The authentication method objects

 

(57) Abstract:

The invention relates to the field of cryptography, namely the authentication of objects, and can be used as a separate element when building authentication systems designed to identify correspondents in communication networks. The technical result - reducing time authentication. For this authentication method objects involves the preliminary formation of the first and second offset points of the original data, generating random numbers to compute public keys of communication and the formation of both corresponding points of the session keys using the stored public keys of communication with the generated random numbers corresponding points. 2 C.p. f-crystals, 36 ill.

The invention relates to the field of cryptography, namely the authentication of objects, and can be used as a separate element when building authentication systems intended for authentication (identification) of objects (correspondents) in communication networks.

The proposed authentication method can be used in authentication systems, in the case of osteodentin network or communication direction, who have the legal right to conduct information exchange in the context of interception offender information transmitted over communication channels.

Known authentication method, described, for example, in the book romanet Y. C. , P. Timofeev A., Shangin C. F. Protection of information in computer systems and networks. /Ed. by C. F. Shangina. - M.: Radio and communication, 1999, pp. 150-152. The known method involves the preliminary formation of the first offset point source data: module a finite group n, s secret and open v keys, and the subsequent transfer over a secure channel (secure channel is a communication channel, in which there is no interception by the enemy) on the second offset point to the copy of the public key v. If authentication is necessary, the first offset point to a random number g and then on the basis of r and n, it calculates the number X. the Computed x is transmitted over an open channel to the second offset point, which is formed by a random binary sequence b, which is transmitted to the first offset point. On the first corresponding point based on a secret key s, the random number r, the modulus n and a random binary is respondendum item is checked for correct calculation of the number. If the verification fails, then the connection is broken. These steps (except for pre-forming the original data) are repeated t times, until the second offset point will not be convinced that the first offset point really knows the secret key s. The method allows for the authentication of objects with zero transfer of knowledge about the secret key.

However, the known method provides only unilateral authentication, in addition, with the increased probability of errors in open communication channel on which the exchanged messages, the execution time of the Protocol increases sharply.

Also known authentication method, described, for example, in the book by A. Menezes, P. van Oorschot, S. Vanstone. Handbook of Applied Cryptography. CRC Press, N. Y.,1996, p.508. The known method involves the preliminary formation on both the offset points secret and public key encryption, identity of the respective parties and the subsequent mutual exchange of copies of public keys over a secure channel. If authentication is necessary, the first offset point is formed by the first symmetric session key, which is combined by concatenation with identificirane second offset point. The encrypted message is transmitted to the second offset point where it is decrypted using the secret key encryption. Then checked the ID, and then formed the second symmetric session key, which is combined by concatenation with the decision of the first symmetric session key. The received message is encrypted using the public encryption key of the first corresponding point and is transmitted to the first offset point. On the first offset point received message is decrypted using the secret key encryption. Then check the correct transmission of the first symmetric session key. If successful, the outcome of the review the second symmetric session key is encrypted using the public encryption key of the second offset point. The resulting encrypted message is transmitted to the second offset point where it is decrypted using the secret key encryption. Then you test the correctness of the second symmetric session key. If successful, the outcome of the test on both the offset points to use the AET mutual authentication correspondents with high resistance.

However, when a large number of correspondents communication network known method requires either large amounts of storage devices for storing a public encryption keys of all correspondents, or third party for secure distribution of public keys correspondents.

The closest in technical essence to the claimed method of authentication objects is the authentication method X. 509, described, for example, in the book by A. Menezes, P. van Oorschot, S. Vanstone. Handbook of Applied Cryptography. CRC Press, N. Y.,1996, pp.510, 511.

Prototype method involves the preliminary formation on both corresponding points of the original data, the first offset point formation identification message (IP), the formation of IP authenticated message (CS) and its transmission to the second corresponding point on the second offset point inspection AP, verification IP, the formation of IP formation of CS IP transfer CS on the first corresponding point on the first offset point inspection AP, verification IP and next generation at both the offset points of the session key.

Preliminary baseline data is to create and is its public key (key) digital signature and / or encryption), secret and public key encryption, secret and public key of electronic digital signature (EDS) corresponding offsetting item, prior to transfer via a secure channel identifier of the first corresponding point on the second corresponding point and the second corresponding point on the first, and prior to transfer via a secure channel to the first offset point to the copy of the public encryption key of the second offset point.

Generation of initial data corresponding points can be done as participation of a third party (a third party - the party that is trusted by both the offset point and which is not directly involved in the information exchange between them), and without its participation, independently on the corresponding points. However, the formation of the certificates is only possible with the participation of a third party.

The formation of IP generation and checking CS, IP check on both the offset points are identical.

The formation of the identification message is to generate random numbers, develop their symmetric key, memorizing and W and obtain IP by concatenation (concatenation - serial connection to the right sequences to each other) random numbers, its encrypted symmetric key, a timestamp and an identifier opposite the offset of the item.

The formation of the certified message is in the formation using its private key digital signature, digital signature IP and obtain CS by concatenating the IP, its digital signature and its certificate.

Check the verified message is the division of CS on the certificate is opposite to the offset point, the identification message and its digital signature, the certificate validation opposite corresponding paragraph in the case of successful validation, the allocation of a public key digital signature opposite the offset of the item, and also check the digital signature of the IP.

Check the ID of the message lies in its division into a random number, the encrypted symmetric key, a timestamp and an identifier, the verification of compliance adopted as part of the IP of your ID, the validation timestamp (validation premenopause and transfer), as well as checking the novelty of random numbers (check novelty random number - verifying that the random number is not repeated within a certain time period). In case of successful outcome of the above checks are accepted as part of IP encrypted symmetric key is decrypted and stored.

In case of failure of any of the above checks the connection between corresponding points is broken.

Formation session key is based on the produced two corresponding points of the symmetric keys.

Prototype method provides mutual authentication correspondents with high resistance and, in addition, allows you to generate the session key is further encrypted communication.

The disadvantage of the prototype of the claimed method is a relatively long time authentication of objects, that due to the large execution time and error-free transmission over channels with errors certified message having a greater length. (In systems of public key cryptography, have high resistance, the cryptogram is long. Consequently, the use of such systems for encryption simme. the switching part identification message timestamp and a random number also increases its length). In addition, the use of timestamps leads to the necessity of synchronization of timers corresponding points.

The purpose of the claimed technical solution is to develop a method of authentication objects, providing a reduction in time authentication.

This objective is achieved in that in the known method of authentication objects, namely, that on the first and second corresponding points of the pre-form the original authentication data, including private and public keys, digital signature certificate, the identity of both the offset points to the first offset point generate a random number, form identification message and using the secret key of electronic digital signature generate digital signature identification message, then by concatenating the pre-generated certificate, identification message and its digital signature form notarized message, which is transmitted to the second koriat, the identification message and its digital signature, verify the certificate, and after checking out from the certificate's public key digital signature, which verifies the digital signature identification messages, share identification message, check the ID, in case of positive tests generate a random number, form identification message and using the secret key of electronic digital signature generate digital signature identification message, then by concatenating the pre-generated certificate, identification message and its digital signature form notarized message, which is passed to the first corresponding point, on the first corresponding paragraph adopted the certified message share certificate, the identification message and its digital signature, verify the certificate, and after checking out from the certificate's public key digital signature, which verifies the digital signature identification messages, share identification message, check the ID manually the x data form a large Prime number and a primitive element of the multiplicative group in the Galois field GF(p). On the first offset point after random number generation compute the public key of the communication. The identification message is formed by the concatenation of the pre-generated identifier of the second offset points and the calculated public key connection. After checking the digital signature identification message share identification message on the ID and the public key of the communication, in case of successful verification identifier remember the public key of the communication. On the second offset point after random number generation compute the public key of the communication. The identification message is formed by the concatenation of the pre-generated identifier of the first corresponding point and the calculated public key connection. After checking the digital signature identification message share identification message on the ID and the public key of the communication, in case of successful verification identifier remember the public key of the communication. The session key on both corresponding points form a stored public key of the communication and the generated random number. Both the offset points to the open R - a large Prime number - generating element of the multiplicative group of the Galois field GF(p), riis generated at the i-th corresponding point random number. On the first and second offset points of the session key is formed by calculating according to the formula:

< / BR>
< / BR>
where k is the session key, k2- the public key of the communication of the second offset point, k1- the public key of the communication of the first offset point, r1, is generated at the first offset point random number, r2is generated at the second offset point random number, p is a large Prime number.

Specified a new set of essential features through the use of random numbers during the formation of the public keys of communication, and the creation of a session key using the stored public keys of communication and the generated random number corresponding points will reduce the time of authentication of objects.

The analysis of the level of technology has allowed to establish that the analogues, characterized by a set of characteristics is identical for all features of the claimed solution, no that indicates compliance C the areas of technology with the purpose of revealing of signs, coinciding with the distinctive features of the prototype features of the claimed method, showed that they do not follow explicitly from the prior art. The prior art also revealed no known effect provided the essential features of the claimed invention transformations on the achievement of the technical result. Therefore, the claimed invention meets the condition of patentability "inventive step".

The claimed method is illustrated by figures that show:

figure 1 - timing diagram of the formation of large Prime numbers;

figure 2 - timing diagram of the formation of the primitive element of the multiplicative group in the Galois field GF(p);

on the figure 3 - timing diagram of the formation of secret-key digital signature of the first corresponding point (I, KP);

on the figure 4 - timing diagram of the formation of public key signature I KP;

on the figure 5 - timing diagram of the formation of identity I KP;

in figure 6 - timing diagram of the formation of the certificate I KP;

in figure 7 - timing diagram of the formation of secret-key digital signature of the second offset point (II KP);

in the figure 8 - timing diagram of four is>/BR>figure 10 - timing diagram of the formation of the certificate II KP;

figure 11 - timing diagram of the generation of random numbers for I KP;

figure 12 is a timing chart of the calculation of the public key of the connection (ACS) on the I KP;

figure 13 is a timing diagram of the formation of an identification message to the I KP;

figure 14 is a timing chart of forming EDS identification message on the I KP;

figure 15 is a timing diagram of the formation of the certified message to the I KP;

figure 16 is a timing chart of admission to II KP certified message from the I KP;

figure 17 is a timing chart division II KP certified messages I KP certificate, the identification message and its digital signature;

figure 18 - illustration explaining procedure of verification II KP certificate I KP;

figure 19 is a timing chart selection II CP from a received as part of CS public key certificate signature I KP;

figure 20 - illustration explaining procedure of verification II KP electronic digital signature IC I CP;

figure 21 is a timing chart division II KP identification message I KP on ID and OAKS;

figure 22 - illustration explaining procedure of verification II KP Eden;

figure 24 is a timing chart of the calculation of the public key communication II KP;

figure 25 is a timing chart of the formation of IP II KP;

figure 26 is a timing chart of forming EDS identification message II KP;

figure 27 is a timing chart of the formation of CS on II KP;

figure 28 is a timing chart of the reception at the I KP certified messages from II KP;

figure 29 is a timing chart division I KP certified messages II KP certificate, the identification message and its digital signature;

figure 30 is a drawing to explain the procedure for checking on the I KP certificate II KP;

in the figure 31 is a timing chart of the selection I KP from the certificate received in the composition of the CS public key signature II KP;

figure 32 is a drawing to explain the procedure for checking on the I KP electronic digital signature IP II KP;

figure 33 is a timing chart division I KP adopted in the composition of the AP identification message II KP ID and OAKS;

figure 34 is a drawing to explain the procedure for checking on the I KP identifier received in the EB II KP;

figure 35 is a timing chart of the formation of a session key at the I KP;

figure 36 is a timing chart of the formation with the tees, belonging to the first offset point, the letter "b" belonging to the second offset point. On the figures the shaded pulse represents a binary symbol "1" and where there's no shading - binary pulse "On". Reducing the "send" and "PfP" mean respectively the transmission and reception of messages.

The implementation of the inventive method consists in the following. The time authentication object includes the time of formation of the certified message transmission and processing times at the reception, as well as their error-free transmission, which, in turn, depends on the length LC, baud rate and error probability in the channel. Reducing the length of CS leads to a reduction of the execution time of each stage in the authentication of objects and, therefore, can significantly reduce the total time of authentication. The shortening of the AP, including the certificate, the identification message and its digital signature, possibly by reducing the lengths of its constituent sequences. However, reducing the length of the certificate and digital signature decreases their cryptographic resistance to possible enemy attacks. In turn, the identification message config contains the symmetric key. Reducing the length of the ID is only possible by reducing the number of correspondents in the network and reducing the length of the encrypted symmetric key using asymmetric encryption methods reduce the resistance of its encryption. Therefore, to reduce the time of authentication of objects you want to exclude the encrypted symmetric key and use the public keys of communication generated from random numbers method Diffie-Hellman session key to form the corresponding points after the exchange of the public keys of communication.

In the proposed method the authentication object to reduce the time authentication is implemented by the following sequence of actions.

At the preliminary stage, for example, when planning communication or user registration on the first and second offset points to form the original data. The formation of the source data occurs with the participation of a third party (Central authentication) and consists in the following. In the authentication center generates a large Prime number p (see Fig.1) and compute a primitive element of the multiplicative group in the Galois field GF(p) (see Fig.2). Known methods of generating primes op is ilenia primitive element of the multiplicative group in the Galois field GF(p) is described, for example, in this same book on pp. 160-164. The values of the Prime number p and a primitive element of the multiplicative group are common to both KP and if KP operate within a telecommunication system, as a rule, these values are common to all users of the system. Generate the secret key signature I KP (see Fig.3). Form a public key digital signature I KP (see Fig. 4). Known methods of forming a secret and a public key digital signature is described, for example, in the book of Romanee Y. C., P. Timofeev A., Shangin C. F. Protection of information in computer systems and networks. /Ed. by C. F. Shangina. - M.: Radio and communication, 1999, pp. 162 - 171. Form ID I KP (see Fig.5). The ID must satisfy the uniqueness requirement in the framework of the telecommunication system, in which it is used. Known methods of forming the identifiers described, for example, in the book romanet Y. C., P. Timofeev A. , Shangin C. F. Protection of information in computer systems and networks/ edited by C. F. Shangina. - M.: Radio and communication, 1999, page 232. Form certificate I KP (see Fig.6). The certificate uniquely associates the ID of the corresponding KP with its public key digital signature. Known methods of forming the certificate described, for example, in the book by A. Menezes is open (see Fig.8) key signature, identifier (see Fig.9) and the certificate (see Fig.10) II CP. Passed over a secure channel to the corresponding KP values a large Prime number p and a primitive element of the multiplicative group in the Galois field GF(p), its certificate, a private and public key signature, and the identifiers I and II KP.

The formation of the source data can be produced and at corresponding points with the subsequent exchange of the necessary data (e.g., identifiers) in a secure way. However, the formation of the certificate is made only with the participation of a third party.

At the beginning of the communication session at the I KP (calling) generate a random number (see Fig.11). Known methods of generating random numbers is described, for example, in the book by D. Knuth. The art of computer programming on the mainframe. - M.: Mir, 1977, so 2, page 22. Compute the public key of the communication I KP (see Fig.12 (a) by the formula where k1- public key 1 KP (see Fig.12 b), p is a large Prime number (see Fig.1), - generating element of the multiplicative group of the Galois field GF(p) (see Fig.2), r1- generated random number (see Fig. 11). Known methods of discrete exponentiation are described, for example, in the book introduction to the KRG. 13) by the concatenation of the pre-formed identifier II KP (see Fig.9) and the calculated public key connection. Using his secret key signature (see Fig.3) form a digital signature identification message (see Fig. 14 a). Known methods of forming the digital signature is described, for example, in the book romanet Y. C., P. Timofeev A., Shangin C. F. Protection of information in computer systems and networks. /Ed. by C. F. Shangina. - M.: Radio and communication, 1999, pp. 162 - 171. Form certified message (see Fig.15) by the concatenation of its certificate (see Fig.6), identification of the message (see Fig 13) and its signature (see Fig.14 b) and pass it on II KP. Known methods of transmission sequences via communication channels with errors described, for example, in the book A. Suko, D. Klovsky, M. Nazarov, L. Fink. theory of signal transmission. M.: Radio and communication, 1986, page 11.

On II KP (callable) received authenticated message I KP (see Fig.16) share (see Fig. 17 a) on the certificate (see Fig.17 b), the identification message (see Fig.17) and its signature (see Fig.17 g). Check the certificate I KP (see Fig.18). Extracted from the certificate's public key digital signature I KP (see Fig.19). Known methods of certificate validation and allocation of public key digital signature is described, for example, in the book by A. Menezes, P. van digital signature identification message (see Fig.20). Known methods of verifying the digital signature described, for example, in the book romanet Y. C., P. Timofeev A., Shangin C. F. Protection of information in computer systems and networks. /Ed. by C. F. Shangina. - M. : Radio and communication, 1999, pp. 162 - 171. Share identification message (see Fig.17 g) in ID II KP and the public key of the connection (see Fig.21 a - b). Check (see Fig.22) the ID passed in the EB (see Fig.21), on its compliance with the identifier II KP from the composition of the initial data II KP (see Fig.9). The term "compliance" understand the equality of the corresponding bit sequences. Known methods by-bit comparison are described, for example, in the book of P. Horowitz, U. Hilo. Art circuitry. M. : Mir, so 1, 1983, page 212. When authentication is successful, remember OAKS, adopted as part of the IP (see Fig.21 b). Known methods of storing sequences are described, for example, in the book of L. Maltsev, E., Blomberg, B. Yampolsky. Fundamentals of digital technology. M.: Radio and communication, 1986, page 79. In case of failure of at least one of the above checks the connection between corresponding points is broken.

Further, similarly to the above actions generate a random number (see Fig.23), compute the public key of the communication II KP (see Fig.24 a, b) point multiplicative group in the Galois field GF(p) (see Fig.2), r2- generated random number (see Fig. 23), form identification message (see Fig.25), form a digital signature identification message (see Fig.26 a, b), form the certified message (see Fig.27) and pass it on I KP on which the received authenticated message (see Fig.28) share certificate, the identification message and EDS IC I CP (see Fig.29 a - g), check the certificate (see Fig. 30), extracted from the public key digital signature II KP (see Fig.31 a - b), check digital signature identification message II KP (see Fig.32), shared IP on the ID and the public key of the connection (see Fig.33 a - b), check the ID (see Fig.34).

At the final stage on both corresponding points form the session key (see Fig.35 a, b and Fig.36 a, b) by calculating according to the formula:

< / BR>
< / BR>
where k is the session key, k2- I remembered in the CP's public key communication II KP (see, Fig.33 b), k1- memorized at the second CP is the public key of the communication I KP (see Fig. 21 b), r1is generated at the I KP random number (see Fig.11), r2- generated P KP random number (see Fig.23), p is a large Prime number (see Fig.1). Known methods of discrete exponentiation are described, for example, in the book Introduction to cryptography. / the numbers in the formation of public keys of communication, as well as the formation of a session key using the stored public keys of communication and the generated random number corresponding points reduces the length of the certified message and, consequently, reduces the time of authentication of objects.

1. The authentication method correspondents, namely, that on the first and second corresponding points of the pre-form the original authentication data, including private and public keys, digital signature certificate, the identity of both the offset points to the first offset point generate a random number, form identification message and using the secret key of electronic digital signature generate digital signature identification message, then by concatenating the pre-generated certificate, identification message and its digital signature form notarized message, which is passed to the second offset point on the second corresponding paragraph adopted the certified message share certificate, the identification message and electronic digital signature, which verifies the digital signature identification messages, share identification message, check the ID, in case of positive tests generate a random number, form identification message and using the secret key of electronic digital signature generate digital signature identification message, then by concatenating the pre-generated certificate, identification message and its digital signature form notarized message, which is passed to the first corresponding point on the first corresponding paragraph adopted the certified message share certificate, the identification message and its digital signature, examine the certificate and, after checking out from the certificate's public key digital signature, which verifies the digital signature identification messages, share identification message, check ID, and then both corresponding points form a session key, wherein optionally the composition of the original data form a large Prime number is the generation of random numbers, using a large Prime number and a primitive element of the multiplicative group in the Galois field GF(p) compute the public key of the communication, and the identification message is formed by the concatenation of the pre-generated identifier of the second offset points and the calculated public key connection, then after checking the digital signature identification message share identification message on the ID and the public key of the communication, in case of successful verification identifier remember the public key of the communication, and the second corresponding point after random number generation compute the public key of the communication, and the identification message is formed by the concatenation of the pre-generated identifier of the first corresponding point and the calculated public key communication after checking the digital signature identification messages, share identification message on the ID and the public key of the communication, in the case of successful validation, remember the public key of the communication, and the session key on both the offset points are formed from the stored public key of the communication and the generated random number.

i- the public key of the relation, i= 1,2 is the number of the corresponding point p is a large Prime number - generating element of the multiplicative group of the Galois field GF(p), riis generated at the i-th corresponding point random number.

3. The method according to p. 1 or 2, characterized in that the first and second offset points of the session key is formed by calculating according to the formula

< / BR>
< / BR>
where k is the session key, k2- the public key of the communication of the second offset point, k1- the public key of the communication of the first offset point, r1is generated at the first offset point random number, r2is generated at the second offset point random number, p is a large Prime number.

 

Same patents:

The invention relates to distributed information and control systems (RIUS), mainly to RIUS, operating in real time, and can be used in various application systems, operating confidential information

The invention relates to distributed information and control systems (RIUS), mainly to RIUS, operating in real time, and can be used in various application systems, operating information of a confidential nature

The invention relates to distributed information and control systems (RIUS), mainly to RIUS with "star" topology, operating information of a confidential nature

The invention relates to distributed information and control systems (RIUS), mainly to RIUS, operating in real time, and can be used in various application systems, operating information of a confidential nature

The invention relates to communication between a mobile user through a computer network, in particular, it relates to a method and device that enables secure authentication of the mobile user in a communication network

The invention relates to access control in a computer system

The invention relates to distributed information and control systems (RIUS), mainly to RIUS, operating in real time, and can be used in various application systems, operating information of a confidential nature

The invention relates to the field of computer engineering and can be used when building secure corporate virtual private networks, using as braced infrastructure public access network, in particular the Internet

The invention relates to computing, and in particular to information and computer systems and networks, and can be used in part integrity monitoring for protection of information resources in workstations, informational, and functional servers

The invention relates to computing

The invention relates to distributed information and control systems (RIUS), mainly to RIUS, operating in real time, and can be used in various application systems, operating confidential information

The invention relates to distributed information and control systems (RIUS), mainly to RIUS, operating in real time, and can be used in various application systems, operating information of a confidential nature

The invention relates to gain access to resources of a computer system or a computer (computing) network, which is protected by a firewall, in response to requests from objects outside the firewall

The invention relates to communication technology and can be used for input and storage of confidential information, including shirokiya

The invention relates to railway automatics and is used in the management of vehicles

The invention relates to computing, and in particular to information and computer systems and networks, and can be used to protect information resources in workstations, informational, and functional (for example, a dedicated secure server, Proxy server, firewall, and t

The invention relates to computing, and in particular to information and computer systems and networks, and can be used for implementing the principles of distributed resources protection of computer systems and networks

Processor // 2248608

FIELD: computers, data protection.

SUBSTANCE: processor has bus interface device, device for selection/decoding of commands, device for dispatching/execution, program string decoding device, which string is selected from program and loaded in first levels command cash, which contains a set of N two-input elements XOR, keys memory, storing different N-bit decoding keys.

EFFECT: higher efficiency.

2 dwg

Up!