CN110383755B - 网络设备和可信第三方设备 - Google Patents

网络设备和可信第三方设备 Download PDF

Info

Publication number
CN110383755B
CN110383755B CN201880015812.XA CN201880015812A CN110383755B CN 110383755 B CN110383755 B CN 110383755B CN 201880015812 A CN201880015812 A CN 201880015812A CN 110383755 B CN110383755 B CN 110383755B
Authority
CN
China
Prior art keywords
network node
identity
key
local
message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201880015812.XA
Other languages
English (en)
Chinese (zh)
Other versions
CN110383755A (zh
Inventor
M·P·博德拉恩德
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Koninklijke Philips NV
Original Assignee
Koninklijke Philips NV
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koninklijke Philips NV filed Critical Koninklijke Philips NV
Publication of CN110383755A publication Critical patent/CN110383755A/zh
Application granted granted Critical
Publication of CN110383755B publication Critical patent/CN110383755B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • H04L9/3073Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • H04L9/0847Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving identity based encryption [IBE] schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • Algebra (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Power Engineering (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Storage Device Security (AREA)
CN201880015812.XA 2017-01-05 2018-01-02 网络设备和可信第三方设备 Active CN110383755B (zh)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
EP17150389 2017-01-05
EP17150389.9 2017-01-05
PCT/EP2018/050033 WO2018127479A1 (en) 2017-01-05 2018-01-02 Network device and trusted third party device

Publications (2)

Publication Number Publication Date
CN110383755A CN110383755A (zh) 2019-10-25
CN110383755B true CN110383755B (zh) 2022-04-19

Family

ID=57737665

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201880015812.XA Active CN110383755B (zh) 2017-01-05 2018-01-02 网络设备和可信第三方设备

Country Status (5)

Country Link
US (1) US11265154B2 (enExample)
EP (1) EP3566386B1 (enExample)
JP (1) JP7059282B6 (enExample)
CN (1) CN110383755B (enExample)
WO (1) WO2018127479A1 (enExample)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US12177336B2 (en) * 2019-10-18 2024-12-24 Illinois At Singapore Pte Ltd Security device and method of provenance verification
CN113572716B (zh) * 2020-04-29 2023-08-08 青岛海尔洗涤电器有限公司 设备检测方法及系统
CN114417362B (zh) * 2020-10-10 2025-11-21 华为技术有限公司 数据管理方法、装置及系统、存储介质
WO2022174419A1 (zh) * 2021-02-20 2022-08-25 华为技术有限公司 一种根密钥保护方法和系统
US12250099B2 (en) * 2021-09-08 2025-03-11 PassiveLogic, Inc. External activation of quiescent device
CN114157488B (zh) * 2021-12-03 2023-06-16 北京明朝万达科技股份有限公司 密钥获取方法、装置、电子设备及存储介质

Family Cites Families (41)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH10268766A (ja) * 1997-01-24 1998-10-09 Nec Corp 暗号鍵処理システム及び暗号鍵処理システムを実現するコンピュータプログラムを格納した記憶媒体
JP3590284B2 (ja) 1999-01-25 2004-11-17 村田機械株式会社 暗号通信方法,暗号通信システム,共通鍵生成装置及び記録媒体
US7239701B1 (en) * 2000-05-02 2007-07-03 Murata Machinery Ltd. Key sharing method, secret key generating method, common key generating method and cryptographic communication method in ID-NIKS cryptosystem
US7181015B2 (en) * 2001-07-31 2007-02-20 Mcafee, Inc. Method and apparatus for cryptographic key establishment using an identity based symmetric keying technique
US7346773B2 (en) * 2004-01-12 2008-03-18 Cisco Technology, Inc. Enabling stateless server-based pre-shared secrets
US8341402B2 (en) * 2005-01-19 2012-12-25 Samsung Electronics Co., Ltd. Method of controlling content access and method of obtaining content key using the same
KR100704675B1 (ko) * 2005-03-09 2007-04-06 한국전자통신연구원 무선 휴대 인터넷 시스템의 인증 방법 및 관련 키 생성방법
US7992193B2 (en) * 2005-03-17 2011-08-02 Cisco Technology, Inc. Method and apparatus to secure AAA protocol messages
US20090119510A1 (en) 2007-11-06 2009-05-07 Men Long End-to-end network security with traffic visibility
CN102299791B (zh) * 2008-08-28 2014-12-24 华为技术有限公司 自治公钥证书管理方法、系统及设备
US8837737B2 (en) * 2008-09-16 2014-09-16 Telefonaktiebolaget Lm Ericsson (Publ) Key management in a communication network
WO2010032161A1 (en) * 2008-09-19 2010-03-25 Philips Intellectual Property & Standards Gmbh A method for secure communication in a network, a communication device, a network and a computer program therefor
KR101594553B1 (ko) * 2008-10-20 2016-02-18 코닌클리케 필립스 엔.브이. 암호화 키를 생성하는 방법, 이를 위한 네트워크 및 컴퓨터 프로그램
US8966265B2 (en) * 2009-01-30 2015-02-24 Texas Instruments Incorporated Pairwise temporal key creation for secure networks
CN102783115B (zh) 2010-02-09 2016-08-03 交互数字专利控股公司 用于可信联合标识的方法和装置
CA2697687C (en) * 2010-03-24 2014-02-18 Diversinet Corp. Method and system for secure communication using hash-based message authentication codes
GB201010735D0 (en) * 2010-06-25 2010-08-11 Omar Ralph M Security improvements for flexible substrates
CN101917270B (zh) * 2010-08-03 2012-08-22 中国科学院软件研究所 一种基于对称密码的弱认证和密钥协商方法
KR101040588B1 (ko) * 2010-12-13 2011-06-10 한국기초과학지원연구원 익명성을 제공하는 효율적인 신원기반 환서명 방법과 그 시스템
CN102625300B (zh) * 2011-01-28 2015-07-08 华为技术有限公司 密钥生成方法和设备
WO2012138804A2 (en) * 2011-04-04 2012-10-11 Nextlabs, Inc. Protecting information using policies and encryption
CN103583061B (zh) * 2011-06-10 2018-06-22 飞利浦灯具控股公司 网络中的恶意攻击的避免
US9203613B2 (en) * 2011-09-29 2015-12-01 Amazon Technologies, Inc. Techniques for client constructed sessions
US9065637B2 (en) * 2012-01-25 2015-06-23 CertiVox Ltd. System and method for securing private keys issued from distributed private key generator (D-PKG) nodes
EP2667539A1 (en) * 2012-05-21 2013-11-27 Koninklijke Philips N.V. Key sharing methods, device and system for configuration thereof.
DE102012209408A1 (de) 2012-06-04 2013-12-05 Siemens Aktiengesellschaft Sichere Übertragung einer Nachricht
WO2014069783A1 (ko) * 2012-10-31 2014-05-08 삼성에스디에스 주식회사 패스워드 기반 인증 방법 및 이를 수행하기 위한 장치
WO2014094982A1 (en) * 2012-12-20 2014-06-26 Abb Ag Commissioning system and method for a secure exchange of sensitive information for the commissioning and configuring of technical equipment
BR112015020422A2 (pt) * 2013-02-28 2017-07-18 Koninklijke Philips Nv primeiro dispositivo de rede configurado para determinar uma chave criptográfica compartilhada de bits de comprimento de chave, sistema de compartilhamento de chave, método para determinar uma chave criptográfica compartilhada de bits de comprimento de chave, e, programa de computador
EP3072256A1 (en) * 2013-11-21 2016-09-28 Koninklijke Philips N.V. System for sharing a cryptographic key
US9949115B2 (en) * 2014-06-10 2018-04-17 Qualcomm Incorporated Common modulus RSA key pairs for signature generation and encryption/decryption
US10511435B2 (en) * 2015-01-19 2019-12-17 Telefonaktiebolaget Lm Ericsson (Publ) Methods and apparatus for direct communication key establishment
CN106302312B (zh) * 2015-05-13 2019-09-17 阿里巴巴集团控股有限公司 获取电子文件的方法及装置
US10172000B2 (en) * 2016-03-17 2019-01-01 M2MD Technologies, Inc. Method and system for managing security keys for user and M2M devices in a wireless communication network environment
CN107579826B (zh) * 2016-07-04 2022-07-22 华为技术有限公司 一种网络认证方法、中转节点及相关系统
CN114826673A (zh) * 2016-07-06 2022-07-29 华为技术有限公司 一种传输数据的保护系统、方法及装置
WO2018029893A1 (ja) * 2016-08-10 2018-02-15 Kddi株式会社 データ提供システム、データ保安装置、データ提供方法、及びコンピュータプログラム
CN107809411B (zh) * 2016-09-09 2021-12-03 华为技术有限公司 移动网络的认证方法、终端设备、服务器和网络认证实体
JP6288219B1 (ja) * 2016-11-18 2018-03-07 Kddi株式会社 通信システム
EP3337120B1 (en) * 2016-12-14 2021-04-21 Nxp B.V. Network message authentication and verification
CN112119651B (zh) * 2018-05-22 2022-05-17 华为技术有限公司 接入技术不可知的服务网络认证方法和装置

Also Published As

Publication number Publication date
WO2018127479A1 (en) 2018-07-12
JP2020507243A (ja) 2020-03-05
JP7059282B6 (ja) 2022-06-03
JP7059282B2 (ja) 2022-04-25
US11265154B2 (en) 2022-03-01
EP3566386A1 (en) 2019-11-13
CN110383755A (zh) 2019-10-25
EP3566386B1 (en) 2020-07-29
US20190349189A1 (en) 2019-11-14

Similar Documents

Publication Publication Date Title
US11533297B2 (en) Secure communication channel with token renewal mechanism
CN110383755B (zh) 网络设备和可信第三方设备
CN108886468B (zh) 用于分发基于身份的密钥资料和证书的系统和方法
EP3476078B1 (en) Systems and methods for authenticating communications using a single message exchange and symmetric key
JP7617008B2 (ja) データを検証するための暗号方法
US20050193199A1 (en) Accessing protected data on network storage from multiple devices
US20100031051A1 (en) Protocol And Method For Client-Server Mutual Authentication Using Event-Based OTP
CN114238999A (zh) 数据传送方法、控制数据使用的方法以及密码设备
US8600061B2 (en) Generating secure device secret key
CN103339958A (zh) 密钥传输协议
US11722466B2 (en) Methods for communicating data utilizing sessionless dynamic encryption
WO2017167771A1 (en) Handshake protocols for identity-based key material and certificates
CN101296083A (zh) 一种加密数据传输方法和系统
WO2026045825A1 (zh) 开放身份连接协议的抗量子安全增强方法
US12489606B2 (en) Symmetric key generation, authentication and communication between a plurality of entities in a network
TWI856757B (zh) 無網際網路電子裝置資通安全認證方法
CN115134111B (zh) 一种针对海量数据分布式存储的加密算法的方法
EP4402593A1 (en) System and method of creating symmetric keys using elliptic curve cryptography

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant