Bidirectional identification method and system

A two-way authentication and authenticator technology, which is applied in the field of certificateless two-way authentication methods and systems based on bilinear pairing, and can solve the problems of public key authentication management difficulties and inability to protect user identities.

Inactive Publication Date: 2008-02-06
XIDIAN UNIV +1
View PDF0 Cites 109 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0021] In order to solve the problems of difficult public key authentication management and inability to protect user identities in the prior art, the present invention provides a two-way authentication method and system

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Bidirectional identification method and system
  • Bidirectional identification method and system
  • Bidirectional identification method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0110] In order to describe the solution in more detail, below we give a specific example that can be used in 802.11i. This example can be used as a new EAP authentication method. The specific description is as follows:

[0111] 1. The applicant sends a "Supplicant Hello (request session)" message to initiate a session connection. The message contains the protocol version number and the random number N S , session ID, and cipher suite. Cipher suites are some cipher options supported by the applicant. Among them, the key exchange method consists of DH and public key encryption exchange. In the proposed technical solution, it is recommended to use DH exchange as the preferred key exchange method, because of the security of this scheme. better.

[0112] 2. The authentication server responds with an "Authentication Server Hello (request received)" message, makes a choice from the cipher suites supported by the applicant and informs the applicant. After the Hello message, the ser...

Embodiment 2

[0118] Referring to Fig. 4, based on the technical solution provided by the present invention and the concrete example in 802.11i, a mobile equipment preparing to access current WLAN or WMN will carry out the establishment process of following RSNA:

[0119] Phase 1: Network Discovery Phase

[0120] At this stage, the applicant has two ways to discover the network access device (Authenticator, authenticator) and its security capabilities. One is passive scanning: the authenticator periodically broadcasts beacon frames (Beacon frames); the other is active scanning: the applicant sends a probe (Probe Request) to each channel, and the other party uses a probe response frame (Probe Response) to perform answer.

[0121] Phase 2: 802.11 Open Systems Authentication and Association Phase

[0122] At this stage, 802.11 open system authentication (802.11 Authentication Request, 802.11 Authentication Response) is performed between the applicant and the authenticator, and the cipher opt...

Embodiment 3

[0144] In order to describe the present invention in more detail, a specific example that can be used in 802.11i is also given, and this example can be used as a new EAP authentication method.

[0145] The specific description is as follows:

[0146] 1. The applicant sends a "session request" message to initiate a session connection, and the message includes the protocol version number, random number, session ID and cipher suite.

[0147] 2. The server replies with a "request received" message, chooses from the cipher suites supported by the applicant and informs the applicant. After the Hello message, the server sends its own identity ID AS . Finally the server sends "session complete" to indicate the end of the Hello message exchange.

[0148] 3. The applicant first selects the shared key MSK between the two parties, and uses it to encrypt his own identity to achieve identity protection. At the same time, use the public key of AS to encrypt ENC=MKh 2 (e(Y AS , P pub ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention provides a bi-direction authentication method and system which belongs to the field of network communication. The present invention aims at solving the problems that certificate management in present private key authority technology is complex and the certificate management can not protect the identity of the users. The present invention provides a bi-direction authority method. The present invention includes the procedures of the system initialization and generating system parameters, an applicant initializing a dialogue request to establish connection with an authorization server, the applicant and the authorization server mutually check identity and generate a pair of main key which is used for the four-procedure-hand-shaking. The present invention also provides a bi-direction authorization system. The system includes a parameter initialization module, an establishing dialogue connecting module, a server identity verification module and an applicant identify verification. Applications of the technical proposal of the present invention can reduce the establishing and maintenance cost of the system, to enhance the running efficiency of the system, and to realize the target of protecting applicants.

Description

technical field [0001] The invention relates to the field of computer network communication, in particular to a bidirectional authentication method and system without certificates based on bilinear pairing. Background technique [0002] Wireless local area network (Wireless local-area network, WLAN) has attracted more and more attention due to its free frequency band, flexible networking, no terrain restrictions, and easy migration. At the same time, a new network structure based on WLAN technology - Wireless Mesh Networks (WMN) has also entered people's field of vision. The WMN overcomes the problem of limited coverage of an access point (Accss Point, AP) in a WLAN, and can provide wireless coverage in a relatively large area. With the rapid development of wireless network communication, security issues have become increasingly prominent. Since data in a wireless network is transmitted via radio frequency radio, it is easy for malicious attackers to eavesdrop. Compared w...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/32
Inventor 曹春杰马建峰姚忠辉裴庆祺王巍杨超王良民
Owner XIDIAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap