Bidirectional authentication method, system and network terminal

A network terminal and two-way authentication technology, applied in the field of network information security, can solve problems such as certificate management complexity and occupation, and achieve the effect of avoiding additional calculations

Inactive Publication Date: 2008-05-14
SHANGHAI JIAO TONG UNIV +1
View PDF0 Cites 54 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] Mutual authentication and key agreement between communication parties are the basis of a trusted Internet. Since the existing TPM modules are all authenticated by the PKI (Public Key Infrastructure, public key system) cryptographic system, additional digital certificates are required. Bind the public key of the platform with the identity of the platform (such as number, etc.), so that in the process of verifying the platform, the certificate needs to be verified additionally, and the transmission of the certificate also needs to occupy additional network bandwidth. Management is also very complicated, requiring network support for PKI

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Bidirectional authentication method, system and network terminal
  • Bidirectional authentication method, system and network terminal
  • Bidirectional authentication method, system and network terminal

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 2

[0067] Referring to FIG. 2, an embodiment of the present invention provides a two-way authentication system, including: a network key distributor, a first network terminal, and a second network terminal, wherein,

[0068] The network key distributor is used to generate system parameters and group keys, and generate the private key of the network terminal according to the network terminal identification;

[0069] The first network terminal is used to generate the public key of the network terminal according to the network terminal identifier; it is also used to generate the second verification parameter according to the public key of the second network terminal and the private key of the first network terminal, and according to the first verification parameter and the second verification parameter The second verification parameter verifies the second network terminal; generates a third verification parameter according to the public key of the second network terminal and the priv...

Embodiment 3

[0072] Referring to FIG. 3 , an embodiment of the present invention provides a network terminal, including: a public-private key generation module, an authentication request sending module, and a first authentication module, wherein,

[0073] A public-private key generating module, configured to generate a public key and a private key of the network terminal according to the network terminal identifier;

[0074] An authentication request sending module, configured to send an authentication request to a peer network terminal;

[0075] The first authentication module is configured to generate a second verification parameter according to the public key of the peer network terminal and the private key of the local network terminal, and verify the peer network terminal according to the first verification parameter and the second verification parameter sent by the peer network terminal. Perform verification; generate a third verification parameter according to the public key of the ...

Embodiment 4

[0082] Referring to FIG. 4 , an embodiment of the present invention provides a network terminal, including: a public-private key generation module, an authentication response sending module, and a second authentication module, wherein,

[0083] A public-private key generating module, configured to generate a public key and a private key of the network terminal according to the network terminal identifier;

[0084] An authentication response sending module, configured to generate a first verification parameter according to the public key of the peer network terminal and the private key of the local network terminal, and return an authentication response including the first verification parameter to the peer network terminal;

[0085] The second authentication module is configured to generate a fourth verification parameter according to the public key of the peer network terminal and the private key of the local network terminal, and verify the peer network terminal according to ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention discloses a bidirectional authentication method, a system, and a network device, and relates to network information security. The method may include: a network device generates an inspection parameter according to a public key of the peer network device and a private key of the network device, the public key and the private key of the network device being generated according to an identifier of the network device; and the network device performs reciprocal authentication according to the inspection parameter generated by the network device and an inspection parameter sent by the peer network device. A system and a network device for bidirectional authentication are also provided herein. As such, extra calculation caused by certificate authentication is cut down, the system is more secure and reliable, and the key management is simplified.

Description

technical field [0001] The invention relates to the field of network information security, in particular to a two-way authentication method, system and network terminal. Background technique [0002] For designers and developers of most systems and application networks, security issues are always a critical and challenging issue. Regardless of whether it is an ordinary PC system or an enterprise gateway system, various attacks and unauthorized access can easily lead to loss of key data and cause immeasurable losses. [0003] On April 8, 2003, the Trusted Computing Group (TCG, Trusted Computing Group) was established. As a standardization organization accepted by the industry, TCG has designed the basic building blocks of trusted hardware on hardware, and developed trusted software on software to resist various virtual or physical attacks. Now, products that implement these standards can be easily applied to embedded designs. [0004] Trusted Platform Module (TPM, Platform...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/30H04L9/32H04L29/06
CPCH04L63/0869H04L9/0833H04L9/0844H04L9/3073
Inventor 曹珍富董晓蕾陆荣幸柴震川位继伟
Owner SHANGHAI JIAO TONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap