公开(公告)号：US20130212390A1

公开(公告)日：2013-08-15

申请号：US13879619

申请日：2010-12-22

申请人： Zhiqiang Du ,  Manxia Tie ,  Guoqiang Zhang ,  Qin Li

发明人： Zhiqiang Du ,  Manxia Tie ,  Guoqiang Zhang ,  Qin Li

IPC分类号： H04L9/32

CPC分类号： H04L9/32 ,  H04L9/3271 ,  H04W12/06

摘要： A method and a system for authenticating an entity based on a symmetric encryption algorithm are provided. The method includes the following steps: 1) an entity A sends an authentication request message to an entity B; 2) after receiving the authentication request message, the entity B sends an authentication response message to the entity A; 3) the entity A determines the validity of the entity B according to the received authentication response message. The implementation cost of the system can be reduced by using the authentication according to the invention.

摘要翻译： 提供了一种基于对称加密算法认证实体的方法和系统。 该方法包括以下步骤：1）实体A向实体B发送认证请求消息; 2）接收到认证请求报文后，实体B向实体A发送认证响应消息; 3）实体A根据收到的认证响应消息确定实体B的有效性。 通过使用根据本发明的认证可以减少系统的实现成本。

公开(公告)号：US09450756B2

公开(公告)日：2016-09-20

申请号：US13879619

申请日：2010-12-22

申请人： Zhiqiang Du ,  Manxia Tie ,  Guoqiang Zhang ,  Qin Li

发明人： Zhiqiang Du ,  Manxia Tie ,  Guoqiang Zhang ,  Qin Li

IPC分类号： H04L9/32 ,  H04W12/06

CPC分类号： H04L9/32 ,  H04L9/3271 ,  H04W12/06

摘要： A method and a system for authenticating an entity based on a symmetric encryption algorithm are provided. The method includes the following steps: 1) an entity A sends an authentication request message to an entity B; 2) after receiving the authentication request message, the entity B sends an authentication response message to the entity A; 3) the entity A determines the validity of the entity B according to the received authentication response message. The implementation cost of the system can be reduced by using the authentication according to the invention.

摘要翻译： 提供了一种基于对称加密算法认证实体的方法和系统。 该方法包括以下步骤：1）实体A向实体B发送认证请求消息; 2）接收到认证请求报文后，实体B向实体A发送认证响应消息; 3）实体A根据收到的认证响应消息确定实体B的有效性。 通过使用根据本发明的认证可以减少系统的实现成本。

公开(公告)号：US09264405B2

公开(公告)日：2016-02-16

申请号：US13995593

申请日：2011-06-17

申请人： Manxia Tie ,  Qin Li ,  Zhiqiang Du

发明人： Manxia Tie ,  Qin Li ,  Zhiqiang Du

IPC分类号： H04L29/06 ,  H04L9/08

CPC分类号： H04L63/0428 ,  H04L9/08 ,  H04L63/06 ,  H04L63/162

摘要： A switch equipment and data processing method for supporting link layer security transmission are provided. The switch equipment for supporting link layer security transmission comprises a switch module and multiple port modules, each port module is electrically connected with the switch module respectively; the port module supports a link layer key management capability, and is used for establishing a share key for encrypting and decrypting data frames between the switch equipment and other network nodes.

摘要翻译： 提供了用于支持链路层安全传输的交换机设备和数据处理方法。 用于支持链路层安全传输的交换机设备包括交换机模块和多个端口模块，每个端口模块分别与交换机模块电连接; 端口模块支持链路层密钥管理功能，用于建立共享密钥，用于加密和解密交换机设备与其他网络节点之间的数据帧。

公开(公告)号：US08752126B2

公开(公告)日：2014-06-10

申请号：US13059547

申请日：2009-08-20

申请人： Liaojun Pang ,  Jun Cao ,  Manxia Tie

发明人： Liaojun Pang ,  Jun Cao ,  Manxia Tie

IPC分类号： G06F7/04 ,  G06F17/30 ,  G06F15/16 ,  H04L29/06

CPC分类号： H04W12/04 ,  H04L9/085 ,  H04L9/3073 ,  H04L63/062 ,  H04L2209/601

摘要： A method for enhancing the security of the multicast or broadcast system comprises the following steps: after having established the system parameter, the base station receives the register request message transmitted by the terminal, and the register request message carries the device identity information of the terminal; the base station registers the terminal according to the register request message and transmits the authorization key to the terminal after successful registration. By the base station establishing the specific system parameter, generating and awarding the corresponding terminal's key based on the parameter, the embodiment of the present invention can construct a secure network system of multicast or broadcast effectively and solve the security problem of the multicast or broadcast from the base station to the terminal in the network system.

摘要翻译： 一种用于增强多播或广播系统的安全性的方法包括以下步骤：在建立了系统参数之后，基站接收终端发送的注册请求消息，并且注册请求消息携带终端的设备身份信息 ; 基站根据注册请求消息注册终端，并在成功注册后向终端发送授权密钥。 由基站建立具体的系统参数，根据参数生成和授予相应的终端密钥，本发明的实施例可以有效构建安全的组播或广播网络系统，解决组播或广播的安全问题 基站到终端在网络系统中。

公开(公告)号：US20110289562A1

公开(公告)日：2011-11-24

申请号：US13059547

申请日：2009-08-20

申请人： Liaojun Pang ,  Jun Cao ,  Manxia Tie

发明人： Liaojun Pang ,  Jun Cao ,  Manxia Tie

IPC分类号： G06F17/30

CPC分类号： H04W12/04 ,  H04L9/085 ,  H04L9/3073 ,  H04L63/062 ,  H04L2209/601

摘要： A method for enhancing the security of the multicast or broadcast system comprises the following steps: after having established the system parameter, the base station receives the register request message transmitted by the terminal, and the register request message carries the device identity information of the terminal; the base station registers the terminal according to the register request message and transmits the authorization key to the terminal after successful registration. By the base station establishing the specific system parameter, generating and awarding the corresponding terminal's key based on the parameter, the embodiment of the present invention can construct a secure network system of multicast or broadcast effectively and solve the security problem of the multicast or broadcast from the base station to the terminal in the network system.

摘要翻译： 一种用于增强多播或广播系统的安全性的方法包括以下步骤：在建立了系统参数之后，基站接收终端发送的注册请求消息，并且注册请求消息携带终端的设备身份信息 ; 基站根据注册请求消息注册终端，并在成功注册后向终端发送授权密钥。 由基站建立具体的系统参数，根据参数生成和授予相应的终端密钥，本发明的实施例可以有效构建安全的组播或广播网络系统，解决组播或广播的安全问题 基站到终端在网络系统中。

公开(公告)号：US09009466B2

公开(公告)日：2015-04-14

申请号：US13995641

申请日：2011-06-17

申请人： Qin Li ,  Jun Cao ,  Manxia Tie

发明人： Qin Li ,  Jun Cao ,  Manxia Tie

IPC分类号： H04L29/06 ,  H04L9/08

CPC分类号： H04L63/0428 ,  H04L9/08 ,  H04L63/162

摘要： There are a terminal device capable of link layer encryption and decryption and a data process method thereof, and the terminal device includes a link layer processing module including a control module, a data frame encryption module, a data frame decryption module, a key management module, an algorithm module, a transmission port and a reception port; and the control module is connected with the transmission port through the data frame encryption module, the reception port is connected with the control module through the data frame decryption module, the control module is connected with the key management module, the data frame encryption module is connected with the data frame decryption module through the key management module, and the data frame encryption module is connected with the data frame decryption module through the algorithm module.

摘要翻译： 存在能够进行链路层加密和解密的终端设备及其数据处理方法，并且终端设备包括链路层处理模块，该链路层处理模块包括控制模块，数据帧加密模块，数据帧解密模块，密钥管理模块 算法模块，传输端口和接收端口; 控制模块通过数据帧加密模块与传输端口连接，接收端口通过数据帧解密模块与控制模块连接，控制模块与密钥管理模块连接，数据帧加密模块为 通过密钥管理模块与数据帧解密模块相连，数据帧加密模块通过算法模块与数据帧解密模块连接。

公开(公告)号：US08588423B2

公开(公告)日：2013-11-19

申请号：US13060126

申请日：2009-08-20

申请人： Liaojun Pang ,  Jun Cao ,  Manxia Tie

发明人： Liaojun Pang ,  Jun Cao ,  Manxia Tie

IPC分类号： H04L9/08

CPC分类号： H04W12/04 ,  H04L9/0833 ,  H04L9/0844 ,  H04L9/0891 ,  H04L63/065 ,  H04W12/10 ,  H04W88/08

摘要： A multicast key distribution method, an update method, and a base station based on unicast conversation key, the distribution method includes the following steps: 1) the base station composes groups of multicast key distribution; 2) the base station broadcasts the groups of multicast key distribution to all terminals; 3) the terminals acquire the multicast conversation key through calculation. The present invention solves the problem that the efficiency of the multicast key distribution based on unicast conversation key is low in the prior art, and provides a multicast key distribution method based on unicast conversation key.

摘要翻译： 基于单播对话密钥的组播密钥分发方法，更新方法和基站，分发方法包括以下步骤：1）基站组成组播密钥分发组; 2）基站向所有终端广播组播密钥分发组播; 3）终端通过计算获取组播对话密钥。 本发明解决了现有技术中基于单播对话密钥的组播密钥分发的效率低的问题，并且提供了基于单播会话密钥的组播密钥分发方法。

公开(公告)号：US20130283045A1

公开(公告)日：2013-10-24

申请号：US13995641

申请日：2011-06-17

申请人： Qin Li ,  Jun Cao ,  Manxia Tie

发明人： Qin Li ,  Jun Cao ,  Manxia Tie

IPC分类号： H04L29/06 ,  H04L9/08

CPC分类号： H04L63/0428 ,  H04L9/08 ,  H04L63/162

摘要： There are a terminal device capable of link layer encryption and decryption and a data process method thereof, and the terminal device includes a link layer processing module including a control module, a data frame encryption module, a data frame decryption module, a key management module, an algorithm module, a transmission port and a reception port; and the control module is connected with the transmission port through the data frame encryption module, the reception port is connected with the control module through the data frame decryption module, the control module is connected with the key management module, the data frame encryption module is connected with the data frame decryption module through the key management module, and the data frame encryption module is connected with the data frame decryption module through the algorithm module.

摘要翻译： 存在能够进行链路层加密和解密的终端设备及其数据处理方法，并且终端设备包括链路层处理模块，该链路层处理模块包括控制模块，数据帧加密模块，数据帧解密模块，密钥管理模块 算法模块，传输端口和接收端口; 控制模块通过数据帧加密模块与传输端口连接，接收端口通过数据帧解密模块与控制模块连接，控制模块与密钥管理模块连接，数据帧加密模块为 通过密钥管理模块与数据帧解密模块相连，数据帧加密模块通过算法模块与数据帧解密模块连接。

公开(公告)号：US20110194697A1

公开(公告)日：2011-08-11

申请号：US13060126

申请日：2009-08-20

申请人： Liaojun Pang ,  Jun Cao ,  Manxia Tie

发明人： Liaojun Pang ,  Jun Cao ,  Manxia Tie

IPC分类号： H04L9/08

CPC分类号： H04W12/04 ,  H04L9/0833 ,  H04L9/0844 ,  H04L9/0891 ,  H04L63/065 ,  H04W12/10 ,  H04W88/08

摘要： A multicast key distribution method, an update method, and a base station based on unicast conversation key, the distribution method includes the following steps: 1) the base station composes groups of multicast key distribution; 2) the base station broadcasts the groups of multicast key distribution to all terminals; 3) the terminals acquire the multicast conversation key by calculating. The present invention solves the problem that the efficiency of the multicast key distribution based on unicast conversation key is low in the prior art, and provides a multicast key distribution method based on unicast conversation key.

摘要翻译： 基于单播对话密钥的组播密钥分发方法，更新方法和基站，分发方法包括以下步骤：1）基站组成组播密钥分发组; 2）基站向所有终端广播组播密钥分发组播; 3）终端通过计算获取组播对话密钥。 本发明解决了现有技术中基于单播对话密钥的组播密钥分发的效率低的问题，并且提供了基于单播会话密钥的组播密钥分发方法。

公开(公告)号：US20110126000A1

公开(公告)日：2011-05-26

申请号：US13055296

申请日：2009-07-20

申请人： Liaojun Pang ,  Jun Cao ,  Manxia Tie

发明人： Liaojun Pang ,  Jun Cao ,  Manxia Tie

IPC分类号： H04W12/06 ,  H04W12/04

CPC分类号： H04L9/0869 ,  H04L9/083 ,  H04L9/3073 ,  H04L9/321 ,  H04L9/3271 ,  H04L2209/805

摘要： A method for accessing data safely, which is suitable for the electronic tag with low performance, is provided. The method comprises the following steps: when performing a data writing process, the first read-write device encrypts the message MSG and then writes the message in the electronic tag; when performing a data reading process, the second read-write device sends a data request packet to the electronic tag; the electronic tag sends a data response packet to the second read-write device according to the data request packet; the second read-write device sends a key request packet to a trusted third party; the trusted third party verifies the validity of the identity of the second read-write device according to the key request packet, and sends a key response packet to the second read-write device upon the verification is passed; the second read-write device obtains the plain text of the electronic tag message MSG according to the key response packet. This invention can realize the safe access of the data of the electronic tag with low performance.

摘要翻译： 提供了一种安全访问数据的方法，适用于低性能的电子标签。 该方法包括以下步骤：当执行数据写入处理时，第一读写装置加密消息MSG，然后将消息写入电子标签; 当执行数据读取处理时，第二读写装置向电子标签发送数据请求包; 电子标签根据数据请求包向第二读写装置发送数据响应包; 第二读写装置向可信第三方发送密钥请求包; 受信任的第三方根据密钥请求分组验证第二读写装置的身份的有效性，并且在验证通过时向第二读写装置发送密钥响应分组; 第二读写装置根据密钥响应包获得电子标签消息MSG的明文。 本发明可以实现低性能电子标签数据的安全访问。