Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

An http-digest-like aka identity authentication system and method based on a symmetric key pool

An identity authentication and key pool technology, applied in the field of end-to-end authentication and key negotiation, can solve problems such as low security performance, message cracking, encrypted communication security threats, etc., to improve security and complexity, simplify Message verification steps, the effect of reducing the risk of cracking

Active Publication Date: 2021-08-10
RUBAN QUANTUM TECH CO LTD
View PDF9 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] 1. Although the patent document with the publication number CN106357649A uses a quantum key card as a symmetric key pool, its identity authentication is one-way, and there are large security risks
Moreover, the key used in this invention does not distinguish between communication modes, and is too single. In the case of key leakage, all messages will be cracked
[0009] 2. The existing HTTP Digest authentication method using the AKA mechanism uses very limited keys and negotiated keys, and the security performance is not high
The random number RAND used for key agreement is exposed in communication, which will pose a threat to the security of encrypted communication to a certain extent.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An http-digest-like aka identity authentication system and method based on a symmetric key pool
  • An http-digest-like aka identity authentication system and method based on a symmetric key pool
  • An http-digest-like aka identity authentication system and method based on a symmetric key pool

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0073] Flow Description

[0074] For the schematic diagram of the registration process in this embodiment, please refer to figure 2 ,include:

[0075] Step 1: The client initiates a registration request

[0076] The client initiates a registration request to the server as needed. The contents of the main header fields and fields are as follows:

[0077] REGISTER sip:home.mobile.biz SIP / 2.0

[0078] Authenticate:Digest

[0079] username="jon.dough@home.mobile.biz",

[0080] realm="home.mobile.biz",

[0081] nonce="",

[0082] uri="sip:home.mobile.biz",

[0083] response="",

[0084] ...

[0085] The values ​​of the "response" and "nonce" fields are both set to null in the initial Registration Request message. This request contains the ID of the client A and the server's ID B And a random number RAND1 generated by the client, which has the function of this message identifier.

[0086] The random number RAND1 is preferably a quantum random number generated by a quan...

Embodiment 2

[0153] Flow Description

[0154] For the schematic diagram of the registration process in this embodiment, please refer to image 3 . The difference from Embodiment 1 lies in the way of generating the authentication response. include:

[0155] Step 1: The client initiates a registration request

[0156] The client initiates a registration request to the server as needed. The contents of the main header fields and fields are as follows:

[0157] REGISTER sip:home.mobile.biz SIP / 2.0

[0158] Authenticate:Digest

[0159] username="jon.dough@home.mobile.biz",

[0160] realm="home.mobile.biz",

[0161] nonce="",

[0162] uri="sip:home.mobile.biz",

[0163] response="",

[0164] ...

[0165] The values ​​of the "response" and "nonce" fields are both set to null in the initial Registration Request message. This request contains the ID of the client A and the server's ID B And a random number RAND1 generated by the client, which has the function of this message identifie...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an HTTP-Digest type AKA identity authentication method and system based on a symmetric key pool. When performing authentication, a client initiates a registration request to a server, and the registration request contains a first random number; A question message, the question message is generated by the server in response to the registration request, the question message includes a message authentication code, AMF, and a second random number used to generate a negotiation key, and the second random number adopts ciphertext form, the anonymous key used to encrypt the second random number is generated by the server using the first random number; use the first random number and message authentication code to verify the question message in turn, and generate a response after the verification is passed message; sending the response message to the server, and receiving a registration result from the server for the response message. The invention adopts two-way authentication, further improves security, simplifies cumbersome message verification steps, and reduces the risk of key being cracked.

Description

technical field [0001] The invention relates to the technical field of secure communication, in particular to an algorithm of end-to-end authentication and key agreement, that is, how two communication parties perform two-way identity authentication and take out the same key from a symmetric key pool. Background technique [0002] Authentication, that is, identity authentication is the basic technology to achieve information security. The system checks the user's identity to confirm whether the user has access and use rights to certain resources, and can also perform identity authentication between systems. [0003] The security issues of mobile communications are facing severe challenges, and more and more attention has been paid to them. As a relatively independent security system, the communication between the client and the server must be under security protection at all times, and all clients must be authenticated before using the services of the network core control pl...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/08H04L9/32H04L29/06
CPCH04L9/0838H04L9/0869H04L9/3273H04L63/08H04L63/0869
Inventor 富尧钟一民
Owner RUBAN QUANTUM TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com