CN108964888B - Improved AKA identity authentication system and method based on symmetric key pool and relay communication - Google Patents

Improved AKA identity authentication system and method based on symmetric key pool and relay communication Download PDF

Info

Publication number
CN108964888B
CN108964888B CN201810529945.0A CN201810529945A CN108964888B CN 108964888 B CN108964888 B CN 108964888B CN 201810529945 A CN201810529945 A CN 201810529945A CN 108964888 B CN108964888 B CN 108964888B
Authority
CN
China
Prior art keywords
key
authentication
relay
server
random number
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810529945.0A
Other languages
Chinese (zh)
Other versions
CN108964888A (en
Inventor
富尧
钟一民
余秋炜
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ruban Quantum Technology Co Ltd
Original Assignee
Ruban Quantum Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ruban Quantum Technology Co Ltd filed Critical Ruban Quantum Technology Co Ltd
Priority to CN201810529945.0A priority Critical patent/CN108964888B/en
Publication of CN108964888A publication Critical patent/CN108964888A/en
Application granted granted Critical
Publication of CN108964888B publication Critical patent/CN108964888B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B10/00Transmission systems employing electromagnetic waves other than radio-waves, e.g. infrared, visible or ultraviolet light, or employing corpuscular radiation, e.g. quantum communication
    • H04B10/70Photonic quantum communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Abstract

The invention discloses an improved AKA identity authentication system and a method based on symmetric key pool and relay communication, wherein the AKA identity authentication system comprises a member, a relay and a server which participate in the AKA identity authentication, the member, the relay and the server share a group key pool, and the member and the relay respectively use key seeds from the group key pool and then combine random number parameters to calculate to obtain a negotiation key between the member and the relay in the AKA identity authentication process; the random number parameter is obtained correspondingly in the group key pool by using a pointer address A, in the AKA identity authentication process, a relay obtains the pointer address A through a server, a member obtains the parameter for generating the pointer address A from the server through the relay, and then the pointer address A is generated through the parameter. The invention can further improve the communication security.

Description

Improved AKA identity authentication system and method based on symmetric key pool and relay communication
Technical Field
The invention relates to the technical field of secure communication, in particular to private identity authentication and key agreement based on a group data network.
Background
Authentication, namely identity authentication, is a basic technology for realizing information security, a system checks the identity of a user to confirm whether the user has access and use rights to certain resources, and identity authentication between the system and the system can also be performed.
With the development of quantum computers, classical asymmetric encryption algorithms are no longer secure, and symmetric key algorithms will make the best way no matter in the authentication or encryption and decryption fields. Such as AKA mechanism, which is one of authentication methods based on symmetric key algorithm and is commonly used in the field of mobile communication. AKA is known collectively as "Authentication and keyagent", i.e., Authentication and key agreement. As the name suggests, the AKA mechanism performs key negotiation while performing identity authentication, and provides key guarantee for encryption of subsequent communication.
As a scheme for security upgrade, the manner of symmetric key pool will be an important scheme or even a mainstream scheme for ensuring key security. Meanwhile, all or part of the content in the symmetric key pool can be encrypted and stored, and the encrypted key can be stored in a security isolation device hosted by the symmetric key pool. When the key operation is subsequently performed on the symmetric key pool, the symmetric key pool needs to be decrypted by the security isolation device and then used. The invention patent document with the patent publication number of CN105337726A and the title of "end-to-end handheld device encryption method and system based on quantum cryptography" discloses an end-to-end handheld device encryption method based on quantum cryptography, wherein a pair of symmetric keys is formed between two key distribution devices for quantum communication through QKD, and is used for quantum encryption communication between users of both sides of the QKD.
In a multicast network formed by a part of units, group members encrypt and send data in a group key encryption mode. Currently, two groups session key generation methods are generally adopted in the group session field: group key distribution and group key negotiation. The advantage of group key distribution is that it is simple and requires less computation and traffic. But this way of key establishment requires a trusted third party as key distributor. This condition is difficult to achieve in a real network environment. In the group key agreement protocol, all participants provide secret information specified by the protocol to jointly establish a session key. Although the group key agreement protocol requires more computation and traffic consumption than the group key distribution protocol, no participation from a trusted third party is required. This advantage makes group key agreement a research hotspot in current group key establishment protocols.
The problems existing in the prior art are as follows:
1. in group communication, the number of key seeds involved in group key agreement is usually only 1 or a small number, and the freshness of the key seeds cannot be kept or the variable range is small, so that the key seeds are easy to crack.
2. At present, an encryption mode for realizing the encryption between the members and the relay in the group mainly depends on a group key for encryption, a key for independent communication is not arranged between the two parties, and the transmission of important information is relatively unsafe. Once the group key is broken, all the information is revealed.
And3, the random number parameter in the key generation in the AKA mechanism is in an exposed state, so that the risk of cracking the negotiation key is increased. And the verification of the check mechanism of the SQN is in scope without uniqueness, and certain contingency exists.
4. Most of the messages in the authentication are sent in a plaintext form or encrypted in a weak confidentiality encryption mode, so that key information is easily leaked, and the security of the authentication is reduced.
Disclosure of Invention
The invention provides an improved AKA identity authentication system based on a symmetric key pool, which can further improve the communication security.
An improved AKA identity authentication system based on a symmetric key pool and relay communication comprises a member participating in the AKA identity authentication, a relay and a server, wherein a negotiation key is generated between the member and the relay through the AKA identity authentication for encrypted communication between the member and the relay, and the generation mode of the negotiation key between the member and the relay is as follows:
the member, the relay and the server share a group key pool, and the member and the relay respectively calculate by using key seeds from the group key pool and combining random number parameters to obtain a negotiation key between the member and the relay;
the random number parameter is correspondingly obtained in the group key pool by using a pointer address A, in the AKA identity authentication process, a relay obtains the pointer address A through a server, a member obtains a parameter for generating the pointer address A from the server through the relay, and then the pointer address A is generated through the parameter; and generating parameters of the pointer address A, and encrypting the parameters by adopting an authentication key shared between the server and the member in the process that the server sends the parameters to the member through the relay.
In the invention, the members and the relay share the negotiation key through AKA identity authentication, in the subsequent communication process, the encryption mode of the two independent communication can adopt the negotiation key, other members cannot know the content, and the negotiation key can still further ensure the communication security of the group key pool even if the group key pool is cracked.
The invention has the further improvement that the members, the relays and the server (namely the key management server) share a group key pool, true random numbers are preferably selected in the group key pool, the provided key amount is larger, and the freshness of the key seeds can be ensured or the key seeds are more difficult to crack by combining an updating strategy.
The invention has the further improvement that the random number parameters adopted when generating the negotiation key are not directly transmitted in the network, but the pointer address A or the parameters for generating the pointer address A are transmitted, and the random number parameters can be generated by the members and the relays according to the owned pointer address A or the parameters for generating the pointer address A and the local group key pool, thereby further improving the security level.
In order to ensure the safety of the AKA identity authentication process, encryption communication is adopted between the member and the relay and between the relay and the server.
Preferably, during the AKA identity authentication, the member and the relay use the group key pool to encrypt communication, and the relay and the server use a pre-shared negotiation key to encrypt communication, which specifically includes:
the member sends an authentication request to the relay;
the relay responds to the authentication request and obtains a corresponding authentication vector from the server, and the authentication vector comprises the pointer address A and a parameter for generating the pointer address A;
the relay sends a question message to the member, and the question message contains parameters for generating the pointer address A from the authentication vector;
the member responds to the question message and sends a corresponding authentication response to the relay;
and after the relay verifies the authentication response, sending an authentication result to the member for the member to confirm to complete AKA identity authentication.
Since the parameters generating the pointer address a have been encrypted once by the authentication key shared between the server and the member, while the encrypted communication between the member and the relay is also encrypted by using the group key pool, the parameters generating the pointer address a are encrypted twice as a whole.
Similarly, when the relay and the server encrypt the communication by using the negotiation key, the parameter for generating the pointer address a is also encrypted twice as a whole.
And the parameters for generating the pointer address A adopt double encryption, so that the safety is further improved.
In the process that the member sends the authentication request to the relay, the relay sends the question message to the member, the member sends the authentication response to the relay and the relay sends the authentication result to the member, the communication between the member and the relay is involved, and the member and the relay share the group key pool, so the communication can be encrypted by using the group key pool.
Preferably, when the member communicates with the relay, the master generates a negotiation code in the form of a random number, obtains a pointer address through a specified pointer address algorithm by using the negotiation code, takes out the random number with a specified length from the group key pool according to the pointer address, and generates a group chat secret key and a group chat integrity key by using a specified key generation algorithm and the taken-out random number;
the group chat integrity key is used for generating and verifying a corresponding verification code in combination with communication content;
the group chat privacy key is used to encrypt and decrypt in conjunction with the communication content.
Similarly, when the relay obtains the authentication vector from the server, the relay sends an authentication vector request to the server, and the server sends an authentication vector feedback to the relay, wherein communication between the relay and the server is involved, and since the relay and the server share the negotiation key in advance, the communication can be encrypted by using the shared key between the relay and the server.
The shared negotiation key between the relay and the server can be generated according to the prior art, and in addition, the relay and the server can share a private key pool, so the negotiation key shared between the relay and the server can be generated by utilizing the private key pool, and the safety is further improved.
Preferably, the member and the relay respectively have a private key pool, and the member and the relay are mutually independent and share the private key pool with the server to generate an authentication key between the member and the server and an authentication key between the relay and the server;
the pointer address A is obtained by combining a random number A and an authentication key between a member and the server through a specified algorithm, and the random number A is generated by the server.
The authentication vector comprises a pointer address A and a random number A, and the pointer address A is generated by combining the random number A with an authentication key between a member and a server, so that the relay needs to directly obtain the pointer address A from the authentication vector, and the member only needs to obtain the random number A and then combines with a local corresponding authentication key to generate the pointer address A by self.
The authentication key between the member and the server can be generated by utilizing the private key pool by adopting the existing means, and the authentication key between the member and the server can also be generated by utilizing the private key pool as required.
Preferably, the key seed is obtained from the group key pool by using a pointer address B, and the pointer address B is obtained by using a random number B through a specified algorithm, and the random number B is generated by the relay and distributed to the members through the question message.
Besides possessing the group key pool, the acquisition of the key seed also needs the corresponding pointer address B, the random number B is generated by the relay, and the pointer address B is obtained by combining the pointer address algorithm, thus further improving the security,
the information used for generating the negotiation key can be key seeds, random number parameters or pointer addresses A, random numbers A, pointer addresses B and random numbers B used for generating the former, communication identifiers, corresponding algorithms, algorithm IDs and the like, and the authentication vectors and the question messages comprise at least part of information, so that members and relays finally acquire all conditions for generating the negotiation key.
Preferably, the authentication request further carries a communication identifier which is generated by the member and is in a true random number form, the communication identifier is sent to the server when the relay obtains the authentication vector from the server, the server encrypts by using an authentication key between the member and the server to obtain a network authentication token in a ciphertext form, the communication identifier is contained in the network authentication token, the network authentication token is sent to the member along with the authentication vector and the question message in sequence, and the member extracts and verifies the question message by using the communication identifier. Preferably, in the authentication request, the communication identifier is encrypted with an authentication key between the member and the server.
Since the group key pool is used for encrypting communication between the member and the relay in the AKA identity authentication process, the method is equivalent to double encryption for the communication identifier.
In addition, the relay is kept secret because the authentication key encryption between the member and the server is adopted.
Preferably, the authentication request further includes a message encryption algorithm ID and a message authentication algorithm ID when a negotiation key is used between the member and the relay in subsequent communication.
Preferably, the authentication vector further includes an algorithm ID when a negotiation key is generated between the member designated by the server and the relay, the relay generates the negotiation key according to the algorithm ID, and sends the algorithm ID to the member through a challenge message, so that the member generates the negotiation key.
The negotiation key comprises a confidentiality key and an integrity key, and the corresponding algorithm ID also comprises an algorithm ID for generating the confidentiality key and an algorithm ID for generating the integrity key.
Preferably, the authentication vector further comprises an authentication response, and the authentication response is generated by using an authentication key between the member and the server and the random number A;
the relay directly acquires the authentication response in the authentication vector, after receiving the question message and verifying that the communication identifier passes, the member generates a message authentication code in a mode corresponding to the mode of generating the authentication response, and sends the message authentication code to the relay in a mode of authenticating the response, so that the relay can compare and authenticate the authentication response and the message authentication code.
Preferably, the AKA identity authentication system is implemented based on a wireless multi-hop network, and the communication nodes participating in AKA identity authentication further comprise a plurality of communication nodes for transmitting messages between the members and the relay.
Each communication node can be regarded as one member, if there is no other communication node between the member and the relay, the member and the relay correspond to the two and directly communicate, and if there are other communication nodes, the message transmission between the member and the relay needs to be sequentially forwarded, but the forwarded communication node does not participate in the encryption and decryption of the message. Members of the group may decrypt the message unless it is for a group message that each member needs to receive.
At least two servers participating in AKA identity authentication are provided, wherein one server is a first server to which the relay belongs, the other server is a second server to which the member belongs, and one of the first server and the second server possesses a group key pool;
after receiving the authentication vector request from the relay, the first server forwards the authentication vector request to the second server, the second server responds to the authentication vector request and generates a corresponding authentication vector, and then the authentication vector is sent to the relay through the first server in the form of authentication vector feedback.
The relay home first server, it is understood that both can communicate securely, i.e., pre-shared negotiation keys, and shared private key pool.
The member belongs to the second server, can understand the shared authentication key of the two and share the private key pool, in addition, the second server also prestores the information related to the member, the information can be sent to the member along with the authentication vector and the question message, for the member to authenticate the question message.
The invention also provides an improved AKA identity authentication method based on the symmetric key pool and relay communication, which comprises the following steps:
step S1, the member sends authentication request to the relay;
step S2, the relay responds to the authentication request and obtains the corresponding authentication vector from the server, and the authentication vector contains the pointer address A and the random number A encrypted by the authentication key between the server and the member;
the pointer address A is obtained by combining a random number A with an authentication key between a member and a server through a specified algorithm, and the random number A is generated by the server;
the group key pool is shared by the members, the relay and the server, the relay correspondingly obtains random number parameters in the group key pool through a pointer address A, and then a negotiation key between the members and the relay is obtained through calculation by combining key seeds of the group key pool;
step S3, the relay sends question information to the member, and the question information contains random number A from the authentication vector and encrypted by the authentication key between the server and the member;
the member receives the question message, extracts a random number A and generates a pointer address A, then correspondingly obtains random number parameters in the group key pool through the pointer address A, and then obtains a negotiation key between the member and the relay through calculation by combining with the key seed of the group key pool;
step S4, the member sends the corresponding authentication response to the relay;
and step S5, after the relay verifies the authentication response, the relay sends an authentication result to the member so that the member can confirm to complete AKA identity authentication.
The relevant operations of each step can also be combined with the relevant description in the AKA identity authentication system of the invention, and are not described again.
The invention improves the capacity and the replaceability of the key seeds in the group key negotiation aspect, simultaneously ensures the true randomness and the safety of random numbers required by key generation, and improves the high confidentiality of group chat information to a great extent. In the aspects of identity authentication and key agreement, the invention realizes the independent authentication between the members in the group and the two relay parties. By adopting the group key and the authentication key for double encryption, the group key and the authentication key cannot be obtained outside the non-key information group, and other members (including relays) in the key information group cannot be obtained, so that the negotiated key has high security. Meanwhile, the authentication key used in the authentication system can be replaced regularly, so that the risk of the authentication key being cracked is reduced. The message freshness check in the classical AKA authentication mechanism is checked by taking a random number as a unique identifier, so that the passing contingency of the check is reduced, and the resynchronization loophole of an SQN check mechanism in the AKA authentication is solved. Meanwhile, the key management server is positioned in the quantum communication network, and the transmission among the servers adopts the encryption transmission in the QKD mode, so that the safety of the message transmission of the servers is ensured.
Drawings
FIG. 1 is a view of the scene of example 1;
FIG. 2 is a diagram showing some parameters possessed by the members C, R and S in example 1;
fig. 3 is an authentication flow chart of embodiment 1 (the dotted line is an additional message transmission flow when the authentication key set is updated);
FIG. 4 is a view showing the scenario of example 2;
FIG. 5 is a schematic diagram showing the partial parameters possessed by the members C, R, S1 and S2, respectively, in example 2;
fig. 6 is an authentication flow chart of embodiment 2 (the dotted line is an additional message transmission flow when the authentication key set is updated);
fig. 7 is a derived scene diagram of example 2.
Detailed Description
Example 1
Description of the System
The scenario of this embodiment is shown in fig. 1, in this figure, member R, member a0, member a1, member a2, member A3, member a4, and member C are all members of the same group, and member R is a relay unit.
The active party participating in authentication in this figure is C, which contains a private key pool KCAnd a group key pool KG(ii) a The passive party participating in authentication is R and contains a private key pool KRAnd a group key pool KG
The private key pool is a symmetric key pool between both the members and the server, and the group key pool is a symmetric key pool between the members in the group.
The member S is a key management server and also serves as a server, the member C and the member R belong to S, and the member S comprises a private key pool and a group key pool K of all membersG
The member R is used as a communication relay and has performed identity authentication and key agreement with the member S, so that the communication between the R and the S has been realized by symmetric encryption, and the agreement key of the R side is CKRAnd IKRIndicating that CK is used for negotiating a key on the S sideR' and IKR' means.
As shown in fig. 2, the IDs of the member C, the member R and the member S are ID ═ ID respectivelyC、ID=IDRAnd ID ═ IDSAt the same time, member C and member R both record the ID code PID of the home key management server, i.e. ID-ID of member SS. C. The cryptography modules of R and S each hold a corresponding key pool (including a private key pool and a group key pool), various algorithms, and an authentication key set. The length of the authentication key group is 2, the first group is a history key, the second group is a use key, each group of authentication keys has a secret key and an integrity key, and the home key management server of the group of authentication keys has the corresponding authentication key group. The authentication key set is implemented based on a pool of private keys. The symbolic representation of each key is detailed in fig. 2.
In this embodiment, both member C and member R have security isolation devices to store the key pool. In this embodiment, the keys finally negotiated after the authentication of the member C and the member R are a message encryption key CK (i.e., a secret key) and a message authentication key IK (i.e., an integrity key). The embodiment may be in a wireless multihop network and then there may not be direct communication between member C and member R. As in fig. 1, the communication of messages between member C and member R requires forwarding through member a 1. Where member a1 does not participate in the encryption and decryption of the message. Members within the group may each decrypt a message sent by a group member if the message is a group message.
The suffix A, B, the number of letters, the suffix 1, the number of numerals, the prefix first, the prefix second, etc. are used for distinguishing and convenience of description, and are not limited to the meaning of the noun itself.
In both communication parties, keys, authentication codes, and the like corresponding to contents are generally distinguished by superscript 'in order to distinguish differences between holders, and for example, when a member generates RAND1 and issues it to a relay, and the relay holds and uses the random number, it is called random number RAND 1', but the contents of both are the same.
Description of the flow
Referring to fig. 3, a schematic diagram of an authentication message flow of this embodiment shows a message indicated by a solid line as an authentication and key agreement part of this embodiment. The detailed description of the present embodiment is as follows:
step 1: member C initiates an authentication request to relay R
1.1, group key generation: the member C generates a random number RAND1 as needed, and the random number RAND1 is preferably a quantum random number generated by a quantum true random number generator to improve security, and may be generated in advance and stored for calling or generated as needed to transmit a group chat message. RAND1 is entered as a parameter into the pointer address algorithm. From the group key pool K according to the pointer address obtainedGA random number of a specified length is fetched. Generation of group chat privacy key, CK, using a key generation algorithm and a fetched random numberGAnd group chat integrity key IKG
1.2, generating an authentication request: member C generates a random number RAND2, preferably a quantum random number generated by a quantum true random number generator, and RAND2 may be generated in advance and stored for invocation or generated as required to generate an authentication request to improve security. Splicing the random number RAND2 with the key information of the service end side of the authentication request, and using the integrity key KI of the group in the authentication key groupC2Together as a parameter, into a message authentication algorithm, which generates a message authentication code MAC 1. Adding message authentication code MAC1 after splicing the key information, and using group security key KE in authentication key groupC2Together as a parameter input to the message encryption algorithm to generate ciphertext M1. The identity ID of the key management server which belongs the ciphertext M1 and the member CSKey information splicing of relay R party of parameter KLA and authentication request and group chat integrity key IKGTogether as a parameter, into a message authentication algorithm, which generates a message authentication code MAC 2. KLA parameter comprises a secret key CK negotiated at the time and a key length LC of a message authentication key IKAnd LI, and message encryption algorithm IDCKAnd message authentication algorithm IDIK. Such settings may satisfy the requirements of the application layer for algorithms and keys. The spliced key information is added with a message authentication code MAC2 and a group chat security key CKGTogether as a parameter input to the message encryption algorithm to generate ciphertext M2. The authentication request includes the identity ID of the member C (i.e., the authentication master) in clear textCThe identification code ID of the relay member R (namely the authentication passive party)RAnd a random number RAND1 and a ciphertext M2.
1.3, sending an authentication request: the member C sends an authentication request, which may be sent directly to the relay R or may be sent to the relay R via the transmission mode of the multi-hop network. According to the designation of the receiver as ID in the messageR. Other group members do not decrypt and parse the request message.
Step 2: the relay R receives the authentication request and forwards the authentication request to the server
2.1, the relay R identifies the message, splits and analyzes the message: after the relay R receives the authentication request from the member C, the relay R analyzes the request message to obtain the identity identifier ID of the active party of the authentication requestC', ID of passive party of authentication request (i.e. relay R)R' and random number RAND1 ' and ciphertext M2 '. Relay R authentication IDR' compare with own identification code, match and then go to next step.
2.2, relay R decrypts the authentication message: RAND 1' is entered as a parameter into the specified pointer address algorithm. From the group key pool K according to the pointer address obtainedGA random number of a specified length is fetched. Generation of group chat privacy key CK using a specified key generation algorithm and fetched random numbersG' and group chat integrity key IKG'. Using group chat privacy key CKG' and the corresponding message decryption algorithm decrypts the ciphertext M2 ' to obtain the related information of the authentication request, the parameter KLA ', the ciphertext M1 ' and the message authentication code MAC2 '. Using group chat integrity key IKG' and the corresponding message authentication algorithm, to obtain the message authentication code MAC 3. Mixing MAC3 and MAC2' compare, if equal, the message is not tampered; otherwise, the request is invalid.
2.3, the relay R generates an authentication vector request: the relay R identifies the code ID according to the identity of the member CC' identification code ID of key management server to which member C belongsS'and the ciphertext M1' generate a request for an authentication vector to the key management server S. Integrity key IK using a negotiated key of a relay R and a key management server SRAnd a corresponding message authentication algorithm generates a message authentication code MAC4, and uses the authentication vector request and MAC4 together with a secret key CK of the negotiation keyRAnd the message encryption algorithm to obtain a ciphertext M3.
2.4, the relay R sends an authentication vector request: the relay R sends its own identity identifier IDRAnd the identity ID of the key management server SSAnd the ciphertext M3 into a message packet in a corresponding format. The relay R sends a request to S.
And step 3: the server receives the authentication vector request and generates an authentication vector
3.1, the server receives the request message, decrypts and authenticates the message: the key management server S receives a request for an authentication vector from the relay R. The ciphertext M3' is obtained through analysis. Server S uses key CK negotiated with relay RR' and IKR'decrypting the ciphertext M3' and authenticating the message to obtain the IDC”、IDS"and ciphertext M1". Please refer to step 2.2 above for the specific process of decryption and message authentication.
3.2, the server S decrypts the authentication ciphertext M1 ": the key management server S follows the ID in the requestC"and IDS"find the appointed authentication key group, take out the secret key KE in the key groupC2' and integrity Key KIC2'. Key management server S utilizes key KEC2'and a designated message decryption algorithm decrypts the ciphertext M1' to obtain a random number RAND2 ', server side related authentication information and MAC 1'. Reuse of secret key KIC2'and a specified message authentication algorithm calculates the random number RAND 2' and the splicing data of the authentication information related to the service end side to obtain the message authenticationCertificate code MAC 5. The key management server S compares the MAC5 with the MAC1 'and if the MAC5 and the MAC 1' are equal, the message is not tampered; otherwise, the authentication is abnormal.
3.3, the server S generates an authentication vector: the key management server S will use KI in the key setC2' calculating key of authentication vector. The key management server S generates a random number RAND3, and the random number RAND3 is preferably a quantum random number generated by a quantum true random number generator to improve security, and may be generated in advance and stored for calling or generated according to the needs of the server. While the key management server S generates a timestamp TS. Set group key pool KGTotal data amount of PAThe specific calculation formula is as follows (∈ indicates bitwise xor, and | | indicates concatenation):
computing a key agreement code (KIA): KIA ═ IDf6||IDf7||Ts;
Calculate expected authentication response (XRES): XRES ═ f1 (KI)C2’,RAND3);
Calculating the pointer Address (P) of CKC):PC=f2(KIC2’,RAND3,PA);
Calculating pointer Address (P) of IKI):PI=f3(KIC2’,RAND3,PA);
A network authentication token (AUTN) ═ RAND 2' | RAND3| | KIA;
compute message authentication code (MAC 6): MAC6 ═ f4 (KI)C2’,AUTN);
Compute message ciphertext (M4): m4 ═ f5 (KE)C2’,AUTN||MAC6);
Authentication Vector (AV): AV ═ XRES | | | PC||PI||M4||KIA;
(Note: algorithms f1 and f4 are specified message authentication algorithms, f2 and f3 are specified pointer address algorithms, and f5 is a specified message encryption algorithmf6And IDf7Key Generation Algorithm ID for CK and IK)
3.4, the server S sends an authentication vector to the relay R: the key management server generates n sets of authentication vectors (all for the same authentication) in the above manner, and uses the same asNegotiation key CK of RR' and IKR' encrypted and sent to relay R. Please refer to step 2.3 above for the process of encryption and message authentication.
And4, step 4: the relay R receives the message, calculates the negotiation key and issues a question to the C
4.1, the relay R receives the message and decrypts and authenticates the message: the relay R receives the encrypted information from the server S and uses the key CK negotiated with the server SRAnd IKRPlease refer to step 2.2 above for the specific process of decrypting and authenticating the message.
4.2, relay R generates a negotiation key: the relay R selects a set of authentication vectors AV (0) with a sequence number of 0 among the n sets of authentication vectors. To generate a random number RAND4, the random number RAND4 is preferably a quantum random number generated by a quantum true random number generator to improve security, and may be generated in advance and stored for calling or generated as needed by the relay R. The pointer address is calculated using the random number RAND4 and a specified pointer address algorithm. And taking a random number with a specified length from the group key pool according to the pointer address as a key seed of CK and IK, and setting the random number as K. And according to the pointer address P in the authentication vector AV (0)C' and PI' Slave group Key pool KGThe random numbers N1 and N2 of the specified lengths were taken out. The relay R obtains the IDs of the key generation algorithms for CK and IK from KIA' in the authentication vector AV (0). The calculation formulas of CK and IK are shown below
Computing privacy key (CK): CK ═ f6(K, N1);
compute Integrity Key (IK): IK ═ f7(K, N2);
(f6 and f7 are respectively designated key generation algorithms)
4.3, the relay R sends a question message to the member C: the relay R adds RAND4| M4' in the challenge message. The relay R generates a random number RAND5, and the random number RAND5 is preferably a quantum random number generated by a quantum true random number generator to improve security, and may be generated in advance and stored for calling or generated as needed by the relay R. The relay R encrypts the question message by using a group message encryption mode and sends the encrypted question message to the member C. For the specific encryption process, refer to the corresponding part of step 1, where the use of RAND5 is the same as that of RAND 1.
And 5: member C verifies the challenge message and returns a response
5.1, receiving the message by the member C, decrypting the authentication question message: the member C decrypts the challenge message and authenticates the message according to the random number RAND 5' and a corresponding algorithm. Please refer to step 2.2 above for the specific process. Decryption yields RAND 4' and M4 ".
5.2, resolving and verifying the question message of the relay R by the member C: member C utilizes KEC2And KIC2And the corresponding message decryption algorithm and the message authentication algorithm decrypt and authenticate the M4 'to obtain AUTN'. Please refer to step 2.2 above for the specific process. Member C splits AUTN 'into RAND2 ", RAND 3' and KIA". And the member C compares the RAND2 'with the RAND2, if the RAND 2' and the RAND2 are the same, the member C proves the question message of the same authentication service, and otherwise, the authentication is abnormal.
5.3, the member C generates the negotiation keys CK and IK and generates a response message: after the challenge message is verified, member C utilizes RAND 3' and KIC2The pointer address P is calculated by the same algorithm as that in the server SC"and PI"(see step 3.3). Reuse RAND 4' and pointer address PC”、PI"the negotiation keys CK ' and IK ' are obtained by the same operation as in relay R ' (please refer to step 4.2). The CK ' and IK ' life cycles are derived in AMF ' and the algorithm for encryption of the following data is also resolved from AMF. Member C will RAND 3' and KIC2The message authentication code RES is calculated by an algorithm corresponding to f 2.
5.4, the member C returns a response message: the member C encrypts the message authentication code RES to the relay R in a group message encryption manner, and the specific encryption process refers to the corresponding part of step 1 above, and may continue to use RAND1 or generate a new random number to replace RAND 1.
Step 6: the relay R verifies the identity of the member C and returns an authentication result
6.1, relay R authentication response message: after receiving the response message from the a side, the relay R decrypts and authenticates the response message in a group message decryption manner, and analyzes the response message to obtain RES', and the specific decryption and message authentication process refers to step 2.2 above. And comparing the RES 'with the XRES' in the authentication vector AV (0), if the RES 'and the XRES' are the same, successfully authenticating the member C by the relay R, and if the RES 'and the XRES' are different, failing to authenticate the member C.
6.2, the relay R returns an authentication result: the relay R returns the authentication result to the member C, the authentication result is encrypted and sent to the member C by using the group message encryption, the generation and encryption of the message authentication code refer to the corresponding part of step 1 above, and RAND5 can be continuously used or a new random number can be generated again to replace RAND 5). If the authentication is successful, keeping the CK and the IK generated by the authentication; if the authentication fails, the CK and the IK generated by the authentication are cleared.
And 7: member C receives the verification authentication result
And the member C receives the return message of the relay R and decrypts and authenticates the return result of the relay R by using a group message decryption mode. And the member C analyzes the authentication result and judges whether the identity authentication is successful. If the authentication fails, the authentication request is reinitiated; if successful, the subsequent message transmissions can be encrypted and decrypted.
Updating of authentication keys
In the invention, the authentication key between the member and the server can be updated according to the requirement, for example, according to a set updating period, or in response to an updating request of an upper application, and the like.
The method for updating the authentication key is similar to the method for generating CK and IK in the above authentication method, and the detailed message flow refers to the solid line and the dotted line in fig. 3. Using algorithm f3 or f4 to generate pointer address of authentication key, and taking out random number of specified length from the private key pool corresponding to member C and authentication key KI according to pointer addressC2' new authentication key is calculated using a key generation algorithm. At the first time, a random number at the beginning of the pool of private keys is taken as the authentication key by default. When updating the authentication key, the current authentication key is covered with the previous authentication key group, the synchronous authentication key group is covered with the current key group, and the authentication key is updatedAs shown in fig. 3.
Authentication and authentication key update combination
When the update of the authentication key needs to be bound to the authentication, member C may be declared in the authentication request of step 1, e.g. setting an identifier in the authentication request. Please refer to the "update of the authentication key" in this embodiment.
Handling of authentication exceptions
The message transmitted and received between the member C and the server S may be an authentication request, an authentication vector feedback, a challenge message, an authentication response, or an authentication result. Referring to fig. 3, an authentication request, an authentication vector feedback, a challenge message, an authentication response, or an authentication result are respectively referred to as messages (i) to (ii). If slight packet loss occurs in the message transmission process, the respective signaling retransmission mechanisms do not influence the message receiving and sending in general. For example, the member C cannot receive the question message from the relay R after sending the authentication request to the relay R, and can regenerate the request message and send the request message to the relay R until the maximum sending times of the request is reached; the relay R, after sending the challenge message, will not receive the response message, and will also resend it to the maximum number of times of sending.
If the packet loss is severe or even the network is disconnected in the authentication process, the authentication process is terminated, and the next authentication request of the lower application layer is waited. The various abnormal conditions are handled as follows:
1. if only authentication and key negotiation are carried out in the process, no matter any one of the messages (i), (ii), (iii), (iv) and (iv) is lost, the private key pool and the authentication key group are not affected. The only effect is authentication failure and key agreement failure, which can be re-authenticated according to the application layer request.
2. If the authentication key is updated, the packet loss of the messages I, II, III and IV does not influence the synchronization of the authentication key group. When the message in the part of the fifth, sixth or the dotted line loses the packet, the member C cannot receive the return message from the relay R, which indicates that the update of the authentication key fails. Member C will make the initiation request again and declare the last authentication key update failure. After receiving the update request, the server S judges whether to use the first key or the second key in the authentication key group to calculate the authentication vector according to the message whether the last update receives the update of the authentication key. If the last update receives the message of updating the authentication key, which means that the server S has finished updating, but the member C has not updated, the server S uses the first key in the authentication key group to calculate the authentication vector. If the last update does not receive the message of updating the authentication key, which means that neither the server S nor the member C is updated, the server S uses the second key in the authentication key group to calculate the authentication vector.
3. If the combination of authentication and updating of the authentication key is used, the processing mode may refer to the exception handling in case 2.
Example 2
Description of the System
As shown in fig. 4, the identity authentication system of the present invention may include a plurality of key management servers, and different key management servers are located in different quantum network service stations. Each quantum network service station is in the quantum communication network, so quantum keys between the quantum network service stations can be shared in a QKD mode, and high information safety is guaranteed.
Referring to fig. 4, in this figure, member R, member a0, member a1, member a2, member A3, member a4 and member C are members of the same group, and member R is a relay unit. The active party participating in authentication is C, which is a group member and contains a private key pool KCAnd a group key pool KG(ii) a The passive party participating in authentication is R, which is a relay member and contains a private key pool KRAnd a group key pool KG(ii) a Members S1 and S2 are key management servers, also serving as servers, member R belongs to S1, member C belongs to S2, the key management server contains a private key pool for registering members, wherein the key management server S1 is a group key pool K for member C and relay RGAlso having a group key pool KG. Or as shown in FIG. 7, group key pool K for member C and relay RGIs a key management server S2, has a group key pool KGAnd S1 has no group cipherKey pool KG. The member R acts as a communication relay and has performed identity authentication and key agreement with the member S1, so that the communication between the R and the S has been implemented by symmetric encryption, and the agreement key of the R side is used by CKRAnd IKRIndicating that CK for negotiating a key on the S1 sideR' and IKR' means. As shown in fig. 5, the IDs of the member C, the member R, the member S1, and the member S2 are ID ═ ID, respectivelyC、ID=IDR、ID=IDS1And ID ═ IDS2At the same time, member C and member R both record the ID code PID of the home key management server, i.e. the PID of member C is IDS2The PID of the member R is IDS1. C. R, S1 and S2 each hold a corresponding pool of keys (including a pool of private keys and a pool of group keys), various classes of algorithms, and sets of authentication keys. The length of the authentication key group is 2, the first is a history key, the second is a use key, and the key management server to which the authentication key group belongs has the corresponding authentication key group. The authentication key set is implemented based on a pool of private keys. The symbolic representation of each key is detailed in fig. 5. In this embodiment, both member C and member R have security isolation devices to store the key pool. In this embodiment, the keys finally negotiated after the authentication of the member C and the member R are a message encryption key CK (i.e., a secret key) and a message authentication key IK (i.e., an integrity key). The embodiment may be in a wireless multihop network and then there may not be direct communication between member C and member R.
Description of the flow
Referring to fig. 6, a schematic diagram of an authentication message flow of this embodiment is shown, where a message indicated by a solid line is an authentication and key agreement part of this embodiment. The detailed description of the present embodiment is as follows:
step 1: member C initiates an authentication request to relay R
Please refer to step 1 in example 1.
Step 2: the relay R receives the authentication request and forwards the authentication request to the server
Please refer to step 2 in example 1.
And step 3: server S1 forwards authentication vector request
The key management server S1 receives a request for an authentication vector from the relay R. Using a negotiation key CK with a relay RR' and IKR' decrypt the ciphertext in the request and authenticate the message. Please refer to step 2.2 in embodiment 1 above for the specific flow of decryption and message authentication. The key management server S1 relays R ID according to the messageRAnd the ID of the key management server S2S2The request is directed to a key management server in the quantum communication network in a specified format S2. In transmission, stations encrypt transmission in a mode of sharing quantum keys among the stations in a QKD mode. The quantum network service station where the key management server S1 is located and the quantum network service station where the key management server S2 is located may be adjacent stations, and may also communicate through multiple relays.
And4, step 4: the server S2 receives the authentication vector request and generates an authentication vector
After receiving the authentication vector request forwarded by the key management server S1, the key management server S2 decrypts, authenticates, and parses the request. And generating n groups of authentication vectors about the member C according to the requested related information. Please refer to step 3 in example 1. The key management server S2 sends the n sets of authentication vectors to the key management server S1 encrypted over a quantum communication network.
And 5: server S1 encrypted forwarding authentication vector
The key management server S1 receives the n sets of authentication vectors from the key management server S2. The key management server S1 uses a key CK for negotiation with the relay RR' and IKR' message authentication code generation and message encryption are performed on the authentication vector and sent to the relay R. For a specific way of encrypting and generating the message authentication code, please refer to step 2.3 in the above embodiment 1.
Step 6: the relay R receives the message, calculates the negotiation key and issues a question to the C
Please refer to step 4 of example 1.
And 7: member C verifies the challenge message and returns a response
Please refer to step 5 in example 1.
And 8: the relay R verifies the identity of the member C and returns an authentication result
Please refer to step 6 in example 1.
And step 9: member C receives the verification authentication result
Refer to step 7 of example 1.
Updating of authentication keys
Please refer to the method for updating the authentication key in embodiment 1, and refer to the solid line and the dotted line in fig. 6 for the specific message flow.
Combination method for authentication and updating authentication key
The present combination method can be performed by referring to example 1. Please refer to the "update of the authentication key" in this embodiment.
Handling of authentication exceptions
For the case of exception handling, refer to the processing in example 1. When the method is used for updating the authentication key or participating in updating the authentication key, embodiment 1 may be referred to if packet loss occurs in the message transmission process. After the member C receives the question message, the packet loss occurring in the message transmission from the member C to the key management server S2 is consistent with the exception handling situation in embodiment 1 from the member C to the key management server S; after the key management server S2 updates the authentication key group, the packet loss occurring in the message transmission from the key management server S2 to the member C is consistent with the exception handling situation between the key management server S and the member C in embodiment 1.
The notation of each parameter in the present invention is for convenience of description only and does not set any particular limitation to the present invention. In the invention, n authentication vectors can be generated at a time, and the size of n depends on the situation. The invention can be applied to various wireless multi-hop networks, such as a sensor network, a data link and the like.
The identity authentication and key agreement system and method of the invention build a safe channel for both parties of the group member and the relay. The mechanism can ensure that the information with high importance level can be decrypted only by the appointed user, and the safe transmission of the information in the group is ensured. And meanwhile, the group key pool reduces the risk of the session key (namely, the negotiation key) being cracked.
The above disclosure is only an embodiment of the present invention, but the present invention is not limited thereto, and those skilled in the art can make various changes and modifications to the present invention without departing from the spirit and scope of the present invention. It is to be understood that such changes and modifications are intended to be included within the scope of the appended claims. Furthermore, although specific terms are employed herein, they are used in a generic and descriptive sense only and not for purposes of limitation.

Claims (10)

1. An improved authentication and key agreement AKA identity authentication system based on symmetric key pool and relay communication comprises members, relays and servers participating in authentication and key agreement AKA identity authentication, and is characterized in that the members, the relays and the servers share a group key pool, and the system specifically comprises the following steps of:
the member sends an authentication request to the relay;
the relay responds to the authentication request and obtains a corresponding authentication vector from the server, and the authentication vector comprises a pointer address A and a parameter for generating the pointer address A;
generating parameters of the pointer address A, and encrypting the parameters by adopting an authentication key shared between a server and a member;
the relay calculates by using a key seed from the group key pool and combining a random number parameter to obtain a negotiation key between the member and the relay, wherein the random number parameter is correspondingly obtained in the group key pool by using a pointer address A;
the relay sends a question message to the member, and the question message contains parameters for generating the pointer address A from the authentication vector;
the member generates the pointer address A through the parameters of the pointer address A, and obtains random number parameters in the group key pool by combining the pointer address A and key seeds from the group key pool to calculate and obtain a negotiation key between the member and the relay;
the member responds to the question message and sends a corresponding authentication response to the relay;
and after the relay verifies the authentication response, sending an authentication result to the member for the member to confirm to complete authentication and key agreement AKA identity authentication.
2. The system of claim 1, wherein during the authentication and key agreement AKA authentication, the group key pool is used between the members and the relay to encrypt the communication, and the negotiation key shared in advance between the relay and the server is used to encrypt the communication.
3. The improved authentication and key agreement AKA identity authentication system based on the symmetric key pool and the relay communication as claimed in claim 1, wherein when the member communicates with the relay, the master generates a negotiation code in the form of a random number, obtains a pointer address through a designated pointer address algorithm using the negotiation code, fetches a random number of a designated length from the group key pool according to the pointer address, and generates a group chat security key and a group chat integrity key using the designated key generation algorithm and the fetched random number;
the group chat integrity key is used for generating and verifying a corresponding verification code in combination with communication content;
the group chat privacy key is used to encrypt and decrypt in conjunction with the communication content.
4. The system of claim 2, wherein the member and the relay have respective private key pools, and the member and the relay are independent of each other and share the private key pool with the server to generate an authentication key between the member and the server and an authentication key between the relay and the server;
the pointer address A is obtained by combining a random number A and an authentication key between a member and the server through a specified algorithm, and the random number A is generated by the server.
5. The system of claim 4, wherein the key seed is obtained from the group key pool using a pointer address B, which is obtained by a given algorithm using a random number B, which is generated by the relay and distributed to the members via the challenge message.
6. The improved authentication and key agreement AKA identity authentication system based on symmetric key pools and relay communication as claimed in claim 5, wherein the authentication request further carries a communication identifier generated by the member and in the form of a true random number, the communication identifier is sent to the server when the relay obtains the authentication vector from the server, the server encrypts the authentication vector with the authentication key between the member and the server to obtain a network authentication token in the form of a ciphertext, the communication identifier is included in the network authentication token, the network authentication token is sent to the member in turn along with the authentication vector and the challenge message, and the member extracts and verifies the challenge message using the communication identifier.
7. The improved authentication and key agreement AKA identity authentication system based on symmetric key pools and relay communication according to claim 6, characterized in that in the authentication request, the communication identifier is encrypted with an authentication key between the member and the server.
8. The improved authentication and key agreement AKA identity authentication system based on symmetric key pools and relay communication according to claim 2, characterized in that in the authentication request, further comprising a message encryption algorithm ID and a message authentication algorithm ID when the agreement key is used between the member and the relay in subsequent communication.
9. The system of claim 2, wherein the authentication vector further includes an algorithm ID for generating a negotiation key between the member and the relay, the relay generates a negotiation key according to the algorithm ID, and sends the algorithm ID to the member through a challenge message, so that the member can generate the negotiation key.
10. An AKA identity authentication method based on the improved authentication and key agreement of the symmetric key pool and the relay communication is characterized by comprising the following steps:
step S1, the member sends authentication request to the relay;
step S2, the relay responds to the authentication request and obtains the corresponding authentication vector from the server, and the authentication vector contains the pointer address A and the random number A encrypted by the authentication key between the server and the member;
the pointer address A is obtained by combining a random number A with an authentication key between a member and a server through a specified algorithm, and the random number A is generated by the server;
the group key pool is shared by the members, the relay and the server, the relay correspondingly obtains random number parameters in the group key pool through a pointer address A, and then a negotiation key between the members and the relay is obtained through calculation by combining key seeds of the group key pool;
step S3, the relay sends question information to the member, and the question information contains random number A from the authentication vector and encrypted by the authentication key between the server and the member;
the member receives the question message, extracts a random number A and generates a pointer address A, then correspondingly obtains random number parameters in the group key pool through the pointer address A, and then obtains a negotiation key between the member and the relay through calculation by combining with the key seed of the group key pool;
step S4, the member sends the corresponding authentication response to the relay;
and step S5, after the relay verifies the authentication response, the relay sends an authentication result to the member so that the member can confirm to complete authentication and key agreement AKA identity authentication.
CN201810529945.0A 2018-05-29 2018-05-29 Improved AKA identity authentication system and method based on symmetric key pool and relay communication Active CN108964888B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810529945.0A CN108964888B (en) 2018-05-29 2018-05-29 Improved AKA identity authentication system and method based on symmetric key pool and relay communication

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810529945.0A CN108964888B (en) 2018-05-29 2018-05-29 Improved AKA identity authentication system and method based on symmetric key pool and relay communication

Publications (2)

Publication Number Publication Date
CN108964888A CN108964888A (en) 2018-12-07
CN108964888B true CN108964888B (en) 2021-01-05

Family

ID=64492318

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810529945.0A Active CN108964888B (en) 2018-05-29 2018-05-29 Improved AKA identity authentication system and method based on symmetric key pool and relay communication

Country Status (1)

Country Link
CN (1) CN108964888B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109728905B (en) * 2019-01-11 2021-04-06 如般量子科技有限公司 Anti-quantum computation MQV key negotiation method and system based on asymmetric key pool
CN109687962B (en) * 2019-01-15 2021-04-06 如般量子科技有限公司 Anti-quantum computation MQV key negotiation method and system based on private key pool
CN112383393B (en) * 2020-11-14 2023-01-31 重庆邮电大学 Trusted communication system and method for software defined sensor network
CN112994883B (en) * 2021-04-22 2021-08-13 浙江九州量子信息技术股份有限公司 Symmetric key negotiation system and method based on quantum key and true random number source

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106603485A (en) * 2016-10-31 2017-04-26 美的智慧家居科技有限公司 Secret key negotiation method and device
CN107682152A (en) * 2017-10-31 2018-02-09 洛阳师范学院 A kind of group key agreement method based on symmetric cryptography

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106603485A (en) * 2016-10-31 2017-04-26 美的智慧家居科技有限公司 Secret key negotiation method and device
CN107682152A (en) * 2017-10-31 2018-02-09 洛阳师范学院 A kind of group key agreement method based on symmetric cryptography

Also Published As

Publication number Publication date
CN108964888A (en) 2018-12-07

Similar Documents

Publication Publication Date Title
CN108599925B (en) Improved AKA identity authentication system and method based on quantum communication network
US11588650B2 (en) System and method for secure relayed communications from an implantable medical device
CN108712252B (en) Symmetric key pool and relay-crossing based AKA identity authentication system and method
RU2421922C2 (en) METHOD AND DEVICE TO ESTABLISH SAFETY ASSOCIATIONS BETWEEN UNITS OF WIRELESS SELF-ORGANISING SINGLE-RANGE (ad-hoc) NETWORK
KR101019300B1 (en) Method and system for secure processing of authentication key material in an ad hoc wireless network
US8254581B2 (en) Lightweight key distribution and management method for sensor networks
WO2017185999A1 (en) Method, apparatus and system for encryption key distribution and authentication
CN108964888B (en) Improved AKA identity authentication system and method based on symmetric key pool and relay communication
CN108768632B (en) AKA identity authentication system and method based on symmetric key pool and relay communication
CN108599926B (en) HTTP-Digest improved AKA identity authentication system and method based on symmetric key pool
WO2008021855A2 (en) Ad-hoc network key management
CN108964897B (en) Identity authentication system and method based on group communication
CN108616350B (en) HTTP-Digest class AKA identity authentication system and method based on symmetric key pool
CN101471767B (en) Method, equipment and system for distributing cipher key
CN108880799B (en) Multi-time identity authentication system and method based on group key pool
CN108964895B (en) User-to-User identity authentication system and method based on group key pool and improved Kerberos
Khan et al. Secure authentication and key management protocols for mobile multihop WiMAX networks
KR101704540B1 (en) A method of managing group keys for sharing data between multiple devices in M2M environment
CN108768661B (en) Improved AKA identity authentication system and method based on symmetric key pool and cross-relay
CN108965266B (en) User-to-User identity authentication system and method based on group key pool and Kerberos
CN108737091B (en) AKA-like identity authentication system and method based on symmetric key pool and relay communication
CN108965243B (en) Symmetric key pool and cross-relay based AKA-like identity authentication system and method
WO2008029853A1 (en) Encryption key delivery device and encryption key delivery method
CN109067705B (en) Improved Kerberos identity authentication system and method based on group communication
Gupta et al. Security mechanisms of Internet of things (IoT) for reliable communication: a comparative review

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant