CN111314269B - Address automatic allocation protocol security authentication method and equipment - Google Patents

Address automatic allocation protocol security authentication method and equipment Download PDF

Info

Publication number
CN111314269B
CN111314269B CN201811513622.9A CN201811513622A CN111314269B CN 111314269 B CN111314269 B CN 111314269B CN 201811513622 A CN201811513622 A CN 201811513622A CN 111314269 B CN111314269 B CN 111314269B
Authority
CN
China
Prior art keywords
address
client
server
authentication
identity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811513622.9A
Other languages
Chinese (zh)
Other versions
CN111314269A (en
Inventor
王延松
喻敬海
朱新华
敖婷
曹敏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CN201811513622.9A priority Critical patent/CN111314269B/en
Publication of CN111314269A publication Critical patent/CN111314269A/en
Application granted granted Critical
Publication of CN111314269B publication Critical patent/CN111314269B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2101/00Indexing scheme associated with group H04L61/00
    • H04L2101/60Types of network addresses
    • H04L2101/618Details of network addresses
    • H04L2101/622Layer-2 addresses, e.g. medium access control [MAC] addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication

Abstract

The application relates to a secure authentication method and equipment for an address automatic allocation protocol, wherein the method comprises the following steps: the address distribution server registers on the authentication server and receives the public key, the private key and the shared key generated by the authentication server; the address distribution server broadcasts an address release message and digitally signs the address message through a private key; the address distribution server receives an access bill and an identity authentication identifier of the client, which are generated after the client verifies the address message; the address distribution server verifies the identity of the client according to the access ticket and the identity authentication mark; when the identity of the client passes, the address allocation server sends an allocation address message to the client. The technical scheme provided by the application can authenticate the address distribution server, can authenticate the client, can also authenticate each other through the third party authentication server, and effectively avoids the situations that an attacker maliciously broadcasts illegal addresses, a malicious host applies for the addresses to consume legal addresses and the like.

Description

Address automatic allocation protocol security authentication method and equipment
Technical Field
The application belongs to the technical field of network security, and particularly relates to a security authentication method and device for an address automatic allocation protocol.
Background
With the expansion of the scale of data centers and the introduction of virtualization, in addition to the increase of physical devices, the virtualization of servers, storage and networks of data centers has led to an exponential increase of virtual facilities. Since each virtual machine has a unique MAC address (Media Access Control Address, local area network address), this leads to a drastic rise in consumption of MAC addresses, and there is a risk of insufficient MAC address space capacity. Second, the MAC address cannot be changed once allocated. These problems bring about many other problems in data centers, such as: routing forwarding is time consuming, causes broadcast storms and inconvenience in device migration, etc.
The automatic allocation method for the local MAC address mainly comprises the concentrated allocation management and the distributed allocation management of the address. In the centralized server allocation scheme, the server periodically actively issues legal local address blocks to the network, and centrally manages the local address information of all hosts in the network segment through an address resource pool; in the distributed address allocation scheme, a host obtains a local address by applying an address to surrounding nodes, and each node with the local address maintains an address resource pool to provide the address for the surrounding nodes; the host computer can also obtain the local address by self-declaration, and randomly and automatically generate an address string by a certain algorithm and detect conflict, so that the legal effectiveness of the local address is ensured.
However, in the automatic allocation technology of the local MAC address, there is a network security hidden danger. For example, in the process that the host obtains the local address through the address distribution server, an illegal user can easily apply for the local address, so that the problems of malicious consumption of local address resources and network attack by an attacker can easily occur; in the process of periodically broadcasting the local address by the address distribution server, an attacker can easily impersonate the server to illegally disseminate malicious addresses, so that normal communication cannot be performed.
Disclosure of Invention
In order to solve the problem of potential safety hazards in the automatic allocation process of the local MAC address, the application provides a method, a device, computer equipment and a storage medium for safety authentication of an automatic address allocation protocol, which improve the safety in the address allocation process and realize the safety allocation of the local MAC address.
The application provides a secure authentication method of an address automatic allocation protocol, which is applied to a network comprising an address allocation server, an authentication server and a client, and comprises the following steps:
the address distribution server registers on the authentication server and receives the public key, the private key and the shared key generated by the authentication server;
the address distribution server broadcasts an address release message and digitally signs the address message through a private key;
The address distribution server receives an access bill and an identity authentication identifier of the client, which are generated after the client verifies the address message;
the address distribution server verifies the identity of the client according to the access ticket and the identity authentication mark;
when the identity of the client passes, the address allocation server sends an allocation address message to the client.
Further, the address allocation server registers on the authentication server and receives the public key, the private key and the shared key generated by the authentication server, and the address allocation server includes:
the address allocation server and the authentication server set a shared key;
the address distribution server receives the private key which is sent by the authentication server and is encrypted by the shared key;
and the address distribution server decrypts the private key encrypted by the shared key to obtain the private key.
Further, the address distribution server verifies the identity of the client according to the access ticket and the identity authentication identifier, and the address distribution server comprises:
the address distribution server decrypts the access ticket by using a private key, and decrypts the identity authentication identifier by using a shared key with the authentication server;
if the decrypted identity information is consistent, verifying the timestamp information;
if the difference value between the time stamp information and the current moment is within a preset range, the verification is passed;
Otherwise, the verification fails.
Further, the address allocation server sends an address allocation message to the client, including:
the address distribution server saves the session key and sends an address approval message carrying the encrypted time stamp of the session key to the client.
An address automatic assignment protocol security authentication apparatus applied to an address assignment server in a network including the address assignment server, the authentication server, and a client, the apparatus comprising:
the first registration module is used for registering on the authentication server and receiving a public key, a private key and a shared key generated by the authentication server;
the message issuing module is used for broadcasting an address issuing message and digitally signing the address message through a private key;
the first receiving module is used for receiving the access ticket and the identity authentication identifier of the client, which are generated after the client verifies the address message;
the first verification module is used for verifying the identity of the client according to the access bill and the identity authentication identifier;
and the first sending module is used for sending an address allocation message to the client when the identity verification of the client is passed.
An address automatic allocation protocol security authentication method is applied to a network comprising an address allocation server, an authentication server and a client, and comprises the following steps:
After the client is started, registering on an authentication server, and receiving an identity authentication identifier generated by the authentication server and a public key of an address allocation server;
the client receives and verifies the address message signed by the address distribution server;
when the address message passes the verification, the client receives the address message and generates an access ticket;
the client sends the access ticket and the identity authentication identifier to an address distribution server;
the client receives and decrypts the address approval message sent by the address assignment server.
Further, the client registers on the authentication server after being started, receives the identity authentication identifier generated by the authentication server and the public key of the address allocation server, and comprises:
generating a temporary address after the client is started, and initiating registration to an authentication server;
the client receives the identity authentication identifier generated by the authentication server and the public key of the address allocation server.
Further, the generating the temporary address after the client is started includes:
the client continuously broadcasts a start message;
if the conflict response is not received within the preset time, generating a temporary address;
otherwise, the temporary address is regenerated.
Further, the access ticket includes: client body information, session key, and timestamp information.
Further, the address approval message includes: address approval message and time stamp encrypted by session key.
An address automatic assignment protocol security authentication apparatus applied to a client in a network including an address assignment server, an authentication server, and a client, comprising:
the second registration module is used for registering on the authentication server after starting and receiving an identity authentication identifier generated by the authentication server and a public key of the address allocation server;
the second verification module is used for receiving the address message signed by the address distribution server and verifying the address message;
the second receiving module is used for receiving the address message and generating an access bill when the address message passes the verification;
the second sending module is used for sending the access bill and the identity authentication identifier to the address distribution server;
and the decryption module is used for receiving the address approval message sent by the address distribution server and decrypting the address approval message.
Compared with the prior art, the technical scheme provided by the invention has the following advantages:
the technical scheme provided by the invention is that the corresponding public key, private key or shared key is registered and acquired on the authentication server, the address message is digitally signed through the private key, then the information such as the access bill and the identity authentication identifier of the client generated after the client verifies the address message is received and verified, and the authentication is successful when the verification is passed. The invention can authenticate the address distribution server, authenticate the client, and also can mutually authenticate through the third party authentication server, thereby effectively avoiding the situations that an attacker maliciously broadcasts illegal addresses, a malicious host applies for addresses to consume legal addresses, and the like.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the invention and together with the description, serve to explain the principles of the invention.
In order to more clearly illustrate the embodiments of the invention or the technical solutions of the prior art, the drawings which are used in the description of the embodiments or the prior art will be briefly described, and it will be obvious to a person skilled in the art that other drawings can be obtained from these drawings without inventive effort.
FIG. 1 is a flow diagram of a secure authentication method for an address automatic assignment protocol in one embodiment;
FIG. 2 is a flow diagram of an address assignment server registering with an authentication server in one embodiment;
FIG. 3 is a schematic diagram of a process flow for verifying client identity by an address assignment server in one embodiment;
FIG. 4 is a schematic diagram of an address automatic assignment protocol security authentication device in one embodiment;
FIG. 5 is a flow diagram of a secure authentication method for an address automatic assignment protocol in one embodiment;
FIG. 6 is a flow diagram of a client registering with an authentication server in one embodiment;
FIG. 7 is a schematic diagram of a client temporary address generation flow in one embodiment;
FIG. 8 is a diagram of custom Option180 field format in one embodiment;
FIG. 9 is a schematic diagram of an address automatic assignment protocol security authentication device in one embodiment;
FIG. 10 is a timing diagram of a specific application example in one embodiment.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present application more apparent, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments of the present application. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
FIG. 1 is a flow chart of a secure authentication method of an address automatic assignment protocol in one embodiment. Referring to fig. 1, the present application provides a secure authentication method for an address automatic allocation protocol. The Address automatic allocation protocol security authentication method is applied to a network comprising an Address Server, an authentication Server AS and a Client, and specifically comprises the following steps:
S11, the address distribution server registers on the authentication server and receives the public key, the private key and the shared key generated by the authentication server.
Specifically, the address assignment server registers with an authentication server, which generates a pair of public key Ks for it -1 And a private key Ks, and a shared key Ksas. The shared secret key is generated by adopting a Diffie-Hellman secret key exchange algorithm so as to ensure the security of the secret key transmission process.
S12, the address distribution server broadcasts an address release message, and digital signature is carried out on the address message through a private key.
Specifically, the address distribution server broadcasts an address release message, and uses a private key Ks to digitally sign the message, and the signature is carried in the message so as to prevent a malicious host from being masqueraded and tampered.
S13, the address distribution server receives the access ticket and the identity authentication identification of the client, which are generated after the client verifies the address message.
S14, the address distribution server verifies the identity of the client according to the access ticket and the identity authentication identifier.
And S15, when the identity verification of the client passes, the address distribution server sends a distribution address message to the client.
That is, after receiving the application message, the address distribution server verifies the identity of the client according to the access ticket and the identity authentication identifier, and if the verification is passed, the session key Kcs is saved and the subsequent message carries the encrypted time stamp { Timestamp }, of the session key Kcs Thereby establishing a secure channel. In addition, it is checked whether the time stamp differs from the current time by Δt (replay attack prevention), and if so, authentication is passed. In the next communication process, the Timestamp { Timestamp } is encrypted with the agreed session key Kcs To ensure the communication safety.
If the decrypted Client content is consistent and the Timestamp is within the error range, then it is considered a legitimate Client. The address assignment server then encrypts the timestamp using the agreed session key Kcs and carries it in the assignment message to authenticate the server identity against replay attacks.
The address automatic allocation protocol security authentication method comprises the steps of registering and acquiring a corresponding public key, private key or shared key on an authentication server, digitally signing an address message through the private key, receiving and verifying information such as an access bill generated after a client verifies the address message, an identity authentication identifier of the client and the like, and indicating that authentication is successful if verification is passed. The invention can authenticate the address distribution server, authenticate the client, and also can mutually authenticate through the third party authentication server, thereby effectively avoiding the situations that an attacker maliciously broadcasts illegal addresses, a malicious host applies for addresses to consume legal addresses, and the like.
In one embodiment of the present application, as shown in fig. 2, step S11 includes:
s111, the address distribution server and the authentication server set a shared secret key;
s112, the address distribution server receives the private key which is sent by the authentication server and is encrypted by the shared key;
s113, the address distribution server decrypts the private key encrypted by the shared key to obtain the private key.
Wherein the address distribution server stores own private key Ks and shared key Ksas, and public key Ks thereof -1 Distributed by the authentication server to all legally registered clients.
In one embodiment of the present application, as shown in fig. 3, step S14 includes:
the address distribution server decrypts the access ticket by using a private key, and decrypts the identity authentication identifier by using a shared key with the authentication server;
if the decrypted identity information is consistent, verifying the timestamp information;
if the difference value between the time stamp information and the current moment is within a preset range, the verification is passed;
otherwise, the verification fails.
Specifically, when the address allocation server or the client fails in identity authentication, an abnormality occurs, and the following describes the case of the failure of the identity authentication of the two.
After receiving the broadcast address message, the client firstly verifies the identity of the address distribution server, the verification method is based on digital signature, the digital signature is decrypted by using a server public key, the digital signature is compared with a hash value of the message, if the digital signature is inconsistent with the hash value of the message, the identity verification of the address server fails, and the client considers that the address distribution server is an illegal server and does not accept the local MAC address issued by the illegal server. The client discards the publish message and continues to wait for the broadcast address to publish the message.
After receiving the address application message of the client, the address distribution server firstly verifies the identity of the client, wherein the verification is based on an identity authentication mark and an access ticket carried by the message, the identity authentication mark and the access ticket are decrypted by using a shared key and a private key respectively to obtain plaintext information, whether the identity information carried by the shared key and the private key are consistent or not is compared, if the identity information carried by the shared key and the private key are inconsistent, the identity authentication of the client fails, and the server considers that the client is an illegal client. To avoid the illegal user from launching a DOS attack, once the identity information verification is not passed, the server pulls the user to a blacklist and does not reply to and receive any of the client's messages. If the identity information is consistent, the time stamp is further verified, and if the time stamp is different from the current time by more than a specified threshold value, the identity verification also fails, which may be caused by replay attack or network blocking, the server discards the application message, and the next address allocation is not performed for the client.
The embodiment of the application also provides an address automatic allocation protocol security authentication device, as shown in fig. 4, which is applied to an address allocation server in a network including the address allocation server, the authentication server and a client, and comprises:
The first registration module is used for registering on the authentication server and receiving a public key, a private key and a shared key generated by the authentication server;
the message issuing module is used for broadcasting an address issuing message and digitally signing the address message through a private key;
the first receiving module is used for receiving the access ticket and the identity authentication identifier of the client, which are generated after the client verifies the address message;
the first verification module is used for verifying the identity of the client according to the access bill and the identity authentication identifier;
and the first sending module is used for sending an address allocation message to the client when the identity verification of the client is passed.
In one embodiment of the application, the first registration module is configured, in particular,
the address allocation server and the authentication server set a shared key;
the address distribution server receives the private key which is sent by the authentication server and is encrypted by the shared key;
and the address distribution server decrypts the private key encrypted by the shared key to obtain the private key.
In one embodiment of the application, the first authentication module is, in particular,
the address distribution server decrypts the access ticket by using a private key, and decrypts the identity authentication identifier by using a shared key with the authentication server;
If the decrypted identity information is consistent, verifying the timestamp information;
if the difference value between the time stamp information and the current moment is within a preset range, the verification is passed;
otherwise, the verification fails.
In one embodiment of the application, the first transmitting module is, in particular,
the address distribution server saves the session key and sends an address approval message carrying the encrypted time stamp of the session key to the client.
FIG. 5 is a flow chart of a secure authentication method of an address automatic assignment protocol in one embodiment. Referring to fig. 5, the present application provides a secure authentication method for an address automatic allocation protocol. The address automatic allocation protocol security authentication method is applied to a network comprising an address allocation server, an authentication server and a client, and specifically comprises the following steps:
s21, the client registers on the authentication server after being started, and receives the identity authentication identifier generated by the authentication server and the public key of the address allocation server.
Specifically, the Client is registered on an authentication server AS after being started, and the authentication server generates an identity authentication identifier { Client } Ksas And with public key Ks of address allocation server -1 Together back to the client.
The authentication server generates an identity authentication identifier { Client }, for the Client Ksas The Client is identity characteristic information (such as a host name, a CPU serial number and the like) of the Client, and the authentication identifier is issued to the Client by a third-party trusted authentication server, so that the authentication identifier plays a role in subsequent identity authentication.
S22, the client receives the address message signed by the address distribution server and verifies the address message.
In particularAfter receiving the address assignment message, the client uses the public key Ks of the address assignment server -1 The digital signature is verified so that the server identity can be verified.
S23, when the address message passes the verification, the client receives the address message and generates an access ticket.
Specifically, if the verification is passed, the issued address block is received, and in the address application initiated later, the client needs to prove its own identity, where the combination of the access ticket and the identity authentication identifier is adopted. Access ticket { Client, kcs, timestamp } Ks -1 And identity authentication identifier { Client } Ksas The former is generated by the client itself and the latter is issued by the authentication server. Besides identity information, the access ticket also contains agreed session key and timestamp information, so that the safety of subsequent communication can be ensured and replay attack can be prevented.
And S24, the client sends the access ticket and the identity authentication identifier to an address distribution server.
Specifically, the Client then generates a session key Kcs with the server, and accesses the ticket { Client, kcs, timestamp } Ks -1 And is matched with identity authentication mark { Client } Ksas Together in the option180 field of the address application message.
The access ticket is passed by the Client identity information Client, session key Kcs and Timestamp information through the public key Ks of the server -1 Encryption is used to verify the client identity and the agreed session key to the address distribution server and replay attacks can be prevented. The session key Kcs is a shared key generated by the client and the address assignment server, and can be generated by hashing the client identity information with the public key of the address assignment server, i.e., hash (Ks -1 +Client)。
S25, the client receives and decrypts the address approval message sent by the address distribution server.
The client receives the assignment message, decrypts the Timestamp using the agreed session key, and can authenticate the identity of the server. If the difference from the current time is within delta T, the address allocation is accepted.
According to the address automatic allocation protocol security authentication method, the identity authentication identifier generated by the authentication receiving server and the public key of the address allocation server are registered on the authentication server, when the address message signed by the address allocation server is received, verification is carried out, when the verification passes, the client receives the address message, generates an access ticket, sends the access ticket and the identity authentication identifier to the address allocation server, and finally receives and decrypts the address approval message sent by the address allocation server. The invention can authenticate the address distribution server, authenticate the client, and also can mutually authenticate through the third party authentication server, thereby effectively avoiding the situations that an attacker maliciously broadcasts illegal addresses, a malicious host applies for addresses to consume legal addresses, and the like.
In one embodiment of the present application, as shown in fig. 6, step S21 includes:
s211, generating a temporary address after the client is started, and initiating registration to an authentication server;
s212, the client receives the identity authentication identifier generated by the authentication server and the public key of the address allocation server.
Specifically, after receiving the registration application, the authentication server generates an identity authentication identifier { Client }, for the Client Ksas . The identity authentication mark encrypts the identity information of the client by adopting a shared key Ksas between the authentication server and the address allocation server. The client saves the identity authentication identifier for use in subsequently authenticating the client identity. The authentication server distributes the public key Ks of the address distribution server -1 To the client.
In one embodiment of the present application, as shown in fig. 7, step S211 includes:
the client continuously broadcasts a start message;
if the conflict response is not received within the preset time, generating a temporary address;
otherwise, the temporary address is regenerated.
Specifically, the client generates a temporary address after starting, and initiates registration to the authentication server. The temporary address is obtained by performing hash operation according to the identity characteristic information (such as a host name, a CPU serial number and the like) of the client. Although the temporary address is used only for registering identity information and key exchange, it is still necessary to avoid collisions for a certain time. Continuously broadcasting a start message, and if no conflict response is received within a specified time, using a temporary address to send a registration application to an authentication server; otherwise, the temporary address is regenerated. The temporary address is released after the client receives the authentication server response.
In one embodiment of the present application, the relevant information of security authentication is carried in the Option180 field of the message, which may take the form of TLV encoding, the example illustrates the Option180 field format in TLV format, and specific role in the authentication process.
As shown in fig. 8, the custom Option180 field in the present application is formed according to TLV format, that is, each sub-field is composed of a Type (tlv_type), a Length of a sub-field Value (tlv_length), and a sub-field Value (tlv_value). The Length of the value field is specified by Length, and specific authentication information is carried. If one message needs to carry multiple authentication information, the message is expanded into multiple TLV formats, for example, the address application message needs to carry an identity authentication identifier and an access ticket, and then both authentication information is put into an Option180 field in a TLV coding format.
In the Value field of the TLV, a byte-sized Algorithm (algoritm) field is also designed to identify the encryption Algorithm used, and is specified as plaintext information when the Value is 0, as MD5 Algorithm when the Value is 1, as SHA-1 Algorithm when the Value is 2, and so on. The remaining options for Value are Authentication related information, named Authentication (Authentication) field, which is variable in length, with a maximum upper limit of 255 bytes. The Authentication field carries Authentication-related information in the security protocol, such as transmitted plaintext public key information, ciphertext identity, access ticket, etc.
According to our authentication algorithm, neither MD5 nor SHA-1 is used to generate ciphertext messages beyond 255 bytes. The security authentication information related in the invention is carried in the Option180 field in the distribution message, and has good compatibility with the original protocol. In a specific application, the processing of the message without the custom Option180 in the address allocation message can enable the authentication module to select to discard or directly pass through without processing according to the requirement.
Taking the client machine authentication step as an example, the workflow of the Option180 field is described. The address allocation server receives the address application message of the client, firstly takes the authentication message out of the Option180 field, and analyzes the authentication message according to the TLV coding format. And taking out the first piece of authentication information with corresponding length according to the length field, knowing that the authentication information is identity information according to the Type field, knowing that the ciphertext information is encrypted by adopting an AES algorithm according to the first byte of the Value field, and decrypting the rest part of the Value field by using a shared key Ksas according to the AES algorithm to obtain the identity information of the plaintext client. The second piece of authentication information is the access ticket information according to the Type field in the same way, the first byte of the Value field is the RSA encryption algorithm, and then the rest part of the Value field is decrypted by using the private key Ks, so that the plain text access ticket can be obtained.
The Option180 field in TLV format is adopted in the authentication process, unified storage of authentication information is realized, and the method can be freely expanded when a plurality of authentication information exist, and has good compatibility with the original protocol.
An embodiment of the present application also provides an address automatic allocation protocol security authentication apparatus, as shown in fig. 9, applied to a client in a network including an address allocation server, an authentication server, and a client, including:
the second registration module is used for registering on the authentication server after starting and receiving an identity authentication identifier generated by the authentication server and a public key of the address allocation server;
the second verification module is used for receiving the address message signed by the address distribution server and verifying the address message;
the second receiving module is used for receiving the address message and generating an access bill when the address message passes the verification;
the second sending module is used for sending the access bill and the identity authentication identifier to the address distribution server;
and the decryption module is used for receiving the address approval message sent by the address distribution server and decrypting the address approval message.
The automatic local address allocation technology is used for acquiring a local unique address in a local area network so as to solve the defects of insufficient address space and the like of the traditional MAC. The application is a security authentication scheme, which assists the local address automatic allocation protocol to solve the network security risk.
Client: the client identity identifier may be a host name, a CPU serial number, or other feature information.
Ks -1 : the public key of the address assignment server is generated for it by the authentication server.
Ks: the address assignment server private key is generated for it by the authentication server.
Ksas: the shared key between the authentication server and the address assignment server is generated by the authentication server.
Kcs: a session key between the client and the address assignment server is generated by the client.
Timestamp: a character string is generated based on the current time.
Δt: error time, in seconds, where 0< Δt <1.
Hash: the hash algorithm, i.e. the hash function, is a one-way cryptosystem, which can only be encrypted and not decrypted, such as MD5, SHA-1, etc. For the authentication server to generate a key.
Option180: the Option for carrying the security authentication information is to distinguish from the Option of the address allocation protocol message, and the security authentication process uses a custom Option format, wherein the Option code is 180, and the format is shown in fig. 8.
The database of the third party trusted authentication server AS stores the identity information and authentication identification of all legal hosts in the network, and the public key and the private key of the address distribution server and the shared key between the address distribution server and the authentication server are key mechanisms for realizing mutual authentication between the client and the server.
The example uses the automatic allocation protocol of the server broadcast address as a specific application example, and describes the security authentication process. Fig. 10 is a timing chart of a specific application example.
The address assignment server registers with the authentication server, which generates a pair of public key Ks for it -1 And a private key Ks, and a shared key Ksas. The shared secret key is generated by adopting a Diffie-Hellman secret key exchange algorithm so as to ensure the security of the secret key transmission process. The specific transmission process is shown in fig. 10, and the steps further include:
s101: the authentication server first adopts a Diffie-Hellman algorithm to agree on a shared key Ksas with the address allocation server. Both parties store the shared key.
S102: the authentication server encrypts the private key with the shared key and transmits the encrypted private key to the address distribution server, i.e., { Ks } Ksas . The address assignment server receives the decryption and saves the private key Ks.
After the Client is started, the Client is registered on an authentication server, and the authentication server generates identity authentication identification { Client }, for the Client Ksas And with public key Ks of address allocation server -1 Together back to the client. According to fig. 10, the step further comprises:
s201: after the client is started, a temporary address is generated, and registration is initiated to the authentication server. The temporary address is obtained by performing hash operation according to the identity characteristic information (such as a host name, a CPU serial number and the like) of the client. Although the temporary address is used only for registering identity information and key exchange, it is still necessary to avoid collisions for a certain time. Continuously broadcasting a start message, and if no conflict response is received within a specified time, using a temporary address to send a registration application to an authentication server; otherwise, the temporary address is regenerated. The temporary address is released after the client receives the authentication server response.
S202: after receiving the registration application, the authentication server generates an identity authentication identifier { Client }, for the Client Ksas . The identity authentication mark adopts an authentication server and an addressThe shared key Ksas between the distribution servers encrypts the identity information of the clients. The client saves the identity authentication identifier for use in subsequently authenticating the client identity.
S203: the authentication server distributes the public key Ks of the address distribution server -1 To the client.
The address distribution server broadcasts an address release message, and uses a private key Ks to digitally sign the message, and the signature is carried in the message so as to prevent a malicious host from being masqueraded and tampered.
S301-S401: after receiving the broadcast message, the client uses the public key Ks of the address distribution server -1 Verifying the digital signature, if the verification passes, receiving the published address block and generating an access ticket { Client, kcs, timestamp } Ks -1 With identity authentication mark { Client } Ksas Together to the address assignment server.
Wherein the access ticket is composed of Client identity information Client, session key Kcs and Timestamp information via the public key Ks of the server -1 Encryption is used to verify the client identity and the agreed session key to the address distribution server and replay attacks can be prevented. The session key Kcs is a shared key generated by the client and the address assignment server, and can be generated by hashing the client identity information with the public key of the address assignment server, i.e., hash (Ks -1 +Client)。
S501: after receiving the application message, the address distribution server verifies the identity of the client according to the access ticket and the identity authentication identifier, if the verification is passed, the session key Kcs is saved and the subsequent message carries the encrypted time stamp { Timestamp }, of the session key Kcs Thereby establishing a secure channel.
Wherein the flow of verifying the identity of the client is as follows. The address distribution server decrypts the access ticket by using the private key Ks to obtain { Client, kcs, timestamp }, decrypts the identity authentication mark by using the shared key Ksas between the address distribution server and the authentication server to obtain { Client }, further verifies Timestamp information if the Client identity information is consistent in comparison, and passes the verification if the Timestamp is different from the current time by delta T time (0 < delta T < 1). Otherwise, the verification fails and the message is discarded.
S601: the client receives the address approval message, decrypts the time stamp by using the agreed session key, can verify the identity of the address distribution server, and ensures the safety of communication in the follow-up session by adopting a mode of encrypting the time stamp by the session key.
Through the previous steps, the client and the address assignment server have mutually authenticated the identity and obtained the session key, and in the subsequent data communication, only { Timestamp } needs to be carried in the message Kcs The identity can be confirmed, and replay attack can be prevented.
The application relates to a secure authentication method of an address automatic allocation protocol, which not only can authenticate an address allocation server, but also can authenticate a client, and mutual authentication of two parties in the address allocation process is realized by utilizing a third party trusted authentication server, thereby effectively avoiding the situations that an attacker maliciously broadcasts illegal addresses, a malicious host applies for the addresses to consume legal addresses and the like.
In addition, the application also agrees with the session key while the two parties mutually authenticate the identity, and can ensure the safety of communication in the subsequent address allocation interaction process. From the security point of view, not only can message authentication be realized, but also common attacks, such as replay attacks, man-in-the-middle attacks and the like, can be prevented. From the compatibility point of view, the state and the protocol format of the original protocol are not changed, so that the client-side server using the original protocol can be interacted with, and the good compatibility is realized.
Those of ordinary skill in the art will appreciate that all or some of the steps, systems, functional modules/units in the apparatus, and methods disclosed above may be implemented as software, firmware, hardware, and suitable combinations thereof. In a hardware implementation, the division between the functional modules/units mentioned in the above description does not necessarily correspond to the division of physical components; for example, one physical component may have multiple functions, or one function or step may be performed cooperatively by several physical components. Some or all of the physical components may be implemented as software executed by a processor, such as a central processing unit, digital signal processor, or microprocessor, or as hardware, or as an integrated circuit, such as an application specific integrated circuit. Such software may be distributed on computer readable media, which may include computer storage media (or non-transitory media) and communication media (or transitory media). The term computer storage media includes both volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data, as known to those skilled in the art. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital Versatile Disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can be accessed by a computer. Furthermore, as is well known to those of ordinary skill in the art, communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media.
It should be noted that in this document, relational terms such as "first" and "second" and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The foregoing is only a specific embodiment of the invention to enable those skilled in the art to understand or practice the invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (8)

1. An address automatic allocation protocol security authentication method applied to a network comprising an address allocation server, an authentication server and a client, is characterized by comprising the following steps:
the address distribution server registers on the authentication server and receives the public key, the private key and the shared key generated by the authentication server;
the address distribution server broadcasts an address release message, digitally signs the address release message through a private key, and carries the signature in the address release message;
the address distribution server receives an access bill and an identity authentication identifier of the client, which are generated after the client verifies that the address release message passes; the access ticket is formed by encrypting client body information, a session key and time stamp information through a public key;
the address distribution server verifies the identity of the client according to the access ticket and the identity authentication mark;
when the identity verification of the client passes, the address distribution server sends a distribution address message to the client;
the address distribution server verifies the identity of the client according to the access bill and the identity authentication mark, and the address distribution server comprises:
the address distribution server decrypts the access ticket by using a private key to obtain client identity information, a session key and time stamp information, and decrypts the identity authentication mark by using a shared key with the authentication server to obtain the identity information of the client;
If the client identity information obtained by decrypting the access ticket is consistent with the identity information of the client obtained by decrypting the identity authentication mark, verifying the timestamp information;
if the difference value between the time stamp information and the current moment is within a preset range, the verification is passed;
wherein, the address distribution server sends a distribution address message to the client, and the method comprises the following steps:
the address distribution server saves the session key and sends an address approval message carrying the encrypted time stamp of the session key to the client.
2. The address assignment protocol security authentication method as claimed in claim 1, wherein the address assignment server registers with the authentication server and receives the public key, the private key, and the shared key generated by the authentication server, comprising:
the address allocation server and the authentication server set a shared key;
the address distribution server receives the private key which is sent by the authentication server and is encrypted by the shared key;
and the address distribution server decrypts the private key encrypted by the shared key to obtain the private key.
3. The address automatic allocation protocol security authentication method according to claim 1, wherein if the difference between the time stamp information and the current time is not within a preset range, the verification fails.
4. An address automatic assignment protocol security authentication apparatus applied to an address assignment server in a network including the address assignment server, the authentication server, and a client, the apparatus comprising:
the first registration module is used for registering on the authentication server and receiving a public key, a private key and a shared key generated by the authentication server;
the message issuing module is used for broadcasting an address issuing message, digitally signing the address issuing message through a private key and carrying the signature in the address issuing message;
the first receiving module is used for receiving the access ticket and the identity authentication identifier of the client, which are generated after the client verification address release message passes;
the first verification module is used for verifying the identity of the client according to the access bill and the identity authentication identifier; the access ticket is formed by encrypting client body information, a session key and time stamp information through a public key;
the first sending module is used for sending an address allocation message to the client when the identity verification of the client is passed;
the first verification module is specifically configured to:
decrypting the access ticket by using a private key to obtain client identity information, a session key and timestamp information, and decrypting the identity authentication mark by using a shared key with an authentication server to obtain the identity information of the client;
If the client identity information obtained by decrypting the access ticket is consistent with the identity information of the client obtained by decrypting the identity authentication mark, verifying the timestamp information;
if the difference value between the time stamp information and the current moment is within a preset range, the verification is passed;
the first sending module is specifically configured to: when the identity of the client passes, the session key is saved, and an address approval message carrying the encrypted time stamp of the session key is sent to the client.
5. An address automatic allocation protocol security authentication method applied to a network comprising an address allocation server, an authentication server and a client, is characterized by comprising the following steps:
after the client is started, registering on an authentication server, and receiving an identity authentication identifier generated by the authentication server and a public key of an address allocation server; the identity authentication mark is obtained by encrypting the identity information of the client by adopting a shared secret key between an authentication server and an address distribution server;
the client receives the address release message signed by the address distribution server and verifies the digital signature in the address release message by using the public key of the address distribution server;
When the address release message passes the verification, the client receives an address block in the address release message and generates an access ticket; the access ticket is formed by encrypting client body information, a session key and time stamp information through a public key;
the client sends the access ticket and the identity authentication identifier to an address distribution server, so that the address distribution server verifies the identity of the client according to the access ticket and the identity authentication identifier;
the client receives an address approval message sent by the address allocation server, wherein the address approval message comprises: the address approval message and the time stamp encrypted by the session key are decrypted by using the agreed session key;
verifying the identity of the address distribution server according to the decrypted time stamp;
when the authentication of the address assignment server passes, the client saves the session key.
6. The address automatic allocation protocol security authentication method according to claim 5, wherein the client registers on the authentication server after being started, and receives the identity authentication identifier generated by the authentication server and the public key of the address allocation server, comprising:
Generating a temporary address after the client is started, and initiating registration to an authentication server;
the client receives the identity authentication identifier generated by the authentication server and the public key of the address allocation server.
7. The address automatic allocation protocol security authentication method according to claim 6, wherein after generating the temporary address after the client is started, the method further comprises:
the client continuously broadcasts a start message;
if the conflict response is not received within the preset time, continuing to execute the step of initiating registration to the authentication server;
otherwise, the temporary address is regenerated.
8. An address automatic allocation protocol security authentication device for use with a client in a network comprising an address allocation server, an authentication server and a client, the device comprising:
the second registration module is used for registering on the authentication server after starting and receiving an identity authentication identifier generated by the authentication server and a public key of the address allocation server; the identity authentication mark is obtained by encrypting the identity information of the client by adopting a shared secret key between an authentication server and an address distribution server;
the second verification module is used for receiving the address release message signed by the address distribution server and verifying the digital signature in the address release message by using the public key of the address distribution server;
The second receiving module is used for receiving an address block in the address release message to generate an access bill when the address release message passes the verification; the access ticket is formed by encrypting client body information, a session key and time stamp information through a public key;
the second sending module is used for sending the access ticket and the identity authentication identifier to an address distribution server so that the address distribution server verifies the identity of the client according to the access ticket and the identity authentication identifier;
the decryption module is used for receiving an address approval message sent by the address distribution server, wherein the address approval message comprises: the address approval message and the time stamp encrypted by the session key are decrypted by using the agreed session key;
the second verification module is further configured to: verifying the identity of the address distribution server according to the decrypted time stamp; and when the identity verification of the address distribution server is passed, saving a session key.
CN201811513622.9A 2018-12-11 2018-12-11 Address automatic allocation protocol security authentication method and equipment Active CN111314269B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811513622.9A CN111314269B (en) 2018-12-11 2018-12-11 Address automatic allocation protocol security authentication method and equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811513622.9A CN111314269B (en) 2018-12-11 2018-12-11 Address automatic allocation protocol security authentication method and equipment

Publications (2)

Publication Number Publication Date
CN111314269A CN111314269A (en) 2020-06-19
CN111314269B true CN111314269B (en) 2023-09-12

Family

ID=71159822

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811513622.9A Active CN111314269B (en) 2018-12-11 2018-12-11 Address automatic allocation protocol security authentication method and equipment

Country Status (1)

Country Link
CN (1) CN111314269B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112491836B (en) * 2020-11-16 2022-04-22 新华三技术有限公司合肥分公司 Communication system, method, device and electronic equipment
CN112953936A (en) * 2021-02-18 2021-06-11 泰州中科树人信息科技有限公司 Encrypted video playing technology based on ZKSR protocol
CN115065559B (en) * 2022-08-15 2022-12-27 浙江毫微米科技有限公司 Identity authentication system, method and device, electronic equipment and storage medium

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101184100A (en) * 2007-12-14 2008-05-21 中兴通讯股份有限公司 User access authentication method based on dynamic host machine configuration protocol
WO2009035829A1 (en) * 2007-09-12 2009-03-19 Microsoft Corporation Improved dynamic host configuration protocol
CN102123157A (en) * 2011-03-03 2011-07-13 上海华为技术有限公司 Authentication method and system
CN102651736A (en) * 2011-02-28 2012-08-29 华为技术有限公司 DHCP-based authentication method, DHCP server and DHCP client side
CN103379094A (en) * 2012-04-18 2013-10-30 中兴通讯股份有限公司 Method for protecting DHCP (Dynamic Host Configuration Protocol), sender and receiver
WO2014069985A1 (en) * 2012-11-05 2014-05-08 Mimos Berhad System and method for identity-based entity authentication for client-server communications
CN105721496A (en) * 2016-03-31 2016-06-29 中国人民解放军国防科学技术大学 Security authentication method for automatic distribution protocol of lightweight address
CN108600207A (en) * 2018-04-12 2018-09-28 清华大学 Network authentication based on 802.1X and SAVI and access method

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10454887B2 (en) * 2015-11-18 2019-10-22 Cisco Technology, Inc. Allocation of local MAC addresses to client devices

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009035829A1 (en) * 2007-09-12 2009-03-19 Microsoft Corporation Improved dynamic host configuration protocol
CN101184100A (en) * 2007-12-14 2008-05-21 中兴通讯股份有限公司 User access authentication method based on dynamic host machine configuration protocol
CN102651736A (en) * 2011-02-28 2012-08-29 华为技术有限公司 DHCP-based authentication method, DHCP server and DHCP client side
CN102123157A (en) * 2011-03-03 2011-07-13 上海华为技术有限公司 Authentication method and system
CN103379094A (en) * 2012-04-18 2013-10-30 中兴通讯股份有限公司 Method for protecting DHCP (Dynamic Host Configuration Protocol), sender and receiver
WO2014069985A1 (en) * 2012-11-05 2014-05-08 Mimos Berhad System and method for identity-based entity authentication for client-server communications
CN105721496A (en) * 2016-03-31 2016-06-29 中国人民解放军国防科学技术大学 Security authentication method for automatic distribution protocol of lightweight address
CN108600207A (en) * 2018-04-12 2018-09-28 清华大学 Network authentication based on 802.1X and SAVI and access method

Also Published As

Publication number Publication date
CN111314269A (en) 2020-06-19

Similar Documents

Publication Publication Date Title
US8196186B2 (en) Security architecture for peer-to-peer storage system
US11451614B2 (en) Cloud authenticated offline file sharing
US6993652B2 (en) Method and system for providing client privacy when requesting content from a public server
WO2018050081A1 (en) Device identity authentication method and apparatus, electric device, and storage medium
US9219607B2 (en) Provisioning sensitive data into third party
US8285989B2 (en) Establishing a secured communication session
KR102177794B1 (en) Distributed device authentication protocol in internet of things blockchain environment
CN111869249A (en) Safe BLE JUST WORKS pairing method for man-in-the-middle attack
CN106941404B (en) Key protection method and device
CN111314269B (en) Address automatic allocation protocol security authentication method and equipment
CN111080299B (en) Anti-repudiation method for transaction information, client and server
KR20080050134A (en) Server, client and method for integrated user authentication in a system of multi-authentication means
CN102082665A (en) Identity authentication method, system and equipment in EAP (Extensible Authentication Protocol) authentication
He et al. An accountable, privacy-preserving, and efficient authentication framework for wireless access networks
CN112600831B (en) Network client identity authentication system and method
WO2014194818A1 (en) Method for discovering user of equipment, and user equipment
CN110771087B (en) Private key update
WO2017008556A1 (en) Authentication method and device for wireless access point and management platform
KR101256114B1 (en) Message authentication code test method and system of many mac testserver
US20210111906A1 (en) Pseudonym credential configuration method and apparatus
JP6765993B2 (en) Credential generation system and method
CN116506120B (en) Key loading method, key system and readable storage medium
JP2013179473A (en) Account generation management system, account generation management server, account generation management method, account generation management program
US8225086B2 (en) Method and apparatus for remotely authenticating a command
WO2022088962A1 (en) Verification method and encryption method for 5g terminal data, and terminal and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant