[go: up one dir, main page]

CN104468585A - Proxy-based user equipment trusted access authentication method - Google Patents

Proxy-based user equipment trusted access authentication method Download PDF

Info

Publication number
CN104468585A
CN104468585A CN201410765889.2A CN201410765889A CN104468585A CN 104468585 A CN104468585 A CN 104468585A CN 201410765889 A CN201410765889 A CN 201410765889A CN 104468585 A CN104468585 A CN 104468585A
Authority
CN
China
Prior art keywords
authentication
user equipment
parent node
packet
data packet
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201410765889.2A
Other languages
Chinese (zh)
Other versions
CN104468585B (en
Inventor
庞辽军
曹潮
赵颖
曲志华
谭示崇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN201410765889.2A priority Critical patent/CN104468585B/en
Publication of CN104468585A publication Critical patent/CN104468585A/en
Application granted granted Critical
Publication of CN104468585B publication Critical patent/CN104468585B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0884Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

本发明公开了一种基于代理的用户设备可信接入认证方法。主要解决现有的用户设备认证时间过长,无线网络覆盖范围小,且无线网络的安全性得不到保障的问题。其技术方案是:用户设备探寻认证服务器,若能够探寻到认证服务器,则用户设备与认证服务器进行双向身份认证,否则,用户设备与父节点进行权限判断;若父节点为已认证节点,则用户设备与父节点进行双向身份认证;若父节点为未认证节点,则父节点重复用户设备的探寻和认证过程,再执行与用户设备的认证,完成可信接入认证。本发明减少了认证时间,扩大了无线网络覆盖范围,提升了网络的安全性。可用于保护网络安全。

The invention discloses an agent-based user equipment trusted access authentication method. It mainly solves the problems that the existing user equipment authentication time is too long, the coverage area of the wireless network is small, and the security of the wireless network cannot be guaranteed. The technical solution is: the user equipment searches for the authentication server, and if the authentication server can be found, the user equipment and the authentication server perform two-way identity authentication; otherwise, the user equipment and the parent node perform permission judgment; if the parent node is an authenticated node, the user The device and the parent node conduct two-way identity authentication; if the parent node is an unauthenticated node, the parent node repeats the user device discovery and authentication process, and then performs authentication with the user device to complete trusted access authentication. The invention reduces the authentication time, expands the coverage area of the wireless network, and improves the security of the network. Can be used to protect network security.

Description

基于代理的用户设备可信接入认证方法Proxy-based user equipment trusted access authentication method

技术领域technical field

本发明属于无线网络技术领域,特别涉及用户设备可信接入认证方法,可用于保护网络安全。The invention belongs to the technical field of wireless networks, in particular to a user equipment trusted access authentication method, which can be used to protect network security.

背景技术Background technique

近些年来,无线网络技术得到快速发展,新的技术类型和应用模式层出不穷,大量面向通信网络环境的服务如电子商务、电子政务、音视频业务以及企事业单位的内网构建等等,都可以在无线网络环境下得到广泛应用。无线网络具有极大的便捷性,用户只需要一台移动设备就可随时随地接入网络,从而大大的提高工作效率,但由于移动设备计算能力较弱、存储空间有限、无线信号易被截获等缺点,其也存在着极大的安全隐患。针对无线网络环境,嗅探、窃听、身份冒充、分布式拒绝服务等攻击方式为常用手段,移动设备受到攻击之后,可能会导致敏感数据泄露、设备信息被篡改、入侵者通过无线网络获得网络管理权限等等严重后果。In recent years, wireless network technology has developed rapidly, and new technology types and application modes emerge in an endless stream. A large number of services oriented to the communication network environment, such as e-commerce, e-government, audio and video services, and intranet construction of enterprises and institutions, etc., can be It is widely used in wireless network environment. The wireless network has great convenience. Users only need a mobile device to access the network anytime and anywhere, thus greatly improving work efficiency. However, due to the weak computing power of mobile devices, limited storage space, and easy interception of wireless signals, etc. Shortcomings, it also has great potential safety hazards. For wireless network environments, attack methods such as sniffing, eavesdropping, identity impersonation, and distributed denial of service are common methods. After mobile devices are attacked, sensitive data may be leaked, device information may be tampered with, and intruders may obtain network management information through wireless networks. Permissions and other serious consequences.

面对无线网络环境下的安全隐患,传统的安全解决思路可能并不理想,例如防火墙对无线网络通信起不了作用,任何人在无线信号覆盖范围之内都能截获数据;由于体积和传输能力的限制,计算量大的加密/解密算法不适用于移动设备等等。在此背景之下,可信认证技术作为针对无线网络和移动设备安全威胁的新思路,成为了业界关注的热点。可信认证是一种通过密码技术对用户身份进行双向认证的方法,用这种方法构筑网络,可以对伪造身份的非法节点拒绝接入,从而确保接入网络的用户设备都为可信的。在实际的认证过程中,由于无线网络的边界不确定性和用户设备的移动性,可能使得用户设备发送的认证请求数据包无法到达认证服务器,从而导致用户设备认证时间过长,甚至无法接入网络,且无线网络的安全性也得不到保证。In the face of potential security risks in the wireless network environment, traditional security solutions may not be ideal. For example, firewalls do not work on wireless network communications, and anyone within the coverage of wireless signals can intercept data; limitations, computationally intensive encryption/decryption algorithms are not suitable for mobile devices, etc. In this context, trusted authentication technology, as a new idea for security threats to wireless networks and mobile devices, has become a hot spot in the industry. Trusted authentication is a method of two-way authentication of user identities through cryptographic technology. Using this method to build a network can deny access to illegal nodes that forge identities, thereby ensuring that all user devices connected to the network are trusted. In the actual authentication process, due to the uncertainty of the boundary of the wireless network and the mobility of the user equipment, the authentication request packet sent by the user equipment may not be able to reach the authentication server, resulting in too long authentication time for the user equipment, or even failure to access the authentication server. network, and the security of the wireless network cannot be guaranteed.

发明内容Contents of the invention

本发明的目的在于提出一种基于代理的用户设备可信接入认证方法,以解决现有技术用户设备认证时间过长,无线网络覆盖范围小,且无线网络的安全性得不到保障的问题。The purpose of the present invention is to propose a proxy-based user equipment trusted access authentication method to solve the problems in the prior art that the user equipment authentication time is too long, the wireless network coverage is small, and the security of the wireless network cannot be guaranteed .

实现本发明目的的主要思想是:通过用户设备向认证服务器发送探寻请求数据包,认证服务器若收到来自用户设备的探寻请求数据包,则向用户设备答复探寻响应数据包;若用户设备收到来自认证服务器的探寻响应数据包,则用户设备向认证服务器发送认证请求数据包以进行双向身份认证;若用户设备未收到来自认证服务器的探寻响应数据包,则用户设备应向其父节点发送认证请求数据包,若父节点为已认证节点,则用户设备同父节点进行双向身份认证;若父节点为未认证节点,则其重复上一步用户设备的探寻和认证过程,以执行自己与认证服务器的双向身份认证,再执行与用户设备的双向身份认证。当用户设备认证完成后,其就接入了可信网络。The main idea of realizing the object of the present invention is: send the search request data packet to the authentication server through the user equipment, if the authentication server receives the search request data packet from the user equipment, then reply the search response data packet to the user equipment; If the user equipment does not receive a probe response packet from the authentication server, the user equipment should send an authentication request packet to the authentication server for two-way identity authentication; if the user equipment does not receive a probe response packet from the authentication server, the user equipment should send a Authentication request data packet, if the parent node is an authenticated node, the user device will perform two-way identity authentication with the parent node; if the parent node is an unauthenticated node, it will repeat the previous step of the user device discovery and authentication process to perform self-authentication Two-way identity authentication of the server, and then perform two-way identity authentication with the user device. After the user equipment is authenticated, it is connected to the trusted network.

根据以上思路,本发明的实现步骤如下:According to above train of thought, the realization step of the present invention is as follows:

(1)用户设备A探寻认证服务器R:(1) User equipment A searches for authentication server R:

当用户设备A需要接入网络时,首先向网络中的认证服务器R发送探寻请求数据包,认证服务器R收到来自用户设备A的探寻请求数据包之后,向用户设备A答复探寻响应数据包,若用户设备A收到来自认证服务器R的探寻响应数据包,则探寻过程正常结束,执行步骤(2);若用户设备A未收到来自认证服务器R的探寻响应数据包,则探寻过程异常结束,执行步骤(3);When user equipment A needs to access the network, it first sends a search request packet to authentication server R in the network, and after receiving the search request packet from user equipment A, authentication server R replies to user equipment A with a search response packet, If user equipment A receives a search response packet from authentication server R, the search process ends normally, and step (2) is performed; if user equipment A does not receive a search response packet from authentication server R, the search process ends abnormally , execute step (3);

(2)用户设备A与认证服务器R之间进行三次握手的双向身份认证;(2) Two-way identity authentication with three handshakes between the user equipment A and the authentication server R;

(3)用户设备A与父节点B之间进行权限判断:(3) Permission judgment between user equipment A and parent node B:

用户设备A构造认证请求数据包,并将认证请求数据包发送至父节点B,父节点B收到认证请求数据包后,判断自身是否为已认证节点:如果是,则执行步骤(4),如果不是,则执行步骤(5);User equipment A constructs an authentication request packet, and sends the authentication request packet to parent node B. After receiving the authentication request packet, parent node B judges whether itself is an authenticated node: if yes, then execute step (4), If not, then perform step (5);

(4)用户设备A与父节点B之间进行三次握手的双向身份认证;(4) Two-way identity authentication of three-way handshake between user equipment A and parent node B;

(5)父节点B重复用户设备A的探寻和认证过程,以执行自己与认证服务器R的双向身份认证,再执行与用户设备A的双向身份认证。(5) The parent node B repeats the discovery and authentication process of the user equipment A to perform the two-way identity authentication with the authentication server R, and then perform the two-way identity authentication with the user equipment A.

本发明与现有技术相比具有如下优点:Compared with the prior art, the present invention has the following advantages:

1.由于本发明使用可信接入认证技术,因此可以保证接入网络的用户设备都为可信的,若用本发明建立网络,则可构筑可信无线局域网环境;1. Since the present invention uses trusted access authentication technology, it can ensure that all user equipments accessing the network are trusted, and if the network is established with the present invention, a trusted wireless local area network environment can be constructed;

2.由于本发明使用父节点认证机制,因此若有大量新用户同时接入网络时,则可缓解认证服务器的认证压力,使新用户得以快速接入网络;2. Since the present invention uses the parent node authentication mechanism, if a large number of new users access the network at the same time, the authentication pressure on the authentication server can be alleviated, so that new users can quickly access the network;

3.由于本发明使用父节点认证机制,因此若用户设备无法与网络中的认证服务器通信时,也可通过向其父节点发送认证请求的方式接入网络,这样一来,就大大减少了因设备的移动性和无线网络覆盖范围的不确定性导致的用户设备无法接入网络的情况。3. Since the present invention uses the parent node authentication mechanism, if the user equipment cannot communicate with the authentication server in the network, it can also access the network by sending an authentication request to its parent node. The situation that the user equipment cannot access the network due to the mobility of the equipment and the uncertainty of the coverage of the wireless network.

附图说明Description of drawings

图1本发明的实现总流程图;The realization overall flowchart of Fig. 1 the present invention;

图2用户设备与认证服务器进行双向身份认证的子流程图;Fig. 2 is a subflow chart of two-way identity authentication between the user equipment and the authentication server;

图3用户设备与父节点进行双向身份认证的子流程图。Fig. 3 is a sub-flow chart of two-way identity authentication between the user equipment and the parent node.

具体实施方式detailed description

参照图1,本发明的实现步骤如下:With reference to Fig. 1, the realization steps of the present invention are as follows:

步骤1,参数设置Step 1, parameter setting

密钥生成中心Trent根据安全参数z选取一个大素数q,其中q>2z,构造一个q阶的加法循环群G1和一个q阶乘法循环群G2The key generation center Trent selects a large prime number q according to the security parameter z , where q>2z, and constructs a q-order additive cyclic group G 1 and a q-factorial cyclic group G 2 ;

构造一个双线性映射e:G1×G1→G2Construct a bilinear map e:G 1 ×G 1 →G 2 ;

从群G1上随机选取生成元P;Randomly select generator P from group G1 ;

生成用户设备身份IDA、认证服务器身份IDR、父节点身份IDBGenerate user device identity ID A , authentication server identity ID R , and parent node identity ID B ;

选取一种签名算法Sig,如RSA算法等;Select a signature algorithm Sig, such as RSA algorithm;

生成用户设备A的签名私钥SKA、认证服务器R的签名私钥SKR、父节点B的签名私钥SKBGenerate the signature private key SK A of the user equipment A, the signature private key SK R of the authentication server R, and the signature private key SK B of the parent node B ;

选取密码单向哈希函数h(x)。Choose a cryptographic one-way hash function h(x).

步骤2,用户设备A探寻认证服务器R。In step 2, the user equipment A searches for the authentication server R.

当用户设备A需要接入网络时,首先向网络中的认证服务器R发送探寻请求数据包;When the user equipment A needs to access the network, it first sends a search request packet to the authentication server R in the network;

认证服务器R收到来自用户设备A的探寻请求数据包之后,向用户设备A答复探寻响应数据包:若用户设备A收到来自认证服务器R的探寻响应数据包,则探寻过程正常结束,执行步骤3;若用户设备A未收到来自认证服务器R的探寻响应数据包,则探寻过程异常结束,执行步骤4;After the authentication server R receives the search request packet from the user equipment A, it replies to the user equipment A with a search response packet: if the user equipment A receives the search response packet from the authentication server R, the search process ends normally, and the following steps are performed: 3. If the user equipment A does not receive the search response packet from the authentication server R, the search process ends abnormally, and step 4 is executed;

步骤3,用户设备A与认证服务器R之间进行三次握手的双向身份认证。In step 3, two-way identity authentication of three-way handshake is performed between the user equipment A and the authentication server R.

参照图2,本步骤具体实现如下:Referring to Figure 2, this step is specifically implemented as follows:

3a)用户设备A与认证服务器R之间进行第一次握手:3a) The first handshake is performed between user equipment A and authentication server R:

3a1)用户设备A选取XAR∈zq *作为DH交换临时私钥,再通过公式YAR=XARP计算DH交换临时公钥YAR,用户设备A生成随机数NAR3a1) User equipment A selects X AR ∈ z q * as the DH exchange temporary private key, and then calculates the DH exchange temporary public key Y AR through the formula Y AR =X ARP , and user equipment A generates a random number N AR ;

3a2)用户设备A使用签名算法Sig对用户设备A的身份IDA、认证服务器R的身份IDR、随机数NAR、DH交换临时公钥YAR进行计算,生成签名SigAR3a2) The user equipment A uses the signature algorithm Sig to calculate the identity ID A of the user equipment A, the identity ID R of the authentication server R, the random number N AR , and the DH exchange temporary public key Y AR to generate a signature Sig AR ;

3a3)用户设备A构造认证请求数据包P1,并将认证请求数据包P1发送至认证服务器R,认证请求数据包P1的内容包括:3a3) The user equipment A constructs the authentication request data packet P 1 , and sends the authentication request data packet P 1 to the authentication server R, and the content of the authentication request data packet P 1 includes:

IDA字段:用户设备A的身份;ID A field: the identity of user equipment A;

IDR字段:认证服务器R的身份;ID R field: the identity of the authentication server R;

NAR字段:用户设备A生成的随机数;N AR field: a random number generated by user equipment A;

YAR字段:用户设备A选取的DH交换临时公钥;Y AR field: DH exchange temporary public key selected by user equipment A;

SigAR字段:用户设备A使用自身的签名私钥SKA对IDA字段、IDR字段、NAR字段、YAR字段的签名;Sig AR field: user equipment A signs ID A field, ID R field, N AR field, and Y AR field with its own signature private key SK A ;

3a4)当认证服务器R收到认证请求数据包P1时,验证签名SigAR的正确性:如果不正确,则丢弃认证请求数据包P1,如果正确,则执行步骤3b)。3a4) When the authentication server R receives the authentication request data packet P 1 , it verifies the correctness of the signature Sig AR : if it is incorrect, discard the authentication request data packet P 1 , and if it is correct, execute step 3b).

3b)用户设备A与认证服务器R之间进行第二次握手:3b) The second handshake is performed between user equipment A and authentication server R:

3b1)认证服务器R选取XRA∈zq *作为DH交换临时私钥,再通过公式YRA=XRAP计算DH交换临时公钥YRA,认证服务器R生成随机数NRA3b1) The authentication server R selects X RA ∈ z q * as the DH exchange temporary private key, and then calculates the DH exchange temporary public key Y RA through the formula Y RA =X RA P , and the authentication server R generates a random number N RA ;

3b2)认证服务器R使用自身的签名私钥SKR对认证服务器R的身份IDR、用户设备A的身份IDA、随机数NRA、随机数NAR、DH交换临时公钥YRA进行计算,生成签名SigRA3b2) The authentication server R uses its own signature private key SK R to calculate the identity ID R of the authentication server R , the identity ID A of the user equipment A, the random number N RA , the random number N AR , and the DH exchange temporary public key Y RA , Generate signature Sig RA ;

3b3)认证服务器R根据DH交换临时私钥XRA和认证请求数据包P1中的DH交换临时公钥YAR,通过公式MKRA=e(XRA,YAR)计算R与A之间通信的主密钥MKRA3b3) The authentication server R calculates the communication between R and A according to the DH exchanged temporary private key X RA and the DH exchanged temporary public key Y AR in the authentication request packet P 1 through the formula MK RA =e(X RA , Y AR ) the master key MK RA ;

3b4)认证服务器R使用公式MICRA=h(MKRA||IDR||IDA||NRA||NAR||YRA)计算消息完整性校验码MICRA3b4) The authentication server R uses the formula MIC RA =h(MK RA ||ID R ||ID A ||N RA ||N AR ||Y RA ) to calculate the message integrity check code MIC RA ;

3b5)认证服务器R构造认证响应数据包P2,并将认证响应数据包P2发送至用户设备A,认证响应数据包P2的内容包括:3b5) The authentication server R constructs the authentication response data packet P 2 and sends the authentication response data packet P 2 to the user equipment A. The content of the authentication response data packet P 2 includes:

IDA字段:用户设备A的身份;ID A field: the identity of user equipment A;

IDR字段:认证服务器R的身份;ID R field: the identity of the authentication server R;

NRA字段:认证服务器R生成的随机数;N RA field: a random number generated by the authentication server R;

NAR字段:认证服务器R收到的认证请求数据包P1中的随机数NARN AR field: the random number N AR in the authentication request packet P1 received by the authentication server R ;

YRA字段:认证服务器R选取的DH交换临时公钥;Y RA field: DH exchange temporary public key selected by authentication server R;

SigRA字段:认证服务器R使用自身的签名私钥SKR对IDR字段、IDA字段、NRA字段、NAR字段、YRA字段的签名;Sig RA field: the authentication server R uses its own signature private key SK R to sign the ID R field, ID A field, N RA field, N AR field, and Y RA field;

MICRA字段:认证服务器R对MKRA字段、IDR字段、IDA字段、NRA字段、NAR字段、YRA字段计算得到的消息完整性校验码;MIC RA field: the message integrity check code calculated by the authentication server R on the MK RA field, ID R field, ID A field, N RA field, N AR field, and Y RA field;

3b6)当用户设备A收到认证响应数据包P2后,判断认证响应数据包P2中的NAR字段是否与认证请求数据包P1中的NAR相同:若不同,则丢弃认证响应数据包P2,若相同,则执行3b7);3b6) After user equipment A receives the authentication response data packet P2, judge whether the N AR field in the authentication response data packet P2 is the same as the N AR field in the authentication request data packet P1 : if not, discard the authentication response data package P 2 , if they are the same, execute 3b7);

3b7)用户设备A对DH交换临时私钥XAR和认证响应数据包P2中的DH交换临时公钥YRA使用公式MKAR=e(XAR,YRA)计算A与R之间通信的主密钥MKAR3b7) The user equipment A exchanges the temporary private key X AR with the DH and the DH exchange temporary public key Y RA in the authentication response packet P 2 using the formula MK AR =e(X AR , Y RA ) to calculate the communication between A and R master key MK AR ;

3b8)用户设备A对MKAR、IDR字段、IDA字段、NRA字段、NAR字段、YRA字段使用公式MICRA1=h(MKAR||IDR||IDA||NRA||NAR||YRA)计算消息完整性校验码MICRA1,验证MICRA1是否与认证响应数据包P2中的MICRA相同:若不同,则丢弃认证响应数据包P2,若相同,则验证签名SigRA的正确性:若不正确,则丢弃认证响应数据包P2,若正确就执行步骤3c); 3b8 ) User equipment A uses the formula MIC RA1 = h ( MK AR || ID R ||ID A || N RA | |N AR ||Y RA ) Calculate the message integrity check code MIC RA1 , verify whether MIC RA1 is the same as the MIC RA in the authentication response packet P 2 : if they are different, discard the authentication response packet P 2 , if they are the same, Then verify the correctness of the signature Sig RA : if it is not correct, discard the authentication response packet P 2 , and if it is correct, perform step 3c);

3c)用户设备A与认证服务器R之间进行第三次握手:3c) The third handshake is performed between the user equipment A and the authentication server R:

3c1)用户设备A对主密钥MKAR、用户设备A的身份IDA、认证服务器R的身份IDR、认证响应数据包P2中的随机数NRA使用公式MICAR=h(MKAR||IDA||IDR||NRA)计算消息完整性校验码MICAR 3c1 ) User equipment A uses the formula MIC AR =h( MK AR | |ID A ||ID R ||N RA ) calculate the message integrity check code MIC AR ;

3c2)用户设备A构造认证确认数据包P3,并将认证确认数据包P3发送至认证服务器R,认证确认数据包P3的内容包括:3c2) The user equipment A constructs the authentication confirmation data packet P3 , and sends the authentication confirmation data packet P3 to the authentication server R, and the content of the authentication confirmation data packet P3 includes:

IDA字段:用户设备A的身份;ID A field: the identity of user equipment A;

IDR字段:认证服务器R的身份;ID R field: the identity of the authentication server R;

NRA字段:用户设备A收到认证响应数据包P2中的随机数NRAN RA field: user equipment A receives the random number N RA in the authentication response packet P2;

MICAR字段:用户设备A对MKAR字段、IDA字段、IDR字段、NRA字段计算得到的消息完整性校验码;MIC AR field: the message integrity check code calculated by user equipment A on the MK AR field, ID A field, ID R field, and N RA field;

3c3)当认证服务器R收到认证确认数据包P3后,判断认证确认数据包P3中的随机数NRA是否与认证响应数据包P2中的随机数NRA相同:若不同,则丢弃认证确认数据包P3,若相同,则执行3c4);3c3) After the authentication server R receives the authentication confirmation packet P3 , it judges whether the random number N RA in the authentication confirmation packet P 3 is the same as the random number N RA in the authentication response packet P 2 : if they are different, discard Authentication confirmation data packet P 3 , if they are the same, execute 3c4);

3c4)认证服务器R对主密钥MKRA、IDR字段、IDA字段、NRA字段使用公式MICAR1=h(MKRA||IDR||IDA||NRA)计算消息完整性校验码MICAR1,并验证MICAR1是否与认证确认数据包P3中的MICAR相同,若不同,则丢弃认证响应数据包P3,若相同,则整个认证过程完成。3c4) The authentication server R uses the formula MIC AR1 =h(MK RA ||ID R ||ID A ||N RA ) to calculate the message integrity check for the master key MK RA , ID R field, ID A field, and N RA field. Check the code MIC AR1 and verify whether the MIC AR1 is the same as the MIC AR in the authentication confirmation packet P3 , if not, discard the authentication response packet P3 , if they are the same, the entire authentication process is completed.

步骤4,用户设备A与父节点B之间进行权限判断。Step 4: Judgment of authority between user equipment A and parent node B.

用户设备A构造认证请求数据包,并将认证请求数据包发送至父节点B,父节点B收到认证请求数据包后,判断自身是否为已认证节点:如果是,则执行步骤5,如果不是,则执行步骤6;User equipment A constructs an authentication request packet and sends the authentication request packet to parent node B. After receiving the authentication request packet, parent node B judges whether it is an authenticated node: if yes, execute step 5; if not , then go to step 6;

步骤5,用户设备A与父节点B之间进行三次握手的双向身份认证。In step 5, two-way identity authentication of three-way handshake is performed between user equipment A and parent node B.

参照图3,本步骤具体实现如下:Referring to Figure 3, this step is specifically implemented as follows:

5a)用户设备A与父节点B之间进行第一次握手:5a) The first handshake is performed between user equipment A and parent node B:

5a1)用户设备A选取XAB∈zq *作为DH交换临时私钥,再通过公式YAB=XABP计算DH交换临时公钥YAB,用户设备A生成随机数NAB5a1) The user equipment A selects X AB ∈ z q * as the DH exchange temporary private key, and then calculates the DH exchange temporary public key Y AB through the formula Y AB =X AB P, and the user equipment A generates a random number N AB ;

5a2)用户设备A使用签名算法Sig对用户设备A的身份IDA、父节点B的身份IDB、随机数NAB、DH交换临时公钥YAB进行计算,生成签名SigAB5a2) The user equipment A uses the signature algorithm Sig to calculate the identity ID A of the user equipment A, the identity ID B of the parent node B , the random number N AB , and the DH exchange temporary public key Y AB to generate the signature Sig AB ;

5a3)用户设备A构造认证请求数据包P4,并将认证请求数据包P4发送至认证父节点B,认证请求数据包P4的内容包括:5a3) The user equipment A constructs the authentication request data packet P 4 , and sends the authentication request data packet P 4 to the authentication parent node B, and the content of the authentication request data packet P 4 includes:

IDA字段:用户设备A的身份;ID A field: the identity of user equipment A;

IDB字段:父节点B的身份;ID B field: the identity of the parent node B;

NAB字段:用户设备A生成的随机数;N AB field: a random number generated by user equipment A;

YAB字段:用户设备A选取的DH交换临时公钥;Y AB field: DH exchange temporary public key selected by user equipment A;

SigAB字段:用户设备A使用自身的签名私钥SKA对IDA字段、IDB字段、NAB字段、YAB字段的签名;Sig AB field: user equipment A signs ID A field, ID B field, N AB field, Y AB field with its own signature private key SK A ;

5a4)当父节点B收到认证请求数据包P4后,判断自身是否为已认证节点:如果不是已认证节点,则执行步骤5,如果是已认证节点,则验证签名SigAB的正确性:如果不正确,则丢弃认证请求数据包P4,如果正确,则执行步骤5b); 5a4 ) After the parent node B receives the authentication request packet P4, it judges whether it is an authenticated node: if it is not an authenticated node, then perform step 5, and if it is an authenticated node, then verify the correctness of the signature Sig AB : If it is not correct, discard the authentication request packet P 4 , if it is correct, perform step 5b);

5b)用户设备A与父节点B之间进行第二次握手:5b) The second handshake is performed between user equipment A and parent node B:

5b1)父节点B选取XBA∈zq *作为DH交换临时私钥,再通过公式YBA=XBAP计算DH交换临时公钥YBA,父节点B生成随机数NBA5b1) The parent node B selects X BA ∈ z q * as the DH exchange temporary private key, and then calculates the DH exchange temporary public key Y BA through the formula Y BA =X BA P , and the parent node B generates a random number N BA ;

5b2)父节点B使用自身的签名私钥SKB对父节点B的身份IDB、用户设备A的身份IDA、随机数NBA、随机数NAB、DH交换临时公钥YBA进行计算,生成签名SigBA5b2) The parent node B uses its own signature private key SK B to calculate the identity ID B of the parent node B, the identity ID A of the user equipment A, the random number N BA , the random number N AB , and the temporary public key Y BA exchanged by DH, Generate signature Sig BA ;

5b3)父节点B根据DH交换临时私钥XBA和认证请求数据包P4中的DH交换临时公钥YAB,通过公式MKBA=e(XBA,YAB)计算B与A之间通信的主密钥MKBA5b3) The parent node B exchanges the temporary private key X BA according to the DH and the DH exchange temporary public key Y AB in the authentication request packet P 4 , and calculates the communication between B and A through the formula MK BA =e(X BA , Y AB ) The master key MK BA of ;

5b4)父节点B使用公式MICBA=h(MKBA||IDB||IDA||NBA||NAB||YBA)计算消息完整性校验码MICBA5b4) The parent node B uses the formula MIC BA =h(MK BA ||ID B ||ID A ||N BA ||N AB ||Y BA ) to calculate the message integrity check code MIC BA ;

5b5)父节点B构造认证响应数据包P5,并将认证响应数据包P5发送至用户设备A,认证响应数据包P5的内容包括:5b5) The parent node B constructs the authentication response data packet P 5 , and sends the authentication response data packet P 5 to the user equipment A, the content of the authentication response data packet P 5 includes:

IDA字段:用户设备A的身份;ID A field: the identity of user equipment A;

IDB字段:父节点B的身份;ID B field: the identity of the parent node B;

NBA字段:父节点B生成的随机数;N BA field: random number generated by parent node B;

NAB字段:父节点B收到的认证请求数据包P4中的随机数NABN AB field: the random number N AB in the authentication request packet P4 received by the parent node B ;

YBA字段:父节点B选取的DH交换临时公钥;Y BA field: DH exchange temporary public key selected by parent node B;

SigBA字段:父节点B使用自身的签名私钥SKB对IDB字段、IDA字段、NBA字段、NAB字段、YBA字段的签名;Sig BA field: parent node B uses its own signature private key SK B to sign the ID B field, ID A field, N BA field, N AB field, and Y BA field;

MICBA字段:父节点B对MKBA字段、IDB字段、IDA字段、NBA字段、NAB字段、YBA字段计算得到的消息完整性校验码。MIC BA field: the message integrity check code calculated by the parent node B for the MK BA field, ID B field, ID A field, N BA field, N AB field, and Y BA field.

5b6)当用户设备A收到认证响应数据包P5后,判断认证响应数据包P5中的NAB字段是否与认证请求数据包P4中的NAB相同:若不同,则丢弃认证响应数据包P5,若相同,则执行步骤5b7);5b6) After the user equipment A receives the authentication response data packet P5 , judge whether the N AB field in the authentication response data packet P5 is the same as the N AB field in the authentication request data packet P4: if not, discard the authentication response data package P 5 , if they are the same, execute step 5b7);

5b7)用户设备A对DH交换临时私钥XAB和认证响应数据包P5中的DH交换临时公钥YBA使用公式MKAB=e(XAB,YBA)计算A与B之间通信的主密钥MKAB5b7) The user equipment A exchanges the temporary private key X AB with the DH and the DH exchange temporary public key Y BA in the authentication response packet P 5. Use the formula MK AB =e(X AB , Y BA ) to calculate the communication between A and B master key MK AB ;

5b8)用户设备A对MKAB、IDB字段、IDA字段、NBA字段、NAB字段、YBA字段使用公式MICBA1=h(MKAB||IDB||IDA||NBA||NAB||YBA)计算消息完整性校验码MICBA1,验证MICBA1是否与认证响应数据包P5中的MICBA相同:若不同,则丢弃认证响应数据包P5,若相同,则验证签名SigBA的正确性:若不正确,则丢弃认证响应数据包P5,若正确就执行步骤5c); 5b8 ) User equipment A uses the formula MIC BA1 = h ( MK AB || ID B ||ID A || N BA | |N AB ||Y BA ) calculate the message integrity check code MIC BA1 , and verify whether MIC BA1 is the same as the MIC BA in the authentication response packet P5 : if they are different, discard the authentication response packet P5 ; if they are the same, Then verify the correctness of the signature Sig BA : if it is not correct, discard the authentication response packet P 5 , and if it is correct, perform step 5c);

5c)用户设备A与父节点B之间进行第三次握手:5c) The third handshake is performed between user equipment A and parent node B:

5c1)用户设备A对主密钥MKAB、用户设备A的身份IDA、父节点B的身份IDB、认证响应数据包P5中的随机数NBA使用公式MICAB=h(MKAB||IDA||IDB||NBA)计算消息完整性校验码MICAB 5c1 ) User equipment A uses the formula MIC AB =h( MK AB | |ID A ||ID B ||N BA ) calculate the message integrity check code MIC AB ;

5c2)用户设备A构造认证确认数据包P6,并将认证确认数据包P6发送至父节点B,认证确认数据包P6的内容包括:5c2) The user equipment A constructs the authentication confirmation data packet P 6 , and sends the authentication confirmation data packet P 6 to the parent node B, and the content of the authentication confirmation data packet P 6 includes:

IDA字段:用户设备A的身份;ID A field: the identity of user equipment A;

IDB字段:父节点B的身份;ID B field: the identity of the parent node B;

NBA字段:用户设备A收到认证响应数据包P5中的随机数NBAN BA field: user equipment A receives the random number N BA in the authentication response packet P5 ;

MICAB字段:用户设备A对MKAB字段、IDA字段、IDB字段、NBA字段计算得到的消息完整性校验码;MIC AB field: the message integrity check code calculated by user equipment A on the MK AB field, ID A field, ID B field, and N BA field;

5c3)当父节点B收到认证确认数据包P6后,判断认证确认数据包P6中的随机数NBA是否与认证响应数据包P5中的随机数NBA相同:若不同,则丢弃认证确认数据包P6,若相同,则执行步骤5c4);5c3) After the parent node B receives the authentication confirmation data packet P6, judge whether the random number N BA in the authentication confirmation data packet P 6 is the same as the random number N BA in the authentication response data packet P 5 : if they are different, discard Authentication confirmation data packet P 6 , if they are the same, execute step 5c4);

5c4)父节点B对主密钥MKBA、IDB字段、IDA字段、NBA字段使用公式MICAB1=h(MKBA||IDB||IDA||NBA)计算消息完整性校验码MICAB1,并验证MICAB1是否与认证确认数据包P6中的MICAB相同:若不同,则丢弃认证响应数据包P6,若相同,则整个认证过程完成。5c4) Parent node B uses the formula MIC AB1 =h(MK BA ||ID B ||ID A ||N BA ) to calculate the message integrity check for the master key MK BA , ID B field, ID A field, and N BA field Check the code MIC AB1 and verify whether the MIC AB1 is the same as the MIC AB in the authentication confirmation packet P 6 : if they are different, the authentication response packet P 6 is discarded, and if they are the same, the entire authentication process is completed.

步骤6,父节点B重复用户设备A的探寻和认证过程,以执行自己与认证服务器R的双向身份认证,再执行与用户设备A的双向身份认证。In step 6, the parent node B repeats the discovery and authentication process of the user equipment A, so as to perform two-way identity authentication with the authentication server R, and then perform two-way identity authentication with the user equipment A.

名词解释Glossary

Trent:密钥生成中心;Trent: key generation center;

z:密钥生成中心Trent选取的安全参数;z: the security parameter selected by the key generation center Trent;

q:密钥生成中心Trent选取的大于2z的大素数;q: a large prime number greater than 2 z selected by the key generation center Trent;

G1:密钥生成中心Trent选取的q阶加法循环群;G 1 : the q-order additive cyclic group selected by the key generation center Trent;

G2:密钥生成中心Trent选取的q阶乘法循环群;G 2 : The q factorial method cyclic group selected by the key generation center Trent;

e:密钥生成中心Trent选取的G1和G2上的双线性映射,即e:G1×G1→G2e: the bilinear mapping on G 1 and G 2 selected by the key generation center Trent, that is, e: G 1 ×G 1 →G 2 ;

P:G1上的生成元,由密钥生成中心Trent随机选取;P: generator on G 1 , randomly selected by the key generation center Trent;

zq *:基于素数q的非零乘法群;z q * : non-zero multiplicative group based on prime number q;

IDA:密钥生成中心Trent生成的用户设备A的身份;ID A : the identity of user equipment A generated by the key generation center Trent;

IDR:密钥生成中心Trent生成的认证服务器R的身份;ID R : the identity of the authentication server R generated by the key generation center Trent;

IDB:密钥生成中心Trent生成的父节点B的身份;ID B : the identity of the parent node B generated by the key generation center Trent;

SKA:用户设备A的签名私钥;SK A : the signature private key of user equipment A;

SKR:认证服务器R的签名私钥;SK R : the signature private key of the authentication server R;

SKB:父节点B的签名私钥;SK B : signature private key of parent node B;

XAR:用户设备A选取的DH交换临时私钥;X AR : DH selected by user equipment A to exchange temporary private keys;

YAR:用户设备A根据XAR计算得出的DH交换临时公钥,YAR=XARP;Y AR : DH exchange temporary public key calculated by user equipment A according to X AR , Y AR = X ARP ;

XRA:认证服务器R选取的DH交换临时私钥;X RA : The DH selected by the authentication server R exchanges temporary private keys;

YRA:认证服务器R根据XRA计算得出的DH交换临时公钥,YRA=XRAP;Y RA : The authentication server R calculates the DH exchange temporary public key based on X RA , Y RA = X RA P;

XAB:用户设备A选取的DH交换临时私钥;X AB : DH selected by user equipment A to exchange temporary private keys;

YAB:用户设备A根据XAB计算得出的DH交换临时公钥,YAB=XABP;Y AB : DH exchange temporary public key calculated by user equipment A according to X AB , Y AB = X AB P;

XBA:父节点B选取的DH交换临时私钥;X BA : DH selected by parent node B to exchange temporary private key;

YBA:父节点B根据XBA计算得出的DH交换临时公钥,YBA=XBAP;Y BA : DH exchange temporary public key calculated by parent node B according to X BA , Y BA = X BA P;

NAR:用户设备A生成的随机数,用于发送至认证服务器R;N AR : the random number generated by user equipment A for sending to authentication server R;

NRA:认证服务器R生成的随机数,用于发送至用户设备A;N RA : a random number generated by the authentication server R for sending to the user equipment A;

NAB:用户设备A生成的随机数,用于发送至父节点B;N AB : a random number generated by user equipment A for sending to parent node B;

NBA:父节点B生成的随机数,用于发送至用户设备A;N BA : the random number generated by the parent node B for sending to the user equipment A;

Sig:密钥生成中心Trent选取的签名算法;Sig: the signature algorithm selected by the key generation center Trent;

h(x):密码单向哈希函数;h(x): cryptographic one-way hash function;

MKAR:用户设备A计算得到的通信主密钥,MKAR=e(XAR,YRA);MK AR : the communication master key calculated by user equipment A, MK AR =e(X AR , Y RA );

MKRA:认证服务器R计算得到的通信主密钥,MKRA=e(XRA,YAR);MK RA : the communication master key calculated by the authentication server R, MK RA =e(X RA , Y AR );

MKAB:用户设备A计算得到的通信主密钥,MKAB=e(XAB,YBA);MK AB : the communication master key calculated by user equipment A, MK AB =e(X AB , Y BA );

MKBA:父节点B计算得到的通信主密钥,MKBA=e(XBA,YAB);MK BA : the communication master key calculated by the parent node B, MK BA =e(X BA , Y AB );

A||B:表示A与B的级联,其中A和B链接起来即为A||B,通过对A||B解链接操作即可得到A和B;A||B: Indicates the cascade of A and B, where A and B are linked together to form A||B, and A and B can be obtained by unlinking A||B;

MICRA:认证服务器R计算得到的消息完整性校验码,用于发送至用户设备A,其中,MICRA=h(MKRA||IDR||IDA||NRA||NAR||YRA);MIC RA : the message integrity check code calculated by the authentication server R, which is used to send to the user equipment A, wherein, MIC RA =h(MK RA ||ID R ||ID A ||N RA ||N AR | |Y RA );

MICRA1:用户设备A使用自身公钥计算得到的消息完整性校验码,用于验证是否与收到的消息完整性校验码MICRA相同,其中,MICRA1=h(MKAR||IDR||IDA||NRA||NAR||YRA);MIC RA1 : The message integrity check code calculated by user equipment A using its own public key is used to verify whether it is the same as the received message integrity check code MIC RA , where MIC RA1 = h(MK AR ||ID R || ID A || N RA || N AR || Y RA );

MICAR:用户设备A计算得到的消息完整性校验码,用于发送至认证服务器R,其中,MICAR=h(MKAR||IDA||IDR||NRA);MIC AR : the message integrity check code calculated by user equipment A and sent to the authentication server R, where MIC AR =h(MK AR ||ID A ||ID R ||N RA );

MICAR1:认证服务器R使用自身公钥计算得到的消息完整性校验码,用于验证是否与收到的消息完整性校验码MICAR相同,其中,MICAR1=h(MKRA||IDA||IDR||NRA);MIC AR1 : The message integrity check code calculated by the authentication server R using its own public key, used to verify whether it is the same as the received message integrity check code MIC AR , where MIC AR1 = h(MK RA ||ID A ||ID R ||N RA );

MICBA:父节点B计算得到的消息完整性校验码,用于发送至用户设备A,其中,MICBA=h(MKBA||IDB||IDA||NBA||NAB||YBA);MIC BA : the message integrity check code calculated by the parent node B for sending to the user equipment A, wherein, MIC BA =h(MK BA ||ID B ||ID A ||N BA ||N AB | |Y BA );

MICBA1:用户设备A使用自身公钥计算得到的消息完整性校验码,用于验证是否与收到的消息完整性校验码MICBA相同,其中,MICBA1=h(MKAB||IDB||IDA||NBA||NAB||YBA);MIC BA1 : the message integrity check code calculated by user equipment A using its own public key, used to verify whether it is the same as the received message integrity check code MIC BA , where MIC BA1 = h(MK AB ||ID B || ID A || N BA || N AB || Y BA );

MICAB:用户设备A计算得到的消息完整性校验码,用于发送至父节点B,其中,MICAB=h(MKAB||IDA||IDB||NBA);MIC AB : the message integrity check code calculated by user equipment A for sending to parent node B, where MIC AB =h(MK AB ||ID A ||ID B ||N BA );

MICAB1:父节点B使用自身公钥计算得到的消息完整性校验码,用于验证是否与收到的消息完整性校验码MICAB相同,其中,MICAB1=h(MKBA||IDA||IDB||NBA)。MIC AB1 : The message integrity check code calculated by the parent node B using its own public key is used to verify whether it is the same as the received message integrity check code MIC AB , where MIC AB1 = h(MK BA ||ID A ||ID B ||N BA ).

Claims (7)

1.一种基于代理的用户设备可信接入认证方法,包括如下步骤:1. An agent-based user equipment trusted access authentication method, comprising the steps of: (1)用户设备A探寻认证服务器R:(1) User equipment A searches for authentication server R: 当用户设备A需要接入网络时,首先向网络中的认证服务器R发送探寻请求数据包,认证服务器R收到来自用户设备A的探寻请求数据包之后,向用户设备A答复探寻响应数据包,若用户设备A收到来自认证服务器R的探寻响应数据包,则探寻过程正常结束,执行步骤(2);若用户设备A未收到来自认证服务器R的探寻响应数据包,则探寻过程异常结束,执行步骤(3);When user equipment A needs to access the network, it first sends a search request packet to authentication server R in the network, and after receiving the search request packet from user equipment A, authentication server R replies to user equipment A with a search response packet, If user equipment A receives a search response packet from authentication server R, the search process ends normally, and step (2) is performed; if user equipment A does not receive a search response packet from authentication server R, the search process ends abnormally , execute step (3); (2)用户设备A与认证服务器R之间进行三次握手的双向身份认证;(2) Two-way identity authentication with three handshakes between the user equipment A and the authentication server R; (3)用户设备A与父节点B之间进行权限判断:(3) Permission judgment between user equipment A and parent node B: 用户设备A构造认证请求数据包,并将认证请求数据包发送至父节点B,父节点B收到认证请求数据包后,判断自身是否为已认证节点:如果是,则执行步骤(4),如果不是,则执行步骤(5);User equipment A constructs an authentication request packet, and sends the authentication request packet to parent node B. After receiving the authentication request packet, parent node B judges whether itself is an authenticated node: if yes, then execute step (4), If not, then perform step (5); (4)用户设备A与父节点B之间进行三次握手的双向身份认证;(4) Two-way identity authentication of three-way handshake between user equipment A and parent node B; (5)父节点B重复用户设备A的探寻和认证过程,以执行自己与认证服务器R的双向身份认证,再执行与用户设备A的双向身份认证。(5) The parent node B repeats the discovery and authentication process of the user equipment A to perform the two-way identity authentication with the authentication server R, and then perform the two-way identity authentication with the user equipment A. 2.根据权利要求1所述的基于代理的用户设备可信接入认证方法,其中所述步骤(2)中的用户设备A与认证服务器R之间进行的三次握手双向身份认证过程,其表述如下:2. The proxy-based user equipment trusted access authentication method according to claim 1, wherein the three-way handshake two-way identity authentication process carried out between the user equipment A in the step (2) and the authentication server R, its expression as follows: 2a)用户设备A构造认证请求数据包P1,并将认证请求数据包P1发送至认证服务器R,当认证服务器R收到认证请求数据包P1时,验证签名SigAR的正确性:如果不正确,则丢弃认证请求数据包P1,如果正确,则执行步骤2b);2a) The user equipment A constructs the authentication request data packet P 1 and sends the authentication request data packet P 1 to the authentication server R. When the authentication server R receives the authentication request data packet P 1 , it verifies the correctness of the signature Sig AR : if If it is not correct, discard the authentication request packet P 1 , if it is correct, perform step 2b); 2b)认证服务器R构造认证响应数据包P2,并将认证响应数据包P2发送至用户设备A,当用户设备A收到认证响应数据包P2后,判断认证响应数据包P2中的随机数NAR字段是否与收到的认证请求数据包P1中的NAR字段相同:若不同,则丢弃认证响应数据包P2,若相同,则执行步骤2c);2b) The authentication server R constructs the authentication response data packet P 2 and sends the authentication response data packet P 2 to the user equipment A. When the user equipment A receives the authentication response data packet P 2 , it judges the authentication response data packet P 2 Whether the random number N AR field is the same as the N AR field in the received authentication request packet P1 : if different, then discard the authentication response packet P2, if they are the same, then perform step 2c) ; 2c)用户设备A使用自身公钥计算认证服务器R发送至用户设备A的消息完整性校验码MICRA1,并验证MICRA1是否与收到的认证响应数据包P2中的消息完整性校验码MICRA字段相同:若不同,则丢弃认证响应数据包P2,若相同,则验证签名SigRA的正确性:若不正确,则丢弃认证响应数据包P2,若正确,则执行步骤2d);2c) User equipment A uses its own public key to calculate the message integrity check code MIC RA1 sent by the authentication server R to user equipment A , and verifies whether MIC RA1 is the same as the message integrity check code in the received authentication response data packet P2 MIC RA fields are the same: if they are different, discard the authentication response packet P 2 , if they are the same, verify the correctness of the signature Sig RA : if not correct, discard the authentication response packet P 2 , if correct, go to step 2d ); 2d)用户设备A构造认证确认数据包P3,并将认证确认数据包P3发送至认证服务器R,当认证服务器R收到认证确认数据包P3后,判断认证确认数据包P3中的随机数NRA是否与收到的认证响应数据包P2中的随机数NRA相同:若不同,则丢弃认证确认数据包P3,若相同,则执行步骤2e);2d) The user equipment A constructs the authentication confirmation data packet P3 , and sends the authentication confirmation data packet P3 to the authentication server R, and when the authentication server R receives the authentication confirmation data packet P3 , it judges whether the authentication confirmation data packet P3 Whether the random number N RA is the same as the random number N RA in the received authentication response data packet P 2 : if they are different, discard the authentication confirmation data packet P 3 , if they are the same, perform step 2e); 2e)认证服务器R使用自身公钥计算用户设备A发送至认证服务器R的消息完整性校验码MICAR1,并验证MICAR1是否与收到的认证确认数据包P3中的消息完整性校验码MICAR字段相同:若不同,则丢弃认证确认数据包P3,若相同,则整个认证过程完成。2e) The authentication server R uses its own public key to calculate the message integrity check code MIC AR1 sent by the user equipment A to the authentication server R, and verifies whether the MIC AR1 is the same as the message integrity check code in the received authentication confirmation data packet P3 The MIC AR fields are the same: if they are different, the authentication confirmation data packet P 3 is discarded; if they are the same, the entire authentication process is completed. 3.根据权利要求1所述的基于代理的用户设备可信接入认证方法,其中所述步骤(4)中的用户设备A与父节点B之间进行的三次握手双向身份认证过程,其表述如下:3. The proxy-based user equipment trusted access authentication method according to claim 1, wherein the three-way handshake two-way identity authentication process carried out between the user equipment A in the step (4) and the parent node B, its expression as follows: 4a)用户设备A构造认证请求数据包P4,并将认证请求数据包P4发送至父节点B,当父节点B收到认证请求数据包P4后,验证签名SigAB的正确性:如果不正确,则丢弃认证请求数据包P4,如果正确,则执行步骤4b);4a) The user equipment A constructs the authentication request data packet P 4 and sends the authentication request data packet P 4 to the parent node B. After the parent node B receives the authentication request data packet P 4 , it verifies the correctness of the signature Sig AB : if If it is not correct, discard the authentication request packet P 4 , if it is correct, perform step 4b); 4b)父节点B构造认证响应数据包P5,并将认证响应数据包P5发送至用户设备A,当用户设备A收到认证响应数据包P5后,判断认证响应数据包P5中的随机数NAB字段是否与收到的认证请求数据包P4中的NAB字段相同:若不同,则丢弃认证响应数据包P5,若相同,则执行步骤4c);4b) The parent node B constructs the authentication response data packet P5 , and sends the authentication response data packet P5 to the user equipment A, and when the user equipment A receives the authentication response data packet P5 , it judges the authentication response data packet P5 Whether the random number N AB field is the same as the N AB field in the received authentication request packet P4 : if not, then discard the authentication response packet P5 , if they are the same, then perform step 4c); 4c)用户设备A使用自身公钥计算父节点B发送至用户设备A的消息完整性校验码MICBA1,并验证该MICBA1码是否与收到的认证响应数据包P5中的消息完整性校验码MICBA字段相同:若不同,则丢弃认证响应数据包P5,若相同,则验证签名SigBA的正确性:若不正确,则丢弃认证响应数据包P5,若正确,则执行步骤4d);4c) User equipment A uses its own public key to calculate the message integrity check code MIC BA1 sent by parent node B to user equipment A, and verifies whether the MIC BA1 code is consistent with the message integrity in the received authentication response data packet P5 The verification code MIC BA fields are the same: if they are different, discard the authentication response packet P 5 , if they are the same, verify the correctness of the signature Sig BA : if they are not correct, discard the authentication response packet P 5 , if they are correct, execute step 4d); 4d)用户设备A构造认证确认数据包P6,并将认证确认数据包P6发送至父节点B,当父节点B收到认证确认数据包P6后,判断认证确认数据包P6中的随机数NBA是否与收到的认证响应数据包P5中的随机数NBA相同:若不同,则丢弃认证确认数据包P6,若相同,则执行步骤4e);4d) The user equipment A constructs the authentication confirmation data packet P6 , and sends the authentication confirmation data packet P6 to the parent node B, and when the parent node B receives the authentication confirmation data packet P6 , it judges the authentication confirmation data packet P6 Whether the random number N BA is the same as the random number N BA in the received authentication response packet P 5 : if not, discard the authentication confirmation packet P 6 , if they are the same, execute step 4e); 4e)父节点B使用自身公钥计算用户设备A发送至父节点B的消息完整性校验码MICAB1,并验证该MICAB1码是否与收到的认证确认数据包P6中的消息完整性校验码MICAB字段相同:若不同,则丢弃认证确认数据包P6,若相同,则整个认证过程完成。4e) The parent node B uses its own public key to calculate the message integrity check code MIC AB1 sent by the user equipment A to the parent node B, and verify whether the MIC AB1 code is consistent with the message integrity in the received authentication confirmation data packet P6 The fields of the check code MIC AB are the same: if they are different, the authentication confirmation data packet P 6 is discarded; if they are the same, the entire authentication process is completed. 4.根据权利要求2所述的用户设备A与认证服务器R之间进行的三次握手双向身份认证过程,其中所述步骤2c)中的用户设备A使用自身公钥计算认证服务器R发送至用户设备A的消息完整性校验码MICRA1,按如下公式进行:4. The three-way handshake two-way identity authentication process carried out between the user equipment A and the authentication server R according to claim 2, wherein the user equipment A in the step 2c) uses its own public key to calculate the authentication server R and send it to the user equipment The message integrity check code MIC RA1 of A is performed according to the following formula: MICRA1=h(MKAR||IDR||IDA||NRA||NAR||YRA)MIC RA1 =h(MK AR ||ID R ||ID A ||N RA ||N AR ||Y RA ) 其中,h(x)为密码单向哈希函数,MKAR为用户设备A与认证服务器R之间的通信主密钥,IDR为用户设备A收到的认证响应数据包P2中的认证服务器身份字段,IDA为用户设备A收到的认证响应数据包P2中的用户设备身份字段,NRA为用户设备A收到的认证响应数据包P2中的认证服务器R发送至用户设备A的随机数字段,NAR为用户设备A收到的认证响应数据包P2中的用户设备A发送至用认证服务器R的随机数字段,YRA为用户设备A收到的认证响应数据包P2中的认证服务器公钥字段。Among them, h(x) is a password one-way hash function, MK AR is the communication master key between user equipment A and authentication server R, ID R is the authentication response data packet P2 received by user equipment A Server identity field, ID A is the user equipment identity field in the authentication response packet P2 received by user equipment A , and N RA is the authentication server R sent to the user equipment in the authentication response packet P2 received by user equipment A The random number field of A, N AR is the random number field sent by user equipment A to the authentication server R in the authentication response packet P2 received by user equipment A, and Y RA is the authentication response packet received by user equipment A Authentication server public key field in P2 . 5.根据权利要求2所述的用户设备A与认证服务器R之间进行的三次握手双向身份认证过程,其中所述步骤2e)中的认证服务器R使用自身公钥计算用户设备A发送至认证服务器R的消息完整性校验码MICAR1,按如下公式进行:5. The three-way handshake two-way identity authentication process carried out between the user equipment A and the authentication server R according to claim 2, wherein the authentication server R in the step 2e) uses its own public key to calculate the user equipment A and send it to the authentication server The message integrity check code MIC AR1 of R is performed according to the following formula: MICAR1=h(MKRA||IDR||IDA||NRA)MIC AR1 =h(MK RA ||ID R ||ID A ||N RA ) 其中,h(x)为密码单向哈希函数,MKRA为认证服务器R与用户设备A之间的通信主密钥,IDR为认证服务器R收到的认证确认数据包P3中的认证服务器身份字段,IDA为认证服务器R收到的认证确认数据包P3中的用户身份字段,NRA为认证服务器R收到的认证确认数据包P3中的认证服务器R发送至用户设备A的随机数字段。Among them, h(x) is a cryptographic one-way hash function, MK RA is the communication master key between the authentication server R and the user equipment A, ID R is the authentication confirmation data packet P3 received by the authentication server R Server identity field, ID A is the user identity field in the authentication confirmation packet P3 received by the authentication server R, and N RA is the authentication server R sent to the user equipment A in the authentication confirmation packet P3 received by the authentication server R random number field. 6.根据权利要求3所述的用户设备A与父节点B之间进行的三次握手双向身份认证过程,其中所述步骤4c)中的用户设备A使用自身公钥计算父节点B发送至用户设备A的消息完整性校验码MICBA1,按如下公式进行:6. The three-way handshake two-way identity authentication process carried out between the user equipment A and the parent node B according to claim 3, wherein the user equipment A in the step 4c) uses its own public key to calculate the parent node B to send to the user equipment The message integrity check code MIC BA1 of A is performed according to the following formula: MICBA1=h(MKAB||IDB||IDA||NBA||NAB||YBA)MIC BA1 =h(MK AB ||ID B ||ID A ||N BA ||N AB ||Y BA ) 其中,h(x)为密码单向哈希函数,MKAB为用户设备A与父节点B之间的通信主密钥,IDB为用户设备A收到的认证响应数据包P5中的父节点身份字段,IDA为用户设备A收到的认证响应数据包P5中的用户设备身份字段,NBA为用户设备A收到的认证响应数据包P5中的父节点B发送至用户设备A的随机数字段,NAB为收到的认证响应数据包P5中的用户设备A发送至父节点B的随机数字段,YBA为用户设备A收到的认证响应数据包P5中的父节点公钥字段。Among them, h(x) is a cryptographic one-way hash function, MK AB is the communication master key between user equipment A and parent node B, and ID B is the parent node in the authentication response packet P5 received by user equipment A. Node identity field, ID A is the user equipment identity field in the authentication response packet P5 received by user equipment A, N BA is the parent node B in the authentication response packet P5 received by user equipment A and sent to the user equipment A random number field, N AB is the random number field sent by user equipment A to parent node B in the received authentication response packet P5 , Y BA is the random number field in the authentication response packet P5 received by user equipment A Parent node public key field. 7.根据权利要求3所述的用户设备A与父节点B之间进行的三次握手双向身份认证过程,其中所述步骤4e)中的父节点B使用自身公钥计算用户设备A发送至父节点B的消息完整性校验码MICAB1,按如下公式进行:7. The three-way handshake two-way identity authentication process carried out between the user equipment A and the parent node B according to claim 3, wherein the parent node B in the step 4e) uses its own public key to calculate that the user equipment A sends to the parent node The message integrity check code MIC AB1 of B is performed according to the following formula: MICAB1=h(MKBA||IDB||IDA||NBA)MIC AB1 =h(MK BA ||ID B ||ID A ||N BA ) 其中,h(x)为密码单向哈希函数,MKBA为父节点B与用户设备A之间的通信主密钥,IDB为父节点B收到的认证确认数据包P6中的父节点身份字段,IDA为父节点B收到的认证确认数据包P6中的用户设备身份字段,NBA为父节点B收到的认证确认数据包P6中的父节点B发送至用户设备A的随机数字段。Among them, h(x) is a cryptographic one-way hash function, MK BA is the communication master key between parent node B and user equipment A, and ID B is the parent ID in the authentication confirmation packet P6 received by parent node B. Node identity field, ID A is the user equipment identity field in the authentication confirmation packet P6 received by the parent node B, and N BA is the authentication confirmation packet P6 received by the parent node B and sent to the user equipment by the parent node B A random number field.
CN201410765889.2A 2014-12-12 2014-12-12 The credible access authentication method of user equipment based on agency Expired - Fee Related CN104468585B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410765889.2A CN104468585B (en) 2014-12-12 2014-12-12 The credible access authentication method of user equipment based on agency

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410765889.2A CN104468585B (en) 2014-12-12 2014-12-12 The credible access authentication method of user equipment based on agency

Publications (2)

Publication Number Publication Date
CN104468585A true CN104468585A (en) 2015-03-25
CN104468585B CN104468585B (en) 2017-10-24

Family

ID=52913957

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410765889.2A Expired - Fee Related CN104468585B (en) 2014-12-12 2014-12-12 The credible access authentication method of user equipment based on agency

Country Status (1)

Country Link
CN (1) CN104468585B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109639426A (en) * 2019-02-26 2019-04-16 中国人民解放军国防科技大学 A two-way self-authentication method based on identification password
CN112822214A (en) * 2021-02-09 2021-05-18 广州慧睿思通科技股份有限公司 Network attack defense method, device, system, storage medium and electronic equipment
CN113364807A (en) * 2021-06-30 2021-09-07 四川更元科技有限公司 Network node credibility authentication implementation method
CN114070568A (en) * 2021-11-04 2022-02-18 北京百度网讯科技有限公司 Data processing method and device, electronic equipment and storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7809941B1 (en) * 2005-09-09 2010-10-05 Rockwell Collins, Inc. Certifier hierarchy for public key infrastructure in an ad-hoc network
CN101883115A (en) * 2010-06-25 2010-11-10 北京交通大学 Access authentication method and system
WO2010127684A1 (en) * 2009-05-05 2010-11-11 Nokia Siemens Networks Oy Topology based fast secured access
CN102612035A (en) * 2012-04-13 2012-07-25 北京工业大学 Energy-efficient identity authentication method in multi-level clustering wireless sensor network
US20120237033A1 (en) * 2011-03-16 2012-09-20 Yasuyuki Tanaka Node, a root node, and a computer readable medium
CN103813324A (en) * 2012-11-07 2014-05-21 中国移动通信集团公司 Node signature method and mobile node access method of hierarchical MIPv6

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7809941B1 (en) * 2005-09-09 2010-10-05 Rockwell Collins, Inc. Certifier hierarchy for public key infrastructure in an ad-hoc network
WO2010127684A1 (en) * 2009-05-05 2010-11-11 Nokia Siemens Networks Oy Topology based fast secured access
CN101883115A (en) * 2010-06-25 2010-11-10 北京交通大学 Access authentication method and system
US20120237033A1 (en) * 2011-03-16 2012-09-20 Yasuyuki Tanaka Node, a root node, and a computer readable medium
CN102612035A (en) * 2012-04-13 2012-07-25 北京工业大学 Energy-efficient identity authentication method in multi-level clustering wireless sensor network
CN103813324A (en) * 2012-11-07 2014-05-21 中国移动通信集团公司 Node signature method and mobile node access method of hierarchical MIPv6

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
LI,HX;YANG,YF;PANG,LJ: "An Efficient Autjentication Protocol with User Anonymity for Mobile Networks", 《IEEE WIRELESS COMMUNICATIONS AND NETWORKING CONFERENCE(WCNC)》 *
伍华凤,戴新发,陈鹏: "一种层次化移动IP接入认证机制", 《计算机工程》 *

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109639426A (en) * 2019-02-26 2019-04-16 中国人民解放军国防科技大学 A two-way self-authentication method based on identification password
CN109639426B (en) * 2019-02-26 2022-03-01 中国人民解放军国防科技大学 Bidirectional self-authentication method based on identification password
CN112822214A (en) * 2021-02-09 2021-05-18 广州慧睿思通科技股份有限公司 Network attack defense method, device, system, storage medium and electronic equipment
CN113364807A (en) * 2021-06-30 2021-09-07 四川更元科技有限公司 Network node credibility authentication implementation method
CN114070568A (en) * 2021-11-04 2022-02-18 北京百度网讯科技有限公司 Data processing method and device, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN104468585B (en) 2017-10-24

Similar Documents

Publication Publication Date Title
Qiu et al. A mutual authentication and key establishment scheme for M2M communication in 6LoWPAN networks
Wang et al. A secure and efficient multiserver authentication and key agreement protocol for internet of vehicles
JP6023152B2 (en) Enhanced security for direct link communication
CN101980558B (en) An Encryption Authentication Method on Ad hoc Network Transport Layer Protocol
Gaba et al. Robust and lightweight mutual authentication scheme in distributed smart environments
Siddhartha et al. A lightweight authentication protocol using implicit certificates for securing IoT systems
Nyangaresi et al. Neuro-fuzzy based handover authentication protocol for ultra dense 5G networks
Han et al. An efficient handover authentication mechanism for 5G wireless network
Ren et al. A novel access and handover authentication scheme in UAV-aided satellite-terrestrial integration networks enabling 5G
Hu et al. Smart grid mesh network security using dynamic key distribution with merkle tree 4-way handshaking
Wazid et al. TACAS-IoT: Trust aggregation certificate-based authentication scheme for edge-enabled IoT systems
Chom Thungon et al. A lightweight authentication and key exchange mechanism for IPv6 over low‐power wireless personal area networks‐based Internet of things
Sekhar et al. Security in wireless sensor networks with public key techniques
CN116996321A (en) Digital substation edge computing access authentication method and system
Ouaissa et al. A Secure Model for Machine to Machine Device Domain Based Group in a Smart City Architecture.
CN104468585B (en) The credible access authentication method of user equipment based on agency
Son et al. A zero-trust authentication scheme with access control for 6g-enabled iot environments
Wang et al. Security analysis and improvements on WLANs
Bansal et al. Lightweight authentication protocol for inter base station communication in heterogeneous networks
Dogan Protecting UAV-networks: a secure lightweight authentication and key agreement scheme
Sahoo et al. A lightweight authentication scheme for cloud-centric IoT applications
Yadav et al. Secure and user efficient EAP-based authentication protocol for IEEE 802.11 wireless LANs
Huang et al. Improving Security Levels of IEEE802. 16e Authentication by Involving Diffie-Hellman PKDS.
Zhang et al. FKR: An efficient authentication scheme for IEEE 802.11 ah networks
Ma et al. The improvement of wireless LAN security authentication mechanism based on Kerberos

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20171024

CF01 Termination of patent right due to non-payment of annual fee