HOME   Cart(0)   Quotation   About-Us Tax PDFs Standard-List Powered by Google www.ChineseStandard.net Database: 189760 (30 Nov 2024)

GB/T 39205-2020 PDF in English


GB/T 39205-2020 (GB/T39205-2020, GBT 39205-2020, GBT39205-2020)
Standard IDContents [version]USDSTEP2[PDF] delivered inName of Chinese StandardStatus
GB/T 39205-2020English205 Add to Cart 0-9 seconds. Auto-delivery. Information security technology -- Light-weight authentication and access control mechanism Valid
Standards related to (historical): GB/T 39205-2020
PDF Preview

GB/T 39205-2020: PDF in English (GBT 39205-2020)

GB/T 39205-2020 GB NATIONAL STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 35.040 L 80 Information security technology - Light-weight authentication and access control mechanism ISSUED ON: OCTOBER 11, 2020 IMPLEMENTED ON: MAY 01, 2021 Issued by: State Administration for Market Regulation; Standardization Administration of the People’s Republic of China. Table of Contents Foreword ... 3  Introduction ... 4  1 Scope ... 6  2 Normative references ... 6  3 Terms and definitions ... 6  4 Symbols and abbreviations ... 7  4.1 Symbols ... 7  4.2 Abbreviations ... 7  5 Light-weight authentication mechanism ... 8  5.1 Overview ... 8  5.2 Authentication mechanism based on exclusive OR operation ... 8  5.3 Authentication mechanism based on cryptographic hash algorithm ... 10  5.4 Authentication mechanism based on block cipher algorithm ... 12  6 Light-weight access control mechanism ... 14  6.1 Overview ... 14  6.2 Access control mechanism based on block cipher algorithm ... 14  6.3 Access control mechanism based on access control list ... 16  Information security technology - Light-weight authentication and access control mechanism 1 Scope This Standard specifies the light-weight authentication mechanism and the access control mechanism. This Standard applies to the design, development and application of authentication and access control mechanisms in resource-constrained application scenarios, such as wireless sensor network, radio frequency identification, and near field communication. 2 Normative references The following documents are indispensable for the application of this document. For dated references, only the dated version applies to this document. For undated references, the latest edition (including all amendments) applies to this document. GB/T 15629.3-2014, Information technology - Telecommunications and information exchange between systems - Local and metropolitan area networks - Specific requirements - Part 3: Carrier sense multiple access with collision detection (CSMA/CD) access method and physical layer specifications GB/T 25069, Information security technology - Glossary GB/T 32905, Information security techniques - SM3 cryptographic hash algorithm GB/T 32907, Information security technology - SM4 block cipher algorithm ISO/IEC 29180:2012, Information technology - Telecommunications and information exchange between systems - Security framework for ubiquitous sensor networks 3 Terms and definitions Terms and definitions determined by GB/T 25069 and the following ones are applicable to this document. CT: Cryptographic Text DAE: Destination Access Entity ET: Encrypted Text HMAC: Hash Based Message Authentication Code KD: Key Derivation MAC: Message Authentication Code MEK: Message Encryption Key MIC: Message Integrality Check MIK: Message Integrality Key PSK: Pre-Shared Key SK: Session Key VP: Valid Period 5 Light-weight authentication mechanism 5.1 Overview The light-weight authentication mechanism reduces the complexity of calculation and communication in the authentication process while realizing the identity authenticity confirmation between entities. Compared with the usual mechanism, the light-weight authentication mechanism has the following measurement angles: a) Less occupancy of computing resources; b) Less interactive messages; c) Shorter time-consuming; d) Less required storage space. 5.2 Authentication mechanism based on exclusive OR operation The authentication mechanism, which is based on the exclusive OR operation, realizes the confirmation of identity authenticity between entity A and entity B through simple exclusive OR and shift operations. The authentication process is shown in Figure 1. Figure 2 -- Schematic diagram of message interaction of the authentication mechanism that is based on the cryptographic hash algorithm Before authentication, entity A shall have identity information IDA; entity B shall have identity information IDB; entity A and entity B shall have pre-shared key PSK; the use of pre-shared key PSK shall meet the needs of specific scenarios; the length of the random number shall be consistent with the PSK length. The authentication process is as follows: a) Entity A generates a random number NA, and sends an authentication request message that contains NA and IDA to entity B. b) After entity B receives the authentication request message from entity A, it generates a random number NB, and uses the pre-shared key PSK with entity A in the key list to calculate MIKǁSK=KD-HMAC(PSK,IDAǁIDBǁNAǁNB) according to IDA, IDB, NA, and NB, where IDA and IDB are respectively the identities of entity A and entity B; MIK is the message integrity key between entity A and entity B; SK is the session key between entity A and entity B. Then, entity B uses MIK to calculate the message authentication code MAC1=HMAC (MIK, NAǁNB), and constructs an authentication response message NAǁNBǁIDBǁMAC1 and sends it to entity A. c) After entity A receives the authentication response message from entity B, it first checks whether the random number NA in the authentication response message is consistent with the random number NA that is sent to entity B in step a). If they are inconsistent, entity A fails to authenticate entity B; if they are consistent, entity A calculates MIKǁSK=KD- HMAC(PSK,IDAǁIDBǁNAǁNB), and uses MIK to calculate the message authentication code MAC2=HMAC(MIK,NAǁNB). If MAC2≠MAC1, entity A fails to authenticate entity B; if MAC2=MAC1, entity A saves SK as the session key with entity B, and calculates MAC3=HMAC(MIK,NB), to construct an authentication confirmation message NBǁMAC3, and sends it to entity B. If entity A and entity B use this mechanism and do not contain a key confirmation message, after entity A sends the authentication confirmation message for a period of time or after it correctly decrypts the message that is sent by entity B using the session key, entity A successfully identifies entity B, and entity A enables the session key; if entity A and entity B use this mechanism and contain a key confirmation message, follow step e) to perform subsequent operations. d) After entity B receives the authentication confirmation message from entity A, it checks whether the random number NB in the authentication confirmation message is consistent with the random number NB that is sent to entity A in step b). If they are inconsistent, entity B fails to authenticate entity A; if they are consistent, entity B calculates the the length of the random number shall be consistent with the PSK length. The authentication process is as follows: a) Entity A generates a random number NA, and sends an authentication request message that contains NA to entity B; b) After entity B receives the authentication request message from entity A, it generates random numbers NB1 and NB2, calculates CT1ǁMIC1=E(PSK,NAǁNB1ǁNB2), and sends an authentication response message that contains NAǁCT1ǁMIC1 to entity A; c) After entity A receives the authentication response message from entity B, it first determines whether the NA in the message is consistent with the NA that is sent to entity B in step a). If they are inconsistent, entity A fails to authenticate entity B; if they are consistent, entity A uses PSK to decrypt and verify CT1ǁMIC1. If the verification of MIC1 fails, entity A fails to authenticate entity B; if the verification of MIC1 passes, it further verifies whether the decrypted NA is consistent with the NA that is sent to entity B in step a). If they are inconsistent, entity A fails to authenticate entity B; if they are consistent, entity A authenticates entity B successfully; entity A uses the decrypted NB2 as the session key with entity B, and calculates CT2ǁMIC2=E(NB2,NB1), and sends an authentication response confirmation message to entity B, which includes the field NB1ǁCT2ǁMIC2; d) After entity B receives the authentication response confirmation message from entity A, it first determines whether the NB1 in the message is consistent with the NB1 that is sent to entity A in step b). If they are inconsistent, entity B fails to authenticate entity A; if they are consistent, entity B uses NB2 to decrypt and verify CT2ǁMIC2. If the MIC2 verification fails, entity B fails to authenticate entity A; if the MIC2 verification passes, further verify whether the decrypted NB1 is consistent with the NB1 that is sent to entity A in step b). If they are inconsistent, entity B fails to authenticate entity A; if they are consistent, entity B authenticates entity A successfully, and entity B uses NB2 as the session key with entity A. Note: E is a block encryption algorithm; CTǁMIC=E(KEY,S) means using KEY to encrypt S and calculating the integrity check code, where CT stands for cryptographic text, MIC stands for integrity check code; the separation of CT and MIC depends on the specific application. In some modes, it is necessary to first derive the message integrity check key and the message encryption key according to the KEY, and then respectively use the two keys to calculate the integrity check code and the cryptographic text. In the decryption verification, the sequence of verifying the integrity check code and decrypting may be different according to the different used modes. a) Before the User sends an access request to the DAE in the network, it first sends an authentication request message to the DAE, which mainly contains the random number N1 that is generated by the User; b) After DAE receives the authentication request message from the User, it generates a random number N2, and uses the shared key KACr, DAE with ACr to calculate ET1=E(KACr,DAE,N1); send N1ǁN2ǁET1 as authentication response message to the User, where E is the symmetric encryption algorithm; c) After