CN113179153B - User authentication and key agreement method based on certificateless - Google Patents
User authentication and key agreement method based on certificateless Download PDFInfo
- Publication number
- CN113179153B CN113179153B CN202110304286.2A CN202110304286A CN113179153B CN 113179153 B CN113179153 B CN 113179153B CN 202110304286 A CN202110304286 A CN 202110304286A CN 113179153 B CN113179153 B CN 113179153B
- Authority
- CN
- China
- Prior art keywords
- user
- key
- value
- kgc
- public
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
- H04L9/0847—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving identity based encryption [IBE] schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3066—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
- H04L9/3073—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- Algebra (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Analysis (AREA)
- Mathematical Optimization (AREA)
- Mathematical Physics (AREA)
- Pure & Applied Mathematics (AREA)
- Power Engineering (AREA)
- Computing Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to the technical field of information security, and discloses a certificateless user authentication and key agreement method, which comprises the steps of setting system parameters and initializing a system; at the sending end of the certificateless environment, the user randomly selects the secret value xUAnd determining the corresponding common value yUKGC based on user identity IDUCommon value yUDetermining a partial private key DUThe sending end receives part of private key D provided by KGCUPost determination of the complete private key SUFinally according to the complete private key SUAnd a common value yUGenerating a complete public key; verifying the complete public key; given the secret value x of the sender user aAID, IDAPublic value yAAnd a public value y of the recipient user BBAnd generating a ciphertext and finally generating a session key. Compared with the prior art, the invention can realize that the two parties of the user jointly negotiate the safe key in the certificateless environment.
Description
Technical Field
The invention relates to the technical field of information security, in particular to a certificateless user authentication and key agreement method.
Background
Key agreement is an important link of secure communication, and a shared session key can be established between communication nodes through a key agreement protocol, and the key can be used for ensuring confidentiality and integrity in a communication process. According to the difference of the public key verification mode under the public key cryptosystem, a plurality of identity-based, certificate-based and certificate-free two-party authenticated key agreement protocols are researched at present.
Under a traditional cryptosystem Based on a public key certificate, a public key of a user is authenticated by a certificate authority to issue a certificate, the management process of the public key certificate is complex and extremely costly, and in order to simplify the certificate management process, in 1984, Shamir first proposes an identity-Based cryptosystem [ Shamir A. identity-Based cryptosystems and signature schemes. in: Proc. of the Cryptor' 84.LNCS 196, Berlin: spring-Verlag, 1984.47-53 ]. In the public key cryptosystem based on the identity, a user uses the identity of the user as a public key, such as an identification of a mailbox, a mobile phone number and the like, so that a public key certificate, an authentication process and the like are not required to be obtained. In 2003, AIRiyami et al proposed a first certificateless two-party key agreement protocol [ AI-RIYAMI S, PATERSON K G.Certificateless public key cryptography [ C ]. In: Advances In cryptography-ASIACRYPT 2003.Springer Berlin Heidelberg,2003:452 473 ]. Mandet et al In 2006 indicated that the scheme proposed by AIRiyami et al was not resistant to temporary key-leakage attacks and proposed a new protocol scheme [ MANDT T K, TAN C H. Certificateless authenticated two-party key acquisition protocol [ C ]. In: Advances In Computer Science-ASIAN2006.Springer Berlin Heidelberg,2006: 37-44 ]. 2011 Liuwenhao et al proposed two party protocols based on signatures [ LIU W H, XU C X.two party certificate authority schemes [ J ] Journal of software 2011,22(11): 2843-. In 2017, et al, claimed eCK (a formalized method for designing and analyzing a two-party authenticated key agreement protocol) model, a two-party protocol [ ZHOU Y W, YANG B, ZHANG W Z. an improved two-party authenticated trusted key agreement protocol-col [ J ]. Chinese Journal of computers,2017,40(5):1181-1191 ], but failed to resist temporary key leakage attacks. Wu et al, 2019, presented a two-party protocol [ WU T, JING X J.two-party-authenticated key authentication protocol with enhanced security [ J ]. the journal of China Universities of Posts and decelluminations, 2019,26(1): 12-20 ] under model eCK, but demonstrated that it was not resistant to KCI (Key leak camouflage) attacks by class I adversaries.
The above certificateless based user authentication and key agreement protocols suffer more or less from security problems or computational complexity problems. Therefore, there is a need for a certificateless user authentication and key agreement method that is efficient and secure, and that solves the problems of key escrow and certificate issue difficulties.
Disclosure of Invention
The invention aims to: aiming at the problems in the prior art, the invention provides a certificateless user authentication and key agreement method, which can realize that a user and a user jointly negotiate a safe key in a certificateless environment.
The technical scheme is as follows: the invention provides a certificateless user authentication and key agreement method, which comprises the following steps:
s1: setting system parameters and initializing the system: the system parameters comprise a safety parameter k and an addition group G1Multiplication group G2Prime order P, generator P, bilinear mapping and four hash functions; also includes a master keyThe corresponding private key, wherein,represents an integer group excluding 0; disclosing each system parameter and keeping a master key s secret;
s2: at the sending end of the certificateless environment, the user randomly selects the secret value xUAnd determining the corresponding common value yUKGC based on user identity IDUCommon value yUDetermining a partial private key DUThe sending end receives part of private key D provided by KGCUAnd then according to part of private key DUDetermination of the complete private key SUFinally according to finishFull private key SUAnd a common value yUGenerating a complete public key;
s3: verifying the full public key generated in step S2;
s4: given the secret value x of the sender user aAID, IDAPublic value yAAnd a public value y of the recipient user BBThen, user A randomly selects a secret key K e {0,1}n,After a commitment value r is calculated, a ciphertext is generated through XOR, Hash operation and bilinear pairwise operation;
s5: the user B receives the ciphertext in the step S4 and the identity ID of the user AACommon value yAAnd then calculating a commitment value r, recovering a key through XOR, Hash operation and bilinear pairwise operation according to the ciphertext, determining a verification value according to the recovered key, and if the verification is successful, passing the identity verification of the user A and establishing a session key to form a final session key.
Further, the detailed system parameters in S1 are:
selecting an addition group G from a safety parameter k, KGC1And a multiplicative group G2Two groups have the same order P, P is prime number, and P is addition group G1The generation element(s) of (a),G1×G1→G2four secure hash functions are defined for a bilinear map, each H1:H2:H3:G2→{0,1}nAnd H4:Message with n as identityLength, KGC random selection of master keyAnd calculates the corresponding private key PpubDiscloses system parameters for sP and KGCAnd keeps secret the master key s; wherein, the first and the second end of the pipe are connected with each other,from G2And (4) generating.
Further, in S2, generating a complete private key at the sending end in the certificateless environment, specifically:
s2.2: the user can obtain the secret value x according to himselfUCalculate the corresponding common value
S2.3: user provides KGC with identity IDUAnd a common value yUKGC calculates partial private keyAnd partial private key DUSending the information to the user in a safe mode;
s2.4: the user receives part of private key D provided by KGCUThen, calculate out its own complete private key SU=(xU,DU)。
Further, the step S2 of generating a complete public key at the sending end in the certificateless environment specifically includes:
s2.5: in step S2.4 a complete private key S is givenU=(xU,DU) And a common value yUThen, a number alpha is randomly selected,and calculating rU,rU=gα;
S2.6: calculating the Hash value hU,hU=H1(rU,yU,IDU);
S2.8: computing to generate an auxiliary public key verification value TU,TU=(α-xU,hU)DU;
S2.9: exporting full public key (y)U,hU,TU)。
Further, the full public key verification in S3 specifically includes the following steps:
s3.1: given a full public key (y)U,hU,TU) The verifier checks yUWhether the order of (c) is p (i.e.y)UNot equal to 1, however);
S3.3: calculating a verification value h'U=H1(rU,yU,IDU);
S3.4: if and only if h'U=hUAnd if so, receiving the complete public key, successfully verifying the complete public key, and otherwise, returning an error symbol of ^ T.
Further, the specific step of generating the ciphertext in S4 is:
s4.1: secret value x at a given sender user aAID, IDACommon value yAAnd a public value y of the recipient user BBThen, user A randomly selects a secret key K e {0,1}n,And the value of the commitment r is calculated,
s4.2: the user a calculates the value of c,whereinIs an XOR operation, H3(r) performing a Hash operation on the commitment r;
s4.3: the user A calculates the verification value H, H ═ H4(r,yA,yB,IDA,IDB,K);
s4.5: finally, the ciphertext σ ═ (c, h, z) is generated, where h is the verification value.
Further, the specific step of forming the final session key in S5 is:
s5.1: when user B receives the ciphertext σ ═ (c, h, z) and user a's identity IDAAnd a common value y of the userAThen, user B calculates the commitment r value according to the known information,
s5.2: the user B calculates an authentication value H', H ═ H according to the secret key K4(r,yA,yB,IDA,IDB,K);
S5.3: if H ═ H ', the sender's authentication is passed and the session key establishment H ═ H4(r,yA,yB,IDA,IDBK); otherwise, returning an error symbol T.
Further, the full public key may be issued without authentication.
Has the beneficial effects that: the invention constructs a safe user authentication and key agreement method in a certificateless environment, solves the problems of complex management process and extremely high cost of the traditional public key certificate, is proved to be safe in a random prediction model, has simple operation, is easy to transmit in a communication channel, and is an ideal key agreement method.
Drawings
FIG. 1 is a flowchart illustrating client user authentication and key agreement according to an embodiment of the present invention;
fig. 2 is a flowchart of server-side user authentication and key agreement according to an embodiment of the present invention.
Detailed Description
The invention is further described below with reference to the accompanying drawings. The following examples are only for illustrating the technical solutions of the present invention more clearly, and the protection scope of the present invention is not limited thereby.
The present invention is described by taking communication between a client and a server as an example, and refer to fig. 1 and fig. 2.
The invention discloses a certificateless user authentication and key agreement method, which mainly comprises the following steps:
an initialization stage: given a safety parameter k, KGC selects an addition group G1And a multiplicative group G2Two groups have the same order P, P being prime and P being additive group to generate G1The generation element(s) of (a),G1×G1→G2for a bilinear mapping, four secure hash functions are defined, each H1:H2:H3:G2→{0,1}nAnd H4:KGC randomly selects master keyAnd calculates the corresponding private key PpubsP. KGC discloses system parametersAnd keeps the master key s secret. Here, theFrom G2And (4) generating.
A registration stage: both the client and server sides register in a certificate-less based environment.
For registration of the client:
the client provides the KGC with its own identity IDATo make the key negotiated by both parties time-efficient, the KGC selects an expiration date ED and calculates part of the private keyKGC then reconciles a portion of private key DAAnd the expiration date ED is sent to the client in a secure manner. To this end, we can use an offline method or an online Transport Layer Security (TLS) method for delivery.
Client random selectionAs its own secret value, based on the selected secret value xACalculating corresponding public valuesAfter receiving the partial private key provided by KGC, calculating corresponding complete private key SA=(xA,DA);
Calculating the complete private key S at the clientA=(xA,DA) ) and a common value yAThen, the following steps are executed for calculating the complete public key of the client:
the client selects a random number alpha,and calculating rA,rA=gαThen calculate the Hash value hA,hA=H1(rA,yA,IDA) ) and then calculates the auxiliary public key verification value TA,TA=(α-xA,hA)DAFinally, the full public key (y) is outputA,hA,TA) And publishes the full public key and then performs full public key verification.
The full public key verification comprises the following steps:
firstly, the server side carries out identity verification on the client side according to public information, and the identity verification executes the following steps: given a client's full public key (y)A,hA,TA) The verifier checks yAWhether the order of (a) is p (i.e.y)UNot equal to 1, however) Then r is calculatedA,Finally, the verification value h 'is calculated'A=H1(rA,yA,IDA). If and only if hA=h'AAnd if so, receiving the identity of the client, successfully verifying the public key, and otherwise, returning an error symbol of reverse sign.
The registration of the server side is the same as that of the client side, and details are not repeated.
When the client and the server want to jointly negotiate the key establishment, the following steps are executed:
the client end firstly selects a random session key K e for {0,1}n,And the value of r is calculated,and then the calculation of c is carried out,whereinIs an XOR operation, H3(r) Hash operation is performed on r, and then verification value H is calculated, H is H4(r,yA,yB,IDA,IDBK, ED), and then the verification-related parameter value z is calculated,and finally generating a ciphertext sigma (c, h, z), wherein h is a verification value.
After receiving the ciphertext sigma (c, h, z) sent by the client, the server executes the following steps:
the server side calculates the r value according to the known information,then, the key K of the key agreement is restored according to the ciphertext c,finally, the verification value H', H ═ H is calculated according to the secret key4(r,yA,yB,IDA,IDBK, ED). If h ═ h', a session key K is established between the client and the server, K being known only to the client and the server, which ensures the confidentiality of the subsequent communication between the client and the server. Otherwise, the server end refuses the key K transmitted by the client end, and the establishment of the negotiation key is unsuccessful.
The symbols used primarily during the practice for this particular example are summarized in table 1 below:
TABLE 1
The above embodiments are merely illustrative of the technical concepts and features of the present invention, and the purpose of the embodiments is to enable those skilled in the art to understand the contents of the present invention and implement the present invention, and not to limit the protection scope of the present invention. All equivalent changes and modifications made according to the spirit of the present invention should be covered within the protection scope of the present invention.
Claims (2)
1. A certificateless-based user authentication and key agreement method is characterized by comprising the following steps:
s1: setting system parameters and initializing the system, wherein the detailed system parameters are as follows: selecting an addition group G from a safety parameter k, KGC1And a multiplicative group G2Two groups have the same order P, P is prime number, and P is addition group G1The generation element of (a) is generated,G1×G1→G2for a bilinear mapping, four secure hash functions are defined, each H1:H2:H3:G2→{0,1}nAnd H4: n is the message length of the identity, KGC randomly selects the master keyAnd calculates the corresponding private key PpubsP and KGC disclose system parametersAnd keeps secret the master key s; wherein, the first and the second end of the pipe are connected with each other,from G2Generating:
s2: at the sending end of the certificateless environment, the user randomly selects the secret value xUAnd determining the corresponding common value yUKGC according to the user identity IDUPublic value yUDetermining a partial private key DUThe sending end receives part of private key D provided by KGCUAnd then according to part of private key DUDetermination of the complete private key SUFinally based on the complete private key SUAnd a common value yUGenerating a complete public key; the specific operation is as follows:
s2.2: the user can obtain the secret value x according to himselfUCalculate the corresponding common value
S2.3: user provides KGC with identity IDUAnd a common value yUKGC calculating partial private keysAnd part of the private key DUSending the information to the user in a safe mode;
s2.4: the user receives part of private key D provided by KGCUThen, calculating out its complete private key SU=(xU,DU);
S2.5: in step S2.4 a full private key S is givenU=(xU,DU) And a common value yUThen, a number alpha is randomly selected,and calculating rU,rU=gα;
S2.6: calculating the Hash value hU,hU=H1(rU,yU,IDU);
S2.7: computing to generate an auxiliary public key verification value TU,TU=(α-xU,hU)DU;
S2.8: exporting the full public key (y)U,hU,TU);
S3: verifying the full public key generated in step S2, where the full public key verification specifically includes the following steps:
s3.1: given a full public key (y)U,hU,TU) The verifier checks yUWhether the order of (c) is p (i.e.y)UNot equal to 1, however);
S3.3: calculating a verification value h'U=H1(rU,yU,IDU);
S3.4: if and only if h'U=hUIf so, receiving the complete public key, successfully verifying the complete public key, and otherwise, returning an error symbol of T;
s4: given the secret value x of the sender user aAID, IDACommon value yAAnd a public value y of the recipient user BBThen, user A randomly selects a secret key K epsilon {0,1}n,After a commitment value r is calculated, a ciphertext is generated through an XOR operation, a Hash operation and a bilinear pairing operation; the method specifically comprises the following steps:
s4.1: secret value x at a given sender user aAID, IDACommon value yAAnd a public value y of the recipient user BBThen, user A randomly selects a secret key K epsilon {0,1}n,And a value of the commitment r is calculated,
s4.2: the user a calculates the value of c,whereinIs an XOR operation, H3(r) performing a Hash operation on the commitment r;
s4.3: user A calculates a verification value H, H ═ H4(r,yA,yB,IDA,IDB,K);
s4.5: finally, generating a ciphertext sigma (c, h, z), wherein h is a verification value;
s5: the user B receives the ciphertext in the step S4 and the identity ID of the user AAPublic value yAThen, calculating a commitment value r, recovering a key through XOR, Hash operation and bilinear pairwise operation according to the ciphertext, determining a verification value according to the recovered key, and if the verification is successful, passing the identity verification of the user A and establishing a session key to form a final session key; the method comprises the following specific steps:
s5.1: when user B receives the ciphertext σ ═ (c, h, z) and user a's identity IDAAnd a common value y of the userAThen, user B calculates the commitment r value according to the known information,
s5.2: the user B calculates an authentication value H ', H ═ H' from the key K4(r,yA,yB,IDA,IDB,K);
S5.3: if H-H ', the sender's authentication is passed and the session key is established H-H4(r,yA,yB,IDA,IDBK); otherwise, returning an error symbol T.
2. The certificateless user authentication and key agreement-based method of claim 1, wherein the full public key is issued without authentication.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110304286.2A CN113179153B (en) | 2021-03-22 | 2021-03-22 | User authentication and key agreement method based on certificateless |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110304286.2A CN113179153B (en) | 2021-03-22 | 2021-03-22 | User authentication and key agreement method based on certificateless |
Publications (2)
Publication Number | Publication Date |
---|---|
CN113179153A CN113179153A (en) | 2021-07-27 |
CN113179153B true CN113179153B (en) | 2022-07-15 |
Family
ID=76922151
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110304286.2A Active CN113179153B (en) | 2021-03-22 | 2021-03-22 | User authentication and key agreement method based on certificateless |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113179153B (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114095163A (en) * | 2021-11-18 | 2022-02-25 | 河南许继仪表有限公司 | Certificateless key agreement method for electricity consumption information acquisition system |
CN116599659B (en) * | 2023-05-26 | 2024-01-26 | 重庆大学 | Certificate-free identity authentication and key negotiation method and system |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104270249A (en) * | 2014-09-23 | 2015-01-07 | 电子科技大学 | Signcryption method from certificateless environment to identity environment |
WO2016187690A1 (en) * | 2015-05-26 | 2016-12-01 | Infosec Global Inc. | Key agreement protocol |
CN107437993A (en) * | 2016-05-26 | 2017-12-05 | 中兴通讯股份有限公司 | One kind is based on without the side's authentication key agreement method of certificate two and device |
CN111314076A (en) * | 2020-03-31 | 2020-06-19 | 四川九强通信科技有限公司 | Certificateless key agreement method supporting bidirectional authentication |
-
2021
- 2021-03-22 CN CN202110304286.2A patent/CN113179153B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104270249A (en) * | 2014-09-23 | 2015-01-07 | 电子科技大学 | Signcryption method from certificateless environment to identity environment |
WO2016187690A1 (en) * | 2015-05-26 | 2016-12-01 | Infosec Global Inc. | Key agreement protocol |
CN107437993A (en) * | 2016-05-26 | 2017-12-05 | 中兴通讯股份有限公司 | One kind is based on without the side's authentication key agreement method of certificate two and device |
CN111314076A (en) * | 2020-03-31 | 2020-06-19 | 四川九强通信科技有限公司 | Certificateless key agreement method supporting bidirectional authentication |
Non-Patent Citations (1)
Title |
---|
一个高效的无证书两方认证密钥协商协议;裴雨潇等;《信息技术》;20170525(第05期);全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN113179153A (en) | 2021-07-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110505058B (en) | Identity authentication method for heterogeneous block chain in cross-chain scene | |
CN107947913B (en) | Anonymous authentication method and system based on identity | |
CN107659395B (en) | Identity-based distributed authentication method and system in multi-server environment | |
JP4837729B2 (en) | Cryptographic authentication method, computer system and data carrier | |
US8930704B2 (en) | Digital signature method and system | |
US8464060B2 (en) | Method and structure for self-sealed joint proof-of-knowledge and diffie-hellman key-exchange protocols | |
CN108667626A (en) | The two sides cooperation SM2 endorsement methods of safety | |
CN108667627B (en) | SM2 digital signature method based on two-party cooperation | |
CN105959269A (en) | ID-based authenticated dynamic group key agreement method | |
CN113572603B (en) | Heterogeneous user authentication and key negotiation method | |
CN110113150B (en) | Encryption method and system based on non-certificate environment and capable of repudiation authentication | |
CN109639439A (en) | A kind of ECDSA digital signature method based on two sides collaboration | |
CN113179153B (en) | User authentication and key agreement method based on certificateless | |
CN113556237A (en) | Threshold signature method, system, device and storage medium based on aggregation of multiple signatures | |
CN111181718A (en) | Anti-quantum computing IKE system based on alliance chain and negotiation communication method | |
CN113162773A (en) | Heterogeneous blind signcryption method capable of proving safety | |
CN113132104A (en) | Active and safe ECDSA (electronic signature SA) digital signature two-party generation method | |
Heninger | RSA, DH, and DSA in the Wild | |
CN111245615B (en) | Digital signature password reverse firewall method based on identity | |
Zhou et al. | Three-round secret handshakes based on ElGamal and DSA | |
CN114285546B (en) | Heterogeneous signcryption communication method applicable to vehicle-mounted ad hoc network | |
Wang et al. | Perfect ambiguous optimistic fair exchange | |
Liu et al. | pKAS: A Secure Password‐Based Key Agreement Scheme for the Edge Cloud | |
Cheng et al. | Cryptanalysis and improvement of a certificateless encryption scheme in the standard model | |
CN114285580A (en) | Online and offline signcryption method from certificateless to public key infrastructure |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
EE01 | Entry into force of recordation of patent licensing contract | ||
EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20210727 Assignee: Huaian Haiheng Technology Co.,Ltd. Assignor: HUAIYIN INSTITUTE OF TECHNOLOGY Contract record no.: X2023980030550 Denomination of invention: A certificateless user authentication and key agreement method Granted publication date: 20220715 License type: Common License Record date: 20230106 |