Two-factor authentication method based on portable TPM (PTPM) and certificateless public key signature for cloud

An authentication method and a certificate-free technology, applied in the field of cloud computing applications, which can solve the problems of complex user operation process, leakage of user privacy, and extension of untrusted path connections, and achieve the effect of improving computing efficiency and ensuring security.

Inactive Publication Date: 2018-02-23
SHENYANG NORMAL UNIV
View PDF4 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This is because if the terminal device used by the user has malware, the attacker can deceive the user by tampering with the authentication result, that is, the trusted path connection cannot be safely extended from the terminal device to the user.
In addition, users in the cloud environment can use any terminal

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Two-factor authentication method based on portable TPM (PTPM) and certificateless public key signature for cloud
  • Two-factor authentication method based on portable TPM (PTPM) and certificateless public key signature for cloud
  • Two-factor authentication method based on portable TPM (PTPM) and certificateless public key signature for cloud

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0046] like figure 2 As shown, the user holds the PTPM hardware module, and the cloud authentication node server embeds the TPM security chip. The two-way authentication process between the user and the cloud includes figure 2 There are two stages of user registration shown in (a) and login authentication shown in Figure 2(b).

[0047] During the registration phase, user u i First enter the password pw i and ID i and other information, and then use PTPM to calculate the registration request information Reg req ;The authentication node server receives the user's registration request information Reg req After, first according to the identity ID i query user u i is registered, then enter KGC and u i 's public key and use the TPM calculation to verify that the i and ID i Check whether the signature value generated by the information is correct, and after verification is correct, the authentication node server stores the user u i registration information, and send the ...

Embodiment 2

[0051] (1) System establishment

[0052] Given a security parameter K, select a large prime p with a length of K bits, assuming G 1 and G 2 are all multiplicative cyclic groups of order p, where g is G 1 generator of . bilinear map e:GG 1 ×→ 1 G 2 , select the collision-resistant hash function H 1 , H 2 , H 1 :{0, 1} * →G 1 , H 2 :{0, 1} * →G 1 ;The system exposes the global parameter params as (G 1 , G 2 , e, p, g, H 1 , H 2 );

[0053] (2) Identity ID generation

[0054] The hierarchical ID tree structure proposed by the present invention defines the identity ID values ​​of roles such as users and cloud servers in the cloud environment. The whole hierarchical structure consists of two layers. The root node is KGC, that is, the third-party key generation center that generates partial private keys of users; the leaf nodes represent end users registered in the cloud and the cloud authentication node server. Obviously, all nodes in the hierarchical ID tree st...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a scheme for implementing two-way identity authentication between a user and cloud by applying a portable TPM (PTPM) and certificateless public key cryptography to a cloud environment, aiming at solving the security problems and deficiencies existing in identity authentication between the user and the cloud in a current cloud environment in a cloud computing mode. Comparedwith existing schemes, a new scheme has the following advantages: on the basis of realizing the uniqueness of user and cloud identities through the establishment of an identity management mechanism, firstly, the PTPM is adopted to ensure the security and credibility of a terminal platform and ensure the authenticity and correctness of authentication results between the cloud and the user, and moreover, the user is supported to use any terminal equipment to complete an identity authentication process with the cloud; secondly, the new scheme implements a 'password + key' two-factor authentication process based on a certificateless public key signature algorithm; and finally, the proposed scheme can significantly improve the computing efficiency of identity authentication between the user andthe cloud while ensuring the security of EUF-CMA.

Description

technical field [0001] The invention belongs to the technical field of cloud computing applications, and in particular relates to a cloud-based two-factor authentication method based on PTPM and certificateless public key signature. Background technique [0002] Cloud computing is an emerging service model that provides resources such as storage and computing based on the Internet. With the help of cloud services, enterprises, organizations and individual users can easily and quickly perform operations such as massive data computing and data storage and sharing. However, cloud service providers (CSPs) first need to authenticate the identities of enterprises, organizations and individual users who use cloud services to determine their correctness and legitimacy. Otherwise, users who have not applied for registration or purchased cloud services can use cloud services, which, on the one hand, will bring huge service response burdens and serious economic losses to CSPs. Loss o...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/32H04L9/30H04L9/08H04L29/06
CPCH04L9/0861H04L9/0877H04L9/30H04L9/3226H04L9/3247H04L63/083H04L63/0869
Inventor 夏辉刘澍赵志刚王晨
Owner SHENYANG NORMAL UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap