CN113329397A - Power terminal security access authentication method, device and system in 5G communication environment - Google Patents

Abstract

The present invention provides a method, device and system for power terminal security access authentication in a 5G communication environment. The authentication method includes the following steps: obtaining the signcrypted ciphertext of all meter encryption units about messages; Calculate the aggregated signcrypted ciphertext of the encryption unit; send the aggregated signcrypted ciphertext to verify the legitimacy of the aggregated signcryption. This method is a secure access authentication method for power terminals in the 5G communication environment, to achieve efficient authentication, while ensuring the confidentiality and integrity of data, and can be widely used in large-scale many-to-one and one-to-many communications.

Description

Power terminal security access authentication method, device and system in 5G communication environment

Technical Field

The invention relates to the technical field of security authentication, in particular to a method, a device and a system for authenticating the security access of a power terminal in a 5G communication environment.

Background

In various communication network environments, the danger that network information is monitored is greatly increased, meanwhile, a distributed network environment is formed by access of a large amount of terminal data and corresponding data processing equipment, the traditional user identity authentication and key distribution and management mechanism has a great safety loophole, and when a large amount of data are processed concurrently, an attacker can easily find and crack key modules of the key, so that key information is cracked, for example, the key modules are illegally invaded to access the network, and potential safety hazards are caused.

In the 5G era, a power terminal side, a user side and system nodes at all levels deploy massive terminals and 5G network interfaces, so that the attack surface of a malicious attacker on the physical layer of a power grid is rapidly expanded, and comprehensive and real-time monitoring is difficult. The comprehensive perceived service requirement promotes the generalization of the terminal, and generates greater impact on the existing terminal access protection strategy, and under such conditions, the performance of the boundary protection structure and the protection equipment aiming at wireless access at present cannot completely meet the requirements.

Therefore, in a 5G network environment, a large number of IoT devices access the network, and the issue of security authentication is an important issue to be considered in the 5G network. The access of a huge amount of IoT devices to the network not only brings high authentication cost, but also greatly affects authentication efficiency. At present, in an electric power information communication environment mainly based on communication technologies such as GPRS, CDMA, LTD and the like, the traditional authentication mode of signing first and then encrypting is low in efficiency, and cannot meet the communication safety requirements that the 5G technology is mature day by day and the electric power 5G is rapidly applied and popularized. And the traditional aggregation signcryption is based on a complex bilinear mapping structure, so that the consumption of computing resources is huge.

Disclosure of Invention

The invention provides a method, a device and a system for authenticating the safe access of a power terminal under a 5G communication environment, aiming at the problem of the communication safety of power 5G application in the prior art.

In order to achieve the purpose, the invention adopts the following technical scheme:

a safety access authentication method for a power terminal in a 5G communication environment comprises the following steps:

acquiring signed cipher texts of all meter encryption units about the message;

calculating by adopting a polymerization signcryption method to obtain polymerization signcryption ciphertexts of all meter encryption units;

and sending the aggregation signcryption text for verifying the validity of the aggregation signcryption.

As a further improvement of the present invention, the table meter encryption unit obtains the signed cipher text of the message by calculating the system parameter and the secret key, and the specific calculation steps include:

the meter encryption unit participating in signing and encrypting selects a random number a_i∈Z^* _q；

Calculating T_i＝a_iP, P is a system parameter generator;

calculating C_i＝V_i⊕m_iWherein V is_i＝H₃(ID_B，T_i，Q_i)，Q_i＝a_i(X_B+R_B+P_pubH₁(ID_B，X_B，R_B))，ID_BAnd PK_BThe identity and the public key of the aggregated signcryption recipient are respectively;

calculating S_i＝D_i+h_ix_i+h'_ia_iWherein the hash value h_i＝H₂(T_i，C_i，ID_i，X_i) Hash value h'_i＝H₂(T_i，C_i，ID_i，R_i)；ID_iTo meter the identity information of the encryption unit for participation in the signcryption,

get meter encryption unit on message m_iIs signed and encrypted_i＝(T_i，S_i，C_i)；1≤i≤n。

As a further improvement of the present invention, the generating step of the system parameter specifically includes:

acquiring a safety parameter k, generating two large prime numbers p and q, and meeting q | p-1;

constructing a Hash function H₁:{0，1}*×G→Z^* _q，H₂:{0，1}*→Z^* _q，H₃:G→Z^* _q(ii) a G is a cyclic group on the elliptic curve, P is a generator with any order of G as q, and Z^* _qIs a key set;

randomly selecting master key Z belonging to Z^* _qAnd secretly stores and calculates the system public key P_pubzP and the system parameter params is obtained (P, q, P)_pub，H₁，H₂，H₃)。

As a further improvement of the present invention, the key generating step specifically includes:

random selection of secret value x by meter encryption unit_i∈Z^* _qCalculating the median value X_i＝x_iP, and then obtains a random private key (ID)_i，X_i)，ID_iThe identity value of the encryption unit is counted for the meter;

random selection of r_i∈Z^* _qCalculating R_i＝r_iP、d_i＝r_i+zH₁(ID_i，R_i，X_i)+H₃(zX_i) Sending (R)_i，d_i) A meter-giving encryption unit;

the meter encryption unit verifies the validity of the private key, i.e. verifies equation R_i+P_pubH₁(ID_i，R_i，X_i)+PH₃(x_iP_pub)＝d_iIf P is true, then calculate part of private key D_i＝d_i-H₃(x_iP_pub)；

Obtaining the private key of the meter encryption unit as SK_i＝(D_i，x_i) The public key is PK_i＝(R_i，X_i) (ii) a The private key of the concentrator is SK_B＝(D_B，x_B) The public key is PK_B＝(R_B，X_B)。

As a further improvement of the present invention, the step of calculating the aggregate signcryption of all meter encryption units by using the aggregate signcryption method specifically includes:

according to signcryption character delta_i＝(T_i，S_i，C_i) I is more than or equal to 1 and less than or equal to n, and calculating an accumulated value

δ＝(T₁，T₂，…，T_n，C₁，C₂，…，C_nAnd S) is an aggregate signcryption ciphertext.

As a further improvement of the present invention, verifying the validity of the aggregated signcryption specifically includes:

calculate h_i＝H₂(T_i，C_i，ID_i，X_i)，h'_i＝H₂(T_i，C_i，ID_i，R_i)；

Verify whether the following equation holds:

if the equation is true, the aggregate signcryption is valid and receipt is denied otherwise.

As a further improvement of the present invention, the step of decrypting the aggregate signcryption after the aggregate signcryption is received further comprises the step of decrypting the aggregate signcryption, wherein the step of decrypting the aggregate signcryption comprises:

calculating Q'_i＝T_i(x_B+D_B) And V'_i＝H₃(ID_B,T_i,Q′_i)；

Restore out message m_i＝C_i⊕V′_i。

The utility model provides a power terminal safety access authentication device under 5G communication environment, includes:

the acquisition module is used for acquiring signed cipher texts of all the meter encryption units about the message;

the aggregation signcryption module is used for calculating by adopting an aggregation signcryption method to obtain aggregation signcryption ciphertexts of all the meter encryption units;

and the sending module is used for sending the aggregation signcryption text for verifying the legality of the aggregation signcryption.

A power terminal security access authentication system in a 5G communication environment comprises a power terminal security access authentication device in the 5G communication environment.

A power terminal security access authentication system in a 5G communication environment comprises an aggregation signcryptor; the aggregation signcrypter performs the method.

The invention has the beneficial effects that:

according to the method for authenticating the safe access of the power terminal in the 5G communication environment, the certificateless aggregation signcryption technology without bilinear pairwise mapping is introduced between the terminal and the network, batch verification of the signature and the password of the power 5G terminal is realized by using the aggregation signcryption technology, the signcryption can realize signature and encryption of messages at the same time, confidentiality and integrity can be simultaneously ensured in a single logic step, and the method is more efficient compared with the traditional mode of firstly signing and then encrypting. The traditional aggregation signcryption is based on a complex bilinear pairmapping structure, and the consumption of computing resources is huge.

Drawings

Fig. 1 is a flowchart of a method for authenticating secure access of an electric power terminal in a 5G communication environment according to the present invention.

Fig. 2 is a block diagram of a secure access authentication module of an electric power terminal in a 5G communication environment according to the present invention.

FIG. 3 is a schematic diagram of an authentication process of the present invention;

fig. 4 is a safe access process of the power internet of things terminal.

Fig. 5 is a schematic diagram of a system for authenticating a secure access of an electric power terminal in a 5G communication environment according to the present invention.

Detailed Description

The present invention will be described in detail below with reference to the embodiments with reference to the attached drawings. It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict.

The following detailed description is exemplary in nature and is intended to provide further details of the invention. Unless otherwise defined, all technical terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs. The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of exemplary embodiments according to the invention.

In the scene of power utilization information acquisition, when the power utilization peak is in the peak, 1 front-end server generally needs to process the station area information of tens of thousands of concentrators at the same time, and the gathering signcryption technology can be utilized to carry out batch verification on signcryption information from a large number of concentrators in a short time. The invention provides a certificate-free aggregation signcryption scheme without bilinear pairs, and the implementation process of the scheme is described in detail by combining a power utilization information acquisition scene.

The related noun explanation is given based on the content of the invention:

IoT: the Internet of things;

GPRS, CDMA, LTD: key technologies for 2G, 3G, 4G;

5G: 5 th generation communication technologies;

electric power 5G terminal: an internet of things meter and a meter.

As shown in fig. 1, a first object of the present invention is to provide a method for authenticating secure access of a power terminal in a 5G communication environment, an application and an aggregator, including the following steps:

the aggregation signcryptor CYR passes through a meter encryption unit SMU_iAcquiring signed cipher texts of all meter encryption units about the message;

the aggregation signcryption device CYR calculates to obtain aggregation signcryption ciphertexts of all meter encryption units by adopting an aggregation signcryption method;

and sending the aggregation signcryption ciphertext to an aggregation signcryption receiver (acquisition front-end server) UR, and verifying the validity of the aggregation signcryption by the aggregation signcryption receiver (acquisition front-end server) UR.

And the meter encryption unit calculates the signed cipher text of the message through system parameters and a secret key.

As a preferred embodiment, the meter encryption unit comprises a single-phase meter, a three-phase meter, an Internet of things meter and the like.

The method of the invention has the following advantages:

1. the traditional aggregation signcryption is based on a complex bilinear pairwise mapping structure, the consumption of computing resources is huge, the operation process of the scheme does not contain bilinear pairwise and exponential operation, the consumption of the computing resources is low, and the method is suitable for large-scale, many-to-one and one-to-many communication of an electric power electricity utilization information acquisition system acquisition terminal with limited computing resources.

2. The signcryption can realize message signing and encryption at the same time, and the aggregation signcryption can realize simultaneous authentication of multiple devices, so that the efficiency is higher.

3. And a safety channel is not needed for generating part of the private keys, so that the computing resources are saved, and the authentication efficiency is improved.

Specific examples are given below to illustrate the invention in detail:

as shown in FIG. 2, the legal participants of the scheme have a key service center CC, a meter encryption unit SMU_iI is more than or equal to 1 and less than or equal to n, a gathering signcrypter CYR, a concentrator (special transformer acquisition terminal) ACUM and a gathering signcrypter receiver (acquisition front server) UR. The key generation stage integrates the selection of the key and the extraction of part of the private key.

The ACUM of the concentrator (dedicated transformer acquisition terminal) needs to design the CYR for receiving the aggregate signcryption ciphertext or expanding the existing communication module according to the concentrators of different models and different manufacturers and the dedicated transformer acquisition terminal. With a certain technical complexity and effort.

As shown in fig. 2 to 4, the specific implementation process is as follows:

1) system parameter generation

According to the input security parameter k, two large prime numbers p and q are generated, and q | p-1 is satisfied. G is a cyclic group on the elliptic curve, P is a generator with any order of G as q, and Z^* _qFor a set of keys, a hash function H₁:{0，1}*×G→Z^* _q，H₂:{0，1}*→Z^* _q，H₃:G→Z^* _q. CC selects a master key Z ∈ Z randomly^* _qAnd secretly stores, and then calculates the system public key P_pubzP and the system parameters params (P, q, P)_pub，H₁，H₂，H₃)。

2) Key generation phase

a. Meter encryption unit SMU_iRandomly selecting a secret value x_i∈Z^* _qCalculating the median value X_i＝x_iP, send (ID)_i，X_i) To CC. Wherein, ID_iEncrypting a unit SMU for a meter_iThe identity value of (2).

CC random selection of r_i∈Z^* _qCalculating the intermediate value R_i＝r_iP、d_i＝r_i+zH₁(ID_i，R_i，X_i)+H₃(zX_i) Sending (R)_i，d_i) For SMU_i(transmission need not be by means of a secure channel).

c. To ensure (R)_i，d_i) Effectiveness of, SMU_iFirst, verify equation R_i+P_pubH₁(ID_i，R_i，X_i)+PH₃(x_iP_pub)＝d_iIf P is true, then calculate part of private key D_i＝d_i-H₃(x_iP_pub)；

If necessary, CC can also calculate SMU_iPart of the private key D_i＝r_i+zH₁(ID_i，R_i，X_i)。

d. Thus, the SMU_iHas a private key of SK_i＝(D_i，x_i) The public key is PK_i＝(R_i，X_i). Similarly, the private key of ACUM is SK_B＝(D_B，x_B) The public key is PK_B＝(R_B，X_B)。

In the key generation phase, the CC first calculates the SMU_iA partial private key source d corresponding to the partial private key of_iAnd then sent to the SMU over the open channel_iThen SMU_iCalculating D_iObtain own partial private key D_i. If d is_iThe attacker monitors and obtains D through two methods_i. Calculating D_i＝d_i-H₃(x_iP_pub) But x_iThe attacker cannot obtain the secret random value. ② calculating Di ═ r_i+zH₁(IDi，Ri，X_i) Also, the master key r cannot be obtained_iAnd fails. So that no secure channel is required for this transmission.

3) Signcryption

Meter encryption unit SMU assuming participation in signcryption_iIs ID_iThe identity and the public key of the aggregate signcryption recipient UR are ID's, respectively_BAnd PK_BThe message to be signed is m_i(i is more than or equal to 1 and less than or equal to n). The method comprises the following specific steps:

a)SMU_iselecting a random number a_i∈Z^* _qSequentially calculating intermediate values T_i＝a_iP, median value Q_i＝a_i(X_B+R_B+P_pubH₁(ID_B，X_B，R_B) Middle value V)_i＝H₃(ID_B，T_i，Q_i) Middle value C_i＝V_i⊕m_i；

b) Calculate h sequentially_i＝H₂(T_i，C_i，ID_i，X_i)，h'_i＝H₂(T_i，C_i，ID_i，R_i)，S_i＝D_i+h_ix_i+h'_ia_iThen SMU_iAbout message m_iThe signed cipher text is delta_i＝(T_i，S_i，C_i)。

4) Polymeric signcryption

Reception of δ by the polymeric signcrypter CYR_i＝(T_i，S_i，C_i) (i is more than or equal to 1 and less than or equal to n), calculating an accumulated value

δ＝(T₁，T₂，…，T_n，C₁，C₂，…，C_nAnd S) is the aggregated signcryption ciphertext, which is sent to the receiver UR.

5) Verifying aggregate signcryption

Given n SMUs_iIdentity-public key pair (ID)_i，PK_i) And system disclosure parameter, UR verifies δ ═ T₁，T₂，…，T_n，C₁，C₂，…，C_nAnd S) validity, comprising the following steps:

a) calculating a hash value h_i＝H₂(T_i，C_i，ID_i，X_i) Hash value h'_i＝H₂(T_i，C_i，ID_i，R_i)；

b) Verify whether the following equation holds:

if the equation is true, the aggregate signcryption is validated, otherwise acceptance is denied.

6) Disaggregated signcryption

If the aggregate signcryption verification passes, UR utilizes its own private key SK_BAnd decrypting the message, wherein i is more than or equal to 1 and less than or equal to n. The execution steps are as follows:

a) calculating an intermediate value Q'_i＝T_i(x_B+D_B) And V'_i＝H₃(ID_B,T_i,Q′_i)

b) Restore out messagem_i＝C_i⊕V′_i。

The invention can realize signature and encryption of the message at the same time, can simultaneously ensure confidentiality and integrity in a single logic step, and is more efficient compared with the traditional mode of firstly signing and then encrypting. The certificateless aggregation signcryption technology is introduced between the terminal and the network, so that high-efficiency authentication can be realized, and the problems are effectively solved.

As shown in fig. 5, another object of the present invention is to provide an authentication apparatus for secure access of a power terminal in a 5G communication environment, including:

the acquisition module is used for acquiring signed cipher texts of all the meter encryption units about the message;

the aggregation signcryption module is used for obtaining an aggregation signcryption ciphertext through aggregation signcryption calculation;

and the sending module is used for sending the aggregation signcryption text for verifying the legality of the aggregation signcryption.

With reference to fig. 2 and fig. 4, the present invention further provides a system for authenticating a secure access of an electric power terminal in a 5G communication environment, including the apparatus for authenticating a secure access of an electric power terminal in a 5G communication environment.

With reference to fig. 1 and 4, an electric power terminal secure access authentication system in a 5G communication environment includes a key service center CC and a meter encryption unit SMU_iI is more than or equal to 1 and less than or equal to n, a gathering signcrypter CYR, a concentrator (special transformer acquisition terminal) ACUM and a gathering signcrypter receiver (acquisition front server) UR. The ACUM of the concentrator (special transformer acquisition terminal) is connected with a plurality of meter encryption units SMU_iAnd designing a gathering signcryption device CYR for concentrators of different models and different manufacturers and a special transformer acquisition terminal to receive the gathering signcryption ciphertext or expanding the existing communication module. The key service center CC is connected with a plurality of meter encryption units SMU_iThe system parameter and the key are generated, the signcryption ciphertext of the meter encryption unit about the message is calculated, and the signcryption ciphertext is sent to the aggregation signcrypter CYR.

The aggregation signcrypter CYR performs the method, which comprises:

the aggregation signcryptor CYR passes through a meter encryption unit SMU_iAcquiring signed cipher texts of all meter encryption units about the message;

the aggregation signcryption device CYR calculates to obtain aggregation signcryption ciphertexts of all meter encryption units by adopting an aggregation signcryption method;

and sending the aggregation signcryption ciphertext to an aggregation signcryption receiver (acquisition front-end server) UR, and verifying the validity of the aggregation signcryption by the aggregation signcryption receiver (acquisition front-end server) UR.

The certificateless aggregation signcryption technology is introduced between the terminal and the network, so that high-efficiency authentication can be realized, confidentiality and integrity can be simultaneously ensured in a single logic step, and the method is more efficient compared with the traditional mode of firstly signing and then encrypting.

As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

Finally, it should be noted that: the above embodiments are only for illustrating the technical solutions of the present invention and not for limiting the same, and although the present invention is described in detail with reference to the above embodiments, those of ordinary skill in the art should understand that: modifications and equivalents may be made to the embodiments of the invention without departing from the spirit and scope of the invention, which is to be covered by the claims.

Claims (10)

1. A method for authenticating the safe access of a power terminal in a 5G communication environment is characterized by comprising the following steps:

acquiring signed cipher texts of all meter encryption units about the message;

calculating by adopting a polymerization signcryption method to obtain polymerization signcryption ciphertexts of all meter encryption units;

and sending the aggregation signcryption text for verifying the validity of the aggregation signcryption.

2. The method of claim 1, wherein:

the table meter encryption unit obtains the signed cipher text of the message through system parameter and key calculation, and the specific calculation steps comprise:

the meter encryption unit participating in signing and encrypting selects a random number a_i∈Z^* _q；

Calculating T_i＝a_iP, P is a system parameter generator;

computing

Wherein, V_i＝H₃(ID_B，T_i，Q_i)，Q_i＝a_i(X_B+R_B+P_pubH₁(ID_B，X_B，R_B))，ID_BAnd PK_BThe identity and the public key of the aggregated signcryption recipient are respectively;

calculating S_i＝D_i+h_ix_i+h′_ia_iWherein the hash value h_i＝H₂(T_i，C_i，ID_i，X_i) Hash value h'_i＝H₂(T_i，C_i，ID_i，R_i)；ID_iTo meter the identity information of the encryption unit for participation in the signcryption,

get meter encryption unit on message m_iIs signed and encrypted_i＝(T_i，S_i，C_i)；1≤i≤n。

3. The method of claim 2, wherein:

the generating step of the system parameters specifically comprises:

acquiring a safety parameter k, generating two large prime numbers p and q, and meeting q | p-1;

constructing a Hash function H₁:{0，1}*×G→Z^* _q，H₂:{0，1}*→Z^* _q，H₃:G→Z^* _q(ii) a G is a cyclic group on the elliptic curve, P is a generator with any order of G as q, and Z^* _qIs a key set;

randomly selecting master key Z belonging to Z^* _qAnd secretly stores and calculates the system public key P_pubzP and the system parameter params is obtained (P, q, P)_pub，H₁，H₂，H₃)。

4. The method of claim 1, wherein:

the key generating step specifically includes:

random selection of secret value x by meter encryption unit_i∈Z^* _qCalculating the median value X_i＝x_iP, and then obtains a random private key (ID)_i，X_i)，ID_iThe identity value of the encryption unit is counted for the meter;

random selection of r_i∈Z^* _qCalculating R_i＝r_iP、d_i＝r_i+zH₁(ID_i，R_i，X_i)+H₃(zX_i) Sending (R)_i，d_i) A meter-giving encryption unit;

the meter encryption unit verifies the validity of the private key, i.e. verifies equation R_i+P_pubH₁(ID_i，R_i，X_i)+PH₃(x_iP_pub)＝d_iIf P is true, then calculate part of private key D_i＝d_i-H₃(x_iP_pub)；

Obtaining the private key of the meter encryption unit as SK_i＝(D_i，x_i) The public key is PK_i＝(R_i，X_i) (ii) a The private key of the concentrator is SK_B＝(D_B，x_B) The public key is PK_B＝(R_B，X_B)。

5. The method of claim 1, wherein:

the method for calculating and obtaining the polymerization signcryption texts of all the meter encryption units by adopting the polymerization signcryption method specifically comprises the following steps:

according to signcryption character delta_i＝(T_i，S_i，C_i) I is more than or equal to 1 and less than or equal to n, and calculating an accumulated value

δ＝(T₁，T₂，…，T_n，C₁，C₂，…，C_nAnd S) is an aggregate signcryption ciphertext.

6. The method of claim 1, wherein:

verifying the validity of the aggregate signcryption specifically includes:

calculate h_i＝H₂(T_i，C_i，ID_i，X_i)，h′_i＝H₂(T_i，C_i，ID_i，R_i)；

Verify whether the following equation holds:

if the equation is true, the aggregate signcryption is valid and receipt is denied otherwise.

7. The method of claim 1, wherein:

if the aggregation signcryption is valid, the method further comprises a step of decrypting the aggregation signcryption after receiving, and the step of decrypting the aggregation signcryption comprises the following steps:

calculating Q'_i＝T_i(x_B+D_B) And V_i′＝H₃(ID_B,T_i,Q′_i)；

Restore out message

8. The utility model provides a power terminal safety access authentication device under 5G communication environment which characterized in that includes:

the acquisition module is used for acquiring signed cipher texts of all the meter encryption units about the message;

the aggregation signcryption module is used for calculating by adopting an aggregation signcryption method to obtain aggregation signcryption ciphertexts of all the meter encryption units;

and the sending module is used for sending the aggregation signcryption text for verifying the legality of the aggregation signcryption.

9. A power terminal security access authentication system in a 5G communication environment, characterized by comprising the power terminal security access authentication device in the 5G communication environment according to claim 8.

10. A power terminal security access authentication system under a 5G communication environment is characterized by comprising an aggregation signcryptor; the polymeric signcrypter performs the method of any of claims 1-7.

Images