专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

31. 发明申请

US20110252239A1 METHOD FOR PROTECTING THE FIRST MESSAGE OF SECURITY PROTOCOL 有权
标题翻译：保护安全协议第一信息的方法
公开(公告)号：US20110252239A1
公开(公告)日：2011-10-13
申请号：US13140632
申请日：2009-12-07
申请人： Xiaolong Lai , Jun Cao , Yuelei Xiao , Manxia Tie , Zhenhai Huang , Bianlin Zhang , Yanan Hu
发明人： Xiaolong Lai , Jun Cao , Yuelei Xiao , Manxia Tie , Zhenhai Huang , Bianlin Zhang , Yanan Hu
IPC分类号： H04L9/32
CPC分类号： H04W12/10 , H04L9/0838 , H04L9/3242 , H04L9/3273 , H04L63/123 , H04L2209/80
摘要： The present invention provides a method for protecting the first message of a security protocol and the method includes the following steps: 1) initialization step; 2) the initiating side sends the first message; 3) the responding side receives the first message. The method for protecting the first message of the security protocol provided by the present invention can implement that: 1) Pre-Shared Master Key (PSMK), which is shared by the initiating side and responding side, and the security parameter in the first message are bound by using computation function of Message Integrality Code (MIC) or Message Authentication Code (MAC), and thus the fabrication attack of the first message in the security protocol is avoided effectively; 2) during computing the MIC or MAC of the first message, only PSMK and the security parameter of the first message are selected to be computed, and thus the computation load of the initiating side and the responding side is effectively reduced and the computation resource is saved.
摘要翻译：本发明提供一种保护安全协议的第一消息的方法，该方法包括以下步骤：1）初始化步骤; 2）发起方发送第一个消息; 3）响应端接收第一条消息。用于保护本发明提供的安全协议的第一消息的方法可以实现：1）由发起端和响应侧共享的预共享主密钥（PSMK）和第一消息中的安全参数通过使用消息完整性代码（MIC）或消息认证码（MAC）的计算功能来限制，从而有效地避免了安全协议中的第一消息的制造攻击; 2）在计算第一个消息的MIC或MAC期间，仅选择PSMK和第一个消息的安全参数进行计算，从而有效减少发起方和响应方的计算负载，计算资源为保存

32. 发明申请

US20100250952A1 TWO-WAY ACCESS AUTHENTICATION METHOD 有权
标题翻译：两路访问认证方法
公开(公告)号：US20100250952A1
公开(公告)日：2010-09-30
申请号：US12741982
申请日：2008-11-07
申请人： Liaojun Pang , Jun Cao , Manxia Tie , Zhenhai Huang
发明人： Liaojun Pang , Jun Cao , Manxia Tie , Zhenhai Huang
IPC分类号： H04L9/32 , G06F21/00
CPC分类号： H04L9/3247 , G06F21/445 , G06Q20/3823 , G06Q20/388 , G06Q20/4097 , H04L9/0847 , H04L9/321 , H04L9/3271 , H04L63/0869 , H04L2209/80 , H04W12/06
摘要： A two-way access authentication method comprises: According to the system parameters pre-established by the third entity, the first entity sends the access authentication request packet to the second entity, then the second entity validates whether the signature of first entity is correct, and if yes, the share master key of second entity is calculated; the second entity generates the access authentication response packet and sends it to the first entity, then the first entity validates whether the signature of access authentication response packet and the message integrity check code are correct; if yes, the share master key of first entity is calculated; the first entity sends the access authentication acknowledge packet to the second entity, then the second entity validates the integrity of the access authentication acknowledge packet, if passing the validation, the share master key of first entity is consistent with that of the second entity, and the access authentication is achieved. For improving the security, after received the access authentication request packet sent by the first entity, the second entity may perform the identity validity validation and generates the access authentication response packet after passing the validation.
摘要翻译：双向接入认证方法包括：根据第三实体预先建立的系统参数，第一实体向第二实体发送接入认证请求报文，第二实体验证第一实体的签名是否正确，如果是，则计算第二实体的共享主密钥; 第二实体生成接入认证响应报文并将其发送给第一实体，则第一实体验证接入认证响应报文的签名和消息完整性检查码是否正确; 如果是，则计算第一实体的共享主密钥; 第一实体向第二实体发送接入认证确认分组，则第二实体验证接入认证确认分组的完整性，如果通过验证，则第一实体的共享主密钥与第二实体的共享主密钥一致，实现了访问认证。为了提高安全性，在接收到由第一实体发送的接入认证请求分组之后，第二实体可以在通过验证之后执行身份有效性验证并生成接入认证响应分组。

33. 发明授权

US08966257B2 Method and system for secret communication between nodes 有权
标题翻译：节点之间的秘密通信的方法和系统
公开(公告)号：US08966257B2
公开(公告)日：2015-02-24
申请号：US13516967
申请日：2010-06-02
申请人： Manxia Tie , Jun Cao , Oin Li , Li Ge , Zhenhai Huang
发明人： Manxia Tie , Jun Cao , Oin Li , Li Ge , Zhenhai Huang
IPC分类号： H04L29/06 , H04L9/32 , H04L12/721
CPC分类号： H04L63/0464 , H04L9/0827 , H04L45/26 , H04L63/0435 , H04L63/0471 , H04L63/062 , H04L63/162
摘要： The present invention discloses a method and system for secret communication between nodes in a wired Local Area Network (LAN). The method of secret communication between nodes in the wired LAN includes the following steps: 1) a sharing key is established; 2) the route probe is exchanged; 3) the data communication is classified; 4) the secret communication is processed among the nodes. According to the different communication situations among the nodes, the method of secret communication between nodes provided in the present invention can process the classification and select an appropriate secret communication strategy; compared with per-hop encryption, the calculation load of the exchange equipment is reduced, and the transmission delay of data packets is shortened; compared with the method that inter-station keys are established in pairs of nodes in order to protect the communication secret, the key number is reduced, and the key management is simplified.
摘要翻译：本发明公开了一种用于有线局域网（LAN）中的节点之间的秘密通信的方法和系统。有线局域网节点之间的秘密通信方法包括以下步骤：1）建立共享密钥; 2）交换路由探测器; 3）数据通信分类; 4）节点之间处理秘密通信。根据节点之间不同的通信情况，本发明提供的节点之间的秘密通信方法可以处理分类并选择适当的秘密通信策略; 与每跳加密相比，交换设备的计算负载减少，数据包的传输延迟缩短; 与站间密钥建立成对节点的方法相比，为了保护通信秘密，密钥号码减少，密钥管理简化。

34. 发明授权

US08763100B2 Entity authentication method with introduction of online third party 有权
标题翻译：实体认证方式，引入在线第三方
公开(公告)号：US08763100B2
公开(公告)日：2014-06-24
申请号：US13392915
申请日：2009-12-29
申请人： Manxia Tie , Jun Cao , Xiaolong Lai , Zhenhai Huang
发明人： Manxia Tie , Jun Cao , Xiaolong Lai , Zhenhai Huang
IPC分类号： G06F21/00
CPC分类号： H04L63/08 , H04L9/3213 , H04L9/3247 , H04L9/3263 , H04L9/3271 , H04L9/3297
摘要： An entity authentication method by introducing an online third party includes the following steps: 1) an entity B sends a message 1 to an entity A; 2) the entity A sends a message 2 to a trusted third party TP after receiving the message 1; 3) the trusted third party TP checks the validity of the entity A after receiving the message 2; 4) the trusted third party TP returns a message 3 to the entity A after checking the validity of the entity A; 5) the entity A sends a message 4 to the entity B after receiving the message 3; 6) and the entity B performs validation after receiving the message 4. The online retrieval and authentication mechanism of the public key simplifies the operating condition of a protocol, and realizes validity identification of the network for the user through the authentication of the entity B to the entity A.
摘要翻译：通过引入在线第三方的实体认证方法包括以下步骤：1）实体B向实体A发送消息1; 2）实体A在接收到消息1之后向可信第三方TP发送消息2; 3）受信任的第三方TP在接收到消息2后检查实体A的有效性; 4）可信第三方TP在检查实体A的有效性之后向实体A返回消息3; 5）实体A在接收到消息3之后向实体B发送消息4; 6），实体B在接收到消息4后进行验证。公钥的在线检索和认证机制简化了协议的工作状态，通过对实体B认证实现了用户对网络的有效性识别实体A.

35. 发明授权

US08751792B2 Method and system for entity public key acquiring, certificate validation and authentication by introducing an online credible third party 有权
标题翻译：通过引入在线可信的第三方，实体公钥获取，证书验证和认证的方法和系统
公开(公告)号：US08751792B2
公开(公告)日：2014-06-10
申请号：US13499126
申请日：2009-12-14
申请人： Manxia Tie , Jun Cao , Zhenhai Huang , Xiaolong Lai
发明人： Manxia Tie , Jun Cao , Zhenhai Huang , Xiaolong Lai
IPC分类号： H04L29/06
CPC分类号： H04L9/3213 , H04L9/3268 , H04L63/0823
摘要： A method and system for entity public key acquiring, certificate validation and authentication by introducing an online credible third party is disclosed. The method includes the following steps: 1) an entity B transmits a message 1 to an entity A; 2) the entity A transmits a message 2 to a credible third party TP after receiving the message 1; 3) the credible third party TP determines the response RepTA after receiving the message 2; 4) the credible third party TP returns a message 3 to the entity A; 5) the entity A returns a message 4 to the entity B after receiving the message 3; 6) the entity B receives the message 4; 7) the entity B transmits a message 5 to the entity A; 8) the entity A receives the message 5. The present invention can achieve public key acquisition, certificate validation and authentication of the entity by integrating them in one protocol, thereby facilitate the execution efficiency and the effect of the protocol and facilitate the combination with various public key acquisition and public key certificate state enquiry protocols. The present invention suits with a “user-access point-server” access network structure to meet the authentication requirement of the access network.
摘要翻译：公开了通过引入在线可信第三方实体公钥获取，证书验证和认证的方法和系统。该方法包括以下步骤：1）实体B向实体A发送消息1; 2）实体A在接收到消息1之后向可信第三方TP发送消息2; 3）可靠的第三方TP确定收到消息后的回复RepTA 2; 4）可信第三方TP向实体A返回消息3; 5）实体A在接收到消息3之后向实体B返回消息4; 6）实体B接收消息4; 7）实体B向实体A发送消息5; 8）实体A接收消息5.本发明可以通过在一个协议中集成实现公钥获取，证书验证和认证，从而促进协议的执行效率和效果，并促进与各种协议的组合公开密钥获取和公钥证书状态查询协议。本发明适用于“用户接入点 - 服务器”接入网络结构，以满足接入网络的认证要求。

36. 发明授权

US08392710B2 Entity bidirectional-identification method for supporting fast handoff 有权
标题翻译：实体双向识别方法支持快速切换
公开(公告)号：US08392710B2
公开(公告)日：2013-03-05
申请号：US12994712
申请日：2009-05-27
申请人： Manxia Tie , Jun Cao , Zhenhai Huang , Xiaolong Lai
发明人： Manxia Tie , Jun Cao , Zhenhai Huang , Xiaolong Lai
IPC分类号： H04L9/32
CPC分类号： H04L9/0844 , H04L9/3213 , H04L9/3263 , H04L9/3273 , H04L63/0823 , H04L63/0869 , H04W12/06
摘要： An entity bidirectional-identification method for supporting fast handoff involves three security elements, which includes two identification elements A and B and a trusted third party (TP). All identification entities of a same element share a public key certification or own a same public key. When any identification entity in identification element A and any identification entity in identification element B need to identify each other, if identification protocol has never been operated between the two identification elements that they belong to respectively, the whole identification protocol process will be operated; otherwise, interaction of identification protocol will be acted only between the two identification entities. Application of the present invention not only centralizes management of public key and simplifies protocol operation condition, but also utilizes the concept of security domain so as to reduce management complexity of public key, shorten identification time and satisfy fast handoff requirements on the premises of guaranteeing security characteristics such as one key for every pair of identification entities, one secret key for every identification and forward secrecy.
摘要翻译：用于支持快速切换的实体双向识别方法涉及三个安全元件，其包括两个识别元件A和B以及可信第三方（TP）。同一元素的所有识别实体共享公钥证书或拥有相同的公钥。当识别元素A中的任何识别实体和识别元素B中的任何识别实体需要彼此识别时，如果识别协议在它们所属的两个识别元素之间从未被操作，则整个标识协议过程将被操作; 否则，识别协议的交互将仅在两个识别实体之间起作用。本发明的应用不仅集中了公钥的管理，简化了协议的运行状况，而且利用了安全域的概念，降低了公钥的管理复杂度，缩短了识别时间，满足了保证安全性的前提下的快速切换要求特征如每对识别实体的一个密钥，每个识别和转发保密的一个秘密密钥。

37. 发明授权

US08312278B2 Access authentication method applying to IBSS network 有权
标题翻译：访问IBSS网络的认证方法
公开(公告)号：US08312278B2
公开(公告)日：2012-11-13
申请号：US12740082
申请日：2008-10-30
申请人： Manxia Tie , Jun Cao , Xiaolong Lai , Jiandong Li , Liaojun Pang , Zhenhai Huang
发明人： Manxia Tie , Jun Cao , Xiaolong Lai , Jiandong Li , Liaojun Pang , Zhenhai Huang
IPC分类号： H04L9/32
CPC分类号： H04W12/06 , H04L63/1466 , H04L63/162 , H04W12/04 , H04W84/12
摘要： An access authentication method applying to IBSS network involves the following steps of: 1) performing authentication role configuration for network entities; 2) authenticating an authentication entity and a request entity that have been performed the authentication role configuration via an authentication protocol; and 3) after finishing the authentication, the authentication entity and the request entity perform the key negotiation, wherein, the message integrity check field and protocol synchronization lock-in field are added in a key negotiation message. The access authentication method applying to IBSS network provided by the invention has the advantages of the better safeness and the higher execution efficiency.
摘要翻译：适用于IBSS网络的接入认证方法包括以下步骤：1）对网络实体进行认证角色配置; 2）通过认证协议认证已经执行认证角色配置的认证实体和请求实体; 和3）认证完成后，认证实体和请求实体进行密钥协商，其中消息完整性检查字段和协议同步锁定字段被添加到密钥协商消息中。适用于本发明提供的IBSS网络的接入认证方法具有安全性更高，执行效率更高的优点。

38. 发明申请

US20120278623A1 METHOD AND SYSTEM FOR SECRET COMMUNICATION BETWEEN NODES 有权
标题翻译： NODES之间的秘密通信的方法和系统
公开(公告)号：US20120278623A1
公开(公告)日：2012-11-01
申请号：US13516967
申请日：2010-06-02
申请人： Manxia Tie , Jun Cao , Oin Li , Li Ge , Zhenhai Huang
发明人： Manxia Tie , Jun Cao , Oin Li , Li Ge , Zhenhai Huang
IPC分类号： H04L9/32 , H04L12/56
CPC分类号： H04L63/0464 , H04L9/0827 , H04L45/26 , H04L63/0435 , H04L63/0471 , H04L63/062 , H04L63/162
摘要： The present invention discloses a method and system for secret communication between nodes in a wired Local Area Network (LAN). The method of secret communication between nodes in the wired LAN includes the following steps: 1) a sharing key is established; 2) the route probe is exchanged; 3) the data communication is classified; 4) the secret communication is processed among the nodes. According to the different communication situations among the nodes, the method of secret communication between nodes provided in the present invention can process the classification and select an appropriate secret communication strategy; compared with per-hop encryption, the calculation load of the exchange equipment is reduced, and the transmission delay of data packets is shortened; compared with the method that inter-station keys are established in pairs of nodes in order to protect the communication secret, the key number is reduced, and the key management is simplified.
摘要翻译：本发明公开了一种用于有线局域网（LAN）中的节点之间的秘密通信的方法和系统。有线局域网节点之间的秘密通信方法包括以下步骤：1）建立共享密钥; 2）交换路由探测器; 3）数据通信分类; 4）节点之间处理秘密通信。根据节点之间不同的通信情况，本发明提供的节点之间的秘密通信方法可以处理分类并选择适当的秘密通信策略; 与每跳加密相比，交换设备的计算负载减少，数据包的传输延迟缩短; 与站间密钥建立成对节点的方法相比，为了保护通信秘密，密钥号码减少，密钥管理简化。

39. 发明申请

US20120198240A1 METHOD AND SYSTEM FOR ENTITY PUBLIC KEY ACQUIRING, CERTIFICATE VALIDATION AND AUTHENTICATION BY INTRODUCING AN ONLINE CREDIBLE THIRD PARTY 有权
标题翻译：通过引入在线可信第三方的实体公共关键获取方法和系统，证书的验证和认证
公开(公告)号：US20120198240A1
公开(公告)日：2012-08-02
申请号：US13499126
申请日：2009-12-14
申请人： Manxia Tie , Jun Cao , Zhenhai Huang , Xiaolong Lai
发明人： Manxia Tie , Jun Cao , Zhenhai Huang , Xiaolong Lai
IPC分类号： H04L9/30
CPC分类号： H04L9/3213 , H04L9/3268 , H04L63/0823
摘要： A method and system for entity public key acquiring, certificate validation and authentication by introducing an online credible third party is disclosed. The method includes the following steps: 1) an entity B transmits a message 1 to an entity A; 2) the entity A transmits a message 2 to a credible third party TP after receiving the message 1; 3) the credible third party TP determines the response RepTA after receiving the message 2; 4) the credible third party TP returns a message 3 to the entity A; 5) the entity A returns a message 4 to the entity B after receiving the message 3; 6) the entity B receives the message 4; 7) the entity B transmits a message 5 to the entity A; 8) the entity A receives the message 5. The present invention can achieve public key acquisition, certificate validation and authentication of the entity by integrating them in one protocol, thereby facilitate the execution efficiency and the effect of the protocol and facilitate the combination with various public key acquisition and public key certificate state enquiry protocols. The present invention suits with a “user-access point-server” access network structure to meet the authentication requirement of the access network.
摘要翻译：公开了通过引入在线可信第三方实体公钥获取，证书验证和认证的方法和系统。该方法包括以下步骤：1）实体B向实体A发送消息1; 2）实体A在接收到消息1之后向可信第三方TP发送消息2; 3）可靠的第三方TP确定收到消息后的回复RepTA 2; 4）可信第三方TP向实体A返回消息3; 5）实体A在接收到消息3之后向实体B返回消息4; 6）实体B接收消息4; 7）实体B向实体A发送消息5; 8）实体A接收消息5.本发明可以通过在一个协议中集成实现公钥获取，证书验证和认证，从而促进协议的执行效率和效果，并促进与各种协议的组合公开密钥获取和公钥证书状态查询协议。本发明适用于“用户接入点 - 服务器”接入网络结构，以满足接入网络的认证要求。

40. 发明申请

US20110243330A1 AUTHENTICATION ASSOCIATED SUITE DISCOVERY AND NEGOTIATION METHOD 有权
标题翻译：认证相关的套装发现和谈判方法
公开(公告)号：US20110243330A1
公开(公告)日：2011-10-06
申请号：US13133890
申请日：2009-12-08
申请人： Yanan Hu , Jun Cao , Yuelei Xiao , Manxia Tie , Zhenhai Huang , Xiaolong Lai
发明人： Yanan Hu , Jun Cao , Yuelei Xiao , Manxia Tie , Zhenhai Huang , Xiaolong Lai
IPC分类号： H04W12/06 , H04W12/04
CPC分类号： H04W12/04 , H04W12/06
摘要： An authentication associated suite discovery and negotiation method for ultra wide band network. The method includes the following steps of: 1) adding a pairwise temporal key PTK establishment IE and a group temporal key GTK distribution IE in an information element IE list of an initiator and a responder, and setting a corresponding information element identifier ID, and 2) an authentication associated process based on the authentication associated suite discovery and negotiation method. The authentication associated suite discovery and negotiation method for ultra wide band network provided by the present invention can provide the discovery and negotiation functions of a security solution to the network so as to satisfy all kinds of application requirements better when multiple pairwise temporal key PTK establishing plans or multiple group temporal key GTK distributing plans co-exist.
摘要翻译：用于超宽带网络的认证相关套件发现和协商方法。该方法包括以下步骤：1）在发起者和应答者的信息元素IE列表中添加成对的时间密钥PTK建立IE和组时间密钥GTK分布IE，并设置相应的信息元素标识符ID，2 ）基于认证相关套件发现和协商方法的认证关联过程。本发明提供的用于超宽带网络的认证相关套件发现和协商方法可以向网络提供安全解决方案的发现和协商功能，以便在多对成对临时密钥PTK建立计划时更好地满足各种应用需求或多组时态密钥GTK分发计划并存。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式