Authentication method, system, server, and user node
First Claim
1. An authentication method implemented at a server comprising:
- receiving an identifier of a user node from the user node;
selecting a validity period;
calculating a hash value according to an equation v=h(K∥
ID∥
i), where v is the hash value, h is a hash function. K is a server key, ID is the identifier of the user node, and i is the validity period;
generating a user node password according to the identifier of the user node, the hash value, and the validity period, wherein the user node password is calculated using an equation pw=[v]k, where pw is the user node password, v is the hash value, and k is a numerical exponent;
sending registration information comprising the user node password and the validity period to the user node, wherein the user node calculates a login information parameter according to a random number, the user node password, and a generator point of an algebraic curve, wherein the login information parameter is calculated using an equation R1=(pw·
r1)P, wherein R1 is the login information parameter, pw is the user node password, r1 is the random number, and P is the generator point of the algebraic curve, and wherein the user node sends the identifier, the login information parameter, and the validity period to the server as login information;
receiving the login information from the user node, wherein the login information comprises the identifier, the login parameter, and the validity period;
generating a server session key according to the identifier, the login information parameter, and the validity period;
generating at least one session key parameter of the user node according to the generator point of the algebraic curve;
sending the at least one session key parameter of the user node to the user node, wherein the at least one session key parameter of the user node is used by the user node for generating a user node session key after the user node receives the at least one session key parameter of the user node; and
performing mutual authentication with the user node according to the server session key and the user node session key.
1 Assignment
0 Petitions
Accused Products
Abstract
The embodiments of the present disclosure disclose an authentication method, a system, a server, and a user node are disclosed herein. The method includes: generating, by a server, a server session key according to the identity information, at least one login information parameter, and the validity period included in the login information, generating at least one session key parameter of a user node according to the generator point of the algebraic curve, and sending at least one session key parameter of the user node to the user node; generating, by the user node, a user node session key according to at least one session key parameter of the user node; performing, by the server and the user node, mutual authentication according to the session keys. The authentication solution under the present disclosure is simple and practicable, and is also applicable to authenticating the user node in a grid computing platform.
-
Citations
17 Claims
-
1. An authentication method implemented at a server comprising:
-
receiving an identifier of a user node from the user node; selecting a validity period; calculating a hash value according to an equation v=h(K∥
ID∥
i), where v is the hash value, h is a hash function. K is a server key, ID is the identifier of the user node, and i is the validity period;generating a user node password according to the identifier of the user node, the hash value, and the validity period, wherein the user node password is calculated using an equation pw=[v]k, where pw is the user node password, v is the hash value, and k is a numerical exponent; sending registration information comprising the user node password and the validity period to the user node, wherein the user node calculates a login information parameter according to a random number, the user node password, and a generator point of an algebraic curve, wherein the login information parameter is calculated using an equation R1=(pw·
r1)P, wherein R1 is the login information parameter, pw is the user node password, r1 is the random number, and P is the generator point of the algebraic curve, and wherein the user node sends the identifier, the login information parameter, and the validity period to the server as login information;receiving the login information from the user node, wherein the login information comprises the identifier, the login parameter, and the validity period; generating a server session key according to the identifier, the login information parameter, and the validity period; generating at least one session key parameter of the user node according to the generator point of the algebraic curve; sending the at least one session key parameter of the user node to the user node, wherein the at least one session key parameter of the user node is used by the user node for generating a user node session key after the user node receives the at least one session key parameter of the user node; and performing mutual authentication with the user node according to the server session key and the user node session key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A network system, comprising:
a server configured to; receive an identifier of a user node from the user node; select a validity period; calculate a hash value according to an equation v=h(K∥
ID∥
i), where v is the hash value, h is a hash function, K is a server key, and i is the validity period;generate a user node password according to the identifier, the validity period, and the hash value, where the user node password is calculated using an equation pw=[v]k, where pw is the user node password, v is the hash value, and k is a numerical exponent; send registration information comprising the user node password and the validity period to the user node; receive login information from the user node; generate a server session key according to the identifier, at least one login information parameter, and the validity period, wherein the at least one login information parameter is calculated by the user node using an equation R1=(pw·
r1)P, where R1 is the at least one login information parameter, pw is the user node password, r1 is a random number, and P is a generator point of an algebraic curve;generate at least one session key parameter of the user node according to the generator point of the algebraic curve; send the at least one session key parameter of the user node to the user node; and authenticate the user node according to the server session key. - View Dependent Claims (10, 11)
-
12. A server, in a network system comprising the server and a user node, wherein the server comprises:
-
a registering module configured to;
receive an identifier of the user node from the user node, select a validity period, calculate a hash value according to an equation v=h(K∥
ID∥
i), where v is the hash value, h is a hash function, K is a server key, ID is the identifier of the user node, and i is the validity period, generate a user node password according to the identifier, the validity period, and the hash value, wherein the user node password is calculated using an equation pw=[v]k, where pw is the user node password, v is the hash value, and k is a numerical exponent, and send registration information comprising the user node password and the validity period to the user node;a responding module configured to;
generate a server session key according to the identifier, at least one login information parameter, and the validity period comprised in the login information after receiving the login information of the user node, wherein the at least one login information parameter is calculated by the user node according to an equation R1=(pw·
r1)P, where R1 is the at least one login information parameter, pw is the user node password, r1 is a random number, and P is a generator point on an algebraic curve, generate at least one session key parameter of the user node according to the generator point of the algebraic curve, and send the at least one session key parameter of the user node to the user node; andan authenticating module configured to authenticate the user node according to the server session key. - View Dependent Claims (13, 14)
-
-
15. A user node, comprising:
-
a registering module configured to;
send an identifier of the user node to a server, and receive registration information comprising a user node password and a validity period from the server, wherein the user node password is calculated using an equation pw=[v]k, where pw is the user node password, v is a hash value, and k is a numerical exponent, wherein the hash value is calculated using an equation v=h(K∥
ID∥
i), where v is the hash value, h is a hash function, K is a server key, ID is the identifier of the user node, and i is the validity period;a login module configured to;
generate at least one login information parameter according to the user node password and a generator point of an algebraic curve, wherein the at least one login information parameter is calculated using an equation R1=(pw·
r1)P, wherein R1 is the at least one login information parameter, pw is the user node password, r1 is a random number, and P is the generator point of the algebraic curve, and send the login information comprising the identifier, the at least one login information parameter, and the validity period to the server;a user node session key generating module configured to;
receive the at least one session key parameter of the user node from the server, and generate a user node session key according to at least one received session key parameter of the user node; andan authenticating module configured to authenticate the server according to the user node session key. - View Dependent Claims (16, 17)
-
Specification