CN115865357A - Batch pseudonym authentication method based on periodic update - Google Patents
Batch pseudonym authentication method based on periodic update Download PDFInfo
- Publication number
- CN115865357A CN115865357A CN202211369737.1A CN202211369737A CN115865357A CN 115865357 A CN115865357 A CN 115865357A CN 202211369737 A CN202211369737 A CN 202211369737A CN 115865357 A CN115865357 A CN 115865357A
- Authority
- CN
- China
- Prior art keywords
- domain
- user
- authentication
- cross
- pseudonym
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 35
- 230000000737 periodic effect Effects 0.000 title claims description 7
- 238000012795 verification Methods 0.000 claims description 5
- 230000008569 process Effects 0.000 abstract description 14
- 238000004891 communication Methods 0.000 abstract description 11
- 238000002474 experimental method Methods 0.000 description 27
- 230000007246 mechanism Effects 0.000 description 8
- 238000010586 diagram Methods 0.000 description 6
- 230000003993 interaction Effects 0.000 description 5
- 238000004364 calculation method Methods 0.000 description 3
- 238000004458 analytical method Methods 0.000 description 2
- 238000012550 audit Methods 0.000 description 2
- 230000000977 initiatory effect Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
Images
Abstract
The invention belongs to the technical field of cross-domain authentication, and particularly relates to a batch pseudonym authentication method based on regular updating. The invention provides a plurality of pseudonyms for the user, allows the user to repeatedly use the pseudonyms within a period of time, introduces the token authentication method, allows the pseudonyms to be repeatedly used by the same user within a period of time, is suitable for the user who frequently initiates cross-domain authentication, reduces the overhead of the pseudonyms to a certain extent, enhances the utilization rate and the unlinkability of the pseudonyms, and reduces the load of KGC and the communication traffic in the whole cross-domain authentication process.
Description
Technical Field
The invention belongs to the technical field of cross-domain authentication, and particularly relates to a batch pseudonym authentication method based on regular updating.
Background
With the development of scientific technology, the personal privacy of users becomes more and more important. In the cross-domain authentication process, identity authentication is required, but identity information of a user is likely to be leaked. The cross-domain authentication based on the pseudonym ensures that personal information of a user is not leaked, but the current scheme generally only allows the pseudonym to be used once in order to ensure the absolute security of the identity of the user, and although the unlinkable row of the pseudonym is improved to a certain extent, the overhead of the pseudonym is greatly increased. In a pseudonym authentication scheme based on a PKI system, a user needs to carry a large number of pseudonym certificates, intra-domain CA needs to issue certificates for the user continuously, and the communication volume is large; in identity-based authentication, only pseudonyms and private keys need to be issued to users, and the amount of communication and calculation is relatively small. Therefore, no matter the cross-domain authentication based on the system, the pseudonymous overhead and the communication traffic of the existing scheme are large.
Disclosure of Invention
The invention aims to provide a batch pseudonym authentication method based on periodic updating.
A batch pseudonym authentication method based on periodic update comprises the following steps:
1) A user initiates an application to a KGC in a domain to request to become a member in the domain; the KGC in the domain audits the user identity, and after the audit is passed, a pseudonym and a corresponding private key are issued to the user;
2) When a user has a cross-domain authentication request, selecting one pseudonym from the pseudonyms issued by the KGC to communicate with an authentication server in a requested domain;
in the step, the user interacts with the requested intra-domain authentication server by using the pseudonym for the first time, firstly, the user sends a request to the requested intra-domain authentication server and informs the authentication server of the request of cross-domain authentication; the requested intra-domain authentication server sends a random character string to the user; the user signs the signature after receiving the signature; the user sends the signed result and the public key of the KGC in the domain to an authentication server in the requested domain;
3) After receiving the result signed by the user and the public key of the KGC in the domain, the authentication server in the requested domain judges whether the signature value is correct or not through an SM9 algorithm; if the signature value is correct, the authentication server in the requested domain issues a token to the user, the local end designates the token use duration, the cross-domain authentication record is stored in the block chain, the user pseudonym is sent to the information service entity requested by the user, and the intra-domain service entity is informed to allow the user to access the resource; if not, rejecting its access request; when detecting that the intra-domain user is a malicious user, the intra-domain authentication server publishes a pseudonym used by the user on a block chain, and each intra-domain authentication server can check whether resources in the self-domain are leaked;
4) When a user initiates a request to the same domain again within a token use duration, the user uses a pseudonym to interact with an authentication server in a requested domain, firstly, the user sends the token to the authentication server in the requested domain, the authentication server in the requested domain verifies whether the token of the user is overdue or not, queries whether the user name is in a block chain or not, and if the user name is in the block chain, the user name is indicated to be a malicious user and rejects the access of the user; if not, allowing the user to access the resources in the domain, and storing the cross-domain authentication record on the blockchain; and if the first cross-domain authentication step is expired, repeating the first cross-domain authentication step.
The invention has the beneficial effects that:
the invention provides a plurality of pseudonyms for the user, allows the user to repeatedly use the pseudonyms within a period of time, introduces the token authentication method, allows the pseudonyms to be repeatedly used by the same user within a period of time, is suitable for the user frequently initiating cross-domain authentication, reduces the pseudonym overhead to a certain extent, enhances the pseudonym utilization rate and unlinkability, and reduces the KGC burden and the communication traffic in the whole cross-domain authentication process.
Drawings
FIG. 1 is a general architecture diagram of the present invention.
Fig. 2 is an interaction diagram of the pseudonym distribution phase of the present invention.
Fig. 3 is an interaction diagram of a first cross-domain authentication phase of a user in the present invention.
FIG. 4 is a diagram of interaction of a user in a token duration of use in a cross-domain authentication phase again.
Fig. 5 is a time length chart of anonymous authentication of the internet of vehicles for the first authentication.
FIG. 6 is a diagram of the first authentication duration of M-false.
FIG. 7 is a comparison graph of the time consumption of multiple cross-domain authentications within 30 min.
FIG. 8 is a comparison graph of the time consumption for multiple cross-domain authentications within 45 min.
FIG. 9 is a comparison graph of the time consumption for multiple cross-domain authentications within 60 min.
Fig. 10 is a comparison graph of the pseudonym overhead of ten cross-domain authentications performed at different times.
Detailed Description
The invention is further described below with reference to the accompanying drawings.
The invention relates to a batch pseudonym authentication method (M-false) based on regular update in a cross-domain authentication process by combining an anonymous authentication method. The invention is applied to the cross-domain authentication process, provides a plurality of pseudonyms for the user, allows the user to repeatedly use the pseudonyms within a period of time, introduces the token authentication method, allows the pseudonyms to be repeatedly used by the same user within a period of time, and enhances the pseudonym use rate and unlinkability to a certain extent.
The flow chart of the present invention is shown in fig. 1. When a user wants to become a member in a certain domain, firstly, an application is initiated to KGC in the domain to request to become a member in the domain, the KGC in the domain verifies the user identity, and after the verification is passed, a pseudonym and a corresponding private key are issued to the user. When the user has a cross-domain authentication request, one pseudonym issued by the KGC is selected to communicate with the authentication server in the requested domain. After the authentication is successful, the requested intra-domain authentication server sends a token to the user, the token use duration is specified at the local end, and the user initiates a request to the same domain again within the token use duration, so that the complex communication traffic and the complex calculation amount can be avoided. When detecting that the intra-domain user is a malicious user, the intra-domain authentication servers publish the pseudonym used by the user on the block chain, and each intra-domain authentication server can check whether the resources in the own domain are leaked.
As shown in fig. 2, a user applies for joining a certain domain, the KGC in the domain verifies the user identity, issues a batch of pseudonyms and corresponding private keys to the user after the verification is passed, and sends the corresponding relationship between the user name and the pseudonym to the authentication server in the domain.
As shown in fig. 3step1-step3, the user selects a pseudonym to initiate a cross-domain authentication request to the requested intra-domain authentication server.
In the step, the user interacts with the requested intra-domain authentication server by using the pseudonym for the first time, firstly, the user sends a request to the requested intra-domain authentication server and informs the authentication server of the request of cross-domain authentication; the requested intra-domain authentication server sends a random character string to the user, wherein the character length is 4; the user signs the signature after receiving the signature; and the user sends the signed result and the public key of the KGC in the domain to an authentication server in the requested domain.
As shown in step4 of fig. 3, the requested intra-domain authentication server verifies the user identity, performs signature and signature verification processes, and sends the user token value to the user, and the user can use the token to initiate a request next time the cross-domain authentication is performed.
After the authentication server in the requested domain receives the result signed by the user and the public key of the KGC in the domain, the authentication server in the requested domain judges whether the signature value is correct or not through an SM9 algorithm; if the signature value is correct, issuing a token to the user and storing the cross-domain authentication record into the block chain; sending the user pseudonym to an information service entity requested by the user, and informing an intra-domain service entity to allow the user to access the resource of the user; if not, rejecting its access request;
an interaction diagram for performing cross-domain authentication within token duration is shown in fig. 4.
In the phase, the user uses the pseudonym to interact with the requested intra-domain authentication server, and firstly, the user sends the token to the requested intra-domain authentication server; secondly, the requested intra-domain authentication server verifies whether the user token is expired or not, queries whether the user name is in the block chain or not, and if the user name is in the block chain, the user name is a malicious user and refuses the access of the malicious user; finally, if the user is not overdue, allowing the user to access resources in the domain, and storing the cross-domain authentication records on the blockchain; and if the first cross-domain authentication step is expired, repeating the first cross-domain authentication step.
When a user accesses other domains by using a pseudonym for the first time, in order to improve the cross-domain authentication efficiency and save the cross-domain authentication time in a subsequent request, a token is given to the user and the use time of the token is set to be 30min, and when the subsequent access time of the user is in the expiration range of the token, the requested domain authentication server only needs to judge whether the user is a malicious user; if the token is expired, the request of cross-domain authentication needs to be performed again.
The Token generation algorithm is obtained by encrypting the time stamp by the authentication server side key. In the encryption method, the authentication server does not need to locally store the user token, so that the storage space is saved.
The Token verification algorithm judges whether the time for initiating the request exceeds Token failure time, when the user uses the Token to request resources in the domain again, the authentication server judges whether the Token is overdue after decrypting by using the key, and if the Token is overdue, the user needs to perform the process of cross-domain authentication again for the first time.
To verify the validity of the proposed model, the following three experiments were designed. Comparing the first cross-domain authentication duration of the two models by an experiment; experiment two compares the time-consuming overhead of multiple cross-domain authentications within different durations; experiment three compares the pseudonym costs of the two models. And recording the time consumption, the communication traffic and the pseudonymous overhead of the multi-time cross-domain authentication process.
Experiment one: first cross-domain authentication access duration
In the experiment, the time length of the first cross-domain authentication of the two models is compared, multiple experiments are designed, and the average value of the experiments is taken, wherein the two models are both based on an SM9 encryption algorithm.
The parameters that need to be kept consistent in this experiment are shown in the following table:
TABLE 1 description of the parameters
Experiment two: multiple cross-domain authentication performance analysis
In the experiment, in order to compare the processing performance of the two models on the cross-domain authentication request, four groups of comparison experiments are designed, and the average time length of the cross-domain authentication performed by a single user for multiple times in different time periods and the pseudonymous cost in different time periods are respectively tested. In order to better compare the difference between the two models, the KGC issues three pseudonyms for the user every time, the time length is increased from 30min to 15min and 60min every time, and the cross-domain authentication times are 10 times, 50 times and 100 times respectively.
The parameters that need to be kept consistent in this experiment are shown in the following table:
TABLE 2 description of the parameters
Experiment three: pseudonym overhead comparison
In the experiment, a single user accesses other domains in different time periods, and the pseudonymous cost of the user is calculated. It is assumed that KGC provides the user with three pseudonyms at a time in the M-Flase mechanism. The access time range is increased by 60min from 30min, namely the allowed time of one token, one increase period T is 15min, and the access times are 10.
The experimental results are as follows:
experiment one: first cross-domain authentication access duration
Experiment the time length for performing cross-domain authentication on one domain is calculated for the first time by using a pair of two models, and the experimental result is shown in fig. 5 and 6.
From fig. 5 and fig. 6, it can be seen that the first authentication time length of the anonymous authentication of the internet of vehicles is 819ms, and the first authentication time length in the m-false model is 564ms. Because both models are based on the same encryption algorithm and both require the processes of parameter generation and private key generation, the time for parameter generation and private key generation is the same. In the anonymous identity authentication of the Internet of vehicles, two vehicle parties need to authenticate each other, but in the M-false model, the authentication server is a trusted party, and only the authentication server needs to judge whether the user identity is legal or not.
Experiment two: multiple cross-domain authentication performance analysis
The average time length of multiple cross-domain authentication of a single user in different time periods and the pseudonym expenses in different time periods are respectively tested. In order to better compare the difference between the two models, the KGC issues three pseudonyms for the user every time, the time length is increased from 30min to 15min and 60min every time, and the cross-domain authentication times are 10 times, 50 times and 100 times respectively.
The experiment calculates the average time length of multiple cross-domain authentications performed by a single user in different time periods, wherein the time is respectively 30min, 45min and 60min, the token time length is set to be 30min, the cross-domain authentications are performed for 10 times, 50 times and 100 times, and the experiment result is shown in fig. 7, fig. 8 and fig. 9.
As can be seen from the three figures, the M-false model performs cross-domain authentication on the same domain in one token, and except for frequent interaction required for the first time, authentication at each time needs to verify whether the user token is invalid or not. The time to verify token is 1ms, so that only 1ms needs to be added for each cross-domain authentication after the first time. In the anonymous authentication mechanism of the internet of vehicles, each pseudonym is allowed to be used only once, so that a new unused pseudonym needs to be obtained from a block chain when cross-domain authentication is performed each time, a complete cross-domain authentication process needs to be performed once, the time duration of one-time authentication is 819ms through calculation of an experiment, and 819ms is needed for each authentication. In the anonymous authentication mechanism of the Internet of vehicles, the time consumption in the authentication process has no relation with the time for carrying out authentication. In the M-false model, in order to improve the efficiency of cross-domain authentication, after the first authentication is successful, the authentication server of the requested domain sends the requested domain to a token of the user, and the using time of the token is set to be 30min, namely, the user can always use the token for authentication within 30min, the requested domain authentication server only needs to judge whether the token is expired or not and whether the user is a malicious user, and when the user request cross-domain authentication time exceeds the token expiration time, the process of the first authentication needs to be carried out again. The using time of the token is set to be 30min in the code, so that the time consumption of the user for performing cross-domain authentication for the same times in 45min and 60min is the same.
Experiment three: pseudonym overhead comparison
In the experiment, cross-domain authentication pseudonym overhead comparison is performed for the same times in different time periods, and the comparison result is shown in fig. 10.
As seen from fig. 10, the pseudonym overhead in the anonymous authentication mechanism for the internet of vehicles is irrelevant to the time range, and in the anonymous authentication mechanism for the internet of vehicles, in order to ensure absolute unlinkability of the real identity of the user, a new pseudonym needs to be used for authentication each time of authentication, so the pseudonym overhead is large. In the M-false model, KGC sends three pseudonyms to the user every two hours, and the user uses the new pseudonyms to interact with other domains after receiving the new pseudonyms. In a periodic updating period, the M-false pseudonym overhead is unchanged no matter how many times of cross-domain authentication is performed by a user, and after one period is exceeded, the pseudonym overhead is doubled. The experimental result shows that the M-false model is suitable for users who frequently initiate cross-domain authentication, reduces the overhead of pseudonyms to a certain extent, and reduces the load of KGC and the communication traffic in the whole cross-domain authentication process.
A flowchart of a batch pseudonym authentication method based on periodic update is shown in fig. 1. The method is divided into two stages, namely a pseudonym distribution stage and a cross-domain authentication stage (first access and token time length access), which are respectively shown in fig. 2, 3 and 4. In order to prove the effectiveness of the proposed method, an experiment is designed to compare the method with an anonymous authentication method based on the Internet of vehicles, and the time duration of the first cross-domain authentication, the time consumption expense of multiple cross-domain authentications in different time periods and the communication traffic of multiple cross-domain authentications on multiple domains in different time periods are respectively compared. The first authentication time length of the anonymous authentication of the Internet of vehicles is 819ms through a comparison experiment, and the first authentication time length in the M-false method is 564ms; in multiple cross-domain authentication experiments in different time periods, the communication traffic of the M-false method is far smaller than that of an anonymous authentication method based on the Internet of vehicles due to the introduction of a token authentication mechanism; the traffic experiment that cross-domain authentication is carried out on a plurality of domains in different time lengths can obtain that the pseudonym cost in the anonymous authentication mechanism of the Internet of vehicles is irrelevant to the time range, and in the anonymous authentication mechanism of the Internet of vehicles, in order to ensure the absolute unlinkability of the real identity of a user, a new pseudonym is required to be used for authentication every time of authentication, so the pseudonym cost is higher. The M-false model is suitable for users who frequently initiate cross-domain authentication, reduces the overhead of pseudonyms to a certain extent, and reduces the load of KGC and the communication traffic in the whole cross-domain authentication process.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (1)
1. A batch pseudonym authentication method based on periodic update is characterized by comprising the following steps:
1) A user initiates an application to a KGC in a domain to request to become a member in the domain; the KGC in the domain verifies the user identity, and issues a pseudonym and a corresponding private key to the user after the verification is passed;
2) When a user has a cross-domain authentication request, selecting one pseudonym from the pseudonyms issued by the KGC to communicate with an authentication server in a requested domain;
in the step, the user interacts with the requested intra-domain authentication server by using the pseudonym for the first time, firstly, the user sends a request to the requested intra-domain authentication server and informs the authentication server of the request of cross-domain authentication; the requested intra-domain authentication server sends a random character string to the user; the user signs the signature after receiving the signature; the user sends the signed result and the public key of the KGC in the domain to an authentication server in the requested domain;
3) After receiving the result signed by the user and the public key of the KGC in the domain, the authentication server in the requested domain judges whether the signature value is correct or not through an SM9 algorithm; if the signature value is correct, the authentication server in the requested domain issues a token to the user, the local end designates the token use duration, the cross-domain authentication record is stored in the block chain, the user pseudonym is sent to the information service entity requested by the user, and the intra-domain service entity is informed to allow the user to access the resource; if not, rejecting its access request; when detecting that the intra-domain user is a malicious user, the intra-domain authentication server publishes a pseudonym used by the user on a block chain, and each intra-domain authentication server can check whether resources in the self-domain are leaked;
4) When a user initiates a request to the same domain again within a token use duration, the user uses a pseudonym to interact with an authentication server in a requested domain, firstly, the user sends the token to the authentication server in the requested domain, the authentication server in the requested domain verifies whether the token of the user is expired or not, inquires whether a user name is in a block chain or not, and if the user name is in the block chain, the user name is a malicious user and refuses the access of the user name; if not, allowing the user to access the resources in the domain, and storing the cross-domain authentication record on the blockchain; and if the first cross-domain authentication step is expired, repeating the first cross-domain authentication step.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211369737.1A CN115865357A (en) | 2022-11-03 | 2022-11-03 | Batch pseudonym authentication method based on periodic update |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211369737.1A CN115865357A (en) | 2022-11-03 | 2022-11-03 | Batch pseudonym authentication method based on periodic update |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115865357A true CN115865357A (en) | 2023-03-28 |
Family
ID=85662372
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211369737.1A Pending CN115865357A (en) | 2022-11-03 | 2022-11-03 | Batch pseudonym authentication method based on periodic update |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115865357A (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109743172A (en) * | 2018-12-06 | 2019-05-10 | 国网山东省电力公司电力科学研究院 | Based on alliance's block chain V2G network cross-domain authentication method, information data processing terminal |
| CA3034665A1 (en) * | 2019-02-22 | 2020-08-22 | The Toronto-Dominion Bank | Methods and systems for controlling access to a protected resource |
-
2022
- 2022-11-03 CN CN202211369737.1A patent/CN115865357A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109743172A (en) * | 2018-12-06 | 2019-05-10 | 国网山东省电力公司电力科学研究院 | Based on alliance's block chain V2G network cross-domain authentication method, information data processing terminal |
| CA3034665A1 (en) * | 2019-02-22 | 2020-08-22 | The Toronto-Dominion Bank | Methods and systems for controlling access to a protected resource |
Non-Patent Citations (3)
| Title |
|---|
| 关振宇: "一种基于区块链的车联网跨域认证方案", 网络空间安全, vol. 11, no. 9, 16 September 2020 (2020-09-16), pages 62 - 69 * |
| 谢艳容;马文平;罗维;: "一种新的信息服务实体跨域认证模型", 计算机科学, no. 09, 15 September 2018 (2018-09-15) * |
| 陈葳葳;曹利;邵长虹;: "基于区块链技术的车联网高效匿名认证方案", 计算机应用, no. 10, 31 December 2020 (2020-12-31) * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Xu et al. | An identity management and authentication scheme based on redactable blockchain for mobile networks | |
| US10979418B2 (en) | Template-based distributed certificate issuance in a multi-tenant environment | |
| Yu et al. | Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage | |
| US8281149B2 (en) | Privacy-preserving flexible anonymous-pseudonymous access | |
| CN108737436A (en) | Based on the cross-domain services device identity identifying method for trusting alliance's block chain | |
| US20070130463A1 (en) | Single one-time password token with single PIN for access to multiple providers | |
| JP2019149833A (en) | Parameter based key derivation | |
| Ghaffar et al. | An improved authentication scheme for remote data access and sharing over cloud storage in cyber-physical-social-systems | |
| Isaakidis et al. | UnlimitID: Privacy-preserving federated identity management using algebraic MACs | |
| Xue et al. | A distributed authentication scheme based on smart contract for roaming service in mobile vehicular networks | |
| KR20120104193A (en) | Method and system for entity public key acquiring, certificate validation and authentication by introducing an online credible third party | |
| US11831778B2 (en) | zkMFA: zero-knowledge based multi-factor authentication system | |
| Rabaninejad et al. | An identity-based online/offline secure cloud storage auditing scheme | |
| Win et al. | Privacy enabled digital rights management without trusted third party assumption | |
| Li et al. | Practical deniable authentication for pervasive computing environments | |
| Parameswarath et al. | A privacy-preserving authenticated key exchange protocol for V2G communications using SSI | |
| Russell | Fast checking of individual certificate revocation on small systems | |
| Deng et al. | A lightweight identity-based remote data auditing scheme for cloud storage | |
| Liu et al. | An efficient fine-grained data access control system with a bounded service number | |
| Ozcelik et al. | Cryptorevocate: A cryptographic accumulator based distributed certificate revocation list | |
| CN114944953B (en) | Certificate-free anonymous authentication method for road condition monitoring in Internet of vehicles environment | |
| CN116827584A (en) | Method for certificateless anonymous cross-domain authentication of Internet of things equipment based on blockchain | |
| CN115865357A (en) | Batch pseudonym authentication method based on periodic update | |
| Gu et al. | WPKI certificate verification scheme based on certificate digest signature-online certificate status protocol | |
| CN111682941A (en) | Centralized identity management, distributed authentication and authorization method based on cryptography |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |