Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Bilinear-group-based cross-domain union authentication method

A bilinear group and authentication method technology, applied in the field of network communication security, can solve the problems of authentication center network bottlenecks, symmetric key management and key negotiation complexity, and inability to defend against authentication centers, etc., to achieve good anonymity and defense Aggression, the effect of good aggressive behavior

Inactive Publication Date: 2011-08-24
BEIJING INSTITUTE OF TECHNOLOGYGY
View PDF2 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

There are two main cross-trust domain authentication frameworks in the existing specific environment: one is the authentication framework based on the symmetric key system (such as Kerberos), this scheme involves the complexity of symmetric key management and key agreement, and cannot be effective anonymity
Second, based on the traditional PKI authentication framework, the certificate processing work of the public key cryptography system is too heavy, especially the certificate status query, certificate path construction, and certificate transfer all bring overhead. network bottleneck
In addition, a new identity-based multi-trust domain authentication model is proposed in an authentication protocol literature. Due to the limitations of the authentication center, it cannot defend against the behavior of the authentication center pretending to be a member of the domain
The internal resource access authentication problem of the same domain can be realized by adopting the signcryption scheme based on the identity signature. Since it is limited to the scope of a domain, it has been extended in the relevant literature of the identity-based multi-trust domain grid authentication model. To achieve authentication between domains, the premise of this scheme is to assume that the PKG of all parties is honest, because the PKG has the private key of the internal members of the domain. If the PKG is malicious, the authenticity of the user's identity and the confidentiality of the private key sex is not guaranteed

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Bilinear-group-based cross-domain union authentication method
  • Bilinear-group-based cross-domain union authentication method
  • Bilinear-group-based cross-domain union authentication method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0082] The preferred embodiments of the present invention will be specifically described below in conjunction with the accompanying drawings.

[0083] In this embodiment, the system is composed of multiple domains, and each domain is independent and autonomous, such as figure 1 shown. Each domain is composed of an authentication center and multiple internal members of the domain. The authentication center is like a traditional CA or PKG. The respective internal members are resource owners and visitors. During collaborative computing, the internal members of each domain need cross-domain access resource. Each certification center selects one of multiple heterogeneous cyclic groups, and uses this cyclic group to design its own key parameters, distributes and manages the keys in its domain, and at the same time discloses the public key of the certification center in this domain, so that mutual Inter-access and authentication. When members join the domain, real identity reg...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a bilinear-group-based cross-domain union authentication method, which comprises the following steps of: 1, the initialization of a system, namely, randomly selecting different mutually isomorphic subgroups Gk as key generating parameters of corresponding domains by using each domain, wherein k is more than or equal to 1 and less than or equal to R; 2, the generation of keys of each domain, constructing an authentication center private key / public key pair by mapping the generating parameters and a Hash function; 3, the key distribution of a domain authentication center (DAC) to members in the domains; and 4, cross-domain key verification, namely, the member UD1 in the union domain D1 is supposed to be required to access the member UD2 in the union domain D2, performing the cross-domain key verification between UD1 and UD2, and if the UD1 and UD2 pass the cross-domain key verification, determining that UD1 is an internal member with the union domain public key of PD1 so as to achieve the authentication effect of crossing a plurality of domains. By the method, multi-domain resource sharing is realized, simultaneously, the security and entity anonymous properties of resources of each domain can be ensured, the bidirectional entity anonymous authentication of resource access among the plurality of domains is supported, and the privacy of each entity is relatively better protected; and the method is relatively more flexible, secure and practicable.

Description

technical field [0001] The invention relates to a network security authentication method, in particular to a bilinear group-based cross-domain alliance authentication method, which belongs to the field of network communication security. Background technique [0002] Multi-Domain Union (MDU) occurs in large networks where services and access points are distributed across multiple domains. In a distributed network environment, companies and institutions have their own shared resources. In order to prevent unauthorized users from accessing these shared resources, each institution sets up local authentication service devices to provide authentication services. Therefore, each organization forms a relatively independent trust domain. Internal users in each domain trust the local authentication center, and the authentication center in each domain provides convenient authentication services for local users to access shared resources. However, in the case of a large number of servi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L9/32H04L9/08
Inventor 郑军张启坤谭毓安徐祥广
Owner BEIJING INSTITUTE OF TECHNOLOGYGY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com