Abstract: A user authentication system and method for a communications network is provided. The credential authority publishes an accumulator and issues tokens and credentials to the users who are authorized to access a service. The user computes by himself a derived credential based on the credential issued by the credential authority, and proves to the verifier using the derived credential. If a new user is authorized, other users and the verifier need not update any data. If a user ever authorized is banned, i.e., his/her token is revoked, the credential authority computes the updated accumulator based on the token issued to the banned user, and publishes a revocation increment data comprising the updated accumulator and the increment data about the revoked token. Other users compute their updated credentials by themselves based on the updated revocation increment data received.

Abstract: The invention provides a malleable pseudonym certificate system and method for a communication network. According to one embodiment of the invention, a user acquires a root proof from a trusted entity, generates one or more pseudonym certificates based on the root proof, and sends anonymous public keys each equipped with one pseudonym certificate to verifiers. Through use of the pseudonym certificate, the verifier believes that the user's anonymous public key is certified by the trusted entity. The pseudonym certificate contains no information by which the verifier can figure out the real identity of the user. With the malleable pseudonym certificate system, the trusted entity needs only certify once for the user's root public key. The user can generate by him or herself mass anonymous public keys where each anonymous public key is equipped with a distinct pseudonym certificate.

Abstract: The invention provides a virtual subscriber identifier system and method of a communication network. According to one embodiment of the invention, a subscriber generates virtual subscriber identifiers by him/her self, generates a subscriber identity mapping data by which a identifier service provider can figure out the real identifier of the owner of the virtual subscriber identifier, and informs peers of the virtual subscriber identifiers. The subscriber identify mapping data may be a data in which a virtual subscriber identifier is associated to the real identifier of the subscriber, and be registered by the subscriber with the identifier service provider. A peer generates a communicating request including a virtual subscriber identifier as target, and sends the request to the identifier service provider, the identifier service provider determines the real identifier of the subscriber from the subscriber identity mapping data, and forwards the communication between the peer and the subscriber's terminal.

Abstract: The invention discloses a radio frequency identification system, comprising: a radio frequency identification tag having an identification code and a set of verifiable data stored therein; and a radio frequency identification reader which sends a reading request to the radio frequency identification tag, requesting to read a first portion of the set of verifiable data, wherein the radio frequency identification tag further comprising control means, which, when the radio frequency identification tag receives the reading request from the radio frequency identification reader, in case of that the set of verifiable data has not been performed a locking operation, performs the locking operation on the set of verifiable data, so that from then on any data of a second portion of the set of verifiable data cannot be read.

Abstract: Methods, devices and systems for generating a plurality of public keys from one private key with the same generator of a group are described. A public key cryptosystem is also disclosed for generating a plurality of anonymous public keys all of which relate to the same party used for secure communications. Those anonymous public keys are generated using the same generator from one single private key. With the invention, computation is reduced, memory can be saved and security level can be improved.

Abstract: This invention relates to a method for toxicity comprehensive elimination of chrome residues, comprising adding water to chrome residues, wet-grinding the same to a thick liquid, letting it react with dilute hydrochloric acid, and letting the filtrate obtained react with an additive containing barium, with sulfuric acid or magnesium sulfate, and with cream of lime or soda, so as to realize a comprehensive extraction and utilization of various elements. The hydrochloric acids can be circulated, and the filter residues can be used for iron-smelting and brick-making. By means of this method, it is possible not only to completely and permanently eliminate the toxicity of the residues, but also to realize a comprehehsive utilization of the residue resources.