Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method, system, equipment and server for packet authentication

A technology for authenticating messages and registering servers, applied in transmission systems, public keys for secure communications, user identity/authority verification, etc. It can solve the problem of not being able to prevent P2P overlay network attacks, not considering the problem of terminal identification invalidation, invalid passwords, etc. It can prevent the attack of sending malicious packets to the network, reduce the process of message interaction, and reduce the management effect.

Inactive Publication Date: 2009-03-04
HUAWEI TECH CO LTD
View PDF0 Cites 27 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0027] In the process of implementing the present invention, the inventor found that this CPK-based communication connection security authentication technology only authenticates the terminal itself, and considers that the authenticated terminal is always valid, without considering the invalidation of the terminal identification, for example: when the user's If the password is stolen and the user resets a new password, the original password will be invalid; or if the user has not paid for a period of time, the user has no right to use the system according to the rules, etc.
However, the above-mentioned technologies cannot prevent attacks on the P2P overlay network from invalid terminals or false terminals sending malicious packets.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, system, equipment and server for packet authentication
  • Method, system, equipment and server for packet authentication
  • Method, system, equipment and server for packet authentication

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0054] This embodiment provides a method for authenticating a message, including:

[0055] Request the node to add the pre-acquired node ID and validity period to the message, sign the added message with the private key, and send the added message, which carries the message signature;

[0056] After receiving the message, the terminal node judges that the validity period in the message is legal, calculates the public key of the requesting node according to the node ID and validity period, and uses the public key to verify whether the signature is correct. If it is correct, the message passes the authentication.

[0057] The validity period refers to the effective use time of the key (public key and private key) corresponding to each node ID. For example, the usage time of the public key and private key with node ID 123 is specified as 1 year, and it needs to be regenerated after one year New public key and private key, which ensures that the public key and private key of each ...

Embodiment 2

[0082] see figure 2 , this embodiment provides a system for authenticating messages, including:

[0083] The requesting node device 201 is used to add the pre-acquired node identification and validity period to the message, sign the added message with a private key, and send the signed message;

[0084] The terminal node device 202 is configured to receive the message sent by the requesting node device 201, determine whether the validity period in the message is legal, calculate the public key of the requesting node device 201 according to the node identifier and the validity period, and use the public key to verify whether the signature is correct, If correct, the message is authenticated.

[0085] Wherein, the requesting node device 201 also includes:

[0086] The registration module is used to send the registration request and receive the registration response information;

[0087] Accordingly, the system also includes:

[0088] The registration server 203 is used to r...

Embodiment 3

[0094] see image 3 , the present embodiment provides a device, comprising:

[0095] Valid period judging module 301, after receiving message, judges whether the valid period in the message is legal;

[0096]The public key calculation module 302 is used to calculate the public key of the requesting node according to the node identification and the validity period in the message after the valid period judging module 301 determines that the valid period is legal;

[0097] The signature verification module 303 is configured to use the public key calculated by the public key calculation module 302 to verify whether the signature in the message is correct, and if it is correct, the message passes the authentication.

[0098] The equipment includes:

[0099] The node identification judging unit is used to judge whether the node identification in the message is in the blacklist, if yes, the message authentication fails, otherwise, notify the public key calculation module 302 to cal...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method, a system, equipment and a server of an authentication message, belonging to the communication field. The method comprises the steps: a solicited-node adds a node identifier and a valid period obtained in advance in a message, then a private key is used for signing on the message after adding and sending the message after filling; and after receiving the message, a terminal node judges whether the valid period is valid or not, a public key of the solicited-node is calculated according to the node identifier and the valid period, and after that, the public key is used for judging whether the verified signature is correct or not, if so, the message passes authentication. The system comprises solicited-node equipment and terminal node equipment. The server comprises a node identifier and valid period generation module, a private key acquisition module and a registered response message transmitting module. The invention calculates the verified message signature of the public key by the node identifier and the valid period, thus simplifying the process of authenticating the message and avoiding the attack to the network by a malicious message.

Description

technical field [0001] The invention relates to the communication field, in particular to a method, system, device and server for authenticating message. Background technique [0002] P2P (Peer to Peer, point-to-point) is a distributed network, network participants share a part of the hardware resources, such as: processing power, storage capacity, network connection capacity or printers, etc., the shared resources need to be shared by The network provides services and content, which can be directly accessed by other peer nodes (Peer), and other nodes do not need to go through intermediate entities when accessing. Each node in the P2P network is not only a provider of resources (services and contents)—Server Server, but also a acquirer of resources (services and contents)—Client. The P2P network breaks the traditional Client / Server (C / S) mode, and the status of each node in the network is equal. [0003] While the distributed structure adopted by the P2P network provides s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/32H04L9/30H04L29/06
Inventor 江兴烽李峰
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com