CN110493272A - 使用多重密钥的通信方法和通信*** - Google Patents
使用多重密钥的通信方法和通信*** Download PDFInfo
- Publication number
- CN110493272A CN110493272A CN201910915161.6A CN201910915161A CN110493272A CN 110493272 A CN110493272 A CN 110493272A CN 201910915161 A CN201910915161 A CN 201910915161A CN 110493272 A CN110493272 A CN 110493272A
- Authority
- CN
- China
- Prior art keywords
- key
- client
- server end
- data
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 230000006854 communication Effects 0.000 title claims abstract description 83
- 238000004891 communication Methods 0.000 title claims abstract description 70
- 230000005540 biological transmission Effects 0.000 claims abstract description 47
- 238000000034 method Methods 0.000 claims abstract description 29
- 238000004422 calculation algorithm Methods 0.000 claims description 40
- 150000003839 salts Chemical class 0.000 claims description 21
- 238000004364 calculation method Methods 0.000 claims description 14
- 230000004913 activation Effects 0.000 claims description 10
- 230000004044 response Effects 0.000 claims description 8
- 238000012360 testing method Methods 0.000 claims description 2
- 230000007246 mechanism Effects 0.000 abstract description 5
- 238000010586 diagram Methods 0.000 description 10
- 230000008569 process Effects 0.000 description 10
- 238000012545 processing Methods 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 4
- 230000002688 persistence Effects 0.000 description 4
- 230000003213 activating effect Effects 0.000 description 2
- 238000004590 computer program Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 239000003999 initiator Substances 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 241001269238 Data Species 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
- H04L9/3273—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response for mutual authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/166—Implementing security features at a particular protocol layer at the transport layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/168—Implementing security features at a particular protocol layer above the transport layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3242—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims (10)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910915161.6A CN110493272B (zh) | 2019-09-25 | 2019-09-25 | 使用多重密钥的通信方法和通信*** |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910915161.6A CN110493272B (zh) | 2019-09-25 | 2019-09-25 | 使用多重密钥的通信方法和通信*** |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110493272A true CN110493272A (zh) | 2019-11-22 |
CN110493272B CN110493272B (zh) | 2020-10-02 |
Family
ID=68544362
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910915161.6A Active CN110493272B (zh) | 2019-09-25 | 2019-09-25 | 使用多重密钥的通信方法和通信*** |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110493272B (zh) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112134849A (zh) * | 2020-08-28 | 2020-12-25 | 国电南瑞科技股份有限公司 | 一种智能变电站的动态可信加密通信方法及*** |
CN112597501A (zh) * | 2020-12-16 | 2021-04-02 | 山东可信云信息技术研究院 | 一种可信云环境下的数据保护方法及*** |
CN112910627A (zh) * | 2019-12-03 | 2021-06-04 | 华为技术有限公司 | 密钥的更新方法、数据解密方法、数字签名的验证方法 |
CN112995109A (zh) * | 2019-12-17 | 2021-06-18 | 阿里巴巴集团控股有限公司 | 数据加密***、方法、数据处理方法、装置及电子设备 |
Citations (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101047493A (zh) * | 2006-06-02 | 2007-10-03 | 华为技术有限公司 | 获取简单网络管理协议管理密钥的方法及*** |
CN101945114A (zh) * | 2010-09-20 | 2011-01-12 | 西安电子科技大学 | 基于fuzzy vault和数字证书的身份认证方法 |
CN102036242A (zh) * | 2009-09-29 | 2011-04-27 | 中兴通讯股份有限公司 | 一种移动通讯网络中的接入认证方法和*** |
CN102571702A (zh) * | 2010-12-22 | 2012-07-11 | 中兴通讯股份有限公司 | 物联网中的密钥生成方法、***和设备 |
US20140143537A1 (en) * | 2012-11-21 | 2014-05-22 | Kabushiki Kaisha Toshiba | Communication apparatus and communication method |
CN105792193A (zh) * | 2016-02-26 | 2016-07-20 | 东南大学常州研究院 | 基于iOS操作***的移动终端语音端到端加密方法 |
CN106714156A (zh) * | 2015-07-13 | 2017-05-24 | 中兴通讯股份有限公司 | 一种无线接入点和管理平台鉴权的方法和装置 |
US20170244692A1 (en) * | 2016-02-24 | 2017-08-24 | Gemalto Inc. | Authentication of a user using a security device |
CN107453880A (zh) * | 2017-08-28 | 2017-12-08 | 国家康复辅具研究中心 | 一种云数据安全存储方法和*** |
CN108965338A (zh) * | 2018-09-21 | 2018-12-07 | 杭州师范大学 | 多服务器环境下的三因素身份认证及密钥协商的方法 |
CN109639412A (zh) * | 2018-12-05 | 2019-04-16 | 成都卫士通信息产业股份有限公司 | 一种通信方法、***及电子设备和存储介质 |
CN109818749A (zh) * | 2019-01-11 | 2019-05-28 | 如般量子科技有限公司 | 基于对称密钥池的抗量子计算点对点消息传输方法和*** |
-
2019
- 2019-09-25 CN CN201910915161.6A patent/CN110493272B/zh active Active
Patent Citations (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101047493A (zh) * | 2006-06-02 | 2007-10-03 | 华为技术有限公司 | 获取简单网络管理协议管理密钥的方法及*** |
CN102036242A (zh) * | 2009-09-29 | 2011-04-27 | 中兴通讯股份有限公司 | 一种移动通讯网络中的接入认证方法和*** |
CN101945114A (zh) * | 2010-09-20 | 2011-01-12 | 西安电子科技大学 | 基于fuzzy vault和数字证书的身份认证方法 |
CN102571702A (zh) * | 2010-12-22 | 2012-07-11 | 中兴通讯股份有限公司 | 物联网中的密钥生成方法、***和设备 |
US20140143537A1 (en) * | 2012-11-21 | 2014-05-22 | Kabushiki Kaisha Toshiba | Communication apparatus and communication method |
CN106714156A (zh) * | 2015-07-13 | 2017-05-24 | 中兴通讯股份有限公司 | 一种无线接入点和管理平台鉴权的方法和装置 |
US20170244692A1 (en) * | 2016-02-24 | 2017-08-24 | Gemalto Inc. | Authentication of a user using a security device |
CN105792193A (zh) * | 2016-02-26 | 2016-07-20 | 东南大学常州研究院 | 基于iOS操作***的移动终端语音端到端加密方法 |
CN107453880A (zh) * | 2017-08-28 | 2017-12-08 | 国家康复辅具研究中心 | 一种云数据安全存储方法和*** |
CN108965338A (zh) * | 2018-09-21 | 2018-12-07 | 杭州师范大学 | 多服务器环境下的三因素身份认证及密钥协商的方法 |
CN109639412A (zh) * | 2018-12-05 | 2019-04-16 | 成都卫士通信息产业股份有限公司 | 一种通信方法、***及电子设备和存储介质 |
CN109818749A (zh) * | 2019-01-11 | 2019-05-28 | 如般量子科技有限公司 | 基于对称密钥池的抗量子计算点对点消息传输方法和*** |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112910627A (zh) * | 2019-12-03 | 2021-06-04 | 华为技术有限公司 | 密钥的更新方法、数据解密方法、数字签名的验证方法 |
WO2021109817A1 (zh) * | 2019-12-03 | 2021-06-10 | 华为技术有限公司 | 密钥的更新方法、数据解密方法、数字签名的验证方法 |
CN112910627B (zh) * | 2019-12-03 | 2023-02-10 | 华为技术有限公司 | 密钥的更新方法、数据解密方法、数字签名的验证方法 |
CN112995109A (zh) * | 2019-12-17 | 2021-06-18 | 阿里巴巴集团控股有限公司 | 数据加密***、方法、数据处理方法、装置及电子设备 |
CN112134849A (zh) * | 2020-08-28 | 2020-12-25 | 国电南瑞科技股份有限公司 | 一种智能变电站的动态可信加密通信方法及*** |
CN112134849B (zh) * | 2020-08-28 | 2024-02-20 | 国电南瑞科技股份有限公司 | 一种智能变电站的动态可信加密通信方法及*** |
CN112597501A (zh) * | 2020-12-16 | 2021-04-02 | 山东可信云信息技术研究院 | 一种可信云环境下的数据保护方法及*** |
Also Published As
Publication number | Publication date |
---|---|
CN110493272B (zh) | 2020-10-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20210036841A1 (en) | Systems and methods for generating signatures | |
US9137017B2 (en) | Key recovery mechanism | |
US8788811B2 (en) | Server-side key generation for non-token clients | |
US9813249B2 (en) | URL-based certificate in a PKI | |
US8943310B2 (en) | System and method for obtaining a digital certificate for an endpoint | |
US8489877B2 (en) | System, method and computer product for sending encrypted messages to recipients where the sender does not possess the credentials of the recipient | |
US20110296171A1 (en) | Key recovery mechanism | |
CN110493272A (zh) | 使用多重密钥的通信方法和通信*** | |
US20030070068A1 (en) | Method and system for providing client privacy when requesting content from a public server | |
CN110535628A (zh) | 通过证书签发进行多方安全计算的方法及装置 | |
US11044082B2 (en) | Authenticating secure channel establishment messages based on shared-secret | |
US11190504B1 (en) | Certificate-based service authorization | |
CN104506534A (zh) | 安全通信密钥协商交互方案 | |
EP3417594A1 (en) | System and method for securely exchanging data between devices | |
CN111698264A (zh) | 用于保持用户认证会话的方法和装置 | |
US20240113885A1 (en) | Hub-based token generation and endpoint selection for secure channel establishment | |
CN110417722B (zh) | 一种业务数据通信方法、通信设备及存储介质 | |
CN108932425B (zh) | 一种离线身份认证方法、认证***及认证设备 | |
JP3914193B2 (ja) | 認証を得て暗号通信を行う方法、認証システムおよび方法 | |
Shahidinejad et al. | Decentralized lattice-based device-to-device authentication for the edge-enabled IoT | |
KR101256114B1 (ko) | 다수의 mac검증서버에 의한 메시지인증코드 검증 방법 및 시스템 | |
CN113918971A (zh) | 基于区块链的消息传输方法、装置、设备及可读存储介质 | |
CN112035820B (zh) | 一种用于Kerberos加密环境下的数据解析方法 | |
CN109302287A (zh) | 消息转发方法和*** | |
WO2023003582A1 (en) | Authentication using group signatures of user devices |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20201118 Address after: Room 02-a078, 2 / F, block B, No.22, information road, Haidian District, Beijing 100085 Patentee after: Information technology (Beijing) Co.,Ltd. Address before: No. a-2012-061, 17th floor, building 1, No. 18, Zhongguancun East Road, Haidian District, Beijing 100000 Patentee before: Beijing Fengxin Technology Co.,Ltd. |
|
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20240311 Address after: 570100, No. 2 Shimao East Road, Longhua District, Haikou City, Hainan Province, China. Building 804, Shimao Yayuan F, Zhongchuang Space-473 Patentee after: Hainan Yunhui Enterprise Management Center (Limited Partnership) Country or region after: China Address before: Room 02-A078, 2nd Floor, Building B, No. 22 Information Road, Haidian District, Beijing, 100085 Patentee before: Information technology (Beijing) Co.,Ltd. Country or region before: China |