the User receives the authentication response message from DAE, it first judges whether the random number N1 in the message is the random number that is selected by the User; if it is not, discard the message directly; if it is, use the shared key KACr, User with ACr to calculate ET2=E(KACr,User,N1); calculate the message authentication code MIC1=HMAC(KACr,User,N1ǁIDDAEǁET1ǁET2); construct an entity authentication request message N1ǁIDDAEǁET1ǁET2ǁMIC1; send it to ACr, where IDDAE is the identity of DAE; d) After ACr receives the User's entity authentication request message, it first judges the integrity of the message according to MIC1. If the verification fails, discard the message; if the verification passes, use the shared key KACr, DAE with DAE to decrypt ET1. If the decrypted N1 is not equal to the N1 that is sent by the User in step c), ACr constructs an entity authentication response message N1ǁIDDAEǁRES(DAE) ǁMIC2 and sends it to the User, where MIC2=HMAC(KACr,User,N1ǁ IDDAEǁRES(DAE)), Res(DAE)=Failure indicates that ACr fails to identify DAE; if the decrypted N1 is equal to the N1 that is sent by the User in step c), ACr uses the shared key KACr, User with the User to decrypt ET2. If the decrypted N1 is not equal to the N1 that is sent by the User in step c), the authentication is terminated; if the decrypted N1 is equal to the N1 that is sent by the User in step c), ACr generates the session key KDAE, User between the User and DAE, and queries ACL according to the User's identity; obtain the User's access control information ACLUser, together with the User's access period TV; use KACr, DAE to calculate ET3=E(KACr,DAE,IDUserǁKDAE,UserǁTVǁACLUser); use KACr,User to calculate ET4=E(KACr,User,KDAE,User); calculate MIC2=HMAC(KACr,User,N1ǁIDDAEǁRES(DAE)ǁET3ǁET4); construct entity authentication response message N1ǁIDDAEǁRES(DAE) ǁET3ǁET4ǁMIC2; sent it to User, where RES(DAE)=True means that ACr successfully authenticates DAE; e) After the User receives the entity authentication response message from ACr, it first judges whether the random number N1 is the random number that is selected by the User; if it is not, discard the message; if it is, judge the integrity of the message according to MIC2; if the verification fails, U_ID in the ACL list to all entities in the network in a secure manner; the entity saves the ACLU_ID before the user's VP expires; if the user is not registered, ACr discards the user's identity certification request message. Note: The secure manner refers to protecting the confidentiality and integrity of the message by means of encrypted transmission. The pre-shared key can be used between entities to realize encrypted transmission; the specific implementation method is not limited, the same below. b) Before the user accesses the destination access entity, it first sends an identity authentication request message to the network. At this time, all entities in the user's single-hop communication area in the network constitute a temporary access control gateway to authenticate the user. The process is as follows: 1) After the temporary access control gateway receives the user's identity authentication request message, the entity in the temporary access control gateway first determines whether the user's ACLU_ID information is stored. If this information is stored, it indicates that the user is within the valid period. The entity performs an authentication of the user according to the user AI in the ACLU_ID. If the entity authenticates the user authentication successfully, it casts a PASS vote and broadcasts the PASS vote. If the number of PASS votes that are received by the entity in the temporary access control gateway is larger than or equal to the threshold value P, it indicates that the user authentication is successful. If the PASS votes that are received by the entity in the gateway is less than the threshold value P, it indicates that the authentication fails and the user's access is terminated; the threshold value P is defined by the network owner; it can be a fixed value of the number of PASS votes, or a proportional value of PASS votes; 2) After the successful authentication, during the process when the user accesses the network, the entity in the current temporary access control gateway shall calculate the location where the user shall reach according to the user's movement direction, movement speed, etc., and constructs the next temporary access control gateway through all entities in all single-hop areas with the location, where the measured users will reach, as the center. The entity in the current temporary access control gateway sends the successful user authentication message to the entity in the next temporary access control gateway after time t; the next temporary access control gateway determines whether the user is successfully authenticated according to whether the number of received successful user authentication messages reaches the threshold P. If the user is still within the valid period VP, and the ......
 
Source: Above contents are excerpted from the PDF -- translated/reviewed by: www.chinesestandard.net / Wayne Zheng et al.