CN117395650A - Communication method, communication device, electronic equipment and storage medium - Google Patents

Communication method, communication device, electronic equipment and storage medium Download PDF

Info

Publication number
CN117395650A
CN117395650A CN202311388211.2A CN202311388211A CN117395650A CN 117395650 A CN117395650 A CN 117395650A CN 202311388211 A CN202311388211 A CN 202311388211A CN 117395650 A CN117395650 A CN 117395650A
Authority
CN
China
Prior art keywords
pseudo
communication device
identity information
message
communication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311388211.2A
Other languages
Chinese (zh)
Inventor
王涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
China Mobile Suzhou Software Technology Co Ltd
Original Assignee
China Mobile Communications Group Co Ltd
China Mobile Suzhou Software Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd, China Mobile Suzhou Software Technology Co Ltd filed Critical China Mobile Communications Group Co Ltd
Priority to CN202311388211.2A priority Critical patent/CN117395650A/en
Publication of CN117395650A publication Critical patent/CN117395650A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/068Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/08Randomization, e.g. dummy operations or using noise
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/42Anonymization, e.g. involving pseudonyms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/72Signcrypting, i.e. digital signing and encrypting simultaneously
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The application provides a communication method, a device, an electronic device and a storage medium, wherein the method comprises the following steps: transmitting an authentication request to a second communication device, the authentication request including first pseudo-identity information of the first communication device; receiving second pseudo-identity information generated by the second communication device based on the first pseudo-identity information and a random challenge value; and the second communication equipment performs data communication with the second communication equipment under the condition that the first signature passes according to the second pseudo-identity information and the second communication equipment passes according to the second pseudo-identity information. According to the method and the device, the second pseudo-identity information is generated through the first pseudo-identity information and the random challenge value between the first communication device and the second communication device for data communication, and the first signature and the second signature are verified according to the second pseudo-identity information, so that safety in the communication process is improved.

Description

Communication method, communication device, electronic equipment and storage medium
Technical Field
The embodiment of the application relates to the technical field of communication, in particular to a communication method, a device, electronic equipment and a storage medium.
Background
With the advent of the universal interconnection era, authentication and safe data exchange are carried out on a large number of devices with limited resources, so that the safety and effectiveness of data of users are ensured, the problems can be effectively solved, and a plurality of mainstream schemes in the industry are integrated. Currently, in a Device to Device (D2D) Device, secure communication between D2D devices is generally achieved through appropriate mutual authentication, secure key exchange, and anonymity, but this approach is less secure.
Disclosure of Invention
The embodiment of the application provides a communication method, a device, electronic equipment and a storage medium, which are used for solving the problem of lower safety in D2D equipment communication in the prior art.
To solve the above problems, the present application is realized as follows:
in a first aspect, an embodiment of the present application provides a communication method, applied to a first communication device, where the method includes:
transmitting an authentication request to a second communication device, the authentication request including first pseudo-identity information of the first communication device;
receiving second pseudo-identity information generated by the second communication device based on the first pseudo-identity information and a random challenge value;
And the second communication equipment performs data communication with the second communication equipment under the condition that the first signature passes according to the second pseudo-identity information and the second communication equipment passes according to the second pseudo-identity information.
Optionally, after the first authentication request is sent to the second communication device, the method further includes:
transmitting the first key and the second key to the second communication device;
the receiving the second pseudo identity information sent by the second communication device includes:
second pseudo-identity information generated by the second communication device based on the first key, the second key, the random challenge value, and the first pseudo-identity information is received.
Optionally, after receiving the second pseudo-identity information generated by the second communication device based on the first pseudo-identity information and the random challenge value, the method further includes:
generating a first message according to the random number and the second pseudo-identity information, and sending the first message to the second communication equipment;
receiving a second message generated by the second communication device based on the first message, the second message including the first signature and the random challenge value;
And verifying the first signature according to the second pseudo identity information.
Optionally, in the case of verifying that the first signature passes according to the second pseudo-identity information, the method further comprises:
calculating a security parameter and a physical unclonable PUF output from the second pseudo-identity information;
generating a third message from the first signature, the security parameter and the PUF output;
and sending the third message to the second communication device, wherein the third message is used for generating the second signature.
Optionally, after the third message is sent to the second communication device, the method further includes:
receiving a fourth message sent by the second communication device, wherein the fourth message comprises a third signature and verification parameters, and the fourth message represents that the second signature is verified;
and performing data transmission with the second communication device when the first signature passes according to the second pseudo-identity information and the second communication device passes according to the second pseudo-identity information, including:
and carrying out data transmission with the second communication equipment under the condition that the first signature and the third signature pass according to the second pseudo-identity information and the second communication equipment passes according to the second pseudo-identity information.
Optionally, after the data transmission with the second communication device, the method further includes:
receiving a fifth message sent by the second communication device, wherein the fifth message is used for including a time stamp exchanged with the second communication device, a message hash signature exchanged with the second communication device, data exchanged with the second communication device and a beacon broadcast pseudo-identity;
and stopping data transmission with the second communication equipment under the condition that the verification of the fifth message fails.
Optionally, after the data transmission with the second communication device, the method further includes:
receiving a sixth message sent by the second communication device, wherein the sixth message comprises a cluster session key exchanged with the second communication device, a lightweight hash signature exchanged with the second communication device, and a timestamp exchanged with the second communication device;
and stopping data transmission with the second communication equipment under the condition that the verification of the sixth message fails.
In a second aspect, an embodiment of the present application provides a communication method, applied to a second communication device, where the method includes:
receiving an authentication request sent by first communication equipment, wherein the authentication request comprises first pseudo identity information of the first communication equipment;
Generating second pseudo-identity information based on the first pseudo-identity information and a random challenge value;
transmitting the second pseudo-identity information to the first communication device;
and the first communication equipment performs data communication with the first communication equipment under the condition that the second signature passes according to the second pseudo-identity information and the first communication equipment passes according to the second pseudo-identity information.
Optionally, after receiving the authentication request sent by the first communication device, the method further includes:
receiving a first key and a second key sent by the first communication equipment;
the generating second pseudo-identity information based on the first pseudo-identity information and a random challenge value includes:
second pseudo-identity information generated based on the first key, the second key, the random challenge value, and the first pseudo-identity information.
Optionally, after the sending the second pseudo-identity information to the first communication device, the method further includes:
receiving a first message sent by the first communication device, wherein the first message is generated according to a random number and the second pseudo-identity information;
generating a second message from the first message, the second message comprising the first signature and the random challenge value;
The second message is sent to the first communication device.
Optionally, in the case that the first communication device verifies that the first signature passes according to the second pseudo-identity information, the method further comprises:
receiving a third message sent by the first communication device, wherein the third message comprises a security parameter and a PUF output;
generating a fourth message, including a third signature and verification parameters, if the second signature is verified based on the third message;
the fourth message is sent to the first communication device.
Optionally, the data transmission with the first communication device is performed when the second signature is verified to pass according to the second pseudo-identity information, and the first communication device verifies that the first signature passes according to the second pseudo-identity information, including:
and carrying out data transmission with the first communication equipment under the condition that the second signature passes according to the second pseudo-identity information and the first communication equipment verifies that the first signature and the third signature pass according to the second pseudo-identity information.
Optionally, after the data transmission with the first communication device, the method further includes:
Generating a fifth message for including a timestamp exchanged with the first communication device, a message hash signature exchanged with the first communication device, data exchanged with the first communication device, and a beacon broadcast pseudo-identity;
and sending the fifth message to the first communication equipment for verification, and stopping data transmission with the first communication equipment under the condition that the fifth message fails to verify.
Optionally, after the data transmission with the first communication device, the method further includes:
generating a sixth message comprising a cluster session key exchanged with the first communication device, a lightweight hash signature exchanged with the first communication device, and the timestamp exchanged with the first communication device;
and sending the sixth message to the first communication equipment for verification, and stopping data transmission with the first communication equipment under the condition that the verification of the sixth message fails.
In a third aspect, embodiments of the present application further provide a communication apparatus, where the apparatus includes:
a first sending module, configured to send an authentication request to a second communication device, where the authentication request includes first pseudo identity information of the first communication device;
A first receiving module, configured to receive second pseudo-identity information generated by the second communication device based on the first pseudo-identity information and a random challenge value;
and the first communication module is used for carrying out data communication with the second communication equipment under the condition that the first signature passes according to the second pseudo-identity information and the second communication equipment passes according to the second pseudo-identity information.
In a fourth aspect, embodiments of the present application further provide a communication apparatus, including:
the second receiving module is used for receiving an authentication request sent by the first communication equipment, wherein the authentication request comprises first pseudo identity information of the first communication equipment;
a first generation module for generating second pseudo-identity information based on the first pseudo-identity information and a random challenge value;
a second sending module, configured to send the second pseudo identity information to the first communication device;
and the second communication module is used for carrying out data communication with the first communication equipment under the condition that the second signature passes according to the second pseudo-identity information and the first communication equipment passes according to the second pseudo-identity information.
In a fifth aspect, embodiments of the present application further provide a communication device, including: a transceiver, a memory, a processor, and a program stored on the memory and executable on the processor; the processor is configured to read a program in the memory to implement the steps in the method according to the foregoing first aspect; or, as in the method of the second aspect described above.
In a sixth aspect, embodiments of the present application further provide a readable storage medium storing a program, where the program when executed by a processor implements the steps of the method according to the first aspect, or implements the steps of the method according to the second aspect.
The application provides a communication method, a device, an electronic device and a storage medium, wherein the method comprises the following steps: transmitting an authentication request to a second communication device, the authentication request including first pseudo-identity information of the first communication device; receiving second pseudo-identity information generated by the second communication device based on the first pseudo-identity information and a random challenge value; and the second communication equipment performs data communication with the second communication equipment under the condition that the first signature passes according to the second pseudo-identity information and the second communication equipment passes according to the second pseudo-identity information. According to the method and the device, the second pseudo-identity information is generated through the first pseudo-identity information and the random challenge value between the first communication device and the second communication device for data communication, and the first signature and the second signature are verified according to the second pseudo-identity information, so that safety in the communication process is improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the description of the embodiments of the present application will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is one of flow diagrams of a communication method provided in an embodiment of the present application;
fig. 2 is a schematic structural diagram of a communication system according to an embodiment of the present application;
FIG. 3 is one of the interaction schematics provided by embodiments of the present application;
FIG. 4 is a second schematic diagram of interactions provided by embodiments of the present application;
FIG. 5 is a second flow chart of a communication method according to the embodiment of the present application;
fig. 6 is one of schematic structural diagrams of a communication device according to an embodiment of the present application;
FIG. 7 is a second schematic diagram of a communication device according to an embodiment of the present disclosure;
fig. 8 is a schematic structural diagram of a communication device according to an embodiment of the present application.
Detailed Description
The following description of the embodiments of the present application will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are some, but not all, of the embodiments of the present application. All other embodiments, which can be made by one of ordinary skill in the art based on the embodiments herein without making any inventive effort, are intended to be within the scope of the present application.
The terms "first," "second," and the like in embodiments of the present application are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus. Furthermore, the use of "and/or" in this application means at least one of the connected objects, such as a and/or B and/or C, is meant to encompass the 7 cases of a alone, B alone, C alone, and both a and B, both B and C, both a and C, and both A, B and C.
Referring to fig. 1, fig. 1 is one of flow diagrams of a communication method provided in an embodiment of the present application. The communication method shown in fig. 1 may be performed by a first communication device.
As shown in fig. 1, the communication method may include the steps of:
step 101, sending an authentication request to a second communication device, wherein the authentication request comprises first pseudo identity information of the first communication device.
In this embodiment, the first communication device is any one of the D2D devices, and the second communication device is a cluster head in the D2D device, which is equivalent to one transfer in the group in the D2D. As shown in fig. 2, fig. 2 is a schematic diagram of a communication system in this embodiment, where a legitimate user can access D2D data in a variety of ways, including indirectly through a trusted service provider GWN or directly with a sensor node. In the process of data access, communication among the GWN, the user and the D2D node is carried out through the Internet. D2D nodes may exchange data directly with each other or with cluster heads. However, the large number of D2D nodes operating in an unsafe and unattended environment makes these devices and the data held therein subject to a variety of threats and attacks.
Since open wireless channel communications between D2D communication entities may be exploited by attackers, launching attacks that compromise security and privacy, the proposed protocol solves these problems by maintaining data confidentiality, security authentication, anonymity, and integrity.
In particular, the first communication device may need to initialize a request parameter before the first communication device and the first communication device communicate, in particular, the first communication device may send an authentication request to the second communication device, the authentication request comprising the first pseudo-identity information of the first communication device.
Step 102, receiving second pseudo-identity information generated by the second communication device based on the first pseudo-identity information and a random challenge value.
In this embodiment, the second communication device generates second pseudo-identity information according to the received first pseudo-identity information and the random challenge value, and sends the second pseudo-identity information to the first communication device.
Step 103, data communication is performed with the second communication device when the first signature is verified to pass according to the second pseudo-identity information and the second communication device verifies that the second signature passes according to the second pseudo-identity information.
In this embodiment, the first communication device and the second communication device verify the first signature and the second signature according to the second pseudo-identity information, respectively, and in the case where both the first signature and the second signature are verified, it is indicated that the first communication device and the second communication device are secure, and thus secure communication is possible.
The application provides a communication method, which comprises the following steps: transmitting an authentication request to a second communication device, the authentication request including first pseudo-identity information of the first communication device; receiving second pseudo-identity information generated by the second communication device based on the first pseudo-identity information and a random challenge value; and the second communication equipment performs data communication with the second communication equipment under the condition that the first signature passes according to the second pseudo-identity information and the second communication equipment passes according to the second pseudo-identity information. According to the method and the device, the second pseudo-identity information is generated through the first pseudo-identity information and the random challenge value between the first communication device and the second communication device for data communication, and the first signature and the second signature are verified according to the second pseudo-identity information, so that safety in the communication process is improved.
In some possible embodiments, optionally, after the sending the first authentication request to the second communication device, the method further includes:
transmitting the first key and the second key to the second communication device;
the receiving the second pseudo identity information sent by the second communication device includes:
second pseudo-identity information generated by the second communication device based on the first key, the second key, the random challenge value, and the first pseudo-identity information is received.
In this embodiment, as shown in fig. 3, D2D is a first communication device, CH is a second communication device, and when the request parameter includes a timestamp threshold Δt, a threshold time Δt, Δc of the cluster session key refresh, where Δt,
master key k master And some system keys k sys Cluster key pseudo-identification CK P And cluster key validation parameters delta, h: {0,1} *
At the initialization stage node D An authentication request is sent to CH with its pseudo-identity { AuthReq, cp }. Wherein AuthReq is authentication request, cp is D2D pseudo identity
Upon receipt of these parameters, the CH calculates a random challenge valueFor subsequent authentication.
Will beTransmission to node D ,node D For any one D2D, the PUF output is extracted > Is a physically untraceable (Physically Unclonable Function, PUF) output. CH at node pair D And performing initial avatar authentication.
Calculating a keyThen generating a one-time mutual authentication pseudo identity +.> Immediately after buffering +.>CH direction node D Transmission { τ, ψ, κ ] sys }. Wherein τ is a one-time pseudo identity, ψ is a CH key, and κ is a K sys Kappa is the system key master Is the CH master key.
Optionally, after receiving the second pseudo-identity information generated by the second communication device based on the first pseudo-identity information and the random challenge value, the method further includes:
generating a first message according to the random number and the second pseudo-identity information, and sending the first message to the second communication equipment;
receiving a second message generated by the second communication device based on the first message, the second message including the first signature and the random challenge value;
and verifying the first signature according to the second pseudo identity information.
Optionally, in the case of verifying that the first signature passes according to the second pseudo-identity information, the method further comprises:
calculating a security parameter and a physical unclonable PUF output from the second pseudo-identity information;
generating a third message from the first signature, the security parameter and the PUF output;
And sending the third message to the second communication device, wherein the third message is used for generating the second signature.
Optionally, after the third message is sent to the second communication device, the method further includes:
receiving a fourth message sent by the second communication device, wherein the fourth message comprises a third signature and verification parameters, and the fourth message represents that the second signature is verified;
and performing data transmission with the second communication device when the first signature passes according to the second pseudo-identity information and the second communication device passes according to the second pseudo-identity information, including:
and carrying out data transmission with the second communication equipment under the condition that the first signature and the third signature pass according to the second pseudo-identity information and the second communication equipment passes according to the second pseudo-identity information.
In this embodiment, as shown in fig. 4, in the process of D2D identity authentication, a random number nonce η is first generated D2D ,Then calculate +.>Finally generate the join message->And will- >Send toCH. Wherein eta D2D Is D2D nonce->Is an exclusive or operation.
Once the CH receives l 1 The CH will retrieve from the cacheRecalculating-> Generating a random number nonce eta CH Subsequently calculate +.>And->
Generating signaturesAnd join message->Afterwards; and will-> And transmitting to D2D. D2D, upon receiving these parameters, recalculates the signature v and verifies it, e.gWhere h is a hash function and v is a CH signature.
When the verification result of the signature v is invalid, the joining request is rejected. However, if the signature is signedEffectively, the D2D will authenticate the CH and then verify the identity of the CHObtain->And pass-> Obtaining eta CH Then recalculate the PUF output>
Wherein,generating for broadcast nonces and beta 2 ,β 1 And beta 2 Is a broadcast random number. Calculate security parameters +.> τ N =h(τ||β 2 ) And->Generated join message->Will join message l 3 Pass to CH and mark the end of D2D authentication.
During the CH identity authentication process, by recalculatingAnd-> To initialize CH authentication.
First CH verifies signatureIf->The signature is invalid and the authentication process terminates. Security parameter +.>
Will { beta ] 12 Added to CH, verify data
Generating random numbers nonce CK and δ for calculating the security parameters: and signature- >Wherein delta is a cluster key verification parameter, CK is a cluster key pseudo identity, and CK is * Pseudo-identity for updated cluster keys. Check message l 4 ={CK **2 And assembled. CH will { CK again **2 And transmitted to D2D.
Upon receipt of l 4 D2D will recalculateAnd->Wherein is used to verify the signature v 2 . If signature h (CK) * ||δ||δ * ||η CH )!=ν 2 Is ineffective. At this point, the authentication request is denied, otherwise, the CH is trusted.
Optionally, after the data transmission with the second communication device, the method further includes:
receiving a fifth message sent by the second communication device, wherein the fifth message is used for including a time stamp exchanged with the second communication device, a message hash signature exchanged with the second communication device, data exchanged with the second communication device and a beacon broadcast pseudo-identity;
and stopping data transmission with the second communication equipment under the condition that the verification of the fifth message fails.
Optionally, after the data transmission with the second communication device, the method further includes:
receiving a sixth message sent by the second communication device, wherein the sixth message comprises a cluster session key exchanged with the second communication device, a lightweight hash signature exchanged with the second communication device, and a timestamp exchanged with the second communication device;
And stopping data transmission with the second communication equipment under the condition that the verification of the sixth message fails.
In this embodiment, after authentication is completed, the first communication device and the second communication device need to exchange data, and generate a cluster session key through the senderStarting a cluster session, wherein SK cluster Kappa for cluster session key sys Is a system key.
Send it toAfter all D2D entities, broadcasting pseudo identity And session hash signature σ=h (Ω||sk) cluster I omega I |θ), combined information l 5 = { θ, σ, ω, Ω }. Where θ is the timestamp, σ is the message hash signature, ω is the exchanged data, Ω is the beacon broadcast pseudo-identity, and i is or operation. The combined information { lambda, sigma, omega } is sent to all D2D entities. To verify the received information 5 The time stamp θ is used for checking. If the time stamp exceeds a set threshold deltat. l (L) 5 Marked as a replay attack. If valid, the session hash signature sigma is recalculated, and the verification of the signature is performed according to sigma.
Incidentally, if h (Ω||sk) cluster I omega I |θ) |! =σ inequality, l 5 Marked as replay attack, otherwise handled normally.
At the sender window is empty and the session duration T ses If the threshold value C is larger, the delta C is refreshed, and a new cluster session key is calculatedIn this process a lightweight hash signature ζ is calculated and incorporated into the message +.>Message l 6 Broadcast to all D2D entities. All D2D recipients will check l 6 If the freshness of the (E) is over the set threshold value, then l 6 Marked as a replay attack, otherwise by recalculating the lightweight hash signature ζ * Decoding->If the two signatures are equal, then the updated version is usedReplacement of old cluster session key SK cluster Otherwise, the session update request is ignored.
The present application reduces the computational cost of the proposed protocol by lightweight cryptographic primitives such as one-way hash functions and exclusive or (XOR) operations. And all schemes have non-repudiation and non-interlinkability, wherein the non-repudiation means that the information source user is prevented from acknowledging the information sent by the user afterwards or the user does not acknowledge after receiving the information, the non-interlinkability means that the information source user is associated with the same role or identity, such as multiple sessions of a role R in a protocol P, and an attacker cannot distinguish whether messages in two sessions originate from the same role from outside.
According to the method and the device, the second pseudo-identity information is generated through the first pseudo-identity information and the random challenge value between the first communication device and the second communication device for data communication, and the first signature and the second signature are verified according to the second pseudo-identity information, so that safety in the communication process is improved.
Referring to fig. 5, fig. 5 is a second flowchart of a communication method according to an embodiment of the present application. The communication method of the embodiment of the application can be executed by the second communication device.
As shown in fig. 5, the communication method may include the steps of:
step 501, receiving an authentication request sent by a first communication device, where the authentication request includes first pseudo identity information of the first communication device.
Step 502, generating second pseudo-identity information based on the first pseudo-identity information and a random challenge value.
Step 503, sending the second pseudo identity information to the first communication device.
Step 504, performing data communication with the first communication device when the second signature passes according to the second pseudo-identity information and the first communication device passes according to the second pseudo-identity information.
Optionally, after receiving the authentication request sent by the first communication device, the method further includes:
receiving a first key and a second key sent by the first communication equipment;
the generating second pseudo-identity information based on the first pseudo-identity information and a random challenge value includes:
second pseudo-identity information generated based on the first key, the second key, the random challenge value, and the first pseudo-identity information.
Optionally, after the sending the second pseudo-identity information to the first communication device, the method further includes:
receiving a first message sent by the first communication device, wherein the first message is generated according to a random number and the second pseudo-identity information;
generating a second message from the first message, the second message comprising the first signature and the random challenge value;
the second message is sent to the first communication device.
Optionally, in the case that the first communication device verifies that the first signature passes according to the second pseudo-identity information, the method further comprises:
receiving a third message sent by the first communication device, wherein the third message comprises a security parameter and a PUF output;
generating a fourth message, including a third signature and verification parameters, if the second signature is verified based on the third message;
the fourth message is sent to the first communication device.
Optionally, the data transmission with the first communication device is performed when the second signature is verified to pass according to the second pseudo-identity information, and the first communication device verifies that the first signature passes according to the second pseudo-identity information, including:
And carrying out data transmission with the first communication equipment under the condition that the second signature passes according to the second pseudo-identity information and the first communication equipment verifies that the first signature and the third signature pass according to the second pseudo-identity information.
Optionally, after the data transmission with the first communication device, the method further includes:
generating a fifth message for including a timestamp exchanged with the first communication device, a message hash signature exchanged with the first communication device, data exchanged with the first communication device, and a beacon broadcast pseudo-identity;
and sending the fifth message to the first communication equipment for verification, and stopping data transmission with the first communication equipment under the condition that the fifth message fails to verify.
Optionally, after the data transmission with the first communication device, the method further includes:
generating a sixth message comprising a cluster session key exchanged with the first communication device, a lightweight hash signature exchanged with the first communication device, and the timestamp exchanged with the first communication device;
And sending the sixth message to the first communication equipment for verification, and stopping data transmission with the first communication equipment under the condition that the verification of the sixth message fails.
According to the method and the device, the second pseudo-identity information is generated through the first pseudo-identity information and the random challenge value between the first communication device and the second communication device for data communication, and the first signature and the second signature are verified according to the second pseudo-identity information, so that safety in the communication process is improved.
Referring to fig. 6, fig. 6 is one of the block diagrams of the communication apparatus provided in the embodiment of the present application. As shown in fig. 6, the communication apparatus 600 includes:
a first sending module 610, configured to send an authentication request to a second communication device, where the authentication request includes first pseudo identity information of the first communication device;
a first receiving module 620, configured to receive second pseudo-identity information generated by the second communication device based on the first pseudo-identity information and a random challenge value;
the first communication module 630 is configured to perform data communication with the second communication device when the first signature passes through verification according to the second pseudo-identity information, and when the second communication device passes through verification according to the second pseudo-identity information.
Optionally, the first sending module 610 and the second receiving module 620 are further configured to send the first key and the second key to the second communication device;
the receiving the second pseudo identity information sent by the second communication device includes:
second pseudo-identity information generated by the second communication device based on the first key, the second key, the random challenge value, and the first pseudo-identity information is received.
Optionally, the first sending module 610 and the second receiving module 620 are further configured to generate a first message according to the random number and the second pseudo-identity information, and send the first message to the second communication device;
receiving a second message generated by the second communication device based on the first message, the second message including the first signature and the random challenge value;
and verifying the first signature according to the second pseudo identity information.
Optionally, the first transmitting module 610 and the second receiving module 620 are further configured to calculate a security parameter and a physical untraceable PUF output according to the second pseudo-identity information;
generating a third message from the first signature, the security parameter and the PUF output;
and sending the third message to the second communication device, wherein the third message is used for generating the second signature.
Optionally, the first sending module 610 and the second receiving module 620 are further configured to receive a fourth message sent by the second communication device, where the fourth message includes a third signature and a verification parameter, and the fourth message characterizes that the second signature is verified;
and performing data transmission with the second communication device when the first signature passes according to the second pseudo-identity information and the second communication device passes according to the second pseudo-identity information, including:
and carrying out data transmission with the second communication equipment under the condition that the first signature and the third signature pass according to the second pseudo-identity information and the second communication equipment passes according to the second pseudo-identity information.
Optionally, the first sending module 610 and the second receiving module 620 are further configured to receive a fifth message sent by the second communication device, where the fifth message is configured to include a timestamp exchanged with the second communication device, a hash signature of a message exchanged with the second communication device, data exchanged with the second communication device, and a beacon broadcast pseudo identity;
And stopping data transmission with the second communication equipment under the condition that the verification of the fifth message fails.
Optionally, the first sending module 610 and the second receiving module 620 are further configured to receive a sixth message sent by the second communication device, where the sixth message includes a cluster session key exchanged with the second communication device, a lightweight hash signature exchanged with the second communication device, and the timestamp exchanged with the second communication device;
and stopping data transmission with the second communication equipment under the condition that the verification of the sixth message fails.
The communication device 600 can implement the processes of the method embodiment of fig. 1 in the embodiment of the present application, and achieve the same beneficial effects, and for avoiding repetition, a detailed description is omitted here.
Referring to fig. 7, fig. 7 is a second block diagram of the communication device according to the embodiment of the present application. As shown in fig. 7, the communication apparatus 700 includes:
a second receiving module 710, configured to receive an authentication request sent by a first communication device, where the authentication request includes first pseudo identity information of the first communication device;
a first generation module 720, configured to generate second pseudo-identity information based on the first pseudo-identity information and a random challenge value;
A second sending module 730, configured to send the second pseudo identity information to the first communication device;
the second communication module 740 is configured to perform data communication with the first communication device when the second signature passes through verification according to the second pseudo-identity information, and when the first communication device passes through verification of the first signature according to the second pseudo-identity information.
Optionally, the second receiving module 710 and the second sending module 730 are further configured to receive the first key and the second key sent by the first communication device;
the generating second pseudo-identity information based on the first pseudo-identity information and a random challenge value includes:
second pseudo-identity information generated based on the first key, the second key, the random challenge value, and the first pseudo-identity information.
Optionally, the second receiving module 710 and the second sending module 730 are further configured to receive a first message sent by the first communication device, where the first message is generated according to a random number and the second pseudo-identity information;
generating a second message from the first message, the second message comprising the first signature and the random challenge value;
the second message is sent to the first communication device.
Optionally, the second receiving module 710 and the second transmitting module 730 are further configured to receive a third message sent by the first communication device, where the third message includes a security parameter and a PUF output;
generating a fourth message, including a third signature and verification parameters, if the second signature is verified based on the third message;
the fourth message is sent to the first communication device.
Optionally, the second receiving module 710 and the second sending module 730 are further configured to perform data transmission with the first communication device when the second signature passes according to the second pseudo-identity information, and the first communication device verifies that the first signature and the third signature pass according to the second pseudo-identity information.
Optionally, the second receiving module 710 and the second sending module 730 are further configured to generate a fifth message, where the fifth message is configured to include a timestamp exchanged with the first communication device, a message hash signature exchanged with the first communication device, data exchanged with the first communication device, and a beacon broadcast pseudo-identity;
and sending the fifth message to the first communication equipment for verification, and stopping data transmission with the first communication equipment under the condition that the fifth message fails to verify.
Optionally, the second receiving module 710 and the second sending module 730 are further configured to generate a sixth message, where the sixth message includes the cluster session key exchanged with the first communication device, the lightweight hash signature exchanged with the first communication device, and the timestamp exchanged with the first communication device;
and sending the sixth message to the first communication equipment for verification, and stopping data transmission with the first communication equipment under the condition that the verification of the sixth message fails.
The communication device 700 can implement the processes of the method embodiment of fig. 5 in the embodiment of the present application, and achieve the same beneficial effects, and in order to avoid repetition, a detailed description is omitted here.
The embodiment of the application also provides communication equipment. Referring to fig. 8, the communication device may include a processor 801, a memory 802, and a program 8021 stored on the memory 802 and executable on the processor 801.
In the case where the communication device is the first communication device, the program 8021, when executed by the processor 801, may implement any step in the method embodiment corresponding to fig. 1:
transmitting an authentication request to a second communication device, the authentication request including first pseudo-identity information of the first communication device;
Receiving second pseudo-identity information generated by the second communication device based on the first pseudo-identity information and a random challenge value;
and the second communication equipment performs data communication with the second communication equipment under the condition that the first signature passes according to the second pseudo-identity information and the second communication equipment passes according to the second pseudo-identity information.
Optionally, after the first authentication request is sent to the second communication device, the method further includes:
transmitting the first key and the second key to the second communication device;
the receiving the second pseudo identity information sent by the second communication device includes:
second pseudo-identity information generated by the second communication device based on the first key, the second key, the random challenge value, and the first pseudo-identity information is received.
Optionally, after receiving the second pseudo-identity information generated by the second communication device based on the first pseudo-identity information and the random challenge value, the method further includes:
generating a first message according to the random number and the second pseudo-identity information, and sending the first message to the second communication equipment;
Receiving a second message generated by the second communication device based on the first message, the second message including the first signature and the random challenge value;
and verifying the first signature according to the second pseudo identity information.
Optionally, in the case of verifying that the first signature passes according to the second pseudo-identity information, the method further comprises:
calculating a security parameter and a physical unclonable PUF output from the second pseudo-identity information;
generating a third message from the first signature, the security parameter and the PUF output;
and sending the third message to the second communication device, wherein the third message is used for generating the second signature.
Optionally, after the third message is sent to the second communication device, the method further includes:
receiving a fourth message sent by the second communication device, wherein the fourth message comprises a third signature and verification parameters, and the fourth message represents that the second signature is verified;
and performing data transmission with the second communication device when the first signature passes according to the second pseudo-identity information and the second communication device passes according to the second pseudo-identity information, including:
And carrying out data transmission with the second communication equipment under the condition that the first signature and the third signature pass according to the second pseudo-identity information and the second communication equipment passes according to the second pseudo-identity information.
Optionally, after the data transmission with the second communication device, the method further includes:
receiving a fifth message sent by the second communication device, wherein the fifth message is used for including a time stamp exchanged with the second communication device, a message hash signature exchanged with the second communication device, data exchanged with the second communication device and a beacon broadcast pseudo-identity;
and stopping data transmission with the second communication equipment under the condition that the verification of the fifth message fails.
Optionally, after the data transmission with the second communication device, the method further includes:
receiving a sixth message sent by the second communication device, wherein the sixth message comprises a cluster session key exchanged with the second communication device, a lightweight hash signature exchanged with the second communication device, and a timestamp exchanged with the second communication device;
And stopping data transmission with the second communication equipment under the condition that the verification of the sixth message fails.
In the case where the communication device is the second communication device, the program 8021, when executed by the processor 801, may implement any step in the method embodiment corresponding to fig. 5:
receiving an authentication request sent by first communication equipment, wherein the authentication request comprises first pseudo identity information of the first communication equipment;
generating second pseudo-identity information based on the first pseudo-identity information and a random challenge value;
transmitting the second pseudo-identity information to the first communication device;
and the first communication equipment performs data communication with the first communication equipment under the condition that the second signature passes according to the second pseudo-identity information and the first communication equipment passes according to the second pseudo-identity information.
Optionally, after receiving the authentication request sent by the first communication device, the method further includes:
receiving a first key and a second key sent by the first communication equipment;
the generating second pseudo-identity information based on the first pseudo-identity information and a random challenge value includes:
second pseudo-identity information generated based on the first key, the second key, the random challenge value, and the first pseudo-identity information.
Optionally, after the sending the second pseudo-identity information to the first communication device, the method further includes:
receiving a first message sent by the first communication device, wherein the first message is generated according to a random number and the second pseudo-identity information;
generating a second message from the first message, the second message comprising the first signature and the random challenge value;
the second message is sent to the first communication device.
Optionally, in the case that the first communication device verifies that the first signature passes according to the second pseudo-identity information, the method further comprises:
receiving a third message sent by the first communication device, wherein the third message comprises a security parameter and a PUF output;
generating a fourth message, including a third signature and verification parameters, if the second signature is verified based on the third message;
the fourth message is sent to the first communication device.
Optionally, the data transmission with the first communication device is performed when the second signature is verified to pass according to the second pseudo-identity information, and the first communication device verifies that the first signature passes according to the second pseudo-identity information, including:
And carrying out data transmission with the first communication equipment under the condition that the second signature passes according to the second pseudo-identity information and the first communication equipment verifies that the first signature and the third signature pass according to the second pseudo-identity information.
Optionally, after the data transmission with the first communication device, the method further includes:
generating a fifth message for including a timestamp exchanged with the first communication device, a message hash signature exchanged with the first communication device, data exchanged with the first communication device, and a beacon broadcast pseudo-identity;
and sending the fifth message to the first communication equipment for verification, and stopping data transmission with the first communication equipment under the condition that the fifth message fails to verify.
Optionally, after the data transmission with the first communication device, the method further includes:
generating a sixth message comprising a cluster session key exchanged with the first communication device, a lightweight hash signature exchanged with the first communication device, and the timestamp exchanged with the first communication device;
And sending the sixth message to the first communication equipment for verification, and stopping data transmission with the first communication equipment under the condition that the verification of the sixth message fails.
According to the method and the device, the second pseudo-identity information is generated through the first pseudo-identity information and the random challenge value between the first communication device and the second communication device for data communication, and the first signature and the second signature are verified according to the second pseudo-identity information, so that safety in the communication process is improved.
Those of ordinary skill in the art will appreciate that all or a portion of the steps of implementing the methods of the embodiments described above may be implemented by hardware associated with program instructions, where the program may be stored on a readable medium. The embodiment of the present application further provides a readable storage medium, where a computer program is stored, where any step in the method embodiment corresponding to fig. 3 or fig. 4 can be implemented when the computer program is executed by a processor, and the same technical effect can be achieved, so that repetition is avoided, and no redundant description is provided herein.
Such as Read-Only Memory (ROM), random access Memory (Random Access Memory, RAM), magnetic or optical disk, etc.
While the foregoing is directed to the preferred embodiments of the present application, it will be appreciated by those of ordinary skill in the art that numerous modifications and variations can be made without departing from the principles set forth herein, and such modifications and variations are to be regarded as being within the scope of the present application.

Claims (18)

1. A communication method applied to a first communication device, the method comprising:
transmitting an authentication request to a second communication device, the authentication request including first pseudo-identity information of the first communication device;
receiving second pseudo-identity information generated by the second communication device based on the first pseudo-identity information and a random challenge value;
and the second communication equipment performs data communication with the second communication equipment under the condition that the first signature passes according to the second pseudo-identity information and the second communication equipment passes according to the second pseudo-identity information.
2. The method of claim 1, wherein after the sending the first authentication request to the second communication device, the method further comprises:
transmitting the first key and the second key to the second communication device;
The receiving the second pseudo identity information sent by the second communication device includes:
second pseudo-identity information generated by the second communication device based on the first key, the second key, the random challenge value, and the first pseudo-identity information is received.
3. The method of claim 1, wherein after the receiving the second pseudo-identity information generated by the second communication device based on the first pseudo-identity information and a random challenge value, the method further comprises:
generating a first message according to the random number and the second pseudo-identity information, and sending the first message to the second communication equipment;
receiving a second message generated by the second communication device based on the first message, the second message including the first signature and the random challenge value;
and verifying the first signature according to the second pseudo identity information.
4. A method according to claim 3, wherein in case the first signature is verified to pass based on the second pseudo-identity information, the method further comprises:
calculating a security parameter and a physical unclonable PUF output from the second pseudo-identity information;
Generating a third message from the first signature, the security parameter and the PUF output;
and sending the third message to the second communication device, wherein the third message is used for generating the second signature.
5. The method of claim 4, wherein after the sending the third message to the second communication device, the method further comprises:
receiving a fourth message sent by the second communication device, wherein the fourth message comprises a third signature and verification parameters, and the fourth message represents that the second signature is verified;
and performing data transmission with the second communication device when the first signature passes according to the second pseudo-identity information and the second communication device passes according to the second pseudo-identity information, including:
and carrying out data transmission with the second communication equipment under the condition that the first signature and the third signature pass according to the second pseudo-identity information and the second communication equipment passes according to the second pseudo-identity information.
6. The method of claim 1, wherein after the data transmission with the second communication device, the method further comprises:
Receiving a fifth message sent by the second communication device, wherein the fifth message is used for including a time stamp exchanged with the second communication device, a message hash signature exchanged with the second communication device, data exchanged with the second communication device and a beacon broadcast pseudo-identity;
and stopping data transmission with the second communication equipment under the condition that the verification of the fifth message fails.
7. The method of claim 1, wherein after the data transmission with the second communication device, the method further comprises:
receiving a sixth message sent by the second communication device, wherein the sixth message comprises a cluster session key exchanged with the second communication device, a lightweight hash signature exchanged with the second communication device, and a timestamp exchanged with the second communication device;
and stopping data transmission with the second communication equipment under the condition that the verification of the sixth message fails.
8. A communication method applied to a second communication device, the method comprising:
receiving an authentication request sent by first communication equipment, wherein the authentication request comprises first pseudo identity information of the first communication equipment;
Generating second pseudo-identity information based on the first pseudo-identity information and a random challenge value;
transmitting the second pseudo-identity information to the first communication device;
and the first communication equipment performs data communication with the first communication equipment under the condition that the second signature passes according to the second pseudo-identity information and the first communication equipment passes according to the second pseudo-identity information.
9. The method of claim 8, wherein after receiving the authentication request sent by the first communication device, the method further comprises:
receiving a first key and a second key sent by the first communication equipment;
the generating second pseudo-identity information based on the first pseudo-identity information and a random challenge value includes:
second pseudo-identity information generated based on the first key, the second key, the random challenge value, and the first pseudo-identity information.
10. The method of claim 8, wherein after the sending the second pseudo-identity information to the first communication device, the method further comprises:
receiving a first message sent by the first communication device, wherein the first message is generated according to a random number and the second pseudo-identity information;
Generating a second message from the first message, the second message comprising the first signature and the random challenge value;
the second message is sent to the first communication device.
11. The method of claim 10, wherein in the event that the first communication device verifies that a first signature passes based on the second pseudo-identity information, the method further comprises:
receiving a third message sent by the first communication device, wherein the third message comprises a security parameter and a PUF output;
generating a fourth message, including a third signature and verification parameters, if the second signature is verified based on the third message;
the fourth message is sent to the first communication device.
12. The method of claim 11, wherein the transmitting data with the first communication device if the second signature is verified to pass based on the second pseudo-identity information and the first communication device verifies that the first signature is passed based on the second pseudo-identity information comprises:
and carrying out data transmission with the first communication equipment under the condition that the second signature passes according to the second pseudo-identity information and the first communication equipment verifies that the first signature and the third signature pass according to the second pseudo-identity information.
13. The method of claim 8, wherein after the data transmission with the first communication device, the method further comprises:
generating a fifth message for including a timestamp exchanged with the first communication device, a message hash signature exchanged with the first communication device, data exchanged with the first communication device, and a beacon broadcast pseudo-identity;
and sending the fifth message to the first communication equipment for verification, and stopping data transmission with the first communication equipment under the condition that the fifth message fails to verify.
14. The method of claim 8, wherein after the data transmission with the first communication device, the method further comprises:
generating a sixth message comprising a cluster session key exchanged with the first communication device, a lightweight hash signature exchanged with the first communication device, and the timestamp exchanged with the first communication device;
and sending the sixth message to the first communication equipment for verification, and stopping data transmission with the first communication equipment under the condition that the verification of the sixth message fails.
15. A communication apparatus for use with a first communication device, the apparatus comprising:
a first sending module, configured to send an authentication request to a second communication device, where the authentication request includes first pseudo identity information of the first communication device;
a first receiving module, configured to receive second pseudo-identity information generated by the second communication device based on the first pseudo-identity information and a random challenge value;
and the first communication module is used for carrying out data communication with the second communication equipment under the condition that the first signature passes according to the second pseudo-identity information and the second communication equipment passes according to the second pseudo-identity information.
16. A communication apparatus for use with a second communication device, the apparatus comprising:
the second receiving module is used for receiving an authentication request sent by the first communication equipment, wherein the authentication request comprises first pseudo identity information of the first communication equipment;
a first generation module for generating second pseudo-identity information based on the first pseudo-identity information and a random challenge value;
a second sending module, configured to send the second pseudo identity information to the first communication device;
And the second communication module is used for carrying out data communication with the first communication equipment under the condition that the second signature passes according to the second pseudo-identity information and the first communication equipment passes according to the second pseudo-identity information.
17. An electronic device, comprising: a transceiver, a memory, a processor, and a program stored on the memory and executable on the processor; -characterized in that the processor is adapted to read a program in a memory for implementing the steps in the communication method according to any one of claims 1 to 7 or for implementing the steps in the communication method according to any one of claims 8 to 14.
18. A readable storage medium storing a program, wherein the program when executed by a processor implements the steps of the communication method according to any one of claims 1 to 7 or the steps of the communication method according to any one of claims 8 to 14.
CN202311388211.2A 2023-10-25 2023-10-25 Communication method, communication device, electronic equipment and storage medium Pending CN117395650A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311388211.2A CN117395650A (en) 2023-10-25 2023-10-25 Communication method, communication device, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311388211.2A CN117395650A (en) 2023-10-25 2023-10-25 Communication method, communication device, electronic equipment and storage medium

Publications (1)

Publication Number Publication Date
CN117395650A true CN117395650A (en) 2024-01-12

Family

ID=89464501

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311388211.2A Pending CN117395650A (en) 2023-10-25 2023-10-25 Communication method, communication device, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN117395650A (en)

Similar Documents

Publication Publication Date Title
CN109600350B (en) System and method for secure communication between controllers in a vehicle network
Wazid et al. Secure remote user authenticated key establishment protocol for smart home environment
Cui et al. HCPA-GKA: A hash function-based conditional privacy-preserving authentication and group-key agreement scheme for VANETs
US8468347B2 (en) Secure network communications
Jangirala et al. A multi-server environment with secure and efficient remote user authentication scheme based on dynamic ID using smart cards
US8417949B2 (en) Total exchange session security
Saha et al. Consortium blockchain‐enabled access control mechanism in edge computing based generic Internet of Things environment
CN112425136A (en) Internet of things security using multi-party computing (MPC)
Nikooghadam et al. A secure and robust elliptic curve cryptography‐based mutual authentication scheme for session initiation protocol
Tanveer et al. RUAM-IoD: A robust user authentication mechanism for the Internet of Drones
JP2016514913A (en) Method and apparatus for establishing a session key
Tanveer et al. Towards a secure and computational framework for internet of drones enabled aerial computing
CN111654481B (en) Identity authentication method, identity authentication device and storage medium
CN114143343A (en) Remote access control system, control method, terminal and medium in fog computing environment
US20160315963A1 (en) A method and apparatus for detecting that an attacker has sent one or more messages to a receiver node
Hussain et al. An improved authentication scheme for digital rights management system
Akram et al. Blockchain-based privacy-preserving authentication protocol for UAV networks
Yadav et al. Symmetric key-based authentication and key agreement scheme resistant against semi-trusted third party for fog and dew computing
Tahir et al. Lightweight and secure multi-factor authentication scheme in VANETs
CN116456346B (en) RFID group tag authentication method for dynamic grouping
EP3381208B1 (en) Charging record authentication for anonymized network service utilization
WO2023036348A1 (en) Encrypted communication method and apparatus, device, and storage medium
Tanveer et al. PAF-IoD: PUF-Enabled Authentication Framework for the Internet of Drones
JP2004194196A (en) Packet communication authentication system, communication controller and communication terminal
CN117395650A (en) Communication method, communication device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination