-
公开(公告)号:US20170310475A1
公开(公告)日:2017-10-26
申请号:US15510006
申请日:2015-06-23
发明人: Ya’nan Hu , Zhiqiang Du , Guoqiang Zhang , Qin Li
CPC分类号: H04L9/0816 , H04L9/0656 , H04L9/3273 , H04L63/0435 , H04L63/06 , H04L63/08 , H04L63/0869 , H04W12/04
摘要: An entity authentication method includes: an entity A generates and sends NA to an entity B; the entity B generates NB and ZSEEDB, computes a key MKA∥KEIA and first encrypted authentication data AuthEncDataB, and sends the NB∥NA∥AuthEncDataB to the entity A for verification; the entity A generates ZSEEDA, computes second encrypted authentication data AuthEncDataA, a shared key seed Z, a master key MK and a first message authentication identifier MacTagA, and sends the NA∥NB∥AuthEncDataA∥MacTagA to the entity B for verification; the entity B computes Z, MK and MacTagA, compares the MacTagA with the received MacTagA, and if the two are equal, considers that the entity A is valid; the entity B computes and sends a second message authentication identifier MacTagB to the entity A; and the entity A computes MacTagB, compares the MacTagB with the received MacTagB, and if the two are equal, considers that the entity B is valid.
-
公开(公告)号:US11323433B2
公开(公告)日:2022-05-03
申请号:US16645149
申请日:2018-09-07
发明人: Yuehui Wang , Bianling Zhang , Manxia Tie , Xiaolong Lai , Qin Li , Weigang Tong , Guoqiang Zhang , Zhiqiang Du , Xiang Yan
摘要: Provided in the present invention are a digital credential management method and a device, the method comprising: a digital credential application device negotiating establishment of a secure data channel with a digital credential issuing device, and sending to the digital credential issuing device a digital credential management request message; the digital credential issuing device receiving the message, and sending to the digital credential application device a digital credential management verification request message; the digital credential application device receiving the verification request message, and sending to the digital credential issuing device a digital credential management verification response message; the digital credential issuing device receiving the digital credential management verification response message, and sending to the digital credential application device a digital credential management response message; the digital credential application device receiving the digital credential management response message, and sending to the digital credential issuing device a digital credential management confirmation message.
-
公开(公告)号:US10652029B2
公开(公告)日:2020-05-12
申请号:US15765223
申请日:2016-08-23
发明人: Zhiqiang Du , Bianling Zhang , Qin Li , Xiang Yan , Guoqiang Zhang
摘要: Provided are an entity identity validity verification method and device with multiple trusted third parties being involved. In the application, validity of identities of entities performing mutual identity validity verification can only be verified by different trusted third parties. During the verification process, the trusted third parties that are respectively trusted by the two entities interact with each other, and provide services for mutual identity validity verification between the entities, to complete the identity validity verification between the entities.
-
公开(公告)号:US10439801B2
公开(公告)日:2019-10-08
申请号:US15510006
申请日:2015-06-23
发明人: Ya'nan Hu , Zhiqiang Du , Guoqiang Zhang , Qin Li
摘要: An entity authentication method includes: an entity A generates and sends NA to an entity B; the entity B generates NB and ZSEEDB, computes a key MKA∥KEIA and first encrypted authentication data AuthEncDataB, and sends the NB∥NA∥AuthEncDataB to the entity A for verification; the entity A generates ZSEEDA, computes second encrypted authentication data AuthEncDataA, a shared key seed Z, a master key MK and a first message authentication identifier MacTagA, and sends the NA∥NB∥AuthEncDataA∥MacTagA to the entity B for verification; the entity B computes Z, MK and MacTagA, compares the MacTagA with the received MacTagA, and if the two are equal, considers that the entity A is valid; the entity B computes and sends a second message authentication identifier MacTagB to the entity A; and the entity A computes MacTagB, compares the MacTagB with the received MacTagB, and if the two are equal, considers that the entity B is valid.
-
公开(公告)号:US20150089588A1
公开(公告)日:2015-03-26
申请号:US14394036
申请日:2013-03-14
发明人: Zhiqiang Du , Manxia Tie , Guoqiang Zhang
CPC分类号: H04L63/08 , G06F21/30 , G06F21/44 , G06F21/445 , H04L9/0861 , H04L9/32 , H04L2209/805 , H04W12/06
摘要: Provided is an air interface security method. In the process of protocol transmission, the method executes: 1) a short-range coupling device sending a security parameter request message to a short-range card; 2) after receiving the security parameter request message, the short-range card conduct security parameter feedback on the short-range coupling device; and 3) the short-range coupling device and the short-range card establish a security link according to a security parameter. Provided are a short-range coupling device, a short-range card, etc. for achieving the method. By introducing a security mechanism, the present invention provides a security protection capability for an air interface, can provide identity authentication for a short-range coupling device and a short-range card to ensure the validity and authenticity of the identities of both sides in the communications, and at the same time, will not bring additional hardware overhead to the short-range coupling device and the short-range card.
摘要翻译: 提供了一种空中接口安全方法。 在协议传输过程中,该方法执行:1)短距离耦合装置向短距离卡发送安全参数请求消息; 2)在收到安全参数请求消息后,短距离卡对短距离耦合设备进行安全参数反馈; 和3)短距离耦合设备和短距离卡根据安全参数建立安全链路。 提供了用于实现该方法的短距离耦合装置,短距离卡等。 通过引入安全机制,本发明提供了一种空中接口的安全保护能力,可以为短距离耦合设备和短距离卡提供身份认证,以确保双方身份的有效性和真实性。 通信,同时不会对短距离耦合设备和短距离卡带来额外的硬件开销。
-
公开(公告)号:US11363010B2
公开(公告)日:2022-06-14
申请号:US16482463
申请日:2018-02-13
发明人: Yuehui Wang , Bianling Zhang , Manxia Tie , Xiaolong Lai , Qin Li , Weigang Tong , Guoqiang Zhang , Zhiqiang Du , Xiang Yan
摘要: A method and device for managing a digital certificate are provided. A digital certificate requesting device negotiates with a digital certificate issuing device by using an acquired authorization code, to establish a security data channel and generate a security key, and messages can be encrypted with the generated data communication key during a process of message interaction between the digital certificate requesting device and the digital certificate issuing device, thereby effectively increasing the security in data transmission. The method and device are applicable for automatically requesting for, querying, updating, revoking a digital certificate and acquiring a digital certificate revocation list in various scenarios.
-
公开(公告)号:US20180331831A1
公开(公告)日:2018-11-15
申请号:US15766312
申请日:2016-08-11
发明人: Zhiqiang Du , Bianling Zhang , Qin Li , Xiang Yan , Guoqiang Zhang
CPC分类号: H04L9/321 , H04L9/0869 , H04L29/06 , H04L63/061 , H04L63/0807 , H04L63/0823 , H04L63/0869 , H04L63/0876
摘要: Provided are an entity identity validity verification method and device with multiple trusted third parties being involved. In the application, validity of identities of entities performing mutual identity validity verification can only be verified by different trusted third parties. During the verification process, the trusted third parties that are respectively trusted by the two entities interact with each other, and provide services for verifying validity of an identity of one entity by the other entity, to complete identity validity verification between the entities.
-
公开(公告)号:US09350721B2
公开(公告)日:2016-05-24
申请号:US14394036
申请日:2013-03-14
发明人: Zhiqiang Du , Manxia Tie , Guoqiang Zhang
CPC分类号: H04L63/08 , G06F21/30 , G06F21/44 , G06F21/445 , H04L9/0861 , H04L9/32 , H04L2209/805 , H04W12/06
摘要: Provided is an air interface security method. In the process of protocol transmission, the method executes: 1) a short-range coupling device sending a security parameter request message to a short-range card; 2) after receiving the security parameter request message, the short-range card conduct security parameter feedback on the short-range coupling device; and 3) the short-range coupling device and the short-range card establish a security link according to a security parameter. Provided are a short-range coupling device, a short-range card, etc. for achieving the method. By introducing a security mechanism, the present invention provides a security protection capability for an air interface, can provide identity authentication for a short-range coupling device and a short-range card to ensure the validity and authenticity of the identities of both sides in the communications, and at the same time, will not bring additional hardware overhead to the short-range coupling device and the short-range card.
摘要翻译: 提供了一种空中接口安全方法。 在协议传输过程中,该方法执行:1)短距离耦合装置向短距离卡发送安全参数请求消息; 2)在收到安全参数请求消息后,短距离卡对短距离耦合设备进行安全参数反馈; 和3)短距离耦合设备和短距离卡根据安全参数建立安全链路。 提供了用于实现该方法的短距离耦合装置,短距离卡等。 通过引入安全机制,本发明提供了一种空中接口的安全保护能力,可以为短距离耦合设备和短距离卡提供身份认证,以确保双方身份的有效性和真实性。 通信,同时不会对短距离耦合设备和短距离卡带来额外的硬件开销。
-
-
-
-
-
-
-
搜索结果
8 条记录 (耗时 0.022 秒)
