CN106209743A - A kind of digital home integrated system authentication method of identity-based signature - Google Patents
A kind of digital home integrated system authentication method of identity-based signature Download PDFInfo
- Publication number
- CN106209743A CN106209743A CN201510229331.7A CN201510229331A CN106209743A CN 106209743 A CN106209743 A CN 106209743A CN 201510229331 A CN201510229331 A CN 201510229331A CN 106209743 A CN106209743 A CN 106209743A
- Authority
- CN
- China
- Prior art keywords
- subsystem
- identity
- digital home
- information
- authentication method
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The present invention discloses digital home's integrated system authentication method of a kind of identity-based signature, this system integration, towards multiple base support of digital home's integrated application and function service subsystem, includes but not limited to: communication network subsystems, fire-fighting subsystem, security subsystem, estate management subsystem, office automation subsystem, parking lot subsystem, all-purpose card subsystem and the broadcast subsystem etc. on basis.The present invention provides digital home's integrated system authentication method of a kind of identity-based signature; while the information security strengthening system and protection individual subscriber privacy; the convenience utilizing identity information certification reduces digital family system complexity in terms of information safety protection; improve vigorousness and the overall performance of system, expand systematic difference environment.
Description
Technical field
The present invention relates to electronic information field, digital home's integrated system of a kind of identity-based signature
Authentication method.
Background technology
Digital home, the most progressively grows up to the extension of family as network information technology.In China,
Digital home has become the main trend of the building of communities, and all kinds of communities, building, the Digitization Project of building are invested,
Account for the 5%-8% of total investment of engineering, up to 10% had, the digitization system construction investment of residential quarter
Average every square metre about 60 yuan (accounting for the 5%-8% of construction investment), as based on the annual completed floor space in the whole nation
Calculating gross investment is tens yuan.This new " point of economic increase " facilitates relevant enterprise and the skill of digital home
Art company increases rapidly.
Meanwhile, digital family system is also complete, to high-tech, reality from pursuit complete function in early days
Develop with energy-saving direction with changing, and require to realize between multiple subsystems of composition digital home platform height
Cooperation provides the user highly efficient and smooth system service.Digital family system is substantially still that one
The information system of multiple technologies set, with business function and the increase of subsystem, the skill included by whole system
Art and system module also get more and more, and system becomes huge and structure is complicated, and the information security that system exists is hidden
Suffer from and increasing the most accordingly.Therefore, while improving digital family system function and whole efficiency, how to protect
The information security of protecting system, such as data safety, legal power safety, secret protection etc., is gradually increasing and becomes system
Design needs one of Important Problems of consideration.
Summary of the invention
It is an object of the invention to provide digital home's integrated system authentication method of a kind of identity-based signature, with
The information security of enhancing system and the safety of user data, utilize identity information certification to reduce bursting tube simultaneously
The complexity of reason system, improves the whole efficiency of digital family system, promotes systemic-function and expands application ring
Border, strengthens system and user security.
The present invention provides digital home's integrated system authentication method of a kind of identity-based signature, described numeral man
Front yard integrated system is integrated with the multiple base support towards digital home's integrated application and function service subsystem,
Include but not limited to: the communication network subsystems on basis, fire-fighting subsystem, security subsystem, estate management
Subsystem, office automation subsystem, parking lot subsystem, all-purpose card subsystem and broadcast subsystem etc..
Digital home's integrated system authentication method of described identity-based signature between main system and subsystem,
ID-based cryptosystem is used between subsystem and subsystem and between subsystem and management, domestic consumer
The signature authentication method of (Identity-based cryptography) is to strengthen Base communication, information sharing, user
The protecting information safety that access, Safety Examination and access control.
Digital home's integrated system authentication method of described identity-based signature is set up initial with key in system
During change, certificate server, the management system unit such as user, terminal use can will uniquely identify oneself respectively
Identity information (such as device number, user mobile phone number, identification card number etc.) is registered in background data base and extracts
The corresponding private key generated.
Digital home's integrated system authentication method of described identity-based signature when carrying out identification safety authentication,
Request authenticating party uses identity-based signature algorithm and private key to generate authentication information request certification, and authenticating party is direct
The identity information using request authenticating party substitutes into identity-based verification algorithm and is authenticated authentication information.
Digital home's integrated system authentication method of described identity-based signature between main system and subsystem,
Mutual authentication mechanism is used to improve system further between subsystem and subsystem and between subsystem and user
Safety is to prevent other information securities from attacking.
The present invention is by using the signature authentication method of ID-based cryptosystem, in the information security strengthening system
And while protection individual subscriber privacy, utilize the convenience of identity information certification to reduce system of digital home
System complexity in terms of information safety protection, improves vigorousness and the overall performance of system, expands and is
The applied environment of system.
Accompanying drawing explanation
Fig. 1 is the system knot of digital home's integrated system authentication method of identity-based signature of the present invention
Structure composition schematic diagram.
Fig. 2 is that the identity of digital home's integrated system authentication method of identity-based signature of the present invention is recognized
Card management system is set up and is generated schematic diagram with key.
Fig. 3 be identity-based signature of the present invention digital home's integrated system authentication method in certification clothes
Business device and the mutual certification schematic diagram of mechanism of terminal use.
Fig. 4 be identity-based signature of the present invention digital home's integrated system authentication method in certification clothes
Business device and the mutual certification schematic diagram of mechanism managing user.
Detailed description of the invention
Digital home's integrated system authentication method of identity-based signature of the present invention, integrated to improve digital home
System and multiple base support and the whole efficiency of function service subsystem, promote systemic-function and expand application
Environment, strengthens system and user security.
In order to make those skilled in the art be more fully understood that the present invention program, below in conjunction with the accompanying drawings and real
The present invention is described in further detail to execute mode.
Seeing Fig. 1, this figure is digital home's integrated system authentication method of identity-based signature of the present invention
System structure composition schematic diagram.
Described digital home integrated system includes 1 fire-fighting subsystem;2 security subsystem;3 property monitoring
System;4 broadcast subsystems;5 parking lot subsystems;6 all-purpose card subsystems;7 office automation subsystems.
Based on 8 bases between integrated system and subsystem, between subsystem and subsystem and between system and user
Communication network subsystems carries out network service to realize information interconnection;Subsystem 1 fire-fighting subsystem and 2 securities
Subsystem constitutes the physical security subsystem supporting digital home's integrated system;Subsystem 3 property monitoring subsystem
System and 4 broadcast subsystems constitute the traditional property information management subsystem supporting digital home's integrated system;Son
System 5 parking lot subsystem, 6 all-purpose card subsystems and 7 office automation subsystems etc. constitute numeral man
The function service subsystem of front yard integrated system.Between integrated system and subsystem, between subsystem and subsystem
And carry out Safety Examination by 9 authentication servers between system and user and access control to strengthen
The protecting information safety that Base communication, information sharing, user access.9 authentication servers and user divide
Can will uniquely not identify the identity information (such as device number, user mobile phone number, identification card number etc.) of oneself rear
Platform data base registers and extracts the corresponding private key generated on 10 key generating server.
Seeing Fig. 2, this figure is digital home's integrated system authentication method of identity-based signature of the present invention
Identity authentication management system set up with key generate schematic diagram.Concrete steps and algorithm are as follows:
[1] parameter generates.Alternating step generator is cyclic group G of P, and rank are q, generates random number s ∈ Z/q.
P is setpub=sP, selects cryptographic hash algorithm H1: { 0,1}* × G → Z/q and H2: 0,1}* →
G.Systematic parameter param={P, Ppub, H1, H2, master key msk=s.
[2] certificate server registration.Certificate server can will uniquely identify the identity information of oneself by system
IDs (such as certificate server device number) is registered in background data base.
[3] certificate server initiates private key request.The identity information IDs of oneself is sent to by certificate server
System private key generator, request returns corresponding private key.
[4] certificate server private key extraction.For given certificate server identity IDs, calculate SKIDs=
sH2(IDs)=sQIDs, as the private key of the certificate server that identity is IDs.
[5] managing users registration.Management user can will uniquely identify the identity information of oneself by system
IDau (such as cell-phone number, Email, identification card number etc.) is registered in background data base.
[6] management user initiates private key request IDau.The identity information IDau of oneself is sent by management user
To system private key generator, request returns corresponding private key.
[7] management private key for user extraction.Corresponding given managing user identities IDau, calculates SKIDau=
sH2(IDau)=sQIDau, as the private key of the certificate server that identity is IDau.
[8] end-user registration.Terminal use can will uniquely identify the identity information of oneself by system
IDtu (such as cell-phone number, Email, identification card number etc.) is registered in background data base.
[9] terminal use initiates private key request IDtu.The identity information IDtu of oneself is sent by management user
To system private key generator, request returns corresponding private key.
[10] terminal use's private key extraction.Corresponding given terminal user ID IDtu, calculates SKIDtu=
sH2(IDtu)=sQIDtu, as the private key of the certificate server that identity is IDtu.
Seeing Fig. 3, this figure is digital home's integrated system authentication method of identity-based signature of the present invention
Middle certificate server and the mutual certification schematic diagram of mechanism of terminal use.Concrete steps and algorithm are as follows:
[1] end-user request accesses limited information resource.
[2] certificate server produces authentication information MsAnd signature Ss=SignIBS(Ms, SKIDs)=(Us,
Vs).Identity-based signature algorithm SignIBSAs follows: to produce random number rs∈ Z/q, calculates Us=rsQIDs,
hs=H1(Ms, Us), Vs=(rs+hs)SKIDs。
[3] certificate server authentication information (M is sents, Ss) for terminal user authentication.
[4] end-user verification certificate server identity VerifyIBS(Ms, Ss, IDs)=1?Identity-based
Verification algorithm VerifyIBS(Ms, Ss, IDs)=1 as follows: check (P, Ppub, Us+hsQIDs, Vs) whether
It it is one effective Diffie-Hellman pair, at hs=H1(Ms, UsIn the case of).
[5] terminal use produces authentication information MtuAnd signature Stu=SignIBS(Mtu, SKIDtu)=(Utu,
Vtu).Identity-based signature algorithm SignIBSAs follows: to produce random number rtu∈ Z/q, calculates Utu=rtuQIDtu,
htu=H1(Mtu, Utu), Vtu=(rtu+htu)SKIDtu。
[6] terminal user identity authentication information (M is senttu, Stu) for certification server authentication.
[7] certificate server checking terminal user ID VerifyIBS(Mtu, Stu, IDtu)=1?Based on body
Part verification algorithm VerifyIBS(Mtu, Stu, IDtu)=1 as follows: check (P, Ppub, Utu+htuQIDtu, Vtu)
Whether it it is one effective Diffie-Hellman pair, at htu=H1(Mtu, UtuIn the case of).
[8] authorization terminal access privilege.
[9] end-user access information resources.
Seeing Fig. 4, this figure is digital home's integrated system authentication method of identity-based signature of the present invention
Middle certificate server and the mutual certification schematic diagram of mechanism managing user.Concrete steps and algorithm are as follows:
[1] usemame/password logs in
[2] confirm that user logs in
[3] re-authentication is required
[4] management user produces authentication information MauAnd signature Sau=SignIBS(Mau, SKIDau)=(Uau,
Vau).Identity-based signature algorithm SignIBSAs follows: to produce random number rau∈ Z/q, calculates Uau=rauQIDau,
hau=H1(Mau, Uau), Vau=(rau+hau)SKIDau。
[5] management user's ID authentication information (M is sentau, Sau) for certification server authentication.
[6] certificate server verification management user identity VerifyIBS(Mau, Sau, IDau)=1?Based on body
Part verification algorithm VerifyIBS(Mau, Sau, IDau)=1 as follows: check (P, Ppub, Uau+hauQIDau, Vau)
Whether it it is one effective Diffie-Hellman pair, at hau=H1(Mau, UauIn the case of).
[7] request accesses/controls service sub-system
[8] certificate server produces authentication information MsAnd signature Ss=SignIBS(Ms, SKIDs)=(Us,
Vs).Identity-based signature algorithm SignIBSAs follows: to produce random number rs∈ Z/q, calculates Us=rsQIDs,
hs=H1(Ms, Us), Vs=(rs+hs)SKIDs。
[9] certificate server authentication information (M is sents, Ss) for terminal user authentication.
[10] end-user verification certificate server identity VerifyIBS(Ms, Ss, IDs)=1?Based on body
Part verification algorithm VerifyIBS(Ms, Ss, IDs)=1 as follows: check (P, Ppub, Us+hsQIDs, Vs) be
No is one effective Diffie-Hellman pair, at hs=H1(Ms, UsIn the case of).
[11] authorization terminal access privilege.
[12] end-user access information resources.
Above digital home's integrated system authentication method of identity-based signature provided by the present invention is carried out
It is discussed in detail.Principle and the embodiment of the present invention are set forth by specific case used herein,
The explanation of above example is only intended to help to understand method and the core concept thereof of the present invention.Simultaneously for
One of ordinary skill in the art, according to the thought of the present invention, the most all
Will change, in sum, this specification content should not be construed as limitation of the present invention.
Claims (5)
1. digital home's integrated system authentication method of an identity-based signature, it is characterised in that described
Digital home's integrated system is integrated with the multiple base support towards digital home's integrated application and function service
Subsystem, includes but not limited to: basis communication network subsystems, fire-fighting subsystem, security subsystem,
Estate management subsystem, office automation subsystem, parking lot subsystem, all-purpose card subsystem and broadcast
Subsystem etc..
Digital home's integrated system authentication method of identity-based signature the most according to claim 1,
It is characterized in that, described integrated system between main system and subsystem, between subsystem and subsystem, with
And between subsystem and management, domestic consumer, use ID-based cryptosystem (Identity-based
Cryptography) signature authentication method is to strengthen Base communication, information sharing, user's access, to examine safely
Look into and access the protecting information safety of control.
Digital home's integrated system authentication method of identity-based signature the most according to claim 2,
It is characterized in that, when system is set up with cipher key initialization, certificate server, management user, terminal use
The identity information of oneself can will be uniquely identified (such as device number, user mobile phone number, identity respectively Deng system unit
Card number etc.) in background data base, register and extract the corresponding private key generated.
Digital home's integrated system authentication method of identity-based signature the most according to claim 3,
It is characterized in that, when carrying out identification safety authentication, request authenticating party uses identity-based signature algorithm and private
Key generates authentication information request certification, and authenticating party directly uses the identity information of request authenticating party to substitute into based on body
Authentication information is authenticated by part verification algorithm.
Digital home's integrated system authentication method of identity-based signature the most according to claim 2,
It is characterized in that, between main system and subsystem, between subsystem and subsystem and subsystem and user
Between use mutual authentication mechanism to improve security of system further to prevent other information securities from attacking.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510229331.7A CN106209743A (en) | 2015-05-06 | 2015-05-06 | A kind of digital home integrated system authentication method of identity-based signature |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510229331.7A CN106209743A (en) | 2015-05-06 | 2015-05-06 | A kind of digital home integrated system authentication method of identity-based signature |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106209743A true CN106209743A (en) | 2016-12-07 |
Family
ID=57459570
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510229331.7A Pending CN106209743A (en) | 2015-05-06 | 2015-05-06 | A kind of digital home integrated system authentication method of identity-based signature |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106209743A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109729066A (en) * | 2018-06-01 | 2019-05-07 | 平安普惠企业管理有限公司 | System authentication method, unit and computer readable storage medium |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102271040A (en) * | 2011-07-26 | 2011-12-07 | 北京华大信安科技有限公司 | Identity verifying system and method |
CN102546173A (en) * | 2011-12-19 | 2012-07-04 | 河海大学 | Digital signature system and signature method based on certificate |
CN103746811A (en) * | 2013-12-27 | 2014-04-23 | 西安邮电大学 | Anonymous signcryption method from identity public key system to certificate public key system |
CN104426831A (en) * | 2013-08-27 | 2015-03-18 | 广州星海智慧家庭系统集成有限公司 | Safety-enhanced digital home integrated application platform |
-
2015
- 2015-05-06 CN CN201510229331.7A patent/CN106209743A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102271040A (en) * | 2011-07-26 | 2011-12-07 | 北京华大信安科技有限公司 | Identity verifying system and method |
CN102546173A (en) * | 2011-12-19 | 2012-07-04 | 河海大学 | Digital signature system and signature method based on certificate |
CN104426831A (en) * | 2013-08-27 | 2015-03-18 | 广州星海智慧家庭系统集成有限公司 | Safety-enhanced digital home integrated application platform |
CN103746811A (en) * | 2013-12-27 | 2014-04-23 | 西安邮电大学 | Anonymous signcryption method from identity public key system to certificate public key system |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109729066A (en) * | 2018-06-01 | 2019-05-07 | 平安普惠企业管理有限公司 | System authentication method, unit and computer readable storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108270571B (en) | Internet of Things identity authorization system and its method based on block chain | |
CN101674304B (en) | Network identity authentication system and method | |
CN101183932B (en) | Security identification system of wireless application service and login and entry method thereof | |
CN102006299B (en) | Trustworthy internet-oriented entity ID (Identity)-based ID authentication method and system | |
CN100542092C (en) | Distributed access control method in multistage securities | |
CN103067160B (en) | A kind of method and system for the dynamic key production for encrypting SD card | |
CN106341232B (en) | A kind of anonymous entity discrimination method based on password | |
CN110572258B (en) | Cloud password computing platform and computing service method | |
CN102946603B (en) | Based on the unified identity authentication method of social characteristic in power cloud system | |
Lim et al. | Security issues and future challenges of cloud service authentication | |
TWI632798B (en) | Server, mobile terminal, and network real-name authentication system and method | |
CN107948156A (en) | The closed key management method and system of a kind of identity-based | |
CN1731723A (en) | Electron/handset token dynamic password identification system | |
CN108769020A (en) | A kind of the identity attribute proof system and method for secret protection | |
WO2012146537A1 (en) | Method for securely creating a new user identity within an existing cloud account in a cloud system | |
CN104993926A (en) | Hierarchical key management system and method based on cloud computing in smart power grid | |
CN111241492A (en) | Product multi-tenant secure credit granting method, system and electronic equipment | |
CN102916965A (en) | Safety authentication mechanism and safety authentication system thereof for cloud service interfaces | |
CN103347018A (en) | Long-distance identity authentication method based on intelligent card and under multiple-service environment | |
CN104125230A (en) | Short message authentication service system and authentication method | |
CN103973714A (en) | E-mail account generating method and system | |
CN103312672A (en) | Identity authentication method and system | |
CN104506480A (en) | Cross-domain access control method and system based on marking and auditing combination | |
Moghaddam et al. | UAA: user authentication agent for managing user identities in cloud computing environments | |
US9716707B2 (en) | Mutual authentication with anonymity |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
DD01 | Delivery of document by public notice | ||
DD01 | Delivery of document by public notice |
Addressee: GUANGZHOU XINGHAI INTELLIGENCE HOME SYSTEM INTEGRATION CO., LTD. Document name: Notification of Publication and of Entering the Substantive Examination Stage of the Application for Invention |
|
DD01 | Delivery of document by public notice | ||
DD01 | Delivery of document by public notice |
Addressee: Guangzhou Kuzhi Electronic Technology Co., Ltd. Document name: Notification that Application Deemed to be Withdrawn |
|
WD01 | Invention patent application deemed withdrawn after publication | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20161207 |