Quantum security-based rapid secondary identity authentication method and system

An identity authentication and security technology, which is applied in the field of fast secondary identity authentication methods and systems, can solve the problems of leakage of user identity information, easy leakage of user identity information, vulnerability to dictionary or offline dictionary attacks, etc., to ensure confidentiality sexual effect

Pending Publication Date: 2022-04-22
SHANDONG INST OF QUANTUM SCI & TECH +1
View PDF0 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, according to the inventor's understanding, the EAP authentication protocol based on passwords is generally transmitted in plain text, and there is a risk of leakage of user identity information, which is vulnerable to dictionary or offline dictionary attacks; At the same time, a security certificate is installed. All messages before the certificate exchange are transmitted in plain text. The user's identity information is easily leaked and vulnerable to dictionary or offline dictionary attacks; the authentication protocol based on the SIM card needs to first provide its own identity information to the server. The user's identity information is sent in clear text, and there is a risk of user identity information leakage

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Quantum security-based rapid secondary identity authentication method and system
  • Quantum security-based rapid secondary identity authentication method and system
  • Quantum security-based rapid secondary identity authentication method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0104] A secondary identity authentication method, such as Figure 4 shown, including the following steps:

[0105] Pre-order steps: UE (user equipment) and AAA (authentication server) already have a shared key K; the quantum random number generator (QRNG) on the AAA server side generates a random number R1, and the AAA server generates a serial number N1; UE The quantum random number generator at the end generates a random number R2, and the UE generates a sequence number N2.

[0106] It should be noted that the distribution and delivery of the shared key K can be realized with the help of quantum security service platform and quantum key mobile medium, and the shared key K can be generated by the QKD process or QRNG stored in the quantum security service platform Quantum key (or random number key), the quantum key can be stored in the quantum key mobile medium, so as to realize the offline distribution of the shared key K through the quantum key mobile medium.

[0107] In ...

Embodiment 2

[0152] The difference between this embodiment and Embodiment 1 is that there is only symmetric encryption operation and no hash operation in the authentication process. Although the integrity of the message is not as good as that of Embodiment 1, it does not affect the realization of two-way identity authentication between UE and AAA. higher efficiency. Of course, since no hash function is used, m2, m4, and m5 need to be encrypted for transmission in the authentication process of this embodiment.

[0153] A secondary identity authentication method, such as Figure 5 shown, including the following steps:

[0154] Preparatory work (this step may not be included in some embodiments):

[0155] UE (user equipment) and AAA (authentication server) already have a shared key K; the quantum random number generator on the AAA server side generates a random number R1, and the AAA server generates a serial number N1; the quantum random number generator on the UE side generates A random ...

Embodiment 3

[0193] A fast secondary identity authentication system based on quantum security is characterized in that it includes a server end and a user end, wherein:

[0194] The server end is configured to generate a first message based on a locally generated random number and serial number, and generate a second message based on the generated random number and identity information; encrypt the first message and the second message, Obtain the first ciphertext, and send a message including the first ciphertext and the serial number;

[0195] Receive a message from the client that includes the updated local serial number, the client serial number, and the second ciphertext; verify whether the updated local serial number in the message is reasonable, and if it is reasonable, continue execution; otherwise, send an authentication error message , end the authentication process; decrypt the second ciphertext to obtain the decrypted information, extract the fourth message from it, extract the ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a rapid secondary identity authentication method and system based on quantum security, which can realize lightweight rapid authentication, bidirectional authentication, hiding of identity information of both authentication parties and multiple authentication by using the security of a quantum cryptography technology and the advantages of a quantum communication network in key distribution, and can realize the security of the quantum cryptography technology and the quantum communication network in key distribution. Information is protected, confidentiality, integrity, forward security and secret key true randomness are achieved, and attack means such as man-in-the-middle attack, fake identity attack and replay attack can be resisted.

Description

technical field [0001] The invention belongs to the technical field of quantum communication security, and in particular relates to a fast secondary identity authentication method and system based on quantum security. Background technique [0002] The statements in this section merely provide background information related to the present invention and do not necessarily constitute prior art. [0003] Mobile communication technology supports two authentication processes, primary authentication and secondary authentication, for enterprise / industry users when accessing the network. [0004] The one-time authentication is also called the main authentication, which is the one-time authentication for the user's network access by the network when the user accesses the communication network. Before accessing the data service network, the user terminal first needs to complete the main authentication with UDM (Unified Data Management) and AUSF (Authentication Server Function). [00...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/45G06F21/60G06F21/73G06N10/20
CPCG06F21/45G06F21/602G06F21/73G06N10/00
Inventor 马春利黄强赵勇李亚麟
Owner SHANDONG INST OF QUANTUM SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap