Abstract: An identity authentication method is disclosed in embodiments of the present application. When a requester and an authentication access controller perform identity authentication using an authentication mechanism of a pre-shared key, the identity information of entities is transmitted in the form of ciphertext, thereby preventing the identity information of the entities from being exposed during the transmission, so that attackers cannot obtain private or sensitive information. The mutual or unilateral identity authentication between the authentication access controller and the requester is achieved while ensuring the confidentiality of the entity identity and related information, thereby laying a foundation for ensuring that the user accessing the network is legitimate and/or the network accessed by the user is legitimate.

Abstract: Disclosed is an identity authentication method. During the process of a requesting device authenticating the identity of an authentication access controller, confidentiality processing is performed on identity information that carries private and sensitive information, and identity authentication result information, thus private and sensitive information can be prevented from being exposed, such that an attacker cannot acquire private and sensitive information in a first authentication response message or an authentication result message even if they have intercepted same, thereby preventing an attack of an attacker on a legitimate authentication access controller, and ensuring the security of the authentication access controller, the requesting device and even a network. Further disclosed are an identity authentication apparatus, a storage medium, a program, and a program product.

Abstract: An identity authentication method and apparatus, a device, a chip, a storage medium, and a program. Confidentiality processing is performed on identity information of a requesting device and an authentication access controller, such that the identity information of the requesting device and the authentication access controller is prevented from being exposed during a transmission process, thereby ensuring that an attacker cannot obtain private and sensitive information of the requesting device and the authentication access controller. In addition, by means of involving an authentication server, mutual identity authentication of the requesting device and the authentication access controller is realized while the confidentiality of information related to an entity identity is ensured.

Abstract: Disclosed in the present application are an identity authentication method and apparatus, and a device, a chip, a storage medium and a program. The identity information of a requesting device is confidentially processed to prevent the identity information of the requesting device from being exposed during transmission, thereby ensuring that an attacker cannot obtain the private information of the requesting device. In addition, by introducing an authentication server, real-time two-way identity authentication between the requesting device and an authentication access controller is achieved while ensuring the confidentiality of entity identity-related information.

Abstract: Disclosed is an identity authentication method. By means of the method, confidentiality processing is performed on identity information of a requesting device, to prevent the identity information of the requesting device from being exposed during a transmission process, thereby ensuring that an attacker cannot obtain private information of the requesting device. Moreover, by means of introducing an authentication server, identity authentication performed on the requesting device by an authentication access controller is realized while ensuring the confidentiality of information related to an entity identity, so as to ensure that only legitimate users can access a network. Further disclosed are an identity authentication apparatus, a storage medium, a program, and a program product.

Abstract: Disclosed in embodiments of the present application are an identity authentication method and apparatus, a device, a chip, a storage medium, and a program. Identify information of a requesting device and an authentication access controller is subjected to confidential processing to prevent the identify information of the requesting device and the authentication access controller from being exposed in a transmission process, so as to ensure that an attacker cannot obtain the private and sensitive information. Moreover, an authentication server is introduced, such that real-time authentication of bidirectional identity between the requesting device and the authentication access controller is achieved while the confidentiality of entity identity related information is guaranteed.

Abstract: Disclosed is an identity authentication method. When a request device and an authentication access controller perform identity verification on the basis of an authentication mechanism of a pre-shared key, identity information of a verified party is transmitted in the form of a ciphertext, thereby preventing the identity information of the verified party from being directly exposed during transmission, and ensuring that an attacker cannot obtain private and sensitive information. Two-way or one-way identity authentication between the authentication access controller and the request device is realized, while the confidentiality of entity identity related information is ensured, thereby laying the foundation for ensuring that a user accessing a network is legitimate and/or the network accessed by the user is legitimate.

Abstract: Disclosed in embodiments of the present application are an identity authentication method. Bidirectional or unidirectional identity authentication between an authentication access controller and a requesting device is implemented by using a pre-shared key, thereby laying a foundation for ensuring that a user accessing a network is legitimate and/or a network accessed by a user is legitimate, so as to implement secret communication between the requesting device and the authentication access controller. In addition, in an identity authentication process, a verified party performs calculation on information comprising the pre-shared key of two parties and random numbers respectively generated by the two parties to obtain an identity authentication key, and performs calculation on specified content by using the identity authentication key to obtain an identity authentication code of the verified party.

Abstract: A wireless network switching method. In the method, a station and a target access device directly generate a message integrity check key by means of a domain key, and verify an integrity code on the basis of the message integrity check key, so as to realize the authentication of two parties; and when the authentication of the opposite party is successful, session keys are generated by means of the domain key and in conjunction with random numbers of the two parties, thereby simplifying a switching process and realizing secure and efficient network switching. Further disclosed are a corresponding station and a corresponding access device.

Abstract: A method and device for managing a digital certificate are provided. A digital certificate requesting device negotiates with a digital certificate issuing device by using an acquired authorization code, to establish a security data channel and generate a security key, and messages can be encrypted with the generated data communication key during a process of message interaction between the digital certificate requesting device and the digital certificate issuing device, thereby effectively increasing the security in data transmission. The method and device are applicable for automatically requesting for, querying, updating, revoking a digital certificate and acquiring a digital certificate revocation list in various scenarios.

Abstract: Provided in the present invention are a digital credential management method and a device, the method comprising: a digital credential application device negotiating establishment of a secure data channel with a digital credential issuing device, and sending to the digital credential issuing device a digital credential management request message; the digital credential issuing device receiving the message, and sending to the digital credential application device a digital credential management verification request message; the digital credential application device receiving the verification request message, and sending to the digital credential issuing device a digital credential management verification response message; the digital credential issuing device receiving the digital credential management verification response message, and sending to the digital credential application device a digital credential management response message; the digital credential application device receiving the digital credentia

Abstract: A method and device for managing a digital certificate are provided. A digital certificate requesting device negotiates with a digital certificate issuing device by using an acquired authorization code, to establish a security data channel and generate a security key, and messages can be encrypted with the generated data communication key during a process of message interaction between the digital certificate requesting device and the digital certificate issuing device, thereby effectively increasing the security in data transmission.

Abstract: Provided are an entity identity validity verification method and device with multiple trusted third parties being involved. In the application, validity of identities of entities performing mutual identity validity verification can only be verified by different trusted third parties. During the verification process, the trusted third parties that are respectively trusted by the two entities interact with each other, and provide identity validity verification services for mutual identity validity verification between the entities, to complete the identity validity verification between the entities.

Abstract: Provided in the present invention are a digital credential management method and a device, the method comprising: a digital credential application device negotiating establishment of a secure data channel with a digital credential issuing device, and sending to the digital credential issuing device a digital credential management request message; the digital credential issuing device receiving the message, and sending to the digital credential application device a digital credential management verification request message; the digital credential application device receiving the verification request message, and sending to the digital credential issuing device a digital credential management verification response message; the digital credential issuing device receiving the digital credential management verification response message, and sending to the digital credential application device a digital credential management response message; the digital credential application device receiving the digital credentia

Abstract: Provided are an entity identity validity verification method and device with multiple trusted third parties being involved. In the application, validity of identities of entities performing mutual identity validity verification can only be verified by different trusted third parties. During the verification process, the trusted third parties that are respectively trusted by the two entities interact with each other, and provide identity validity verification services for mutual identity validity verification between the entities, to complete the identity validity verification between the entities.

Abstract: An anonymous entity authentication method includes the steps of: an entity B sending RB and IGB; an entity A sending RB, R?A, IGA and IGB to a trusted third party TP, the trusted third party TP checking a group GA and a group GB against IGA and IGB for legality; the trusted third party TP returning ResGA, ResGB and a token TokenTA or returning ResGA, ResGB, TokenTA1 and TokenTA2 to the entity A; the entity A sending TokenAB and IGA to the entity B for authentication by the entity B; and the entity B sending TokenBA to the entity A for authentication by the entity A. In this solution, anonymous entity authentication can be performed without passing identity information of the authenticated entity itself to the opposite entity. Furthermore this solution further relates to an anonymous entity authentication apparatus and a trusted third party.

Abstract: The present invention discloses a method for anonymous entity identification, which comprises the following steps: an entity A transmits an RA and an IGA to an entity B; the entity B returns an RB, an IGB and a TokenBA to the entity A; the entity A sends an RA?, the RB, the IGA and the IGB to a credible third-party TP; the credible third-party TP checks the validity of a first group and a second group according to the IGA and the IGB; the credible third-party TP returns an RESGA, an RESGB, and a TokenTA to the entity A, or returns the RESGA, the RESGA, a TokenTA1 and a TokenTA2 to the entity A; and the entity A performs a verification after receiving them; the entity A sends a TokenAB to the entity B; and the entity B performs the verification after receiving it. In the present invention, there is no need to send the identity information of the entity to be identified to an opposite terminal, so that anonymous identity identification is realized.

Abstract: A method for implementing a convergent Wireless Local Area Network (WLAN) Authentication and Privacy Infrastructure (WAPI) network architecture in a local Medium Access Control (MAC) mode is provided and includes the following steps: the MAC function and WAPI function of Access Point (AP) are divided between Wireless Terminal Point (WTP) and Access Controller (AC) to construct a local MAC mode; the convergence of WAPI protocol and the convergent WLAN network architecture is implemented in the local MAC mode; the process of association and connection between Station (STA), WTP and AC is performed; the process of notification of the beginning of the execution of the WLAN Authentication Infrastructure (WAI) protocol between AC and WTP is performed; the process of the execution of the WAI protocol between STA and AC is performed; the process of notification of the end of the execution of the WAI protocol between AC and WTP is performed; the process of encrypted communication between WTP and STA is performed by us

Abstract: A wireless personal area network access method based on the primitive, includes: a coordinator broadcasts a beacon frame to the device which requests connecting to the wireless personal area network (WPAN), the beacon frame includes the authentication request information for the device and the authentication and a key management tool supported by the coordinator; the device authenticates the authentication request information, when the coordinator has an authentication request to the device, the coordinator and the device execute the authentication based on the primitive and obtains the conversation key.

Abstract: A method for realizing a convergent Wireless Local Area Networks (WLAN) Authentication and Privacy Infrastructure (WAPI) network architecture with a split Medium Access Control (MAC) mode involves the steps: a split MAC mode for realizing WLAN Privacy Infrastructure (WPI) by a wireless terminal point is constructed through separating the MAC function and the WAPI function of the wireless access point apart to the wireless terminal point and an access controller; integration of a WAPI and a convergent WLAN network system architecture is realized under the split MAC mode that the wireless terminal point realizes WPI; the association connection process is performed among a station point, a wireless terminal point and an access controller; the process for announcing the start of performing the WLAN Authentication Infrastructure (WAI) protocol between the access controller and the wireless terminal point is performed; the process for performing the WAI protocol between the station point and the access controller i