[go: up one dir, main page]

CN1964253B - A way to regenerate keys after key contamination - Google Patents

A way to regenerate keys after key contamination Download PDF

Info

Publication number
CN1964253B
CN1964253B CN2005101156592A CN200510115659A CN1964253B CN 1964253 B CN1964253 B CN 1964253B CN 2005101156592 A CN2005101156592 A CN 2005101156592A CN 200510115659 A CN200510115659 A CN 200510115659A CN 1964253 B CN1964253 B CN 1964253B
Authority
CN
China
Prior art keywords
key
level
pmk
new
generate
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN2005101156592A
Other languages
Chinese (zh)
Other versions
CN1964253A (en
Inventor
庄宏成
杜汉美
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN2005101156592A priority Critical patent/CN1964253B/en
Publication of CN1964253A publication Critical patent/CN1964253A/en
Application granted granted Critical
Publication of CN1964253B publication Critical patent/CN1964253B/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Landscapes

  • Small-Scale Networks (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

本发明公开了一种在密钥污染后重新生成密钥的方法,所述密钥由初始密钥经过多层级运算后生成,并且每层级的密钥根据前一层级的密钥生成;在确定当前层级的密钥受到污染时向当前层级的前一层级重新申请密钥,然后根据申请到的密钥重新生成当前层级的新密钥。本发明在中间层次密钥受到污染时,通过向前一层级申请密钥重新密钥来生成密钥,因而能够减小重新生成密钥的时间,降低时延;尤其在WLAN中,能够减少STA和认证服务器的交互次数,从而减少数据包丢失。

Figure 200510115659

The invention discloses a method for regenerating a key after the key is polluted. The key is generated from the initial key through multi-level operations, and the key of each level is generated according to the key of the previous level; When the key of the current level is polluted, re-apply for the key from the previous level of the current level, and then regenerate the new key of the current level according to the applied key. When the intermediate level key is polluted, the present invention generates the key by rekeying the key by applying for the key at the previous level, thereby reducing the time for regenerating the key and reducing the time delay; especially in WLAN, it can reduce the number of STAs The number of interactions with the authentication server, thereby reducing packet loss.

Figure 200510115659

Description

一种在密钥污染后重新生成密钥的方法 A way to regenerate keys after key contamination

技术领域technical field

本发明涉及通信和计算机领域,尤其涉及一种在密钥污染后重新生成密钥的方法。The invention relates to the field of communication and computer, in particular to a method for regenerating a key after the key is polluted.

背景技术Background technique

目前在无线局域网(WLAN)的认证过程中,将密钥的生成过程划分为几个层级。当某一级密钥受到攻击时,由此密钥产生的下级密钥都将受到污染,而由此产生的会话将被删除。Currently, in the authentication process of a wireless local area network (WLAN), the key generation process is divided into several levels. When a certain level key is attacked, the lower level keys generated by this key will be polluted, and the resulting sessions will be deleted.

如图1所示,当无线站点(STA)与认证服务器进行了802.1X认证后,会产生一个主会话密钥(MSK)(如果采用PSK,则预先在STA和网络侧设备上配置该PSK),此时网络侧和STA上都有MSK。网络侧成对主密钥R0(PMK-R0)持有者得到此MSK,并连同一些其它的参数通过一定的算法生成PMK-R0。同样,网络侧R1密钥持有者从网络侧R0密钥持有者获得PMK-R0,并连同一些其它的参数通过一定的算法生成PMK-R1。最后无线接入点(AP)得到PMK-R1。在终端上,STA由MSK和一些参数通过同样的算法生成PMK-R0,然后生成PMK-R1。然后STA和PMK-R1进行四次握手,由此PMK-R1和一些参数在STA和AP上生成相同的新的密钥PTK,如果二者有相同的PMK-R1,那么四次握手就可以进行,如果二者的PMK-R1不一样,四次握手将不能进行。As shown in Figure 1, when the wireless station (STA) performs 802.1X authentication with the authentication server, a master session key (MSK) will be generated (if PSK is used, the PSK should be pre-configured on the STA and the network side device) , at this time there are MSKs on both the network side and the STA. The holder of the paired master key R0 (PMK-R0) on the network side obtains this MSK, and generates PMK-R0 through a certain algorithm together with some other parameters. Similarly, the R1 key holder on the network side obtains PMK-R0 from the R0 key holder on the network side, and generates PMK-R1 through a certain algorithm together with some other parameters. Finally, the wireless access point (AP) gets PMK-R1. On the terminal, STA generates PMK-R0 through the same algorithm from MSK and some parameters, and then generates PMK-R1. Then STA and PMK-R1 perform a four-way handshake, from which PMK-R1 and some parameters generate the same new key PTK on the STA and AP. If the two have the same PMK-R1, then the four-way handshake can be performed , if the PMK-R1 of the two is not the same, the four-way handshake will not be possible.

在此密钥层级的生成过程中,如果中间某一级密钥受到攻击,产生一个被污染的密钥,那么由此产生的下级密钥都将被污染,在这种情况下,STA和认证服务器需要重新进行认证以生成MSK(或者重新配置PSK)。而重新进行认证不仅时延比较大,而且使STA不能和AP进行数据通信,从而造成数据丢失。During the generation process of this key hierarchy, if a key in the middle level is attacked and a polluted key is generated, the resulting lower-level keys will be polluted. In this case, STA and authentication The server needs to re-authenticate to generate the MSK (or reconfigure the PSK). Re-authentication not only has a relatively long delay, but also makes the STA unable to perform data communication with the AP, resulting in data loss.

发明内容Contents of the invention

本发明提供一种在密钥污染后重新生成密钥的方法,以解决现有技术在多层级生成密钥过程中某一层级密钥受到污染时,需要重新进行认证而存在增加通信时延和丢失数据的问题。The present invention provides a method for regenerating a key after the key is polluted, so as to solve the problem of increased communication delay and the need for re-authentication when a certain level key is polluted in the process of multi-level key generation in the prior art. Problem with lost data.

本发明提供以下技术方案:The invention provides the following technical solutions:

一种在密钥污染后重新生成密钥的方法,所述密钥由初始密钥经过多层级运算后生成,并且每层级的密钥根据前一层级的密钥生成;在确定当前层级的密钥受到污染时进行下述步骤:A method for regenerating a key after key pollution, the key is generated from the initial key through multi-level operations, and the key of each level is generated according to the key of the previous level; after determining the key of the current level If the key is contaminated, perform the following steps:

A、向当前层级的前一层级重新申请密钥;A. Re-apply for the key from the previous level of the current level;

B、根据申请到的密钥重新生成当前层级的新密钥。B. Regenerate a new key at the current level according to the applied key.

步骤B之后还进一步包括步骤:After step B, further include steps:

C、确定新密钥是否与当前层级的原密钥相同,若相同,则确定前一层级的密钥被污染,将所述前一层级作为当前层级并进行步骤A;若不同,则确定新密钥未受污染。C. Determine whether the new key is the same as the original key of the current level. If it is the same, determine that the key of the previous level is polluted, and use the previous level as the current level and proceed to step A; if different, determine the new key The key is not tainted.

若未受污染的新密钥为中间层级的密钥,则根据该新密钥按层级依次生成后续各层级的密钥。If the unpolluted new key is a key at an intermediate level, keys of subsequent levels are sequentially generated according to the new key.

步骤A中,在申请密钥前先判断当前层级是否为初始层级,若是,则重新产生初始密钥和利用该初始密钥按层级依次生成后续各层级的密钥,否则,向前一层级重新申请密钥。In step A, before applying for a key, first judge whether the current level is the initial level, if so, regenerate the initial key and use the initial key to generate the keys of subsequent levels in sequence, otherwise, regenerate the keys of the previous level Request key.

各层级在生成密钥时还加入本层级的参数。Each level also adds the parameters of this level when generating the key.

一种在无线局域网(WLAN)的认证过程中密钥污染后重新生成密钥的方法,由主会话密钥(MSK)或预共享密钥(PSK)经过多层级运算后生成成对主密钥R1,该成对主密钥R1为PMK-R1,并且每层级的密钥由前一层级的密钥与本层级参数生成;该方法包括如下步骤:A method for regenerating a key after key pollution in the authentication process of a wireless local area network (WLAN), in which a paired master key is generated from a master session key (MSK) or a pre-shared key (PSK) through multi-level operations R1, the paired master key R1 is PMK-R1, and the key of each level is generated by the key of the previous level and the parameters of this level; the method includes the following steps:

A、无线站点(STA)与接入点(AP)握手失败,确定网络侧的PMK-R1被污染;A. The handshake between the wireless station (STA) and the access point (AP) fails, and it is determined that the PMK-R1 on the network side is polluted;

B、网络侧生成PMK-R1的层级向生成PMK-R0的层级申请密钥;所述生成PMK-R0的层级为所述生成PMK-R1的层级的上一级;B. The layer that generates PMK-R1 on the network side applies for a key to the layer that generates PMK-R0; the layer that generates PMK-R0 is the upper level of the layer that generates PMK-R1;

C、所述生成PMK-R1层级利用申请到的PMK-R0与参数生成新PMK-R1;C. The generated PMK-R1 level uses the applied PMK-R0 and parameters to generate a new PMK-R1;

D、将新PMK-R1与原PMK-R1比较,若两者相同,则确定PMK-R0被污染,则进行步骤E,若不相同,AP则使用该PMK-R1;D. Compare the new PMK-R1 with the original PMK-R1. If the two are the same, it is determined that the PMK-R0 is contaminated, and then proceed to step E. If not, the AP uses the PMK-R1;

E、由生成PMK-R0的层级向MSK或PSK的持有者申请MSK或PSK,并将其与参数生成新PMK-R0;E. The layer that generates PMK-R0 applies for MSK or PSK from the holder of MSK or PSK, and generates a new PMK-R0 with parameters;

F、判断新PMK-R0与原PMK-R0是否相同,若是,则通过重新认证生成MSK或重新配置PSK,以及利用该MSK或PSK按层级依次生成后续各层级的密钥;若否,利用PMK-R0与参数生成新PMK-R1。F. Determine whether the new PMK-R0 is the same as the original PMK-R0. If so, generate MSK or reconfigure PSK through re-authentication, and use the MSK or PSK to generate keys for subsequent levels in sequence; if not, use PMK -R0 with parameter generate new PMK-R1.

在网络侧重新生成密钥过程中,STA可与网络侧其他AP进行通信。During the rekeying process on the network side, the STA can communicate with other APs on the network side.

本发明在中间层次密钥受到污染时,通过向前一层级申请密钥重新密钥来生成密钥,因而能够减小重新生成密钥的时间,降低时延;尤其在WLAN中,能够减少STA和认证服务器的交互次数,从而减少数据包丢失。When the intermediate level key is polluted, the present invention generates the key by rekeying the key by applying for the key at the previous level, thereby reducing the time for regenerating the key and reducing the time delay; especially in WLAN, it can reduce the number of STAs The number of interactions with the authentication server, thereby reducing packet loss.

附图说明Description of drawings

图1为现有技术中802.11r中密钥生成层级;Fig. 1 is the key generation level in 802.11r in the prior art;

图2为本发明中多层次级密钥中密钥受到污染时的处理流程;Fig. 2 is the processing flow when the key in the multi-level key is polluted in the present invention;

图3A、图3B分别为本发明中在WLAN系统中密钥受到污染时的处理示意图和流程。FIG. 3A and FIG. 3B are respectively a schematic diagram and a flow chart of processing when the key is polluted in the WLAN system in the present invention.

具体实施方式Detailed ways

为了避免在初始密钥经多层级运算后生成最终密钥过程中因中间某一层级密钥被污染而直接通过认证等方式重新生成新的初始密钥,造成通信的时延增加和造成数据丢失,本发明在中间密钥受到污染时,向前面没有受到污染层级申请密钥,重新生成下级正确的密钥。In order to avoid regenerating a new initial key directly through authentication due to the pollution of a certain level key in the middle of the process of generating the final key after the initial key is multi-level operation, resulting in increased communication delay and data loss , when the intermediate key is polluted, the present invention applies for a key to the previous level that has not been polluted, and regenerates the correct key of the lower level.

对于当前层级密钥在从前一层级申请到密钥并生成本层级的新密钥后,为了确定前一层级密钥是否受到污染,将新密钥和本层的密钥进行比较,如果两者相同,则说明前一层级的密钥受到污染,因此需要由所述前一层级向其前一层级申请密钥来重新生成新密钥,以此类推,直到从前面没有受到污染的层级申请到密钥。如果确定初始密钥已经被污染,则要求重新进行认证来生成新的初始密钥。For the key of the current level, after applying for the key from the previous level and generating a new key of this level, in order to determine whether the key of the previous level is polluted, compare the new key with the key of this level, if both same, it means that the key of the previous level is polluted, so the previous level needs to apply for a key from its previous level to regenerate a new key, and so on, until the previous level is not polluted. key. If it is determined that the initial key has been contaminated, re-authentication is required to generate a new initial key.

参阅图2所示,在通信过程中,密钥受到污染时的处理流程如下:Referring to Figure 2, during the communication process, the processing flow when the key is polluted is as follows:

步骤200、用户设备与网络侧的设备交互,在用户设备和网络侧设备上生成初始密钥;或者在用户设备与网络侧的设备上配置初始密钥。Step 200, the user equipment interacts with the network-side device, and generates an initial key on the user equipment and the network-side device; or configures an initial key on the user equipment and the network-side device.

步骤210、用户设备和网络侧设备分别利用所述初始密钥,经过多层级运算生成最后层级的密钥;其中各层级密钥由前一级密钥和本层级参数生成。Step 210, the user equipment and the network side equipment respectively use the initial key to generate the key of the last level through multi-level operations; wherein the key of each level is generated by the key of the previous level and the parameters of this level.

步骤220、用户设备与网络侧设备交互过程利用所述最后层级的密钥验证失败,即终端设备与网络侧的最终密钥不相同,确定网络侧最后层级的密钥受污染。In step 220, the user equipment and the network side device use the last-level key to verify that the verification fails, that is, the terminal device and the network-side final key are different, and it is determined that the network-side final-level key is polluted.

步骤230、由当前层级向前一层级申请并获得密钥。Step 230: Apply for and obtain a key from the current level to the previous level.

步骤240、利用申请到的密钥与当前层级的参数通过运算生成新密钥。Step 240, generate a new key through calculation by using the applied key and the parameters of the current level.

步骤250、判断新密钥与当前层级的原密钥是否相同,若相同,则进行步骤260,否不相同,则进行步骤300。Step 250 , judging whether the new key is the same as the original key of the current level, if they are the same, go to step 260 , otherwise, go to step 300 .

步骤260、说明前一层级的密钥已被污染,判断所述前一层级是否为初始层级,若是则进步骤280和290,否则,进行步骤270。Step 260 , indicating that the key of the previous level has been polluted, and judging whether the previous level is the initial level, if so, go to steps 280 and 290 , otherwise, go to step 270 .

步骤270、将所述前一层级作为当前层级,进行步骤230。Step 270 , take the previous level as the current level, and proceed to step 230 .

步骤280、用户设备与认证服务器交互,在用户设备和网络侧设备上生成初始密钥;或者重新在用户设备和网络侧设备上配置初始密钥。Step 280, the user equipment interacts with the authentication server to generate an initial key on the user equipment and the network-side device; or reconfigure the initial key on the user equipment and the network-side device.

步骤290、用户设备和网络侧设备分别利用所述初始密钥,经过多层级运算生成最后层级的密钥。In step 290, the user equipment and the network side equipment respectively use the initial key to generate a final-level key through multi-level operations.

步骤295、若当前层级为最后层级,则使用该层级密钥;若当前层级为中间层级,则根据该新密钥按层级依次生成后续各层级的密钥。Step 295: If the current level is the last level, use the key of the level; if the current level is the middle level, then generate the keys of the subsequent levels according to the level according to the new key.

上述的层级可以是任何通信网络的认证密钥生成层级,如WLAN的密钥层级。The above-mentioned level may be the authentication key generation level of any communication network, such as the key level of WLAN.

下面以WLAN中的层级密钥为例进一步说明:The following takes the hierarchical key in WLAN as an example to further explain:

根据现有的802.11r草案中定义的密钥的生成算法,PMK-R0和PMK-R1的生成参数都不是随机的,在参数不变的情况下,通过密钥生成的算法,其结果即生成的新密钥也不变,即输入不变,输出也不变。According to the key generation algorithm defined in the existing 802.11r draft, the generation parameters of PMK-R0 and PMK-R1 are not random. In the case of constant parameters, through the key generation algorithm, the result is generated The new key of is also unchanged, that is, the input does not change, and the output does not change.

按现有技术,当无线站点(STA)与无线接入点(AP)之间进行四次握手发送两者的PMK-R1不相同时,一般情况下确定网络侧的PMD-R1被污染,需要STA和认证服务器重新进行认证以生成MSK;或重新配置PSK。但本发明中,当PMK-R1受到污染后,直接从上级没有受到污染的层次获取密钥以生成下级正确的密钥。如图3A和图3B所示,其实现过程如下:According to the prior art, when the four-way handshake is carried out between the wireless station (STA) and the wireless access point (AP), when the two PMK-R1s are not the same, it is generally determined that the PMD-R1 on the network side is polluted, and it is necessary to The STA and the authentication server re-authenticate to generate the MSK; or reconfigure the PSK. However, in the present invention, when the PMK-R1 is polluted, the key is obtained directly from the upper layer that is not polluted to generate the lower correct key. As shown in Figure 3A and Figure 3B, the implementation process is as follows:

步骤300、STA和AP进行四次握手时发现二者的PMK-R1不一样,四次握手失败,确定可能是AP网络侧的密钥受到了污染。In step 300, when the STA and the AP perform the four-way handshake, they find that their PMK-R1s are different, and the four-way handshake fails. It is determined that the key on the AP network side may be polluted.

步骤310、由R1密钥持有者向上一级R0密钥持有者重新申请密钥PMK-R0。Step 310: The R1 key holder reapplies for the key PMK-R0 to the upper-level R0 key holder.

步骤320、R1密钥持有者利用R0密钥持有者重新下发的密钥PMK-R0和其它参数重新生成PMK-R1。Step 320, the R1 key holder regenerates PMK-R1 using the key PMK-R0 and other parameters issued by the R0 key holder.

步骤330、判断新的PMK-R1和原来PMK-R1是否相同,如果相同,确定可能是PMK-R0受到了污染,进行步骤340,如果不相同,进行步骤400。Step 330 , judging whether the new PMK-R1 is the same as the original PMK-R1 , if they are the same, determine that the PMK-R0 may be polluted, go to step 340 , if not, go to step 400 .

步骤340、R1密钥持有者通知R0密钥持有者密钥已受到污染,R0密钥持有者向MSK或者PSK的持有者重新请求MSK或者PSK。Step 340, the R1 key holder notifies the R0 key holder that the key has been polluted, and the R0 key holder re-requests the MSK or PSK from the MSK or PSK holder.

步骤350、R0密钥持有者成功得到MSK或者PSK后,利用此密钥生成新PMK-R0。Step 350, after the R0 key holder successfully obtains the MSK or PSK, use this key to generate a new PMK-R0.

步骤360、判断生成的新PMK-R0与原来的PMK-R0是否相同,如果相同,可能是MSK或者PSK受到了污染,进行步骤370,否则进行步骤390。Step 360 , judging whether the generated new PMK-R0 is the same as the original PMK-R0 , if they are the same, the MSK or PSK may be polluted, go to step 370 , otherwise go to step 390 .

步骤370、重新发起认证生成MSK;或者重新配置PSK。Step 370, re-initiate authentication to generate MSK; or reconfigure PSK.

步骤380、R0密钥持有者利用新生成的MSK或者PSK生成新PMK-R0。Step 380, the R0 key holder uses the newly generated MSK or PSK to generate a new PMK-R0.

步骤390、R1密钥持有者利用新的PMK-R0生成新的PMK-R1。Step 390, the R1 key holder uses the new PMK-R0 to generate a new PMK-R1.

步骤400、AP使用新生成的PMK-R1。In step 400, the AP uses the newly generated PMK-R1.

在步骤310至步骤400的过程中,STA可以和其它AP进行通信。During the process from step 310 to step 400, the STA can communicate with other APs.

显然,本领域的技术人员可以对本发明进行各种改动和变型而不脱离本发明的精神和范围。这样,倘若对本发明的这些修改和变型属于本发明权利要求及其等同技术的范围之内,则本发明也意图包含这些改动和变型在内。Obviously, those skilled in the art can make various changes and modifications to the present invention without departing from the spirit and scope of the present invention. Thus, if these modifications and variations of the present invention fall within the scope of the claims of the present invention and equivalent technologies, the present invention also intends to include these modifications and variations.

Claims (6)

1. one kind is polluted the method for back regenerating key at key, and described key is generated after through the computing of multilayer level by initial key, and the key of every level generates according to the key of last level; It is characterized in that, when the key of determining current level is subjected to polluting, carry out following step:
A, apply for key again to the last level of current level;
B, according to the new key of the newly-generated current level of key reconsul of applying for.
C, determine whether new key identical with the original cipher key of current level,, determine that then the key of last level is contaminated if identical, with described last level as current level and carry out steps A; If different, determine that then new key is not comtaminated.
2. the method for claim 1 is characterized in that, if unpolluted new key is the key of intermediate level, then generates the key of follow-up each level successively by level according to this new key.
3. method as claimed in claim 1 or 2, it is characterized in that, in the steps A, before the application key, judge whether current level is initial level earlier, if, then produce initial key again and utilize this initial key to generate the key of follow-up each level successively, otherwise a level is applied for key again forward by level.
4. the method for claim 1 is characterized in that, each level also adds the parameter of this level when generating key.
5. the method for regenerating key after a kind key pollutes in the verification process of WLAN (wireless local area network) WLAN, by generating pairwise master key R1 after master session key MSK or the computing of wildcard PSK process multilayer level, this pairwise master key R1 is PMK-R1, and the key of every level is by the key and the generation of this level parameter of last level; It is characterized in that, comprise the steps:
A, wireless site STA and the access point AP failure of shaking hands determines that the PMK-R1 of network side is contaminated;
B, network side generate the level of PMK-R1 to the level application key that generates PMK-R0; The level of described generation PMK-R0 is the upper level of the level of described generation PMK-R1;
PMK-R0 and parameter that C, the utilization of described generation PMK-R1 level are applied for generate new PMK-R1;
D, with new PMK-R1 and former PMK-R1 relatively if both are identical, determines that then PMK-R0 is contaminated, then carries out step e, if inequality, AP then uses this PMK-R1;
E, apply for MSK or PSK to the holder of MSK or PSK, and itself and parameter are generated new PMK-R0 by the level that generates PMK-R0;
F, judge whether new PMK-R0 is identical with former PMK-R0, if then generate MSK or reconfigure PSK, and utilize this MSK or PSK to generate the key of follow-up each level successively by level by authentication again; If not, utilize PMK-R0 and parameter to generate new PMK-R1.
6. method as claimed in claim 5 is characterized in that, in network side regenerating key process, STA can communicate with other AP of network side.
CN2005101156592A 2005-11-09 2005-11-09 A way to regenerate keys after key contamination Expired - Fee Related CN1964253B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2005101156592A CN1964253B (en) 2005-11-09 2005-11-09 A way to regenerate keys after key contamination

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2005101156592A CN1964253B (en) 2005-11-09 2005-11-09 A way to regenerate keys after key contamination

Publications (2)

Publication Number Publication Date
CN1964253A CN1964253A (en) 2007-05-16
CN1964253B true CN1964253B (en) 2010-07-21

Family

ID=38083166

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2005101156592A Expired - Fee Related CN1964253B (en) 2005-11-09 2005-11-09 A way to regenerate keys after key contamination

Country Status (1)

Country Link
CN (1) CN1964253B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160127903A1 (en) * 2014-11-05 2016-05-05 Qualcomm Incorporated Methods and systems for authentication interoperability

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1224962A (en) * 1997-12-24 1999-08-04 国际商业机器公司 cryptographic key distribution system
CN1455556A (en) * 2003-05-14 2003-11-12 东南大学 Wireless LAN safety connecting-in control method
CN1540914A (en) * 2003-04-22 2004-10-27 �Ҵ���˾ Layered cryption key generating method and device for digital resources

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1224962A (en) * 1997-12-24 1999-08-04 国际商业机器公司 cryptographic key distribution system
CN1540914A (en) * 2003-04-22 2004-10-27 �Ҵ���˾ Layered cryption key generating method and device for digital resources
CN1455556A (en) * 2003-05-14 2003-11-12 东南大学 Wireless LAN safety connecting-in control method

Also Published As

Publication number Publication date
CN1964253A (en) 2007-05-16

Similar Documents

Publication Publication Date Title
CN109922077B (en) Identity authentication method and system based on block chain
CN107404461B (en) Data secure transmission method, client and server method, device and system
CN109787761B (en) A device authentication and key distribution system and method based on a physical unclonable function
EP3723399A1 (en) Identity verification method and apparatus
CN103688563A (en) Perform group authentication and key agreement process
CN111800377B (en) Mobile terminal identity authentication system based on safe multi-party calculation
CN106534175A (en) Open platform authorization and authentication system and method based on OAuth protocol
CN108616354A (en) Method and device for key agreement in mobile communication
CN110351727A (en) A kind of certifiede-mail protocol method suitable for wireless sensor network
CN115276998B (en) Internet of Things identity authentication method, device and Internet of Things device
CN113395166A (en) Edge computing-based power terminal cloud edge terminal collaborative security access authentication method
CN110493177B (en) Method and system for quantum communication service station AKA key negotiation based on asymmetric key pool pair and serial number
CN110266499B (en) An anonymous authentication and key agreement method for wireless body area network based on blind signature
CN113055394A (en) Multi-service double-factor authentication method and system suitable for V2G network
CN117729056A (en) Equipment identity authentication method and system
CN116402169B (en) Federal modeling verification method, federal modeling verification device, federal modeling verification equipment and storage medium
CN111865579B (en) SM2 algorithm transformation-based data encryption and decryption method and device
CN104639528A (en) DBA (database administrator) mobile client counterattack method and DBA mobile client counterattack device
WO2022037123A1 (en) Safe mode configuration method, device and system, and computer-readable storage medium
CN117155615A (en) Data encryption transmission method, system, electronic equipment and storage medium
CN1964253B (en) A way to regenerate keys after key contamination
CN104918245B (en) A kind of identity identifying method, device, server and client
CN101192919B (en) A method for implementing user-defined security levels
CN120074963A (en) Identity authentication method based on Chebyshev mapping
CN113572612A (en) A national secret SM9 algorithm private key distribution method, user terminal and key generation center

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20100721

CF01 Termination of patent right due to non-payment of annual fee