CN106487502B - Lightweight key negotiation method based on password - Google Patents

Lightweight key negotiation method based on password Download PDF

Info

Publication number
CN106487502B
CN106487502B CN201510558046.XA CN201510558046A CN106487502B CN 106487502 B CN106487502 B CN 106487502B CN 201510558046 A CN201510558046 A CN 201510558046A CN 106487502 B CN106487502 B CN 106487502B
Authority
CN
China
Prior art keywords
user
sid
key
data
session
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201510558046.XA
Other languages
Chinese (zh)
Other versions
CN106487502A (en
Inventor
李钊
高昆仑
郑晓崑
赵保华
赵婷
王志皓
杨博龙
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Corp of China SGCC
State Grid Hebei Electric Power Co Ltd
Global Energy Interconnection Research Institute
Original Assignee
State Grid Corp of China SGCC
State Grid Hebei Electric Power Co Ltd
Global Energy Interconnection Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid Corp of China SGCC, State Grid Hebei Electric Power Co Ltd, Global Energy Interconnection Research Institute filed Critical State Grid Corp of China SGCC
Priority to CN201510558046.XA priority Critical patent/CN106487502B/en
Publication of CN106487502A publication Critical patent/CN106487502A/en
Application granted granted Critical
Publication of CN106487502B publication Critical patent/CN106487502B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Abstract

The invention relates to a password-based lightweight key negotiation method, which comprises two steps of forward transmission and backward transmission, and specifically comprises the following steps: initializing key negotiation; the first round of forward transmission, data by user U1To user UnDelivery then user UnSending the data to a trusted server S; the second round of reverse transmission, the data is transmitted to the user U after being verified by the credible server SnThen the data is transmitted by the user UnTo pass U1And (5) delivery. The key negotiation method of the invention avoids the requirement of accurate synchronization for time and solves the problem of high energy consumption of frequent broadcasting of synchronous signals; in the key negotiation process, most of the nodes only process data and do not transmit the data, so that the energy consumption in the key negotiation process is effectively reduced. The method provided by the invention has negotiation irrelevant to the entropy of the signal, adopts a weak time synchronization method and a preset key technology, and has good anti-attack performance.

