GB/T 39205-2020 PDF in English
GB/T 39205-2020 (GB/T39205-2020, GBT 39205-2020, GBT39205-2020)
Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Name of Chinese Standard | Status |
GB/T 39205-2020 | English | 205 |
Add to Cart
|
0-9 seconds. Auto-delivery.
|
Information security technology -- Light-weight authentication and access control mechanism
| Valid |
Standards related to (historical): GB/T 39205-2020
PDF Preview
GB/T 39205-2020: PDF in English (GBT 39205-2020) GB/T 39205-2020
GB
NATIONAL STANDARD OF THE
PEOPLE’S REPUBLIC OF CHINA
ICS 35.040
L 80
Information security technology - Light-weight
authentication and access control mechanism
ISSUED ON: OCTOBER 11, 2020
IMPLEMENTED ON: MAY 01, 2021
Issued by: State Administration for Market Regulation;
Standardization Administration of the People’s Republic of
China.
Table of Contents
Foreword ... 3
Introduction ... 4
1 Scope ... 6
2 Normative references ... 6
3 Terms and definitions ... 6
4 Symbols and abbreviations ... 7
4.1 Symbols ... 7
4.2 Abbreviations ... 7
5 Light-weight authentication mechanism ... 8
5.1 Overview ... 8
5.2 Authentication mechanism based on exclusive OR operation ... 8
5.3 Authentication mechanism based on cryptographic hash algorithm ... 10
5.4 Authentication mechanism based on block cipher algorithm ... 12
6 Light-weight access control mechanism ... 14
6.1 Overview ... 14
6.2 Access control mechanism based on block cipher algorithm ... 14
6.3 Access control mechanism based on access control list ... 16
Information security technology - Light-weight
authentication and access control mechanism
1 Scope
This Standard specifies the light-weight authentication mechanism and the
access control mechanism.
This Standard applies to the design, development and application of
authentication and access control mechanisms in resource-constrained
application scenarios, such as wireless sensor network, radio frequency
identification, and near field communication.
2 Normative references
The following documents are indispensable for the application of this document.
For dated references, only the dated version applies to this document. For
undated references, the latest edition (including all amendments) applies to this
document.
GB/T 15629.3-2014, Information technology - Telecommunications and
information exchange between systems - Local and metropolitan area
networks - Specific requirements - Part 3: Carrier sense multiple access with
collision detection (CSMA/CD) access method and physical layer
specifications
GB/T 25069, Information security technology - Glossary
GB/T 32905, Information security techniques - SM3 cryptographic hash
algorithm
GB/T 32907, Information security technology - SM4 block cipher algorithm
ISO/IEC 29180:2012, Information technology - Telecommunications and
information exchange between systems - Security framework for ubiquitous
sensor networks
3 Terms and definitions
Terms and definitions determined by GB/T 25069 and the following ones are
applicable to this document.
CT: Cryptographic Text
DAE: Destination Access Entity
ET: Encrypted Text
HMAC: Hash Based Message Authentication Code
KD: Key Derivation
MAC: Message Authentication Code
MEK: Message Encryption Key
MIC: Message Integrality Check
MIK: Message Integrality Key
PSK: Pre-Shared Key
SK: Session Key
VP: Valid Period
5 Light-weight authentication mechanism
5.1 Overview
The light-weight authentication mechanism reduces the complexity of
calculation and communication in the authentication process while realizing the
identity authenticity confirmation between entities. Compared with the usual
mechanism, the light-weight authentication mechanism has the following
measurement angles:
a) Less occupancy of computing resources;
b) Less interactive messages;
c) Shorter time-consuming;
d) Less required storage space.
5.2 Authentication mechanism based on exclusive OR operation
The authentication mechanism, which is based on the exclusive OR operation,
realizes the confirmation of identity authenticity between entity A and entity B
through simple exclusive OR and shift operations. The authentication process
is shown in Figure 1.
Figure 2 -- Schematic diagram of message interaction of the
authentication mechanism that is based on the cryptographic hash
algorithm
Before authentication, entity A shall have identity information IDA; entity B shall
have identity information IDB; entity A and entity B shall have pre-shared key
PSK; the use of pre-shared key PSK shall meet the needs of specific scenarios;
the length of the random number shall be consistent with the PSK length. The
authentication process is as follows:
a) Entity A generates a random number NA, and sends an authentication
request message that contains NA and IDA to entity B.
b) After entity B receives the authentication request message from entity A,
it generates a random number NB, and uses the pre-shared key PSK with
entity A in the key list to calculate MIKǁSK=KD-HMAC(PSK,IDAǁIDBǁNAǁNB)
according to IDA, IDB, NA, and NB, where IDA and IDB are respectively the
identities of entity A and entity B; MIK is the message integrity key between
entity A and entity B; SK is the session key between entity A and entity B.
Then, entity B uses MIK to calculate the message authentication code
MAC1=HMAC (MIK, NAǁNB), and constructs an authentication response
message NAǁNBǁIDBǁMAC1 and sends it to entity A.
c) After entity A receives the authentication response message from entity B,
it first checks whether the random number NA in the authentication
response message is consistent with the random number NA that is sent
to entity B in step a). If they are inconsistent, entity A fails to authenticate
entity B; if they are consistent, entity A calculates MIKǁSK=KD-
HMAC(PSK,IDAǁIDBǁNAǁNB), and uses MIK to calculate the message
authentication code MAC2=HMAC(MIK,NAǁNB). If MAC2≠MAC1, entity A
fails to authenticate entity B; if MAC2=MAC1, entity A saves SK as the
session key with entity B, and calculates MAC3=HMAC(MIK,NB), to
construct an authentication confirmation message NBǁMAC3, and sends it
to entity B. If entity A and entity B use this mechanism and do not contain
a key confirmation message, after entity A sends the authentication
confirmation message for a period of time or after it correctly decrypts the
message that is sent by entity B using the session key, entity A
successfully identifies entity B, and entity A enables the session key; if
entity A and entity B use this mechanism and contain a key confirmation
message, follow step e) to perform subsequent operations.
d) After entity B receives the authentication confirmation message from entity
A, it checks whether the random number NB in the authentication
confirmation message is consistent with the random number NB that is
sent to entity A in step b). If they are inconsistent, entity B fails to
authenticate entity A; if they are consistent, entity B calculates the
the length of the random number shall be consistent with the PSK length. The
authentication process is as follows:
a) Entity A generates a random number NA, and sends an authentication
request message that contains NA to entity B;
b) After entity B receives the authentication request message from entity A,
it generates random numbers NB1 and NB2, calculates
CT1ǁMIC1=E(PSK,NAǁNB1ǁNB2), and sends an authentication response
message that contains NAǁCT1ǁMIC1 to entity A;
c) After entity A receives the authentication response message from entity B,
it first determines whether the NA in the message is consistent with the NA
that is sent to entity B in step a). If they are inconsistent, entity A fails to
authenticate entity B; if they are consistent, entity A uses PSK to decrypt
and verify CT1ǁMIC1. If the verification of MIC1 fails, entity A fails to
authenticate entity B; if the verification of MIC1 passes, it further verifies
whether the decrypted NA is consistent with the NA that is sent to entity B
in step a). If they are inconsistent, entity A fails to authenticate entity B; if
they are consistent, entity A authenticates entity B successfully; entity A
uses the decrypted NB2 as the session key with entity B, and calculates
CT2ǁMIC2=E(NB2,NB1), and sends an authentication response
confirmation message to entity B, which includes the field NB1ǁCT2ǁMIC2;
d) After entity B receives the authentication response confirmation message
from entity A, it first determines whether the NB1 in the message is
consistent with the NB1 that is sent to entity A in step b). If they are
inconsistent, entity B fails to authenticate entity A; if they are consistent,
entity B uses NB2 to decrypt and verify CT2ǁMIC2. If the MIC2 verification
fails, entity B fails to authenticate entity A; if the MIC2 verification passes,
further verify whether the decrypted NB1 is consistent with the NB1 that is
sent to entity A in step b). If they are inconsistent, entity B fails to
authenticate entity A; if they are consistent, entity B authenticates entity A
successfully, and entity B uses NB2 as the session key with entity A.
Note: E is a block encryption algorithm; CTǁMIC=E(KEY,S) means using KEY
to encrypt S and calculating the integrity check code, where CT stands
for cryptographic text, MIC stands for integrity check code; the
separation of CT and MIC depends on the specific application. In some
modes, it is necessary to first derive the message integrity check key and
the message encryption key according to the KEY, and then respectively
use the two keys to calculate the integrity check code and the
cryptographic text. In the decryption verification, the sequence of
verifying the integrity check code and decrypting may be different
according to the different used modes.
a) Before the User sends an access request to the DAE in the network, it first
sends an authentication request message to the DAE, which mainly
contains the random number N1 that is generated by the User;
b) After DAE receives the authentication request message from the User, it
generates a random number N2, and uses the shared key KACr, DAE with
ACr to calculate ET1=E(KACr,DAE,N1); send N1ǁN2ǁET1 as authentication
response message to the User, where E is the symmetric encryption
algorithm;
c) After the User receives the authentication response message from DAE,
it first judges whether the random number N1 in the message is the
random number that is selected by the User; if it is not, discard the
message directly; if it is, use the shared key KACr, User with ACr to calculate
ET2=E(KACr,User,N1); calculate the message authentication code
MIC1=HMAC(KACr,User,N1ǁIDDAEǁET1ǁET2); construct an entity
authentication request message N1ǁIDDAEǁET1ǁET2ǁMIC1; send it to ACr,
where IDDAE is the identity of DAE;
d) After ACr receives the User's entity authentication request message, it first
judges the integrity of the message according to MIC1. If the verification
fails, discard the message; if the verification passes, use the shared key
KACr, DAE with DAE to decrypt ET1. If the decrypted N1 is not equal to the
N1 that is sent by the User in step c), ACr constructs an entity
authentication response message N1ǁIDDAEǁRES(DAE) ǁMIC2 and sends
it to the User, where MIC2=HMAC(KACr,User,N1ǁ IDDAEǁRES(DAE)),
Res(DAE)=Failure indicates that ACr fails to identify DAE; if the decrypted
N1 is equal to the N1 that is sent by the User in step c), ACr uses the shared
key KACr, User with the User to decrypt ET2. If the decrypted N1 is not equal
to the N1 that is sent by the User in step c), the authentication is terminated;
if the decrypted N1 is equal to the N1 that is sent by the User in step c),
ACr generates the session key KDAE, User between the User and DAE, and
queries ACL according to the User's identity; obtain the User's access
control information ACLUser, together with the User's access period TV; use
KACr, DAE to calculate ET3=E(KACr,DAE,IDUserǁKDAE,UserǁTVǁACLUser); use
KACr,User to calculate ET4=E(KACr,User,KDAE,User); calculate
MIC2=HMAC(KACr,User,N1ǁIDDAEǁRES(DAE)ǁET3ǁET4); construct entity
authentication response message N1ǁIDDAEǁRES(DAE) ǁET3ǁET4ǁMIC2;
sent it to User, where RES(DAE)=True means that ACr successfully
authenticates DAE;
e) After the User receives the entity authentication response message from
ACr, it first judges whether the random number N1 is the random number
that is selected by the User; if it is not, discard the message; if it is, judge
the integrity of the message according to MIC2; if the verification fails,
U_ID in the ACL list to all entities in the network in a secure manner;
the entity saves the ACLU_ID before the user's VP expires; if the user is
not registered, ACr discards the user's identity certification request
message.
Note: The secure manner refers to protecting the confidentiality and integrity of
the message by means of encrypted transmission. The pre-shared key
can be used between entities to realize encrypted transmission; the
specific implementation method is not limited, the same below.
b) Before the user accesses the destination access entity, it first sends an
identity authentication request message to the network. At this time, all
entities in the user's single-hop communication area in the network
constitute a temporary access control gateway to authenticate the user.
The process is as follows:
1) After the temporary access control gateway receives the user's identity
authentication request message, the entity in the temporary access
control gateway first determines whether the user's ACLU_ID information
is stored. If this information is stored, it indicates that the user is within
the valid period. The entity performs an authentication of the user
according to the user AI in the ACLU_ID. If the entity authenticates the
user authentication successfully, it casts a PASS vote and broadcasts
the PASS vote. If the number of PASS votes that are received by the
entity in the temporary access control gateway is larger than or equal
to the threshold value P, it indicates that the user authentication is
successful. If the PASS votes that are received by the entity in the
gateway is less than the threshold value P, it indicates that the
authentication fails and the user's access is terminated; the threshold
value P is defined by the network owner; it can be a fixed value of the
number of PASS votes, or a proportional value of PASS votes;
2) After the successful authentication, during the process when the user
accesses the network, the entity in the current temporary access
control gateway shall calculate the location where the user shall reach
according to the user's movement direction, movement speed, etc., and
constructs the next temporary access control gateway through all
entities in all single-hop areas with the location, where the measured
users will reach, as the center. The entity in the current temporary
access control gateway sends the successful user authentication
message to the entity in the next temporary access control gateway
after time t; the next temporary access control gateway determines
whether the user is successfully authenticated according to whether the
number of received successful user authentication messages reaches
the threshold P. If the user is still within the valid period VP, and the
...... Source: Above contents are excerpted from the PDF -- translated/reviewed by: www.chinesestandard.net / Wayne Zheng et al.
|