公开(公告)号：US20240056296A1

公开(公告)日：2024-02-15

申请号：US18259305

申请日：2021-12-21

Applicant: CHINA IWNCOMM CO., LTD.

Inventor： Manxia TIE ,  Jun CAO ,  Xiaorong ZHAO ,  Xiaolong LAI ,  Qin LI ,  Bianling ZHANG ,  Xiang YAN ,  Dandan MA

IPC: H04L9/08 ,  H04L9/30

CPC classification number: H04L9/088 ,  H04L9/30

Abstract: Disclosed in embodiments of the present application are an identity authentication method. Bidirectional or unidirectional identity authentication between an authentication access controller and a requesting device is implemented by using a pre-shared key, thereby laying a foundation for ensuring that a user accessing a network is legitimate and/or a network accessed by a user is legitimate, so as to implement secret communication between the requesting device and the authentication access controller. In addition, in an identity authentication process, a verified party performs calculation on information comprising the pre-shared key of two parties and random numbers respectively generated by the two parties to obtain an identity authentication key, and performs calculation on specified content by using the identity authentication key to obtain an identity authentication code of the verified party. According to the method for calculating an identity authentication code provided by the present application, key exchange calculation is combined, and the capability of resistance to dictionary brute-force attack or to quantum computing attack in the authentication process is enhanced by means of an ingenious detail design. Also disclosed in the embodiments of the present application are an authentication access controller, a requesting device, a storage medium, a program, and a program product.

公开(公告)号：US20240323188A1

公开(公告)日：2024-09-26

申请号：US18269617

申请日：2021-12-21

Applicant: CHINA IWNCOMM CO., LTD.

Inventor： Manxia TIE ,  Jun CAO ,  Xiaolong LAI ,  Xiaorong ZHAO ,  Qin LI ,  Bianling ZHANG ,  Guoqiang ZHANG

IPC: H04L9/40 ,  H04L9/06 ,  H04L9/32

CPC classification number: H04L63/10 ,  H04L9/0618 ,  H04L9/3247

Abstract: A method and device for identity authentication. An authentication access controller (AAC) acquires an identity ciphertext message transmitted by a requesting device (REQ), the identity ciphertext message comprising an identity information ciphertext of the REQ, the AAC decrypts the identity information ciphertext of the REQ to generate a digital certificate (CertREQ) of the REQ, transmits a first authentication request message comprising the CertREQ to a first authentication server, and receives a first authentication response message transmitted by the first authentication server, the first authentication response message comprising authentication result information and a digital signature of the first authentication server, the AAC utilizes a public key of the first authentication server to verify the digital signature of the first authentication server, and if successfully verified, then the AAC determines an identity authentication result for the REQ on the basis of the verification result of the CertREQ in the authentication result information.

公开(公告)号：US20240056433A1

公开(公告)日：2024-02-15

申请号：US18259150

申请日：2021-12-21

Applicant: CHINA IWNCOMM CO., LTD.

Inventor： Manxia TIE ,  Jun CAO ,  Xiaolong LAI ,  Xiaorong ZHAO ,  Qin LI ,  Bianling ZHANG ,  Liang LU

IPC: H04L9/40

CPC classification number: H04L63/08

Abstract: Disclosed is an identity authentication method. When a request device and an authentication access controller perform identity verification on the basis of an authentication mechanism of a pre-shared key, identity information of a verified party is transmitted in the form of a ciphertext, thereby preventing the identity information of the verified party from being directly exposed during transmission, and ensuring that an attacker cannot obtain private and sensitive information. Two-way or one-way identity authentication between the authentication access controller and the request device is realized, while the confidentiality of entity identity related information is ensured, thereby laying the foundation for ensuring that a user accessing a network is legitimate and/or the network accessed by the user is legitimate. Moreover, the dictionary brute-force attack resistance or quantum computation attack resistance during authentication is enhanced in conjunction with key exchange computation and by means of ingenious detail designs. Also disclosed are an authentication access controller, a request device, a storage medium, a program, and a program product.

公开(公告)号：US20240064025A1

公开(公告)日：2024-02-22

申请号：US18259308

申请日：2021-12-21

Applicant: CHINA IWNCOMM CO., LTD.

Inventor： Manxia TIE ,  Jun CAO ,  Xiaolong LAI ,  Xiaorong ZHAO ,  Qin LI ,  Bianling ZHANG ,  Yuehui WANG

IPC: H04L9/32 ,  H04L9/08

CPC classification number: H04L9/3247 ,  H04L9/0825 ,  H04L9/3263

Abstract: An identity authentication method and apparatus, a device, a chip, a storage medium, and a program. Confidentiality processing is performed on identity information of a requesting device and an authentication access controller, such that the identity information of the requesting device and the authentication access controller is prevented from being exposed during a transmission process, thereby ensuring that an attacker cannot obtain private and sensitive information of the requesting device and the authentication access controller. In addition, by means of involving an authentication server, mutual identity authentication of the requesting device and the authentication access controller is realized while the confidentiality of information related to an entity identity is ensured.

公开(公告)号：US20240064024A1

公开(公告)日：2024-02-22

申请号：US18259292

申请日：2021-12-21

Applicant: CHINA IWNCOMM CO., LTD.

Inventor： Manxia TIE ,  Jun CAO ,  Xiaolong LAI ,  Xiaorong ZHAO ,  Qin LI ,  Bianling ZHANG ,  Xiang YAN

IPC: H04L9/32 ,  H04L9/08

CPC classification number: H04L9/3247 ,  H04L9/3265 ,  H04L9/0869 ,  H04L9/0825

Abstract: Disclosed in the present application are an identity authentication method and apparatus, and a device, a chip, a storage medium and a program. The identity information of a requesting device is confidentially processed to prevent the identity information of the requesting device from being exposed during transmission, thereby ensuring that an attacker cannot obtain the private information of the requesting device. In addition, by introducing an authentication server, real-time two-way identity authentication between the requesting device and an authentication access controller is achieved while ensuring the confidentiality of entity identity-related information.

公开(公告)号：US20240064006A1

公开(公告)日：2024-02-22

申请号：US18259297

申请日：2021-12-21

Applicant: CHINA IWNCOMM CO., LTD.

Inventor： Manxia TIE ,  Jun CAO ,  Xiaolong LAI ,  Xiaorong ZHAO ,  Qin LI ,  Bianling ZHANG ,  Zhenhai HUANG ,  Xiang YAN

IPC: H04L9/08 ,  H04L9/32

CPC classification number: H04L9/0825 ,  H04L9/3247 ,  H04L9/3228

Abstract: Disclosed is an identity authentication method. During the process of a requesting device authenticating the identity of an authentication access controller, confidentiality processing is performed on identity information that carries private and sensitive information, and identity authentication result information, thus private and sensitive information can be prevented from being exposed, such that an attacker cannot acquire private and sensitive information in a first authentication response message or an authentication result message even if they have intercepted same, thereby preventing an attack of an attacker on a legitimate authentication access controller, and ensuring the security of the authentication access controller, the requesting device and even a network. Further disclosed are an identity authentication apparatus, a storage medium, a program, and a program product.

公开(公告)号：US20240097887A1

公开(公告)日：2024-03-21

申请号：US18259299

申请日：2021-12-21

Applicant: CHINA IWNCOMM CO., LTD.

Inventor： Xiaolong LAI ,  Jun CAO ,  Manxia TIE ,  Qin LI ,  Xiaorong ZHAO ,  Bianling ZHANG ,  Zhenhai HUANG ,  Chaofan SHAO

IPC: H04L9/08 ,  H04L9/32

CPC classification number: H04L9/0825 ,  H04L9/0861 ,  H04L9/3228

Abstract: An identity authentication method is disclosed in embodiments of the present application. When a requester and an authentication access controller perform identity authentication using an authentication mechanism of a pre-shared key, the identity information of entities is transmitted in the form of ciphertext, thereby preventing the identity information of the entities from being exposed during the transmission, so that attackers cannot obtain private or sensitive information. The mutual or unilateral identity authentication between the authentication access controller and the requester is achieved while ensuring the confidentiality of the entity identity and related information, thereby laying a foundation for ensuring that the user accessing the network is legitimate and/or the network accessed by the user is legitimate. Meanwhile, in connection with key exchange calculations and by an ingenious and detailed design, the ability of the authentication process to resist dictionary brute force attacks or quantum computing attacks is enhanced. Further disclosed in embodiments of the present application are an identity authentication apparatus, a storage medium, a program, and a program product.

公开(公告)号：US20240064027A1

公开(公告)日：2024-02-22

申请号：US18259295

申请日：2021-12-21

Applicant: CHINA IWNCOMM CO., LTD.

Inventor： Manxia TIE ,  Jun CAO ,  Xiaolong LAI ,  Xiaorong ZHAO ,  Qin LI ,  Bianling ZHANG ,  Yuehui WANG ,  Dandan MA

IPC: H04L9/32

CPC classification number: H04L9/3263 ,  H04L9/3228 ,  H04L9/3247

Abstract: Disclosed is an identity authentication method. By means of the method, confidentiality processing is performed on identity information of a requesting device, to prevent the identity information of the requesting device from being exposed during a transmission process, thereby ensuring that an attacker cannot obtain private information of the requesting device. Moreover, by means of introducing an authentication server, identity authentication performed on the requesting device by an authentication access controller is realized while ensuring the confidentiality of information related to an entity identity, so as to ensure that only legitimate users can access a network. Further disclosed are an identity authentication apparatus, a storage medium, a program, and a program product.

公开(公告)号：US20240064011A1

公开(公告)日：2024-02-22

申请号：US18259307

申请日：2021-12-21

Applicant: CHINA IWNCOMM CO., LTD.

Inventor： Manxia TIE ,  Jun CAO ,  Xiaolong LAI ,  Xiaorong ZHAO ,  Qin LI ,  Bianling ZHANG ,  Zhenhai HUANG

IPC: H04L9/08 ,  H04L9/32

CPC classification number: H04L9/0861 ,  H04L9/0838 ,  H04L9/3247

Abstract: Disclosed in embodiments of the present application are an identity authentication method and apparatus, a device, a chip, a storage medium, and a program. Identify information of a requesting device and an authentication access controller is subjected to confidential processing to prevent the identify information of the requesting device and the authentication access controller from being exposed in a transmission process, so as to ensure that an attacker cannot obtain the private and sensitive information. Moreover, an authentication server is introduced, such that real-time authentication of bidirectional identity between the requesting device and the authentication access controller is achieved while the confidentiality of entity identity related information is guaranteed.

公开(公告)号：US20240323028A1

公开(公告)日：2024-09-26

申请号：US18269653

申请日：2021-12-21

Applicant: CHINA IWNCOMM CO., LTD.

Inventor： Xiaolong LAI ,  Jun CAO ,  Manxia TIE ,  Qin LI ,  Xiaorong ZHAO ,  Bianling ZHANG ,  Zhenhai HUANG

IPC: H04L9/32 ,  H04L9/06 ,  H04L9/08 ,  H04L9/40

CPC classification number: H04L9/3247 ,  H04L9/0618 ,  H04L9/0841 ,  H04L9/0869 ,  H04L63/10

Abstract: Disclosed are an identity authentication method and apparatus. When identity information is transmitted between a request device and an authentication access controller, confidentiality processing is performed on the identity information of the request device and the authentication access controller, so as to prevent the identity information of the request device and the authentication access controller from being exposed during a transmission process, thereby ensuring that an attacker cannot obtain private and sensitive information of the request device and the authentication access controller.