MY171259A - System and method for identity-based entity authentication for client-server communications - Google Patents

System and method for identity-based entity authentication for client-server communications

Info

Publication number
MY171259A
MY171259A MYPI2012004830A MYPI2012004830A MY171259A MY 171259 A MY171259 A MY 171259A MY PI2012004830 A MYPI2012004830 A MY PI2012004830A MY PI2012004830 A MYPI2012004830 A MY PI2012004830A MY 171259 A MY171259 A MY 171259A
Authority
MY
Malaysia
Prior art keywords
server
client
module
authentication
identity
Prior art date
Application number
MYPI2012004830A
Inventor
Geong Sen Poh
Reza Z'aba Muhammad
Original Assignee
Mimos Berhad
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mimos Berhad filed Critical Mimos Berhad
Priority to MYPI2012004830A priority Critical patent/MY171259A/en
Priority to PCT/MY2013/000184 priority patent/WO2014069985A1/en
Publication of MY171259A publication Critical patent/MY171259A/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/166Implementing security features at a particular protocol layer at the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • H04L9/3073Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3273Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response for mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Algebra (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Power Engineering (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention provides a system (100) for identity-based entity authentication for client- server communications comprising: a trusted authority module (110) configured to register at least one client and at least one server involved in the client-server communications and generate public parameters and secret parameters for use in the authentication; a server module (120) configured to securely store secret parameters for the server to authenticate the server to the client, and to authenticate the client to the server; a client module (130) configured to verify the authenticity of the server and to authenticate the client to said server; and a protocol module (140) configured to provide mutual authentication between the client and the server; characterised in that the protocol module (140) provides mutual authentication between the client and the server using ID-based challenge-response protocol and that the server module (120) authenticates the client to the server using ID-based authentication.
MYPI2012004830A 2012-11-05 2012-11-05 System and method for identity-based entity authentication for client-server communications MY171259A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
MYPI2012004830A MY171259A (en) 2012-11-05 2012-11-05 System and method for identity-based entity authentication for client-server communications
PCT/MY2013/000184 WO2014069985A1 (en) 2012-11-05 2013-10-22 System and method for identity-based entity authentication for client-server communications

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
MYPI2012004830A MY171259A (en) 2012-11-05 2012-11-05 System and method for identity-based entity authentication for client-server communications

Publications (1)

Publication Number Publication Date
MY171259A true MY171259A (en) 2019-10-07

Family

ID=49753439

Family Applications (1)

Application Number Title Priority Date Filing Date
MYPI2012004830A MY171259A (en) 2012-11-05 2012-11-05 System and method for identity-based entity authentication for client-server communications

Country Status (2)

Country Link
MY (1) MY171259A (en)
WO (1) WO2014069985A1 (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
MY184944A (en) * 2014-07-24 2021-04-30 Mimos Berhad Method and system for computation and verification of authentication parameters from independant measurements of time or location
CN105897416B (en) * 2016-06-29 2019-03-05 邓月霞 A kind of end-to-end security instant communication method of forward direction based on id password system
CN106209368B (en) * 2016-06-29 2019-04-05 邓月霞 A kind of instantaneous communication system dispositions method based on id password system
CN111314269B (en) * 2018-12-11 2023-09-12 中兴通讯股份有限公司 Address automatic allocation protocol security authentication method and equipment
CN110380852B (en) * 2019-07-22 2023-06-16 中国联合网络通信集团有限公司 Bidirectional authentication method and communication system
CN111245616B (en) * 2020-03-10 2023-03-24 阿波罗智联(北京)科技有限公司 Authentication method, device, equipment and storage medium for network communication
CN111698225B (en) * 2020-05-28 2022-08-19 国家电网有限公司 Application service authentication encryption method suitable for power dispatching control system
CN112788011A (en) * 2020-12-30 2021-05-11 上海浦东发展银行股份有限公司 Gateway bidirectional authentication system and method based on state cryptographic algorithm
CN114095276B (en) * 2022-01-18 2022-04-22 杭州雅观科技有限公司 Intelligent home security authentication method based on Internet of things
CN114513339A (en) * 2022-01-21 2022-05-17 国网浙江省电力有限公司金华供电公司 Security authentication method, system and device
CN115550042B (en) * 2022-10-08 2023-06-20 江南信安(北京)科技有限公司 Signature verification server for realizing national encryption algorithm based on security chip

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101459506B (en) * 2007-12-14 2011-09-14 华为技术有限公司 Cipher key negotiation method, system, customer terminal and server for cipher key negotiation

Also Published As

Publication number Publication date
WO2014069985A1 (en) 2014-05-08

Similar Documents

Publication Publication Date Title
MY171259A (en) System and method for identity-based entity authentication for client-server communications
CN110268676B (en) Private key calculation system and method for identity-based self-authentication signature scheme
SG10201901366WA (en) Key exchange through partially trusted third party
CN108886468B (en) System and method for distributing identity-based key material and certificates
WO2011017099A3 (en) Secure communication using asymmetric cryptography and light-weight certificates
GB2512249A (en) Secure peer discovery and authentication using a shared secret
RU2018103183A (en) MUTUAL AUTHENTICATION OF CONFIDENTIAL COMMUNICATION
SG10201806366TA (en) Apparatus and method for managing digital certificates
WO2015023341A3 (en) Secure authorization systems and methods
GB2566874A (en) Method for obtaining vetted certificates by microservices in elastic cloud environments
BR112017002747A2 (en) computer implemented method, and, computer system.
WO2009025459A3 (en) Method of and apparatus for sharing secret information between devices in home network
WO2016175914A3 (en) Transaction signing utilizing asymmetric cryptography
GB2534801A (en) A set of servers for "Machine-to-Machine" communications using public key infrastructure
WO2014176046A3 (en) Community of interest-based secured communications over ipsec
WO2014151730A3 (en) Identity escrow management for minimal disclosure credentials
WO2009042104A3 (en) Method and apparatus for authenticating nodes in a wireless network
GB2496354B (en) A method and system of providing authentication of user access to a computer resource via a mobile device using multiple separate security factors
WO2011106769A3 (en) Dynamic cryptographic subscriber-device identity binding for subscriber mobility
MX361152B (en) Provisioning drm credentials on a client device using an update server.
IN2014KN02750A (en)
WO2012087692A3 (en) System and method for secure communications in a communication system
WO2012154976A3 (en) System and method for web-based security authentication
WO2007115982A3 (en) Identity protection method, devices and corresponding computer programme product
GB2503618A (en) Single-round password-based key exchange protocols