CN106789042A - User in IBC domains accesses the authentication key agreement method of the resource in PKI domains - Google Patents

User in IBC domains accesses the authentication key agreement method of the resource in PKI domains Download PDF

Info

Publication number
CN106789042A
CN106789042A CN201710081516.7A CN201710081516A CN106789042A CN 106789042 A CN106789042 A CN 106789042A CN 201710081516 A CN201710081516 A CN 201710081516A CN 106789042 A CN106789042 A CN 106789042A
Authority
CN
China
Prior art keywords
domains
user
ibc
resource
pki
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710081516.7A
Other languages
Chinese (zh)
Other versions
CN106789042B (en
Inventor
张文芳
袁超
王小敏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Southwest Jiaotong University
Original Assignee
Southwest Jiaotong University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Southwest Jiaotong University filed Critical Southwest Jiaotong University
Priority to CN201710081516.7A priority Critical patent/CN106789042B/en
Publication of CN106789042A publication Critical patent/CN106789042A/en
Application granted granted Critical
Publication of CN106789042B publication Critical patent/CN106789042B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • H04L9/0847Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving identity based encryption [IBE] schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy

Abstract

A kind of user in IBC domains accesses the authentication key agreement method of the resource in PKI domains, and its main operational steps is:A, application are accessed:The user in IBC domains sends the request of the resource for accessing PKI domains to the certificate server in this domain, and the access request of user is forwarded after the certificate server certification user identity legitimacy of IBC domains to the certificate server in PKI domains;B, generation access mandate bill simultaneously send;C, bidirectional identity authentication and consulting session key:Session key is to carry out XOR treatment by the User Part after the certificate server part of session key and filling to obtain;D, re-authentication:When the User Part of session key exceeds its life cycle, but session key certificate server part still in its life cycle, if the user in IBC domains still needs to access the resource in PKI domains, quick re-authentication can be carried out;E, termination session.The method can effectively realize that the user in IBC domains accesses the authenticated key agreement of the resource in PKI domains, and its consumption resource is few, safe.

Description

User in IBC domains accesses the authentication key agreement method of the resource in PKI domains
Technical field
The invention belongs to across isomery domain certifiede-mail protocol technical field in information communication.
Background technology
The various applications of distributed network environment, such as virtual enterprise, instantaneous communication system etc., user want with it The information resources of access are often all in different trust domain.And different trust domain may be based on different password bodies System, such as cipher system based on Kerberos and (is based on cipher system based on PKI (PKIX) based on IBC The cryptographic technique of identity) cipher system etc..Authentication key agreement method between isomorphic field has had more research, and And formed standard and be widely used.Also have for the authentication key agreement method between two domains of PKI and Kerberos More research.But the user in IBC domains accesses the authentication key agreement method during resource in PKI domains, but few people's research.And Under the application scenarios such as the such as virtual enterprise under distributed network, Agile manufactruing, the user in IBC domains accesses the resource in PKI domains Application demand it is a lot.
Authenticated key agreement document when the user in existing IBC domains accesses the resource in PKI domains only has:
(Meng Xin, Hu Liang, just sword peak, waits cross-domain authorization [J] of isomery trust domain to document 1 " cross-domain authorization in isomery domain " Jilin University's journal Edition, 2010,48 (1):The mutual trust interconnection system between PKI isomorphic fields 89-93.) is relied on, using body Part mapping, cross-domain authorization two parts content realizes the credible interconnection between IBC and PKI domains.But it is a large amount of multiple in the document Using to certificate, certificate can all consume substantial amounts of resource in transmission in storing process, design IBC cipher systems originally with people Original intention be not inconsistent;Very not direct by the way of identity map, feasibility is not high in the application of reality.And the document is With identity map, the mode of Trust transitivity realizes the thought of certification, does not have specific protocol procedures, and it is a kind of new that can only can be regarded as Cross-domain authorization thought rather than a scheme that can be directly realized by.
The content of the invention
It is an object of the invention to provide the authenticated key agreement side that the user in a kind of IBC domains accesses the resource in PKI domains Method, the method can effectively realize that the user in IBC domains accesses the authenticated key agreement of the resource in PKI domains, and its consumption resource is few, It is safe.
The technical scheme adopted by the invention for realizing the object of the invention is that the user in a kind of IBC domains is accessed in PKI domains The authentication key agreement method of resource, its operating procedure is:
A, application are accessed
The user U in IBC domains sends the request of the resource S for accessing PKI domains, the certification of IBC domains to the certificate server TA in IBC domains Server TA is authenticated to the identity legitimacy of the user U in IBC domains;If certification does not pass through, step E is jumped to;Otherwise, to The access request of the user U in PKI domains certificate server CA forwarding IBC domains, and send PKI domains certificate server to the user U The public key PK of CACA
B, generation access mandate bill simultaneously send
PKI domains certificate server CA carries out authentication to IBC domains certificate server TA, if certification does not pass through, redirects To step E;Otherwise, the user U in PKI domains certificate server CA generations IBC domains accesses recognizing for the session key K of resource S in PKI domains Card server section K1, and encrypt, generate corresponding access mandate bill Ticket1;Meanwhile, PKI domains certificate server CA leads to The identity ID of the user U in the IBC domains crossed in the access request that IBC domains certificate server TA sendsU, calculate IBC domains User U public key QU
PKI domains certificate server CA utilizes own private key SKCATo the public key PK of resource S in PKI domainsS, session key K recognizes Card server section K1With access mandate bill Ticket1, carry out signature treatment and obtain signature information Msign, recycle IBC domains User U public key QUTo signature information MsignIt is encrypted, obtains encryption message MA2CA->U, and send it to IBC domains User U;
C, bidirectional identity authentication and consulting session key
The user U in C1, IBC domain utilizes own private key SU, the encryption message M sent to PKI domains certificate server CAA2CA->U Decryption, obtains the public key PK of resource S in PKI domainsS, session key K certificate server part K1With access mandate bill Ticket1, then with the public key PK of PKI domains certificate servers CACAThe validity of signature is verified, if checking does not pass through, is jumped to Step E;Otherwise, the User Part K of the user U generation session keys K in IBC domains2, and by the User Part K of session key K2It is the first Place is filled, and makes its certificate server part K with session key K1Digit it is identical, then to the certification of session key K Server section K1With the User Part K after filling2Carry out XOR treatment and obtain complete session key K;
The user U in C2, IBC domain recycles the public key PK of resource S in PKI domainsS, to the User Part K of session key K2Carry out Encryption, obtains user's ciphertext S-k2;Meanwhile, using session key K to the identity ID of the resource S in PKI domainsSIt is encrypted, Obtain identity ciphertext S-ID;Again by user's ciphertext S-k2Access mandate ticket in being walked together with B with identity ciphertext S-ID According to Ticket1, send jointly to the resource S in PKI domains;
Resource S own private key SK in C3, PKI domainSTo the user's ciphertext S-k for receiving2Decryption, obtains resource-side session The User Part K of key K '2';To access mandate bill Ticket1Decryption, extraction, obtain the certification of resource-side session key K ' Server section K1';Again by the User Part K of resource-side session key K '2' is filled at first place, makes it with resource-side session The certificate server part K of key K '1The digit of ' is identical, then to the certificate server part K of resource-side session key K '1' With the User Part K after filling2' carries out XOR treatment and obtains complete resource-side session key K ';It is close with resource-side session again The identity ciphertext S-ID that key K ' decryption is received, so as to obtain the extraction identity IDS ' of resource S in PKI domains, will extract The identity ID of the resource S in identity IDS ' and PKI domainsSVerified, if the two is inconsistent, jumped to step E;It is no Then, the resource-side session key K ' of the resource S in PKI domains are to its identity IDSIt is encrypted, obtains the resource S in PKI domains Resource-side identity ciphertext MA3S->U, and send it to the user U in IBC domains;
The user U session keys K in C4, IBC domain is to the resource-side identity ciphertext M that receivesA3S->UIt is decrypted, obtains To the user terminal identity IDS of the resource S in PKI domains ", and verify the user terminal identity IDS of resource S in PKI domains " Validity, if checking do not pass through, jump to step E;The certification key of the otherwise user U in the IBC domains and resource S in PKI domains Consult to complete, the user U in IBC domains has secure access to the resource S in PKI domains using session key K;
D, re-authentication
As the certificate server part K of session key K1During beyond its life cycle, if the user U in IBC domains is not visited again The resource S in PKI domains, then jump to step E;If the user U in IBC domains still needs to access the resource S in PKI domains, step A is jumped to;
As the User Part K of session key K2Beyond its life cycle, but session key K certificate server part K1Still When in its life cycle, if the user U in IBC domains does not visit again the resource S in PKI domains, step E is jumped to;If the use in IBC domains Family U still needs to access the resource S in PKI domains, then jump to step A or carry out quick re-authentication;
E, termination session.
Compared with prior art, the beneficial effects of the invention are as follows:
First, across the isomery domain authenticated key agreement during resource in PKI domains is accessed The present invention gives the user in IBC domains Method so that the resource in access PKI domains that the user in IBC domains can be safe.
2nd, IBC domains certificate server sends the public key of PKI domains certificate server to the user in domain, it is ensured that can The validity of the message that follow-up PKI domains certificate server sends smoothly is verified, while user need not store PKI domains authentication service The certificate of device, reduces the consumption of system resource.
3rd, session key is to carry out XOR treatment by the certificate server part of session key and User Part to obtain, compared with The simple session key generated by certificate server for, its security is largely increased, and increased resource consumption It is few.
Further, the user U in the IBC domains described in step A of the invention sends access to the certificate server TA in IBC domains The specific practice of the request of the resource S in PKI domains is:
The user U in IBC domains chooses random integers r1, r1∈Zq;In formula, ZqRepresent less than the collection of all integers composition of q Close, q is more than the prime number of 32 binary digits;Then by random integers r1With the public key P of systempubCarry out based on elliptic curve Point multiplication operation obtain public key point parameter R3, then by public key point parameter R3With the public key Q of the certificate server TA in IBC domainsTAMake double It is linear that mapping point parameter R is obtained to mapping1, R1=e (R3, QTA), wherein e () represents Bilinear map mapping;Meanwhile, random integers r1Again with the generation unit P of elliptic curve, carry out the point multiplication operation based on elliptic curve and obtain generating first point parameter R2;To mapping point Parameter R1It is the cryptographic Hash H (R that Hash operation obtains mapping point parameter1), the cryptographic Hash inversion operation to obtaining obtains mapping point ginseng Several cryptographic Hash inverse element H (R1)-1, then by the cryptographic Hash inverse element H (R of mapping point parameter1)-1With the private key S of the user U in IBC domainsUDo Point multiplication operation obtains the temporary identity Tid of userU;By the identity ID of the user U in IBC domainsU, the identity of the resource S in PKI domains Mark IDSTime stamp T when being sent with message1Composition identity information plaintext section m1,m1={ IDU,IDS,T1, recycle IBC domains Certificate server TA public key QTATo identity information plaintext section m1The cryptographic operation of identity-based algorithm is carried out, the identity for obtaining Information ciphertext section c1, c1=IBE { IDU,IDS,T1}QTA, wherein IBE { ... } QTARepresent using the certificate server TA's in IBC domains Public key QTACarry out the cryptographic operation of identity-based algorithm;
Then, the user U in IBC domains is by the temporary identity Tid of userU, generation unit point parameter R2With identity information ciphertext section c1 Composition request message MA1, MA1=TidU,R2,c1;And send it to the certificate server TA in IBC domains.
So, using the system public key in random number and IBC domains, the generation unit of elliptic curve, by dot product, bilinearity mapping Penetrate the temporary identity that user is constructed with Hash, it is difficult to crack and forge, can be transmitted in the form of plaintext, both reduced logical Traffic and amount of calculation, also ensure that the security of information transfer;And temporary identity realizes the anonymity of user identity, prevents Malicious entities are tracked to user.
Further, the IBC domains certificate server TA described in step A of the invention is legal to the identity of the user U in IBC domains The specific practice that property is authenticated is:
The request message M that IBC domains certificate server TA will be receivedA1In generation unit point parameter R2Certification with IBC domains takes The private key S of business device TATADo Bilinear map mapping and calculate mapping point parameter R again1, R1=e (R2,STA);Again to again calculating Mapping point parameter R1It is the cryptographic Hash H (R that Hash operation obtains mapping point parameter1), then be based on the generation unit P of elliptic curve The point multiplication operation of elliptic curve, obtains cryptographic Hash generation unit and puts parameter R4, then it is interim with the user U in the IBC domains for receiving Identity TidUBilinear map mapping is done, the searching number Ind of the user U in IBC domains in the certificate server TA in IBC domains is drawnU, IndU =e (TidU,R4);By described searching number IndUThe user U for obtaining IBC domains is stored at the certificate server TA ends in IBC domains Identity IDU';Recycle the private key S of the certificate server TA in IBC domainsTATo request message MA1In identity information ciphertext section c1Enter Row decryption oprerations, obtain identity information plaintext section m1In IBC domains user identity IDU;If time stamp T1It is fresh, and IBC domains User U storage IBC domains certificate server TA identity IDU' and identity information plaintext section m1In IBC domains user U Identity IDUUnanimously, then identity legitimacy certification passes through;Otherwise, certification does not pass through;
So, during IBC domains certificate server checking user identity, parameter, IBC domains are put by temporary identity, generation unit The generation unit of certificate server private key and elliptic curve, does dot product, Bilinear map mapping and Hash operation, obtains user in IBC The index value of domain certificate server, is tested the identity legitimacy of user with traditional using id-based signatures algorithm Card, greatly reduces amount of calculation, and do not interfere with security.
Further, the certificate server TA in IBC domains sends PKI domain certifications to the user U in IBC domains in step A of the invention The public key PK of server CACAThe practice is:
By the public key PK of PKI domains certificate servers CACA, identity IDCATime stamp T during with transmission message3Enter together Public key cryptography c is constituted after row signature, cryptographic operation2, then by public key cryptography c2It is sent to PKI domains certificate servers CA.
So, IBC domains certificate server is close to user's public key of the transmission comprising PKI domains certificate server public key in domain Text, it is ensured that the validity of the message that follow-up PKI domains certificate server sends can be smoothly verified, while user need not deposit The certificate of storage PKI domains certificate server, reduces the consumption of system resource.
Further, the certificate server part K of the session key K in step B of the invention1Digit be 128;It is described C1 steps in, the User Part K of the user U in IBC domains generation session key K2Length be 80.
So, the certificate server part being filled with 128 using the User Part of 80 carries out XOR must attend the meeting Words key, than the session key for only being obtained by the certificate server part of 128, the life cycle of key is shorter, and session is close The safety of key is guaranteed, meanwhile, the increased traffic is little.
Further, the specific practice of the quick re-authentication in D steps of the invention is:
The User Part K of the user U generation re-authentication session keys K in IBC domains "2", and by re-authentication session key K " User Part K2The certificate server part K of " being filled at first place, make it with re-authentication session key K "1Digit phase Together, the certificate server part K of then counterweight authen session key K "1With the User Part K after filling2" carry out XOR to process To complete re-authentication session key K ";Then, C2 steps are jumped to.
So, when session key User Part exceed its life cycle, but session key certificate server part still When in its life cycle;If the user in IBC domains still needs to access the resource in PKI domains, quick re-authentication can be carried out, and without again The operation that application is accessed and access mandate bill is generated and distributed is carried out, on the premise of access safety is ensured, is greatly reduced The interaction times of method, the traffic and amount of calculation.
With reference to specific embodiment, the present invention is described in further detail.
Specific embodiment
Embodiment
A kind of user in IBC domains accesses the authentication key agreement method of the resource in PKI domains, and its operating procedure is:
A, application are accessed
The user U in IBC domains sends the request of the resource S for accessing PKI domains, the certification of IBC domains to the certificate server TA in IBC domains Server TA is authenticated to the identity legitimacy of the user U in IBC domains;If certification does not pass through, step E is jumped to;Otherwise, to The access request of the user U in PKI domains certificate server CA forwarding IBC domains, and send PKI domains certificate server to the user U The public key PK of CACA
B, generation access mandate bill simultaneously send
PKI domains certificate server CA carries out authentication to IBC domains certificate server TA, if certification does not pass through, redirects To step E;Otherwise, the user U in PKI domains certificate server CA generations IBC domains accesses recognizing for the session key K of resource S in PKI domains Card server section K1, and encrypt, generate corresponding access mandate bill Ticket1;Meanwhile, PKI domains certificate server CA leads to The identity ID of the user U in the IBC domains crossed in the access request that IBC domains certificate server TA sendsU, calculate IBC domains User U public key QU
PKI domains certificate server CA utilizes own private key SKCATo the public key PK of resource S in PKI domainsS, session key K recognizes Card server section K1With access mandate bill Ticket1, carry out signature treatment and obtain signature information Msign, recycle IBC domains User U public key QUTo signature information MsignIt is encrypted, obtains encryption message MA2CA->U, and send it to IBC domains User U;
C, bidirectional identity authentication and consulting session key
The user U in C1, IBC domain utilizes own private key SU, the encryption message M sent to PKI domains certificate server CAA2CA->U Decryption, obtains the public key PK of resource S in PKI domainsS, session key K certificate server part K1With access mandate bill Ticket1, then with the public key PK of PKI domains certificate servers CACAThe validity of signature is verified, if checking does not pass through, is jumped to Step E;Otherwise, the User Part K of the user U generation session keys K in IBC domains2, and by the User Part K of session key K2It is the first Place is filled, and makes its certificate server part K with session key K1Digit it is identical, then to the certification of session key K Server section K1With the User Part K after filling2Carry out XOR treatment and obtain complete session key K;
The user U in C2, IBC domain recycles the public key PK of resource S in PKI domainsS, to the User Part K of session key K2Carry out Encryption, obtains user's ciphertext S-k2;Meanwhile, using session key K to the identity ID of the resource S in PKI domainsSIt is encrypted, Obtain identity ciphertext S-ID;Again by user's ciphertext S-k2Access mandate ticket in being walked together with B with identity ciphertext S-ID According to Ticket1, send jointly to the resource S in PKI domains;
Resource S own private key SK in C3, PKI domainSTo the user's ciphertext S-k for receiving2Decryption, obtains resource-side session The User Part K of key K '2';To access mandate bill Ticket1Decryption, extraction, obtain the certification of resource-side session key K ' Server section K1';Again by the User Part K of resource-side session key K '2' is filled at first place, makes it with resource-side session The certificate server part K of key K '1The digit of ' is identical, then to the certificate server part K of resource-side session key K '1' With the User Part K after filling2' carries out XOR treatment and obtains complete resource-side session key K ';It is close with resource-side session again The identity ciphertext S-ID that key K ' decryption is received, so as to obtain the extraction identity IDS ' of resource S in PKI domains, will extract The identity ID of the resource S in identity IDS ' and PKI domainsSVerified, if the two is inconsistent, jumped to step E;It is no Then, the resource-side session key K ' of the resource S in PKI domains are to its identity IDSIt is encrypted, obtains the resource S in PKI domains Resource-side identity ciphertext MA3S->U, and send it to the user U in IBC domains;
The user U session keys K in C4, IBC domain is to the resource-side identity ciphertext M that receivesA3S->UIt is decrypted, obtains To the user terminal identity IDS of the resource S in PKI domains ", and verify the user terminal identity IDS of resource S in PKI domains " Validity, if checking do not pass through, jump to step E;The certification key of the otherwise user U in the IBC domains and resource S in PKI domains Consult to complete, the user U in IBC domains has secure access to the resource S in PKI domains using session key K;
D, re-authentication
As the certificate server part K of session key K1During beyond its life cycle, if the user U in IBC domains is not visited again During the resource S in PKI domains, then step E is jumped to;If the user U in IBC domains still needs to access the resource S in PKI domains, step is jumped to A;
As the User Part K of session key K2Beyond its life cycle, but session key K certificate server part K1Still When in its life cycle;If the user U in IBC domains does not visit again the resource S in PKI domains, step E is jumped to;If IBC domains User U still needs to access the resource S in PKI domains, then jump to step A or carry out quick re-authentication;
E, termination session.
The user U in the IBC domains described in the step A of this example sends the money for accessing PKI domains to the certificate server TA in IBC domains The specific practice of the request of source S is:
The user U in IBC domains chooses random integers r1, r1∈Zq;In formula, ZqRepresent less than the collection of all integers composition of q Close, q is more than the prime number of 32 binary digits;Then by random integers r1With the public key P of systempubCarry out based on elliptic curve Point multiplication operation obtain public key point parameter R3, then by public key point parameter R3With the public key Q of the certificate server TA in IBC domainsTAMake double It is linear that mapping point parameter R is obtained to mapping1, R1=e (R3, QTA), wherein e () represents Bilinear map mapping;Meanwhile, random integers r1Again with the generation unit P of elliptic curve, carry out the point multiplication operation based on elliptic curve and obtain generating first point parameter R2;To mapping point Parameter R1It is the cryptographic Hash H (R that Hash operation obtains mapping point parameter1), the cryptographic Hash inversion operation to obtaining obtains mapping point ginseng Several cryptographic Hash inverse element H (R1)-1, then by the cryptographic Hash inverse element H (R of mapping point parameter1)-1With the private key S of the user U in IBC domainsUDo Point multiplication operation obtains the temporary identity Tid of userU;By the identity ID of the user U in IBC domainsU, the identity of the resource S in PKI domains Mark IDSTime stamp T when being sent with message1Composition identity information plaintext section m1,m1={ IDU,IDS,T1, recycle IBC domains Certificate server TA public key QTATo identity information plaintext section m1The cryptographic operation of identity-based algorithm is carried out, the identity for obtaining Information ciphertext section c1, c1=IBE { IDU,IDS,T1}QTA, wherein IBE { ... } QTARepresent using the certificate server TA's in IBC domains Public key QTACarry out the cryptographic operation of identity-based algorithm;
Then, the user U in IBC domains is by the temporary identity Tid of userU, generation unit point parameter R2With identity information ciphertext section c1 Composition request message MA1, MA1=TidU,R2,c1;And send it to the certificate server TA in IBC domains;
IBC domains certificate server TA described in the step A of this example is closed to the identity for sending the user U in the IBC domains of request The specific practice that method is authenticated is:
The request message M that IBC domains certificate server TA will be receivedA1In generation unit point parameter R2Certification with IBC domains takes The private key S of business device TATADo Bilinear map mapping and calculate mapping point parameter R again1, R1=e (R2,STA);Again to again calculating Mapping point parameter R1It is the cryptographic Hash H (R that Hash operation obtains mapping point parameter1), then be based on the generation unit P of elliptic curve The point multiplication operation of elliptic curve, obtains cryptographic Hash generation unit and puts parameter R4, then it is interim with the user U in the IBC domains for receiving Identity TidUBilinear map mapping is done, the searching number Ind of the user U in IBC domains in the certificate server TA in IBC domains is drawnU, IndU =e (TidU,R4);By described searching number IndUThe user U for obtaining IBC domains is stored at the certificate server TA ends in IBC domains Identity IDU,;Recycle the private key S of the certificate server TA in IBC domainsTATo request message MA1In identity information ciphertext section c1Enter Row decryption oprerations, obtain identity information plaintext section m1In IBC domains user identity IDU;If time stamp T1It is fresh, and IBC domains User U storage IBC domains certificate server TA identity ID 'UWith identity information plaintext section m1In IBC domains user U Identity IDUUnanimously, then identity legitimacy certification passes through;Otherwise, certification does not pass through;
The certificate server TA in IBC domains sends PKI domains certificate servers CA's to the user U in IBC domains in the step A of this example Public key PKCAThe practice is:
By the public key PK of PKI domains certificate servers CACA, identity IDCATime stamp T during with transmission message3Enter together Public key cryptography c is constituted after row signature, cryptographic operation2, then by public key cryptography c2It is sent to PKI domains certificate servers CA.
The certificate server part K of the session key K in the step B of this example1Digit be 128;The C1 steps of this example In, the User Part K of the user U generation session keys K in IBC domains2Length be 80.
The specific practice of the quick re-authentication in the D steps of this example is:
The User Part K of the user U generation re-authentication session keys K in IBC domains "2", and by re-authentication session key K " User Part K2The certificate server part K of " being filled at first place, make it with re-authentication session key K "1Digit phase Together, the certificate server part K of then counterweight authen session key K "1With the User Part K after filling2" carry out XOR to process To complete re-authentication session key K ";Then, C2 steps are jumped to.

Claims (6)

1. the user in a kind of IBC domains accesses the authentication key agreement method of the resource in PKI domains, and its operating procedure is:
A, application are accessed
The user U in IBC domains sends the request of the resource S for accessing PKI domains, IBC domains authentication service to the certificate server TA in IBC domains Device TA is authenticated to the identity legitimacy of the user U in IBC domains;If certification does not pass through, step E is jumped to;Otherwise, to PKI The access request of the user U in domain certificate server CA forwarding IBC domains, and send PKI domains certificate servers CA's to the user U Public key PKCA
B, generation access mandate bill simultaneously send
PKI domains certificate server CA carries out authentication to IBC domains certificate server TA, if certification does not pass through, jumps to step Rapid E;Otherwise, the user U in PKI domains certificate server CA generation IBC domains accesses the certification clothes of the session key K of resource S in PKI domains Business device part K1, and encrypt, generate corresponding access mandate bill Ticket1;Meanwhile, PKI domains certificate server CA passes through The identity ID of the user U in the IBC domains in the access request that IBC domains certificate server TA sendsU, calculate IBC domains The public key Q of user UU
PKI domains certificate server CA utilizes own private key SKCATo the public key PK of resource S in PKI domainsS, session key K certification clothes Business device part K1With access mandate bill Ticket1, carry out signature treatment and obtain signature information Msign, recycle the use in IBC domains The public key Q of family UUTo signature information MsignIt is encrypted, obtains encryption message MA2CA->U, and send it to the user in IBC domains U;
C, bidirectional identity authentication and consulting session key
The user U in C1, IBC domain utilizes own private key SU, the encryption message M sent to PKI domains certificate server CAA2CA->UDecryption, Obtain the public key PK of resource S in PKI domainsS, session key K certificate server part K1With access mandate bill Ticket1, then With the public key PK of PKI domains certificate servers CACAThe validity of signature is verified, if checking does not pass through, step E is jumped to;Otherwise, The User Part K of the user U generation session keys K in IBC domains2, and by the User Part K of session key K2The first place is filled, Make its certificate server part K with session key K1Digit it is identical, then to the certificate server part K of session key K1 With the User Part K after filling2Carry out XOR treatment and obtain complete session key K;
The user U in C2, IBC domain recycles the public key PK of resource S in PKI domainsS, to the User Part K of session key K2Added It is close, obtain user's ciphertext S-k2;Meanwhile, using session key K to the identity ID of the resource S in PKI domainsSIt is encrypted, obtains To identity ciphertext S-ID;Again by user's ciphertext S-k2Access mandate bill in being walked together with B with identity ciphertext S-ID Ticket1, send jointly to the resource S in PKI domains;
Resource S own private key SK in C3, PKI domainSTo the user's ciphertext S-k for receiving2Decryption, obtains resource-side session key The User Part K of K '2';To access mandate bill Ticket1Decryption, extraction, obtain the authentication service of resource-side session key K ' Device part K1';Again by the User Part K of resource-side session key K '2' is filled at first place, makes it with resource-side session key The certificate server part K of K '1The digit of ' is identical, then to the certificate server part K of resource-side session key K '1' and fill out User Part K after filling2' carries out XOR treatment and obtains complete resource-side session key K ';Resource-side session key K ' is used again The identity ciphertext S-ID that decryption is received, so as to obtain the extraction identity IDS ' of resource S in PKI domains, will extract identity Mark IDS ', and the resource S in PKI domains identity IDSVerified, if the two is inconsistent, jumped to step E;Otherwise, Resource S in PKI domains is with resource-side session key K ' to its identity IDSIt is encrypted, obtains resource S's in PKI domains Resource-side identity ciphertext MA3S->U, and send it to the user U in IBC domains;
The user U session keys K in C4, IBC domain is to the resource-side identity ciphertext M that receivesA3S->UIt is decrypted, obtains PKI The user terminal identity IDS of the resource S in domain,, and the user terminal identity IDS of resource S in PKI domains is verified, Validity, if checking does not pass through, jumps to step E;The certification key association of the otherwise user U in the IBC domains and resource S in PKI domains Business is completed, and the user U in IBC domains is had secure access to using session key K to the resource S in PKI domains;
D, re-authentication
As the certificate server part K of session key K1During beyond its life cycle, if the user U in IBC domains does not visit again PKI domains Resource S, then jump to step E;If the user U in IBC domains still needs to access the resource S in PKI domains, step A is jumped to;
As the User Part K of session key K2Beyond its life cycle, but session key K certificate server part K1Still at it In life cycle, if the user U in IBC domains does not visit again the resource S in PKI domains, step E is jumped to;If the user U in IBC domains Still need to access the resource S in PKI domains, then jump to step A or carry out quick re-authentication;
E, termination session.
2. the user in a kind of IBC domains according to claim 1 accesses the authenticated key agreement side of the resource in PKI domains Method, it is characterised in that the user U in IBC domains sends the money for accessing PKI domains to the certificate server TA in IBC domains in described step A The specific practice of the request of source S is:
The user U in IBC domains chooses random integers r1, r1∈Zq;In formula, ZqThe set of all integers composition of q is represented less than, q is More than 32 prime numbers of binary digit;Then by random integers r1With the public key P of systempubCarry out the dot product based on elliptic curve Computing obtains public key point parameter R3, then by public key point parameter R3With the public key Q of the certificate server TA in IBC domainsTAMake Bilinear map Mapping obtains mapping point parameter R1, R1=e (R3, QTA), wherein e () represents Bilinear map mapping;Meanwhile, random integers r1Again with The generation unit P of elliptic curve, carries out the point multiplication operation based on elliptic curve and obtains generating first point parameter R2;To mapping point parameter R1 The cryptographic Hash that Hash operation obtains mapping point parameter is done, the cryptographic Hash H (R of the mapping point parameter to obtaining1) inversion operation obtains The cryptographic Hash inverse element H (R of mapping point parameter1)-1, then by the cryptographic Hash inverse element H (R of mapping point parameter1)-1With the user U's in IBC domains Private key SUIt is the temporary identity Tid that point multiplication operation obtains userU;By the identity ID of the user U in IBC domainsU, the resource in PKI domains The identity ID of SSTime stamp T when being sent with message1Composition identity information plaintext section m1,m1={ IDU,IDS,T1, then profit With the public key Q of the certificate server TA in IBC domainsTATo identity information plaintext section m1The cryptographic operation of identity-based algorithm is carried out, is obtained To identity information ciphertext section c1, c1=IBE { IDU,IDS,T1}QTA, wherein IBE { ... } QTARepresent the authentication service using IBC domains The public key Q of device TATACarry out the cryptographic operation of identity-based algorithm;
Then, the user U in IBC domains is by the temporary identity Tid of userU, generation unit point parameter R2With identity information ciphertext section c1Composition Request message MA1, MA1=TidU,R2,c1;And send it to the certificate server TA in IBC domains.
3. the user in a kind of IBC domains according to claim 1 accesses the authenticated key agreement side of the resource in PKI domains Method, it is characterised in that IBC domains certificate server TA is closed to the identity for sending the user U in the IBC domains of request in described step A The specific practice that method is authenticated is:
The request message M that IBC domains certificate server TA will be receivedA1In generation unit point parameter R2With the certificate server in IBC domains The private key S of TATADo Bilinear map mapping and calculate mapping point parameter R again1, R1=e (R2,STA);Mapping to calculating again again Point parameter R1It is the cryptographic Hash H (R that Hash operation obtains mapping point parameter1), then done based on ellipse with the generation unit P of elliptic curve The point multiplication operation of curve, obtains cryptographic Hash generation unit and puts parameter R4, then by its temporary identity with the user U in the IBC domains for receiving TidUBilinear map mapping is done, the searching number Ind of the user U in IBC domains in the certificate server TA in IBC domains is drawnU, IndU=e (TidU,R4);By described searching number IndUObtain the body of the user U storages at the certificate server TA ends in IBC domains in IBC domains Part
IDU';Recycle the private key S of the certificate server TA in IBC domainsTATo request message MA1In identity information ciphertext section c1Enter Row decryption oprerations, obtain identity information plaintext section m1In IBC domains user identity IDU;If time stamp T1It is fresh, and IBC domains User U storage IBC domains certificate server TA identity IDU' and identity information plaintext section m1In IBC domains user U Identity IDUUnanimously, then identity legitimacy certification passes through;Otherwise, certification does not pass through.
4. the user in a kind of IBC domains according to claim 1 accesses the authenticated key agreement side of the resource in PKI domains Method, it is characterised in that the certificate server TA in IBC domains sends PKI domains authentication service to the user U in IBC domains in described step A The public key PK of device CACASpecific practice be:
By the public key PK of PKI domains certificate servers CACA, identity IDCATime stamp T during with transmission message3Signed together Public key cryptography c is constituted after name, cryptographic operation2, then by public key cryptography c2It is sent to PKI domains certificate servers CA.
5. the user in a kind of IBC domains according to claim 1 accesses the authenticated key agreement side of the resource in PKI domains Method, it is characterised in that:The certificate server part K of the session key K in described step B1Digit be 128;Described In C1 steps, the User Part K of the user U generation session keys K in IBC domains2Length be 80.
6. the user in a kind of IBC domains according to claim 1 accesses the authenticated key agreement side of the resource in PKI domains Method, it is characterised in that the specific practice of the quick re-authentication in the D steps is:
The User Part K of the user U generation re-authentication session keys K in IBC domains "2The user of ", and by re-authentication session key K " Part K2The certificate server part K of " being filled at first place, make it with re-authentication session key K "1Digit it is identical, then The certificate server part K of counterweight authen session key K "1With the User Part K after filling2" carry out XOR treatment and obtain complete Re-authentication session key K ";Then, C2 steps are jumped to.
CN201710081516.7A 2017-02-15 2017-02-15 Authentication key negotiation method for user in IBC domain to access resources in PKI domain Active CN106789042B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710081516.7A CN106789042B (en) 2017-02-15 2017-02-15 Authentication key negotiation method for user in IBC domain to access resources in PKI domain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710081516.7A CN106789042B (en) 2017-02-15 2017-02-15 Authentication key negotiation method for user in IBC domain to access resources in PKI domain

Publications (2)

Publication Number Publication Date
CN106789042A true CN106789042A (en) 2017-05-31
CN106789042B CN106789042B (en) 2019-12-31

Family

ID=58957291

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710081516.7A Active CN106789042B (en) 2017-02-15 2017-02-15 Authentication key negotiation method for user in IBC domain to access resources in PKI domain

Country Status (1)

Country Link
CN (1) CN106789042B (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108737436A (en) * 2018-05-31 2018-11-02 西安电子科技大学 Based on the cross-domain services device identity identifying method for trusting alliance's block chain
CN109327309A (en) * 2018-11-08 2019-02-12 北京中电华大电子设计有限责任公司 A kind of domain traversal key management method based on IBC Yu PKI mixed system
CN109714167A (en) * 2019-03-15 2019-05-03 北京邮电大学 Authentication and cryptographic key negotiation method and equipment suitable for mobile application signature
CN109873699A (en) * 2017-12-05 2019-06-11 南京师范大学 A kind of voidable identity public key encryption method
CN109981289A (en) * 2019-03-26 2019-07-05 电子科技大学 Batch authentication method of elliptic curve digital signature algorithm under implicit certificate
CN111106931A (en) * 2018-10-26 2020-05-05 中国电信股份有限公司 Authentication method, authentication device, terminal and computer-readable storage medium
CN114024749A (en) * 2021-11-05 2022-02-08 西北工业大学 Industrial equipment logic cross-domain access authentication method based on inter-domain cooperation of central nodes

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101431415A (en) * 2008-12-12 2009-05-13 天柏宽带网络科技(北京)有限公司 Bidirectional authentication method
CN101610153A (en) * 2008-06-20 2009-12-23 航天信息股份有限公司 Electronic signature authentication method based on ellipse curve signature algorithm
CN102624528A (en) * 2012-03-02 2012-08-01 中国人民解放军总参谋部第六十一研究所 IBAKA (Identity Based Authentication and Key Agreement) method
CN102970144A (en) * 2012-12-20 2013-03-13 四川长虹电器股份有限公司 Identity-based authentication method
CN103780618A (en) * 2014-01-22 2014-05-07 西南交通大学 Method for cross-isomerism domain identity authentication and session key negotiation based on access authorization ticket
CN105187205A (en) * 2015-08-05 2015-12-23 北京航空航天大学 Certificateless authentication key negotiation method and system based on hierarchical identities
US20160323114A1 (en) * 2015-05-03 2016-11-03 Ronald Francis Sulpizio, JR. Temporal key generation and pki gateway

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101610153A (en) * 2008-06-20 2009-12-23 航天信息股份有限公司 Electronic signature authentication method based on ellipse curve signature algorithm
CN101431415A (en) * 2008-12-12 2009-05-13 天柏宽带网络科技(北京)有限公司 Bidirectional authentication method
CN102624528A (en) * 2012-03-02 2012-08-01 中国人民解放军总参谋部第六十一研究所 IBAKA (Identity Based Authentication and Key Agreement) method
CN102970144A (en) * 2012-12-20 2013-03-13 四川长虹电器股份有限公司 Identity-based authentication method
CN103780618A (en) * 2014-01-22 2014-05-07 西南交通大学 Method for cross-isomerism domain identity authentication and session key negotiation based on access authorization ticket
US20160323114A1 (en) * 2015-05-03 2016-11-03 Ronald Francis Sulpizio, JR. Temporal key generation and pki gateway
CN105187205A (en) * 2015-08-05 2015-12-23 北京航空航天大学 Certificateless authentication key negotiation method and system based on hierarchical identities

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109873699A (en) * 2017-12-05 2019-06-11 南京师范大学 A kind of voidable identity public key encryption method
CN109873699B (en) * 2017-12-05 2021-09-28 南京师范大学 Revocable identity public key encryption method
CN108737436A (en) * 2018-05-31 2018-11-02 西安电子科技大学 Based on the cross-domain services device identity identifying method for trusting alliance's block chain
CN108737436B (en) * 2018-05-31 2020-02-21 西安电子科技大学 Cross-domain server identity authentication method based on trust alliance block chain
CN111106931A (en) * 2018-10-26 2020-05-05 中国电信股份有限公司 Authentication method, authentication device, terminal and computer-readable storage medium
CN111106931B (en) * 2018-10-26 2022-08-02 中国电信股份有限公司 Authentication method, authentication device, terminal and computer-readable storage medium
CN109327309A (en) * 2018-11-08 2019-02-12 北京中电华大电子设计有限责任公司 A kind of domain traversal key management method based on IBC Yu PKI mixed system
CN109714167A (en) * 2019-03-15 2019-05-03 北京邮电大学 Authentication and cryptographic key negotiation method and equipment suitable for mobile application signature
CN109981289A (en) * 2019-03-26 2019-07-05 电子科技大学 Batch authentication method of elliptic curve digital signature algorithm under implicit certificate
CN109981289B (en) * 2019-03-26 2020-03-31 电子科技大学 Batch authentication method of elliptic curve digital signature algorithm under implicit certificate
CN114024749A (en) * 2021-11-05 2022-02-08 西北工业大学 Industrial equipment logic cross-domain access authentication method based on inter-domain cooperation of central nodes

Also Published As

Publication number Publication date
CN106789042B (en) 2019-12-31

Similar Documents

Publication Publication Date Title
CN106789042A (en) User in IBC domains accesses the authentication key agreement method of the resource in PKI domains
Chen et al. Security enhancement on an improvement on two remote user authentication schemes using smart cards
Jiang et al. A privacy enhanced authentication scheme for telecare medical information systems
US8930704B2 (en) Digital signature method and system
KR20190073472A (en) Method, apparatus and system for transmitting data
CN104754581B (en) A kind of safety certifying method of the LTE wireless networks based on public-key cryptosystem
KR101730757B1 (en) Method and system for accessing device by a user
CN105812349B (en) A kind of unsymmetrical key distribution of identity-based information and message encryption method
CN107947913A (en) The anonymous authentication method and system of a kind of identity-based
CN103414559B (en) A kind of identity identifying method of based on class IBE system under cloud computing environment
CN105610773A (en) Communication encryption method of electric energy meter remote meter reading
CN106130716A (en) Cipher key exchange system based on authentication information and method
CN106850584B (en) A kind of anonymous authentication method of curstomer-oriented/server network
CN105516119A (en) Cross-domain identity authentication method based on proxy re-signature
CN107948156A (en) The closed key management method and system of a kind of identity-based
CN108833373A (en) The instant messaging and anonymous access method of facing relation secret protection social networks
CN106230840B (en) A kind of command identifying method of high security
CN106877996B (en) User in the domain PKI accesses the authentication key agreement method of the resource in the domain IBC
US9641333B2 (en) Authentication methods, systems, devices, servers and computer program products, using a pairing-based cryptographic approach
CN110224816A (en) Anti- quantum calculation application system and short distance energy-saving communication method and computer equipment based on key card and sequence number
Ahmed et al. Mutual authentication for mobile cloud computing: Review and suggestion
Surya et al. Single sign on mechanism using attribute based encryption in distributed computer networks
Ren et al. BIA: A Blockchain-based Identity Authorization Mechanism
CN106487502A (en) A kind of lightweight key negotiation method based on password
Wei et al. Research on identity-based cryptograph and its application in power iot

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant