CN109450621B - Information verification method and device of equipment - Google Patents

Information verification method and device of equipment Download PDF

Info

Publication number
CN109450621B
CN109450621B CN201811188526.1A CN201811188526A CN109450621B CN 109450621 B CN109450621 B CN 109450621B CN 201811188526 A CN201811188526 A CN 201811188526A CN 109450621 B CN109450621 B CN 109450621B
Authority
CN
China
Prior art keywords
cluster
signature
information
verification
management platform
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811188526.1A
Other languages
Chinese (zh)
Other versions
CN109450621A (en
Inventor
林凡
成杰
张秋镇
张振华
杨峰
李盛阳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
GCI Science and Technology Co Ltd
Original Assignee
GCI Science and Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by GCI Science and Technology Co Ltd filed Critical GCI Science and Technology Co Ltd
Priority to CN201811188526.1A priority Critical patent/CN109450621B/en
Publication of CN109450621A publication Critical patent/CN109450621A/en
Application granted granted Critical
Publication of CN109450621B publication Critical patent/CN109450621B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements

Abstract

The invention discloses an information verification method and device of equipment, which comprises the following steps: decrypting the encrypted update information according to the received key sent by each device in the cluster to obtain information to be updated; performing identity authentication on each device in the cluster, and generating a cluster certificate according to the key pair and the information to be updated; signing the cluster certificate to obtain a cluster signature, and sending the cluster signature to a verification server so that the verification server performs signature verification on the cluster signature to obtain a signature verification result; when the received signature verification result is successful verification, storage and updating are carried out according to the information to be updated, the technical problem that the equipment updating efficiency is low in the prior art can be effectively solved by adopting cluster signatures, the information verification efficiency can be effectively improved, the equipment information transmission efficiency and safety are improved, and information is prevented from being tampered.

Description

Information verification method and device of equipment
Technical Field
The present invention relates to the field of communications technologies, and in particular, to an information checking method and apparatus for a device.
Background
In recent years, the development of computer network technology and communication technology has driven the rapid development of group communication technology, application systems based on the group communication technology are emerging continuously, and a group cipher protocol oriented to participation of multiple parties is naturally a technical guarantee of group communication. The authentication is one of the important subjects of the cryptology research, mainly realized by a digital signature technology, and with the wide extension of the common use requirements, the traditional digital signature system facing two parties is expanding towards the group signature system facing multiple parties.
For example, wearable smart devices are widely used in data monitoring fields such as military defense, environmental monitoring, medical health, industry and high-risk fields. The application value and the scientific research value of the method are highly concerned by countries in the world. For example, the portable monitoring device for patients with severe mental disorder can effectively perform service management work for patients with severe mental disorder, prevent accidents caused by illness, and establish a social service management mechanism for patients with severe mental disorder. However, in the prior art, the information verification of the portable device usually adopts a personal digital signature, which has the problem of low patient information updating efficiency, and a discussion needs to be made on how to update the patient information to the supervision platform regularly and effectively.
Disclosure of Invention
Embodiments of the present invention provide an information verification method and apparatus for a device, which can effectively solve the technical problem of low update efficiency in the prior art, and complete information verification by verifying one or several cluster signatures, so as to effectively improve the efficiency of information verification, improve the efficiency of device information transmission, improve the security of information, and prevent information from being tampered.
An embodiment of the present invention provides an information checking method for a device, including:
decrypting the encrypted update information according to the received key sent by each device in the cluster to obtain information to be updated;
performing identity authentication on each device in the cluster, and generating a cluster certificate according to the key pair and the information to be updated;
signing the cluster certificate to obtain a cluster signature, and sending the cluster signature to a verification server so that the verification server performs signature verification on the cluster signature to obtain a signature verification result;
and when the received signature verification result is successful, storing and updating according to the information to be updated.
As an improvement of the above scheme, the decrypting the received key pair sent by each device in the cluster and the encrypted update information to obtain the information to be updated includes:
the authentication server generates a key pair according to preset parameters, and sends the parameters and the key pair to each device in the cluster; wherein the key pair comprises a public key and a private key;
each device in the cluster encrypts the current update information according to the received key pair to obtain encrypted update information, and sends the encrypted update information and the key pair to a management platform;
and the management platform decrypts the encrypted updating information according to the received key pair to obtain the information to be updated.
As an improvement of the above scheme, the public key in the key pair is Y ═ n, a0Y, g, h) and the private key is S ═ (p ', q', x);
wherein, Y is a public key, and S is a private key; p 'and q' are lpPrime number of bits,/pConverting p into binary length; p and q are prime numbers, p is 2p '+1, and q is 2q' + 1; let n be pq, a, a0, g, h be the square residue of p and q modulo n, and be denoted as a, a0,g,h∈QRn,QRnForming a group by the modular multiplication of the square residue of the whole p and q modulo n
Figure BDA0001826865820000031
The cyclic group of (3); y is set to y-gxmodn; x is the private key secret value.
As an improvement of the above scheme, the performing identity authentication on each device in the cluster, and generating a cluster certificate according to the key pair and the information to be updated includes:
the authentication server sets a certificate interval in advance;
each device in the cluster calculates according to the generated first secret value and the random number to obtain a first check ciphertext, and sends the first check ciphertext to the management platform; the first secret value and the random number are generated after each device in the cluster joins the network;
the management platform verifies the received first check ciphertext;
when the management platform verifies that the first check ciphertext is a subset of the cyclic group, returning two randomly generated secret value parameters to each device in the group;
each device in the cluster obtains a second check ciphertext according to the received secret value parameter and sends the second check ciphertext to the management platform;
the management platform verifies the received second check ciphertext;
when the management platform verifies that the second check ciphertext is the subset of the cyclic group, generating a cluster certificate according to a preset prime number, the key pair and the information to be updated, and sending the cluster certificate to each device in the cluster;
and when the formula is established, the cluster certificate is successfully verified, and the identity verification of each device in the cluster is completed.
As an improvement of the scheme, the certificate interval is
Figure BDA0001826865820000032
Wherein λ is1、λ2、γ1And gamma2Is an integer, and λ1>ε(λ2+k)+2,λ2>4lp1>ε(γ2+k)+2,γ21+2, k are parameters used to define the key pair complexity;
the first check ciphertext is
Figure BDA0001826865820000033
Wherein, C1For the first check-up ciphertext, xiIs the secret value
Figure BDA0001826865820000041
r is the random integer and r is in the range of 0, n2];
The second check-up text is
Figure BDA0001826865820000042
Wherein, C2For the second check-up ciphertext, xiIs a second secret value, and
Figure BDA0001826865820000043
αi、βiis the secret value parameter, and
Figure BDA0001826865820000044
the cluster certificate is [ A ]i,ei](ii) a Wherein A isiFor the purpose of the cluster certificate parameter in question,
Figure BDA0001826865820000045
eiis a prime number, and ei∈Γ;
The formula is
Figure BDA0001826865820000046
As an improvement of the above scheme, the signing the cluster certificate to obtain a cluster signature and sending the cluster signature to a verification server, so that the verification server performs signature verification on the cluster signature to obtain a signature verification result, including:
when the management platform detects that the identity verification of the cluster certificate is successful, calculating according to the public key to obtain a signature factor and a signature verification factor;
signing the cluster certificate according to the signature factor and the signature verification factor to obtain a first hash value and a cluster signature;
and sending the first hash value, the signature verification factor and the cluster signature to the verification server, and sending a signature verification request.
As an improvement of the above, the method further comprises:
the signature factor is
Figure BDA0001826865820000047
Wherein the content of the first and second substances,
Figure BDA0001826865820000048
is a random number, U, of the management platform1、U2、U3Is a signature factor;
the signature check factor is
Figure BDA0001826865820000049
Wherein d1, d2, d3 and d4 are signature check factors; r is1、r2、r3、r4Is a parameter of the signature check factor and is defined as
Figure BDA0001826865820000051
The first hash value is c ═ H (g, H, y, a)0,a,U1,U2,U3,d1,d2,d3,d4,m);
Wherein c is a first hash value, H is a hash function, and m is a parameter corresponding to the content of the information to be updated;
the cluster signature is (c, U)1,U2,U3,s1,s2,s3,s4);
Wherein s is1、s2、s3、s4Is a median value and is defined as
Figure BDA0001826865820000052
As an improvement of the above, the method further comprises:
in response to a signature verification request sent by the management platform, the verification server verifies the received cluster signature;
calculating the cluster signature according to the received signature check factor to obtain a second hash value; wherein the second hash value is
Figure BDA0001826865820000053
Wherein c' is the second hash value;
obtaining a signature verification result and returning the signature verification result to the management platform by judging whether the second hash value meets a preset condition; wherein the conditions are
Figure BDA0001826865820000054
As an improvement of the above scheme, when the received signature verification result is that verification is successful, performing storage update according to the information to be updated includes:
when the second hash value is detected to meet the condition, judging that the cluster signature verification is successful, obtaining a first signature verification result and returning the first signature verification result to the management platform, wherein the management platform performs storage updating according to the information to be updated;
and when the second hash value is detected not to meet the condition, the cluster signature verification is unsuccessful, a second signature verification result is obtained and returned to the management platform, and the management platform receives the key pairs and the encrypted update information sent by each device in the cluster again.
Another embodiment of the present invention correspondingly provides an information checking apparatus for a device, including:
the information acquisition module is used for decrypting the encrypted update information according to the received key sent by each device in the cluster to obtain the information to be updated;
the identity authentication module is used for performing identity authentication on each device in the cluster and generating a cluster certificate according to the key pair and the information to be updated;
the signature module is used for signing the cluster certificate to obtain a cluster signature and sending the cluster signature to a verification server so that the verification server can carry out signature verification on the cluster signature to obtain a signature verification result;
and the updating module is used for storing and updating according to the information to be updated when the received signature verification result is successful.
Compared with the prior art, the information verification method of the equipment disclosed by the embodiment of the invention has the advantages that the information to be updated and the signature thereof are obtained by decrypting the encrypted information and the key pair sent by each equipment in the cluster according to the received key pair; wherein, the key pair comprises a public key and a private key, the encrypted information is encrypted updated information and encrypted updated information signature, the identity of each device in the cluster is verified, a cluster certificate is generated according to the information to be updated, the cluster certificate is signed to obtain a cluster signature, the cluster signature is sent to a verification server, so that the verification server performs signature verification on the cluster signature to obtain a signature verification result, when the received signature verification result is successful, the information signature to be updated is decrypted and stored for updating, the technical problem of low updating efficiency in the prior art can be effectively solved by adopting the cluster signature, the information verification can be completed by verifying one or a plurality of signature clusters, thereby effectively improving the efficiency of signature verification and improving the efficiency of device information transmission, and the safety of the information is improved, and the information is prevented from being tampered.
Drawings
Fig. 1 is a schematic flowchart of an information verification method of a device according to an embodiment of the present invention;
fig. 2 is a schematic diagram of an information updating process of an intelligent portable device according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of an information checking apparatus of a device according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, which is a schematic flow chart of an information verification method for a device according to an embodiment of the present invention, the method includes:
and S11, decrypting the encrypted update information according to the received key sent by each device in the cluster to obtain the information to be updated.
Preferably, the verification server generates a key pair according to preset parameters, and sends the parameters and the key pair to each device in the cluster; wherein the key pair comprises a public key and a private key.
Here, the device includes, but is not limited to, any mobile electronic product, such as a smart phone, a PDA, etc., which may employ any operating system, such as an android operating system, an iOS operating system, etc.
Preferably, the public key in the key pair is Y ═ (n, a)0Y, g, h) and the private key is S ═ (p ', q', x);
wherein, Y is a public key, and S is a private key; p 'and q' are lpPrime number of bits,/pConverting p into binary length; p and q are prime numbers, p is 2p '+1, and q is 2q' + 1; let n be pq, a, a0, g, h be the square residue of p and q modulo n, and be denoted as a, a0,g,h∈QRn,QRnForming a group by the modular multiplication of the square residue of the whole p and q modulo n
Figure BDA0001826865820000081
The cyclic group of (3); y is set to y-gxmodn; x is the private key secret value.
It will be appreciated that the parameters preset by the authentication server are used to generate the corresponding key pair.
Preferably, each device in the cluster encrypts the current update information according to the received key pair to obtain encrypted update information, and sends the encrypted update information and the key pair to a management platform.
The parameters p, q, p 'and q' of the key pair are used for encryption and decryption operation of the key, and information is encrypted to prevent information from being tampered in transmission.
It should be noted that, each device in the cluster sets an initial parameter in advance according to the authentication server, so that each device in the cluster has the capability of signing information, and can calculate update information of the current time period, so as to obtain a new key pair of each device in the cluster.
Preferably, the management platform decrypts the encrypted update information according to the received key pair to obtain the information to be updated.
And S12, performing identity authentication on each device in the cluster, and generating a cluster certificate according to the key pair and the information to be updated.
Specifically, step S12 includes:
the authentication server sets a certificate interval in advance;
each device in the cluster calculates according to the generated first secret value and the random number to obtain a first check ciphertext, and sends the first check ciphertext to the management platform; the first secret value and the random number are generated after each device in the cluster joins the network;
the management platform verifies the received first check ciphertext;
when the management platform verifies that the first check ciphertext is a subset of the cyclic group, returning two randomly generated secret value parameters to each device in the group;
each device in the cluster obtains a second check ciphertext according to the received secret value parameter and sends the second check ciphertext to the management platform;
the management platform verifies the received second check ciphertext;
when the management platform verifies that the second check ciphertext is the subset of the cyclic group, generating a cluster certificate according to a preset prime number, the key pair and the information to be updated, and sending the cluster certificate to each device in the cluster;
and when the formula is established, the cluster certificate is successfully verified, and the identity verification of each device in the cluster is completed.
Preferably, the certificate interval is
Figure BDA0001826865820000091
Wherein λ is1、λ2、γ1And gamma2Is an integer, and λ1>ε(λ2+k)+2,λ2>4lp1>ε(γ2+k)+2,γ21+2, k are parameters used to define the key pair complexity.
Preferably, the first check-up secret is
Figure BDA0001826865820000092
Wherein, C1For the first check-up ciphertext, xiIs the secret value
Figure BDA0001826865820000093
r is the random integer and r is in the range of 0, n2]。
Preferably, the second check-up secret is
Figure BDA0001826865820000094
Wherein, C2For the second check-up ciphertext, xiIs a second secret value, and
Figure BDA0001826865820000095
αi、βiis the secret value parameter, and
Figure BDA0001826865820000096
it is understood that p ', q' in the private key are used to detect the check ciphertext C in step S121、C2Accuracy of a, a0G, h belong to the square remainder of p, q modulo n, thus a, a0The power of p 'and q' of g and h is 1.
Preferably, the cluster certificate is [ A ]i,ei](ii) a Wherein A isiFor the purpose of the cluster certificate parameter in question,
Figure BDA0001826865820000097
eiis a prime number, and ei∈Γ。
Preferably, the cluster certificate verification formula is
Figure BDA0001826865820000098
In an alternative embodiment, when the cluster certificate check formula is not satisfied, the authentication of each device in the cluster fails, and the management platform disconnects the device.
S13, signing the cluster certificate to obtain a cluster signature, and sending the cluster signature to a verification server so that the verification server can perform signature verification on the cluster signature to obtain a signature verification result.
Specifically, step S13 includes:
when the management platform detects that the identity verification of the cluster certificate is successful, calculating according to the public key to obtain a signature factor and a signature verification factor;
signing the cluster certificate according to the signature factor and the signature verification factor to obtain a first hash value and a cluster signature;
and sending the first hash value, the signature verification factor and the cluster signature to the verification server, and sending a signature verification request.
Preferably, the signature factor is
Figure BDA0001826865820000101
Wherein the content of the first and second substances,
Figure BDA0001826865820000102
is a random number, U, of the management platform1、U2、U3Is a signature factor.
Preferably, the signature verification factor is
Figure BDA0001826865820000103
Wherein d1, d2, d3 and d4 are signature check factors; r is1、r2、r3、r4Is a parameter of the signature check factor and is defined as
Figure BDA0001826865820000104
Preferably, the first hash value is c ═ H (g, H, y, a)0,a,U1,U2,U3,d1,d2,d3,d4,m);
Wherein c is a first hash value, H is a hash function, and m is a parameter corresponding to the content of the information to be updated.
It can be understood that the signature method is to add the content of the information to be updated to the corresponding parameter for hash operation.
Preferably, the cluster is signed with (c, U)1,U2,U3,s1,s2,s3,s4);
Wherein s is1、s2、s3、s4Is a median value and is defined as
Figure BDA0001826865820000111
It is understood that a, a in the public key used in the signature0And g, signing the parameters and calculating the corresponding hash value. In this embodiment, the public key is required to be used to sign the information, so as to prevent information tampering.
Preferably, step S13 further includes:
in response to a signature verification request sent by the management platform, the verification server verifies the received cluster signature;
calculating the cluster signature according to the received signature check factor to obtain a second hash value; wherein the second hash value is
Figure BDA0001826865820000112
c' is the second hash value;
obtaining a signature verification result and returning the signature verification result to the management platform by judging whether the second hash value meets a preset condition; the condition is that
Figure BDA0001826865820000113
And S14, when the received signature verification result is verification success, storing and updating according to the information to be updated.
Specifically, when it is detected that the second hash value meets the condition, it is determined that the cluster signature verification is successful, a first signature verification result is obtained and returned to the management platform, and the management platform performs storage updating according to the information to be updated.
Here, the successful verification means that the information sent by the node is confirmed to be safe and has not been tampered. And the verification server returns the signature safety information to the management platform, and each equipment node in the cluster passes the signature verification and updates the information of the next step. It should be noted that, in the scheme, the group signature is adopted to verify whether all information of the cluster is safe, and signature verification does not need to be performed one by one, so that the information updating efficiency of the equipment can be effectively improved.
It can be understood that, after the encrypted information is transmitted to the management platform, the management platform decrypts the encrypted update information, segments out the signature field, and forwards the signature field to the verification module for verification, and if the verification is successful, the field is directly used for updating if the update field of the decrypted information is safe.
In an optional embodiment, when it is detected that the second hash value does not satisfy the condition, the cluster signature verification is unsuccessful, a second signature verification result is obtained and returned to the management platform, and the management platform receives the key pair and the encrypted update information sent by each device in the cluster again.
In this embodiment, the information to be updated is obtained by decrypting the received key pair sent by each device in the cluster and the encrypted update information, the identity of each device in the cluster is verified, a cluster certificate is generated according to the key pair and the information to be updated, the cluster certificate is signed to obtain a cluster signature, the cluster signature is sent to the verification server, so that the verification server performs signature verification on the cluster signature to obtain a signature verification result, when the received signature verification result is successful, storage and update are performed according to the information to be updated, the technical problem of low update efficiency in the prior art can be effectively solved, information verification can be completed by verifying one or a plurality of cluster signatures, and therefore, the signature verification efficiency can be effectively improved, and the device information transmission efficiency can be improved, and the safety of the information is improved, and the information is prevented from being tampered.
In another preferred embodiment, on the basis of the above embodiment, the information verification method of the device is applied to information updating of an intelligent portable device.
Wherein, the intelligent portable device can be a portable monitoring device worn by a mental disorder patient.
Fig. 2 is a schematic diagram of an information updating process of an intelligent portable device according to an embodiment of the present invention.
In step S11, the server sets initial information for each portable device in the cluster.
Wherein, the initial information is a calculation parameter; according to the calculation parameters, the server calculates a key pair and sends the key pair to each portable device in the cluster; the key pair includes a public key and a private key.
It should be noted that the public key in the key pair is system-public, each portable device node in the cluster has the public key, and the private key is only stored by the device node corresponding to the private key.
Further, each portable device in the cluster encrypts the current update information of each portable device in the cluster with the key.
Preferably, a plurality of portable devices in the cluster simultaneously request system periodic information transmissions.
Wherein the transmission information includes encrypted update information.
Preferably, the server agrees to transmit the request.
In an alternative embodiment, when the server grants the transfer request, the portable device wants the management platform to send the transfer information.
Further, the management platform receives the transmission information, and decrypts the transmission information according to the public key to obtain the information to be updated.
In an alternative embodiment, when the server does not agree with the transmission request, then a plurality of portable devices in the cluster again simultaneously request system cycle information transmission.
In step S12, each device in the cluster is authenticated, and when the device authentication succeeds, the management platform generates a cluster certificate for each device in the cluster.
In step S13, the management platform calculates the signature and integrates it, and sends it to the server.
And the management platform performs signature calculation on the cluster certificate according to the public key to obtain a hash value and a cluster signature corresponding to the cluster certificate. Note that the hash value corresponding to the cluster certificate is used for verifying the cluster signature.
Preferably, the server verifies the cluster signature successfully.
It should be noted that, in response to the signature verification request sent by the management platform, the verification server verifies the received cluster signature, and performs hash calculation on the cluster signature to obtain a hash value for verification. And comparing the hash value for verification with the hash value corresponding to the cluster certificate to obtain a signature verification result.
Further, when the hash value used for verification is completely consistent with the hash value corresponding to the cluster certificate, the cluster signature verification is successful, and the information is not tampered; and when the hash value used for verification is inconsistent with the hash value corresponding to the cluster certificate, the verification of the cluster signature fails.
In step S14, when the server verifies the cluster signature successfully, the management platform accepts the updated information.
It should be noted that, in the scheme, the group signature is adopted to verify whether all information of the cluster is safe, and signature verification does not need to be performed one by one, so that the information updating efficiency of the equipment can be effectively improved.
In an alternative embodiment, each portable device in the cluster resends the transmission to the management platform when the verification of the cluster signature by the server is unsuccessful.
In this embodiment, initial information is set for each portable device in the cluster through the server, a plurality of portable devices in the cluster simultaneously request system periodic information transmission, whether the server agrees with the transmission request is judged, if yes, the portable devices want the management platform to send transmission information, the management platform calculates signatures and integrates the signatures, and sends the signatures to the server, whether the server succeeds in verifying the cluster signatures is judged, and when the server succeeds in verifying the cluster signatures, the management platform receives updated information. The intelligent portable device verifies the identity information of each device in the cluster through the cluster signature, the technical problem of low updating efficiency in the prior art can be effectively solved, information verification can be completed through verifying one or a plurality of cluster signatures, therefore, the efficiency of information verification can be effectively improved, the efficiency of device information transmission is improved, the safety of information is improved, information is prevented from being tampered, on the other hand, the computational complexity is greatly reduced, the requirement on computer hardware is reduced, and the method is more favorable for commercialization.
Referring to fig. 3, which is a schematic structural diagram of an information checking apparatus of a device according to an embodiment of the present invention, including:
the information acquisition module 1 is used for decrypting the encrypted update information and the received key sent by each device in the cluster to obtain the information to be updated;
the identity authentication module 2 is used for performing identity authentication on each device in the cluster and generating a cluster certificate according to the key pair and the information to be updated;
the signature module 3 is used for signing the cluster certificate to obtain a cluster signature and sending the cluster signature to a verification server so that the verification server can carry out signature verification on the cluster signature to obtain a signature verification result;
and the updating module 4 is used for storing and updating according to the information to be updated when the received signature verification result is successful.
In an alternative embodiment, the information obtaining module 1 includes:
the key pair generation unit is used for generating a key pair according to preset parameters by the verification server and sending the parameters and the key pair to each device in the cluster; wherein the key pair comprises a public key and a private key;
the information encryption unit is used for encrypting the current update information of each device in the cluster according to the received key pair to obtain the encrypted update information and sending the encrypted update information and the key pair to a management platform;
and the information decryption unit is used for decrypting the encrypted updating information by the management platform according to the received key pair to obtain the information to be updated.
Preferably, the key pair generation unit includes:
a key pair setting unit for setting a public key of the key pair to (n, a)0Y, g, h) and the private key is S ═ (p ', q', x);
wherein, Y is a public key, and S is a private key; p 'and q' are lpPrime number of bits,/pConverting p into binary length; p and q are prime numbers, p is 2p '+1, and q is 2q' + 1; let n be pq, a, a0, g, h be the square residue of p and q modulo n, and be denoted as a, a0,g,h∈QRn,QRnThe square residue of the whole p and q modulo n is subjected to the modular multiplication operationFormation of groups
Figure BDA0001826865820000161
The cyclic group of (3); y is set to y-gxmodn; x is the key secret value.
In an alternative embodiment, the identity verification module 2 comprises:
a setting unit configured to set a certificate interval in advance by the authentication server;
the first check ciphertext acquisition unit is used for calculating each device in the cluster according to the generated first secret value and the random number to obtain a first check ciphertext and sending the first check ciphertext to the management platform; the first secret value and the random number are generated after each device in the cluster joins the network;
the first check ciphertext verification unit is used for verifying the received first check ciphertext by the management platform;
the verification unit is used for returning two randomly generated secret value parameters to each device in the cluster when the management platform verifies that the first check ciphertext is the subset of the cyclic group;
the second check ciphertext acquisition unit is used for obtaining a second check ciphertext by each device in the cluster according to the received secret value parameter and sending the second check ciphertext to the management platform;
the second check ciphertext verification unit is used for verifying the received second check ciphertext by the management platform;
the cluster certificate generating unit is used for generating a cluster certificate according to a preset prime number, the key pair and the information to be updated when the management platform verifies that the second check-up ciphertext is the subset of the cyclic group, and sending the cluster certificate to each device in the cluster;
and the cluster certificate verification unit is used for verifying each device in the cluster by adopting a preset formula according to the received cluster certificate, and when the formula is established, the cluster certificate is successfully verified to finish the identity verification of each device in the cluster.
Preferably, the setting unit includes:
a certificate interval setting unit for setting the certificate interval as
Figure BDA0001826865820000162
Wherein λ is1、λ2、γ1And gamma2Is an integer, and λ1>ε(λ2+k)+2,λ2>4lp1>ε(γ2+k)+2,γ21+2, k are parameters used to define the key pair complexity.
Preferably, the first check ciphertext obtaining unit includes:
a first check ciphertext setting unit for setting the first check ciphertext as
Figure BDA0001826865820000171
Wherein, C1For the first check-up ciphertext, xiIs the first secret value
Figure BDA0001826865820000172
r is the random integer and r is in the range of 0, n2]。
Preferably, the second check ciphertext obtaining unit includes:
a second check-up cipher setting unit for setting the second check-up cipher as
Figure BDA0001826865820000173
Wherein, C2For the second check-up ciphertext, xiIs a second secret value, and
Figure BDA0001826865820000174
αi、βiis the secret value parameter, and
Figure BDA0001826865820000178
preferably, the cluster certificate generation unit includes:
a cluster certificate setting unit for setting the cluster certificate as [ A ]i,ei](ii) a Wherein A isiFor the purpose of the cluster certificate parameter in question,
Figure BDA0001826865820000176
eiis a prime number, and ei∈Γ。
Preferably, the cluster certificate checking unit includes:
a cluster certificate verification formula setting unit for setting the formula as
Figure BDA0001826865820000177
In an alternative embodiment, the signature module 3 comprises:
the computing unit is used for computing according to the public key to obtain a signature factor and a signature verification factor when the management platform detects that the identity verification of the cluster certificate is successful;
the signature unit is used for signing the cluster certificate according to the signature factor and the signature verification factor to obtain a first hash value and a cluster signature;
and the request unit is used for sending the first hash value, the signature verification factor and the cluster signature to the verification server and sending a signature verification request.
Preferably, the calculation unit includes:
a signature factor calculation unit for calculating a signature factor of
Figure BDA0001826865820000181
Wherein the content of the first and second substances,
Figure BDA0001826865820000182
is a random number, U, of the management platform1、U2、U3Is a signature factor;
a signature check factor calculation unit for calculating a signature check factor of
Figure BDA0001826865820000183
Wherein d1, d2, d3 and d4 are signature check factors; r is1、r2、r3、r4Is a parameter of the signature check factor and is defined as
Figure BDA0001826865820000184
Preferably, the signature unit comprises:
a first hash value calculation unit for calculating a first hash value of c ═ H (g, H, y, a)0,a,U1,U2,U3,d1,d2,d3,d4,m);
Wherein c is a first hash value, H is a hash function, and m is a parameter corresponding to the content of the information to be updated;
a cluster signature calculation unit for cluster signature of (c, U)1,U2,U3,s1,s2,s3,s4);
Wherein s is1、s2、s3、s4Is a median value and is defined as
Figure BDA0001826865820000185
In an alternative embodiment, the signature module 3 further comprises:
the response unit is used for responding to the signature verification request sent by the management platform, and the verification server verifies the received cluster signature;
the hash value calculation unit is used for calculating the cluster signature according to the received signature verification factor to obtain a second hash value; wherein the second hash value is
Figure BDA0001826865820000191
c' is the second hash value;
a judging unit, configured to obtain a signature check by judging whether the second hash value satisfies a preset conditionChecking the result and returning the result to the management platform; the condition is that
Figure BDA0001826865820000192
Preferably, the updating module 4 comprises:
the updating unit is used for judging that the cluster signature verification is successful when the second hash value is detected to meet the condition, obtaining a first signature verification result and returning the first signature verification result to the management platform, and the management platform performs storage updating according to the information to be updated;
and the signature verification failure unit is used for obtaining a second signature verification result and returning the second signature verification result to the management platform when the cluster signature verification is unsuccessful when the second hash value is detected not to meet the condition, and the management platform receives the key pairs and the encrypted update information sent by each device in the cluster again.
It should be noted that the above-described device embodiments are merely illustrative, where the units described as separate parts may or may not be physically separate, and the parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on multiple network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. In addition, in the drawings of the embodiment of the apparatus provided by the present invention, the connection relationship between the modules indicates that there is a communication connection between them, and may be specifically implemented as one or more communication buses or signal lines. One of ordinary skill in the art can understand and implement it without inventive effort.
While the foregoing is directed to the preferred embodiment of the present invention, it will be understood by those skilled in the art that various changes and modifications may be made without departing from the spirit and scope of the invention.

Claims (9)

1. An information verification method of a device, comprising:
decrypting the encrypted updating information according to the received key pair sent by each device in the cluster to obtain the information to be updated;
performing identity authentication on each device in the cluster, and generating a cluster certificate according to the key pair and the information to be updated;
signing the cluster certificate to obtain a cluster signature, and sending the cluster signature to a verification server so that the verification server performs signature verification on the cluster signature to obtain a signature verification result;
when the received signature verification result is successful, storing and updating according to the information to be updated;
wherein, the performing identity authentication on each device in the cluster and generating a cluster certificate according to the key pair and the information to be updated includes:
the authentication server sets a certificate interval in advance;
each device in the cluster calculates according to the generated first secret value and the random number to obtain a first check ciphertext, and sends the first check ciphertext to the management platform; the first secret value and the random number are generated after each device in the cluster joins the network;
the management platform verifies the received first check ciphertext;
when the management platform verifies that the first check ciphertext is a subset of a cyclic group, two randomly generated secret value parameters are returned to each device in the group;
each device in the cluster obtains a second check ciphertext according to the received secret value parameter and sends the second check ciphertext to the management platform;
the management platform verifies the received second check ciphertext;
when the management platform verifies that the second check ciphertext is a subset of a cyclic group, generating a cluster certificate according to a preset prime number, the key pair and the information to be updated, and sending the cluster certificate to each device in the cluster;
and when the formula is established, the cluster certificate is successfully verified, and the identity verification of each device in the cluster is completed.
2. The method for verifying information of devices according to claim 1, wherein the decrypting the encrypted update information according to the received key pair sent by each device in the cluster to obtain the information to be updated includes:
the authentication server generates a key pair according to preset parameters, and sends the parameters and the key pair to each device in the cluster; wherein the key pair comprises a public key and a private key;
each device in the cluster encrypts the current update information according to the received key pair to obtain encrypted update information, and sends the encrypted update information and the key pair to a management platform;
and the management platform decrypts the encrypted updating information according to the received key pair to obtain the information to be updated.
3. The information verification method of the device according to claim 2, wherein a public key in the key pair is Y ═ (n, a)0Y, g, h) and the private key is S ═ (p ', q', x);
wherein, Y is a public key, and S is a private key; p 'and q' are lpPrime number of bits,/pConverting p into binary length; p and q are prime numbers, p is 2p '+1, and q is 2q' + 1; let n be pq, a, a0, g, h be the square residue of p and q modulo n, and be denoted as a, a0,g,h∈QRn,QRnForming a group by the modular multiplication of the square residue of the whole p and q modulo n
Figure FDA0002901166010000021
The cyclic group of (3); y is set to y-gxmod n; x is the private key secret value.
4. An information correction device as claimed in claim 3A verification method, characterized in that said certificate interval is
Figure FDA0002901166010000031
Wherein λ is1、λ2、γ1And gamma2Is an integer, and λ1>ε(λ2+k)+2,λ2>4lp1>ε(γ2+k)+2,γ21+2, k are parameters used to define the key pair complexity;
the first check ciphertext is
Figure FDA0002901166010000032
Wherein, C1For the first check-up ciphertext, xiIs the first secret value
Figure FDA0002901166010000033
r is the random integer and r is in the range of 0, n2];
The second check-up text is
Figure FDA0002901166010000034
Wherein, C2For the second check-up ciphertext, xiIs a second secret value, and
Figure FDA0002901166010000035
αi、βiis the secret value parameter, and
Figure FDA0002901166010000036
the cluster certificate is [ A ]i,ei](ii) a Wherein A isiFor the purpose of the cluster certificate parameter in question,
Figure FDA0002901166010000037
eiis a prime number, and ei∈Γ;
The formula is
Figure FDA0002901166010000038
5. The method for verifying information of a device according to claim 4, wherein the signing the cluster certificate to obtain a cluster signature and sending the cluster signature to a verification server, so that the verification server performs signature verification on the cluster signature to obtain a signature verification result, includes:
when the management platform detects that the identity verification of the cluster certificate is successful, calculating according to the public key to obtain a signature factor and a signature verification factor;
signing the cluster certificate according to the signature factor and the signature verification factor to obtain a first hash value and a cluster signature;
and sending the first hash value, the signature verification factor and the cluster signature to the verification server, and sending a signature verification request.
6. The information verification method of an apparatus according to claim 5, wherein the method further comprises:
the signature factor is
Figure FDA0002901166010000041
Wherein the content of the first and second substances,
Figure FDA0002901166010000042
is a random number, U, of the management platform1、U2、U3Is a signature factor;
the signature check factor is
Figure FDA0002901166010000043
Wherein d1, d2, d3 and d4 are signature check factors; r is1、r2、r3、r4Is a parameter of the signature check factor and is defined as
Figure FDA0002901166010000044
The first hash value is c ═ H (g, H, y, a)0,a,U1,U2,U3,d1,d2,d3,d4,m);
Wherein c is a first hash value, H is a hash function, and m is a parameter corresponding to the content of the information to be updated;
the cluster signature is (c, U)1,U2,U3,s1,s2,s3,s4);
Wherein s is1、s2、s3、s4Is a median value and is defined as
Figure FDA0002901166010000045
7. The information verification method of an apparatus according to claim 6, wherein the method further comprises:
in response to a signature verification request sent by the management platform, the verification server verifies the received cluster signature;
calculating the cluster signature according to the received signature check factor to obtain a second hash value; wherein the second hash value is
Figure FDA0002901166010000051
Wherein c' is the second hash value;
obtaining a signature verification result and returning the signature verification result to the management platform by judging whether the second hash value meets a preset condition; wherein the conditions are
Figure FDA0002901166010000052
8. The information verification method of the device according to claim 7, wherein when the received signature verification result is a verification success, performing storage update according to the information to be updated includes:
when the second hash value is detected to meet the condition, judging that the cluster signature verification is successful, obtaining a first signature verification result and returning the first signature verification result to the management platform, wherein the management platform performs storage updating according to the information to be updated;
and when the second hash value is detected not to meet the condition, the cluster signature verification is unsuccessful, a second signature verification result is obtained and returned to the management platform, and the management platform receives the key pairs and the encrypted update information sent by each device in the cluster again.
9. An information verification apparatus of a device, comprising:
the information acquisition module is used for decrypting the encrypted update information according to the received key pair sent by each device in the cluster to obtain the information to be updated;
the identity authentication module is used for performing identity authentication on each device in the cluster and generating a cluster certificate according to the key pair and the information to be updated;
the signature module is used for signing the cluster certificate to obtain a cluster signature and sending the cluster signature to a verification server so that the verification server can carry out signature verification on the cluster signature to obtain a signature verification result;
the updating module is used for storing and updating according to the information to be updated when the received signature verification result is successful;
wherein the identity verification module comprises:
a setting unit configured to set a certificate interval in advance by the authentication server;
the first check ciphertext acquisition unit is used for calculating each device in the cluster according to the generated first secret value and the random number to obtain a first check ciphertext and sending the first check ciphertext to the management platform; the first secret value and the random number are generated after each device in the cluster joins the network;
the first check ciphertext verification unit is used for verifying the received first check ciphertext by the management platform;
the verification unit is used for returning two randomly generated secret value parameters to each device in the cluster when the management platform verifies that the first check ciphertext is a subset of a cyclic group;
the second check ciphertext acquisition unit is used for obtaining a second check ciphertext by each device in the cluster according to the received secret value parameter and sending the second check ciphertext to the management platform;
the second check ciphertext verification unit is used for verifying the received second check ciphertext by the management platform;
the cluster certificate generating unit is used for generating a cluster certificate according to a preset prime number, the key pair and the information to be updated when the management platform verifies that the second check-up ciphertext is the subset of the cyclic group, and sending the cluster certificate to each device in the cluster;
and the cluster certificate verification unit is used for verifying each device in the cluster by adopting a preset formula according to the received cluster certificate, and when the formula is established, the cluster certificate is successfully verified to finish the identity verification of each device in the cluster.
CN201811188526.1A 2018-10-12 2018-10-12 Information verification method and device of equipment Active CN109450621B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811188526.1A CN109450621B (en) 2018-10-12 2018-10-12 Information verification method and device of equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811188526.1A CN109450621B (en) 2018-10-12 2018-10-12 Information verification method and device of equipment

Publications (2)

Publication Number Publication Date
CN109450621A CN109450621A (en) 2019-03-08
CN109450621B true CN109450621B (en) 2021-06-18

Family

ID=65544833

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811188526.1A Active CN109450621B (en) 2018-10-12 2018-10-12 Information verification method and device of equipment

Country Status (1)

Country Link
CN (1) CN109450621B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101699893A (en) * 2009-11-10 2010-04-28 广州杰赛科技股份有限公司 Method and device for changing states of authentication service entities of certificate server cluster
CN104539428A (en) * 2014-12-30 2015-04-22 成都三零瑞通移动通信有限公司 Dynamic restructuring method in cluster encryption communication
CN105162772A (en) * 2015-08-04 2015-12-16 三星电子(中国)研发中心 IoT equipment authentication and key agreement method and device
CN106487743A (en) * 2015-08-25 2017-03-08 阿里巴巴集团控股有限公司 Method and apparatus for supporting multi-user's cluster authentication
CN106559224A (en) * 2017-01-19 2017-04-05 河海大学 It is a kind of that encryption system and method are persistently leaked based on the anti-of certificate
CN108270573A (en) * 2018-01-12 2018-07-10 西安电子科技大学 The method for secret protection of pilotless automobile
CN108574699A (en) * 2018-07-20 2018-09-25 广东工业大学 A kind of communication connecting method, system and internet of things equipment system and storage medium

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101699893A (en) * 2009-11-10 2010-04-28 广州杰赛科技股份有限公司 Method and device for changing states of authentication service entities of certificate server cluster
CN104539428A (en) * 2014-12-30 2015-04-22 成都三零瑞通移动通信有限公司 Dynamic restructuring method in cluster encryption communication
CN105162772A (en) * 2015-08-04 2015-12-16 三星电子(中国)研发中心 IoT equipment authentication and key agreement method and device
CN106487743A (en) * 2015-08-25 2017-03-08 阿里巴巴集团控股有限公司 Method and apparatus for supporting multi-user's cluster authentication
CN106559224A (en) * 2017-01-19 2017-04-05 河海大学 It is a kind of that encryption system and method are persistently leaked based on the anti-of certificate
CN108270573A (en) * 2018-01-12 2018-07-10 西安电子科技大学 The method for secret protection of pilotless automobile
CN108574699A (en) * 2018-07-20 2018-09-25 广东工业大学 A kind of communication connecting method, system and internet of things equipment system and storage medium

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
"基于TePA的并行密钥隔离机制研究";林凡等;《通信技术》;20180910;第51卷(第9期);第2182-2188页 *
"基于证书签名体制的群签名方案研究";杨峰;《中国优秀硕士学位论文全文数据库信息科技辑》;20180115;第I136-82页 *

Also Published As

Publication number Publication date
CN109450621A (en) 2019-03-08

Similar Documents

Publication Publication Date Title
CN109584978B (en) Information processing method and system based on signature aggregation medical health monitoring network model
CN112822014B (en) Data processing method and device, electronic equipment and storage medium
CN101931529B (en) Data encryption method, data decryption method and nodes
CN110290108B (en) Data processing method, system and related equipment in block chain network
CN108650080B (en) A kind of tagged keys management method and system
CN111416715B (en) Quantum secret communication identity authentication system and method based on secret sharing
CN111404664B (en) Quantum secret communication identity authentication system and method based on secret sharing and multiple mobile devices
CN110971411B (en) SM2 homomorphic signature method for encrypting private key by multiplying based on SOTP technology
US20220021526A1 (en) Certificateless public key encryption using pairings
CN109040060B (en) Terminal matching method and system and computer equipment
CN110969431A (en) Safe trusteeship method, equipment and system of block chain digital currency private key
CN103905384A (en) Embedded inter-terminal session handshake realization method based on security digital certificate
CN111416712B (en) Quantum secret communication identity authentication system and method based on multiple mobile devices
CN114826656A (en) Trusted data link transmission method and system
CN103634788A (en) Certificateless multi-proxy signcryption method with forward secrecy
CN109951292A (en) The SM9 digital signature simplified separates interaction generation method and system
CN1260664C (en) Method for exchanging pins between users' computers
CN103618593A (en) Enhanced sensor safe attachment and key management method in body area network
CN110740034B (en) Method and system for generating QKD network authentication key based on alliance chain
CN112529573A (en) Combined block chain threshold signature method and system
CN110048852B (en) Quantum communication service station digital signcryption method and system based on asymmetric key pool
CN111740965A (en) Internet of things equipment authentication method based on physical unclonable equation
CN109450621B (en) Information verification method and device of equipment
CN115776375A (en) Face information identification encryption authentication and data security transmission method based on Shamir threshold
CN104868994A (en) Collaboration secret key management method, device and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant