WO2009109136A1 - 一种实用的基于可信第三方的实体双向鉴别方法 - Google Patents
一种实用的基于可信第三方的实体双向鉴别方法 Download PDFInfo
- Publication number
- WO2009109136A1 WO2009109136A1 PCT/CN2009/070629 CN2009070629W WO2009109136A1 WO 2009109136 A1 WO2009109136 A1 WO 2009109136A1 CN 2009070629 W CN2009070629 W CN 2009070629W WO 2009109136 A1 WO2009109136 A1 WO 2009109136A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- entity
- message
- authentication
- party
- trusted
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0884—Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
Definitions
- the invention relates to a practical entity two-way authentication method based on a trusted third party.
- Entity authentication methods using asymmetric cryptography can be divided into two types, one-way authentication and two-way authentication.
- the uniqueness or timeliness of identification is identified by time-varying parameters and is often used as a time-series, sequence number, random number, etc. for time-varying parameters. If the time stamp or the sequence number is used as the time-varying parameter, the one-way authentication only needs to use one message, and the two-way authentication needs to use two messages. If the random number is used as the time-varying parameter, the one-way authentication needs to use two messages. Pass-through, two-way authentication requires three messages or four messages (ie, parallel authentication for two messages).
- the verifier must have a valid public key of the claimant before or during the operation, otherwise the authentication process may be compromised or not successfully completed.
- the three-way method of two-way authentication is taken as an example:
- TokenAB R A
- TokenBA R B
- X is an entity specifier
- the authentication system has two authentication entities A and B; Cert x represents the certificate of entity X; sS x represents the signature of entity X; R x represents the random number generated by entity X; Text is optional Text field.
- entity B sends a random number R B , optional text Textl to entity A;
- Entity A sends token TokenAB, optional certificate Cert A to entity B;
- Entity B sends token TokenBA, optional certificate Cert B to entity A;
- the entity A After receiving the message including the TokenBA sent by the entity B, the entity A performs the following steps: 5.1) ensuring that the valid public key of the entity B is owned by checking the certificate of the entity B or by other means;
- the three-pass authentication mechanism must be successful in ensuring that entities A and B respectively have the valid public key of the other party, and how to obtain the public key of the other party and its validity, the agreement itself is not involved.
- This guarantee requirement condition cannot be satisfied in many current application environments.
- the communication network usually adopts an entity authentication mechanism to implement the user access control function. Before the authentication mechanism is successfully completed, the user is prohibited from accessing the network, and thus the user cannot or is difficult before the authentication.
- the access certificate authority obtains the validity of the peer entity, the network access point public key.
- the communication network usually needs to perform two-way authentication between the user and the network entry point to ensure that the legitimate user accesses the legal network. Therefore, for the network entity, it is not necessary to know the effective publicity of the communication peer entity before the authentication.
- the key but the verification of the public key of the peer entity in the authentication process, not only improves the traditional entity authentication mechanism, but also makes it feasible and easy to use in practical applications.
- the authentication entity needs to perform public key calculation, and the public key calculation is time consuming, which is difficult for the authentication protocol to be applied to the authentication entity with weak computing power. Therefore, the design of the protocol should reduce the number of public key calculations of the authentication entity on the basis of ensuring the authentication function.
- the present invention solves the above technical problems existing in the background art, and proposes a practical entity two-way authentication method based on a trusted third party.
- a practical entity-based two-way authentication method based on trusted third parties including:
- the entity A After receiving the message 1 of the entity B that is sent by the entity B, the entity A sends a message 2 to the trusted third party TP, where the message 2 includes the authentication parameter of the entity B and the real Identification parameter of body A;
- the entity A receives the message 3 sent by the trusted third party TP, and the message 3 includes the check result of the trusted third party TP checking whether the entity A and the entity B are legal according to the message 2;
- entity A After entity A verifies the message 3, the entity B obtains the verification result to the entity.
- the message 1 includes a time varying parameter R B , an identity ID B , a token TokenBA, and an optional text Textl;
- the message 2 includes time varying parameters R A and R B , identity IDs A and ID B , tokens TokenAT and TokenBA, optional texts Textl and Tex2;
- the message 3 includes a token TokenTA and an optional text Text3 or includes tokens TokenTAl and TokenTA2;
- the message 4 includes the token TokenTA and the optional text Tex3 or includes the token TokenTA2.
- Whether the entity A and the entity B are legally checked includes:
- the entity A and entity B a message identity ID A and ID B of the certificate, the verification token TokenBA and signature TokenAT entity B and entity A, if the authentication fails, then discards the message 2; If the verification by , checking the validity of the certificate;
- the message 2 is directly discarded, or the message 3 is returned; if the certificate is valid, the message 3 is returned to the entity A.
- Whether the entity A and the entity B are legally checked includes:
- the public key corresponding to the entity A and the entity B and the validity thereof are searched and checked, and if the corresponding public key is not found, If the searched public key is invalid, the message 2 is directly discarded or the message 3 is returned; if the corresponding public key is searched, and the searched corresponding public key is valid, the token TokenBA is verified. And the signatures of entity B and entity A in TokenAT;
- the entity A verifying the message 3 includes:
- the entity B performs verification according to the message 4, including:
- the entity A Before receiving the message 1 sent by the entity B, the entity A further includes:
- the entity A sends a message 0 containing the authentication parameter of the entity A to the entity B, and the entity B sends the message 1 to the entity A after receiving the message 0.
- the message 0 includes a time varying parameter R A , an identity ID A , and an optional text Text0.
- the time varying parameter is a random number, a time stamp, or a sequence number.
- the invention adopts a three-entity framework, and the authentication entity needs to obtain the public key or certificate of the trusted third party before the authentication, and obtain the user certificate issued by the trusted third party to itself or hand over the public key to the trusted third party for storage. There is no need to know in advance the valid public key of the peer authentication entity.
- the public key of the authenticating entity and its validity are automatically transmitted to the required peer through the search and verification of the trusted third party; in the protocol operation, the verification signature of the authenticating entity is handed over as usual A trusted third party with strong computing power is completed.
- the invention defines an online retrieval and authentication mechanism of the public key, realizes centralized management thereof, simplifies the operating conditions of the protocol, reduces the computing power requirement for the authentication entity, and satisfies the resource shortage.
- FIG. 1 is a schematic diagram of identification of a three-pass authentication mechanism in the prior art
- Figure 2 is a schematic diagram of the identification of the present invention.
- the method of the present invention involves three entities, two authentication entities A and B, a trusted third party (TP), and a trusted third party TP is a trusted third party that authenticates entities A and B.
- TP trusted third party
- TP trusted third party
- the system for realizing peer-to-peer authentication between two entities A and B through a trusted third party TP is called a Tri-element Peer Authentication (TePA) system.
- TePA Tri-element Peer Authentication
- Valid x Indicates the validity of the certificate Cert x ;
- PublicKeyx is the public key of entity X;
- ID X is the identity of entity X, represented by certificate Certx or entity's distinguisher X;
- Pub x represents the verification result of entity X, by certificate Certx and
- Validity Valid x consists of or consists of entity X and its public key PublicKeyx.
- Token is a token field and is defined as follows:
- TokenBA sS B (R B
- TokenAT sS A (R A
- TokenTA ⁇ ⁇ ⁇ ⁇ ⁇
- TokenTAl R A
- TokenTA2 R B
- Text511 SSTP(R b
- entity B sends message 1 to entity A, message 1 includes time-varying parameter R B , identity ID B , token TokenB A, optional text Textl;
- entity A After receiving the message 1, entity A sends a message 2 to the trusted third party TP, which includes time-varying parameters R A and R B , identity IDs A and 1, token TokenBA and TokenAT, and optional text Textl and Text2;
- the trusted third party checks whether the entity A and the entity B are legal after receiving the message 2; wherein: if the identity of the entity A and the entity B in the message 2 is a certificate, the verification token
- the public key corresponding to the entity A and the entity B and the validity thereof are searched and checked; if the corresponding public key or the public key is invalid, the discard is directly discarded.
- the trusted third party TP checks the legality of entity A and entity B, and returns a message 3 to entity A.
- Message 3 includes token TokenTA and optional text Text3 or contains tokens TokenTAl and TokenTA2;
- entity A After entity A receives message 3, it performs verification. Verify trusted in TokenTA or TokenTAl Varying parameter TP third party signature, and the check message 2 when R A in the TokenTA or TokenTAl varying parameter R A are consistent, then to obtain a verification result matches the entity B Pub B;
- entity B After entity B receives message 4, it performs verification. Verifying the TokenTA or TokenTA2 signature of the trusted third party TP, the message and checks a varying parameter R B when the TokenTA or TokenTA2 varying parameter R B are consistent, then to obtain a verification result matches the entity A Pub A.
- the time varying parameter in the present invention may employ a random number, a time stamp or a sequence number.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer And Data Communications (AREA)
- Storage Device Security (AREA)
- Mobile Radio Communication Systems (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Description
Claims
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020107021533A KR101483818B1 (ko) | 2008-03-06 | 2009-03-04 | 신뢰성 있는 제 3자를 기반으로 한 양방향 엔티티 인증 방법 |
KR1020137014220A KR101483895B1 (ko) | 2008-03-06 | 2009-03-04 | 신뢰성 있는 제 3자를 기반으로 한 양방향 엔티티 인증 방법 |
EP09717387.6A EP2257021B1 (en) | 2008-03-06 | 2009-03-04 | A bidirectional entity authentication method based on the credible third party |
US12/920,931 US8510565B2 (en) | 2008-03-06 | 2009-03-04 | Bidirectional entity authentication method based on the credible third party |
JP2010549004A JP5370373B2 (ja) | 2008-03-06 | 2009-03-04 | 実用的な信頼できるサードパーティに基づくエンティティの双方向識別方法 |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2008100176465A CN101247223B (zh) | 2008-03-06 | 2008-03-06 | 一种基于可信第三方的实体双向鉴别方法 |
CN200810017646.5 | 2008-03-06 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2009109136A1 true WO2009109136A1 (zh) | 2009-09-11 |
Family
ID=39947455
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2009/070629 WO2009109136A1 (zh) | 2008-03-06 | 2009-03-04 | 一种实用的基于可信第三方的实体双向鉴别方法 |
Country Status (6)
Country | Link |
---|---|
US (1) | US8510565B2 (zh) |
EP (1) | EP2257021B1 (zh) |
JP (1) | JP5370373B2 (zh) |
KR (2) | KR101483818B1 (zh) |
CN (1) | CN101247223B (zh) |
WO (1) | WO2009109136A1 (zh) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2013542521A (ja) * | 2010-10-13 | 2013-11-21 | 西安西▲電▼捷通▲無▼綫▲網▼絡通信股▲分▼有限公司 | ネットワークアクセス制御方法およびシステム |
JP2013544053A (ja) * | 2010-11-12 | 2013-12-09 | 西安西▲電▼捷通▲無▼綫▲網▼絡通信股▲分▼有限公司 | 匿名エンティティ認証方法およびシステム本出願は、2010年11月12日に中国特許局に提出し、出願番号が201010546320.9であり、発明名称が「匿名エンティティ認証方法およびシステム」との中国特許出願を基礎とする優先権を主張し、その開示の総てをここに取り込む。 |
Families Citing this family (23)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101222328B (zh) * | 2007-12-14 | 2010-11-03 | 西安西电捷通无线网络通信股份有限公司 | 一种实体双向鉴别方法 |
CN101247223B (zh) * | 2008-03-06 | 2010-06-09 | 西安西电捷通无线网络通信有限公司 | 一种基于可信第三方的实体双向鉴别方法 |
CN101527718B (zh) | 2009-04-16 | 2011-02-16 | 西安西电捷通无线网络通信股份有限公司 | 一种建立三元对等鉴别可信网络连接架构的方法 |
CN101540676B (zh) * | 2009-04-28 | 2012-05-23 | 西安西电捷通无线网络通信股份有限公司 | 一种适合三元对等鉴别可信网络连接架构的平台鉴别方法 |
CN101572705B (zh) * | 2009-06-08 | 2012-02-01 | 西安西电捷通无线网络通信股份有限公司 | 一种实现双向平台认证的系统及方法 |
CN101645776B (zh) * | 2009-08-28 | 2011-09-21 | 西安西电捷通无线网络通信股份有限公司 | 一种引入在线第三方的实体鉴别方法 |
CN101640593B (zh) * | 2009-08-28 | 2011-11-02 | 西安西电捷通无线网络通信股份有限公司 | 一种引入在线第三方的实体双向鉴别方法 |
CN101635624B (zh) * | 2009-09-02 | 2011-06-01 | 西安西电捷通无线网络通信股份有限公司 | 引入在线可信第三方的实体鉴别方法 |
CN101674182B (zh) | 2009-09-30 | 2011-07-06 | 西安西电捷通无线网络通信股份有限公司 | 引入在线可信第三方的实体公钥获取、证书验证及鉴别的方法及系统 |
CN101984577B (zh) | 2010-11-12 | 2013-05-01 | 西安西电捷通无线网络通信股份有限公司 | 匿名实体鉴别方法及系统 |
CN103312499B (zh) * | 2012-03-12 | 2018-07-03 | 西安西电捷通无线网络通信股份有限公司 | 一种身份认证方法及系统 |
CN103312670A (zh) | 2012-03-12 | 2013-09-18 | 西安西电捷通无线网络通信股份有限公司 | 一种认证方法及系统 |
JP6238858B2 (ja) * | 2014-08-28 | 2017-11-29 | 三菱電機株式会社 | データ処理システム及び検証装置及び検証方法及びプログラム |
CN106572064B (zh) * | 2015-10-10 | 2019-10-29 | 西安西电捷通无线网络通信股份有限公司 | 一种多ttp参与的实体身份有效性验证方法及装置 |
CN106571920B (zh) * | 2015-10-10 | 2019-09-27 | 西安西电捷通无线网络通信股份有限公司 | 一种多ttp参与的实体身份有效性验证方法及装置 |
CN106571921B (zh) * | 2015-10-10 | 2019-11-22 | 西安西电捷通无线网络通信股份有限公司 | 一种实体身份有效性验证方法及其装置 |
CN106571919B (zh) * | 2015-10-10 | 2019-10-29 | 西安西电捷通无线网络通信股份有限公司 | 一种实体身份有效性验证方法及其装置 |
US10419226B2 (en) | 2016-09-12 | 2019-09-17 | InfoSci, LLC | Systems and methods for device authentication |
US9722803B1 (en) * | 2016-09-12 | 2017-08-01 | InfoSci, LLC | Systems and methods for device authentication |
CN106682490B (zh) * | 2016-12-02 | 2019-09-20 | 青岛博文广成信息安全技术有限公司 | Cfl人工免疫计算机模型建设方法 |
US11463439B2 (en) | 2017-04-21 | 2022-10-04 | Qwerx Inc. | Systems and methods for device authentication and protection of communication on a system on chip |
WO2019045914A1 (en) * | 2017-09-01 | 2019-03-07 | InfoSci, LLC | DEVICE AUTHENTICATION SYSTEMS AND METHODS |
EP3935534B1 (en) * | 2019-03-04 | 2023-07-05 | Hitachi Vantara LLC | Multi-way trust formation in a distributed system |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1625103A (zh) * | 2003-12-01 | 2005-06-08 | 中国电子科技集团公司第三十研究所 | 一种采用公开密钥密码算法数字签名模式的强鉴别方法 |
US7155608B1 (en) * | 2001-12-05 | 2006-12-26 | Bellsouth Intellectual Property Corp. | Foreign network SPAM blocker |
CN101064605A (zh) * | 2006-04-29 | 2007-10-31 | 华为技术有限公司 | 一种多主机网络的aaa架构及认证方法 |
CN101247223A (zh) * | 2008-03-06 | 2008-08-20 | 西安西电捷通无线网络通信有限公司 | 一种实用的基于可信第三方的实体双向鉴别方法 |
Family Cites Families (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH08297638A (ja) * | 1995-04-26 | 1996-11-12 | Nippon Telegr & Teleph Corp <Ntt> | 利用者認証方式 |
JPH08335208A (ja) * | 1995-06-08 | 1996-12-17 | Nippon Telegr & Teleph Corp <Ntt> | 代理認証方法及びシステム |
US5794221A (en) * | 1995-07-07 | 1998-08-11 | Egendorf; Andrew | Internet billing method |
CA2418740C (en) * | 2000-08-08 | 2010-07-27 | Wachovia Corporation | Internet third-party authentication using electronic tickets |
US7370351B1 (en) * | 2001-03-22 | 2008-05-06 | Novell, Inc. | Cross domain authentication and security services using proxies for HTTP access |
DE60314871T2 (de) | 2002-05-24 | 2008-03-13 | Telefonaktiebolaget Lm Ericsson (Publ) | Verfahren zur authentifizierung eines anwenders bei einem zugang zu einem dienst eines diensteanbieters |
JP2004015665A (ja) * | 2002-06-10 | 2004-01-15 | Takeshi Sakamura | 電子チケット流通システムにおける認証方法およびicカード |
JP4714482B2 (ja) | 2005-02-28 | 2011-06-29 | 株式会社日立製作所 | 暗号通信システムおよび方法 |
CN100495963C (zh) | 2006-09-23 | 2009-06-03 | 西安西电捷通无线网络通信有限公司 | 一种公钥证书状态的获取及验证方法 |
-
2008
- 2008-03-06 CN CN2008100176465A patent/CN101247223B/zh active Active
-
2009
- 2009-03-04 KR KR1020107021533A patent/KR101483818B1/ko active IP Right Grant
- 2009-03-04 WO PCT/CN2009/070629 patent/WO2009109136A1/zh active Application Filing
- 2009-03-04 US US12/920,931 patent/US8510565B2/en active Active
- 2009-03-04 KR KR1020137014220A patent/KR101483895B1/ko active IP Right Grant
- 2009-03-04 JP JP2010549004A patent/JP5370373B2/ja active Active
- 2009-03-04 EP EP09717387.6A patent/EP2257021B1/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7155608B1 (en) * | 2001-12-05 | 2006-12-26 | Bellsouth Intellectual Property Corp. | Foreign network SPAM blocker |
CN1625103A (zh) * | 2003-12-01 | 2005-06-08 | 中国电子科技集团公司第三十研究所 | 一种采用公开密钥密码算法数字签名模式的强鉴别方法 |
CN101064605A (zh) * | 2006-04-29 | 2007-10-31 | 华为技术有限公司 | 一种多主机网络的aaa架构及认证方法 |
CN101247223A (zh) * | 2008-03-06 | 2008-08-20 | 西安西电捷通无线网络通信有限公司 | 一种实用的基于可信第三方的实体双向鉴别方法 |
Non-Patent Citations (1)
Title |
---|
See also references of EP2257021A4 * |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2013542521A (ja) * | 2010-10-13 | 2013-11-21 | 西安西▲電▼捷通▲無▼綫▲網▼絡通信股▲分▼有限公司 | ネットワークアクセス制御方法およびシステム |
KR101515312B1 (ko) * | 2010-10-13 | 2015-04-24 | 차이나 아이더블유엔콤 씨오., 엘티디 | 네트워크 액세스의 제어 방법 및 시스템 |
US9038143B2 (en) | 2010-10-13 | 2015-05-19 | China Iwncomm Co., Ltd. | Method and system for network access control |
JP2013544053A (ja) * | 2010-11-12 | 2013-12-09 | 西安西▲電▼捷通▲無▼綫▲網▼絡通信股▲分▼有限公司 | 匿名エンティティ認証方法およびシステム本出願は、2010年11月12日に中国特許局に提出し、出願番号が201010546320.9であり、発明名称が「匿名エンティティ認証方法およびシステム」との中国特許出願を基礎とする優先権を主張し、その開示の総てをここに取り込む。 |
Also Published As
Publication number | Publication date |
---|---|
CN101247223A (zh) | 2008-08-20 |
JP2011514082A (ja) | 2011-04-28 |
KR101483818B1 (ko) | 2015-01-16 |
EP2257021A4 (en) | 2014-08-20 |
KR20130084315A (ko) | 2013-07-24 |
CN101247223B (zh) | 2010-06-09 |
KR101483895B1 (ko) | 2015-01-16 |
US8510565B2 (en) | 2013-08-13 |
US20110004767A1 (en) | 2011-01-06 |
KR20100116697A (ko) | 2010-11-01 |
EP2257021B1 (en) | 2019-05-08 |
EP2257021A1 (en) | 2010-12-01 |
JP5370373B2 (ja) | 2013-12-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2009109136A1 (zh) | 一种实用的基于可信第三方的实体双向鉴别方法 | |
US8417955B2 (en) | Entity bidirectional authentication method and system | |
WO2009056049A1 (fr) | Procédé et système d'identification bidirectionnelle d'entité fondés sur un tiers de confiance | |
KR101405509B1 (ko) | 온라인 제 3 신뢰 기관을 도입함으로써 엔티티 공개키 획득, 인증서 검증 및 인증을 수행하는 방법 및 시스템 | |
WO2011022918A1 (zh) | 一种引入在线第三方的实体双向鉴别方法 | |
WO2011026296A1 (zh) | 引入在线可信第三方的实体鉴别方法 | |
WO2009143778A1 (zh) | 一种支持快速切换的实体双向鉴别方法 | |
WO2011022919A1 (zh) | 一种引入在线第三方的实体鉴别方法 | |
WO2009015580A1 (fr) | Procédé de connexion de réseau de confiance pour améliorer la sécurité | |
WO2009015581A1 (fr) | Procédé visant à obtenir une connexion de réseau fiable, reposant sur une authentification d'homologues impliquant trois éléments | |
JP2015511467A5 (zh) | ||
CN107786515B (zh) | 一种证书认证的方法和设备 | |
CN105656854B (zh) | 一种验证无线局域网络用户来源的方法、设备及系统 | |
WO2013135172A1 (zh) | 一种认证方法、装置及系统 | |
WO2011069355A1 (zh) | 一种适合三元对等鉴别可信网络连接架构的网络传输方法 | |
Parvathy et al. | A Survey on Authentication Schemes in Multiserver Environment | |
WO2011075907A1 (zh) | 一种实现实体的公钥获取、证书验证及双向鉴别的方法 | |
WO2011075906A1 (zh) | 一种实现实体的公钥获取、证书验证及鉴别的方法 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 09717387 Country of ref document: EP Kind code of ref document: A1 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2010549004 Country of ref document: JP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 12920931 Country of ref document: US |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
ENP | Entry into the national phase |
Ref document number: 20107021533 Country of ref document: KR Kind code of ref document: A |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2009717387 Country of ref document: EP |