CN113704736A - Lightweight access authentication method and system for power Internet of things equipment based on IBC system - Google Patents
Lightweight access authentication method and system for power Internet of things equipment based on IBC system Download PDFInfo
- Publication number
- CN113704736A CN113704736A CN202110830359.1A CN202110830359A CN113704736A CN 113704736 A CN113704736 A CN 113704736A CN 202110830359 A CN202110830359 A CN 202110830359A CN 113704736 A CN113704736 A CN 113704736A
- Authority
- CN
- China
- Prior art keywords
- key
- target
- equipment
- public
- ciphertext
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 20
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 24
- 238000009795 derivation Methods 0.000 claims abstract description 24
- 230000003993 interaction Effects 0.000 claims abstract description 15
- 238000004364 calculation method Methods 0.000 claims abstract description 7
- 238000012795 verification Methods 0.000 claims description 25
- 239000000654 additive Substances 0.000 claims description 6
- 230000000996 additive effect Effects 0.000 claims description 6
- 238000013507 mapping Methods 0.000 claims description 6
- 230000005540 biological transmission Effects 0.000 claims description 5
- 239000000126 substance Substances 0.000 claims description 5
- 230000009897 systematic effect Effects 0.000 claims description 5
- 230000006870 function Effects 0.000 description 12
- 238000010586 diagram Methods 0.000 description 8
- 238000004590 computer program Methods 0.000 description 7
- 238000012986 modification Methods 0.000 description 5
- 230000004048 modification Effects 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 230000008569 process Effects 0.000 description 3
- 230000004075 alteration Effects 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 230000002457 bidirectional effect Effects 0.000 description 1
- 125000004122 cyclic group Chemical group 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008447 perception Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses an IBC system-based lightweight access authentication method and system for power Internet of things equipment, and belongs to the technical field of information security. The method comprises the following steps: the application of the public and private key pair of the target equipment to the ciphertext comprises the following steps: after the target equipment generates a key application parameter, a key generation center KGC generates a target equipment identity public and private key pair according to the unique identification ID of the target equipment, and transmits a public and private key pair ciphertext to the target equipment after encrypting by using a symmetric key; the negotiation of the encryption key between the target equipment and other equipment comprises the steps of introducing a random number negotiation main key based on the identity public and private key pairs of the target equipment and other equipment when the target equipment and other equipment perform information interaction, generating a data encryption key after calculation by adopting a key derivation algorithm, and accessing authentication through the data encryption key. The method provided by the invention can realize efficient and safe access authentication of the power Internet of things equipment and enhance the safety and intelligent management level of the Internet of things equipment.
Description
Technical Field
The invention relates to the technical field of information security, in particular to a lightweight access authentication method and system for power internet of things equipment based on an IBC system.
Background
With the development of new technologies such as mobile interconnection, artificial intelligence and the like, bidirectional interaction between power users and a smart power grid is more and more frequent, and the requirements of the users on the service form and the service quality of the power grid are higher and higher. In order to meet the application requirements of power consumers and enhance the perception and participation of the power consumers to the smart grid, the power internet of things is generated. The network environment of the power internet of things is open and complex, the access control is flexible and changeable, the accessed devices are various, the number is large, and the safety performance is different. The devices generate a large amount of data in the process of participating in power grid interaction, and severe challenges are brought to terminal trust management and network security, so that research on a safety access authentication technology of massive power internet of things devices needs to be developed.
The traditional equipment security authentication is mainly based on a PKI system and is realized by adopting a digital certificate. However, PKI certificate management is complex, a multi-level CA system needs to be constructed, and issuing, revoking, verifying and storing of certificates occupy more resources. The device access authentication technology based on the IBC identification authentication system can effectively avoid the problem of complex certificate management, but the traditional IBC password system has the problems of private key escrow, relatively complex password operation and the like. The technology is not suitable for access authentication of mass power Internet of things equipment.
Disclosure of Invention
In order to solve the problems, the invention provides a lightweight access authentication method for power internet of things equipment based on an IBC system, which comprises the following steps:
the application of the public and private key pair of the target equipment to the ciphertext comprises the following steps: after the target equipment generates a key application parameter, a key generation center KGC generates a target equipment identity public and private key pair according to the unique identification ID of the target equipment, and transmits a public and private key pair ciphertext to the target equipment after encrypting by using a symmetric key;
the negotiation of the encryption key between the target equipment and other equipment comprises the steps of introducing a random number negotiation main key based on the identity public and private key pairs of the target equipment and other equipment when the target equipment and other equipment perform information interaction, generating a data encryption key after calculation by adopting a key derivation algorithm, and accessing authentication through the data encryption key.
Optionally, the application of the public and private key pair ciphertext by the target device specifically includes:
the target device selects a random number r first1And isWherein the group of the circulation groups is a circulation group,is of order q and is setA secure one-way hash function ofAccording to r1、q、And target equipment ID, generating the identity key pair application parameter paramas of the target equipment0={ID,r1,q,H(ID||r1) Will apply for the parameter paramas0={ID,r1,q,H(ID||r1) Sending the key to a key generation center KGC;
the KGC of the key generation center receives the application parameter paramas0={ID,r1,q,H(ID||r1) After that, calculating a safety parameter to see k,the security parameter k is input into a parameter generator for operation to generate a system parameter paramas1;
wherein q is a security prime, G1To satisfy the q-order additive subgroup on an elliptic curve of the bilinear mapping property, G2A sub-group of order q of a multiplicative group over a finite field,is G1×G1→G2N is the plaintext data length, P is G1I.e. P ∈ G1,PpubIs the system public key, PpubKs, P, s is the master key factor of the system,Pr=ks,Ppuband PrIs a public and private key pair of the system, H1,H2Is a systematic hash function, where H1:{0,1}*→G1,H2:{0,1}n→G2;
The key generation center KGC uses the system parameters paramas1Sending to the target device and saving the system paramas through the target device1;
Target device generates random number r2For a random number r2Obtaining a symmetric key k from a key derivation algorithm2,k2=KDF(r2) Symmetric key k is generated by key generation center KGC2Encrypting to obtain encrypted symmetric keyAnd calculating a symmetric key based on the target device IDApplying for the parameters, and applying the symmetric keySending the application parameters to a key generation center KGC;
the key generation center KGC receives the symmetric keyAfter applying for the parameters, the symmetric key is verifiedIf the integrity of the application parameter is verified, the symmetric key is decrypted to obtain the integrity of the application parameterAnd extracting the ID of the target equipment, detecting whether the ID of the target equipment is legal or not, and if so, calculating the identity public key P of the target equipmentpub1,Ppub1=H1(ID||Tv) Wherein, TvIs the validity period of the equipment;
the key generation center KGC calculates the identity private key of the target equipment based on the system master key factor and the security parameterSymmetric key k for target equipment identity private key2After encryption, obtainFor the ciphertext of the private keyDevice identity public key Ppub1And TvThe device has an expiration date signature, and obtains signed informationAnd will beSending the data to target equipment;
target device receivesThen, verifyIf the signature information passes the verification, the identity public key P of the target equipment is obtainedpub1Using a symmetric key k2The identity private key of the target equipment is obtained after the private key ciphertext information is decrypted
Optionally, the negotiating an encryption key between the target device and another device includes:
the target device is set as a device 1, the other devices are set as devices 2, and the device ID is set by the device 11And the validity period T of the private keyv1Sent to device 2, device 2 receives the device ID1And the validity period T of the private keyv1Thereafter, the public key of the device 1 is determined, the public key
Device 2 connects device ID2And the validity period T of the private keyv2Sent to the device 1, and the device 1 receives the device ID2And the validity period T of the private keyv2Determining the public key of the device 2, the public key
Device 1 selects a random number r1Using the public key of device 2Encrypting random number r1Then obtaining a ciphertext M1,Private key pair M by device 11Obtaining a signature after signing, signature S1=H1(M1||r1) The ciphertext M1And S1Sending to the device 2;
device 2 receives M1And S1Then, decrypt M1To obtainAnd verifies the signature S1If the verification is passed, selecting a random number r2Using the public key of the device 1Encrypting random number r2Then obtaining a ciphertext M2,Private key pair M by device 22Obtaining a signature after signing, signature S2=H1(M2||r2||r1) The ciphertext M2And S2Sending to the device 1;
device 1 receives M2And S2Then, decrypt M2To obtainAfter comparison and decryption r1Whether or not to match a random number r1Is equal, if so, the signature S is verified2If the verification is passed, the validity of (1) is obtainedBy key derivationAlgorithm derived master key
Public key passing through device 2Encrypting random number r2Then obtaining the ciphertextWill verify the passing information VpCiphertext M3,r1,r2Obtaining S after signature3=H1(Vp||M3||r1||r2) And M is3And S3Sending to the device 2;
device 2 receives M3And S3After transmission, decrypt M3To obtainAfter comparison and decryption r2Whether or not to match a random number r2Equality, if equal, verifies the signature S3If the verification is passed, the validity of (1) is obtainedObtaining an encryption key by a key derivation algorithm
Device 1 and device 2 pass encryption keysAnd (3) information interaction between the protection equipment 1 and the equipment 2, namely, finishing the lightweight access authentication of the power Internet of things equipment.
The invention also provides an IBC system-based lightweight access authentication system for the power Internet of things equipment, which comprises the following steps:
the device identity key pair application module is used for applying a target device public and private key pair ciphertext, and comprises: after the target equipment generates a key application parameter, a key generation center KGC generates a target equipment identity public and private key pair according to the unique identification ID of the target equipment, and transmits a public and private key pair ciphertext to the target equipment after encrypting by using a symmetric key;
the device encryption key negotiation module is used for negotiating the encryption key of the target device and other devices, and comprises the steps of introducing a random number negotiation master key based on the identity public and private key pairs of the target device and other devices when the target device and other devices perform information interaction, generating a data encryption key after calculation by adopting a key derivation algorithm, and accessing authentication through the data encryption key.
Optionally, the application of the public and private key pair ciphertext by the target device specifically includes:
the target device selects a random number r first1And isWherein the group of the circulation groups is a circulation group,is of order q and is setA secure one-way hash function ofAccording to r1、q、And target equipment ID, generating the identity key pair application parameter paramas of the target equipment0={ID,r1,q,H(ID||r1) Will apply for the parameter paramas0={ID,r1,q,H(ID||r1) Sending the key to a key generation center KGC;
the KGC of the key generation center receives the application parameter paramas0={ID,r1,q,H(ID||r1) After that, calculating a safety parameter to see k,the security parameter k is input into a parameter generator for operation to generate a system parameter paramas1;
wherein q is a security prime, G1To satisfy the q-order additive subgroup on an elliptic curve of the bilinear mapping property, G2A sub-group of order q of a multiplicative group over a finite field,is G1×G1→G2N is the plaintext data length, P is G1I.e. P ∈ G1,PpubIs the system public key, PpubKs, P, s is the master key factor of the system,Pr=ks,Ppuband PrIs a public and private key pair of the system, H1,H2Is a systematic hash function, where H1:{0,1}*→G1,H2:{0,1}n→G2;
The key generation center KGC uses the system parameters paramas1Sending to the target device and saving the system paramas through the target device1;
Target device generates random number r2For a random number r2Obtaining a symmetric key k from a key derivation algorithm2,k2=KDF(r2) Symmetric key k is generated by key generation center KGC2Encrypting to obtain encrypted symmetric keyAnd calculating a symmetric key based on the target device IDApplying for the parameters, and applying the symmetric keySending the application parameters to a key generation center KGC;
the key generation center KGC receives the symmetric keyAfter applying for the parameters, the symmetric key is verifiedIf the integrity of the application parameter is verified, the symmetric key is decrypted to obtain the integrity of the application parameterAnd extracting the ID of the target equipment, detecting whether the ID of the target equipment is legal or not, and if so, calculating the identity public key P of the target equipmentpub1,Ppub1=H1(ID||Tv) Wherein, TvIs the validity period of the equipment;
the key generation center KGC calculates the identity private key of the target equipment based on the system master key factor and the security parameterSymmetric key k for target equipment identity private key2After encryption, obtainFor the ciphertext of the private keyDevice identity public key Ppub1And TvThe device has an expiration date signature, and obtains signed informationAnd will beSending the data to target equipment;
target device receivesThen, verifyIf the signature information passes the verification, the identity public key P of the target equipment is obtainedpub1Using a symmetric key k2The identity private key of the target equipment is obtained after the private key ciphertext information is decrypted
Optionally, the negotiating an encryption key between the target device and another device includes:
the target device is set as a device 1, the other devices are set as devices 2, and the device ID is set by the device 11And the validity period T of the private keyv1Sent to device 2, device 2 receives the device ID1And the validity period T of the private keyv1Thereafter, the public key of the device 1 is determined, the public key
Device 2 connects device ID2And the validity period T of the private keyv2Sent to the device 1, and the device 1 receives the device ID2And the validity period T of the private keyv2Determining the public key of the device 2, the public key
Device 1 selects a random number r1Using the apparatus2 public keyEncrypting random number r1Then obtaining a ciphertext M1,Private key pair M by device 11Obtaining a signature after signing, signature S1=H1(M1||r1) The ciphertext M1And S1Sending to the device 2;
device 2 receives M1And S1Then, decrypt M1To obtainAnd verifies the signature S1If the verification is passed, selecting a random number r2Using the public key of the device 1Encrypting random number r2Then obtaining a ciphertext M2,Private key pair M by device 22Obtaining a signature after signing, signature S2=H1(M2||r2||r1) The ciphertext M2And S2Sending to the device 1;
device 1 receives M2And S2Then, decrypt M2To obtainAfter comparison and decryption r1Whether or not to match a random number r1Is equal, if so, the signature S is verified2If the verification is passed, the validity of (1) is obtainedDeriving master keys through key derivation algorithms
Public key passing through device 2Encrypting random number r2Then obtaining the ciphertextWill verify the passing information VpCiphertext M3,r1,r2Obtaining S after signature3=H1(Vp||M3||r1||r2) And M is3And S3Sending to the device 2;
device 2 receives M3And S3After transmission, decrypt M3To obtainAfter comparison and decryption r2Whether or not to match a random number r2Equality, if equal, verifies the signature S3If the verification is passed, the validity of (1) is obtainedObtaining an encryption key by a key derivation algorithm
Device 1 and device 2 pass encryption keysAnd (3) information interaction between the protection equipment 1 and the equipment 2, namely, finishing the lightweight access authentication of the power Internet of things equipment.
The method provided by the invention can realize efficient and safe access authentication of the power Internet of things equipment and enhance the safety and intelligent management level of the Internet of things equipment.
Drawings
FIG. 1 is a flow chart of the method of the present invention;
FIG. 2 is a flow chart of the device identity key pair application of the present invention;
FIG. 3 is a flowchart of the device encryption key negotiation of the present invention;
FIG. 4 is a flow chart of the system of the present invention.
Detailed Description
The exemplary embodiments of the present invention will now be described with reference to the accompanying drawings, however, the present invention may be embodied in many different forms and is not limited to the embodiments described herein, which are provided for complete and complete disclosure of the present invention and to fully convey the scope of the present invention to those skilled in the art. The terminology used in the exemplary embodiments illustrated in the accompanying drawings is not intended to be limiting of the invention. In the drawings, the same units/elements are denoted by the same reference numerals.
Unless otherwise defined, terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. Further, it will be understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the relevant art and will not be interpreted in an idealized or overly formal sense.
The invention is further illustrated by the following examples and figures:
in order to realize efficient and safe access authentication of power internet-of-things equipment, the invention provides a lightweight access authentication method of the power internet-of-things equipment based on an IBC system, which mainly comprises two processes of equipment identity key pair application and encryption key negotiation, as shown in FIG. 1, firstly, a key application file is generated by the equipment, a key generation center KGC generates an equipment identity public and private key pair based on an equipment unique identifier ID, and a symmetric key is used for encrypting a private key and transmitting the private key to the equipment; when information interaction is needed between the devices, random numbers are introduced to negotiate a master key based on the identity key pair, and then a data encryption key is obtained by adopting a key derivation algorithm.
The encryption key is generated by a key pair application and key agreement method, so that the problems of information leakage and the like caused by unreliable key generation center due to key escrow can be effectively avoided.
The step of applying for the device identity key pair, as shown in fig. 2, is as follows:
the target device first selects a random number The order of the cyclic group is q.Is a secure one-way hash function. According to the device ID, generating a device identity key pair application parameter paramas0={ID,r1,q,H(ID||r1) And sending the key to a key generation center KGC.
After the key generation center KGC receives the application parameters, the security parameters are calculatedThe security parameter k is input into a parameter generator to be operated to generate a system parameter paramas1。
Wherein q is a security prime, G1To satisfy the q-order additive subgroup on an elliptic curve of the bilinear mapping property, G2A subgroup of order q of the multiplicative group over the finite field.Is G1×G1→G2N is the plaintext data length, P is G1I.e. P ∈ G1,PpubIs the system public key, PpubKs, P, s is the master key factor of the system,Pr=ks,Ppuband PrFor system public and privateA key pair. H1,H2Is a system hash function. Wherein H1:{0,1}*→G1,H2:{0,1}n→G2。
The key generation center KGC uses the system parameters paramas1Sent to the device and stored by the device.
Device generating random number r2Obtaining a symmetric key k based on a key derivation algorithm2=KDF(r2) Generating a central public key pair k using the secret key2Is encrypted to obtainCalculating an identity key pair application parameter based on the equipment ID and sending the identity key pair application parameter to a key generation center KGC;
after receiving the application parameter of the equipment identity key pair, the key generation center KGC firstly verifies the data integrity, and decrypts the data after passing the verification to obtain a symmetric keyAnd extracting the device ID and detecting whether the device ID is legal. If legal, computing equipment identity public key Ppub1I.e. Ppub1=H1(ID||Tv) Wherein, TvIs the device expiration date. Then, the KGC calculates the private key of the equipment identity based on the system master key factor and the security parameterSymmetric key k for private key of equipment identity2After encryption, obtainCipher text of private keyDevice identity public key Ppub1And TvDevice validity period signing obtains signed informationThen will beAnd sending the data to the device.
After the equipment receives the response message of the public and private key pair of the identity, firstly, the signature information is verified, and if the signature passes the verification, the equipment identity public key P is obtainedpub1Using a symmetric key k2The private key of the equipment identity is obtained after the private key ciphertext information is decrypted
The device encryption key negotiation step, as shown in fig. 3, is as follows:
device 1 (target device) associates its own device ID with1And the validity period T of the private keyv1Sent to device 2 (other device) together, and device 2 receives and then calculates device 1 public key
Device 2 identifies itself to device2And the validity period T of the private keyv2Are sent to the device 1 together, and the device 1 receives the public key of the computing device 2
Device 1 selects a random number r1With device 2 public keyObtaining a ciphertext after encryptingThen obtaining S after signing by the private key of the equipment 11=H1(M1||r1) The ciphertext M1And S1Sending to the device 2;
after the device 2 receives the informationFirst, decrypt M1To obtainThe signature S is then verified1After the verification is passed, a random number r is selected2Public key of device 1Obtaining a ciphertext after encryptingThen the S is obtained after the signature is carried out by the private key of the device 22=H1(M2||r2||r1) The ciphertext M2And S2Sending to the device 1;
after receiving the information, the device 1 first decrypts M2To obtainAfter comparison and decryption r1Whether or not it is equal to the original value. If equal, verify the signature S2After the verification is passed, calculatingThen, a key derivation algorithm is adopted to calculate a master keyThereafter using device 2 public keyEncryption r2Then obtaining the ciphertextWill verify the passing information VpCiphertext M3,r1,r2Obtaining S after signature3=H1(Vp||M3||r1||r2) Then M is added3And S3Sending to the device 2;
after receiving the information, the device 2 first decrypts M3To obtainAfter comparison and decryption r2Whether or not it is equal to the original value. If equal, verify the signature S3After the verification is passed, the same calculation is carried outComputing device encryption key using key derivation algorithm
The information interaction between the device 1 and the device 2 is all based on the device encryption key k for security protection.
The invention also provides an IBC system-based lightweight access authentication system 200 for power internet of things devices, as shown in fig. 4, including:
the device identity key pair application module 201 is configured to apply for a target device public and private key pair ciphertext, and includes: after the target equipment generates a key application parameter, a key generation center KGC generates a target equipment identity public and private key pair according to the unique identification ID of the target equipment, and transmits a public and private key pair ciphertext to the target equipment after encrypting by using a symmetric key;
the device encryption key negotiation module 202 is configured to negotiate an encryption key between the target device and another device, and includes that, when the target device and the another device perform information interaction, a random number negotiation master key is introduced based on an identity public and private key pair of the target device and the another device, a data encryption key is generated after calculation by using a key derivation algorithm, that is, authentication is performed through data encryption key access.
Wherein, the application of public and private key pair ciphertext of the target device specifically includes:
the target device selects a random number r first1And isWherein the group of the circulation groups is a circulation group,is of order q and is setA secure one-way hash function ofAccording to r1、q、And target equipment ID, generating the identity key pair application parameter paramas of the target equipment0={ID,r1,q,H(ID||r1) Will apply for the parameter paramas0={ID,r1,q,H(ID||r1) Sending the key to a key generation center KGC;
the KGC of the key generation center receives the application parameter paramas0={ID,r1,q,H(ID||r1) After that, calculating a safety parameter to see k,the security parameter k is input into a parameter generator for operation to generate a system parameter paramas1;
wherein q is a security prime, G1To satisfy the q-order additive subgroup on an elliptic curve of the bilinear mapping property, G2A sub-group of order q of a multiplicative group over a finite field,is G1×G1→G2N is the plaintext data length, P is G1I.e. P ∈ G1,PpubIs the system public key, PpubKs, P, s is the master key factor of the system,Pr=ks,Ppuband PrIs a public and private key pair of the system, H1,H2Is a systematic hash function, where H1:{0,1}*→G1,H2:{0,1}n→G2;
The key generation center KGC uses the system parameters paramas1Sending to the target device and saving the system paramas through the target device1;
Target device generates random number r2For a random number r2Obtaining a symmetric key k from a key derivation algorithm2,k2=KDF(r2) Symmetric key k is generated by key generation center KGC2Encrypting to obtain encrypted symmetric keyAnd calculating a symmetric key based on the target device IDApplying for the parameters, and applying the symmetric keySending the application parameters to a key generation center KGC;
the key generation center KGC receives the symmetric keyAfter applying for the parameters, the symmetric key is verifiedIf the integrity of the application parameter is verified, the symmetric key is decrypted to obtain the integrity of the application parameterAnd extracting the ID of the target equipment, detecting whether the ID of the target equipment is legal or not, and if so, calculating the identity public key P of the target equipmentpub1,Ppub1=H1(ID||Tv) Wherein, TvIs the validity period of the equipment;
the key generation center KGC calculates the identity private key of the target equipment based on the system master key factor and the security parameterSymmetric key k for target equipment identity private key2After encryption, obtainFor the ciphertext of the private keyDevice identity public key Ppub1And TvThe device has an expiration date signature, and obtains signed informationAnd will beSending the data to target equipment;
target device receivesThen, verifyIf the signature information passes the verification, the identity public key P of the target equipment is obtainedpub1Using a symmetric key k2The identity private key of the target equipment is obtained after the private key ciphertext information is decrypted
The encryption key negotiation between the target device and other devices includes:
the target device is set as a device 1, the other devices are set as devices 2, and the device ID is set by the device 11And the validity period T of the private keyv1Sent to device 2, device 2 receives the device ID1And the validity period T of the private keyv1Thereafter, the public key of the device 1 is determined, the public key
Device 2 connects device ID2And the validity period T of the private keyv2Sent to the device 1, and the device 1 receives the device ID2And the validity period T of the private keyv2Determining the public key of the device 2, the public key
Device 1 selects a random number r1Using the public key of device 2Encrypting random number r1Then obtaining a ciphertext M1,Private key pair M by device 11Obtaining a signature after signing, signature S1=H1(M1||r1) The ciphertext M1And S1Sending to the device 2;
device 2 receives M1And S1Then, decrypt M1To obtainAnd verifies the signature S1If the verification is passed, selecting a random number r2Using the public key of the device 1Encrypting random number r2Then obtaining a ciphertext M2,Private key pair M by device 22Obtaining a signature after signing, signature S2=H1(M2||r2||r1) The ciphertext M2And S2Sending to the device 1;
device 1 receives M2And S2Then, decrypt M2To obtainAfter comparison and decryption r1Whether or not to match a random number r1Is equal, if so, the signature S is verified2If the verification is passed, the validity of (1) is obtainedDeriving master keys through key derivation algorithms
Public key passing through device 2Encrypting random number r2Then obtaining the ciphertextWill verify the passing information VpCiphertext M3,r1,r2Obtaining S after signature3=H1(Vp||M3||r1||r2) And M is3And S3Sending to the device 2;
device 2 receives M3And S3After transmission, decrypt M3To obtainAfter comparison and decryption r2Whether or not to match a random number r2Equality, if equal, verifies the signature S3Is a law ofSex, if the verification is passed, obtainingObtaining an encryption key by a key derivation algorithm
Device 1 and device 2 pass encryption keysAnd (3) information interaction between the protection equipment 1 and the equipment 2, namely, finishing the lightweight access authentication of the power Internet of things equipment.
The method provided by the invention can realize efficient and safe access authentication of the power Internet of things equipment and enhance the safety and intelligent management level of the Internet of things equipment.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein. The scheme in the embodiment of the invention can be realized by adopting various computer languages, such as object-oriented programming language Java and transliterated scripting language JavaScript.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.
Claims (6)
1. A lightweight access authentication method for power Internet of things equipment based on an IBC system comprises the following steps:
the application of the public and private key pair of the target equipment to the ciphertext comprises the following steps: after the target equipment generates a key application parameter, a key generation center KGC generates a target equipment identity public and private key pair according to the unique identification ID of the target equipment, and transmits a public and private key pair ciphertext to the target equipment after encrypting by using a symmetric key;
the negotiation of the encryption key between the target equipment and other equipment comprises the steps of introducing a random number negotiation main key based on the identity public and private key pairs of the target equipment and other equipment when the target equipment and other equipment perform information interaction, generating a data encryption key after calculation by adopting a key derivation algorithm, and accessing authentication through the data encryption key.
2. The method of claim 1, wherein the application of the target device public and private key pair ciphertext specifically comprises:
the target device selects a random number r first1And isWherein the group of the circulation groups is a circulation group,is of order q and is setA secure one-way hash function ofAccording to r1、q、And target equipment ID, generating the identity key pair application parameter paramas of the target equipment0={ID,r1,q,H(ID||r1) Will apply for the parameter paramas0={ID,r1,q,H(ID||r1) Sending the key to a key generation center KGC;
the KGC of the key generation center receives the application parameter paramas0={ID,r1,q,H(ID||r1) After that, calculating a safety parameter to see k,the security parameter k is input into a parameter generator for operation to generate a system parameter paramas1;
wherein q is a security prime, G1To satisfy the q-order additive subgroup on an elliptic curve of the bilinear mapping property, G2A sub-group of order q of a multiplicative group over a finite field,is G1×G1→G2N is the plaintext data length, P is G1I.e. P ∈ G1,PpubIs the system public key, PpubKs, P, s is the master key factor of the system,Ppuband PrIs a public and private key pair of the system, H1,H2Is a systematic hash function, where H1:{0,1}*→G1,H2:{0,1}n→G2;
The key generation center KGC uses the system parameters paramas1Sending to the target device and saving the system paramas through the target device1;
Target device generates random number r2For a random number r2Obtaining a symmetric key k from a key derivation algorithm2,k2=KDF(r2) Symmetric key k is generated by key generation center KGC2Encrypting to obtain encrypted symmetric keyAnd according to the target settingSpare ID calculating symmetric keyApplying for the parameters, and applying the symmetric keySending the application parameters to a key generation center KGC;
the key generation center KGC receives the symmetric keyAfter applying for the parameters, the symmetric key is verifiedIf the integrity of the application parameter is verified, the symmetric key is decrypted to obtain the integrity of the application parameterAnd extracting the ID of the target equipment, detecting whether the ID of the target equipment is legal or not, and if so, calculating the identity public key P of the target equipmentpub1,Ppub1=H1(ID||Tv) Wherein, TvIs the validity period of the equipment;
the key generation center KGC calculates the identity private key of the target equipment based on the system master key factor and the security parameterSymmetric key k for target equipment identity private key2After encryption, obtainFor the ciphertext of the private keyDevice identity public key Ppub1And TvThe device has an expiration date signature, and obtains signed informationAnd will beSending the data to target equipment;
3. The method of claim 1, the target device's encryption key negotiation with other devices, comprising:
the target device is set as a device 1, the other devices are set as devices 2, and the device ID is set by the device 11And the validity period T of the private keyv1Sent to device 2, device 2 receives the device ID1And the validity period T of the private keyv1Thereafter, the public key of the device 1 is determined, the public key
Device 2 connects device ID2And the validity period T of the private keyv2To the device 1, setStandby 1 receives the device ID2And the validity period T of the private keyv2Determining the public key of the device 2, the public key
Device 1 selects a random number r1Using the public key of device 2Encrypting random number r1Then obtaining a ciphertext M1,Private key pair M by device 11Obtaining a signature after signing, signature S1=H1(M1||r1) The ciphertext M1And S1Sending to the device 2;
device 2 receives M1And S1Then, decrypt M1To obtainAnd verifies the signature S1If the verification is passed, selecting a random number r2Using the public key of the device 1Encrypting random number r2Then obtaining a ciphertext M2,Private key pair M by device 22Obtaining a signature after signing, signature S2=H1(M2||r2||r1) The ciphertext M2And S2Sending to the device 1;
device 1 receives M2And S2Then, decrypt M2To obtainAfter comparison and decryptionr1Whether or not to match a random number r1Is equal, if so, the signature S is verified2If the verification is passed, the validity of (1) is obtainedDeriving master keys through key derivation algorithms
Public key passing through device 2Encrypting random number r2Then obtaining the ciphertextWill verify the passing information VpCiphertext M3,r1,r2Obtaining S after signature3=H1(Vp||M3||r1||r2) And M is3And S3Sending to the device 2;
device 2 receives M3And S3After transmission, decrypt M3To obtainAfter comparison and decryption r2Whether or not to match a random number r2Equality, if equal, verifies the signature S3If the verification is passed, the validity of (1) is obtainedObtaining an encryption key by a key derivation algorithm
4. An IBC system-based lightweight access authentication system for power Internet of things equipment, the system comprising:
the device identity key pair application module is used for applying a target device public and private key pair ciphertext, and comprises: after the target equipment generates a key application parameter, a key generation center KGC generates a target equipment identity public and private key pair according to the unique identification ID of the target equipment, and transmits a public and private key pair ciphertext to the target equipment after encrypting by using a symmetric key;
the device encryption key negotiation module is used for negotiating the encryption key of the target device and other devices, and comprises the steps of introducing a random number negotiation master key based on the identity public and private key pairs of the target device and other devices when the target device and other devices perform information interaction, generating a data encryption key after calculation by adopting a key derivation algorithm, and accessing authentication through the data encryption key.
5. The system of claim 4, wherein the application of the target device public and private key pair ciphertext specifically comprises:
the target device selects a random number r first1And isWherein the group of the circulation groups is a circulation group,is of order q and is setA secure one-way hash function ofAccording to r1、q、And target equipment ID, generating the identity key pair application parameter paramas of the target equipment0={ID,r1,q,H(ID||r1) Will apply for the parameter paramas0={ID,r1,q,H(ID||r1) Sending the key to a key generation center KGC;
the KGC of the key generation center receives the application parameter paramas0={ID,r1,q,H(ID||r1) After that, calculating a safety parameter to see k,the security parameter k is input into a parameter generator for operation to generate a system parameter paramas1;
wherein q is a security prime, G1To satisfy the q-order additive subgroup on an elliptic curve of the bilinear mapping property, G2A sub-group of order q of a multiplicative group over a finite field,is G1×G1→G2N is the plaintext data length, P is G1I.e. P ∈ G1,PpubIs the system public key, PpubKs, P, s is the master key factor of the system,Ppuband PrIs a public and private key pair of the system, H1,H2Is a systematic hash function, where H1:{0,1}*→G1,H2:{0,1}n→G2;
The key generation center KGC uses the system parameters paramas1Sending to the target device and saving the system paramas through the target device1;
Target device generates random number r2For a random number r2Obtaining a symmetric key k from a key derivation algorithm2,k2=KDF(r2) Symmetric key k is generated by key generation center KGC2Encrypting to obtain encrypted symmetric keyAnd calculating a symmetric key based on the target device IDApplying for the parameters, and applying the symmetric keySending the application parameters to a key generation center KGC;
the key generation center KGC receives the symmetric keyAfter applying for the parameters, the symmetric key is verifiedIf the integrity of the application parameter is verified, the symmetric key is decrypted to obtain the integrity of the application parameterAnd extracting the ID of the target device and detecting whether the ID of the target device is presentIf legal, calculating the public key P of target device identitypub1,Ppub1=H1(ID||Tv) Wherein, TvIs the validity period of the equipment;
the key generation center KGC calculates the identity private key of the target equipment based on the system master key factor and the security parameterSymmetric key k for target equipment identity private key2After encryption, obtainFor the ciphertext of the private keyDevice identity public key Ppub1And TvThe device has an expiration date signature, and obtains signed informationAnd will beSending the data to target equipment;
6. The system of claim 4, the target device to encrypt key negotiations with other devices, comprising:
the target device is set as a device 1, the other devices are set as devices 2, and the device ID is set by the device 11And the validity period T of the private keyv1Sent to device 2, device 2 receives the device ID1And the validity period T of the private keyv1Thereafter, the public key of the device 1 is determined, the public key
Device 2 connects device ID2And the validity period T of the private keyv2Sent to the device 1, and the device 1 receives the device ID2And the validity period T of the private keyv2Determining the public key of the device 2, the public key
Device 1 selects a random number r1Using the public key of device 2Encrypting random number r1Then obtaining a ciphertext M1,Private key pair M by device 11Obtaining a signature after signing, signature S1=H1(M1||r1) The ciphertext M1And S1Sending to the device 2;
device 2 receives M1And S1Then, decrypt M1To obtainAnd verifies the signature S1If the verification is passed, selecting a random number r2Using the public key of the device 1Encrypting random number r2Then obtaining a ciphertext M2,Private key pair M by device 22Obtaining a signature after signing, signature S2=H1(M2||r2||r1) The ciphertext M2And S2Sending to the device 1;
device 1 receives M2And S2Then, decrypt M2To obtainAfter comparison and decryption r1Whether or not to match a random number r1Is equal, if so, the signature S is verified2If the verification is passed, the validity of (1) is obtainedDeriving master keys through key derivation algorithms
Public key passing through device 2Encrypting random number r2Then obtaining the ciphertextWill verify the passing information VpCiphertext M3,r1,r2Obtaining S after signature3=H1(Vp||M3||r1||r2) And M is3And S3Sending to the device 2;
device 2 receives M3And S3After transmission, decrypt M3To obtainAfter comparison and decryption r2Whether or not to match a random number r2Equal to, if equal toEtc., verifying the signature S3If the verification is passed, the validity of (1) is obtainedObtaining an encryption key by a key derivation algorithm
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110830359.1A CN113704736A (en) | 2021-07-22 | 2021-07-22 | Lightweight access authentication method and system for power Internet of things equipment based on IBC system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110830359.1A CN113704736A (en) | 2021-07-22 | 2021-07-22 | Lightweight access authentication method and system for power Internet of things equipment based on IBC system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN113704736A true CN113704736A (en) | 2021-11-26 |
Family
ID=78650381
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110830359.1A Pending CN113704736A (en) | 2021-07-22 | 2021-07-22 | Lightweight access authentication method and system for power Internet of things equipment based on IBC system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113704736A (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114363086A (en) * | 2022-01-24 | 2022-04-15 | 北京北卡星科技有限公司 | Industrial internet data encryption transmission method based on stream cipher |
CN114900337A (en) * | 2022-04-19 | 2022-08-12 | 贵州电网有限责任公司 | Authentication encryption method and system suitable for power chip |
CN114928491A (en) * | 2022-05-20 | 2022-08-19 | 国网江苏省电力有限公司信息通信分公司 | Internet of things security authentication method, device and system based on identification cryptographic algorithm |
CN115065466A (en) * | 2022-06-23 | 2022-09-16 | 中国电信股份有限公司 | Key agreement method, key agreement device, electronic equipment and computer-readable storage medium |
CN115242468A (en) * | 2022-07-07 | 2022-10-25 | 广州河东科技有限公司 | RS485 bus-based secure communication system and method thereof |
CN116192389A (en) * | 2023-04-26 | 2023-05-30 | 杭州海康威视数字技术股份有限公司 | Lightweight device communication key negotiation method, device, equipment and system |
WO2024027070A1 (en) * | 2022-08-03 | 2024-02-08 | 中国电力科学研究院有限公司 | Terminal device authentication method and system based on identification public key, and computer-readable storage medium |
-
2021
- 2021-07-22 CN CN202110830359.1A patent/CN113704736A/en active Pending
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114363086A (en) * | 2022-01-24 | 2022-04-15 | 北京北卡星科技有限公司 | Industrial internet data encryption transmission method based on stream cipher |
CN114363086B (en) * | 2022-01-24 | 2024-04-12 | 北京北卡星科技有限公司 | Industrial Internet data encryption transmission method based on stream cipher |
CN114900337A (en) * | 2022-04-19 | 2022-08-12 | 贵州电网有限责任公司 | Authentication encryption method and system suitable for power chip |
CN114900337B (en) * | 2022-04-19 | 2024-04-05 | 贵州电网有限责任公司 | Authentication encryption method and system suitable for power chip |
CN114928491A (en) * | 2022-05-20 | 2022-08-19 | 国网江苏省电力有限公司信息通信分公司 | Internet of things security authentication method, device and system based on identification cryptographic algorithm |
CN115065466A (en) * | 2022-06-23 | 2022-09-16 | 中国电信股份有限公司 | Key agreement method, key agreement device, electronic equipment and computer-readable storage medium |
CN115065466B (en) * | 2022-06-23 | 2024-01-19 | 中国电信股份有限公司 | Key negotiation method, device, electronic equipment and computer readable storage medium |
CN115242468A (en) * | 2022-07-07 | 2022-10-25 | 广州河东科技有限公司 | RS485 bus-based secure communication system and method thereof |
CN115242468B (en) * | 2022-07-07 | 2023-05-26 | 广州河东科技有限公司 | Safe communication system and method based on RS485 bus |
WO2024027070A1 (en) * | 2022-08-03 | 2024-02-08 | 中国电力科学研究院有限公司 | Terminal device authentication method and system based on identification public key, and computer-readable storage medium |
CN116192389A (en) * | 2023-04-26 | 2023-05-30 | 杭州海康威视数字技术股份有限公司 | Lightweight device communication key negotiation method, device, equipment and system |
CN116192389B (en) * | 2023-04-26 | 2023-07-25 | 杭州海康威视数字技术股份有限公司 | Lightweight device communication key negotiation method, device, equipment and system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111740828B (en) | Key generation method, device and equipment and encryption and decryption method | |
CN113704736A (en) | Lightweight access authentication method and system for power Internet of things equipment based on IBC system | |
CN112887338B (en) | Identity authentication method and system based on IBC identification password | |
US20210111877A1 (en) | Systems and methods for generating signatures | |
EP3349393B1 (en) | Mutual authentication of confidential communication | |
CN109831430B (en) | Safe, controllable and efficient data sharing method and system under cloud computing environment | |
CN108418686A (en) | A kind of how distributed SM9 decryption methods and medium and key generation method | |
US9698984B2 (en) | Re-encrypted data verification program, re-encryption apparatus and re-encryption system | |
US11870891B2 (en) | Certificateless public key encryption using pairings | |
CN110933033B (en) | Cross-domain access control method for multiple Internet of things domains in smart city environment | |
CN109861956B (en) | Data verification system, method, device and equipment based on state channel | |
CN107682152B (en) | Group key negotiation method based on symmetric cipher | |
US20190044922A1 (en) | Symmetric key identity systems and methods | |
CN106713349B (en) | Inter-group proxy re-encryption method capable of resisting attack of selecting cipher text | |
CN103414559A (en) | Identity authentication method based on IBE-like system in cloud computing environment | |
JP5324813B2 (en) | Key generation apparatus, certificate generation apparatus, service provision system, key generation method, certificate generation method, service provision method, and program | |
CN113098681B (en) | Port order enhanced and updatable blinded key management method in cloud storage | |
CN111245594B (en) | Homomorphic operation-based collaborative signature method and system | |
WO2020115266A1 (en) | Methods and devices for secured identity-based encryption systems with two trusted centers | |
CN116232759A (en) | Mist-blockchain assisted smart grid aggregation authentication method | |
CN113572612B (en) | Private key distribution method for SM9 cryptographic algorithm, user terminal and key generation center | |
CN114697001B (en) | Information encryption transmission method, equipment and medium based on blockchain | |
CN115603891A (en) | Independently controllable ciphertext data security calculation method and system | |
CN114070570A (en) | Safe communication method of power Internet of things | |
CN113779593A (en) | Identity-based dual-server authorization ciphertext equivalence determination method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |