WO2011063744A1 - Procédé, système et dispositif d'authentification d'identité dans l'authentification par protocole d'authentification extensible (eap) - Google Patents

Procédé, système et dispositif d'authentification d'identité dans l'authentification par protocole d'authentification extensible (eap) Download PDF

Info

Publication number
WO2011063744A1
WO2011063744A1 PCT/CN2010/079067 CN2010079067W WO2011063744A1 WO 2011063744 A1 WO2011063744 A1 WO 2011063744A1 CN 2010079067 W CN2010079067 W CN 2010079067W WO 2011063744 A1 WO2011063744 A1 WO 2011063744A1
Authority
WO
WIPO (PCT)
Prior art keywords
authentication
client
eap
identifier
random number
Prior art date
Application number
PCT/CN2010/079067
Other languages
English (en)
Chinese (zh)
Inventor
曹振
刘大鹏
邓辉
Original Assignee
中国移动通信集团公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中国移动通信集团公司 filed Critical 中国移动通信集团公司
Publication of WO2011063744A1 publication Critical patent/WO2011063744A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/164Implementing security features at a particular protocol layer at the network layer

Definitions

  • the present invention relates to the field of communications technologies, and in particular, to an identity authentication method, system, and device in EAP authentication. Background technique
  • EAP Extensible Authentication Protocol
  • EAP is an extensible framework that provides network authentication and can support different authentication methods.
  • EAP is generally based on the Internet Layer 2 protocol. Users can only conduct legitimate network communication after completing the EAP-defined authentication. Users who cannot be authenticated correctly cannot communicate with the network.
  • Many networks use EAP as the standard protocol for access authentication, such as 802.11, WIMAX (Worldwide Interoperability for Microwave Access).
  • EAP is the Internet security certification ⁇ 5*, which includes three entities ⁇ Client, Authenticator, AAA (Authentication I Authorization / Accounting) server. The principle is as follows: The Authenticator sends an EAP Request/ID to the client, and the client sends back its own authentication identifier through the EAP Response (ID) message.
  • ID EAP Response
  • the Authenticator forwards the client's authentication identifier to the client.
  • the AAA server determines the specific authentication method (such as EAP-MD5, EAP-TLS, etc.) that the client should perform through local configuration, and then starts the specific authentication process.
  • the Authenticator's EAP authentication message is transparently transmitted between the client and the AAA server. Since the specific authentication calculation is not performed, the Authenticator does not need to implement a specific authentication method as the access point. The security calculations associated with authentication by the AAA server thus maintain the scalability of the network.
  • EAP-MD5 only allows the server to authenticate the client, the client does not have the ability to authenticate the server, and EAP-TLS can support two-way authentication between the server and the client, with relatively higher security strength.
  • ID The attack form of the forged authentication identifier (in this document, the authentication identifier can be abbreviated as ID) is assumed. Assume that user A uses EAP-MD5. Attacker M steals the authentication identifier of user A and initiates authentication to the AAA server. Server will EAP-MD5 authentication is initiated to attacker M, making it easier for attacker M to invade the network.
  • the first method is to ignore the authentication identifier interaction. Since the interaction of the EAP authentication identifier is optional in the prior art, it is proposed to ignore the authentication identifier interaction when the EAP authentication starts, and use the same initial authentication method for all users. After the EAP security tunnel is established, the authentication identifier is exchanged. Therefore, it prevents the attack of forged authentication marks by avoiding the interaction process of the EAP authentication identifier.
  • the problem with this method is that it cannot be used as a general solution because at present many scenarios and authentication methods require the AAA server to know the client's authentication identity.
  • the second method is to prevent an attacker from forging an authentication identifier by exchanging an anonymous manner.
  • a network address identifier that omits the authentication identifier such as "@example.net” may be used in the authentication identifier exchange process at the start of EAP authentication.
  • jltNAI Network Access Identifier
  • the problem of the method is that although there is no user authentication identifier in the NAI information, the attacker can easily forge the NAI information to perform authentication identifier spoofing. Therefore, the method only protects the user's authentication identifier from being leaked in the plaintext transmission. , can not prevent the attack behavior of forged authentication marks. Summary of the invention
  • the embodiments of the present invention provide an identity authentication method, system, and device for EAP authentication, which are used to prevent an attacker from stealing an EAP authentication identifier of another user.
  • An embodiment of the present invention provides an identity authentication method in EAP authentication, including: receiving an EAP message sent by a client, and acquiring an authentication identifier, a random number, a public key, and a signature information of the client carried in the EAP message. ;
  • the method further includes:
  • the client generates a public key and a private key according to an RSA public key algorithm
  • the client generates an authentication identifier according to the public key and the authentication identifier generation algorithm; when the client receives the EAP authentication request, generates a random number, and generates signature information according to the random number and the private key;
  • the client sends an EAP message to the authentication server, where the EAP message carries the authentication identifier, the random number, the public key, and the signature information of the client.
  • the performing the authentication on the authentication identifier and the signature information of the client includes: generating an authentication identifier according to the authentication identifier generation algorithm and the public key; and the generated authentication identifier is carried in the ⁇ message sent by the client If the authentication identifiers are the same, the authentication of the authentication identifier of the client is successful and the next step is performed, otherwise the authentication fails.
  • the method further includes: confirming that the value of the random number carried in the received ⁇ message does not overlap with the value of each random number that occurs within the set time length of the record.
  • the ⁇ message sent by the client is a ⁇ response message.
  • the authentication identifier generation algorithm is a one-way Hash function SHA-1.
  • the method further includes: after the authentication of the authentication identifier and the signature information of the client is passed, the mapping relationship between the authentication identifier of the client and the EAP authentication method is configured. Determining an EAP authentication method corresponding to the authentication identifier of the client carried in the EAP message, and performing EAP authentication on the client.
  • An embodiment of the present invention further provides an authentication server, including:
  • An acquiring unit configured to receive an EAP message sent by the client, and obtain an authentication identifier, a random number, a public key, and signature information of the client carried in the EAP message; And an authentication unit, configured to authenticate the authentication identifier and the signature information of the client according to the authentication identifier generation algorithm, and the random number and the public key.
  • the authentication unit is specifically configured to:
  • a configuration unit configured to store an EAP authentication method corresponding to each client authentication identifier, and provide the authentication unit to the authentication unit;
  • the authentication unit is further configured to determine, according to a mapping relationship between the configured authentication identifier of the client and the EAP authentication method, the identifier that is carried in the EAP message, after the authentication of the authentication identifier and the signature information of the client is passed.
  • the EAP authentication method corresponding to the authentication identifier of the client performs EAP authentication on the client.
  • the authentication unit is further configured to record each random number that occurs in the set time length, and confirm the value of the random number carried in the received EAP message before authenticating the authentication identifier and the signature information of the client. The values of the random numbers recorded are not repeated.
  • An embodiment of the present invention further provides a client, including:
  • a key generation unit configured to generate a public key and a private key according to an RSA public key algorithm
  • An authentication identifier generating unit configured to generate an authentication identifier according to the public key and the authentication identifier generation algorithm
  • a signature information generating unit configured to generate a random number when receiving the EAP authentication request, and generate signature information according to the random number and the private key
  • the EAP message sending unit is configured to send an EAP message to the authentication server, where the EAP message carries the authentication identifier, the random number, the public key, and the signature information of the client.
  • An embodiment of the present invention further provides an EAP authentication system, including:
  • the client is configured to send an EAP message to the authentication server, where the EAP message carries the authentication identifier, the random number, the public key, and the signature information of the client.
  • An authentication server configured to receive an EAP message sent by the client, obtain an authentication identifier, a random number, a public key, and signature information of the client carried in the EAP message; generate an algorithm according to the authentication identifier, and the random number And the public key, the authentication identifier and the signature information of the client are authenticated.
  • the binding technology of the public key and the EAP authentication identifier is used to prevent the authentication identifier from being stolen, and the attacker is completely prevented from stealing other user authentication identifiers, but the existing related technologies are not To solve this problem; in addition, it supports different EAP authentication methods, and does not need to modify the existing EAP authentication protocol, which is a general solution.
  • FIG. 1 is a flowchart of an identity authentication method in EAP authentication provided in an embodiment of the present invention
  • FIG. 2 is a flow chart of an identity authentication method in EAP authentication provided in an application scenario according to an embodiment of the present invention
  • FIG. 3 is a schematic structural diagram of an EAP Response message in an application scenario according to an embodiment of the present invention
  • FIG. 4 is a schematic structural diagram of an authentication server provided in an embodiment of the present invention
  • FIG. 5 is a schematic structural diagram of a client provided in an embodiment of the present invention. detailed description
  • An embodiment of the present invention provides a method for authenticating an identifier in EAP authentication. As shown in FIG. 1, the method includes:
  • Step sl01 Receive an EAP message sent by the client, and obtain an authentication identifier, a random number, a public key, and signature information of the client carried in the EAP message.
  • Step sl02 Authenticate the authentication identifier and signature information of the client according to the authentication identifier generation algorithm, and the random number and the public key.
  • the embodiment of the present invention provides a specific application scenario, and describes a specific implementation manner of the identity authentication method in the EAP authentication provided by the present invention.
  • the client generates a public key PK and a private key SK corresponding to the RSA public key algorithm, and generates a corresponding authentication identifier by using the PK and the authentication identifier generation algorithm, for example, adopting a one-way hash function SHA. -1 (SHA: Secure Hash Algorithm)
  • ID SHA-1 ( PK )o
  • ID SHA-1 ( PK )o
  • the AAA server acting as the authentication server locally configures the corresponding EAP authentication method to the client according to the authentication identifier ID generated by the client. If the authentication method used by the client A is EAP-MD5, the AAA server is configured to establish a mapping relationship between the ID of the client A and the EAP-MD5 method. For example, the authentication method used by the user B is EAP-TLS. Then, in the configuration, the AAA server establishes a mapping relationship between the ID of the client B and the EAP-TLS method.
  • the identifier authentication method in EAP authentication is as shown in FIG. 2, and includes the following steps:
  • step s201 the Authenticator initiates EAP authentication, and sends an EAP Request/ID to the client A (EAP Peer A).
  • the certifier can be a network access server.
  • the client A generates a random number (Radomn, abbreviated as Ra), and generates signature information according to the private key SK and the RSA signature algorithm.
  • Ra random number
  • Step s203 The client A returns an EAP Response/ID (EAP Response) message, where the message carries the authentication identifier ID of the client A, the random number Ra, the public key PK, and the signature information.
  • EAP Response EAP Response
  • the client ⁇ adds the pre-generated authentication identifier to the ID-A in the EAP Response/ID sent, and adds its own public key PK-A in the EAP Response/ID message in addition to the response ID information.
  • a usable form of the modified EAP Response/ID message format may be as shown in FIG.
  • Step s204 The authentication process of the EAP authentication identifier.
  • PK SHA-1
  • an attacker cannot attack the forged authentication identifier.
  • the attacker can steal the authentication ID and the public key PK of the client's plaintext transmission, the attacker cannot derive the private key through the public key, and the corresponding signature information cannot be forged.
  • the attacker cannot obtain the same ID through another public key. Since the ID is calculated by the public key PK through the one-way function SHA-1, the attacker cannot obtain the same ID through another PK.
  • an authentication server for example, an AAA server
  • the value of the number Ra is not the same as the value of each random number recorded, and the authentication process of the EAP authentication identifier is performed; if the received EAP message carries If the value of the number Ra of the machine overlaps with the value of each of the recorded random numbers, the EAP message is rejected.
  • the binding technology of the public key and the EAP authentication identifier is used to prevent the authentication identifier from being stolen, and the attacker is completely prevented from stealing other user authentication identifiers, and the existing correlation is
  • ID EAP authentication identifier
  • the technology does not solve this problem; in addition, it supports different EAP authentication methods, and does not need to modify the existing EAP authentication protocol, which is a general solution.
  • An embodiment of the present invention provides an EAP authentication system, including:
  • the client is configured to send an EAP message to the authentication server, where the EAP message carries the authentication identifier, the random number, the public key, and the signature information of the client.
  • the authentication server is configured to receive an EAP message sent by the client, obtain an authentication identifier, a random number, a public key, and a signature information of the client carried in the EAP message, and perform authentication on the client according to the authentication identifier generation algorithm, and the random number and the public key. Identification and signature information for authentication.
  • the authentication server provided by the embodiment of the present invention is configured as shown in FIG. 4, and includes: an obtaining unit 10, configured to receive an EAP message sent by a client, and obtain an authentication identifier, a random number, and a publicity of the client carried in the EAP message. Key and signature information;
  • the authentication unit 20 is configured to authenticate the authentication identifier and the signature information of the client according to the authentication identifier generation algorithm, and the random number and the public key.
  • the authentication unit 20 is specifically configured to:
  • the authentication identifier is generated according to the authentication identifier generation algorithm and the public key.
  • the generated authentication identifier is the same as the authentication identifier carried in the EAP message sent by the client, the authentication of the client's authentication identifier is successful and the next step is performed, otherwise the authentication fails;
  • the public key and the random number of the client are checked whether the signature information carried in the EAP message sent by the client is correct. If the authentication is correct, the authentication and signature information of the client is authenticated. Otherwise, the authentication fails.
  • the authentication server may further include: a configuration unit 30, configured to store an EAP authentication method corresponding to each client authentication identifier, and provide the authentication method to the authentication unit 20.
  • the authentication unit 20 is further configured to determine, after the authentication of the authentication identifier and the signature information of the client, the mapping between the authentication identifier of the client and the EAP authentication method, and determine the authentication identifier of the client carried in the EAP message.
  • EAP authentication method EAP for the client Certification.
  • the authentication unit 20 is further configured to record each random number that occurs within the set time length, and confirm the received EAP before authenticating the authentication identifier and the signature information of the client.
  • the value of the random number carried in the message does not overlap with the value of each random number recorded.
  • the client provided by the embodiment of the present invention has a structure as shown in FIG. 5, and includes:
  • a key generation unit 50 configured to generate a public key and a private key according to an RSA public key algorithm
  • the authentication identifier generating unit 60 is configured to generate an authentication identifier according to the public key and the authentication identifier generating algorithm
  • the signature information generating unit 70 is configured to generate a random number when receiving the EAP authentication request, and generate signature information according to the random number and the private key generated by the key generating unit 50;
  • the EAP message sending unit 80 is configured to send an EAP message to the authentication server, where the EAP message carries the authentication identifier generated by the authentication identifier generating unit 60, the public key generated by the key generating unit 50, and the random number and signature generated by the signature information generating unit 70. information.
  • the binding technology of the public key and the EAP authentication identifier ID is used to prevent the authentication identifier from being stolen, and the attacker is completely prevented from stealing other user authentication identifiers, and the existing correlation is
  • the technology does not solve this problem; in addition, it supports different EAP authentication methods, and does not need to modify the existing EAP authentication protocol, which is a general solution.
  • the present invention can be implemented by hardware, or by software plus necessary general hardware platform.
  • the technical solution of the present invention may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a USB flash drive, a mobile hard disk, etc.), including several The instructions are for causing a computer device (which may be a personal computer, server, or network device, etc.) to perform the methods described in various embodiments of the present invention.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer And Data Communications (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

Les modes de réalisation de la présente invention portent sur un procédé, un système et un dispositif d'authentification d'identité dans l'authentification par protocole d'authentification extensible (EAP). Le procédé consiste à : recevoir un message EAP envoyé par un client, et obtenir l'identité d'authentification, le nombre aléatoire, la clé publique et les informations de signature du client qui sont contenues dans le message EAP; réaliser des authentifications pour l'identité d'authentification et les informations de signature du client selon un algorithme de génération d'identité d'authentification, le nombre aléatoire et la clé publique. Par utilisation des modes de réalisation de la présente invention, le vol de l'identité d'authentification peut être prévenu par utilisation de la technique d'association entre la clé publique et l'identité d'authentification EAP (ID), ce qui évite entièrement que des pirates dérobent ou volent les identités d'authentification d'autres utilisateurs.
PCT/CN2010/079067 2009-11-30 2010-11-24 Procédé, système et dispositif d'authentification d'identité dans l'authentification par protocole d'authentification extensible (eap) WO2011063744A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN 200910238551 CN102082665B (zh) 2009-11-30 2009-11-30 一种eap认证中的标识认证方法、系统和设备
CN200910238551.0 2009-11-30

Publications (1)

Publication Number Publication Date
WO2011063744A1 true WO2011063744A1 (fr) 2011-06-03

Family

ID=44065868

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2010/079067 WO2011063744A1 (fr) 2009-11-30 2010-11-24 Procédé, système et dispositif d'authentification d'identité dans l'authentification par protocole d'authentification extensible (eap)

Country Status (2)

Country Link
CN (1) CN102082665B (fr)
WO (1) WO2011063744A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112235108A (zh) * 2020-11-11 2021-01-15 西安热工研究院有限公司 一种基于802.1x的eap-tls认证系统

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9439067B2 (en) * 2011-09-12 2016-09-06 George Cherian Systems and methods of performing link setup and authentication
CN103124256B (zh) * 2011-11-21 2017-03-29 国民技术股份有限公司 可信密码模块及可信计算方法
CN103607645B (zh) * 2013-11-22 2017-06-23 深圳市九洲电器有限公司 一种机顶盒防盗版方法和机顶盒
CN104660400A (zh) * 2013-11-25 2015-05-27 上海复旦微电子集团股份有限公司 一种rsa模幂运算方法和装置
CN105337736B (zh) 2014-06-30 2018-10-30 华为技术有限公司 全同态消息认证方法、装置及系统
CN107317789B (zh) * 2016-04-27 2020-07-21 华为技术有限公司 密钥分发、认证方法,装置及系统
CN109788480B (zh) * 2017-11-14 2021-01-05 华为技术有限公司 一种通信方法及装置
WO2020041933A1 (fr) * 2018-08-27 2020-03-05 Telefonaktiebolaget Lm Ericsson (Publ) Procédé et dispositifs pour une connexion sécurisée
CN109660543A (zh) * 2018-12-26 2019-04-19 山东浪潮商用系统有限公司 一种消息安全机制的实现方法

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1564626A (zh) * 2004-03-22 2005-01-12 西安电子科技大学 基于漫游密钥交换认证协议的无线局域网安全接入方法
US20060190994A1 (en) * 2005-02-24 2006-08-24 Samsung Electronics Co., Ltd. Method and system for authenticating pay-per-use service using EAP
CN1960257A (zh) * 2006-11-23 2007-05-09 苏盛辉 一种基于超对数难题和双同余定理的数字签名方法
US20070180247A1 (en) * 2005-12-21 2007-08-02 Nortel Networks Limited System and method for providing identity hiding in a shared key authentication protocol
CN101471775A (zh) * 2007-12-28 2009-07-01 三星电子株式会社 Wimax系统中MS与BS的认证方法

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101060405A (zh) * 2006-04-19 2007-10-24 华为技术有限公司 防止重放攻击的方法及系统

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1564626A (zh) * 2004-03-22 2005-01-12 西安电子科技大学 基于漫游密钥交换认证协议的无线局域网安全接入方法
US20060190994A1 (en) * 2005-02-24 2006-08-24 Samsung Electronics Co., Ltd. Method and system for authenticating pay-per-use service using EAP
US20070180247A1 (en) * 2005-12-21 2007-08-02 Nortel Networks Limited System and method for providing identity hiding in a shared key authentication protocol
CN1960257A (zh) * 2006-11-23 2007-05-09 苏盛辉 一种基于超对数难题和双同余定理的数字签名方法
CN101471775A (zh) * 2007-12-28 2009-07-01 三星电子株式会社 Wimax系统中MS与BS的认证方法

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112235108A (zh) * 2020-11-11 2021-01-15 西安热工研究院有限公司 一种基于802.1x的eap-tls认证系统

Also Published As

Publication number Publication date
CN102082665A (zh) 2011-06-01
CN102082665B (zh) 2013-10-23

Similar Documents

Publication Publication Date Title
WO2011063744A1 (fr) Procédé, système et dispositif d'authentification d'identité dans l'authentification par protocole d'authentification extensible (eap)
CA2546553C (fr) Systeme et procede pour la fourniture et l'authentification de reseau
WO2018050081A1 (fr) Procédé et appareil d'authentification d'identité de dispositif, et support de stockage
CN101902476B (zh) 移动p2p用户身份认证方法
JP5688087B2 (ja) 信頼できる認証およびログオンのための方法および装置
ES2687238T3 (es) Método de arquitectura de arranque de seguro basado en autenticación de resumen basada en contraseña
TW200810487A (en) Method and apparatus for binding multiple authentications
US20120102546A1 (en) Method And System For Authenticating Network Device
KR100842267B1 (ko) 다중 인증 수단을 가지는 시스템의 통합 사용자 인증 서버,클라이언트 및 방법
WO2010003335A1 (fr) Procédé, système et dispositif destinés à négocier une association de sécurité (sa) dans un réseau ipv6
Lounis et al. Bad-token: denial of service attacks on WPA3
Wang et al. Analysis and improvements over DoS attacks against IEEE 802.11 i standard
Claeys et al. Securing complex IoT platforms with token based access control and authenticated key establishment
WO2012058896A1 (fr) Procédé et système pour ouverture de session unique
JP2016514913A (ja) セッション鍵を確立する方法および装置
CN110635901A (zh) 用于物联网设备的本地蓝牙动态认证方法和系统
WO2011009268A1 (fr) Système et procédé d'authentification basés sur wapi (infrastructure d'authentification et de confidentialité wlan)
WO2016011588A1 (fr) Entité de gestion de mobilité, serveur domestique, terminal, et système et procédé d'authentification d'identité
CN111314269B (zh) 一种地址自动分配协议安全认证方法及设备
Hussain et al. An improved authentication scheme for digital rights management system
Dey et al. A light-weight authentication scheme based on message digest and location for mobile cloud computing
CN114764492A (zh) 基于区块链的sdp访问控制方法及系统
CN110417722B (zh) 一种业务数据通信方法、通信设备及存储介质
US9038143B2 (en) Method and system for network access control
WO2012000313A1 (fr) Procédé et système de certification de passerelle de rattachement

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10832651

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10832651

Country of ref document: EP

Kind code of ref document: A1