[go: up one dir, main page]

CN109309689B - A verification method for the authenticity and content integrity of the message source - Google Patents

A verification method for the authenticity and content integrity of the message source Download PDF

Info

Publication number
CN109309689B
CN109309689B CN201811624216.XA CN201811624216A CN109309689B CN 109309689 B CN109309689 B CN 109309689B CN 201811624216 A CN201811624216 A CN 201811624216A CN 109309689 B CN109309689 B CN 109309689B
Authority
CN
China
Prior art keywords
message
fpga
key
cpu
authentication code
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811624216.XA
Other languages
Chinese (zh)
Other versions
CN109309689A (en
Inventor
苏金树
王小峰
陈曙晖
李振兴
谢岢洋
陈璐
陈荣茂
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
National University of Defense Technology
Original Assignee
National University of Defense Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by National University of Defense Technology filed Critical National University of Defense Technology
Priority to CN201811624216.XA priority Critical patent/CN109309689B/en
Publication of CN109309689A publication Critical patent/CN109309689A/en
Application granted granted Critical
Publication of CN109309689B publication Critical patent/CN109309689B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

本专利提出了一种报文来源真实性和内容完整性的验证方法,报文自认证码实时消息来源真实性和完整性以及多级验证的方法及设备;为了在骨干网络中对报文消息进行实时验证,在CPU+FPGA架构上应用了基于标识密码算法和自认证码算法结合的报文消息实时验证技术,对骨干网络中报文消息进行高速实时在线验证和过滤,通过使用基于标识密码的零交互密钥协商技术,并预先指定检查者标识,实现终端无需复杂密钥管理以及检查者实时生成通信双方对称密钥的能力,运用CPU多线程和FPGA多级流水精确控制优势计算消息认证码,且对报文消息进行高速实时在线验证,提高了报文验证处理效率,保证网络通信的完整性、来源合法性和实效性。This patent proposes a method for verifying the authenticity and content integrity of a message source, a method and device for verifying the authenticity and integrity of a message source in real-time with a message self-authentication code, and a multi-level verification; For real-time verification, the real-time verification technology of message messages based on the combination of identification password algorithm and self-authentication code algorithm is applied on the CPU+FPGA architecture to perform high-speed real-time online verification and filtering of message messages in the backbone network. The zero-interaction key negotiation technology, and pre-specified checker's identity, realizes the terminal without complex key management and the checker's ability to generate symmetric keys for both parties in real time, using CPU multi-threading and FPGA multi-level pipeline to accurately control the advantages of computing message authentication It also performs high-speed real-time online verification of message messages, which improves the efficiency of message verification processing and ensures the integrity, source legitimacy and effectiveness of network communications.

Description

A kind of verification method of message source authenticity and content integrity
Technical field
The present invention relates to computer network security technology fields, especially true to network packet data source is applied to Property verifying and message content integrality, the method for consistency real-time verification.
Background technique
Network security certification is in order to which the identity of confirmation message source side, and discovery information are being transmitted, in storing process Whether it is tampered, identifies the spurious information of others' identity transmission of personation, is to guarantee message integrity and progress based on HMAC verifying The rudimentary algorithm of data source authentication, it exports the label of a regular length using the message of key and random length as input, Verifier is set to be capable of the sender of verification message whether is tampered in who and message transmitting procedure.This verifying exists It is very important in the Internet, is therefore widely used in various security protocols such as SSL/TLS, SSH, SNMP etc..HMAC It is transmitted under unreliable environment where verifying provides a kind of method and can check or the integrality of the message of storage, calculates and hand over open In the environment of stream, this is a primary demand, to ensure the legitimacy of the message of two sides transmission.
The following problems that above-mentioned HMAC verification method faces in the online real-time verification of high speed network:
(1) information authentication is two entities in communicating pair, HMAC message authentication need to occupy server calculating and The resources such as memory, the online real-time verification to high-speed communicating network are a very big challenges.
(2) key agreement between communicating pair client and server-side leverages communication efficiency.
Summary of the invention
The purpose of the present invention is there are a large amount of source address spoofing, messages to distort for current network, man-in-the-middle attack etc. Cyberthreat proposes a kind of verifying for real-time verification message source legitimacy and integrality towards high-performance backbone network network Method.This method carries authentication code by message, and the zero interactive key Negotiation Technology based on id password generates lead in real time The symmetric key for believing both sides, realizes based on the message source authenticity of Self-certified code and the real-time verification of integrality.
Technical scheme is as follows:
A kind of verification method of message source authenticity and content integrity, comprising:
Examiner ID is preassigned, communicating pair symmetric key corresponding with the examiner ID is generated in real time in CPU, checks Person checks message by communicating pair symmetric key;
For the network message data flow of processing, it is necessary first to which CPU carries out message flow pretreatment, then uses id password skill Art generates key according to message traffic identifier, finally calculates message authentication code, and traffic identifier and key are stored in TCAM respectively Table and SRAM table, so that the subsequent packet of the stream is quickly searched cipher key calculation message authentication code by FPGA;
For having traffic identifier and key in TCAM and SRAM list item, by TCAM table Rapid matching and FPGA to message number Verification processing is carried out according to message;For the message traffic identifier not inquired in TCAM and SRAM list item, message is reported on CPU Key is generated by zero interaction technique, traffic identifier and delivering key to TCAM and SRAM table are stored, by FPGA to message data Message carries out verification processing;
The message flowed for one, it is only necessary to carry out a small amount of authentication code information authentication in CPU, stream subsequent packet directly by FPGA carries out verification processing to message data message.
Present invention application high performance network processor and FPGA Coordination Treatment take full advantage of the processing of CPU and FPGA advantage Data generate communicating pair symmetric key using zero interactive key based on id password on CPU and a small amount of message are recognized It demonstrate,proves code to calculate, a large amount of authentication code operation and verifying, filtration treatment is carried out to message in FPGA, can be greatly improved online The performance of authentication code verifying filters the data message without verifying in a network, can mitigate in network using this framework and take Business device and terminal processes pressure.
In the present invention FPGA to message data message carry out verification processing the following steps are included:
Step 101:FPGA pre-processes message, traffic identifier in message is extracted, to be subsequently generated authentication code The key of calculating;
Step 102:FPGA according to the traffic identifier of extraction inquire TCAM table, determine traffic identifier whether in TCAM list item, if It is to then follow the steps 103, it is no to then follow the steps 107;
Step 103:FPGA finds the key being computed according to traffic identifier, and calculates message authentication code;
Step 104:FPGA determines whether the authentication code calculated is equal with the authentication code of message institute band, if so then execute step 105, it is no to then follow the steps 106;
After step 105:FPGA verifies message success, E-Packeted according to configuration into network;
After step 106:FPGA verifies message failure, message is assert for illegal source messages or nonuniformity message, at discarding Reason;
Step 107:FPGA determines that this stream does not generate key, and CPU is needed to generate key schedule using zero interaction, by CPU extracts message traffic identifier and produces key according to mark, and pre-processes to message;
Step 108:CPU issues traffic identifier and key to TCAM, stores in SRAM table, for FPGA to this stream subsequent packet into Row fast verification;
Step 109:CPU pre-processes message, and according to cipher key calculation message authentication code;
Step 110:CPU determines whether the authentication code calculated is equal with the authentication code of message institute band, if so then execute step 111, it is no to then follow the steps 112;
After step 111:CPU verifies message success, downward message executes step 105 to FPGA processing;
Step 112:CPU verifies message failure, dropping packets processing.
Compared with prior art, the beneficial effect of message authentication code multistage in-line verification method of the present invention is:
The method of the present invention utilizes high performance network processing technique combination authentication code algorithm, carries out high speed to the online message of network Authentication code verifying processing, rapid authentication is carried out to message source and integrality online in a network, to non-sources of law or non- Consistency message data quickly filters, and demonstrates length of random message from 64 to 1518 in the case where byte using the method for the present invention Process performance can reach the process performance of 30Gbps, in the communications between to message carry out high speed online verification, can subtract significantly The influence to communication performance is verified using hmac algorithm less, improves the reliability and integrality of communication data;
The method of the present invention uses the zero interactive key Negotiation Technology based on id password, it may not be necessary to negotiate to generate one The key of the communicating pair of data flow avoids resource consumption brought by key agreement, improves the efficiency of communicating pair.
Specific embodiment
The present invention will be described in detail below, the description of this part be only it is exemplary and explanatory, should not be to the present invention Protection scope have any restriction effect.In addition, description of the those skilled in the art according to this document, it can be in this document Feature in embodiment and in different embodiments carries out the corresponding combination.
Description and claims of this specification and term " first ", " second ", " third " " the 4th " etc. are (if deposited ) it is to be used to distinguish similar objects, without being used to describe a particular order or precedence order.It should be understood that use in this way Data are interchangeable under appropriate circumstances, so as to the embodiment of the present invention described herein, such as can be in addition to scheming herein Sequence other than those of showing or describe is implemented.In addition, term " includes " and " having " and their any deformation, it is intended that In cover it is non-exclusive include, for example, the process, method, system, product or equipment for containing a series of steps or units need not Those of be limited to be clearly listed step or unit, but may include be not clearly listed or for these process, methods, The other step or units of product or equipment inherently.
The authentication code multistage in-line verifying that the invention proposes a kind of in backbone network based on message identification cryptographic algorithm Methods and techniques, by preassigning examiner ID and no interactions authentication key construction method, examiner's adopting said method is in net The correctness of message authentication code can be verified on network at a high speed, the authenticity and content in data message source is complete in guarantee network Property, prevent source address spoofing, the attack such as packet network is distorted and is injected.
The purpose of the present invention is there are a large amount of source address spoofing, messages to distort for current network, man-in-the-middle attack etc. Cyberthreat proposes a kind of authentication for real-time verification message source legitimacy, integrality towards high-performance backbone network network Method.This method carries authentication code by message, and the zero interactive key Negotiation Technology based on id password generates communication in real time The symmetric key of both sides is realized based on the message source authenticity of Self-certified code and the real-time verification of integrality.
Method of the present embodiment based on message Self-certified code real-time messages source authenticity and integrality multi-level verification, in order to Real-time verification is carried out to message in backbone network, is applied on CPU+FPGA framework based on id password algorithm and oneself The message real-time verification technology that authentication code algorithm combines can carry out high speed real-time online to message in backbone network Verifying and filtering by using the zero interactive key Negotiation Technology based on id password, and preassign examiner's mark, realize Terminal is not necessarily to complicated key management and examiner generates the ability of communicating pair symmetric key in real time, with CPU multithreading and FPGA multilevel flow crystal really controls advantage and calculates message authentication code, and carries out the verifying of high speed real-time online to message, can be with Authentication of message treatment effeciency is substantially increased, guarantees the integrality, source legitimacy and actual effect of network communication.
For needing the network message data flow using the method for the present invention processing, it is necessary first to which CPU carries out message flow and locates in advance Then reason generates key according to message traffic identifier with identification cipher technology, finally calculates message authentication code, verifies message Source legitimacy, integrality and actual effect, and traffic identifier and key are stored in TCAM table and SRAM table respectively, it is subsequent so as to the stream Message is quickly searched cipher key calculation authentication code verifying message integrality, legitimacy and actual effect by FPGA.
For having traffic identifier and key in TCAM and SRAM list item, pass through TCAM table Rapid matching and FPGA multistage flowing water Technology calculates message HMAC, and carries out verification processing to message data message.For not inquired in TCAM and SRAM list item Message is reported on CPU and generates key by zero interaction technique, extremely by traffic identifier and delivering key by the message traffic identifier arrived The storage of TCAM and SRAM table carries out verification processing to message data message by FPGA.
The message flowed for one, it is only necessary to carry out a small amount of authentication code information authentication in CPU, stream subsequent packet directly by FPGA multistage flowing water technology is rapidly performed by authentication code verifying, substantially increases network message treatment effeciency, ensure that network number According to the integrality, legitimacy and actual effect of transmission, communicating pair data transmission performance is also substantially increased.
Present invention application high performance network processor and FPGA Coordination Treatment take full advantage of the processing of CPU and FPGA advantage Data generate communicating pair symmetric key using zero interactive key based on id password on CPU and a small amount of message are recognized It demonstrate,proves code to calculate, verification processing is carried out to message data message in FPGA and (a large amount of authentication code operation is carried out to message and is tested Card, filtration treatment), the performance of on-line authentication code verifying can be greatly improved, filters the datagram without verifying in a network Text can mitigate server and terminal processes pressure in network using this framework.
In the present invention FPGA to message data message carry out verification processing the following steps are included: the following steps are included:
Step 101:FPGA pre-processes message, traffic identifier in message is extracted, to be subsequently generated authentication code The key of calculating;
Step 102:FPGA according to the traffic identifier of extraction inquire TCAM table, determine traffic identifier whether in TCAM list item, if It is to then follow the steps 103, it is no to then follow the steps 107;
Step 103:FPGA finds the key being computed according to traffic identifier, and calculates message authentication code;
Step 104:FPGA determines whether the authentication code calculated is equal with the authentication code of message institute band, if so then execute step 105, it is no to then follow the steps 106;
After step 105:FPGA verifies message success, E-Packeted according to configuration into network;
After step 106:FPGA verifies message failure, message is assert for illegal source messages or nonuniformity message, at discarding Reason;
Step 107:FPGA determines that this stream does not generate key, and CPU is needed to generate key schedule using zero interaction, by CPU extracts message traffic identifier and produces key according to mark, and pre-processes to message;
Step 108:CPU issues traffic identifier and key to TCAM, stores in SRAM table, for FPGA to this stream subsequent packet into Row fast verification;
Step 109:CPU pre-processes message, and according to cipher key calculation message authentication code;
Step 110:CPU determines whether the authentication code calculated is equal with the authentication code of message institute band, if so then execute step 111, it is no to then follow the steps 112;
After step 111:CPU verifies message success, downward message executes step 105 to FPGA processing;
Step 112:CPU verifies message failure, dropping packets processing.
The above is only a preferred embodiment of the present invention, protection scope of the present invention is not limited merely to above-mentioned implementation Example, all technical solutions belonged under thinking of the present invention all belong to the scope of protection of the present invention.It should be pointed out that for the art Those of ordinary skill for, several improvements and modifications without departing from the principles of the present invention, these improvements and modifications It should be regarded as protection scope of the present invention.

Claims (2)

1.一种报文来源真实性和内容完整性的验证方法,其特征在于包括:1. a verification method of message source authenticity and content integrity, is characterized in that comprising: 预先指定检查者ID,CPU中实时生成与该检查者ID对应的通信双方对称密钥,检查者通过通信双方对称密钥对报文进行检查;其中,生成所述通信双方对称密钥,检查者通过通信双方对称密钥对报文进行检查的方法在于:The checker ID is pre-specified, and the symmetric key of both communication parties corresponding to the checker ID is generated in the CPU in real time, and the checker checks the message through the symmetric key of both communication parties; The method of checking the message through the symmetric key of the two communicating parties is as follows: 对于处理的网络报文数据流,首先需要CPU进行报文流预处理,然后用标识密码技术根据报文流标识生成密钥,最后计算报文消息认证码,且将流标识和密钥分别存入TCAM表和SRAM表,以便该网络报文数据流的后续报文由FPGA快速查找密钥计算报文消息认证码;For the processed network packet data flow, the CPU first needs to preprocess the packet flow, then use the identification cryptography technology to generate the key according to the packet flow identification, and finally calculate the message authentication code, and store the flow identification and key separately. Enter the TCAM table and the SRAM table, so that the FPGA can quickly find the key to calculate the message authentication code for the subsequent messages of the network message data stream; 对于TCAM和SRAM表项中已有流标识和密钥,通过TCAM表快速匹配和FPGA对报文数据消息进行验证处理;对于TCAM和SRAM表项中未查询到的报文流标识,将报文上报至CPU上通过零交互技术生成密钥,将流标识和密钥下发至TCAM和SRAM表存储,由FPGA对报文数据消息进行验证处理;For the existing flow identifiers and keys in the TCAM and SRAM entries, the packet data message is verified through the TCAM table fast matching and FPGA; for the packet flow identifiers that are not queried in the TCAM and SRAM entries, the packet Report to the CPU to generate a key through zero-interaction technology, send the flow identifier and key to the TCAM and SRAM table storage, and the FPGA verifies the message data message; 对于一条流的报文,只需要在CPU进行少量认证码消息验证,流后续报文直接由FPGA对报文数据消息进行验证处理。For a stream of packets, only a small amount of authentication code message verification needs to be performed on the CPU, and the FPGA directly verifies the packet data messages for subsequent packets of the stream. 2.根据权利要求1所述的报文来源真实性和内容完整性的验证方法,其特征在于,FPGA对报文数据消息进行验证处理包括以下步骤:2. the verification method of message source authenticity and content integrity according to claim 1, is characterized in that, FPGA carries out the verification processing to message data message and comprises the following steps: 步骤101:FPGA对报文消息进行预处理,提取报文中流标识,以便后续生成认证码计算的密钥;Step 101: The FPGA preprocesses the message, and extracts the flow identifier in the message, so as to subsequently generate a key for authentication code calculation; 步骤102:FPGA根据提取的流标识查询TCAM表,判定流标识是否在TCAM表项中,若是则执行步骤103,否则执行步骤107;Step 102: The FPGA queries the TCAM table according to the extracted flow ID, and determines whether the flow ID is in the TCAM entry, and if so, executes Step 103, otherwise, executes Step 107; 步骤103:FPGA根据流标识查到已经计算的密钥,并计算报文消息认证码;Step 103: The FPGA finds the calculated key according to the flow identifier, and calculates the message authentication code; 步骤104:FPGA判定计算的认证码是否与报文所带的认证码相等,若是则执行步骤105,否则执行步骤106;Step 104: The FPGA determines whether the calculated authentication code is equal to the authentication code carried in the message, and if so, executes step 105, otherwise executes step 106; 步骤105:FPGA验证报文成功后,根据配置转发报文至网络中;Step 105: After the FPGA verifies the message successfully, it forwards the message to the network according to the configuration; 步骤106:FPGA验证报文失败后,认定报文为非法源报文或非一致性报文,丢弃处理;Step 106: After the FPGA fails to verify the message, it determines that the message is an illegal source message or an inconsistent message, and discards it; 步骤107:FPGA判定此流未生成密钥,需要CPU应用零交互生成密钥生成算法,由CPU提取报文流标识根据标识生产密钥,并对报文进行预处理;Step 107: The FPGA determines that the stream has not generated a key, and requires the CPU to apply a zero-interaction generation key generation algorithm, and the CPU extracts the message flow identifier and produces a key according to the identifier, and preprocesses the message; 步骤108:CPU下发流标识和密钥至TCAM,SRAM表中存储,供FPGA对此流后续报文进行快速验证;Step 108: The CPU sends the flow identifier and key to the TCAM, and stores it in the SRAM table for the FPGA to quickly verify the subsequent packets of this flow; 步骤109:CPU对报文消息进行预处理,并根据密钥计算报文消息认证码;Step 109: the CPU preprocesses the message, and calculates the message authentication code according to the key; 步骤110:CPU判定计算的认证码是否与报文所带的认证码相等,若是则执行步骤111,否则执行步骤112;Step 110: The CPU determines whether the calculated authentication code is equal to the authentication code carried in the message, and if so, executes step 111, otherwise executes step 112; 步骤111:CPU验证报文成功后,下发报文至FPGA处理,执行步骤105;Step 111: After the CPU verifies the message successfully, it sends the message to the FPGA for processing, and executes step 105; 步骤112:CPU验证报文失败,丢弃报文处理。Step 112: The CPU fails to verify the packet and discards the packet for processing.
CN201811624216.XA 2018-12-28 2018-12-28 A verification method for the authenticity and content integrity of the message source Active CN109309689B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811624216.XA CN109309689B (en) 2018-12-28 2018-12-28 A verification method for the authenticity and content integrity of the message source

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811624216.XA CN109309689B (en) 2018-12-28 2018-12-28 A verification method for the authenticity and content integrity of the message source

Publications (2)

Publication Number Publication Date
CN109309689A CN109309689A (en) 2019-02-05
CN109309689B true CN109309689B (en) 2019-04-05

Family

ID=65221703

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811624216.XA Active CN109309689B (en) 2018-12-28 2018-12-28 A verification method for the authenticity and content integrity of the message source

Country Status (1)

Country Link
CN (1) CN109309689B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111049649A (en) * 2019-12-17 2020-04-21 湖南安方信息技术有限公司 Zero-interaction key negotiation security enhancement protocol based on identification password
CN113810173B (en) * 2020-06-12 2024-06-14 华为技术有限公司 A method for verifying application information, a message processing method and a device
FR3121765B1 (en) 2021-04-08 2024-11-15 Proton World Int Nv Authentication process
CN115834050A (en) * 2022-11-18 2023-03-21 浪潮(北京)电子信息产业有限公司 Communication method, device, equipment and computer readable storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005167385A (en) * 2003-11-28 2005-06-23 Ntt Docomo Inc ID key issuing device, ID verification device, ID certification device, ID key issuing method, ID verification method, and ID certification method
CN103636161A (en) * 2011-02-12 2014-03-12 瑟蒂弗克司有限公司 Use of non-interactive identity based key agreement derived secret keys with authenticated encryption
CN103929299A (en) * 2014-04-28 2014-07-16 王小峰 Address-is-public-key self-secure lightweight network message transmission method
CN106788997A (en) * 2016-12-08 2017-05-31 深圳奥联信息安全技术有限公司 A kind of real-time multimedia encryption method based on id password

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7688820B2 (en) * 2005-10-03 2010-03-30 Divitas Networks, Inc. Classification for media stream packets in a media gateway
CN105491015B (en) * 2015-11-21 2018-07-20 国网山东潍坊市寒亭区供电公司 A kind of communication of data and storage method
CN106209369B (en) * 2016-07-01 2019-04-12 中国人民解放军国防科学技术大学 A kind of communication means of ID-based cryptosystem system
CN106603512B (en) * 2016-11-30 2019-07-09 中国人民解放军国防科学技术大学 A kind of authentic authentication method of the Intermediate System-Intermediate System based on SDN framework
CN108229188B (en) * 2017-12-29 2021-06-15 西安慧博习兆信息技术有限公司 Method for signing file and verifying file by using identification key
CN108769007B (en) * 2018-05-28 2020-08-21 上海顺舟智能科技股份有限公司 Gateway security authentication method, server and gateway
CN108959891B (en) * 2018-07-19 2022-07-12 南京邮电大学 Electroencephalogram identity authentication method based on secret sharing

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005167385A (en) * 2003-11-28 2005-06-23 Ntt Docomo Inc ID key issuing device, ID verification device, ID certification device, ID key issuing method, ID verification method, and ID certification method
CN103636161A (en) * 2011-02-12 2014-03-12 瑟蒂弗克司有限公司 Use of non-interactive identity based key agreement derived secret keys with authenticated encryption
CN103929299A (en) * 2014-04-28 2014-07-16 王小峰 Address-is-public-key self-secure lightweight network message transmission method
CN106788997A (en) * 2016-12-08 2017-05-31 深圳奥联信息安全技术有限公司 A kind of real-time multimedia encryption method based on id password

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Real-time pre-processing system with hardware accelerator for mobile core networks;Mian CHENG et al.;《Frontiers of Information Technology & Electronic Engineering》;20171231;全文
基于身份密码学的报文认证及控制机制研究;王博;《中国优秀硕士学位论文全文数据库(电子期刊)》;20180430;全文

Also Published As

Publication number Publication date
CN109309689A (en) 2019-02-05

Similar Documents

Publication Publication Date Title
CN112218294B (en) 5G-based access method and system for Internet of things equipment and storage medium
CN110069918B (en) Efficient double-factor cross-domain authentication method based on block chain technology
CN109309565B (en) Security authentication method and device
CN109309689B (en) A verification method for the authenticity and content integrity of the message source
CN104219228B (en) A kind of user's registration, user identification method and system
CN106357690B (en) data transmission method, data sending device and data receiving device
CN109962784A (en) A Data Encryption, Decryption and Recovery Method Based on Digital Envelope Multi-Certificate
CN107483195A (en) A secure two-party authentication and key agreement protocol in the Internet of Things environment
CN111885058B (en) Lightweight message transmission method for end-to-end intelligent device communication in Internet of things cloud
Ren et al. A novel dynamic user authentication scheme
CN114143117B (en) Data processing method and device
CN109104284A (en) A kind of block chain anonymity transport protocol based on ring signatures
CN103346887A (en) Low-complexity identity authentication method based on intelligent card and under multiserver environment
CN109359464A (en) A wireless security authentication method based on blockchain technology
CN101459509B (en) Password protocol safety detection method based on novelty verification condition
CN106453431A (en) Method for realizing Internet intersystem authentication based on PKI
Tbatou et al. A New Mutuel Kerberos Authentication Protocol for Distributed Systems.
WO2022057106A1 (en) Credibility verification system for digital asset data packet
Zhu et al. Secure and efficient biometric-based anonymous authentication scheme for mobile-edge computing
Bakar et al. DPUAUT: Secure authentication protocol with SmartNiC integration for trustworthy communications in intelligent swarm systems
CN104918245B (en) A kind of identity identifying method, device, server and client
CN110866754A (en) A pure software DPVA identity authentication method based on dynamic password
Vladyko et al. Blockchain models to improve the service security on board communications
CN114666040B (en) Radio frequency identification authentication system and method based on quantum cryptography network
CN116822661B (en) Privacy-preserving verifiable federated learning method based on dual-server architecture

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant