A terminal device dual authentication method and system

The dual authentication method for terminal devices using zero-knowledge proof and SM4 symmetric key encryption solves the authentication problem for resource-constrained devices, achieves fast and secure identity authentication, and improves the communication security of IoT devices.

CN116865976BActive Publication Date: 2026-07-07SHANDONG INSPUR SCI RES INST CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
SHANDONG INSPUR SCI RES INST CO LTD
Filing Date
2023-06-30
Publication Date
2026-07-07

Smart Images

  • Figure CN116865976B_ABST
    Figure CN116865976B_ABST
Patent Text Reader

Abstract

The application relates to the technical field of cryptography, and particularly provides a terminal device double authentication method and system, which has the following steps: S1, a factory stage; S2, an initialization stage; S3, an authentication stage; and S4, an ending stage. Compared with the prior art, the zero-knowledge nature of the zero-knowledge proof is used to make the terminal device calculate a corresponding symmetric key, and the resource-restricted device end only needs to verify the proof to judge whether the authentication is successful, thereby avoiding a large amount of public key cryptography operation when the resource-restricted device performs identity authentication.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the field of cryptography technology, specifically providing a method and system for dual authentication of terminal devices. Background Technology

[0002] Terminal device authentication is an access control mechanism that allows terminal devices to communicate with each other before they can do so. It determines whether the symmetric keys between devices are aligned and whether the device information IDs are consistent, preventing unauthorized devices from impersonating other legitimate devices to obtain a series of related permissions and ensuring the security of communication and data transmission between devices.

[0003] Currently, the rapid development of the Internet of Things (IoT) has led to the emergence of numerous resource-constrained devices with limited computing power and storage space, such as various sensors. In the IoT, these devices are numerous and at the forefront of acquiring data resources, making their data security a significant concern. However, these resource-constrained devices cannot perform public-key cryptography to protect their communication security, and therefore generally choose symmetric algorithms for encryption. Since authentication systems mostly use public-key algorithms, a fast and secure solution is needed for authenticating resource-constrained devices using symmetric keys.

[0004] Zero-knowledge proofs, a branch of privacy-preserving computing, were first proposed by Goldwasser in the 1980s. A prover can convince a verifier that a statement is true without providing the verifier with any useful information. Essentially, a zero-knowledge proof is a protocol involving two or more parties, outlining the series of steps required for them to complete a task.

[0005] The zero-knowledge nature of zero-knowledge proof technology makes it widely applicable. For example, in blockchain, zero-knowledge proof can be used as a tool in blockchain privacy protection protocols to prove knowledge that the parties do not want to disclose. In terms of identity authentication, it can prove that I have the private key corresponding to the public key without revealing the private key, thereby completing identity authentication.

[0006] How to leverage the zero-knowledge nature of zero-knowledge proofs to effectively address the authentication problem of resource-constrained devices is a problem that urgently needs to be solved by those skilled in the art. Summary of the Invention

[0007] This invention addresses the shortcomings of the prior art by providing a highly practical dual authentication method for terminal devices.

[0008] A further technical objective of this invention is to provide a reasonably designed, secure, and applicable dual authentication system for terminal devices.

[0009] The technical solution adopted by this invention to solve its technical problem is:

[0010] A two-factor authentication method for terminal devices includes the following steps:

[0011] S1, Factory delivery stage;

[0012] S2, Initialization phase;

[0013] S3, Certification Phase;

[0014] S4, End Phase.

[0015] Furthermore, in step S1, when device B is on the production line, it submits its device ID number to the key distribution system and obtains the symmetric key k corresponding to the ID as a preset key to be filled into device B, thereby completing the key filling process on the production line.

[0016] Furthermore, in step S2, device B initiates a pairing request to terminal device A and submits its device ID;

[0017] Terminal device A receives a pairing request and device ID of device B, requests a symmetric key k for that ID from the key distribution system, and stores it in its local machine.

[0018] Furthermore, in step S3, device A uses the issued symmetric key k to encrypt the device ID of device B using SM4, resulting in c = SM4Enc(ID), and the initial vector IV is all 0 by default;

[0019] Device A computes a non-interactive zero-knowledge proof p = NIZP(k) for the symmetric key k, and then sends the ciphertext c and the proof p to device B.

[0020] Furthermore, device B uses the symmetric key k to decrypt c to obtain m = SM4Dec(c), and determines whether m is equal to ID. If it is equal to ID, device B verifies the proof p. If the verification is successful, device B updates the authentication status to 1; otherwise, it updates the authentication status to 0.

[0021] If m is not equal to ID, then device B updates the authentication status to 0 and proceeds to step S4.

[0022] Furthermore, in step S4, device B encrypts the authentication success or failure result, i.e. the authentication status, using the symmetric key k with SM4 and sends the ciphertext to device A;

[0023] After device A decrypts the data, it obtains the authentication result. If the result is 0 or 1, it performs SM4 encryption on the obtained result identifier 1 and returns it to device B. Otherwise, it performs SM4 encryption on the identifier 0 and returns it to device B.

[0024] Furthermore, after device B decrypts the data, it learns the status of terminal device A. If the status is 0, it re-enters step S4.

[0025] If the value is 1, the communication ends here.

[0026] A dual authentication system for terminal devices includes a resource-constrained device end, a terminal device end, and a key distribution end;

[0027] The resource-constrained device is used to obtain the symmetric key with the corresponding ID from the key distribution system during the manufacturing stage and fill it into the device;

[0028] During the authentication phase, the encrypted text is decrypted and the proof is verified. If both pass, the pairing authentication is successful. The authentication result is returned to the terminal device in SM4 encryption. The final status result returned by the terminal device is decrypted.

[0029] The terminal device is used to accept pairing requests during the initialization phase, request the symmetric key of the ID to be paired from the key distribution system and store it in the local machine, calculate the ciphertext of the ID and non-interactive zero-knowledge proof during the authentication phase, decrypt the authentication result from the resource-constrained device, and encrypt its own state and send it to the resource-constrained device.

[0030] The key distribution system is used to issue a symmetric key with a corresponding ID to a resource-constrained device when it leaves the factory, and to issue a symmetric key with a matching ID to a terminal device during initialization.

[0031] Compared with the prior art, the dual authentication method and system for terminal devices of the present invention have the following outstanding advantages:

[0032] This invention utilizes the zero-knowledge property of zero-knowledge proofs to enable terminal devices to calculate that they possess the corresponding symmetric key, while resource-constrained devices only need to verify the proof to determine whether the authentication is successful, thus avoiding a large amount of public-key cryptographic computation when resource-constrained devices perform identity authentication. Attached Figure Description

[0033] To more clearly illustrate the technical solutions in the embodiments of the present invention or the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below. Obviously, the drawings described below are some embodiments of the present invention. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.

[0034] Appendix Figure 1 This is a flowchart illustrating a two-factor authentication method for terminal devices;

[0035] Appendix Figure 2 This is a schematic diagram of a dual authentication system for terminal devices. Detailed Implementation

[0036] To enable those skilled in the art to better understand the present invention, the present invention will be further described in detail below with reference to specific embodiments. Obviously, the described embodiments are merely some embodiments of the present invention, and not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of the present invention.

[0037] The following is a preferred embodiment:

[0038] like Figure 1 As shown, this embodiment of a terminal device dual authentication method includes the following steps:

[0039] S1, Factory delivery stage;

[0040] When device B is on the production line, it submits its device ID number to the key distribution system and obtains the corresponding symmetric key k as a preset key, which is then loaded into device B, thus completing the key loading process on the production line.

[0041] S2, Initialization phase;

[0042] Device B initiates a pairing request to terminal device A and submits its device ID;

[0043] Terminal device A receives a pairing request and device ID of device B, requests a symmetric key k for that ID from the key distribution system, and stores it in its local machine.

[0044] S3, Certification Phase;

[0045] Device A uses the issued symmetric key k to encrypt the device ID of device B using SM4, resulting in c = SM4Enc(ID). The initialization vector IV is set to all zeros by default.

[0046] Device A computes a non-interactive zero-knowledge proof p = NIZP(k) for the symmetric key k, and then sends the ciphertext c and the proof p to device B.

[0047] Furthermore, device B uses the symmetric key k to decrypt c to obtain m = SM4Dec(c), and determines whether m is equal to ID. If it is equal to ID, device B verifies the proof p. If the verification is successful, device B updates the authentication status to 1; otherwise, it updates the authentication status to 0.

[0048] If m is not equal to ID, then device B updates the authentication status to 0 and proceeds to step S4.

[0049] S4, End Phase;

[0050] Device B will encrypt the authentication result (success or failure), i.e. the authentication status, using symmetric key k in SM4 and send the ciphertext to device A.

[0051] After device A decrypts the data, it obtains the authentication result. If the result is 0 or 1, it performs SM4 encryption on the obtained result identifier 1 and returns it to device B. Otherwise, it performs SM4 encryption on the identifier 0 and returns it to device B.

[0052] After device B decrypts the data, it learns the status of terminal device A. If the status is 0, it re-enters step S4.

[0053] If the value is 1, the communication ends here.

[0054] like Figure 2 As shown, a terminal device dual authentication system in this embodiment includes a resource-constrained device end, a terminal device end, and a key distribution end;

[0055] Resource-constrained devices are used to obtain the symmetric key with the corresponding ID from the key distribution system during the manufacturing process and then fill it into the device.

[0056] During the authentication phase, the encrypted data is decrypted and verified. If both pass, the pairing authentication is successful. The authentication result is then returned to the terminal device in SM4 encryption. Finally, the terminal device returns the final status result after decryption.

[0057] The terminal device is used to accept pairing requests during the initialization phase, request the symmetric key of the ID to be paired from the key distribution system and store it in its local machine. During the authentication phase, it calculates the ciphertext of the ID and the non-interactive zero-knowledge proof, decrypts the authentication result from the resource-constrained device, and encrypts and sends its own state to the resource-constrained device.

[0058] The key distribution system is used to issue a symmetric key with a corresponding ID to resource-constrained devices at the factory, and to issue a symmetric key with a matching ID to the terminal device during initialization.

[0059] The specific embodiments described above are merely specific examples of the present invention. The patent protection scope of the present invention includes, but is not limited to, the specific embodiments described above. Any appropriate changes or substitutions made by a person skilled in the art that conform to the claims of the present invention regarding a dual authentication method and system for terminal devices should fall within the patent protection scope of the present invention.

[0060] Although embodiments of the invention have been shown and described, it will be understood by those skilled in the art that various changes, modifications, substitutions and alterations can be made to these embodiments without departing from the principles and spirit of the invention, the scope of which is defined by the appended claims and their equivalents.

Claims

1. A method for dual authentication of terminal devices, characterized in that, It has the following steps: S1, Factory delivery stage; When device B is on the production line, it submits its device ID number to the key distribution system and obtains the corresponding symmetric key k as a pre-set key to be filled into device B, thereby completing the key filling process on the production line. S2, Initialization phase; Device B initiates a pairing request to terminal device A and submits its device ID; The terminal device A receives the pairing request and the device ID of device B, requests the symmetric key k of the ID from the key distribution system, and stores it in its local machine; S3, Certification Phase; Device A uses the issued symmetric key k to encrypt the device ID of device B using SM4, resulting in c = SM4Enc(ID). The initialization vector IV is set to all zeros by default. Device A computes a non-interactive zero-knowledge proof p=NIZP(k) for a symmetric key k, and then sends the ciphertext c and the proof p to device B. Device B decrypts c using symmetric key k to obtain m = SM4Dec(c), and determines whether m is equal to ID. If it is equal to ID, device B verifies the proof p. If the verification is successful, device B updates the authentication status to 1; otherwise, it updates the authentication status to 0. If m is not equal to ID, then device B updates the authentication status to 0 and proceeds to step S4; S4, End Phase; Device B will encrypt the authentication result (success or failure), i.e. the authentication status, using symmetric key k in SM4 and send the ciphertext to device A. After device A decrypts, it obtains the authentication result. If the result is 0 or 1, it encrypts the obtained result identifier 1 with SM4 and returns it to device B. Otherwise, it encrypts the identifier 0 with SM4 and returns it to device B. After device B decrypts the data, it learns the status of terminal device A. If the status is 0, it re-enters step S4. If the value is 1, the communication ends here.

2. A dual authentication system for terminal devices, characterized in that, The method described in claim 1 includes a resource-constrained device, a terminal device, and a key distribution terminal; The resource-constrained device is used to obtain the symmetric key with the corresponding ID from the key distribution system during the manufacturing stage and fill it into the device; During the authentication phase, the encrypted text is decrypted and the proof is verified. If both pass, the pairing authentication is successful. The authentication result is returned to the terminal device in SM4 encryption. The final status result returned by the terminal device is decrypted. The terminal device is used to accept pairing requests during the initialization phase, request the symmetric key of the ID to be paired from the key distribution system and store it in the local machine, calculate the ciphertext of the ID and non-interactive zero-knowledge proof during the authentication phase, decrypt the authentication result from the resource-constrained device, and encrypt its own state and send it to the resource-constrained device. The key distribution system is used to issue a symmetric key with a corresponding ID to a resource-constrained device when it leaves the factory, and to issue a symmetric key with a matching ID to a terminal device during initialization.