CN106453431B - The method authenticated between internet system is realized based on PKI - Google Patents
The method authenticated between internet system is realized based on PKI Download PDFInfo
- Publication number
- CN106453431B CN106453431B CN201611175822.9A CN201611175822A CN106453431B CN 106453431 B CN106453431 B CN 106453431B CN 201611175822 A CN201611175822 A CN 201611175822A CN 106453431 B CN106453431 B CN 106453431B
- Authority
- CN
- China
- Prior art keywords
- server
- terminal
- key
- public key
- termination
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The present invention relates to authentication techniques.The present invention is to solve the not high problems of existing conventional authentication flow path efficiency, provide a kind of method realized based on PKI and authenticated between internet system, its technical solution can be summarized as: server and terminal initiate to activate to authentication platform respectively first, when server and the session connection of terminal first time, separately verify respective identity, server need to configure corresponding security strategy when verifying, rear server and terminal is proved to be successful to be confirmed whether to need using Encryption Algorithm according to security strategy, subsequent session is normally handled if not needing, if desired then server and terminal arranging key, key is saved respectively, data interaction is carried out by key between last server and terminal.The invention has the advantages that data safety when guaranteeing entire session connection, suitable for being authenticated between internet system.
Description
Technical field
The present invention relates to authentication techniques, are specifically designed the technology authenticated between internet system.
Background technique
With internet rapid proliferation and development, various network applications have obtained quick development, such as e-commerce, electricity
Traditional commercial activity and office mode are transferred to mobile networkization, informationization by sub- government affairs, Internet securities and Web bank etc.
Environment, but due to the opening of internet and lack unified standard, promote internet bring people it is convenient after,
Also the problem of bringing information security, problem the most significantLegitimacy, the data of authentication including network entity pass
The non repudiation of defeated integrality and both parties.The best precautionary measures are exactly that establish a set of with digital certificate be to recognize at present
Demonstrate,prove the security mechanism on basis.
A set of system that current tradition CA (certificate management authority) is established based on RSA public-key cryptosystem, it is main at present to use
In bank, financial system, it to be mainly characterized by safety relatively high, but process CIMS is cumbersome, inefficient, is not suitable for
The business scenario of high concurrent, High Availabitity, high-performance and high load that internet is respectively applied carry out using.
Summary of the invention
The invention aims to solve the problems, such as that current conventional authentication flow path efficiency is not high, provide a kind of based on PKI
Realize the method authenticated between internet system.
The present invention solves its technical problem, the technical solution adopted is that, the side authenticated between internet system is realized based on PKI
Method, which comprises the following steps:
Step 1, server and terminal are initiated to activate to authentication platform respectively, and server storage server ID, server are public
Key, privacy key, Termination ID and terminal public key, terminal stores end ID, terminal public key, terminal secret key and server public key;
When step 2, server and terminal first time session connection, respective identity is separately verified, server need to match when verifying
Corresponding security strategy is set, enters step 3 after being proved to be successful;
Step 3, server and terminal are confirmed whether to need according to security strategy using Encryption Algorithm, if desired then enter step
Rapid 4, otherwise normally handle subsequent session;
Step 4, server and terminal arranging key, respectively save key;
Data interaction is carried out by key between step 5, server and terminal.
Specifically, the server and terminal are initiated to activate to authentication platform respectively, server storage service in step 1
Device ID, server public key, privacy key, Termination ID and terminal public key, terminal stores end ID, terminal public key, terminal secret key
And in server public key, server initiates the method activated to authentication platform are as follows:
Step 101, server set are integrated with ECC algorithm and certification are flat at server S DK packet in the server S DK packet
Platform certificate;
Step 102, server initiate activation request to authentication platform, to the relevant information of authentication platform upload server;
Step 103, authentication platform are audited according to the relevant information of the server of upload, generate service after the approval
Device ID, and signed using the private key of authentication platform to server ID, the first signature value is obtained, by the first signature value and audit
As a result it is sent to server;
Step 104, server receive the first signature value, are verified, are proved to be successful to it according to authentication platform certificate
Server ID is then obtained, enters step 105, otherwise it is assumed that authentication platform is illegal, returns to step 102;
Step 105, server calls ECC algorithm generate the server public key and privacy key of ECC algorithm, pass through clothes
Business device private key signs to server ID, obtains the second signature value, and it is sent jointly to certification with server public key and is put down
Platform;
Step 106, authentication platform verify to the second signature value received according to the server public key received
To server ID, and storage server public key.
Further, in step 101, the relevant information of the server include server application ID, server domain name and
MAC address of server.
Specifically, the server and terminal are initiated to activate to authentication platform respectively, server storage service in step 1
Device ID, server public key, privacy key, Termination ID and terminal public key, terminal stores end ID, terminal public key, terminal secret key
And in server public key, terminal initiates the method activated to authentication platform are as follows:
Step 107, terminal integrated terminal SDK packet are integrated with ECC algorithm and authentication platform certificate in the terminal SDK packet;
Step 108, terminal initiate activation request, the relevant information of transmission terminal on authentication platform to authentication platform;
Step 109, authentication platform are audited according to the relevant information of the terminal of upload, generate terminal after the approval
ID, and signed using the private key of authentication platform to Termination ID, third signature value is obtained, by third signature value and auditing result
It is sent to terminal;
Step 110, terminal receive third signature value, are verified, are proved to be successful then to it according to authentication platform certificate
Termination ID is obtained, enters step 111, otherwise it is assumed that authentication platform is illegal, returns to step 108;
Step 111, terminal call ECC algorithm, generate the terminal public key and terminal secret key of ECC algorithm, pass through terminal secret key
It signs to Termination ID, obtains the 4th signature value, and it is sent jointly into authentication platform with terminal public key;
Step 112, authentication platform are verified to obtain according to the terminal public key received to the 4th signature value received
Termination ID, and terminal public key is stored, while terminal public key and Termination ID are sent to server and stored, and server is public
Key returns to terminal and is stored.
Further, in step 107, the relevant information of the terminal includes terminal sn (sequence number), terminal MAC address
And terminal versions number.
Specifically, when the server is with the session connection of terminal first time, separately verifying respective identity in step 2, verify
When server need to configure corresponding security strategy, entered step in 3 after being proved to be successful, the method for server authentication terminal identity
Are as follows:
Step 201, terminal generate a random value, it is formed a termination character string with Termination ID;
Step 202, terminal sign to termination character string by the ECC algorithm in terminal secret key and terminal SDK packet, obtain
To the 5th signature value, it is sent jointly into server with Termination ID;
Step 203, server receive the 5th signature value and Termination ID, and the corresponding end of storage is found according to Termination ID
Hold public key, using in server S DK packet ECC algorithm and terminal public key verifying parsing is carried out to the 5th signature value, if verifying solve
It analyses and successfully then obtains Termination ID and random value, it is believed that be proved to be successful, otherwise it is assumed that authentication failed, returns to authentication failed information, return
To step 201.
Further, in step 2, when the server is with the session connection of terminal first time, respective identity is separately verified,
Server need to configure corresponding security strategy when verifying, enter step in 3 after being proved to be successful, the side of terminal authentication server identity
Method are as follows:
Step 204, when server authentication terminal success after, server configures the security strategy of the session;
Step 205, server can parse the server word of this security strategy according to one terminal of security strategy generation
Symbol string;
Step 206, server by the ECC algorithm in privacy key and server S DK packet to server character string into
Row signature, obtains the 6th signature value, returns to terminal;
Step 207, terminal receive the 6th signature value, in the server public key and terminal SDK packet using itself storage
ECC algorithm carries out verifying parsing to it, obtains the security strategy of the session if verifying successfully resolved, and test to server feedback
It demonstrate,proves successfully and Termination ID otherwise to server feedback authentication failed and Termination ID returns to step 205.
Specifically, whether the security strategy includes whether data encrypt or being needed in conversation procedure in step 204
The encryption carried out when needing to encrypt data in completeness check and conversation procedure to the data in conversation procedure is calculated
Method.
Further, step 4 the following steps are included:
Step 401, server generate key according to the Encryption Algorithm in security strategy, it is formed key word with Termination ID
Symbol string;
Step 402, server are inquired to obtain corresponding terminal public key by Termination ID, use the ECC in server S DK packet
Algorithm and terminal public key encrypt key string, are sent to terminal;
Step 403, terminal are decrypted the encrypted key string received using the terminal secret key of itself, if
Successful decryption then obtains key string, and obtains success message to server feedback key, and server receives key acquisition
The key is saved after success message, is otherwise obtained failed message to server feedback, is returned to step 401.
The invention has the advantages that in the present invention program, by being authenticated between the above-mentioned realization internet system based on PKI
Method, the process of certification and arranging key between server and terminal, only needing to shake hands for 4 times if all successes can be complete
At, and can guarantee data safety when entire session connection, the privacy including authentication, the completeness check of data and data
Property, according to the scene of different business, it can flexibly carry out the configuration of security strategy.This mode, has adapted to internet
The authentication system of lightweight ensure that the loss of performance is reduced at least, while ensure that the communication security in cloud.
Specific embodiment
Below with reference to embodiment, the technical schemes of the invention are described in detail.
It is of the present invention that the method that authenticates between internet system is realized based on PKI are as follows: first server and terminal respectively to
Authentication platform initiates activation, and server storage server ID, server public key, privacy key, Termination ID and terminal public key are whole
When end storage Termination ID, terminal public key, terminal secret key and server public key, server and the session connection of terminal first time, respectively
Verify respective identity, server need to configure corresponding security strategy when verifying, be proved to be successful rear server and terminal according to safety
Strategy is confirmed whether to need normally to handle subsequent session if not needing using Encryption Algorithm, if desired server and terminal
Arranging key respectively saves key, carries out data interaction by key between last server and terminal.
Embodiment
The embodiment of the present invention realizes the method authenticated between internet system based on PKI comprising following steps:
Step 1, server and terminal are initiated to activate to authentication platform respectively, and server storage server ID, server are public
Key, privacy key, Termination ID and terminal public key, terminal stores end ID, terminal public key, terminal secret key and server public key.
In this step, server and terminal are initiated to activate to authentication platform respectively, server storage server ID, server
Public key, privacy key, Termination ID and terminal public key, terminal stores end ID, terminal public key, terminal secret key and server public key
In, server can be with to the method that authentication platform initiates activation are as follows:
Step 101, server set are integrated with ECC algorithm and certification are flat at server S DK packet in the server S DK packet
Platform certificate;Here, the relevant information of server includes server application ID, server domain name and MAC address of server etc.;
Step 102, server initiate activation request to authentication platform, to the relevant information of authentication platform upload server;
Step 103, authentication platform are audited according to the relevant information of the server of upload, generate service after the approval
Device ID, and signed using the private key of authentication platform to server ID, the first signature value is obtained, by the first signature value and audit
As a result it is sent to server;
Step 104, server receive the first signature value, are verified, are proved to be successful to it according to authentication platform certificate
Server ID is then obtained, enters step 105, otherwise it is assumed that authentication platform is illegal, returns to step 102;
Step 105, server calls ECC algorithm generate the server public key and privacy key of ECC algorithm, pass through clothes
Business device private key signs to server ID, obtains the second signature value, and it is sent jointly to certification with server public key and is put down
Platform;
Step 106, authentication platform verify to the second signature value received according to the server public key received
To server ID, and storage server public key.
Server and terminal are initiated to activate to authentication platform respectively, server storage server ID, server public key, service
Device private key, Termination ID and terminal public key, in terminal stores end ID, terminal public key, terminal secret key and server public key, terminal to
The method that authentication platform initiates activation can be with are as follows:
Step 107, terminal integrated terminal SDK packet are integrated with ECC algorithm and authentication platform certificate in the terminal SDK packet;
Here, the relevant information of terminal includes terminal sn (sequence number), terminal MAC address and terminal versions number etc.;
Step 108, terminal initiate activation request, the relevant information of transmission terminal on authentication platform to authentication platform;
Step 109, authentication platform are audited according to the relevant information of the terminal of upload, generate terminal after the approval
ID, and signed using the private key of authentication platform to Termination ID, third signature value is obtained, by third signature value and auditing result
It is sent to terminal;
Step 110, terminal receive third signature value, are verified, are proved to be successful then to it according to authentication platform certificate
Termination ID is obtained, enters step 111, otherwise it is assumed that authentication platform is illegal, returns to step 108;
Step 111, terminal call ECC algorithm, generate the terminal public key and terminal secret key of ECC algorithm, pass through terminal secret key
It signs to Termination ID, obtains the 4th signature value, and it is sent jointly into authentication platform with terminal public key;
Step 112, authentication platform are verified to obtain according to the terminal public key received to the 4th signature value received
Termination ID, and terminal public key is stored, while terminal public key and Termination ID are sent to server and stored, and server is public
Key returns to terminal and is stored.
When step 2, server and terminal first time session connection, respective identity is separately verified, server need to match when verifying
Corresponding security strategy is set, enters step 3 after being proved to be successful.
In this step, server and when the session connection of terminal first time separately verifies respective identity, and server needs when verifying
Corresponding security strategy is configured, is entered step in 3 after being proved to be successful, the method for server authentication terminal identity is preferred are as follows:
Step 201, terminal generate a random value, it is formed a termination character string with Termination ID;
Step 202, terminal sign to termination character string by the ECC algorithm in terminal secret key and terminal SDK packet, obtain
To the 5th signature value, it is sent jointly into server with Termination ID;
Step 203, server receive the 5th signature value and Termination ID, and the corresponding end of storage is found according to Termination ID
Hold public key, using in server S DK packet ECC algorithm and terminal public key verifying parsing is carried out to the 5th signature value, if verifying solve
It analyses and successfully then obtains Termination ID and random value, it is believed that be proved to be successful, otherwise it is assumed that authentication failed, returns to authentication failed information, return
To step 201.
Server and when the session connection of terminal first time, separately verifies respective identity, and server need to configure correspondence when verifying
Security strategy, entered step in 3 after being proved to be successful, the method for terminal authentication server identity is preferred are as follows:
Step 204, when server authentication terminal success after, server configures the security strategy of the session;Here, safe plan
It slightly include whether encrypt to data or whether needing to carry out completeness check to the data in conversation procedure in conversation procedure,
And Encryption Algorithm when needing to encrypt data in conversation procedure etc.;
Step 205, server can parse the server word of this security strategy according to one terminal of security strategy generation
Symbol string;
Step 206, server by the ECC algorithm in privacy key and server S DK packet to server character string into
Row signature, obtains the 6th signature value, returns to terminal;
Step 207, terminal receive the 6th signature value, in the server public key and terminal SDK packet using itself storage
ECC algorithm carries out verifying parsing to it, obtains the security strategy of the session if verifying successfully resolved, and test to server feedback
It demonstrate,proves successfully and Termination ID otherwise to server feedback authentication failed and Termination ID returns to step 205.
Step 3, server and terminal are confirmed whether to need according to security strategy using Encryption Algorithm, if desired then enter step
Rapid 4, otherwise normally handle subsequent session.
Step 4, server and terminal arranging key, respectively save key.
This step may include step in detail below:
Step 401, server generate key according to the Encryption Algorithm in security strategy, it is formed key word with Termination ID
Symbol string;
Step 402, server are inquired to obtain corresponding terminal public key by Termination ID, use the ECC in server S DK packet
Algorithm and terminal public key encrypt key string, are sent to terminal;
Step 403, terminal are decrypted the encrypted key string received using the terminal secret key of itself, if
Successful decryption then obtains key string, and obtains success message to server feedback key, and server receives key acquisition
The key is saved after success message, is otherwise obtained failed message to server feedback, is returned to step 401.
Data interaction is carried out by key between step 5, server and terminal.
Claims (7)
1. realizing the method authenticated between internet system based on PKI, which comprises the following steps:
Step 1, server and terminal are initiated to activate to authentication platform respectively, server storage server ID, server public key, clothes
Business device private key, Termination ID and terminal public key, terminal stores end ID, terminal public key, terminal secret key and server public key, wherein
The method that server initiates activation to authentication platform are as follows:
Step 101, server set are integrated with ECC algorithm and authentication platform card at server S DK packet in the server S DK packet
Book;
Step 102, server initiate activation request to authentication platform, to the relevant information of authentication platform upload server;
Step 103, authentication platform are audited according to the relevant information of the server of upload, generate server after the approval
ID, and signed using the private key of authentication platform to server ID, the first signature value is obtained, the first signature value and audit are tied
Fruit is sent to server;
Step 104, server receive the first signature value, are verified according to authentication platform certificate to it, are proved to be successful and then obtain
To server ID, 105 are entered step, otherwise it is assumed that authentication platform is illegal, returns to step 102;
Step 105, server calls ECC algorithm generate the server public key and privacy key of ECC algorithm, pass through server
Private key signs to server ID, obtains the second signature value, and it is sent jointly to authentication platform with server public key;
Step 106, authentication platform are verified the second signature value received according to the server public key received and are taken
Be engaged in device ID, and storage server public key;
The method that terminal initiates activation to authentication platform are as follows:
Step 107, terminal integrated terminal SDK packet are integrated with ECC algorithm and authentication platform certificate in the terminal SDK packet;
Step 108, terminal initiate activation request, the relevant information of transmission terminal on authentication platform to authentication platform;
Step 109, authentication platform are audited according to the relevant information of the terminal of upload, generate Termination ID after the approval, and
It is signed using the private key of authentication platform to Termination ID, obtains third signature value, third signature value and auditing result are sent
To terminal;
Step 110, terminal receive third signature value, are verified, are proved to be successful to it according to authentication platform certificate, obtained
Termination ID enters step 111, otherwise it is assumed that authentication platform is illegal, returns to step 108;
Step 111, terminal call ECC algorithm, the terminal public key and terminal secret key of ECC algorithm are generated, by terminal secret key to end
End ID signs, and obtains the 4th signature value, and it is sent jointly to authentication platform with terminal public key;
Step 112, authentication platform are verified to obtain terminal according to the terminal public key received to the 4th signature value received
ID, and terminal public key is stored, while terminal public key and Termination ID are sent to server and stored, and server public key is returned
It is stored back to terminal:
When step 2, server and terminal first time session connection, respective identity is separately verified, server need to configure pair when verifying
The security strategy answered enters step 3 after being proved to be successful;
Step 3, server and terminal are confirmed whether to need if desired then to enter step 4 using Encryption Algorithm according to security strategy,
Otherwise subsequent session is normally handled;
Step 4, server and terminal arranging key, respectively save key;
Data interaction is carried out by key between step 5, server and terminal.
2. the method authenticated between internet system is realized based on PKI as described in claim 1, which is characterized in that step 101
In, the relevant information of the server includes server application ID, server domain name and MAC address of server.
3. the method authenticated between internet system is realized based on PKI as described in claim 1, which is characterized in that step 107
In, the relevant information of the terminal includes terminal sn, terminal MAC address and terminal versions number.
4. realizing the method authenticated between internet system based on PKI as described in claims 1 or 2 or 3, which is characterized in that step
In rapid 2, the server and when the session connection of terminal first time separately verifies respective identity, and server need to configure pair when verifying
The security strategy answered enters step in 3 after being proved to be successful, the method for server authentication terminal identity are as follows:
Step 201, terminal generate a random value, it is formed a termination character string with Termination ID;
Step 202, terminal sign to termination character string by the ECC algorithm in terminal secret key and terminal SDK packet, obtain
It is sent jointly to server with Termination ID by five signature values;
Step 203, server receive the 5th signature value and Termination ID, and the corresponding terminal for finding storage according to Termination ID is public
Key, using in server S DK packet ECC algorithm and terminal public key verifying parsing is carried out to the 5th signature value, if verifying be parsed into
Function then obtains Termination ID and random value, it is believed that is proved to be successful, otherwise it is assumed that authentication failed, returns to authentication failed information, return to step
Rapid 201.
5. the method authenticated between internet system is realized based on PKI as claimed in claim 4, which is characterized in that in step 2,
The server and when the session connection of terminal first time, separately verifies respective identity, and server need to configure corresponding peace when verifying
Full strategy, enters step in 3, the method for terminal authentication server identity after being proved to be successful are as follows:
Step 204, when server authentication terminal success after, server configures the security strategy of the session;
Step 205, server can parse the server character string of this security strategy according to one terminal of security strategy generation;
Step 206, server sign server character string by the ECC algorithm in privacy key and server S DK packet
Name, obtains the 6th signature value, returns to terminal;
Step 207, terminal receive the 6th signature value, are calculated using the ECC in the server public key and terminal SDK packet of itself storage
Method carries out verifying parsing to it, obtains the security strategy of the session if verifying successfully resolved, and to server feedback verifying at
Function and Termination ID return to step 205 otherwise to server feedback authentication failed and Termination ID.
6. the method authenticated between internet system is realized based on PKI as claimed in claim 5, which is characterized in that step 204
In, the security strategy include in conversation procedure whether to data carry out encrypt or whether need to the data in conversation procedure into
Encryption Algorithm when needing to encrypt data in row completeness check and conversation procedure.
7. realizing the method that authenticates between internet system based on PKI as claimed in claim 6, which is characterized in that step 4 includes
Following steps:
Step 401, server generate key according to the Encryption Algorithm in security strategy, it is formed key character with Termination ID
String;
Step 402, server are inquired to obtain corresponding terminal public key by Termination ID, use the ECC algorithm in server S DK packet
And terminal public key encrypts key string, is sent to terminal;
Step 403, terminal are decrypted the encrypted key string received using the terminal secret key of itself, if decryption
It is successful then obtain key string, and success message is obtained to server feedback key, server receives key and obtains successfully
The key is saved after message, is otherwise obtained failed message to server feedback, is returned to step 401.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611175822.9A CN106453431B (en) | 2016-12-19 | 2016-12-19 | The method authenticated between internet system is realized based on PKI |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611175822.9A CN106453431B (en) | 2016-12-19 | 2016-12-19 | The method authenticated between internet system is realized based on PKI |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106453431A CN106453431A (en) | 2017-02-22 |
CN106453431B true CN106453431B (en) | 2019-08-06 |
Family
ID=58217525
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201611175822.9A Active CN106453431B (en) | 2016-12-19 | 2016-12-19 | The method authenticated between internet system is realized based on PKI |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106453431B (en) |
Families Citing this family (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107135219B (en) * | 2017-05-05 | 2020-04-28 | 四川长虹电器股份有限公司 | Internet of things information secure transmission method |
CN107919956B (en) * | 2018-01-04 | 2020-09-22 | 重庆邮电大学 | End-to-end safety guarantee method in cloud environment facing to Internet of things |
CN108959908B (en) * | 2018-08-03 | 2021-02-02 | 深圳市思迪信息技术股份有限公司 | Method, computer equipment and storage medium for authenticating mobile platform accessing SDK |
CN110535641B (en) * | 2019-08-27 | 2022-06-10 | 中国神华能源股份有限公司神朔铁路分公司 | Key management method and apparatus, computer device, and storage medium |
CN110955542B (en) * | 2019-12-11 | 2023-03-24 | 深圳盈佳信联科技有限公司 | Data integration service platform |
CN111212066B (en) * | 2019-12-31 | 2022-04-01 | 浙江工业大学 | Dynamic allocation request verification method |
CN112039918B (en) * | 2020-09-10 | 2021-08-06 | 四川长虹电器股份有限公司 | Internet of things credible authentication method based on identification cryptographic algorithm |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101431415A (en) * | 2008-12-12 | 2009-05-13 | 天柏宽带网络科技(北京)有限公司 | Bidirectional authentication method |
CN101488847A (en) * | 2008-01-18 | 2009-07-22 | 华为技术有限公司 | Method, apparatus and system for data ciphering |
CN101720071A (en) * | 2009-12-01 | 2010-06-02 | 郑州信大捷安信息技术有限公司 | Short message two-stage encryption transmission and secure storage method based on safety SIM card |
CN103634266A (en) * | 2012-08-21 | 2014-03-12 | 上海凌攀信息科技有限公司 | A bidirectional authentication method for a server and a terminal |
CN103812871A (en) * | 2014-02-24 | 2014-05-21 | 北京明朝万达科技有限公司 | Development method and system based on mobile terminal application program security application |
-
2016
- 2016-12-19 CN CN201611175822.9A patent/CN106453431B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101488847A (en) * | 2008-01-18 | 2009-07-22 | 华为技术有限公司 | Method, apparatus and system for data ciphering |
CN101431415A (en) * | 2008-12-12 | 2009-05-13 | 天柏宽带网络科技(北京)有限公司 | Bidirectional authentication method |
CN101720071A (en) * | 2009-12-01 | 2010-06-02 | 郑州信大捷安信息技术有限公司 | Short message two-stage encryption transmission and secure storage method based on safety SIM card |
CN103634266A (en) * | 2012-08-21 | 2014-03-12 | 上海凌攀信息科技有限公司 | A bidirectional authentication method for a server and a terminal |
CN103812871A (en) * | 2014-02-24 | 2014-05-21 | 北京明朝万达科技有限公司 | Development method and system based on mobile terminal application program security application |
Also Published As
Publication number | Publication date |
---|---|
CN106453431A (en) | 2017-02-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106453431B (en) | The method authenticated between internet system is realized based on PKI | |
CN104618120B (en) | A kind of mobile terminal key escrow digital signature method | |
CN104506534B (en) | Secure communication key agreement interaction schemes | |
CA2812847C (en) | Mobile handset identification and communication authentication | |
CN107040513B (en) | Trusted access authentication processing method, user terminal and server | |
CN107277061A (en) | End cloud security communication means based on IOT equipment | |
Jiang et al. | Cryptanalysis of smart‐card‐based password authenticated key agreement protocol for session initiation protocol of Zhang et al. | |
US10742426B2 (en) | Public key infrastructure and method of distribution | |
US20100185860A1 (en) | Method for authenticating a communication channel between a client and a server | |
CN102404347A (en) | Mobile internet access authentication method based on public key infrastructure | |
CN104901935A (en) | Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem) | |
CN108111497A (en) | Video camera and server inter-authentication method and device | |
CN109525565B (en) | Defense method and system for short message interception attack | |
CN107094156A (en) | A kind of safety communicating method and system based on P2P patterns | |
CN109639426A (en) | Bidirectional self-authentication method based on identification password | |
CN106685983A (en) | Data recovery method and device based on SSL protocol | |
CN110690969B (en) | Method and system for achieving bidirectional SSL/TLS authentication through multiparty cooperation | |
CN113726524A (en) | Secure communication method and communication system | |
CN108769029A (en) | It is a kind of to application system authentication device, method and system | |
CN109272314A (en) | A kind of safety communicating method and system cooperateing with signature calculation based on two sides | |
CN110519304A (en) | HTTPS mutual authentication method based on TEE | |
Cui et al. | Security analysis of openstack keystone | |
CN114650173A (en) | Encryption communication method and system | |
Dorey et al. | Indiscreet Logs: Diffie-Hellman Backdoors in TLS. | |
CN102664735A (en) | Implementation method for secure session of mobile phone lottery system based on public key |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |