150results about How to "Guaranteed anonymity" patented technology

The invention discloses a PUF (Physical Unclonable Function)-based three-factor anonymous user authentication protocol method in the Internet of Things, which solves the security problems such as physical clone attacks and the like, and is implemented by the following steps that: a gateway generates a long-term key for registration and key negotiation of nodes and users; the node sends a PUF-basedchallenge and response to the gateway, and the gateway generates an authentication certificate and sends a node key to the node to complete registration; the user sends the identity identifier to thegateway, the gateway generates a user dynamic identity identifier and a user key and sends the user dynamic identity identifier and the user key to the user, and the user encrypts and stores the userdynamic identity identifier and the user key in the smart card to complete registration; and the user, the gateway and the node perform mutual authentication and key agreement to form a PUF-based three-factor anonymous user authentication protocol method in the Internet of Things. Based on three-factor authentication, smart card loss, password guessing attack and the like can be resisted; the method achieves the anonymity of the user and the node, is small in calculation amount, is high in efficiency, is suitable for IOT nodes with limited resources, and is used for IOT safety communication.

The invention discloses an electronic voting system based on finger vein feature recognition. The system comprises a finger vein feature acquisition device, a voting client sub-system, a voting center sub-system and a vote counting center sub-system. The finger vein image of a voter is acquired by the finger vein feature acquisition device, the voter is registered in the voting center sub-system by the finger vein feature, the legality of the voter is verified by the voting center sub-system, and the vote is issued to the voter if the voter is qualified. A biological characteristic public / private key pair of the voter can be generated by software of the voting client sub-system, and the voting process is realized by the interaction of security protocols such as certificate signing among the voting client sub-system, the voting center sub-system and the vote counting center sub-system. Compared with other electronic voting systems, the system enables a finger vein feature recognition technology to be introduced, and the finger vein feature recognition technology replaces ways such as passwords and digital certificates and takes part in the network identity authentication and the voting process, so that the safety and use convenience of the system are improved; the electronic voting system based on finger vein feature recognition also has anonymity, transparency and openness.

The invention provides a data safe transmission method in a body area network system. The data safe transmission method in the body area network system comprises the following steps: according to the level structure deploy body area network system, and symmetric keys are prearranged in cluster heads and base stations, and symmetric keys are prearranged in concentrators and the cluster heads; the body area network system is initialized; each concentrator collects data and transmits the data to the cluster heads; and the data are sent to the base stations by the cluster heads, and are decrypted, stored, analyzed and processed through the base stations. The body area network structure is delaminated, simplicity and expansibility of network deploy are improved, and the data safe transmission method is beneficial for network life circles and energy control. The data safe transmission method not only can guarantee data privacy of users, but also can ensure network user context privacy, and prevent corresponding relations between two communication sides from being broken. In addition, information receivers are not limited, and therefore medical workers or relatives of patients can all conveniently and fast search disease information of patient information, the data safe transmission method accords with actual using requirements of a body area network.

The invention discloses a disposable public key encryption structuring method based on fuzzy identity. According to the method, a computer system is utilized to complete disposable public key anonymous encryption structure based on fuzzy identity and comprises a user A, a user B, a PKG (a public key generation center) and a KGC (a private key generation center), wherein two users need to send and receive messages to / from each other. The method comprises five steps: initialization, user secret key generation, disposable public key generation, encryption and decryption. Compared with the conventional method, the method has anonymity, unforgeability and traceability, and can effectively prevent disposable attack of malicious users and untrusted attack from a trusted center in the system. Meanwhile, compared with the conventional method, the method provided by the invention has relatively high calculation efficiency and relatively low communication expenditure.

The invention discloses a supervisable anonymous authentication method based on zero knowledge proof, comprising three types of participants: a CA, a user and a verifier, wherein the CA generates an issuer key pair and a group key, the CA allocates a pair of private keys to the user during registration of the user, and meanwhile the CA issues a relevant certificate to the user according to the attribute information submitted by the user; when the user presents the certificate, the verifier specifies an attribute that needs to be presented on the certificate of the user, and the user signs thecertificate and hides attribute values that do not need to be presented; and the verifier verifies the signature, if the signature passes the verification, the certificate presented by the user is valid, or otherwise, the certificate presented by the user is invalid. By adoption of the supervisable anonymous authentication method disclosed by the invention, the anonymity of the user is also ensured while increasing a mandatory supervision function, thereby greatly improving the identity privacy of the user compared with the general identity supervision scheme. By adoption of the supervisable anonymous authentication method disclosed by the invention, a supervisable function is also added.

The invention discloses a method for authenticating a radio frequency tag. The method comprises the following steps that: the radio frequency tag receives a query request transmitted by a reader and a first random number generated by the reader; the radio frequency tag encrypts a generated second random number and a current identifier of the radio frequency tag according to the received first random number so as to generate a first key and transmit the first key to the reader; the radio frequency tag receives a second key returned by the reader, wherein the second key is generated by obtaining the second random number and a corresponding memory identifier by passing the authentication of the first key by the reader and encrypting the memory identifier by utilizing a third random number generated by the first random number and the second random number; and the radio frequency tag encrypts the current identifier by utilizing the third random number generated by the first random number and the second random number so as to generate a third key and confirms that the authentication of the reader is passed when the third key is equal to the received second key.

The invention discloses a safe and reliable communication method based on group authentication in a smart home environment. An authentication process is divided into three stages, in the equipment initialization and registration stage, newly added gateway equipment initialization work and registration work of a group of smart home equipment are completed, in the authentication and key negotiationstage, mutual identity authentication of the gateway and the same group of smart equipment is completed, and a session key is generated between each piece of smart equipment and the gateway and used for encrypting and decrypting transmission data. According to the method provided by the invention, simultaneous identity authentication of a group of intelligent equipment can be realized, and the overhead of computing resources is reduced by utilizing operations with relatively low overhead, such as hash operation, linear polynomial calculation, number addition calculation and exclusive-OR operation.

A personal item ( 3 ), such as an item of clothing, an accessory or a portable device, is fitted with an identification tag ( 2 ) having memory means ( 11 ) for recording an individual code assigned to the tag ( 2 ), and emitting means ( 12 ) for emitting a signal representing the individual code; a portable detecting device ( 4 ) has enabling means ( 16 ) for enabling the emitting means ( 12 ) and for transmitting an inquiry signal to the tag ( 2 ) and receiving, in response, the signal representing the individual code and emitted by the emitting means ( 12 ) of the tag ( 2 ); and the individual code so detected may then be used as an E-mail box address on a dedicated internet web site to contact the owner of the tag ( 2 ), thus providing a straightforward, effective way of establishing interpersonal relationships between strangers, while at the same time ensuring their anonymity.