公开(公告)号：US08752126B2

公开(公告)日：2014-06-10

申请号：US13059547

申请日：2009-08-20

申请人： Liaojun Pang ,  Jun Cao ,  Manxia Tie

发明人： Liaojun Pang ,  Jun Cao ,  Manxia Tie

IPC分类号： G06F7/04 ,  G06F17/30 ,  G06F15/16 ,  H04L29/06

CPC分类号： H04W12/04 ,  H04L9/085 ,  H04L9/3073 ,  H04L63/062 ,  H04L2209/601

摘要： A method for enhancing the security of the multicast or broadcast system comprises the following steps: after having established the system parameter, the base station receives the register request message transmitted by the terminal, and the register request message carries the device identity information of the terminal; the base station registers the terminal according to the register request message and transmits the authorization key to the terminal after successful registration. By the base station establishing the specific system parameter, generating and awarding the corresponding terminal's key based on the parameter, the embodiment of the present invention can construct a secure network system of multicast or broadcast effectively and solve the security problem of the multicast or broadcast from the base station to the terminal in the network system.

摘要翻译： 一种用于增强多播或广播系统的安全性的方法包括以下步骤：在建立了系统参数之后，基站接收终端发送的注册请求消息，并且注册请求消息携带终端的设备身份信息 ; 基站根据注册请求消息注册终端，并在成功注册后向终端发送授权密钥。 由基站建立具体的系统参数，根据参数生成和授予相应的终端密钥，本发明的实施例可以有效构建安全的组播或广播网络系统，解决组播或广播的安全问题 基站到终端在网络系统中。

公开(公告)号：US20110289562A1

公开(公告)日：2011-11-24

申请号：US13059547

申请日：2009-08-20

申请人： Liaojun Pang ,  Jun Cao ,  Manxia Tie

发明人： Liaojun Pang ,  Jun Cao ,  Manxia Tie

IPC分类号： G06F17/30

CPC分类号： H04W12/04 ,  H04L9/085 ,  H04L9/3073 ,  H04L63/062 ,  H04L2209/601

摘要： A method for enhancing the security of the multicast or broadcast system comprises the following steps: after having established the system parameter, the base station receives the register request message transmitted by the terminal, and the register request message carries the device identity information of the terminal; the base station registers the terminal according to the register request message and transmits the authorization key to the terminal after successful registration. By the base station establishing the specific system parameter, generating and awarding the corresponding terminal's key based on the parameter, the embodiment of the present invention can construct a secure network system of multicast or broadcast effectively and solve the security problem of the multicast or broadcast from the base station to the terminal in the network system.

摘要翻译： 一种用于增强多播或广播系统的安全性的方法包括以下步骤：在建立了系统参数之后，基站接收终端发送的注册请求消息，并且注册请求消息携带终端的设备身份信息 ; 基站根据注册请求消息注册终端，并在成功注册后向终端发送授权密钥。 由基站建立具体的系统参数，根据参数生成和授予相应的终端密钥，本发明的实施例可以有效构建安全的组播或广播网络系统，解决组播或广播的安全问题 基站到终端在网络系统中。

公开(公告)号：US08588423B2

公开(公告)日：2013-11-19

申请号：US13060126

申请日：2009-08-20

申请人： Liaojun Pang ,  Jun Cao ,  Manxia Tie

发明人： Liaojun Pang ,  Jun Cao ,  Manxia Tie

IPC分类号： H04L9/08

CPC分类号： H04W12/04 ,  H04L9/0833 ,  H04L9/0844 ,  H04L9/0891 ,  H04L63/065 ,  H04W12/10 ,  H04W88/08

摘要： A multicast key distribution method, an update method, and a base station based on unicast conversation key, the distribution method includes the following steps: 1) the base station composes groups of multicast key distribution; 2) the base station broadcasts the groups of multicast key distribution to all terminals; 3) the terminals acquire the multicast conversation key through calculation. The present invention solves the problem that the efficiency of the multicast key distribution based on unicast conversation key is low in the prior art, and provides a multicast key distribution method based on unicast conversation key.

摘要翻译： 基于单播对话密钥的组播密钥分发方法，更新方法和基站，分发方法包括以下步骤：1）基站组成组播密钥分发组; 2）基站向所有终端广播组播密钥分发组播; 3）终端通过计算获取组播对话密钥。 本发明解决了现有技术中基于单播对话密钥的组播密钥分发的效率低的问题，并且提供了基于单播会话密钥的组播密钥分发方法。

公开(公告)号：US20110194697A1

公开(公告)日：2011-08-11

申请号：US13060126

申请日：2009-08-20

申请人： Liaojun Pang ,  Jun Cao ,  Manxia Tie

发明人： Liaojun Pang ,  Jun Cao ,  Manxia Tie

IPC分类号： H04L9/08

CPC分类号： H04W12/04 ,  H04L9/0833 ,  H04L9/0844 ,  H04L9/0891 ,  H04L63/065 ,  H04W12/10 ,  H04W88/08

摘要： A multicast key distribution method, an update method, and a base station based on unicast conversation key, the distribution method includes the following steps: 1) the base station composes groups of multicast key distribution; 2) the base station broadcasts the groups of multicast key distribution to all terminals; 3) the terminals acquire the multicast conversation key by calculating. The present invention solves the problem that the efficiency of the multicast key distribution based on unicast conversation key is low in the prior art, and provides a multicast key distribution method based on unicast conversation key.

摘要翻译： 基于单播对话密钥的组播密钥分发方法，更新方法和基站，分发方法包括以下步骤：1）基站组成组播密钥分发组; 2）基站向所有终端广播组播密钥分发组播; 3）终端通过计算获取组播对话密钥。 本发明解决了现有技术中基于单播对话密钥的组播密钥分发的效率低的问题，并且提供了基于单播会话密钥的组播密钥分发方法。

公开(公告)号：US20110126000A1

公开(公告)日：2011-05-26

申请号：US13055296

申请日：2009-07-20

申请人： Liaojun Pang ,  Jun Cao ,  Manxia Tie

发明人： Liaojun Pang ,  Jun Cao ,  Manxia Tie

IPC分类号： H04W12/06 ,  H04W12/04

CPC分类号： H04L9/0869 ,  H04L9/083 ,  H04L9/3073 ,  H04L9/321 ,  H04L9/3271 ,  H04L2209/805

摘要： A method for accessing data safely, which is suitable for the electronic tag with low performance, is provided. The method comprises the following steps: when performing a data writing process, the first read-write device encrypts the message MSG and then writes the message in the electronic tag; when performing a data reading process, the second read-write device sends a data request packet to the electronic tag; the electronic tag sends a data response packet to the second read-write device according to the data request packet; the second read-write device sends a key request packet to a trusted third party; the trusted third party verifies the validity of the identity of the second read-write device according to the key request packet, and sends a key response packet to the second read-write device upon the verification is passed; the second read-write device obtains the plain text of the electronic tag message MSG according to the key response packet. This invention can realize the safe access of the data of the electronic tag with low performance.

摘要翻译： 提供了一种安全访问数据的方法，适用于低性能的电子标签。 该方法包括以下步骤：当执行数据写入处理时，第一读写装置加密消息MSG，然后将消息写入电子标签; 当执行数据读取处理时，第二读写装置向电子标签发送数据请求包; 电子标签根据数据请求包向第二读写装置发送数据响应包; 第二读写装置向可信第三方发送密钥请求包; 受信任的第三方根据密钥请求分组验证第二读写装置的身份的有效性，并且在验证通过时向第二读写装置发送密钥响应分组; 第二读写装置根据密钥响应包获得电子标签消息MSG的明文。 本发明可以实现低性能电子标签数据的安全访问。

公开(公告)号：US20090300358A1

公开(公告)日：2009-12-03

申请号：US12442513

申请日：2007-07-17

申请人： Liaojun Pang ,  Jun Cao ,  Haibo Tian ,  Zhenhai Huang ,  Bianling Zhang

发明人： Liaojun Pang ,  Jun Cao ,  Haibo Tian ,  Zhenhai Huang ,  Bianling Zhang

IPC分类号： H04L9/32 ,  H04L9/06

CPC分类号： H04L9/0891 ,  H04L2209/80 ,  H04W12/04 ,  H04W12/10

摘要： A method for managing network key and updating session key is provided. The step of the key management includes: constructing key request group, constructing key negotiation response group, and constructing key negotiation acknowledgement group. The step of multicasting key management method includes multicasting main key negotiation protocol and multicasting session key distribution protocol. The multicasting main key negotiation protocol comprises key updating informs group, constructing encryption key negotiation request group, constructing key negotiation response group and constructing key negotiation acknowledgement group. The multicasting session key distribution protocol comprises multicasting session key request and multicasting session key distribution.

摘要翻译： 提供了一种管理网络密钥和更新会话密钥的方法。 密钥管理的步骤包括：构建密钥请求组，建立密钥协商响应组，建立密钥协商确认组。 组播密钥管理方法的步骤包括组播主密钥协商协议和组播会话密钥分发协议。 组播主密钥协商协议包括密钥更新通知组，构建加密密钥协商请求组，建立密钥协商响应组，构建密钥协商确认组。 组播会话密钥分发协议包括组播会话密钥请求和组播会话密钥分发。

公开(公告)号：US08185091B2

公开(公告)日：2012-05-22

申请号：US12441915

申请日：2007-07-16

申请人： Liaojun Pang ,  Jun Cao ,  Haibo Tian ,  Zhenhai Huang ,  Bianling Zhang

发明人： Liaojun Pang ,  Jun Cao ,  Haibo Tian ,  Zhenhai Huang ,  Bianling Zhang

IPC分类号： H04W12/08

CPC分类号： H04L9/3263 ,  H04L9/3268 ,  H04L9/3271 ,  H04L9/3273 ,  H04L63/061 ,  H04L63/0823 ,  H04L63/0869 ,  H04L2209/80 ,  H04W12/04 ,  H04W12/06

摘要： A network access authentication and authorization method includes the steps of: constructing an access and authorization request packet; constructing a certificate authentication request packet, constructing a certificate authentication response packet; constructing an access and authorization response packet; constructing an access and authorization acknowledgement packet. And an authorization key updating method includes the steps of: constructing an access and authorization request packet; constructing an access and authorization response packet; constructing an access and authorization acknowledgement packet. The invention resolves the security problem that a mobile terminal accesses a base station in the wideband wireless multimedia network, and realizes both bi-directional identity authentication of a mobile terminal and a base station and unidirectional identity authentication from a base station to a mobile terminal. The authorization key negotiation calculation is simple, and the key management is simply realized by using message acknowledgement manner. The invention is applied to the wired network and the wireless network, such as the wireless local area network, the wireless metropolitan area network, and the broadband wireless multimedia network etc.

摘要翻译： 一种网络接入认证授权方法，包括：构建接入和授权请求报文; 构建证书认证请求报文，构建证书认证响应报文; 构建访问和授权响应包; 构建访问和授权确认包。 并且授权密钥更新方法包括以下步骤：构建接入和授权请求分组; 构建访问和授权响应包; 构建访问和授权确认包。 本发明解决了移动终端访问宽带无线多媒体网络中的基站的安全问题，实现了移动终端和基站的双向身份认证以及从基站到移动终端的单向身份认证。 授权密钥协商计算简单，密钥管理简单地通过使用消息确认方式实现。 本发明适用于无线局域网，无线城域网，宽带无线多媒体网络等有线网络和无线网络。

公开(公告)号：US20100009656A1

公开(公告)日：2010-01-14

申请号：US12441915

申请日：2007-07-16

申请人： Liaojun Pang ,  Jun Cao ,  Haibo Tian ,  Zhenhai Huang ,  Bianling Zhang

发明人： Liaojun Pang ,  Jun Cao ,  Haibo Tian ,  Zhenhai Huang ,  Bianling Zhang

IPC分类号： H04M3/16

CPC分类号： H04L9/3263 ,  H04L9/3268 ,  H04L9/3271 ,  H04L9/3273 ,  H04L63/061 ,  H04L63/0823 ,  H04L63/0869 ,  H04L2209/80 ,  H04W12/04 ,  H04W12/06

摘要： A network access authentication and authorization method includes the steps of: constructing an access and authorization request packet; constructing a certificate authentication request packet, constructing a certificate authentication response packet; constructing an access and authorization response packet; constructing an access and authorization acknowledgement packet. And an authorization key updating method includes the steps of: constructing an access and authorization request packet; constructing an access and authorization response packet; constructing an access and authorization acknowledgement packet. The invention resolves the security problem that a mobile terminal accesses a base station in the wideband wireless multimedia network, and realizes both bi-directional identity authentication of a mobile terminal and a base station and unidirectional identity authentication from a base station to a mobile terminal. The authorization key negotiation calculation is simple, and the key management is simply realized by using message acknowledgement manner. The invention is applied to the wired network and the wireless network, such as the wireless local area network, the wireless metropolitan area network, and the broadband wireless multimedia network etc.

摘要翻译： 一种网络接入认证授权方法，包括：构建接入和授权请求报文; 构建证书认证请求报文，构建证书认证响应报文; 构建访问和授权响应包; 构建访问和授权确认包。 并且授权密钥更新方法包括以下步骤：构建接入和授权请求分组; 构建访问和授权响应包; 构建访问和授权确认包。 本发明解决了移动终端访问宽带无线多媒体网络中的基站的安全问题，实现了移动终端和基站的双向身份认证以及从基站到移动终端的单向身份认证。 授权密钥协商计算简单，密钥管理简单地通过使用消息确认方式实现。 本发明适用于无线局域网，无线城域网，宽带无线多媒体网络等有线网络和无线网络。

公开(公告)号：US08306229B2

公开(公告)日：2012-11-06

申请号：US12442513

申请日：2007-07-17

申请人： Liaojun Pang ,  Jun Cao ,  Haibo Tian ,  Zhenhai Huang ,  Bianling Zhang

发明人： Liaojun Pang ,  Jun Cao ,  Haibo Tian ,  Zhenhai Huang ,  Bianling Zhang

IPC分类号： H04L29/06

CPC分类号： H04L9/0891 ,  H04L2209/80 ,  H04W12/04 ,  H04W12/10

摘要： A method for managing network key and updating session key is provided. The step of the key management includes: constructing key request group, constructing key negotiation response group, and constructing key negotiation acknowledgement group. The step of multicasting key management method includes multicasting main key negotiation protocol and multicasting session key distribution protocol. The multicasting main key negotiation protocol comprises key updating informs group, constructing encryption key negotiation request group, constructing key negotiation response group and constructing key negotiation acknowledgement group. The multicasting session key distribution protocol comprises multicasting session key request and multicasting session key distribution.

摘要翻译： 提供了一种管理网络密钥和更新会话密钥的方法。 密钥管理的步骤包括：构建密钥请求组，建立密钥协商响应组，建立密钥协商确认组。 组播密钥管理方法的步骤包括组播主密钥协商协议和组播会话密钥分发协议。 组播主密钥协商协议包括密钥更新通知组，构建加密密钥协商请求组，建立密钥协商响应组，构建密钥协商确认组。 组播会话密钥分发协议包括组播会话密钥请求和组播会话密钥分发。