusted device localization scheme using ultrasound signatures
US20150071052A1 (en) Reconfiguring a headless wireless device
KR102366632B1 (ko) 사용자 선호도들 또는 디바이스 구성을 설정하는 방법 및 장치
US20150026779A1 (en) Performing remote wi-fi network configuration when a network security protocol is unknown
US20150071216A1 (en) Allowing mass re-onboarding of headless devices
CN106576220A (zh) 用于自动生成物联网(iot)网络中的事件字典的方法和装置
US20150023336A1 (en) Communicating a headless onboardee device local wireless network scan to an onboarder device via a peer-to-peer protocol to assist an onboarding process
CN106464692B (zh) 确定对接收授权的设备的信任级别
HK1232713B (zh) 用於自動生成物聯網(iot)網絡中的事件字典的方法和裝置

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
AD01 Patent right deemed abandoned
AD01 Patent right deemed abandoned

Effective date of abandoning: 20190924