325 results about "Key authentication" patented technology

To authenticate a user having an associated asymmetric crypto-key having a private/public key pair (D,E) based on a one-time-password, the user partially signs a symmetric session key with the first portion D1 of the private key D. The authenticating entity receives the partially signed symmetric session key via the network and completes the signature with the second private key portion D2 to recover the symmetric session key. The user also encrypts a one-time-password with the symmetric session key. The authenticating entity also receives the encrypted one-time-password via the network, and decrypts the received encrypted one-time-password with the recovered symmetric session key to authenticate the user.

A client terminal presents a graphical user interface (GUI) to a distributed computing environment. A first interface is configured to receive data of a portable storage medium. The data includes a key authentication signal and user settings. The key authentication signal identifies an authorized user of the distributed computing environment. A second interface is configured to communicate with an operably linked server. A controller is operative to verify the key authentication signal provided to the first interface in accordance with a distributed computing instruction set, and, upon verification, establishing communication with the operably linked server via the second interface. In this way, the server executes server side applications accessed by a user from the client terminal in accordance with the user settings.

Disclosed are a method and a system for mutual inclusive authentication between a service provider, a terminal and a user identity module. The authentication system is configured in a structure that can interact with a public key infrastructure of the current network security environment and can be independently used in a specific network system. The inclusive authentication method is divided into public key authentication and symmetric key authentication. Mutual authentication can be made between a service provider, a terminal and a user identity module using any of the two authentication schemes. Then a user can access content on any terminal device using the content license based on the user's identity.

The present invention provides encryption schemes and apparatus which securely generate a cipher-text which in itself contains checks for assuring message integrity. It also provides compatible decryption schemes confirming message integrity. The encryption scheme generates a cipher-text with message integrity in a single pass with little additional computational cost, while retaining at least the same level of security as schemes based on a MAC. One embodiment encrypts a plain-text message by dividing the plain-text message into a multitude of plain-text blocks and encrypting the plain-text blocks to form a multitude of cipher-text blocks. A single pass technique is used in this process to embed a message integrity check in the cipher-text block. A message integrity check is embedded in the cipher-text blocks by embedding a set of pseudo random numbers, which may be dependent, but are pair-wise differentially uniform. We also describe an embodiment which is highly parallelizable.

Provided are a key authentication/service system and method using one-time authentication code. In the system and method, a key management client sends a key management server a message requesting transmission of a message for generating authentication code required to request a key management service. Next, the key management server creates a challenge message based on a challenge/response method using the received message. Next, the key management client generates the one-time authentication code using the challenge message and transmits it along with a message requesting a key management service to the key management server. Next, the key management server receives the one-time authentication code from the key management client and checks whether the one-time authentication code is certified to determine whether the key management client has a right to use the key management service. Then, the key management server provides the key management service to the key management client when it is determined that the key management client has a right to use this service.

The method includes processing steps: request of shared cryptographic key authentication; response of shared cryptographic key authentication; acknowledgement of shared cryptographic key authentication. Through configured shared cryptographic key in advance, intercheck authentication and negotiation of session key is able to carry out between wireless terminals in self built network, thus, complicated public key certificate application and installation procedure is not needed any more. Features are: high security, small amount of calculation, and high efficiency.

The invention provides an implementation method and system of a bluetooth key to a car. The implementation method of the bluetooth key to the car comprises the following steps: receiving vehicle use information at least comprising a secrete key to a used car, which is sent by a server, with a vehicle-mounted T-Box; establishing connection with a mobile terminal by bluetooth; performing secret keyauthentication on the mobile terminal according to the secrete key of the used car; after the secret key authentication is passed, sending an unlocking instruction to an electronic control unit of thecar, so as to unlock the car; receiving an operation instruction of the mobile terminal and sending the operation instruction to the electronic control unit of the car, so as to control the car. According to the implementation method, by performing bluetooth secrete key authentication on the vehicle-mounted T-Box with the mobile terminal, an operation of opening a door of the car is implemented,the traditional hardware key is substituted, tedious operations of finding the key and operating the key when the vehicle is used by a user are avoided, the problem of the limitation of car renting time and space can be effectively solved, and the convenience of use of the car is improved.

In the data communication system, a portable communication terminal is authenticated by an agent system including an authentication unit, a decision unit and a communication unit. The authentication unit is adapted to perform, based on granted license information received from the portable communication terminal, at least one of a system authentication process to authenticate the service providing system based on a system authentication key, a first client authentication process to authenticate the portable communication terminal based on a client authentication key, and a second client authentication process to authenticate the portable communication terminal based on identification information identifying the portable communication terminal. The decision unit is adapted to, after the authentication is completed, determine whether to permit communication, based on the license described in the granted license information. The communication unit is adapted to, if communication is permitted, perform the communication process with the noncontact IC card module.

Principles of the invention provide one or more secure key management protocols for use in a communication environment such as a conferencing system. For example, a method for managing a conference between two or more parties in a communication system comprises the following steps. An identity based authenticated key exchange operation is performed between a conference management element of the communication system and each of the two or more parties seeking to participate in the conference, wherein messages exchanged between the conference management element and the two or more parties are encrypted based on respective identities of recipients of the messages, and further wherein the conference management element receives from each party during the key authentication operation a random key component that is computed based on a random number selected by the party. The conference management element sends to each party a set comprising the random key components computed by the parties. The conference management element receives from each party a random group key component, wherein the random group key component is computed by each party via a computation based on the random number used by the party during the key authentication operation and the random key components computed by a subset of others of the two or more parties seeking to participate in the conference. The conference management element sends to each party a set comprising the random group key components computed by the parties such that each party can compute the same group key for use in communicating with each other party through the conference management element.

The invention discloses a keyless entry system detecting method for an automobile. The keyless entry system detecting method for the automobile comprises the following steps that a mobile terminal is bound with an automobile controller; the mobile terminal acquires GPS position information of the automobile controller; the mobile terminal judges whether the distance between the automobile and the mobile terminal is less than a first preset distance or not according to the GPS position information; if the distance between the automobile and the mobile terminal is less than the first preset distance, the mobile terminal remotely wakes up the automobile controller to execute intelligent key detection; the automobile controller judges whether the distance between the automobile and the intelligent key is less than a second preset distance or not; if the distance between the automobile and the intelligent key is less than the second preset distance, the automobile controller performs intelligent key authentication and finishes the intelligent key authentication process; and if the time of keeping the distance between the automobile and the mobile terminal within the first preset distance exceeds a preset time, the automobile controller exits the intelligent key authentication process. According to the invention, the loss of the system is reduced and the practicability, convenience and safety of the system are improved.

The present invention provides a delivery management system including a public key storage unit for storing a public key of the addressee; a secret key input unit for inputting a secret key of the addressee; and an authentication unit for authenticating the addressee on the basis of the secret key inputted by the secret key input unit and the public key stored in the public key storage unit. Thereby, it is possible to grasp that the addressee receives the delivery so as to improve a reliability of the deliver.

Method and system for secure key authentication and key ladder are provided herein. Aspects of the method for secure key authentication may include generating a digital signature of a secure key in order to obtain a digitally signed secure key and transmitting the digitally signed secure key from a first location to a second location. The digital signature may be generated by utilizing an asymmetric encryption algorithm and/or a symmetric encryption algorithm. The digitally signed secure key may be encrypted prior to transmission. The secure key may be a master key, a work key and/or a scrambling key. The digitally signed secure key may be received at the second location and the digitally signed secure key may be decrypted to obtain a decrypted digitally signed secure key.

The invention discloses a method for recognizing an identity through a biological feature. At a user terminal device side, a pair of public and private keys are provided for an account which logs in an application in a biological feature recognition mode; the account, a public key of the account and a biological feature index address of a login account are signed through a built-in device private key; a registration request is generated based on the account, the public key of the account and the biological feature index address of the login account; and the registration request is checked through a device public key pre-stored in an identity authentication server, after the check is successful, the account, the public key of the account and the biological feature index address of the login account are stored, thereby checking an authentication request of the terminal device. According to the method, double public and private key authentication and once biological feature comparison check authentication are carried out on the biological feature of the login account, the precise matching of the biological feature of the login account is ensured, the biological feature with the right to logging the terminal device is further authenticated and then the service (such as transaction service related to money) of the application can be used, the friendly cheat is avoided, and the privacy and property safety is improved.

The invention discloses a threshold and key-based authorization method in software as a service (SaaS), which is a solution of data security in application of enhancement software as a service (SaaS). The authorization method is mainly used for providing objective security insurance for an SaaS user from technical means so as to solve the problems in protecting data security of SaaS enterprise users. By using the authorization method provided by the invention, a very good method can be naturally provided for solving SaaS security problems. The authorization method is a strategic method, and in the method, keys are divided and an SaaS client masters part of the keys so that an SaaS software provider and an SaaS operator cannot perform certain advanced data operation without the participation of the SaaS client. The authorization method aims to convert key authentication of the client into client authorization, thereby improving security information of the user, and increasing the safety insurance.

The invention provides a smart password key authentication based cross-platform heterogeneous system login method. The method is to provide a uniform authentication service platform for a multi-service system user by utilizing a smart password key, a digital signature and a digital certificate authentication mechanism based on a PKI theoretical system and to perform uniform authentication of the user identity and access control through integrating service systems and content, thereby realizing single-point login and integration of information resources of each service system. An enterprise employee, as long as remembering a command, can log in multiple heterogeneous systems in the access process of an application system; uniform user identity information is provided, so information sharing can be carried out even the user identity information content and data format of each application system are non-uniform, and interconnection and mutual communication are realized; after the smart password key authentication is encrypted, the data transmitted by the user are guaranteed to be the original text without being tampered maliciously; and the identity of the user can be confirmed.

The invention provides a key-free authentication transmission method and system. The key-free authentication transmission method comprises the steps that a client sends first handshake information to a cloud server, wherein the handshake information comprises a client random number; the cloud server sends second handshake information to the client, wherein the second handshake information comprises a cloud server random number and a public key certificate; the client verifies the public key certificate, if the verification is successful, a generated pre-master key is encrypted through a public key, the pre-master key is sent to the cloud server, and a session key is obtained according to the client random number, the cloud server random number and the pre-master key; the cloud server sends the encrypted pre-master key to a key server; the key server decrypts the encrypted pre-master key through a private key and sends the pre-master key to the cloud server; and the cloud server obtains the session key according to the client random number, the cloud server random number and the pre-master key. According to the method and the system, the security of the private key is ensured by setting the independent key server.

The invention provides a method, device and system for vehicle intelligent unlocking. The method in one embodiment comprises the steps that when a whole vehicle is in a locked state, antennas arranged on the vehicle are controlled to sent low-frequency signals; a first response signal returned when a vehicle intelligent key receives the low-frequency signals of the antennas is received, and the first response signal comprises the signal strength, detected by the vehicle intelligent key, of the antennas; the area where the vehicle intelligent key is located is determined according to the signal strength of the antennas in the first response signal; when the vehicle intelligent key is located in a meeting area, intelligent key pre-authentication is carried out on the vehicle intelligent key, and prompting information is sent after intelligent key pre-authentication succeeds; and when the vehicle intelligent key is close to an unlocking area, intelligent key authentication is carried out on the vehicle intelligent key, the whole vehicle is controlled to be unlocked after intelligent key authentication succeeds, and after the whole vehicle is unlocked, and when any vehicle door of the vehicle is in an opened state, the antennas are controlled to stop sending the low-frequency signals. According to the method, device and system for vehicle intelligent unlocking, the use experience of vehicle users is improved, and convenience is improved.

The systems and methods on a blockchain platform for one or more intermediaries for services including proxy re-encryption, independent audit, multiple-signatures based smart wallet associated with a smart contract and split-key authentication to achieve secure passwordless login. Proxy re-encryption by receiving a ciphertext from a first user with condition parameters that has been encrypted with a dynamically selected encryption algorithm. Audit service receiving an encrypted file from a user for storage on the blockchain platform; enforcing the security policy parameters for all access requests to the file on the blockchain platform; and optionally providing audit report of the encrypted file storage and access. A smart wallet with a group key using multiple signatures based on receipt of a threshold number of signatures. Split-key authentication by splitting the private key into two or more parts; and assigning the split private key part to two or more client devices.

The invention relates to an Internet of Things security management system. A private key center and an application server perform communication authentication data transmission through a soft shield;the application server side performs mutual communication of key distribution, identity authentication and data encryption with the client control terminal and the Internet of Things terminal at the same time; mutual communication of identity authentication and data encryption is carried out between the client control terminal and the Internet of Things terminal, wherein the private key center comprises a KPC key production assembly, a KMC key management assembly and a key authentication assembly, the application server comprises a security edge computing SDK module and a server application module, and the client control terminal comprises an encryption and decryption security module and a client application module, and the Internet of Things terminal comprises an Internet of Things communication module, a security algorithm module and an SE chip. According to the Internet of Things security management system, only the user is completely autonomous and controllable in the Internet of Things system, the cloud system does not have the authority of directly operating the user equipment, and the Internet of Things control security level can be effectively improved.

The invention discloses a novel multi-application authentication card issuing system for a smart card. The novel multi-application authentication card issuing system comprises a key management system, a data acquisition system, a personalized card fabrication system and an authentication data preparation system, wherein the authentication data preparation system comprises an authentication data preparation server and an authentication data preparation client; the authentication data preparation server is connected with the key management system, the data acquisition system and the authentication data preparation system respectively through a network; and the authentication data preparation client is connected with the personalized card fabrication system through the network. Through adoption of the system, remote key authentication and data loading are realized, multi-industry-user and multi-card-merchant concurrent operation is supported, and the efficiency is increased greatly. The system is low in cost, and is simple in flow.