CN111049649A - Zero-interaction key negotiation security enhancement protocol based on identification password - Google Patents
Zero-interaction key negotiation security enhancement protocol based on identification password Download PDFInfo
- Publication number
- CN111049649A CN111049649A CN201911298215.5A CN201911298215A CN111049649A CN 111049649 A CN111049649 A CN 111049649A CN 201911298215 A CN201911298215 A CN 201911298215A CN 111049649 A CN111049649 A CN 111049649A
- Authority
- CN
- China
- Prior art keywords
- key
- security
- factor
- sok
- identity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000002452 interceptive effect Effects 0.000 claims abstract description 10
- 230000009471 action Effects 0.000 claims abstract description 6
- 230000006854 communication Effects 0.000 claims description 19
- 238000004891 communication Methods 0.000 claims description 18
- 238000000034 method Methods 0.000 claims description 13
- 239000003999 initiator Substances 0.000 claims description 2
- 230000005540 biological transmission Effects 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 230000011218 segmentation Effects 0.000 description 4
- 230000007547 defect Effects 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 2
- 238000013507 mapping Methods 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 239000012634 fragment Substances 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
- H04L9/0847—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving identity based encryption [IBE] schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3066—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
- H04L9/3073—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- Algebra (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Analysis (AREA)
- Mathematical Optimization (AREA)
- Mathematical Physics (AREA)
- Pure & Applied Mathematics (AREA)
- Power Engineering (AREA)
- Computing Systems (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention provides a zero-interaction key agreement security enhancement protocol based on an identification password, which comprises the following steps: s1: acquiring a safety factor, and ensuring that the safety factor is only responsible for the safety within the current threshold; s2: the sending end combines a security factor according to a non-interactive authentication key negotiation mode of an SOK scheme, generates and stores a session key through bilinear operation and Hash operation; s3: the receiving end obtains a security factor corresponding to the message according to the received encrypted message, and generates and stores a session key which is the same as that of the sending end through bilinear operation and Hash operation according to the security factor and a non-interactive authentication key negotiation mode of an SOK scheme. The most natural binding of the identity and the public key is finished by adopting an SOK scheme based on the identity password, so that the use of a certificate is avoided; and a safety factor x is introduced, and the safety hazard influence range caused by the leakage of the current session key can be effectively controlled according to the selection of the safety factor and the action threshold range.
Description
Technical Field
The invention relates to the technical field of cryptography, in particular to a zero-interaction key agreement security enhancement protocol based on identification codes.
Technical Field
Key Agreement Protocol (KAP) has an important fundamental role in network security communication, and it allows two entities to negotiate a secure session Key on an open channel to ensure the security of both-party communication. Shamir in 1984 proposed an Identity Based Cryptosystem (IBC) that directly uses the user's Identity as a public key without using any certificates, and the Private key is generated and distributed to the user by a trusted Private Key Generator (PKG). In 2002, Smart proposed the first identity-based authenticated key agreement protocol. Thereafter, a number of identity-based key agreement protocols have emerged in succession.
Most of the key agreement protocols based on identity cryptosystems require one to two negotiation. The SOK (Sakai-Ohgishi-Kasahara) key agreement scheme can realize Identity-based zero-interactive key exchange (IB-NIKE). However, the security property of the SOK zero-interaction key agreement scheme can only resist "unknown key sharing", i.e. anyone cannot force a common session key with the sender without the sender's knowledge. But does not have the attribute of "known key security", that is, after a session key is leaked at a certain time, session keys generated at other times are leaked accordingly. The security harm caused by session key leakage can be expanded to the outside of the level secret communication process without the known key security attribute; in addition, the security of the SOK scheme depends on a random oracle model (random oracle model) to a large extent, and it is difficult to guarantee the security strength of the random oracle model by programming. The stochastic predictive model is generally considered to be an idealized model that cannot be fully realized. So that security is only relied on a random predictive model that is not fully controllable, there is a risk of key leakage.
The invention provides a zero-interaction key agreement safety enhancement protocol based on identification codes aiming at the defects of the SOK zero-interaction key agreement scheme in the content, and the safety factor is introduced into the SOK scheme, so that the safety of the agreement key can be effectively improved, the safety influence range caused by key leakage is controlled, and the original technical defects are overcome.
Disclosure of Invention
The technical scheme of the invention is as follows: the zero-interaction key agreement safety increasing protocol based on the identification password is a key agreement safety method based on a non-interactive key exchange SOK scheme of identity information, and combines a public key of the other party, a private key of the own party and a safety factor. And generating session keys of both communication parties through bilinear operation and Hash operation. The invention defaults that the PKG generates the relevant system parameters and initializes the relevant user identity information, and concretely comprises the following steps:
s1: acquiring a safety factor, and ensuring that the safety factor is only responsible for the safety within the current threshold;
s2: the sending end combines a security factor according to a non-interactive authentication key negotiation mode of an SOK scheme, generates and stores a session key through bilinear operation and Hash operation;
s3: the receiving end obtains a security factor corresponding to the message according to the received encrypted message, and generates and stores a session key which is the same as that of the sending end through bilinear operation and Hash operation according to the security factor and a non-interactive authentication key negotiation mode of an SOK scheme.
As a further improvement of the above technical solution:
in the invention, the initialization of the whole system is completed by the PKG, and the related requirements of all parameters and identity information are as follows; the PKG selects a specific elliptic curve E, generates a public key and a private key according to the property of the elliptic curve E, sets two communication parties to be A and B, and sets the public key and the private key of the client A to be Q respectivelyAAnd SA(ii) a If the identity of the server is B, the public key and the private key are Q respectivelyBAnd SB。
The PKG parameters and identity information should satisfy the following conditions: constructing an N-order addition cycle group G on the elliptic curve E according to the specific elliptic curve E selected by the PKG1And G2Wherein G is1Is P1,G2Is P2Randomly selecting s E [1, N-1 ]]Computing G as the master key of the PKG1Element P in (1)pubTaking sP as a main encryption public key; bilinear mapping e satisfies e G1×G2→GTValue range G of bilinear map eTIs an N factorial group; finally, a relevant hash function H is selected1:{0,1}*→G1,H1:{0,1}*→G2,H2:GT→{0,1}nN key length; after the initialization is completedPublishing common parameters of the system<G1,G2,GT,e,P1,P2,Ppub,n,H1,H2>A list; the public key and the private key of the communication initiator A are Q respectivelyA=H1(A) And SA=sQA(ii) a The public key and the private key of the communication receiver B are respectively QB=H1(B) And SB=sQB。
The step S1 includes the steps of:
b1: adding a security factor x into the SOK non-interactive authentication key agreement scheme for providing the security of the known key;
b2: the acquisition of x should set an action threshold value in combination with the message communication behavior itself, and control the key leakage influence range. For example, using segment id generation x in the IP header, message sending time generation x, etc.
The method for calculating the MacKey by the sending end through the security factor x and the SOK scheme in the step S2 includes the following steps:
equation 1: MacKey H (E (IDcheck, S)x|"Authentication")
Equation 2: MacKey H (x | e (IDcheck, S) | "Authentication")
Wherein the Authentication can be replaced by any character such as quintuple information according to actual conditions.
The receiving end calculates a safety factor x according to the message of the sending end, and then calculates a MacKey through the safety factor x and the SOK scheme, and the method comprises the following steps:
equation 1: MacKey H (E (IDcheck, S)x|"Authentication")
Equation 2: MacKey H (x | e (IDcheck, S) | "Authentication")
Wherein the Authentication can be replaced by any character such as quintuple information according to actual conditions.
Compared with the prior art, the invention has the following advantages;
1. the most natural binding of the identity and the public key is finished by adopting an SOK scheme based on the identity password, and the use of a certificate is avoided.
2. The temporary secret key is generated according to the main secret key based on the non-negotiation process, the safety of the original SOK scheme is enhanced, the safety is high, the safety of the known secret key and the sharing of the unknown secret key can be simultaneously met, and man-in-the-middle attack can be resisted.
3. And a safety factor x is introduced, and the safety hazard influence range caused by the leakage of the current session key can be effectively controlled according to the selection of the safety factor and the action threshold range.
4. The safety does not depend on the random predictive model, and the introduction of the safety factor x ensures that the safety of the actual communication key can be ensured even if the safety of the random language model cannot be completely ensured through programming to cause the leakage of the SOK original key.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a general flow chart of an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the technical solutions of the present invention will be described in detail below. It is to be understood that the described embodiments are merely exemplary of the invention, and not restrictive of the full scope of the invention. All other embodiments, which can be derived by a person skilled in the art from the examples given herein without any inventive step, are within the scope of the present invention.
The invention aims to provide a reinforced authentication key agreement method based on an SOK key agreement scheme. The security factor x is utilized to get rid of the defect that the security in the SOK key agreement scheme completely depends on the random prediction model, get rid of the trouble of certificate transmission and verification, and effectively control the security influence range caused by key leakage. The following description will take the communication procedure between Alice (a) and Bob (B) as an example. In the scheme, a trusted Self-trust authority (STA) completes the PKG task.
The general flow of the present invention as shown in fig. 1 includes the following steps:
1) constructing an N-order addition cycle group G on the elliptic curve E according to the specific elliptic curve E selected by the PKG1Wherein G is1The generator of (1) is P. Randomly selecting s E [1, N-1 ]]Computing G as the master key of the PKG1Element P in (1)pubsP as the encryption master public key. Bilinear mapping e satisfies e G1×G1→GTValue range G of bilinear map eTAre N factorial groups. Finally, a relevant hash function H is selected1:{0,1}*→G1,H2:GT→{0,1}nAnd n is the key length. After initialization is completed, public parameters of the system are published<G1,GT,e,P,Ppub,n,H1,H2>And (4) listing. The PKG generates a public and private key pair with given identity IDs for Alice and Bob, the identity ID of AliceACom, then its corresponding public key QAIs H1(IDA) Private key S generated for it by PKGAIs sQA. Identity ID of BobBCom, then its corresponding public key QBIs H1(IDB) Private key S generated for it by PKGBIs sQBThe PKG distributes the private key to the user over the secure channel.
2) The PKG issues the private keys of the A and the B to the user through a secure distribution channel or other secure forms.
3) A carries out key agreement with B in advance, and determines the key S of which the key pair is the own party in the SOK schemeAAnd a public key Q corresponding to the identity information of the communication object BB。
4) A selects a safety factor x, two feasible safety factor selection schemes are exemplified, and time is used as the safety factor to generate MacKey. After a user A logs in a client to obtain related authority (possibly, a ukey is inserted for authentication and the like), a MacKey daemon process for the user B is created after success, the current time is used as a safety factor, the daemon process obtains the safety factor and then delivers the safety factor to a kernel, and the MacKey of communication between the user A and the user B in the action range of the current effective safety factor is calculated. And updating the safety factor and updating the MacKey along with time. And when the client quits or goes offline, the daemon private key and the MacKey are stopped from being cleared.
5) And after the user B logs in the client to obtain the related authority, the encrypted message sent by the user A is received. User B creates a MacKey daemon for user a. And acquiring a safety factor x, namely a time parameter, within the threshold range. And the daemon process acquires the security factor and then delivers the security factor to the kernel to calculate the MacKey of the communication between the A and the B in the effective security factor action range. And decrypting the encrypted message sent by the A by using the MacKey. If the decryption can be normally performed, the user A is a legal user, and the currently acquired security factor and the security factor of the user A are in the same threshold range. If the message sent by A cannot be decrypted, the security factor is considered to be invalid, or the other party is an illegal communicator pretending to be A.
6) In addition, a scheme of a safety factor x is selected, and the scheme generates the x through the message content instead of using another interactive transmission safety factor x. One possible solution is to generate x using the segment identity in the IP header.
The segment identifier is used for message segmentation. When a large message is transmitted, the limit of a network MTU is received, and the message needs to be sent in a segmented mode; and each IP report generated by the segmentation has the same segmentation identification. That is, when the protocol stack sends a message, every time a message is sent, the counter of the segment identifier is incremented by one; the sent message will carry the current counter count as its segment identifier. When the message needs to be segmented in the transmission process, the segment identifier is required not to be changed, so that the receiver can recover the original IP message according to the segment identifier.
Since the segment identifications in the messages sent from the same source address are different in a period of time. The segment identity can be used as the security factor x.
In addition, from a performance perspective, it should not be required that all of the same flow use different MACKEYs. That is, a threshold is allowed to exist, and messages within the threshold use the same MACKEY. The specific formula is as follows:
x ═ segmentation identification }/(2^8)
Where { segment identity } is a 16-bit unsigned integer.
The method utilizes the message content to generate a security factor, needs to maintain a plurality of source addresses and segment identifiers of different messages at the same time, so that the system design takes external factors such as 'time' as the security factor and the message as a security factor generating element, and introduces a MacKey stream standard management module and a MacKey stream table. And taking the MacKey flow table as an actual MacKey query basis, and recording MacKey generated by security factors corresponding to different messages. The MacKey flow table management module is responsible for managing the MacKey maintained in the MacKey flow table, and when the communication of the data flow is completed or the transmission of the fragment message is completed, the record in the MacKey flow table is clear.
7) Through the text message province, the user B obtains the MacKey and decrypts the encrypted message sent by the user A. If the decryption can be normally performed, the user A is a legal user, and the currently acquired security factor and the security factor of the user A are in the same threshold range. If the message sent by A cannot be decrypted, the security factor is considered to be invalid, or the other party is an illegal communicator pretending to be A.
The foregoing is only a preferred embodiment of the present invention and is not intended to limit the invention in any way. Although the invention has been described with reference to preferred embodiments, it is not intended to be limited thereto. Those skilled in the art can make numerous possible variations and modifications to the present invention, or modify equivalent embodiments to equivalent variations, without departing from the scope of the invention, using the teachings disclosed above. Therefore, any simple modification, equivalent change and modification made to the above embodiments according to the technical spirit of the present invention should fall within the protection scope of the technical scheme of the present invention, unless the technical spirit of the present invention departs from the content of the technical scheme of the present invention.
Claims (5)
1. A zero-interaction key agreement security enhancement protocol based on identification password is characterized in that; generating session keys of two communication parties by combining a public key of the other party, a private key of the own party and a security factor through bilinear operation and Hash operation; the PKG generates relevant system parameters and initializes the identity information of relevant users; the method comprises the following steps:
s1: acquiring a safety factor, and ensuring that the safety factor is only responsible for the safety within the current threshold;
s2: the sending end combines a security factor according to a non-interactive authentication key negotiation mode of an SOK scheme, generates and stores a session key through bilinear operation and Hash operation;
s3: the receiving end obtains a security factor corresponding to the message according to the received encrypted message, and generates and stores a session key which is the same as that of the sending end through bilinear operation and Hash operation according to the security factor and a non-interactive authentication key negotiation mode of an SOK scheme.
2. The identity-cipher-based zero-interaction key agreement security enhancement protocol of claim 1, wherein: the PKG selects a specific elliptic curve E, generates a public key and a private key according to the property of the elliptic curve E, sets two communication parties to be A and B, and sets the public key and the private key of the client A to be Q respectivelyAAnd SA(ii) a If the identity of the server is B, the public key and the private key are Q respectivelyBAnd SB(ii) a The PKG parameters and the identity information satisfy the following conditions: constructing an N-order addition cycle group G on the elliptic curve E according to the specific elliptic curve E selected by the PKG1And G2Wherein G is1Is P1,G2Is P2Randomly selecting s E [1, N-1 ]]Computing G as the master key of the PKG1Element P in (1)pubTaking sP as a main encryption public key; the bilinear map e satisfies e: g1×G2→GTValue range G of bilinear map eTIs an N factorial group; finally, a relevant hash function H is selected1:{0,1}*→G1,H1:{0,1}*→G2,H2:GT→{0,1}nN key length; after initialization is completed, public parameters of the system are published<G1,G2,GT,e,P1,P2,Ppub,n,H1,H2>A list; the public key and the private key of the communication initiator A are Q respectivelyA=H1(A) And SA=sQA(ii) a The public key and the private key of the communication receiver B are respectively QB=H1(B) And SB=sQB。
3. The identity-cipher-based zero-interaction key agreement security enhancement protocol of claim 2, wherein; the step S1 includes the steps of:
b1: adding a security factor x into the SOK non-interactive authentication key agreement scheme for providing the security of the known key;
b2: the acquisition of x should set an action threshold value in combination with the message communication behavior itself, and control the key leakage influence range.
4. The identity-cipher-based zero-interaction key agreement security enhancement protocol of claim 3, wherein; the method for calculating the MacKey by the sending end through the security factor x and the SOK scheme in the step S2 includes the following steps:
equation 1: MacKey H (e (ID)check,S)x|"Authentication″)
Equation 2: MacKey ═ H (x | e (ID)check,S)|"Authentication″)
Wherein the Authentication can be replaced by any character such as quintuple information according to actual conditions.
5. The identity-cipher-based zero-interaction key agreement security enhancement protocol of claim 3, wherein: the receiving end calculates a safety factor x according to the message of the sending end, and then calculates a MacKey through the safety factor x and the SOK scheme, and the method comprises the following steps:
equation 1: MacKey H (e (ID)check,S)x|"Authentication″)
Equation 2: MacKey ═ H (x | e (ID)check,S)|"Authentication″)
Wherein the Authentication can be replaced by any character such as quintuple information according to actual conditions.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911298215.5A CN111049649A (en) | 2019-12-17 | 2019-12-17 | Zero-interaction key negotiation security enhancement protocol based on identification password |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911298215.5A CN111049649A (en) | 2019-12-17 | 2019-12-17 | Zero-interaction key negotiation security enhancement protocol based on identification password |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111049649A true CN111049649A (en) | 2020-04-21 |
Family
ID=70236862
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911298215.5A Pending CN111049649A (en) | 2019-12-17 | 2019-12-17 | Zero-interaction key negotiation security enhancement protocol based on identification password |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111049649A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111556075A (en) * | 2020-05-14 | 2020-08-18 | 中国人民解放军国防科技大学 | Data transmission path restoration method and system based on non-interactive key negotiation |
| CN112019333A (en) * | 2020-09-04 | 2020-12-01 | 支付宝(杭州)信息技术有限公司 | Data processing method and device for OTA protocol |
| CN112910864A (en) * | 2021-01-20 | 2021-06-04 | 中国人民解放军国防科技大学 | High-speed message verification method for public key |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101271501A (en) * | 2008-04-30 | 2008-09-24 | 北京握奇数据系统有限公司 | Encryption and decryption method and device of digital media file |
| JP2010004288A (en) * | 2008-06-19 | 2010-01-07 | Nippon Telegr & Teleph Corp <Ntt> | Secret information transmission system, secret information transmission method, secret information management server, encryption device, secret information transmission program |
| CN103874059A (en) * | 2012-12-10 | 2014-06-18 | 华为终端有限公司 | Method, device and system for message processing |
| CN106209369A (en) * | 2016-07-01 | 2016-12-07 | 中国人民解放军国防科学技术大学 | Single interactive authentication key agreement protocol of ID-based cryptosystem system |
| CN109309689A (en) * | 2018-12-28 | 2019-02-05 | 中国人民解放军国防科技大学 | Method for verifying message source authenticity and content integrity |
-
2019
- 2019-12-17 CN CN201911298215.5A patent/CN111049649A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101271501A (en) * | 2008-04-30 | 2008-09-24 | 北京握奇数据系统有限公司 | Encryption and decryption method and device of digital media file |
| JP2010004288A (en) * | 2008-06-19 | 2010-01-07 | Nippon Telegr & Teleph Corp <Ntt> | Secret information transmission system, secret information transmission method, secret information management server, encryption device, secret information transmission program |
| CN103874059A (en) * | 2012-12-10 | 2014-06-18 | 华为终端有限公司 | Method, device and system for message processing |
| CN106209369A (en) * | 2016-07-01 | 2016-12-07 | 中国人民解放军国防科学技术大学 | Single interactive authentication key agreement protocol of ID-based cryptosystem system |
| CN109309689A (en) * | 2018-12-28 | 2019-02-05 | 中国人民解放军国防科技大学 | Method for verifying message source authenticity and content integrity |
Non-Patent Citations (1)
| Title |
|---|
| 刘晓东: "《身份签名体制的研究》", 《中国优秀博硕士学位论文全文数据库(博士) 信息科技辑》 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111556075A (en) * | 2020-05-14 | 2020-08-18 | 中国人民解放军国防科技大学 | Data transmission path restoration method and system based on non-interactive key negotiation |
| CN112019333A (en) * | 2020-09-04 | 2020-12-01 | 支付宝(杭州)信息技术有限公司 | Data processing method and device for OTA protocol |
| CN112910864A (en) * | 2021-01-20 | 2021-06-04 | 中国人民解放军国防科技大学 | High-speed message verification method for public key |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10903991B1 (en) | Systems and methods for generating signatures | |
| Di Raimondo et al. | Deniable authentication and key exchange | |
| US8670563B2 (en) | System and method for designing secure client-server communication protocols based on certificateless public key infrastructure | |
| JP4527358B2 (en) | An authenticated individual cryptographic system that does not use key escrow | |
| US8930704B2 (en) | Digital signature method and system | |
| CN110113150B (en) | Encryption method and system based on non-certificate environment and capable of repudiation authentication | |
| CN113630248B (en) | Session key negotiation method | |
| CN113612610B (en) | Session key negotiation method | |
| CN109194474A (en) | A kind of data transmission method and device | |
| CN110278088A (en) | A kind of SM2 collaboration endorsement method | |
| CN111049649A (en) | Zero-interaction key negotiation security enhancement protocol based on identification password | |
| CN109873699A (en) | A kind of voidable identity public key encryption method | |
| CN110999202A (en) | Computer-implemented system and method for highly secure, high-speed encryption and transmission of data | |
| CN114024698A (en) | Power distribution Internet of things service safety interaction method and system based on state cryptographic algorithm | |
| Cao et al. | Decentralized group signature scheme based on blockchain | |
| Drias et al. | Identity-based cryptography (IBC) based key management system (KMS) for industrial control systems (ICS) | |
| CN113098681B (en) | Port order enhanced and updatable blinded key management method in cloud storage | |
| GB2543359A (en) | Methods and apparatus for secure communication | |
| WO2023010688A1 (en) | Key management method and apparatus | |
| CN113014376B (en) | Method for safety authentication between user and server | |
| CN114070570A (en) | Safe communication method of power Internet of things | |
| GB2407236A (en) | Diffie-Hellman exchange of a session key | |
| Surya et al. | Single sign on mechanism using attribute based encryption in distributed computer networks | |
| Dugardin et al. | A New Fair Identity Based Encryption Scheme | |
| CN111447064B (en) | Password reverse firewall method suitable for certificateless encryption |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200421 |
|
| RJ01 | Rejection of invention patent application after publication |