CN108881173B - Bus-based remote unit access authentication and key agreement method for satellite integrated electronic system - Google Patents

Bus-based remote unit access authentication and key agreement method for satellite integrated electronic system Download PDF

Info

Publication number
CN108881173B
CN108881173B CN201810513701.3A CN201810513701A CN108881173B CN 108881173 B CN108881173 B CN 108881173B CN 201810513701 A CN201810513701 A CN 201810513701A CN 108881173 B CN108881173 B CN 108881173B
Authority
CN
China
Prior art keywords
authentication
key
remote unit
random
bus
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810513701.3A
Other languages
Chinese (zh)
Other versions
CN108881173A (en
Inventor
何道敬
李旭如
乔琪
齐维孔
王灏宇
李明
覃落雨
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
East China Normal University
China Academy of Space Technology CAST
Original Assignee
East China Normal University
China Academy of Space Technology CAST
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by East China Normal University, China Academy of Space Technology CAST filed Critical East China Normal University
Priority to CN201810513701.3A priority Critical patent/CN108881173B/en
Publication of CN108881173A publication Critical patent/CN108881173A/en
Application granted granted Critical
Publication of CN108881173B publication Critical patent/CN108881173B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L12/403Bus networks with centralised control, e.g. polling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Selective Calling Equipment (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a bus-based access authentication and key agreement method for a remote unit of a satellite integrated electronic system, which realizes access authentication and key agreement between subsystem terminals on a bus under the structure of the bus-based satellite integrated electronic system. The method comprises the following specific steps: system initialization, submission of user information, key agreement, challenge/response. Considering that the satellite-borne integrated electronic system is difficult to bear huge calculation overhead, the dynamic password authentication technology and the challenge/response mechanism are adopted, so that the calculation overhead is reduced, meanwhile, eavesdropping, replaying and injection attacks can be effectively resisted, and the confidentiality and the integrity of data in the satellite-borne integrated electronic system are ensured.

Description

Bus-based remote unit access authentication and key agreement method for satellite integrated electronic system
Technical Field
The invention belongs to the technical field of information security, and particularly relates to a bus-based remote unit access authentication and key agreement method for a satellite integrated electronic system.
Background
The satellite platform designed based on the integrated satellite concept is a comprehensive electronic system integrating internal information sharing, function integration and resource optimization functions. A satellite platform consists of multiple service systems that can support one or more payloads. Regardless of the payload installed, the basic functionality of the satellite platform is the same except for the specific performance criteria. Currently, many countries in the world adopt the design concept of a public satellite platform in the development of satellites. The common satellite platform is multifunctional and can adapt to different payload requirements within a reasonable range. There are two main problems in satellite platform design: effectively controlling more and more payloads and providing effective management of the platform itself. Satellite data management currently tends to use a bus to build a satellite data management network.
The satellite-borne integrated electronic system has the following special operating environment: the probability of physical attack and other external attacks is greatly reduced, and the satellite-borne integrated electronic system operates on a public satellite platform, is not directly connected with an external network, has relatively independent working environment and still faces security threats from the inside of the system. According to the structure of the satellite-borne integrated electronic system, the satellite-borne integrated electronic system consists of a central management unit for running an embedded real-time operating system, a satellite-borne subsystem connected through a multi-level bus and various remote units in the subsystem. Software and hardware bugs such as operating system bugs, bus protocol bugs, sensor bugs, etc. may pose security threats, thereby affecting satellite security and causing great harm.
The satellite platform access authentication is essentially authentication of legal identity of a subsystem accessing a bus, and the subsystem can send messages to a bus controller and other subsystems through the bus only after the authentication. The access authentication protocol is the first line of defense for data security inside the satellite platform and is also one of important means for preventing active attacks. There are many conventional authentication techniques that utilize various features to authenticate a user's identity. Such as digital certificate signature authentication techniques based on elliptic curves, identity authentication mechanisms based on biometrics, and authentication techniques using hardware such as IC cards, USB + keys, and the like. Not all authentication mechanisms and concepts can be applied to the satellite platform. For example: although the digital certificate signature authentication technology based on the elliptic curve has strong safety and is widely used for user identity authentication by financial institutions such as banks and the like, the digital certificate signature authentication technology has extremely high requirements on computing resources and memory resources and is not suitable for a satellite-borne integrated electronic system. The identity authentication based on the biological characteristics which is rapidly developed at present cannot be used for the satellite-borne integrated electronic system, because the biological characteristic extraction cannot be realized on the satellite-borne integrated electronic system.
The invention aims to overcome the defects and shortcomings of the prior art and provides a bus-based remote unit access authentication and key agreement method for a satellite integrated electronic system, which adopts a dynamic password and a challenge/response mechanism, reduces the calculation overhead, can effectively resist eavesdropping, replay and injection attacks, and ensures the confidentiality and integrity of data in the satellite integrated electronic system.
Disclosure of Invention
The invention provides a bus-based satellite integrated electronic system remote unit access authentication and key agreement method, which comprises the following steps:
step 1: system initialization
The bus controller distributes key seeds for each target remote unit, generates key seed abstracts and maintains a corresponding key mapping table;
step 2: submitting user information
The bus controller initiates polling, an access authentication instruction carrying random information is sent to a target remote unit, and the target remote unit returns an authentication request carrying a user name and a key seed abstract of the unit, so that the bus controller examines the identity information and the authentication record of the target remote unit and stores the corresponding relation between the user name of the target remote unit and the key seed abstract and the authentication record in a terminal authentication information database; if the identity authentication of the target remote unit is successful, entering the next step; if the authentication fails, the authentication is stopped, and the system simultaneously gives out an alarm;
and step 3: key agreement
After confirming that the identity of the target remote unit is legal, the bus controller reads the corresponding key seed and generates an authentication key by combining random information according to the key seed abstract corresponding to the user name of the target remote unit, and sends a forward random authentication code pair to the target remote unit; the target remote unit reads the corresponding key seed and generates an authentication key by combining random information according to the key seed abstract corresponding to the user name of the target remote unit, generates a forward response code by using the authentication key and a forward random authentication code pair and sends the forward response code to the bus controller, and simultaneously sends a reverse random authentication code pair to the bus controller, and then the bus controller generates a reverse response code through the authentication key and the reverse random authentication code pair;
and 4, step 4: challenge/response
The bus controller checks the correctness of the forward response code by combining the authentication key and the forward random authentication code pair, determines whether to agree with the forward access authentication request, if not, stops authentication, and simultaneously sends out a warning to the system, and if so, the reverse response code is sent to the target remote unit; the target remote unit checks the correctness of the reverse response code according to the user name, the key seed, the random information and the reverse random authentication code pair, determines whether to agree with the reverse access authentication request, if so, the authentication is successful, if not, the authentication is stopped, and the system simultaneously sends out a warning.
In the method for accessing the remote unit of the satellite integrated electronic system to the authentication and key agreement, the key mapping table in step 1 comprises the mapping relation between the key seeds and the key seed digests.
The invention provides a remote unit access authentication and key agreement method of a satellite integrated electronic system, which comprises the steps that 1, a key seed is written into a control module of the remote unit before the remote unit is accessed into the satellite integrated electronic system through a wired physical medium, and the digest of the key seed is used as a unique identifier; the key seed obeys a gaussian distribution.
The invention provides a method for accessing authentication and key agreement of a remote unit of a satellite integrated electronic system, which comprises the following steps that in step 3, a corresponding key seed is read and an authentication key is generated by combining random information according to a key seed abstract corresponding to a target remote unit user name, and the specific method comprises the following steps:
step A1: the bus controller and the target remote unit read the key seeds through the key seed digests respectively;
step A2: the bus controller and the target remote unit respectively operate the random information, the target remote unit user name and the key seed through a preset encryption function to respectively obtain two same authentication keys;
step A3: and dividing the obtained authentication keys into sub authentication keys with equal length respectively.
The invention provides a method for accessing authentication and key agreement of a remote unit of a satellite integrated electronic system, wherein the preset encryption function in the step A2 is an encryption function satisfying {0,1}N×{0,1}N→{0,1}NN is determined by the number of bits of the random information, the number of bits of the user name and the number of bits of the key seed.
The invention provides a method for accessing authentication and key agreement of a remote unit of a satellite integrated electronic system, wherein an encryption function is used for operation, and the method specifically comprises the following steps:
step B1: dividing the sub-authentication key into L data blocks according to the digit L of the random number in the forward random authentication code pair or the reverse random authentication code pair, and filling up the missing digits with '0';
step B2: and correspondingly multiplying the random number of the L bits by the L data blocks, and then summing the multiplied random numbers, wherein the obtained data string of the L bits is used as a sub forward response code or a sub reverse response code.
The invention provides a satellite integrated electronic system remote unit access authentication and key agreement method, which is characterized in that a preset encryption function message digest algorithm 5 th edition MD5 for calculating a forward response code or a reverse response code is adopted.
The invention provides a method for accessing authentication and key agreement of a remote unit of a satellite integrated electronic system, which generates a forward response code through an authentication key and a forward random authentication code pair in step 3, and specifically comprises the following steps:
step C1: in the target unit, the two sub-authentication keys with equal length are respectively operated with the two random numbers in the forward random authentication code pair through the preset encryption function to obtain two sub-forward response codes;
step C2: and C, performing operation on the two sub forward response codes obtained in the step C1 through the preset encryption function to obtain the forward response code.
The invention provides a method for accessing authentication and key agreement of a remote unit of a satellite integrated electronic system, wherein a reverse response code is generated through an authentication key and a reverse random authentication code pair in step 3, and the method specifically comprises the following steps:
step D1: in the bus controller, the two sub-authentication keys with equal length are respectively operated with the two random numbers in the reverse random authentication code pair through the preset encryption function to obtain two sub-reverse response codes;
step D2: and D1, calculating the two sub reverse answer codes obtained in the step D1 through the preset encryption function to obtain the reverse answer codes.
The invention adopts a dynamic password authentication technology and a challenge/response mechanism, reduces the calculation overhead, can effectively resist eavesdropping, replay and injection attacks, and ensures the confidentiality and integrity of data in the satellite-borne integrated electronic system.
Drawings
FIG. 1 is a block diagram of a bus-based satellite integrated electronic system according to the present invention;
FIG. 2 is a flow chart of the present invention;
FIG. 3 is a diagram of an original key mapping table;
fig. 4 is a diagram of an exemplary authentication process.
Detailed Description
The present invention will be described in further detail with reference to the following specific examples and the accompanying drawings. The procedures, conditions, experimental methods and the like for carrying out the present invention are general knowledge and common general knowledge in the art except for the contents specifically mentioned below, and the present invention is not particularly limited.
The technical terms in connection with the present invention have the following meanings:
hashMD5(.) represents a one-way key hash function;
hashMD5(M) a hash value representing data item M;
and | represents a join operation.
The invention provides a bus-based access authentication and key agreement method for a remote unit of a satellite integrated electronic system, wherein the structure of the satellite integrated electronic system is shown in figure 1, and the method comprises the following four stages as shown in figure 2:
A. initializing a system: the system distributes a key for each remote terminal RT, and a bus controller BC maintains a corresponding key mapping table;
B. submitting user information: the BC authenticates the RTs one by one in a polling mode;
C. and (3) key agreement: after the BC confirms that the RT is legal, an authentication key is generated, a timestamp is sent to the RT, and the RT calculates the authentication key in the same way;
D. challenge/response: and the BC terminal and the RT terminal verify the identities of the two parties according to the authentication key.
The system initialization phase comprises the following steps:
a1, setting the standby mode code 0x09 as the mode code for starting authentication;
a2, allocating a unique identifier RTID for each remote terminal RT;
a3, the system distributes 3 Original keys (OP) for each remote terminal for access authentication, each Original key OP has a unique identifier OPID;
a4, bus controller BC maintains the mapping as shown in fig. 3.
The stage of submitting the user information comprises the following steps:
the BC starts authenticating the RT one by one in a round robin fashion before the system starts working. Authentication at a RTAt the beginning, BC sends a receiving instruction word with a mode code of 0x09 and a sending instruction word to the terminal; 4 data words are then sent to the RT, within which data field is a 64-bit BC timestamptemp. The RT returns a status word and 5 data words to BC after receiving the message, and a 64-bit terminal identifier RTID is in the data fieldiAnd a 16-bit original key identifier OPIDi(ii) a The BC receives the field, searches whether the ID of the terminal is legal or not and whether the terminal is authenticated in the polling or not in the table 1, and starts the next authentication step if the ID is legal and the terminal is not authenticated in the polling; otherwise, the BC interrupts the authentication procedure of the RT.
The key agreement phase comprises the following steps:
after the BC confirms that the terminal ID is legal, a 128-bit authentication key is calculated according to the formula (1), then the BC sends an acceptance instruction word, a sending instruction word and 1 data word to the RT, and the data word comprises a forward random authentication code pair, namely two random numbers (h) of 4-bit1,h2)∈GF(24) And the remaining bits are 0. Received by RT (h)1,h2) Then, the forward response code is calculated according to the formulas (3) to (4), and a reverse random authentication code pair, namely two random numbers (r) of 4-bit is added1,r2)∈GF(24) And a forward response code
Figure GDA0002820465790000051
Returned to BC together. At the same time, a time stamp BC is received at RT from the BCtempThen, a 128-bit authentication key is calculated as in equation (2).
Figure GDA0002820465790000052
Figure GDA0002820465790000053
Figure GDA0002820465790000054
Figure GDA0002820465790000055
And then, at the BC end and the RT end, simultaneously dividing the authentication key into two 64-bit password strings, as shown in formula (5-6):
Figure GDA0002820465790000056
Figure GDA0002820465790000057
BC end receives (r)1,r2) Then, the reverse response code is calculated according to the equations (7) - (8)
Figure GDA0002820465790000058
Figure GDA0002820465790000059
Figure GDA00028204657900000510
Wherein 4: {0,1}128×{0,1}128→{0,1}128
Figure GDA00028204657900000511
Figure GDA00028204657900000512
The challenge/response phase comprises the following steps:
BC terminal verification
Figure GDA00028204657900000513
If the formula is established, the verification is passed, and the BC end follows the formulas (9) - (10)Calculating the response code of the RT as a confirmation message and sending the confirmation message to the RT, and updating the authentication state in table 1 in fig. 3; otherwise, the RT is quitted from the authentication.
Figure GDA0002820465790000061
Figure GDA0002820465790000062
After receiving the successful authentication message, the RT calculates the response code of BC according to the formulas (11) - (12), and verifies
Figure GDA0002820465790000063
And if the authentication is successful, the authentication is completed, otherwise, the authentication of the BC end fails, and the RT does not respond to the BC in the polling.
Figure GDA0002820465790000064
Figure GDA0002820465790000065
Wherein f isd:{0,1}64→{0,1}4,E∈GF(24) L is divisible by N, defined
Figure GDA0002820465790000066
x∈GF(264),xi∈(GF(24))16. Knowledge is known to demonstrate that for any X ∈ GF (2)64) In the case where the d and X distributions are known, the enemy acquires the correct fdThe probability of the value of (X) can be expressed as
Figure GDA0002820465790000067
Wherein H2(X) second-order Rynyi entropy, representing X
Figure GDA0002820465790000068
PxIs the probability distribution of a random variable X). Fig. 4 depicts a one-time authentication process.
The protection of the present invention is not limited to the above embodiments. Variations and advantages that may occur to those skilled in the art may be incorporated into the invention without departing from the spirit and scope of the inventive concept, and the scope of the appended claims is intended to be protected.

Claims (8)

1. A bus-based access authentication and key agreement method for a remote unit of a satellite integrated electronic system is characterized by comprising the following specific steps:
step 1: system initialization
The bus controller distributes key seeds for each target remote unit, generates key seed abstracts and maintains a corresponding key mapping table;
step 2: submitting user information
The bus controller initiates polling, an access authentication instruction carrying random information is sent to a target remote unit, and the target remote unit returns an authentication request carrying a user name and a key seed abstract of the unit, so that the bus controller examines the identity information and the authentication record of the target remote unit and stores the corresponding relation between the user name of the target remote unit and the key seed abstract and the authentication record in a terminal authentication information database; if the identity authentication of the target remote unit is successful, entering the next step; if the authentication fails, the authentication is stopped, and the system simultaneously gives out an alarm;
and step 3: key agreement
After confirming that the identity of the target remote unit is legal, the bus controller reads the corresponding key seed and generates an authentication key by combining random information according to the key seed abstract corresponding to the user name of the target remote unit, and sends a forward random authentication code pair to the target remote unit; the target remote unit reads the corresponding key seed and generates an authentication key by combining random information according to the key seed abstract corresponding to the user name of the target remote unit, generates a forward response code by using the authentication key and a forward random authentication code pair and sends the forward response code to the bus controller, and simultaneously sends a reverse random authentication code pair to the bus controller, and then the bus controller generates a reverse response code through the authentication key and the reverse random authentication code pair;
and 4, step 4: challenge/response
The bus controller checks the correctness of the forward response code by combining the authentication key and the forward random authentication code pair, determines whether to agree with the forward access authentication request, if not, stops authentication, and simultaneously sends out a warning to the system, and if so, the reverse response code is sent to the target remote unit; the target remote unit checks the correctness of the reverse response code according to the user name, the key seed, the random information and the reverse random authentication code pair, determines whether to agree with the reverse access authentication request, if so, the authentication is successful, if not, the authentication is stopped, and the system simultaneously sends out a warning.
2. The bus-based satellite integrated electronic system remote unit access authentication and key agreement method according to claim 1, wherein the key mapping table of step 1 includes a mapping relationship between a key seed and a key seed digest.
3. The bus-based satellite integrated electronic system remote unit access authentication and key agreement method according to claim 1, wherein the key seed of step 1 has been written into the control module of the target remote unit before the target remote unit accesses the satellite integrated electronic system through the wired physical medium, and the key seed digest is used as a unique identifier; the key seed obeys a gaussian distribution.
4. The bus-based access authentication and key agreement method for the remote unit of the satellite integrated electronic system according to claim 1, wherein in step 3, reading the corresponding key seed according to the key seed digest corresponding to the user name of the target remote unit and generating the authentication key by combining random information, specifically comprising:
step A1: the bus controller and the target remote unit read the key seeds through the key seed digests respectively;
step A2: the bus controller and the target remote unit respectively operate the random information, the target remote unit user name and the key seed through a preset encryption function to respectively obtain two same authentication keys;
step A3: and dividing the obtained authentication key into two sub-authentication keys with equal length respectively.
5. The bus-based satellite integrated electronic system remote unit access authentication and key agreement method according to claim 4, wherein the predetermined encryption function of step A2 is a function satisfying
Figure DEST_PATH_IMAGE001
N is determined by the number of bits of the random information, the number of bits of the user name and the number of bits of the key seed.
6. The bus-based satellite integrated electronic system remote unit access authentication and key agreement method according to claim 4, wherein the encryption function performs operations, specifically comprising:
step B1: dividing the sub-authentication key into L data blocks according to the digit L of the random number in the forward random authentication code pair or the reverse random authentication code pair, and filling up the missing digits with '0';
step B2: and correspondingly multiplying the bit number L of the random number by the L data blocks, and then summing the multiplied bit number L of the random number, wherein the obtained data string with the L bits is used as a sub forward response code or a sub reverse response code.
7. The bus-based satellite integrated electronic system remote unit access authentication and key agreement method according to claim 1, wherein in step 3, the generating of the forward response code using the authentication key and the forward random authentication code pair specifically comprises:
step C1: in the target remote unit, two equally-long sub-authentication keys and two random numbers in the forward random authentication code pair are respectively operated through a preset encryption function to obtain two sub-forward response codes;
step C2: and calculating the obtained two sub forward response codes through a preset encryption function to obtain the forward response codes.
8. The bus-based satellite integrated electronic system remote unit access authentication and key agreement method according to claim 1, wherein in step 3, the generating a reverse response code by the authentication key and the reverse random authentication code pair specifically comprises:
step D1: in the bus controller, two sub-authentication keys with equal length are respectively operated with two random numbers in the reverse random authentication code pair through a preset encryption function to obtain two sub-reverse response codes;
step D2: and calculating the obtained two sub reverse response codes through a preset encryption function to obtain the reverse response codes.
CN201810513701.3A 2018-05-25 2018-05-25 Bus-based remote unit access authentication and key agreement method for satellite integrated electronic system Active CN108881173B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810513701.3A CN108881173B (en) 2018-05-25 2018-05-25 Bus-based remote unit access authentication and key agreement method for satellite integrated electronic system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810513701.3A CN108881173B (en) 2018-05-25 2018-05-25 Bus-based remote unit access authentication and key agreement method for satellite integrated electronic system

Publications (2)

Publication Number Publication Date
CN108881173A CN108881173A (en) 2018-11-23
CN108881173B true CN108881173B (en) 2021-05-25

Family

ID=64334187

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810513701.3A Active CN108881173B (en) 2018-05-25 2018-05-25 Bus-based remote unit access authentication and key agreement method for satellite integrated electronic system

Country Status (1)

Country Link
CN (1) CN108881173B (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1579079A (en) * 2001-10-29 2005-02-09 太阳微系统公司 Enhanced privacy protection in identification in a data communications network
CN101641976A (en) * 2007-03-27 2010-02-03 英国电讯有限公司 An authentication method
CN107040381A (en) * 2016-01-11 2017-08-11 松下航空电子公司 Method and system for secure accessing Field Replaceable Unit

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10360370B2 (en) * 2016-07-22 2019-07-23 Hewlett Packard Enterprise Development Lp Authenticated access to manageability hardware components
US10268818B2 (en) * 2016-09-07 2019-04-23 Vivint, Inc. Automated script

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1579079A (en) * 2001-10-29 2005-02-09 太阳微系统公司 Enhanced privacy protection in identification in a data communications network
CN101641976A (en) * 2007-03-27 2010-02-03 英国电讯有限公司 An authentication method
CN107040381A (en) * 2016-01-11 2017-08-11 松下航空电子公司 Method and system for secure accessing Field Replaceable Unit

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"一种基于入侵检测的空间网络安全路由技术";李雪霞,李泽琦,李明,杜军,王景璟,姜春晓,任勇;《电子技术应用》;20150430;全文 *

Also Published As

Publication number Publication date
CN108881173A (en) 2018-11-23

Similar Documents

Publication Publication Date Title
WO2020019341A1 (en) Method and device for processing blockchain account, and storage medium
WO2020073513A1 (en) Blockchain-based user authentication method and terminal device
TWI782255B (en) Unlocking method, device for realizing unlocking, and computer-readable medium
CN100512201C (en) Method for dealing inserted-requested message of business in groups
EP3949250A1 (en) Secure monitoring using block chain
CN112468504B (en) Industrial control network access control method based on block chain
CN111367923A (en) Data processing method, data processing device, node equipment and storage medium
CN114357492A (en) Medical data privacy fusion method and device based on block chain
CN106027237B (en) Cipher key matrix safety certifying method based on group in a kind of RFID system
CN100476844C (en) Method for realizing binding function between electronic key and computer
CN109302442B (en) Data storage proving method and related equipment
CN108881173B (en) Bus-based remote unit access authentication and key agreement method for satellite integrated electronic system
CN113630255B (en) Lightweight bidirectional authentication method and system based on SRAM PUF
CN111682941B (en) Centralized identity management, distributed authentication and authorization method based on cryptography
CN111651740B (en) Trusted platform sharing system for distributed intelligent embedded system
Wang et al. A lightweight data integrity verification with data dynamics for mobile edge computing
CN113298983A (en) ESAM security authentication-based electric intelligent lock security management and control method and device
CN108449753B (en) Method for reading data in trusted computing environment by mobile phone device
KR102568418B1 (en) Electronic authentication system and method supporting multi-signature
CN114978545B (en) Heterogeneous alliance chain-oriented cross-chain primitive generation method and related device
Yang et al. A High Security Signature Algorithm Based on Kerberos for REST-style Cloud Storage Service
CN118138212A (en) Block chain-based intelligent home security identity authentication method and system
CN114528565B (en) Sensitive data efficient uplink algorithm based on blockchain
CN114117553B (en) Block chain-based control method and system for Internet of things terminal
CN111971677A (en) Tamper-resistant data encoding for mobile devices

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant