The authentication method objects

 

(57) Abstract:

The invention relates to the field of cryptography, namely the authentication of objects, and can be used as a separate element when building authentication systems designed to identify correspondents in communication networks. The technical result - ensuring high resistance to potential impacts of the enemy in terms of authentication objects in real-time, while working on channels with low bandwidth. For this authentication method objects involves the preliminary formation of the source data center authentication involving the parameters of the electronic digital signature and authentication information, the generation of initial data corresponding points, including identification messages, certificates, and authentication information corresponding points. This ensures that communication that eliminates the transfer of an open communication channel with limited bandwidth encrypted session key and provides it to the corresponding points independently from each other, which improves stoeltie relates to the field of cryptography, namely, the authentication objects, and can be used as a separate element when building authentication systems intended for authentication (identification) of objects (correspondents) in communication networks.

The proposed authentication method can be used in authentication systems, in the case of communication between legitimate correspondents (legitimate correspondents correspondent network or communication direction, who have the legal right to conduct information exchange in the context of interception offender information transmitted over communication channels.

Known authentication method, described, for example, in the book romanet Y. C. , P. Timofeev A., Shangin C. F. Protection of information in computer systems and networks/ edited by C. F. Shangina. - M.: Radio and communication, 1999, pp. 150-152. The known method involves the preliminary formation of the first offset point source data: module a finite group n, s secret and open v keys, and the subsequent transfer over a secure channel (secure channel is a communication channel, in which there is no interception by the enemy) on the second offset point mine is tea number r and then on the basis of r and n, it calculates the number x. The calculated x is transmitted over an open channel to the second offset point, which is formed by a random binary sequence b, which is transmitted to the first offset point. On the first corresponding point based on a secret key s, the random number r, the modulus n and a random binary sequence b is the number y, which is transmitted to the second offset point. On the second offset point is checked for correct calculation of the number y. If the verification fails, then the connection is broken. These steps (except for pre-forming the original data) are repeated t times, until the second offset point will not be convinced that the first offset point really knows the secret key s. The method allows for the authentication of objects with zero transfer of knowledge about the secret key.

However, the known method provides only unilateral authentication, in addition, with the increased probability of errors in open communication channel on which the exchanged messages, the execution time of the Protocol increases sharply.

Also known authentication method, described, for example, in the book of A. is frmirovanii on both the offset points secret and public key encryption, identifying messages relevant parties, and the subsequent exchange of copies of public keys over a secure channel. If authentication is necessary, the first offset point is formed by the first symmetric session key, which is combined by concatenation (concatenation, a serial link to the right of the sequences to each other), with the identification message of the first offset point. The received message is encrypted using the public encryption key of the second offset point. The encrypted message is transmitted to the second offset point where it is decrypted using the secret key encryption. Then check the correctness of the identification message, and then formed the second symmetric session key, which is combined by concatenation, with the decision of the first symmetric session key. The received message is encrypted using the public encryption key of the first corresponding point and is transmitted to the first offset point. On the first offset point received message is decrypted using his secret is With the successful outcome of the review the second symmetric session key is encrypted using the public encryption key of the second offset point. The resulting encrypted message is transmitted to the second offset point where it is decrypted using the secret key encryption. Then you test the correctness of the second symmetric session key. If successful, the outcome of the test on both corresponding points using the first and second symmetric session key is generated shared session key. The method provides mutual authentication correspondents with high resistance.

However, when a large number of correspondents communication network known method requires large amounts of storage devices for storing a public encryption keys of all correspondents.

The closest in technical essence to the claimed method of authentication objects is the authentication method of Bellera-Jacobi described, for example, in the book by A. Menezes, P. van Oorschot, S. Vanstone. Handbook of Applied Cryptography. CRC Press, N. Y., 1996, pp. 512-514.

Prototype method involves the preliminary formation of the source data center authentication (authentication center (CA, third party) - the object of the telecommunication network is not involved in the information exchange between korrespondiruet for them) and identification of messages of the first and second offset points, transfer from Central authentication on the first and second offset points of the original data center authentication and identification messages, the formation of the source data of the first offset point, the formation of the source data of the second offset point, and then authenticate the first corresponding point of the second corresponding point and the second authentication offset first paragraph.

The formation of the source data center authentication and identification messages of the first and second offset points is the simple formation of a large number of nsprimitive element of the multiplicative group in the Galois field GF(ns), parameters of the electronic digital signature (EDS) Central authentication, and public key digital signature of the authentication center is chosen equal to 2 or 3, and forming an identification message of the first and second offset points by assigning each of them a unique name.

Transfer from Central authentication on the first and second offset points of the original data center authentication and identification message is passed to each ), module and the public key digital signature of the authentication center, and the corresponding identification of the message.

The formation of the source data of the first offset point is the formation of a secret-key digital signature of the first offset point by generating a random number, calculates a public key digital signature of the first corresponding point transmission over the secure channel to the center of the authentication public key digital signature of the first offset point, the formation of the Central authentication information part of the first certificate corresponding item by concatenating the corresponding identification message and the public key digital signature of the first offset point, calculating a digital signature of the authenticating authority for the information of the certificate, the formation of the first certificate corresponding item by concatenating the corresponding information part and EDS, the transmission of the first offset point of his certificate.

The formation of the source data of the second corresponding point lies in the formation of encryption with the public key of the second offset point, and the public key the public key, the formation of the Central authentication information of the certificate of the second offset point by concatenating the corresponding identification message and the received encryption module public key, computing a digital signature of the authenticating authority for the information of the certificate, the formation of the certificate of the second offset point by concatenating the corresponding information part and EDS, the transfer to the second offset point of his certificate, the transfer from the second to the first offset point public encryption key of the second offset point.

Authenticating the first corresponding point of the second offset point is the transfer from the second offset points to the first of his certificate, verification of the received certificate, and in case of positive verification splitting on the information part and its digital signature, the division information of the certificate of the second corresponding point on the identification message and the module public key encryption and memorizing, the formation of a session key by generating a first random number of the first offset point, sepereate offset from the first point to the second encrypted session key, decryption on the second offset point with your module and the secret key received encrypted session key and memorize, generating a first random number of the second offset point and memorizing, the formation of a calling message by concatenating the first random number of the second offset point and a sequence of t zeros, the encryption using the session key of the call message and its transmission to the first offset point, decrypt it using the session key received calling message and its division into the first random number of the second offset point and a sequence of t zeros, remembering the first random number of the second offset point and verifying the integrity of a sequence of t zeros. In case of positive verification of the second offset point is considered to be authenticated first offset point.

Authenticating the second corresponding point of the first consists in forming on the first offset point of the message M by concatenating the first random number of the second offset point and its identification with themes of the concatenation digital signature of the message M and the certificate of the first corresponding point, encryption using the session key response message, transmitting the encrypted response message to the second offset point, the decryption using the session key at the second offset point of the received encrypted response message, the separation of the digital signature of the message M and the certificate of the first offset points to validate the certificate of the first corresponding point and in case of positive verification of the separation of his information on the part of administration, division of information of the certificate on the identification message and the public key digital signature of the first offset point, the formation of a message M by concatenating the first random number and the identification message and the second offset points verification using the public key signature of the first corresponding paragraph adopted from his digital signature of the message M If a positive verification of the first offset point is considered to be authenticated second offset point.

In case of negative result of any of the above checks the connection between corresponding points is broken.

Prototype method provides mutual autentifikatsiyasini method is its relatively low resistance to potential impacts of the enemy (possible enemy attack - a set of actions aimed at opening opposed to the content of the communication and / or its modification, and enter false information) in terms of authentication objects in real time when working on channels with low bandwidth due to the transmission through an open channel of communication (public communication channel is a communication channel between two corresponding points, in which information transmitted it available to the enemy to intercept and modify) the encrypted session key. (Limited time authentication of interest arises the need to restrict the order number field (the order number field is the number of its elements), which is used for encryption, then the opponent has the possibility of opening a session key).

The purpose of the claimed technical solution is to develop a method of authentication of objects providing improved resistance to potential impacts of the enemy in terms of authentication objects in real time when working on channels with low bandwidth.

This objective is achieved in that in the known method of authentication onyinye messages for the first and second offset points, as well as the parameters of the electronic digital signature of the authenticating authority, transmit the first and second offset points corresponding identification message and certificates and, in addition, the module and the public key of the electronic digital signature of the authentication center, then from the second to the first offset point to transmit the certificate of the second offset point, check accepted at the first offset point certificate and in case of positive verification generate the first random number of the first offset point, generate a first random number of the second offset point, encrypted using the session key ringing message containing the first random number of the second offset points and transmit the encrypted calling message to the first offset point where it decrypts using the session key, remember the first random number of the second offset points to form a response message, encrypts it with the session key and transmits the encrypted response message to the second offset point; where it decrypts using the session key, the identification message of each of correspondingto non-identifiable characteristic (the identification: the sequence carries information about some characteristic features of the corresponding item (e.g., what function in a telecommunication network). Then, on the Central authentication using a secret key of electronic digital signature for identification messages of the first and second offset points form their digital signature. Then form the certificates of the first and second offset points by concatenating the corresponding identification messages and digital signatures. Then on the centre authentication form authentication information center authentication and authentication information for the first and second offset points. Moreover, for the formation of the authentication information of the authentication center generates a non-zero random numbers, where l= 1, 2, 3... - the desired resistance to komprometatsija authentication information, r=n/d, d is the width of the transmitter in bits, n is the required length of the authentication key in bits and authentification information centre authentication form by concatenating the non-zero random numbers. For the formation of the authentication information is [N](x)}

< / BR>
where N is the number of the corresponding item bi,kh=bi,hk0 - elements of the authentication center authentication, and authentication information corresponding point formed by the concatenation of the corresponding number of coefficients of polynomials { gi[N](x)}. After you send each offset point corresponding certificate they passed over a secure channel corresponding authentication information. Then, when the positive test adopted by the first corresponding point of the certificate of the second offset point divide it into the identification message and the digital signature identification message. Then divide the identification message of the second corresponding point on the number and the identification. Verify the correctness of the identification sign and in case of positive verification memorize the number of the second offset point. On the second offset point generate a second random number of the second offset point and pass it on the first offset point where he remembers. Then pass the first certificate correlat on the identification message and the digital signature identification message. Then divide the identification message of the first corresponding point on the number and the identification. Verify the correctness of the identification sign (check the correctness of the identification of the characteristic - checking the fact that the object really can (or should) have this characteristic), and in case of positive verification memorize the number of the first offset point. Then on the first offset point generate the first random number of the first corresponding point and pass it to the second offset point, where the received first random number of the first offset points to remember. Then both corresponding points form a session key. Moreover, for the formation of the first offset point of a session key is calculated basic authentication keys Kilby substituting the stored numbers of the second corresponding point in the polynomials gi[l](x) instead of the argument x, where I is the number of the first offset points, and Then generate the authentication key by concatenating r basic authentication keys Kiland the session key is formed using the authentication key, the first case is a. For forming the second offset point of a session key is calculated basic authentication keys Killby substituting the stored numbers, the first offset points to the polynomials gi[ll](x) instead of the argument x, where II is the number of the second offset points, and then generate the authentication key by concatenating r basic authentication keys Killand the session key is formed using the authentication key, the first random number of the first corresponding point and the second random number to the second offset point. On the second offset point as a ringing message using the first random number of the second offset point. On the first offset point after storing the first random number of the second offset points generate a second random number of the first offset point, and the response message is formed by the concatenation of the second random number of the first corresponding point and the first random number of the second offset point. On the second offset point decrypting the received response message share nego point. Verify the correctness of the first random number of the second offset point. In case of positive verification remember the second random number of the first corresponding point and encrypts it with the session key. Transmit the encrypted second random number to the first offset points to the first offset point where it decrypts using the session key, verify its correctness, and then both corresponding points form a session key confidential communication. Moreover, the session key confidential communication form using the session key, the second random number of the first corresponding point and the first random number of the second offset point.

Specified a new set of essential features by eliminating transmission over an open communication channel with limited bandwidth encrypted session key and its formation on the corresponding points independently from each other will increase the resistance to possible influences of the enemy.

The analysis of the level of technology has allowed to establish that the analogues, characterized by a set of characteristics that are identical to santopoalo "novelty". Search results known solutions in this and related areas of technology in order to identify characteristics that match the distinctive features of the prototype of the characteristics of the claimed method, showed that they do not follow explicitly from the prior art. The prior art also revealed no known effect provided the essential features of the claimed invention transformations on the achievement of the technical result. Therefore, the claimed invention meets the condition of patentability "inventive step".

The claimed method is illustrated by figures that show:

on the figure 1 - General structure of the proposed method of authentication objects;

figure 2 - timing diagram of the formation parameters of the EDS center authentication (CA);

on the figure 3 - timing diagram of the formation of the first corresponding point (I, KP);

on the figure 4 - timing diagram of the formation of the rooms of the second offset point (II KP);

on the figure 5 - timing diagram of the formation of the identification indication I KP;

in figure 6 - timing diagram of the formation of the identification characteristic II KP;

in figure 7 - timing diagram of casinogo messages II KP;

figure 9 - illustration explaining procedure of forming EDS CA identification message I KP;

figure 10 - illustration explaining procedure of forming EDS CA identification message II KP;

figure 11 - timing diagram of the formation of the certificate I KP;

figure 12 is a timing diagram of the formation of the certificate II KP;

figure 13 is a timing chart of generating a non-zero random number;

figure 14 is a timing chart of forming authentication information (AI) CA;

figure 15 - illustration explaining procedure of calculating the coefficients of the polynomials {gi[l](x)} for I, KP;

figure 16 is a timing diagram of the formation of AU (I KP;

figure 17 is a timing chart of the calculation of the coefficients of the polynomials { gi[ll](x)} for II KP;

figure 18 is a timing diagram of the formation of AI II KP;

figure 19 is a timing chart of transfer certificate II KP I KP;

figure 20 is a timing chart of the reception at the I KP certificate II KP;

figure 21 - illustration explaining procedure of checking on the I KP certificate II KP;

figure 22 is a timing chart explaining the procedure of division I KP certificate II KP;

figure 23 - time of diamine II KP;

figure 25 is a timing chart rooms II KP;

figure 26 is a timing chart of the identification sign II KP;

figure 27 - illustration explaining procedure of checking identification sign II KP;

figure 28 is a timing chart of generating the second random number II KP;

figure 29 is a timing diagram of transmission from II KP and reception at the I KP second random number II KP;

figure 30 is a timing chart of transmission II KP certificate I KP;

in the figure 31 is a timing chart of reception of the certificate I KP on II KP;

figure 32 is a drawing to explain the procedure for checking on II KP certificate I KP;

figure 33 is a timing chart explaining the procedure division II KP certificate I KP;

figure 34 is a timing chart of an identification message I KP;

figure 35 is a timing chart EDS identification message I KP;

figure 36 is a timing chart rooms I KP;

figure 37 is a timing chart of the identification indication I KP;

figure 38 is a drawing explaining a procedure for checking on II KP identification indication I KP;

figure 39 is a timing chart of generating a first random number I, KP;

figure 40 - time) the dock of the formation of basic authentication keys I KP;

figure 42 is a timing chart of the formation of the authentication key I KP;

figure 43 is a drawing explaining the procedure of forming the session key I KP;

figure 44 is a drawing explaining the procedure of forming the underlying authentication keys II KP;

figure 45 is a timing diagram of the formation of the authentication key II KP;

figure 46 is a drawing explaining the procedure of forming the session key II KP;

figure 47 is a timing chart of generating a first random number II KP;

figure 48 - figure illustrating the encryption of the call message II KP;

figure 49 is a timing chart of transfer from II KP encrypted call messages;

figure 50 is a timing chart of the reception at the I KP encrypted call messages;

figure 51 - figure illustrating the procedure of decryption call messages;

figure 52 is a timing chart of the second random number I, KP, taken at II KP as part of the call message;

figure 53 is a timing chart of the response message;

figure 54 - figure illustrating the procedure of encryption II KP response message;

figure 55 is a timing chart of the transmission of encrypted response message;

figure 58 is a timing chart of the second random number I, KP, adopted as part of the response message;

figure 59 is a timing chart of the first random number II KP adopted as part of the response message;

figure 60 - figure illustrating the procedure of verification of the first random number II KP;

figure 61 - illustration explaining procedure of encryption II KP second random number I, KP;

figure 62 is a timing diagram transmit the encrypted second random number I, KP;

figure 63 is a timing chart of receiving an encrypted second random number at the I KP;

figure 64 - illustration explaining procedure of decryption on the I CP a received encrypted message;

figure 65 - figure illustrating the procedure of checking the second random number I, KP;

figure 66 - figure explaining the procedure of forming the session key confidential communication.

On the figures the numeral "I" denotes a binary sequence belonging to the corresponding item, the number "II" belonging to the second offset point. On the figures the shaded pulse is dvocacy and receive messages.

The implementation of the inventive method consists in the following. The strength of the authentication method objects for possible impacts of determined enemy resistance implemented in its mechanisms of cryptographic protection of information (encryption and digital signature). In cryptographic systems, public key achievement of high resistance due to the increase of the order of a numeric field in which is a cryptographic transformation that, in turn, leads to the increase of time for generating and transmitting the converted messages and, therefore, requires an increase in time authentication of objects. However, the value of the valid time of the authentication objects is determined by the requirements of the telecommunications system.

One of the ways to increase resilience to the potential impacts of the enemy in the limited time of authentication interest is the exclusion or reduction of the number of messages protected using cryptographic systems public key.

Formation and mutual exchange of certificates containing identification EDS messages, to exclude from the method is impractical because with their help tunic connected to the communication path between the legitimate correspondents and modifies the transmitted their messages so so in the next while remaining transparent to legitimate parties to monitor and modify the content transmitted between them). Therefore, to increase the resistance to the possible effects it is advisable to eliminate the encryption session key and transmitted in encrypted form on an open channel of communication, and the session key to generate independently the corresponding points on the basis of their rooms and pre-generated authentication information. The method that implements this principle can be represented as the following steps (see Fig.1): the preliminary stage, the stage of forming a session key stages of authentication offset points and the stage of the formation of a session key confidential communication.

A preliminary step consists in forming on the authentication center (CA) of its source data, including parameters CA EDS and its authentication information (AI), the formation of the source data corresponding points (CP), including identification messages, certificates, and authentication information gearbox, transfer gearbox relevant baseline data.

The step of forming the session key is in the HICP session key.

Step authentication corresponding points are in the formation based on the source data and messaging, using analysis to ensure that the corresponding points are truly who you say you are.

In the proposed method the authentication object to improve the resistance to potential impacts of the enemy is implemented by the following sequence of actions. Previously at the centre authentication form the parameters of the electronic digital signature of the CA, including the module (see Fig.2A), secret (see Fig. 2B) and outdoor (see Fig.2B) EDS. Known methods of forming the parameters of the EDS is described, for example, in the book romanet Y. C., P. Timofeev A., Shangin C. F. Protection of information in computer systems and networks/ edited by C. F. Shangina. - M. : Radio and communication, 1999, pp. 162-171. Then form for each CP number and the identification (see Fig.3-6). The number of the corresponding item is unique and can match the registration number KP in the network or be assigned on the basis of random number generation. Known methods of generating random numbers is described, for example, in the book by D. Knuth. The art of computer programming on the mainframe. - M.: Mir, 1977, so 2, page otah this offset point (for example, its functions in a telecommunication network). Features that you must have information that is selected based on the principles of the telecommunications network. The formation of the identification characteristic is performed by presenting this information in binary code. Further, by concatenation of the corresponding offsetting item number and identification of the characteristic form of identification messages to the first and second offset points (see Fig.7, 8). Then, using a secret-key digital signature of CA (see Fig. 2B) form a digital signature identifying the message I KP (see Fig.9a) and (II KP (see Fig.10A). Known methods of forming the digital signature is described, for example, in the book romanet Y. C., P. Timofeev A., Shangin C. F. Protection of information in computer systems and networks/ edited by C. F. Shangina. - M.: Radio and communication. 1999, pp. 162-171. Then form the certificates of the first and second offset points by concatenating the corresponding identification messages and digital signatures (see Fig.11, 12). Generate a non-zero random numbers (see Fig.13), where l=1, 2, 3... - the desired resistance to komprometatsija authentication information, r=n/d, d is the width of the transmitter in bits, n is the required length of klueh numbers (see Fig.14). Calculate for each of the CP coefficients of the polynomials {gi[N](x)} (see Fig.15A, 17A)

< / BR>
where

N is the number of the corresponding item bi,kh=bi,hk0 - elements of the authentication information of the authentication center. Form authentication information of the first and second gearbox by concatenating the corresponding number of coefficients of polynomials {gi[N](x)} (see Fig.16, 18). Then pass to the first and second KP corresponding identification messages, certificates, as well as the module and the public key of the CA EDS. Moreover, the transfer can be made as safe and open communication channel. Next, over a secure channel on each KP transmit a corresponding authentication information. Known methods of transmission sequences according to the communication channels are described, for example, in the book D. Zuko, D. Klovsky. M. Nazarov, L. Fink. theory of signal transmission. M.: Radio and communication, 1986, page 11. At this preliminary stage ends.

If authentication is necessary (for example, at the beginning of the communication session from the second to the first KP transmit the certificate II KP (see Fig.19). On the first KP accepted the certificate II KP (see Fig.20) check (see Fig.21). Known methods p is m in case of positive verification of the received certificate share it (see Fig.22) on the identification message II KP (see Fig.23) and digital signature identification message (see Fig.24). Share identification message II KP (see Fig.23) to the number (see Fig.25) and the identification (see Fig.26). Check the correctness of the identification characteristic II of CP (see Fig.27). In this case, the validation of the identification sign means a verification of the fact that the object really can (or should) have this characteristic. For example, in communication networks with mobile objects as a distinguishing characteristic can be selected functions of the object (base station, mobile subscriber and so on). Then when checking mobile subscriber identification sign came in contact with him correspondent he is convinced that this reporter is really the base station. Further, in case of positive verification of the identification sign memorize the number of the second offset point. Known methods of storing sequences are described, for example, in the book of L. Maltsev, E., Blomberg, B. Yampolsky. Fundamentals of digital technology. M.: Radio and communication, 1986, page 79.

On the second KP generate a second random number of the second offset point (see Fi certificate at the first control to the second offset point (see Fig. 30).

On II KP accepted certificate (see Fig.31) check (see Fig.32). In case of positive verification of share certificate I KP (see Fig.33) on the identification message I KP (see Fig.34) and digital signature identification message (see Fig.35). Then divide the identification message I KP (see Fig.34) to the number (see Fig.36) and the identification of the I KP (see Fig.37). Check the correctness of the identification characteristic (see Fig.38) and in case of positive verification memorize the number of the first offset point.

I KP generate (see Fig.39) the first random number of the first corresponding point and pass it on II the offset point (see Fig.40), where his remembered. Then both corresponding points form a session key.

For the formation of the first CP session key is calculated (see Fig.41A) basic authentication keys Kilby substituting the stored numbers of the second gearbox (see Fig.25) in the polynomials {gi[l](x)} instead of the argument x, where I is the number of the first corresponding point and Form authentication key (see Fig. 42) by the concatenation of r basic authentication keys Kil(see Fig. 41B, in). Next, the session key is formed the point (see Fig.39) and the second random number to the second offset point (see Fig.29b). For example, the establishment of a session key can be done by by-bit addition modulo two sequences authentication key sequences of first random numbers I KP and second random numbers II KP.

For forming the second CP session key calculate basic authentication keys Killby substituting the stored numbers, the first of CP (see Fig.36) in the polynomials gi[ll](x) instead of x argument (see Fig.44a), where II is the number of the second CP, and Form authentication key (see Fig.45) by the concatenation of r basic authentication keys Kill(see Fig.B, in). Next, the session key is formed (see Fig.46a) using the authentication key (see Fig.45), the first random number I KP (see Fig.40A) and the second random number II KP (see Fig.28). At this stage of the formation of a session key ends.

At the stage of authentication corresponding points on II KP generate the first random number (see Fig.47). The first random number II KP is used as a calling message using the session key encrypt (see Fig. 48A). Known methods of encryption simme the systems and networks/ edited C. F. Shangina. - M.: Radio and communication, 1999, pp. 106-120. Encrypted call message (see Fig.B) pass (see Fig.49) on the first offset point at which the received message (see Fig.50) decode by using the session key (see Fig.51A) and remember. Known methods of decryption with a symmetric key are described, for example, in the book romanet Y. C., P. Timofeev A., Shangin C. F. Protection of information in computer systems and networks/ edited by C. F. Shangina. - M.: Radio and communication, 1999, pp. 106-120. Then I KP generate a second random number I KP (see Fig.52). Generate a response message (see Fig.53) by the concatenation of the first random number II KP (see Fig.51B) and the second random number I KP (see Fig.52). The response message encrypted with the session key (see Fig.54A). Transmit the encrypted response message at the second CP (see Fig.55).

On II KP received message (see Fig.56) decode by using the session key (see Fig.57a). The decrypted response message (see Fig.B) share the second random number I KP (see Fig.58) and the first random number II KP (see Fig.59). Then check the correctness of the first random number II KP (see Fig. 60). The validation in this case means a by-bit equality the sequence is e ways a by-bit comparison described, for example, in the book of P. Horowitz, U. Hilo. Art circuitry. M.: Mir, so 1, 1983, page 212. In case of positive verification remember the second random number I KP (see Fig.58) and encrypts it with the session key (see Fig.61). Next, the encrypted second random number is passed to the I KP (see Fig.62).

On the first KP received encrypted message (see Fig.63) decode by using the session key (see Fig.64A). Then verify the correctness (see Fig. 65) the decrypted second random number I, KP. At this stage of authentication offset points ends.

In case of positive verification at the I KP his second random numbers on both corresponding points form a session key confidential communications (see Fig. 66A) using the session key (see Fig.43B, 46B), the second random number to the first offset point (see Fig.52, 64b) and the first random number of the second offset point (see Fig.47, 59). For example, the establishment of a session key confidential communication can be done by by-bit addition modulo two sequences a session key with the sequences of the second random number I, KP and the first random number II KP.

In the case of otrizatelnoe.

Thus, by eliminating transmission over an open communication channel with limited bandwidth encrypted session key and its formation on the corresponding points independently from each other will increase the strength of the authentication method objects for possible impacts of the enemy.

1. The authentication method correspondents, namely, that previously to the centre authentication form certificates and identification messages to the first and second offset points, and the parameters of the electronic digital signature of the authenticating authority, transmit the first and second offset points corresponding identification message and certificates and, in addition, the module and the public key of the electronic digital signature of the authentication center, then from the second to the first offset point to transmit the certificate of the second offset point, check accepted at the first offset point certificate and in case of positive verification generate the first random number of the first corresponding point, generate the first random number of the second offset point, encrypted using the session is encrypted calling message to the first corresponding point, where it decrypts using the session key, remember the first random number of the second offset points to form a response message, encrypts it with the session key and transmits the encrypted response message to the second offset point where it decrypts using the session key, wherein the identification message of each of the corresponding points on the centre authentication form by concatenating the respective corresponding item numbers and identification sign, and then on the centre authentication using a secret key of electronic digital signature for identification messages of the first and second offset points form their digital signature, then form the certificates of the first and second offset points by concatenating the corresponding identification messages and digital signatures, after which the centre authentication form authentication information center authentication and authentication information for the first and second offset points, after the transfer for each offset point corresponding certificateless verification adopted by the first corresponding point of the certificate of the second offset point divide it into the identification message and the digital signature identification message, share identification message of the second corresponding point on the number and the identification, verifies the correctness of the identification sign and in case of positive verification memorize the number of the second corresponding point on the second offset point generate a second random number of the second offset point and pass it on the first offset point where it remembers, and then transmit the certificate of the first corresponding point on the second offset point where it is checked and in case of positive verification is divided into the identification message and the digital signature identification message, then divide the identification message of the first corresponding point on the number and the identification, verifies the correctness of the identification characteristic, and in case of positive verification memorize the number of the first offset points, then the first offset point generate the first random number of the first corresponding point and pass it to the second offset point, where the received first random number of the first offset points to remember, and then on both cor the nogo message using the first random number of the second offset points on the first offset point after storing the first random number of the second offset points generate a second random number of the first offset point, and the response message is formed by the concatenation of the second random number of the first corresponding point and the first random number of the second corresponding point on the second offset point decrypting the received response message share for the second random number of the first corresponding point and the first random number of the second offset point, verify the correctness of the first random number of the second offset point, and in case of positive verification remember the second random number of the first corresponding point and encrypts it with the session key, transmit the encrypted second random number to the first offset points to the first offset point where it decrypts using the session key, verify its correctness, and then both corresponding points form a session key confidential communication.

2. The method according to p. 1, characterized in that for forming authentication information CE is m authentication information, r= n/d, d is the width of the transmitter in bits, n is the required length of the authentication key in bits, and authentication information of the authentication center is formed by the concatenation of a non-zero random numbers.

3. The method according to any of paragraphs. 1 and 2, characterized in that for forming authentication information of the first and second offset points is calculated for each of the coefficients of the polynomials { gi[N](x)}

< / BR>
where N is the number of the corresponding item bi,kh= bi,hk0 - elements of the authentication center authentication, and authentication information corresponding point formed by the concatenation of the corresponding number of coefficients of polynomials { gi[N](x)} .

4. The method according to p. 3, characterized in that for forming the first offset point of a session key is calculated basic authentication keys TO aiIby substituting the stored numbers of the second corresponding point in the polynomials gi[I](x) instead of the argument x, where I is the number of the first corresponding point and form authentication key by concatenating r basic authentication keys TO aiIand a point and the second random number to the second offset points and for forming the second offset point of a session key is calculated basic authentication keys TO aiIIby substituting the stored numbers, the first offset points to the polynomials gi[II](x) instead of the argument x, where II is the number of the second offset points, and form authentication key by concatenating r basic authentication keys TO aiIImoreover , the session key is formed using the authentication key, the first random number of the first corresponding point and the second random number to the second offset point.

5. The method according to any of paragraphs. 1-4 characterized in that the session key confidential communication form using the session key, the second random number of the first corresponding point and the first random number of the second offset point.

 

Same patents:

The invention relates to the field of cryptography, namely the authentication of objects, and can be used as a separate element when building authentication systems designed to identify correspondents in communication networks

The invention relates to distributed information and control systems (RIUS), mainly to RIUS, operating in real time, and can be used in various application systems, operating confidential information

The invention relates to distributed information and control systems (RIUS), mainly to RIUS, operating in real time, and can be used in various application systems, operating information of a confidential nature

The invention relates to distributed information and control systems (RIUS), mainly to RIUS with "star" topology, operating information of a confidential nature

The invention relates to distributed information and control systems (RIUS), mainly to RIUS, operating in real time, and can be used in various application systems, operating information of a confidential nature

The invention relates to communication between a mobile user through a computer network, in particular, it relates to a method and device that enables secure authentication of the mobile user in a communication network

The invention relates to access control in a computer system

The invention relates to the field of cryptography, namely the authentication of objects, and can be used as a separate element when building authentication systems designed to identify correspondents in communication networks

The invention relates to the field of computer engineering and can be used when building secure corporate virtual private networks, using as braced infrastructure public access network, in particular the Internet

The invention relates to computing, and in particular to information and computer systems and networks, and can be used in part integrity monitoring for protection of information resources in workstations, informational, and functional servers

The invention relates to computing

The invention relates to distributed information and control systems (RIUS), mainly to RIUS, operating in real time, and can be used in various application systems, operating confidential information

The invention relates to distributed information and control systems (RIUS), mainly to RIUS, operating in real time, and can be used in various application systems, operating information of a confidential nature

The invention relates to gain access to resources of a computer system or a computer (computing) network, which is protected by a firewall, in response to requests from objects outside the firewall

The invention relates to communication technology and can be used for input and storage of confidential information, including shirokiya

The invention relates to railway automatics and is used in the management of vehicles

The invention relates to computing, and in particular to information and computer systems and networks, and can be used to protect information resources in workstations, informational, and functional (for example, a dedicated secure server, Proxy server, firewall, and t

Processor // 2248608

FIELD: computers, data protection.

SUBSTANCE: processor has bus interface device, device for selection/decoding of commands, device for dispatching/execution, program string decoding device, which string is selected from program and loaded in first levels command cash, which contains a set of N two-input elements XOR, keys memory, storing different N-bit decoding keys.

EFFECT: higher efficiency.

2 dwg

Up!