Description

Lightweight key negotiation method based on password
Technical Field
The invention relates to the field of information security, in particular to a lightweight key negotiation method based on a password.
Background
The key agreement is a method for two or more parties to agree on a shared key through a public network, and the execution of the agreement requires the cooperation of the participating parties. Before negotiation, each party typically holds some secret information. Among them, a password is a kind of commonly used secret information. Passwords are typically short in length, typically consisting of four to eight digits or letters, easy to remember, but are less secure and easily guessed by an exhaustive list of possible password combinations. Therefore, before the actual session, the session key needs to be negotiated through the password. Because the key usually has a long number of bits, the key is difficult to be obtained through exhaustion, and the security strength of the session is improved.
Invention patent application, application number: 201210349976.0 discloses a wireless network lightweight authentication key agreement protocol based on digital certificates, which relates to a lightweight authentication key agreement protocol applicable to wireless networks, based on a 'certificate private key-protection key' dual authentication system and a 'protection key' dynamic agreement mechanism, and combines public key cryptography and shared dynamic protection keys to perform dual authentication on user identities, and users verify session holding and private key possession by exchanging certificates and private key signatures, perform first re-authentication, and perform second re-authentication by sharing protection keys. The protocol utilizes the exchange of the important parameters protected by the shared protection key of the two parties after the last conversation is finished, and uses the protection key newly calculated by the current conversation to confirm the correctness of the key, and each round of communication can verify the correctness of the key while exchanging the parameters. The negotiation and parameter exchange of the key group adopt simple bit operation, and the confirmation of key updating is completed through Finished messages. The protocol sets the session ID to dynamically select whether to calculate the session key by using the shared old parameters, so that the flexibility of the protocol is enhanced while the security and the high efficiency are ensured.
Invention patent application, application number: 201080008115.5 discloses an identity-based authenticated key agreement protocol. A key agreement protocol between a first party and a second party comprises the following steps from the perspective of the first party. Sending an encrypted first random key component to the second party, the first random key component encrypted using a public key of the second party in accordance with an identity-based encryption operation. An encrypted random key component pair is received from the second party, the encrypted random key component pair being formed from a first random key component and a second random key component computed at the second party, and encrypted at the second party according to an identity-based encryption operation using a public key of the first party. Sending the second random key component in encrypted form to the second party, the second random key component being encrypted using the public key of the second party. Keys for subsequent communication between the first and second parties may be calculated at the first and second parties from the first and second random key components.
Invention patent application, application number: 201310226205.7 discloses a wireless local area network security communication method based on quantum key distribution, the invention provides a wireless local area network security communication method based on quantum key distribution, the method includes the following steps: (1) identity authentication based on the quantum key is carried out; (2) carrying out quantum key agreement; (3) encryption is started. The method of the invention avoids forging the access point and exchanging information with the applicant, wasting system resources or causing denial of service attack; the two-way authentication between the applicant and the authentication server and between the applicant and the authenticator is realized, and the safety of identity authentication is greatly improved; the message verification in the key agreement is protected by a key generated in the identity authentication, and attacks such as man-in-the-middle tampering and the like can be prevented; the key agreement based on the quantum technology ensures the safety by the physical law, has indecipherability, can resist the decoding of a quantum computer with strong computing power, and improves the safety of the whole system.
Invention patent application, application number: 201210304387.0 discloses a symmetric key agreement method for wireless body area network. The symmetric key negotiation method of the wireless body area network is characterized in that the node A acquires physiological signals at any moment and sets the physiological signals as the physiological signals; then, based on the generated shared secret key, the data is transmitted to the node B in a hidden form; the node B extracts physiological signals with the same time, performs noise removal processing and verifies whether the values are correct or not; if the key is correct, solving a negotiation key; if not, the physiological signal is acquired near the moment, and the key is continuously obtained.
The above patent applications are based on certificates, user identities, quanta, physiological signals, etc. respectively, and negotiate a session key between users, and most nodes transmit data in the key negotiation process, which increases energy consumption in the key negotiation process. The key agreement is related to the entropy of the signal and has no good anti-attack performance.
Disclosure of Invention
In order to solve the defects in the prior art, the invention aims to provide a password-based lightweight key agreement method, which avoids the requirement of accurate synchronization on time and solves the problem of high energy consumption of frequent broadcasting of synchronization signals; in the key negotiation process, most of the nodes only process data and do not transmit the data, so that the energy consumption in the key negotiation process is effectively reduced. The method has negotiation irrelevant to the entropy of the signal, adopts a weak time synchronization method and a preset key technology, and has good anti-attack performance.
The purpose of the invention is realized by adopting the following technical scheme:
the invention provides a lightweight key agreement method based on password, comprising two steps of forward transmission and backward transmission, and the improvement is that the key agreement method comprises the following steps:
A. initializing key negotiation;
B. the first round of forward transmission, data by user U1To user UnDelivery then user UnSending the data to a trusted server S;
C. the second round of reverse transmission, the data is transmitted to the user U after being verified by the credible server SnThen the data is transmitted by the user UnTo pass U1And (5) delivery.
Further, the step a comprises the steps of:
A1. the key agreement adopts a key agreement protocol which comprises n user U1,…,UnAnd a trusted serviceA device S; let user U1User U as initiator of key agreementnIs the last user and is adjacent to the trusted server S;
A2. trusted server S sends N users U1,…,UnPublishes its own public key PpubKeeps its own private key Ppri(ii) a N users U1,…,UnEncrypted information can be sent to the trusted server S, and the server is decrypted by a private key of the server; n users U1,…,UnNo information is shared between every two;
A3. each user UiSharing a password pw with the trusted server SiWherein i =1, …, n;
A4. defining a p-order finite circulation group G, and taking an element G on the p-order finite circulation group G;
A5. defining three hash functions h1,h2,h3(ii) a Wherein the hash function h1For generating session identities, hash functions h2Hash function h for correctness verification3For generating a session key;
Figure BDA0000794953500000031
l1、l2、l3all represent fixed lengths; denotes an arbitrary length,/1、l2、l3512bits and 1024bits are selected according to actual needs.
Further, the step B includes the steps of:
B1. for key agreement initiator user U1: computing session identity sid = h1(U1,…,Un) Then two random numbers x are selected1,R1∈Zp,ZpRepresenting the prime number field modulo p; computing
Figure BDA0000794953500000033
And handle (sid, U)1,…,Un,N1,M1) To the next user U2(ii) a x1 denotes the prime number field Z modulo ppE represents the encryption,
Figure BDA0000794953500000034
is made of PpubFor encryption of the key, N1、M1Are all intermediate results of the calculation;
B2. for user UiI =1, …, n-1: two random numbers x are selectedi,Ri,∈ZpCalculating
Figure BDA0000794953500000035
Figure BDA0000794953500000036
And handle (sid, U)1,…,Un,N1,M1,…,Ni,Mi) To the next user Ui+1
B3. For user Un: the final (sid, U) is operated as the other n-1 users1,…,Un,N1,M1,…,Nn,Mn) And sending to the trusted server S.
Further, the step C includes the steps of:
C1. for the trusted server S: receive (sid, U)1,…,Un,N1,M1,…,Nn,Mn) Then, the trusted server S decrypts the session identifier sid to the user U by using the private key thereof1
Figure BDA0000794953500000037
And a random number R1First, the session identification sid = h is verified1(U1,…,Un) (ii) a Then checking
Figure BDA0000794953500000038
Whether or not it is equal to received N1With session identity sid and user U1Shared pw1The result of the exclusive or; if the two are equal, the credible server S continues to pair N2,M2,…,Nn,MnThe same check is made; if there is a failure, the procedure terminates; after all checks have passed, the trusted server S acknowledges (sid, U)1,…,Un,N1,M1,…,Nn,Mn) Legality; and selecting a random number s ∈ ZpCalculating
Figure BDA0000794953500000039
Figure BDA0000794953500000041
i=2,…,n,M′i=h2(sid||Ui||RiN), i =1, …, N, will generate
Figure BDA0000794953500000043
Sent to user Un
C2. For user Un: upon receipt, the session identity sid = h is first verified1(U1,…,Un) Sequentially calculating and hashing function h2(sid||Un||RnN) and validating hash function h2(sid||Un||Rn||N)=M′n(ii) a If the verification is passed, sequentially calculating the session key K = h3(sid N) andi =1, …, n, to be sent to user Un-1(ii) a If the verification fails, sending error information;
C3. for user UiI =2, …, n-1: upon receipt, the session identity sid = h is first verified1(U1,…,Un) Sequentially calculating and hashing function h2(sid||Ui||Ri| N) and verifying that the hash function passes verification, sequentially calculating a session key K = h3(sid N) and
Figure BDA00007949535000000411
will be sent to user Ui-1(ii) a If the verification fails, sending error information;
C4. for user U1: receive from
Figure BDA00007949535000000413
Thereafter, first the session identification sid = h is verified1(U1,…,Un) Sequentially calculate
Figure BDA00007949535000000414
And a hash function h2(sid||U1||R1N) and verifies the hash function h2(sid||U1||R1||N)=M′1(ii) a If the verification is passed, calculating the session key K = h3(sid | | N); if the verification fails, sending error information;
wherein:
Figure BDA00007949535000000418
are all intermediate results of the calculation; x1,…,xnAll represent a prime number field Z modulo ppThe random number of (1); g represents an element on the finite cyclic group G of order p.
Further, each user of the N users of the key agreement protocol sends data once and receives data once, and the key agreement protocol is ended after the initiator of the key agreement protocol receives the returned data.
The technical scheme provided by the invention has the following excellent effects:
1. according to the lightweight key agreement method based on the password, the key agreement protocol is based on the password which is easy to remember by the user, and a high-strength session key is agreed. When the method is used, communication connection between every two users is not required, one communication party only needs to be connected to one or more communication parties close to the communication party, and the method is particularly suitable for being used in the scene of networking communication point by point in power, telecommunication and the like. Common attacks aiming at key agreement, such as online dictionary attack, offline dictionary attack, man-in-the-middle attack and the like, can be resisted, and the method has high security strength.
2. The key negotiation method of the invention avoids the requirement of accurate synchronization for time and solves the problem of high energy consumption of frequent broadcasting of synchronous signals; in the key negotiation process, most of the nodes only process data and do not transmit the data, so that the energy consumption in the key negotiation process is effectively reduced.
Drawings
FIG. 1 is a flow chart of a password-based lightweight key agreement method provided by the present invention;
FIG. 2 is a network architecture diagram of an applicable scenario provided by the present invention;
fig. 3 is a diagram of the exchange of primary data in an embodiment provided by the present invention.
Detailed Description
The following describes embodiments of the present invention in further detail with reference to the accompanying drawings.
The following description and the drawings sufficiently illustrate specific embodiments of the invention to enable those skilled in the art to practice them. Other embodiments may incorporate structural, logical, electrical, process, and other changes. The examples merely typify possible variations. Individual components and functions are optional unless explicitly required, and the sequence of operations may vary. Portions and features of some embodiments may be included in or substituted for those of others. The scope of embodiments of the invention encompasses the full ambit of the claims, as well as all available equivalents of the claims. Embodiments of the invention may be referred to herein, individually or collectively, by the term "invention" merely for convenience and without intending to voluntarily limit the scope of this application to any single invention or inventive concept if more than one is in fact disclosed.
The invention provides a password-based lightweight key agreement protocol to realize secure communication. The flow chart is shown in fig. 1, all operations of the protocol are performed on a p-order finite cyclic group G, and G is any element on G.
Figure BDA0000794953500000051
The three hash functions are respectively used for generating a session identifier, performing correctness verification and generating a session key. The system comprises N users U1,…,UnAnd a trusted server S. S discloses its public key P to all userspubKeeps its own private key Ppri. The user can send the encrypted information to the server, and the server decrypts the information by using the private key of the server. n users do not share any information, and each user UiShare a password pw with Si. Without loss of generality, we assume U1Being the initiator of the key agreement, UnThe last user and adjacent to the server S. The execution of the protocol is divided into two rounds, the first round of data is divided by U1To UnThe second round is reversely transmitted back to U1. All users send and receive once, and the protocol is in U1And ending after receiving the returned data. l1、l2、l3All represent fixed lengths; denotes an arbitrary length,/1、l2、l3512bits and 1024bits are selected according to actual needs.
The first round is as follows:
U1: calculate a session identity sid = h1(U1,…,Un) Then two random numbers x are selected1,R1,∈ZpThen calculateAnd handle (sid, U)1,…,Un,N1,M1) To the next user U2
UiI =1, …, n-1: two random numbers x are selectedi,Ri,∈ZpThen calculate
Figure BDA0000794953500000062
Figure BDA0000794953500000063
And handle(sid,U1,…,Un,N1,M1,…,Ni,Mi) To the next user Ui+1
Un: the last (sid, U) is operated as the other users1,…,Un,N1,M1,…,Nn,Mn) And sending to the trusted server S.
The second round is as follows:
s: receive (sid, U)1,…,Un,N1,M1,…,Nn,Mn) Then S decrypts M with its private key1To obtain sid to U1And R1First, sid = h is verified1(U1,…,Un). S then checks whether it equals received N1With oneself and U1Shared pw1The result of the exclusive or. If equal, S continues to pair N2,M2,…,Nn,MnThe same check is made. If there is a failure, the routine terminates. After all checks passed, S confirms (sid, U)1,…,Un,N1,M1,…,Nn,Mn) And (4) legality. Then S selects random number S belonged to Zp and calculates
Figure BDA0000794953500000066
i=2,…,n,M′i=h2(sid||Ui||Ri| N), i =1, …, N, sends the generated to Un
Un: receive from
Figure BDA0000794953500000069
After that, sid = h is first verified1(U1,…,Un) Then calculate
Figure BDA00007949535000000610
Then calculate h2(sid||Un||RnN) and verified
Figure BDA00007949535000000611
If the authentication is passed, calculating the session key K = h3(sid | | N). Next, continue to calculate
Figure BDA00007949535000000612
i =1, …, n, will
Figure BDA00007949535000000613
Is sent to Un-1. If the verification fails, an error message is sent.
UiI =2, …, n-1: upon receipt, first verify sid = h1(U1,…,Un) Then calculate h again2(sid||Ui||RiN) and verifies h2(sid||Ui||Ri||N)=M′i. If the authentication is passed, calculating the session key K = h3(sid | | N). Next, continue to calculate
Figure BDA00007949535000000616
Will be sent to Ui-1. If the verification fails, an error message is sent.
U1: receive from
Figure BDA0000794953500000072
After that, sid = h is first verified1(U1,…,Un) Then calculate
Figure BDA0000794953500000073
Then calculate h2(sid||U1||R1N) and verifies h2(sid||U1||R1||N)=M′1. If the authentication is passed, calculating the session key K ═ h3(sid | | N). If the verification fails, an error message is sent.
Wherein: n is a radical of1、M1、N2,M2,…,Nn,Mn
Figure BDA0000794953500000074
M′1,…,M′nAre all intermediate results of the calculation; x1·…·xnAll represent a prime number field Z modulo ppThe random number of (1).
Examples
The protocol operation process is described by taking a system with only three users a, B, C and a server S as an example, and the application scene structure diagram is shown in fig. 2. In the example, we ignore simple comparison verification.
A: computing session identity sid = h1(Ua,Ub,Uc) Selecting random numbers a, Ra,∈ZpCalculating Na=ga
Figure BDA0000794953500000075
Send sid, U to Ba,Ub,Uc,Na,Ma)。
B: selecting random numbers b, Rb,∈ZpCalculating Nb=(Na)b=gab Send sid, U to Ca,Ub,Uc,Na,Ma,Nb,Mb)。
C: selecting random numbers c, Rc,∈ZpCalculating Nc=(Nb)c=gabc
Figure BDA0000794953500000077
Send sid, U to Sa,Ub,Uc,Na,Ma,Nb,Mb,Nc,Mc)。
S: decrypting to obtain Na,Ma,Nb,Mb,Nc,McRandomly selecting s ∈ ZpCalculating N = (N)c)s=gabcs
Figure BDA00007949535000000717
M′a=h2(sid||A||Ra||gabcs),M′b=h2(sid||B||Rb||gabcs),M′c=h2(sid||C||Rc||gabcs) Send to C
Figure BDA00007949535000000711
C: computing
Figure BDA00007949535000000712
Send to B
Figure BDA00007949535000000713
B: computing
Figure BDA00007949535000000714
Send to A
A, calculating
Figure BDA00007949535000000716
The exchange of the main data in the embodiment is shown in fig. 3.
Although the present invention has been described in detail with reference to the above embodiments, those skilled in the art can make modifications and equivalents to the embodiments of the present invention without departing from the spirit and scope of the present invention, which is set forth in the claims of the present application.

Claims (2)

1. A lightweight password-based key agreement method, which comprises two rounds of execution of forward transfer and backward transfer, is characterized by comprising the following steps:
A. initializing key negotiation;
B. the first round of forward transmission, data by user U1To user UnDelivery then user UnSending the data to a trusted server S;
c. the second round of reverse transmission, the data is transmitted to the user U after being verified by the credible server SnThen the data is transmitted by the user UnTo pass U1Delivery;
the step A comprises the following steps:
A1. the key agreement adopts a key agreement protocol which comprises n user U1,…,UnAnd a trusted server S; let user U1User U as initiator of key agreementnIs the last user and is adjacent to the trusted server S;
A2. trusted server S sends N users U1,…,UnPublishes its own public key PpubKeeps its own private key Ppri(ii) a N users U1,…,UnSending the encrypted information to a trusted server S, and decrypting by the server S by using a private key of the server S; n users U1,…,UnNo information is shared between every two;
A3. each user UiSharing a password pw with the trusted server SiWherein i is 1, …, n;
A4. defining a p-order finite circulation group G, and taking an element G on the p-order finite circulation group G;
A5. defining three hash functions h1,h2,h3(ii) a Wherein the hash function h1For generating session identities, hash functions h2Hash function h for correctness verification3For generating a session key; h is1
Figure FDA0002238701150000011
h2
Figure FDA0002238701150000012
h3l1、l2、l3All represent fixed lengths; denotes an arbitrary length,/1、l2、l3Selecting 512bits and 1024bits according to actual needs;
the step B comprises the following steps:
B1. for key agreement initiator user U1: computing session identity sid h1(U1,…,Un) Then two random numbers x are selected1,R1∈Zp,ZpRepresenting the prime number field modulo p; computing
Figure FDA0002238701150000014
And handle (sid, U)1,…,Un,N1,M1) To the next user U2(ii) a x1 denotes the prime number field Z modulo ppE represents the encryption,
Figure FDA0002238701150000015
is made of PpubFor encryption of the key, N1、M1Are all intermediate results of the calculation;
B2. for user Ui1, …, n-1: two random numbers x are selectedi,Ri∈ZpCalculating
Figure FDA0002238701150000016
Figure FDA0002238701150000017
And handle (sid, U)1,…,Un,N1,M1,…,Ni,Mi) To the next user Ui+1
B3. For user Un: the final (sid, U) is operated as the other n-1 users1,…,Un,N1,M1,…,Nn,Mn) Sending the data to a trusted server S;
the step C comprises the following steps:
C1. for the trusted server S: receive (sid, U)1,…,Un,N1,M1,…,Nn,Mn) Then, the trusted server S decrypts the session identifier sid to the user U by using the private key thereof1And a random number R1First, the session id sid is verified as h1(U1,…,Un) (ii) a Then checking
Figure FDA0002238701150000022
Whether or not it is equal to received N1With session identity sid and user U1Shared pw1The result of the exclusive or; if the two are equal, the credible server S continues to pair N2,M2,…,Nn,MnThe same check is made; if there is a failure, the procedure terminates; after all checks have passed, the trusted server S acknowledges (sid, U)1,…,Un,N1,M1,…,Nn,Mn) Legality; and selecting a random number s ∈ ZpCalculating
Figure FDA0002238701150000023
Figure FDA0002238701150000024
i=2,…,n,M′i=h2(sid||Ui||Ri1, …, N, will yield
Figure FDA0002238701150000025
Sent to user Un
C2. For user Un: receive fromThen, first, the session identifier sid is verified as h1(U1,…,Un) Sequentially calculate
Figure FDA0002238701150000027
And a hash function h2(sid||Un||RnN) and validating hash function h2(sid||Un||Rn||N)=M′n(ii) a If the verification is passed, sequentially calculating the session key K as h3(sid N) and
Figure FDA0002238701150000028
1, …, n, will
Figure FDA0002238701150000029
Sent to user Un-1(ii) a If the verification fails, sending error information;
C3. for user UiI-2, …, n-1: receive from
Figure FDA00022387011500000210
Then, first, the session identifier sid is verified as h1(U1,…,Un) Sequentially calculateAnd a hash function h2(sid||Ui||RiN) and validating hash function h2(sid||Ui||Ri||N)=M′i(ii) a If the verification is passed, sequentially calculating the session key K as h3(sid N) and
Figure FDA00022387011500000212
will be provided with
Figure FDA00022387011500000213
Sent to user Ui-1(ii) a If the verification fails, sending error information;
C4. for user U1: receive from
Figure FDA00022387011500000214
Then, first, the session identifier sid is verified as h1(U1,…,Un) Sequentially calculate
Figure FDA00022387011500000215
And a hash function h2(sid||U1||R1N) and verifies the hash function h2(sid||U1||R1||N)=M′1(ii) a If the verification is passed, calculating the session key K ═ h3(sid | | N); if the verification fails, sending error information;
wherein: n is a radical of1、M1、N2,M2,…,Nn,Mn
Figure FDA00022387011500000216
M′1,…,M′nAre all intermediate results of the calculation; x1……xnAll represent a prime number field Z modulo ppThe random number of (1); g represents an element on the finite cyclic group G of order p.
2. The password-based lightweight key agreement method according to claim 1, wherein each of the N users of the key agreement protocol sends data once and receives data once, and the key agreement protocol is terminated after the originator of the key agreement receives the returned data.
CN201510558046.XA 2015-09-02 2015-09-02 Lightweight key negotiation method based on password Active CN106487502B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510558046.XA CN106487502B (en) 2015-09-02 2015-09-02 Lightweight key negotiation method based on password

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510558046.XA CN106487502B (en) 2015-09-02 2015-09-02 Lightweight key negotiation method based on password

Publications (2)

Publication Number Publication Date
CN106487502A CN106487502A (en) 2017-03-08
CN106487502B true CN106487502B (en) 2020-01-24

Family

ID=58238177

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510558046.XA Active CN106487502B (en) 2015-09-02 2015-09-02 Lightweight key negotiation method based on password

Country Status (1)

Country Link
CN (1) CN106487502B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110855667B (en) * 2019-11-14 2023-04-07 宁夏吉虎科技有限公司 Block chain encryption method, device and system
CN111815814B (en) * 2020-06-22 2022-06-10 合肥智辉空间科技有限责任公司 Electronic lock security system and binding authentication method thereof
CN113242122B (en) * 2021-04-15 2022-11-25 哈尔滨工业大学 Encryption method based on DH and RSA encryption algorithm

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0915590A3 (en) * 1997-11-10 2001-05-23 Phone.Com Inc. Method and system for secure lightweight transactions in wireless data networks
CN101702645A (en) * 2009-11-30 2010-05-05 中国人民解放军信息工程大学 Three-side password authentication key exchange method
CN102025488A (en) * 2010-12-06 2011-04-20 电子科技大学 One-round private key exchanging method
CN102882688A (en) * 2012-10-24 2013-01-16 北京邮电大学 Lightweight authentication and key agreement protocol applicable to electric information acquisition

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0915590A3 (en) * 1997-11-10 2001-05-23 Phone.Com Inc. Method and system for secure lightweight transactions in wireless data networks
CN101702645A (en) * 2009-11-30 2010-05-05 中国人民解放军信息工程大学 Three-side password authentication key exchange method
CN102025488A (en) * 2010-12-06 2011-04-20 电子科技大学 One-round private key exchanging method
CN102882688A (en) * 2012-10-24 2013-01-16 北京邮电大学 Lightweight authentication and key agreement protocol applicable to electric information acquisition

Also Published As

Publication number Publication date
CN106487502A (en) 2017-03-08

Similar Documents

Publication Publication Date Title
CN108111301B (en) Method and system for realizing SSH protocol based on post-quantum key exchange
Agrawal et al. PASTA: password-based threshold authentication
US11722305B2 (en) Password based threshold token generation
CN107947913B (en) Anonymous authentication method and system based on identity
CN108599925B (en) Improved AKA identity authentication system and method based on quantum communication network
JP4837729B2 (en) Cryptographic authentication method, computer system and data carrier
CN107659395B (en) Identity-based distributed authentication method and system in multi-server environment
CN101442411A (en) Identification authentication method between peer-to-peer user nodes in P2P network
Guo et al. FogHA: An efficient handover authentication for mobile devices in fog computing
Chen et al. Cross-domain password-based authenticated key exchange revisited
Wang et al. Provably secure and efficient identification and key agreement protocol with user anonymity
CN113572603A (en) Heterogeneous user authentication and key agreement method
CN110999202A (en) Computer-implemented system and method for highly secure, high-speed encryption and transmission of data
Mahmood et al. PUF enable lightweight key-exchange and mutual authentication protocol for multi-server based D2D communication
CN114362932A (en) Chebyshev polynomial multiple registration center anonymous authentication key agreement protocol
CN106487502B (en) Lightweight key negotiation method based on password
Castiglione et al. An efficient and transparent one-time authentication protocol with non-interactive key scheduling and update
Ruan et al. Provably leakage-resilient password-based authenticated key exchange in the standard model
CN110932856B (en) Verifiable quantum key negotiation method
CN110971404B (en) Certificateless group key agreement method for secure cross-domain communication
CN113132104A (en) Active and safe ECDSA (electronic signature SA) digital signature two-party generation method
KR20080005344A (en) System for authenticating user's terminal based on authentication server
Pal et al. Diffie-Hellman key exchange protocol with entities authentication
CN113094722B (en) Three-party password authentication key exchange method
Phan et al. Cryptanalysis of the n-party encrypted diffie-hellman key exchange using different passwords

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 102209 Beijing City, Changping District science and Technology Park in the future smart grid research institute hospital

Applicant after: GLOBAL ENERGY INTERCONNECTION RESEARCH INSTITUTE

Applicant after: State Grid Hebei Electric Power Company

Applicant after: State Grid Corporation of China

Address before: 102211 Beijing city Changping District Xiaotangshan town big East Village Road No. 270 (future technology city)

Applicant before: State Grid Smart Grid Institute

Applicant before: State Grid Hebei Electric Power Company

Applicant before: State Grid Corporation of China

CB02 Change of applicant information
GR01 Patent grant
GR01 Patent grant