公开(公告)号：US10681045B2

公开(公告)日：2020-06-09

申请号：US15766332

申请日：2016-08-26

Applicant: China IWNCOMM Co., LTD.

Inventor： Zhiqiang Du ,  Bianling Zhang ,  Qin Li ,  Zhenhai Huang ,  Qiang Zhang

IPC: H04L29/06 ,  H04L9/32

Abstract: Provided are an entity identity validity verification method and device with multiple trusted third parties being involved. In the application, validity of identities of entities performing mutual identity validity verification can only be verified by different trusted third parties. During the verification process, the trusted third parties that are respectively trusted by the two entities interact with each other, and provide services for mutual identity validity verification between the entities, to complete the identity validity verification between the entities.

公开(公告)号：US20180295132A1

公开(公告)日：2018-10-11

申请号：US15766332

申请日：2016-08-26

Applicant: China IWNCOMM Co., LTD.

Inventor： Zhiqiang Du ,  Bianling Zhang ,  Qin Li ,  Zhenhai Huang ,  Qiang Zhang

IPC: H04L29/06 ,  H04L9/32

Abstract: Provided are an entity identity validity verification method and device with multiple trusted third parties being involved. In the application, validity of identities of entities performing mutual identity validity verification can only be verified by different trusted third parties. During the verification process, the trusted third parties that are respectively trusted by the two entities interact with each other, and provide services for mutual identity validity verification between the entities, to complete the identity validity verification between the entities.

公开(公告)号：US20150222427A1

公开(公告)日：2015-08-06

申请号：US14420342

申请日：2013-08-09

Applicant: China IWNCOMM Co., LTD.

Inventor： Manxia Tie ,  Qin Li ,  Ning Bu

IPC: H04L9/08 ,  H04L29/06

CPC classification number: H04L9/0822 ,  H04L9/0891 ,  H04L63/061 ,  H04L2209/24 ,  H04W12/04

Abstract: A two-way key switching method and an implementation device. The method includes: when acquiring a new key, any end in a communication link setting a new key transmitting direction to be unavailable and setting a new key receiving direction to be available; after it is presumed or determined that at least n opposite ends have acquired the new key and before an original key is invalid, the any end starting a first key switching process, to set the transmitting direction of the original key to be unavailable and set the new key transmitting direction to be available, where N≧n≧1, and N is the total number of receiving sides corresponding to the transmitting side; according to a protection identifier of data transmitted from the opposite end, the any end selecting a valid key to perform deprotection; and after the data is successfully deprotected with the new key for the first time, the any end starting a second key switching process, to set the receiving direction of the original key to be unavailable. By limiting the sequence of each end on a communication link to perform key switching, the present invention ensures that each end can correctly deprotect data transmitted from an opposite end.

Abstract translation: 一种双向密钥交换方法和实现装置。 所述方法包括：当获取新密钥时，通信链路中的任何一端将新的密钥发送方向设置为不可用，并设置新的密钥接收方向可用; 在假定或确定至少n个相对端已经获得新密钥之后并且在原始密钥无效之前，任何一个端点开始第一密钥交换过程，以将原始密钥的发送方向设置为不可用，并将 新密钥发送方向可用，其中N≥n≥1，N是对应于发送侧的接收侧的总数; 根据从相对端发送的数据的保护标识符，任一端选择有效的密钥进行去保护; 并且在首次用新密钥成功地去保护数据之后，任何一端开始第二密钥交换处理，以将原始密钥的接收方向设置为不可用。 通过限制通信链路上的每个端点的序列来执行密钥交换，本发明确保每一端能够正确地去除从相对端发送的数据。

公开(公告)号：US20150222425A1

公开(公告)日：2015-08-06

申请号：US14421400

申请日：2013-07-15

Applicant: CHINA IWNCOMM CO., LTD.

Inventor： Qin Li ,  Manxia Tie ,  Ning Bu

IPC: H04L9/08 ,  H04L9/14

CPC classification number: H04L9/0819 ,  H04L9/083 ,  H04L9/0891 ,  H04L9/14 ,  H04L2209/24 ,  H04L2209/601

Abstract: A one-way key switching method and an implementation device. The method comprises: after obtaining a new key and before deducing or determining that at least n receivers obtain the new key, a sender setting the sending direction of the new key as unavailable and keeping the sending direction of an original key as available; after obtaining the new key and before deducing or determining that at least n receivers obtain the new key, before the original key is invalid, the sender starting up a key switching process, i.e. setting the sending direction of the original key as unavailable and setting the sending direction of the new key as available; where N≧n≧1, N is the total number of the receivers corresponding to the sender.

Abstract translation: 单向密钥交换方法和实现装置。 该方法包括：在获得新密钥之后，在推导或确定至少n个接收者获得新密钥之前，发送者将新密钥的发送方向设置为不可用，并保持原始密钥的发送方向可用; 在获得新密钥之后，在推导或确定至少n个接收者获得新密钥之前，在原始密钥无效之前，发送者启动密钥交换过程，即将原始密钥的发送方向设置为不可用，并设置 发送新密钥的方向可用; 其中N≥n≥1，N是对应于发送者的接收器的总数。

公开(公告)号：US10243829B2

公开(公告)日：2019-03-26

申请号：US15309861

申请日：2015-04-17

Applicant: China IWNCOMM Co., LTD.

Inventor： Jun Cao ,  Qin Li ,  Yuehui Wang ,  Yanan Hu ,  Qi Pan ,  Bianling Zhang

IPC: G06F15/173 ,  H04L12/26 ,  H04L29/06

Abstract: A communication protocol testing method, a tested device and a testing platform. The method includes: the tested device and the reference device execute a communication protocol, a message sent and/or received during execution of the communication protocol serving as a first message, and the first message being encapsulated in a data encapsulation format of the communication protocol; the tested device encapsulates a part of data or all the data in the first message and/or known data of the tested device according to a unified data encapsulation format to generate a second message; and the testing platform acquires the second message, parses the acquired second message according to the unified data encapsulation format to obtain a part of data or all the data in the second message, executes testing items, and outputs testing results, thereby completing the test.

公开(公告)号：US12156028B2

公开(公告)日：2024-11-26

申请号：US17781577

申请日：2020-11-02

Applicant: CHINA IWNCOMM CO., LTD.

Inventor： Bianling Zhang ,  Xiaolong Lai ,  Manxia Tie ,  Yuehui Wang ,  Xiaorong Zhao ,  Qin Li ,  Guoqiang Zhang ,  Zhiqiang Du

IPC: H04W12/08 ,  H04W12/041 ,  H04W12/106

Abstract: A wireless network switching method. In the method, a station and a target access device directly generate a message integrity check key by means of a domain key, and verify an integrity code on the basis of the message integrity check key, so as to realize the authentication of two parties; and when the authentication of the opposite party is successful, session keys are generated by means of the domain key and in conjunction with random numbers of the two parties, thereby simplifying a switching process and realizing secure and efficient network switching. Further disclosed are a corresponding station and a corresponding access device.

公开(公告)号：US10389702B2

公开(公告)日：2019-08-20

申请号：US15122806

申请日：2015-03-27

Applicant: CHINA IWNCOMM CO., LTD.

Inventor： Yanan Hu ,  Zhiqiang Du ,  Qin Li ,  Ming Li

IPC: H04L29/06 ,  H04L9/00 ,  H04L9/32 ,  H04L9/08

Abstract: Disclosed are an entity authentication method and device, involving: sending, by an entity A, a first identity authentication message to an entity B; inspecting, by the entity B after receiving the first message, the validity of a certificate of the entity A; sending, by the entity B, a second identity authentication message to the entity A; inspecting, by the entity A after receiving the second message, the correctness of field data therein; calculating, by the entity A, a secret information and message authentication code using a private key thereof and a temporary public key of the entity B, and sending a third message to the entity B; inspecting, by the entity B after receiving the third message, the correctness of field data therein; calculating, by the entity B, a secret information and message authentication code using a private key thereof and a public key of the entity A.

公开(公告)号：US20170310475A1

公开(公告)日：2017-10-26

申请号：US15510006

申请日：2015-06-23

Applicant: China IWNCOMM Co., LTD

Inventor： Ya’nan Hu ,  Zhiqiang Du ,  Guoqiang Zhang ,  Qin Li

IPC: H04L9/08 ,  H04L9/06 ,  H04L29/06

CPC classification number: H04L9/0816 ,  H04L9/0656 ,  H04L9/3273 ,  H04L63/0435 ,  H04L63/06 ,  H04L63/08 ,  H04L63/0869 ,  H04W12/04

Abstract: An entity authentication method includes: an entity A generates and sends NA to an entity B; the entity B generates NB and ZSEEDB, computes a key MKA∥KEIA and first encrypted authentication data AuthEncDataB, and sends the NB∥NA∥AuthEncDataB to the entity A for verification; the entity A generates ZSEEDA, computes second encrypted authentication data AuthEncDataA, a shared key seed Z, a master key MK and a first message authentication identifier MacTagA, and sends the NA∥NB∥AuthEncDataA∥MacTagA to the entity B for verification; the entity B computes Z, MK and MacTagA, compares the MacTagA with the received MacTagA, and if the two are equal, considers that the entity A is valid; the entity B computes and sends a second message authentication identifier MacTagB to the entity A; and the entity A computes MacTagB, compares the MacTagB with the received MacTagB, and if the two are equal, considers that the entity B is valid.

公开(公告)号：US11323433B2

公开(公告)日：2022-05-03

申请号：US16645149

申请日：2018-09-07

Applicant: CHINA IWNCOMM CO., LTD.

Inventor： Yuehui Wang ,  Bianling Zhang ,  Manxia Tie ,  Xiaolong Lai ,  Qin Li ,  Weigang Tong ,  Guoqiang Zhang ,  Zhiqiang Du ,  Xiang Yan

IPC: H04L29/06 ,  H04L9/32

Abstract: Provided in the present invention are a digital credential management method and a device, the method comprising: a digital credential application device negotiating establishment of a secure data channel with a digital credential issuing device, and sending to the digital credential issuing device a digital credential management request message; the digital credential issuing device receiving the message, and sending to the digital credential application device a digital credential management verification request message; the digital credential application device receiving the verification request message, and sending to the digital credential issuing device a digital credential management verification response message; the digital credential issuing device receiving the digital credential management verification response message, and sending to the digital credential application device a digital credential management response message; the digital credential application device receiving the digital credential management response message, and sending to the digital credential issuing device a digital credential management confirmation message.

公开(公告)号：US10812480B2

公开(公告)日：2020-10-20

申请号：US15766322

申请日：2016-08-16

Applicant: China IWNCOMM Co., LTD.

Inventor： Bianling Zhang ,  Zhiqiang Du ,  Qin Li ,  Xiaolong Lai ,  Weigang Tong

IPC: H04L29/06 ,  H04L9/32

Abstract: Provided are an entity identity validity verification method and device with multiple trusted third parties being involved. In the application, validity of identities of entities performing mutual identity validity verification can only be verified by different trusted third parties. During the verification process, the trusted third parties that are respectively trusted by the two entities interact with each other, and provide identity validity verification services for mutual identity validity verification between the entities, to complete the identity validity verification between the entities.