CN114978540A - PMU (phasor measurement Unit) system authentication method based on SM2 algorithm - Google Patents
PMU (phasor measurement Unit) system authentication method based on SM2 algorithm Download PDFInfo
- Publication number
- CN114978540A CN114978540A CN202210544409.4A CN202210544409A CN114978540A CN 114978540 A CN114978540 A CN 114978540A CN 202210544409 A CN202210544409 A CN 202210544409A CN 114978540 A CN114978540 A CN 114978540A
- Authority
- CN
- China
- Prior art keywords
- pmu
- communication
- certificate
- random number
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 30
- 238000005259 measurement Methods 0.000 title description 2
- 238000004891 communication Methods 0.000 claims abstract description 48
- 238000005516 engineering process Methods 0.000 claims abstract description 10
- 230000008520 organization Effects 0.000 claims abstract description 5
- 238000012795 verification Methods 0.000 claims description 11
- 238000004364 calculation method Methods 0.000 claims description 6
- 230000005540 biological transmission Effects 0.000 abstract 1
- 238000010586 diagram Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 238000012827 research and development Methods 0.000 description 2
- 230000006978 adaptation Effects 0.000 description 1
- 238000005034 decoration Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
- H04L9/3268—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3066—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- Mathematical Physics (AREA)
- Pure & Applied Mathematics (AREA)
- Mathematical Optimization (AREA)
- Mathematical Analysis (AREA)
- General Physics & Mathematics (AREA)
- Algebra (AREA)
- Power Engineering (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a PMU system authentication method based on SM2 algorithm. The technical scheme adopted by the invention comprises the following steps: the PMU system is initialized, after both communication parties respectively generate private keys, the private keys are attached to the private keys to apply for digital certificates to a certificate issuing organization; the mutual authentication of the two communication parties in the PMU system is completed by using a digital certificate and a signature technology; the communication key negotiation is completed by the communication parties in the PMU system by using the SM2 asymmetric encryption and decryption method. The method can ensure the safety certification of each terminal in the PMU system during communication, ensures that the data cannot be intercepted, forged and falsified in the data transmission process, and has wide practical value and application prospect in the field of intelligent power grids.
Description
Technical Field
The invention relates to the fields of cryptography and communication security, in particular to a PMU system authentication method based on SM2 algorithm.
Background
With the development of smart grids, the scale of power systems is continuously enlarged, and the number and types of devices connected to the power grids are rapidly increased. The pmu (phasor units) system is used as a unit for measuring grid data in an electric power system, and includes various devices such as a synchronous vector Measurement device, a vector data concentrator, and a time synchronization device. The access of various complicated terminals brings potential safety hazards to the PMU system, and in order to ensure the safety of the data information of the power grid, a safe and reliable PMU system authentication method is urgently needed to be researched.
With the development of cryptographic technology and computer technology, the 1024-bit RSA algorithm has been proved to be at risk of attack, and NIST (national institute of standards and technology) in 2010 requires that the 1024-bit RSA algorithm be completely disabled and upgraded to 2048-bit RSA algorithm. In addition, after the snooker event is exploded, the leaked confidential documents show that the preset backgate of NSA may exist in the RSA algorithm, and the safety of the RSA algorithm is greatly influenced. The SM2 algorithm is independently developed and designed based on ECC elliptic curve cryptography theory in China, and recommends using a 256-bit curve as a standard curve. China vigorously pushes SM2 domestic cryptographic algorithm to replace the currently adopted RSA algorithm, on one hand, security risks such as vulnerability and 'back door presetting' existing in the RSA algorithm are avoided, on the other hand, autonomous controllability of the cryptographic algorithm which is a key link is ensured, and security and credibility of information security infrastructure in China are guaranteed.
At present, PMU system authentication combined with an encryption algorithm has the problems of incapability of autonomous control, low encryption and decryption efficiency and the like, so in order to guarantee the communication safety of the electric PMU system, a PMU system authentication method based on the SM2 algorithm is urgently needed.
Disclosure of Invention
In order to overcome the defect that authentication communication cannot be controlled independently in the prior art, the invention provides the PMU system authentication method based on the SM2 algorithm, so that identity authentication can be safely completed between terminals in the PMU system, and then the negotiated session key is used for encrypting communication information.
The technical scheme is as follows: in order to achieve the purpose, the invention adopts the technical scheme that:
a PMU system authentication method based on SM2 algorithm includes the following steps:
step 201: the PMU system is initialized, after both communication parties respectively generate private keys, the private keys are attached to the private keys to apply for digital certificates to a certificate issuing organization;
step 202: after the certificate signing and issuing organization generates a public key of the PMU, the digital certificate with the public key and the private key is sent to two communication parties, and the two communication parties in the PMU system complete mutual authentication through the digital certificate and a signature technology;
step 203: both communication parties in the PMU system use SM2 asymmetric encryption and decryption method to complete communication key negotiation; the SM2 asymmetric encryption and decryption method comprises the following steps:
step 2031: one of two communication parties requesting a session is set as a requesting party, and the other of the two communication parties is set as a receiving party; the requester generates request information and sends the request information to the receiver; the request information is
Wherein r is A Is a random number, and is a random number,
is to use the public key P of the receiving party B And encrypting the random number to generate the content.
Step 2032: the receiving party uses the private key to decrypt the calculation
To obtain r A While generating a random number r B Calculating S K =r A ∧r B Will be
Sending the request to a requesting party; wherein
For using the public key P of the requesting party A Encrypting random number r B The content of generation, H (S) K ) Uses the secret SM3 digest algorithm to negotiate the secret key S K And (5) generating the abstract.
Step 2033: requesting party decrypting computations using private key
To obtain r B ', calculating S simultaneously K ′=r A ∧r B ' and H (S) K ') compare H (S) K ') and H (S) K ) If they are the same, the negotiated session key is S K Otherwise, negotiation fails.
Preferably, in step 201, when the two parties of communication initialize, the two parties of communication locally use SM2 key generation algorithm to generate a private key, that is, a random number generator is used to generate an integer as the private key, and then a certificate request is sent to a ca (certificate authority) in the system to obtain a signed digital certificate.
Preferably, the signing and verification of the digital certificate in step 202 is implemented using the SM2 signing and verification signing algorithm.
Preferably, the following components: in step 203, the two parties of communication use the public key of the other party to encrypt the session key information, and use their own private key to decrypt when receiving.
Compared with the prior art, the invention has the following beneficial effects:
the invention adopts the digital certificate technology to prevent man-in-the-middle attack, and simultaneously uses the SM2 algorithm as the algorithm of certificate signing, signature verification and data encryption and decryption. The SM2 algorithm adopted by the invention is an independent research and development design based on ECC elliptic curve cryptography theory in China, on one hand, the vulnerability of the RSA algorithm and the safety risk of 'presetting back door', 'presetting back door' and overlong secret key are avoided, on the other hand, the key link of the cryptography algorithm is ensured to be independently controllable, and the safety and the credibility of information safety infrastructure in China are ensured. The invention can ensure the autonomous controllability of the key link of the cryptographic algorithm and has higher safety.
Drawings
Fig. 1 is a flowchart of a PMU system authentication method according to an embodiment of the present invention.
Fig. 2 is a schematic diagram of a system initialization process according to an embodiment of the present invention.
Fig. 3 is a schematic diagram of a mutual authentication process according to an embodiment of the present invention.
Fig. 4 is a schematic diagram of a key agreement procedure according to an embodiment of the present invention.
Detailed Description
The preferred embodiments of the present invention will be described in detail below with reference to the accompanying drawings so that the advantages and features of the present invention can be more easily understood by those skilled in the art, and the scope of the present invention will be more clearly and clearly defined.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures.
It is to be understood that the terms "center," "upper," "lower," "left," "right," "vertical," "horizontal," "inner," "outer," and the like are used in a generic and descriptive sense only and not for purposes of limitation, the terms "center," "upper," "lower," "left," "right," "vertical," "horizontal," "inner," "outer," and the like are used in the generic and descriptive sense only and not for purposes of limitation, as the term is used in the generic and descriptive sense, and not for purposes of limitation, unless otherwise specified or implied, and the specific reference to a device or element is intended to be a reference to a particular element, structure, or component. Furthermore, the terms "first," "second," "third," and the like are used solely to distinguish one from another and are not to be construed as indicating or implying relative importance.
Furthermore, the terms "horizontal", "vertical", "overhang" and the like do not imply that the components are required to be absolutely horizontal or overhang, but may be slightly inclined. For example, "horizontal" merely means that the direction is more horizontal than "vertical" and does not mean that the structure must be perfectly horizontal, but may be slightly inclined.
The description corresponding to the symbolic parameter used in the description of the authentication method of the PMU system based on the SM2 algorithm in the embodiment of the present invention is shown in table 1:
TABLE 1
As shown in fig. 1, a PMU system authentication method based on SM2 algorithm in this embodiment includes the following steps:
step 1: as shown in fig. 2, the PMU system initializes, and after generating the private key, both communication parties attach the private key to apply for the digital certificate to the certificate issuing authority:
suppose that the two communicating parties are PMU respectively A With PMU B ,PMU A And PMU B Firstly, a 256-bit private key d is locally generated A With a private key d B . The private key is generated by a random number generator, PMU A And PMU B The certificate request is sent to the CA (certificate authority) authority along with the encrypted private key (encrypted using the CA's public key). Obtaining private key of PMU after CA decryption and generating public key for PMU by SM2 public key generating algorithm, i.e. public key P ═ d]G, wherein G is the base point of the elliptic curve, and meanwhile, the PMU generates a certificate and signs the certificate with the private key of the PMU. Certificate including public key P of PMU A And a private key P B ID, ID A And ID B Version number, serial number, certificate signing authority identification, signature of the certificate signing authority, certificate validity period and the like. Then PMU A And PMU B Mutual authentication will be performed.
And 2, step: as shown in fig. 3, after the certificate issuing authority generates the public key of the PMU and then sends the digital certificate with the public key and the private key to both communication parties, both communication parties in the PMU system complete mutual authentication through the digital certificate and the signature technology:
(1)PMU A generating a random number r A And SN, calculation
And sends the Request to PMU B 。H(r A ) Is the result of the random number calculation using the SM3 digest algorithm.
(2)PMU B Receiving PMU A After the Request is sent, C is obtained A And use the local CA certificate C CA Of (2) CA Verification C A If the verification fails, the connection is disconnected. Later PMU B From C A In obtaining P A Obtaining the signature from the Request
And calculate
Wherein, H (r) A ) To use the public key P A And calculating a result obtained by the signature. Obtaining a random number r from a Request A And calculating H (r) A ) If H (r) A ) And H (r) A ) Equal PMU B Successfully certifying PMU A Otherwise, the authentication fails.
(3)PMU B Generating a random number r B Calculating
And sends Reply to PMU A 。
(4)PMU A Receiving PMU B The transmitted Reply is obtained C B And use local C CA P in (1) CA Verification C B And (4) disconnecting the connection if the verification fails. Later PMU A From C B In obtaining P B Obtaining a signature from Reply
And calculate
To use public key P B The signature is calculated. Obtaining a random number r from a Request B And calculating H (r) B ) If H (r) B ) And H (r) B ) Equal PMU A Successfully certifying PMU B Otherwise, the authentication fails.
And step 3: as shown in fig. 4, both communication parties in the PMU system use SM2 asymmetric encryption and decryption to complete communication key agreement:
(1)PMU A generating a random number r A And SN, will
Sent to PMU B 。
To use public key P B The random number is public key encrypted by SM 2.
(2)PMU B Using a private key d B Is decrypted to obtain
While generating a random number r B Calculating S K =r A ∧r B Will be
Sent to PMU A 。
(3)PMU A Using a private key d A Is decrypted to obtain
Calculating S simultaneously K ′=r A ∧r B And H (S) K '). Comparison H (S) K ') and H (S) K ) If they are the same, the negotiated session key is S K Otherwise, negotiation fails.
PMU A And PMU B The secure exchange of the information of key negotiation is realized by encrypting the random number generated by the user by using the public key of the other party, and the finally negotiated session key is used for the symmetric encryption and decryption of the communication information of the two parties. The communication between PMUs is based on TCP connection, and the two parties need to re-verify the identity and negotiate the session key each time the connection is made, so that each session key can only be used in one connection. When the connection is closedThe session key will not be used anymore.
Compared with the prior art, the embodiment of the invention has the following beneficial effects:
the embodiment of the invention adopts the digital certificate technology to prevent man-in-the-middle attack, and simultaneously uses the SM2 algorithm as the algorithm for certificate signing, signature verification and data encryption and decryption. The SM2 algorithm adopted by the embodiment of the invention is an independent research and development design based on ECC elliptic curve cryptography theory in China, on one hand, the vulnerability of the RSA algorithm and the safety risks of 'presetting back door', 'presetting back door' and overlong secret key are avoided, on the other hand, the key link of the cryptographic algorithm is ensured to be independently controllable, and the safety and the credibility of information security infrastructure in China are ensured. The embodiment of the invention can ensure the autonomous controllability of the key link of the cryptographic algorithm and has higher safety.
Although the embodiments of the present invention have been described, various changes or modifications may be made by the patentee within the scope of the appended claims, and the scope of the present invention should be determined not to exceed the range described in the claims. The principles and embodiments of the present invention are explained herein using specific examples, which are presented only to assist in understanding the method and its core concepts of the present invention. It should be noted that there are no specific structures but a few objective structures due to the limited character expressions, and that those skilled in the art may make various improvements, decorations or changes without departing from the principle of the invention or may combine the above technical features in a suitable manner; such modifications, variations, combinations, or adaptations of the invention using its spirit and scope, as defined by the claims, may be directed to other uses and embodiments.
Claims (8)
1. A PMU system authentication method based on SM2 algorithm is characterized by comprising the following steps:
step 201: the PMU system is initialized, after both communication parties respectively generate private keys, the private keys are attached to the private keys to apply for digital certificates to a certificate issuing organization;
step 202: after the certificate signing and issuing organization generates a public key of the PMU, the digital certificate with the public key and the private key is sent to two communication parties, and the two communication parties in the PMU system complete mutual authentication through the digital certificate and a signature technology;
step 203: both communication parties in the PMU system use SM2 asymmetric encryption and decryption method to complete communication key negotiation; the SM2 asymmetric encryption and decryption method comprises the following steps:
step 2031: one of two communication parties requesting a session is set as a requester, and the other of the two communication parties is set as a receiver; the requester generates request information and sends the request information to the receiver; the request information is
Wherein r is A Is a random number, and is a random number,
is to use the public key P of the receiving party B And encrypting the random number to generate the content.
Step 2032: the receiving party uses the private key to decrypt the calculation
To obtain r A While generating a random number r B Calculating S K =r A ∧r B Will be
Sending the request to a requesting party; wherein
For using the public key P of the requesting party A Encrypting random number r B The content of generation, H (S) K ) Uses the secret SM3 digest algorithm to negotiate the secret key S K And (5) generating the abstract.
Step 2033: requesting party decrypting computations using private key
To obtain r B ', calculating S simultaneously K ′=r A ∧r B ' and H (S) K ') compare H (S) K ') and H (S) K ) Whether they are the same or not, and if they are the same, the negotiated session key is S K Otherwise, negotiation fails.
2. The PMU system authentication method based on SM2 algorithm according to claim 1, wherein: in step 201, the two parties of communication respectively locally use the SM2 key generation algorithm to generate a private key, and then send a certificate request to a CA authority in the system to obtain a signed digital certificate.
3. The PMU system authentication method based on SM2 algorithm according to claim 1, wherein: the private key is a 256-bit random number generated by a random number generator.
4. The PMU system authentication method based on SM2 algorithm according to claim 1, wherein: the digital certificate comprises a public key and a private key of the PMU, an identity ID, a version number, a serial number, a certificate signing authority identification, a signature of the certificate signing authority and a certificate validity period of the communication party.
5. The PMU system authentication method based on SM2 algorithm according to claim 1, wherein: the specific method for the two communication parties to complete mutual authentication through the digital certificate and the signature technology in step 202 is as follows:
one of the two communication parties generates authentication request information and sends the authentication request information to the other one of the two communication parties, wherein the request information is a random number, a signature of the random number by using a private key of the one communication party and a certificate of the one communication party; the other party of the two communication parties obtains the certificate after receiving the request information and verifies the digital signature by using the public key in the local CA certificate: disconnecting if the verification fails; if the verification is successful, a public key is obtained from the certificate, signature information and a random number are obtained from the request information, the public key is used for calculating the signature, the SM3 algorithm is used for calculating the digest of the random number, whether the calculation result of the signature is the same as the digest of the random number or not is compared, if the calculation result of the signature is the same as the digest of the random number, the other one of the two communication parties successfully verifies one of the two communication parties, and if not, the verification fails. Likewise, another party may request the other party to authenticate itself in this manner.
6. The PMU system authentication method based on SM2 algorithm of claim 1, characterized in that: in step 203, the two parties of communication use the public key of the other party to encrypt the session key information, and use their own private key to decrypt when receiving.
7. The PMU system authentication method based on SM2 algorithm according to claim 1, wherein: the private key in step 201 is encrypted by the public key of the CA and then applies for a digital certificate to the certificate issuing authority.
8. The PMU system authentication method based on SM2 algorithm according to claim 1, wherein: the communication between the PMU communication parties is based on TCP connection, and the PMU communication parties need to verify the identity and negotiate the session key again each time the PMU communication parties are connected.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210544409.4A CN114978540A (en) | 2022-05-19 | 2022-05-19 | PMU (phasor measurement Unit) system authentication method based on SM2 algorithm |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210544409.4A CN114978540A (en) | 2022-05-19 | 2022-05-19 | PMU (phasor measurement Unit) system authentication method based on SM2 algorithm |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114978540A true CN114978540A (en) | 2022-08-30 |
Family
ID=82985190
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210544409.4A Pending CN114978540A (en) | 2022-05-19 | 2022-05-19 | PMU (phasor measurement Unit) system authentication method based on SM2 algorithm |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114978540A (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2019015387A1 (en) * | 2017-07-18 | 2019-01-24 | 东北大学 | Group identity signature based pmipv6 anonymous access authentication system and method |
| CN109802834A (en) * | 2017-11-16 | 2019-05-24 | 航天信息股份有限公司 | The method and system that a kind of pair of business layer data is encrypted, decrypted |
| CN111935712A (en) * | 2020-07-31 | 2020-11-13 | 深圳市燃气集团股份有限公司 | Data transmission method, system and medium based on NB-IoT communication |
| CN114205131A (en) * | 2021-12-06 | 2022-03-18 | 广西电网有限责任公司梧州供电局 | Safety certification protocol for transformer substation measurement and control and PMU (power management unit) equipment |
-
2022
- 2022-05-19 CN CN202210544409.4A patent/CN114978540A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2019015387A1 (en) * | 2017-07-18 | 2019-01-24 | 东北大学 | Group identity signature based pmipv6 anonymous access authentication system and method |
| CN109802834A (en) * | 2017-11-16 | 2019-05-24 | 航天信息股份有限公司 | The method and system that a kind of pair of business layer data is encrypted, decrypted |
| CN111935712A (en) * | 2020-07-31 | 2020-11-13 | 深圳市燃气集团股份有限公司 | Data transmission method, system and medium based on NB-IoT communication |
| CN114205131A (en) * | 2021-12-06 | 2022-03-18 | 广西电网有限责任公司梧州供电局 | Safety certification protocol for transformer substation measurement and control and PMU (power management unit) equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111835752B (en) | Lightweight authentication method based on equipment identity and gateway | |
| CN111083131B (en) | Lightweight identity authentication method for power Internet of things sensing terminal | |
| CN111818039B (en) | Three-factor anonymous user authentication protocol method based on PUF in Internet of things | |
| CN106506470B (en) | network data security transmission method | |
| Lin et al. | A new strong-password authentication scheme using one-way hash functions | |
| CN101212293B (en) | Identity authentication method and system | |
| CN103780618A (en) | Method for cross-isomerism domain identity authentication and session key negotiation based on access authorization ticket | |
| CN105610773B (en) | A kind of communication encryption method of electric energy meter remote meter reading | |
| CN110020524B (en) | Bidirectional authentication method based on smart card | |
| CN113630248B (en) | Session key negotiation method | |
| CN105049434B (en) | Identity identifying method and encryption communication method under a kind of peer to peer environment | |
| WO2010105479A1 (en) | Method for authenticating identity and generating share key | |
| CN113612610B (en) | Session key negotiation method | |
| WO2014069985A1 (en) | System and method for identity-based entity authentication for client-server communications | |
| CN113612797A (en) | Kerberos identity authentication protocol improvement method based on state cryptographic algorithm | |
| CN111817850B (en) | Anonymous group authentication method based on industrial Internet of things | |
| CN108259486B (en) | End-to-end key exchange method based on certificate | |
| CN116388995A (en) | Lightweight smart grid authentication method based on PUF | |
| CN115695007A (en) | Lightweight authentication key exchange method suitable for metachrosis electric power transaction | |
| CN114598533B (en) | Block chain side chain cross-chain identity trusted authentication and data encryption transmission method | |
| CN113676448B (en) | Offline equipment bidirectional authentication method and system based on symmetric key | |
| CN117278330B (en) | Lightweight networking and secure communication method for electric power Internet of things equipment network | |
| CN116599659B (en) | Certificate-free identity authentication and key negotiation method and system | |
| CN110519040B (en) | Anti-quantum computation digital signature method and system based on identity | |
| CN115484033A (en) | PMU power system communication method based on state cryptographic algorithm |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |