CN103997728A - Bidirectional authentication method and system of phone card - Google Patents

Bidirectional authentication method and system of phone card Download PDF

Info

Publication number
CN103997728A
CN103997728A CN201310053267.2A CN201310053267A CN103997728A CN 103997728 A CN103997728 A CN 103997728A CN 201310053267 A CN201310053267 A CN 201310053267A CN 103997728 A CN103997728 A CN 103997728A
Authority
CN
China
Prior art keywords
uicc
mtc
random number
hss
self
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201310053267.2A
Other languages
Chinese (zh)
Other versions
CN103997728B (en
Inventor
张滨
袁捷
冯运波
乔喆
邱勤
王馨裕
安宝宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
Original Assignee
China Mobile Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd filed Critical China Mobile Communications Group Co Ltd
Priority to CN201310053267.2A priority Critical patent/CN103997728B/en
Publication of CN103997728A publication Critical patent/CN103997728A/en
Application granted granted Critical
Publication of CN103997728B publication Critical patent/CN103997728B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Abstract

The invention provides a bidirectional authentication method and system of a phone card. The method comprises the following steps that: a home subscriber server (HSS) and a universal integrated circuit card (UICC) respectively preset an identity identifier and a serial number and an initial random number of a machine-type communications (MTC) unit is generated; the MTC generates a random number 1 and sends the random number 1 to the UICC; the UICC calculates an intermediate value 1 and sends the identity identifier of the UICC, the intermediate value 1, and a random number 2 to the MTC; the MTC calculates an intermediate value 2 and sends the identity identifier of the MTC, the UICC identity identifier, the random number 1, the random number 2, the intermediate value 1, and the intermediate value 2 to the HSS; the HSS determines whether the MTC and the UICC are valid and returns the result to the MTC; and the MTC and the UICC complete serial number updating. Compared with the prior art, the provided method and system has the following beneficial effects: a problem of bidirectional authentication during the terminal and card bonding process can be solved under the circumstances that secrete information sharing by the phone card is not required; and validity of the bonded terminal and card is ensured.

Description

A kind of machine card mutual authentication method and system
Technical field
The present invention relates to machine card authentication techniques field, relate in particular to a kind of machine card mutual authentication method and system.
Background technology
In binding machine and card process of the prior art, some binding machine and card methods are only supported the unilateral authentication of condition receiving card to terminal.For example, give the preset numbering of terminal, directly by man-machine interface, point out user that the numbering of terminal and condition reception card number are sent to conditional access system execution binding machine and card, and then send or utilize function to generate user key, with verification condition, receive information or numbering etc., reach the checking of condition receiving card to terminal.
Although the two-way authentication of more improved binding machine and card method support cards and terminal, requires card to grasp in advance the other side's secret information with terminal before communicating by letter, and carries out authentication according to this secret information.In a kind of scheme, Subscriber Identity Module and terminal are grasped the other side's key indication information in advance mutually, determine that the authentication of machine card passes through when identical comparing described key information.In another scheme, between subscriber identification card (Subscriber Identity Module, SIM) and terminal, utilize identical cryptographic algorithm and authenticate key mutually to authenticate.In another scheme, card is preserved authenticate key in advance with terminal interaction, according to interaction flow and the agreement of both sides' definition, uses authenticate key to carry out two-way authentication.
In realizing process of the present invention, inventor finds in existing binding machine and card scheme, and some scheme is not set up authentication system between machine card, or only set up the unilateral authentication mechanism of card to terminal, cannot guarantee that terminal and card are all legal, may cause the use of illegal card or illegal terminal.For fear of the problem of card abuse or machine abuse, need between legal card and legal equipment, set up incidence relation.Some scheme has been set up the bidirectional authentication mechanism between machine card, but requires the front machine of communication, card mutually to grasp the other side's authenticate key or key indication information, utilizes this key or key indication information to reach the object of checking.These require card and the preset secret information of terminal to need binding based on the shared scheme of secret information, and flexibility is poor, once and secret information be cracked and will cause the inefficacy of whole authentication mechanism.
Summary of the invention
The object of the invention is to overcome the shortcoming and defect of prior art, a kind of machine card mutual authentication method and system are provided.
A machine card mutual authentication method, described method comprises:
A, user's subscribed services device HSS distinguish preset identify label and sequence number to internet-of-things terminal equipment MTC and Universal Integrated Circuit Card UICC, and MTC generation initial random number is stored on MTC;
The random number 1 that B, MTC generation is different from described initial random number sends to UICC; UICC calculates median 1 according to described random number 1, and self identify label, median 1, the random number 2 chosen are at random sent to MTC; MTC calculates median 2 according to described random number 1 and self sequence number, and self identify label, UICC identify label, random number 1, random number 2, median 1, median 2 are sent to HSS;
C, HSS according to the information that receives judge MTC and UICC whether legal, and result is returned to MTC;
D, MTC and UICC complete respectively the sequence number update of self.
Described method also comprises initialized process, specific as follows:
HSS generates two large prime number p and q, and meets q| (p-1);
be a generator, choose at random and calculate y=g x;
Set H i, (i=1,2,3,4) are collisionless Hash function, and H 2 : { 0,1 } m × { 0,1 } m → Z q * , H 3 : Z p * × Z p * → { 0,1 } m , H 4: { 0,1} m→ { 0,1} m; Obtain system parameters { p, q, g, y, H 1, H 2, H 3, H 4;
HSS chooses at random and calculate ω=g aand t=a+xH 1(ID u, ω), and will the preset UICC that gives of part private key secret as UICC;
When UICC is inserted into after MTC, UICC chooses at random and will secret value as UICC self;
The key that UICC calculates oneself is
UICC calculates μ=g z, the PKI that obtains oneself is and externally announce.
Described step B specifically comprises:
MTC equipment sends and is different from initial random number N m, oldrandom number 1N m∈ { 0,1} mgive UICC;
UICC chooses random number 2N at random u∈ { 0,1} mand calculate r=H 2(ID u, S u), generate median 1M u=H 4(H 3(g rz, g rt) ⊕ N m⊕ N u); Send { ID u, M u, N uto MTC; Described ID ufor the identify label of UICC, S usequence number for UICC;
MTC calculates median 2M m=H 4(S m⊕ N m), send { ID u, ID m, M u, M m, N u, N mto HSS; Described ID mfor the identify label of MTC, S msequence number for MTC.
Described step C specifically comprises:
HSS receives the array { ID that MTC sends u, ID m, M u, M m, N u, N mafter:
Compare N mwith N m, oldwhether equate, if equate, MTC equipment, and refusal authentication if being personation equipment; Otherwise, by N min storage deposit data storehouse;
Calculate M U ′ = H 4 ( H 3 ( μ H 2 ( ID U , S U ) , ω · y H 1 ( ID U , ω ) · H 2 ( ID U , S U ) ) ⊕ N M ⊕ N U ) , Judgement M u' with M uwhether equate, if equate, UICC is legal; Otherwise, refusal authentication;
Calculate M m'=H 4(S m⊕ N m), judgement M m' with M mwhether equate, if equate, MTC is legal; Otherwise, refusal authentication;
HSS generates random number 3N h∈ { 0,1} m, and the sequence number of MTC and UICC is upgraded; S m, new=H 4(S m⊕ N h⊕ ID m⊕ N m); S u, new=H 4(S u⊕ N h⊕ ID u⊕ N u);
HSS sends N hgive MTC equipment.
Described step D specifically comprises:
MTC receives random number 3N hafter, upgrade the sequence number S oneself selecting m, new=H 4(S m⊕ N h⊕ ID m⊕ N m), and by N hsend to UICC;
UICC utilizes N h, complete the renewal S of own sequence number u, new=H 4(S u⊕ N h⊕ ID u⊕ N u).
The sequence number of described MTC and UICC is underground, is secret information.
Described HSS safeguards the initial random value list of MTC; Safeguard the list of sequence numbers of MTC and UICC; And only distribution portion private key is to UICC.
A machine card two-way authentication system, described system comprises user's subscribed services device HSS, internet-of-things terminal equipment MTC and Universal Integrated Circuit Card UICC, wherein,
Described HSS, for distinguishing preset identify label and sequence number to MTC and UICC, and generates initial random number to MTC; Judge that whether MTC and UICC be legal, and result is returned to MTC;
Described MTC, the random number 1 that is different from described initial random number for generating sends to UICC; According to described random number 1 and self sequence number, calculate median 2, self identify label, UICC identify label, random number 1, random number 2, median 1, median 2 are sent to HSS; According to HSS authentication result, upgrade self sequence number;
Described UICC, for calculating median 1 according to described random number 1, and sends to MTC by self identify label, median 1, the random number 2 chosen at random; According to HSS authentication result, upgrade self sequence number.
Described UICC is also for preserving the part private key of self, and calculates self secret value and key; Calculate the PKI of self and externally announce.
Described HSS is also for safeguarding the initial random value list of MTC; Safeguard the list of sequence numbers of MTC and UICC; Distribution portion private key is to UICC.
The present invention includes user's subscribed services device (Home Subscriber Server, HSS), Internet of Things (Machine-Type Communications, MTC) terminal equipment, Universal Integrated Circuit Card (Universal Integrated Circuit Card, UICC).By HSS, preserve the sequence number of MTC equipment and UICC; The sequence number of MTC equipment and UICC is underground, is secret information; HSS safeguards the list of sequence numbers of initial random value list and MTC equipment and the UICC of MTC equipment; To UICC, there is not key escrow in HSS distribution portion private key.Compared with prior art, do not requiring under the condition of machine card shared secret information, solving the two-way authentication problem in the process of terminal and card binding, guaranteeing that bound terminal and card are all legal.
Accompanying drawing explanation
The machine card mutual authentication method principle flow chart that Fig. 1 provides for the embodiment of the present invention 1;
The machine card two-way authentication schematic flow sheet that Fig. 2 provides for the embodiment of the present invention 1;
The machine card two-way authentication system structural representation that Fig. 3 provides for the embodiment of the present invention 2.
Embodiment
Below in conjunction with accompanying drawing, the specific embodiment of the present invention is described in detail.But embodiments of the present invention are not limited to this.
The inventive method embodiment is based on calculation type Diffie-Hellman problem, and in carrying out the process of two-way authentication, network side can upgrade timely to secret information preset in equipment and card, resisted assailant's the attack such as eavesdropping, playback, made this programme there is higher fail safe.By HSS, preserve the sequence number of MTC equipment and UICC; The sequence number of MTC equipment and UICC is underground, is secret information; HSS safeguards the list of sequence numbers of initial random value list and MTC equipment and the UICC of MTC equipment; To UICC, there is not key escrow in HSS distribution portion private key.
As shown in Figure 1, be the machine card mutual authentication method principle flow chart that the embodiment of the present invention 1 provides, specific as follows:
Step 10, HSS distinguishes preset identify label and sequence number to MTC and UICC, and MTC generation initial random number is stored on MTC.
Before MTC equipment and UICC apply, by HSS, to them preset identity and sequence number respectively, wherein the identity of MTC equipment and sequence number are { ID m, S m, the identity of UICC and sequence number are { ID u, S u, and by the secret preservation of their sequence number.In addition, HSS generates initial random number N to MTC equipment m, old∈ { 0,1} m, and by N m, oldbe stored on MTC equipment.HSS completes the two-way authentication to MTC equipment and UICC by preset sequence number.
Step 20, the random number 1 that MTC generation is different from initial random number sends to UICC; UICC calculates median 1 according to random number 1, and self identify label, median 1, the random number 2 chosen are at random sent to MTC; MTC calculates median 2 according to random number 1 and self sequence number, and self identify label, UICC identify label, random number 1, random number 2, median 1, median 2 are sent to HSS.
This step is the processing procedure of MTC and UICC side in concrete mutual authentication process.Specifically, be exactly that the transmission of MTC equipment is different from N m, oldrandom number 1N m∈ { 0,1} mgive UICC;
UICC chooses random number 2N at random u∈ { 0,1} mand calculate r=H 2(ID u, S u) and median 1:M u=H 4(H 3(g rz, g rt) ⊕ N m⊕ N u), send { ID u, M u, N uto MTC equipment;
MTC equipment calculates median 2M m=H 4(S m⊕ N m), send { ID u, ID m, M u, M m, N u, N mto HSS.
Before this step 20, also have an initialized process, be exactly specifically:
HSS generates two large prime number p and q, meets q| (p-1), order be a generator, choose at random and calculate y=g x.If H i, (i=1,2,3,4) are collisionless Hash function, and H 1 : { 0,1 } m × Z p * → Z q * , H 2 : { 0,1 } m × { 0,1 } m → Z q * , H 3 : Z p * × Z p * → { 0,1 } m , H 4:{0,1} m→{0,1} m。Can obtain thus system parameters for { p, q, g, y, H 1, H 2, H 3, H 4, the master key of system is that x preserves by HSS is secret.
Part private key distributes: HSS chooses at random and calculate ω=g aand t=a+xH 1(ID u, ω), and will the preset UICC that gives of part private key secret as UICC;
Secret value is set: when UICC is inserted into after MTC equipment, UICC chooses at random and will secret value as UICC oneself;
Private key is set: the key that UICC obtains oneself is
PKI is set: UICC calculates μ=g z, the PKI that obtains self is and to external world's announcement PKI
Step 30, HSS according to the information that receives judge MTC and UICC whether legal, and result is returned to MTC.
HSS receives the array { ID that MTC equipment is sent u, ID m, M u, M m, N u, N mafter:
Compare N mwith N m, oldwhether equate, if equate, MTC equipment, and refusal authentication if being personation equipment; Otherwise, by N mbe stored in database;
Calculate M U ′ = H 4 ( H 3 ( μ H 2 ( ID U , S U ) , ω · y H 1 ( ID U , ω ) · H 2 ( ID U , S U ) ) ⊕ N M ⊕ N U ) , Judgement M u' with M uwhether equate, if equate, UICC is legal; Otherwise, refusal authentication;
Calculate M m'=H 4(S m⊕ N m), judgement M m' with M mwhether equate, if equate, MTC equipment is legal; Otherwise, refusal authentication;
HSS generates random number 3N h∈ { 0,1} m, and the sequence number of MTC equipment and UICC is upgraded;
S M,new=H 4(S M⊕N H⊕ID M⊕N M)
S U,new=H 4(S U⊕N H⊕ID U⊕N U)。
HSS sends N hgive MTC equipment.
Step 40, MTC and UICC complete respectively the sequence number update of self.
MTC equipment receives N hafter, upgrade the sequence number S oneself selecting m, new=H 4(S m⊕ N h⊕ ID m⊕ N m), and by N hsend to UICC;
UICC utilizes N h, complete the renewal S of own sequence number u, new=H 4(S u⊕ N h⊕ ID u⊕ N u).So far, completed the process of machine card two-way authentication.
The present embodiment specific implementation flow process as shown in Figure 2.
In fact, in the embodiment of the present invention, HSS is in order to preserve the sequence number of MTC equipment and UICC; The sequence number of MTC equipment and UICC is underground, is secret information; The list of sequence numbers that HSS also needs to safeguard the initial random value list of MTC equipment and safeguards MTC equipment and UICC; To UICC, there is not key escrow in HSS distribution portion private key.
With respect to scheme of the prior art, the embodiment of the present invention does not need machine card both sides to share in advance the secret information for authenticating.In some versions, it authenticates based on DSE arithmetic, requires machine card both sides shared secret information in advance, and extrapolates identical result of calculation according to this secret information, thereby realize two-way authentication.The embodiment of the present invention is the mutual authentication schemes proposing on the basis of public-key cryptosystem, and machine card both sides do not need shared secret information in advance, greatly improves flexibility and the robustness of system.
The embodiment of the present invention does not need public key certificate to manage.In some versions, need to use public key certificate key is managed, set up safe lane, will take like this memory space of equipment, add the consumption of the large equipment energy.The embodiment of the present invention is the mutual authentication schemes proposing on the basis without certificate public-key cryptosystem, makes the member in system not need certificate to safeguard, is guaranteeing, under the prerequisite of security of system, greatly to improve the efficiency of system.
In some versions, HSS has all information that MTC equipment is relevant to UICC, and HSS is in absolute leading position in system, and the easy like this leakage that causes user profile, produces certain threat to privacy of user.Owing to using in embodiments of the present invention without certificate two-way authentication algorithm, avoided key escrow total in the mutual authentication schemes based on identity.The private key of UICC communication is that the part private key by the own secret value producing and HSS distribution produces jointly, the key using while making HSS cannot obtain UICC communication, prevent that HSS from utilizing the private key of UICC to forge validated user, user is caused damage, this has not only been avoided key escrow, has guaranteed that to a certain extent user's privacy information is not revealed.
In some versions, verification process between MTC equipment and UICC is to carry out between the two at it, this just causes HSS cannot obtain correct the result, thereby can not make correctly processing timely to MTC equipment and whole system, and system is caused to huge loss.Meanwhile, just because of verification process, between MTC equipment and UICC, carry out, this has increased the energy resource consumption of equipment.And in embodiments of the present invention, the legitimacy authentication of MTC equipment and UICC is undertaken by HSS, so just make HSS can grasp the result of authentication, and according to the result of authentication, make and processing timely, avoid causing huge loss to system.It is all to be completed by HSS that data in verification process are calculated major part, and the energy resource consumption that this has just reduced devices in system is conducive to that equipment is long-term, continuable use.
In embodiments of the present invention, the fail safe of system is to be based upon to calculate Diffie-Hellman mathematical difficulties problem hypothesis above, has higher fail safe.Can also resist impersonation attack, Replay Attack and there is forward security:
For impersonation attack: assailant wants to palm off MTC equipment and UICC, just must generate corresponding { M m, M u.In conversation procedure each time, { M m, M uin comprise MTC equipment and UICC sequence number { S m, S u, these are secret preservation in equipment, and assailant cannot obtain.Therefore assailant cannot palm off legal MTC equipment and the correct { M of UICC generation m, M u;
For Replay Attack: in data transfer, even if assailant obtains the data { M that last session is transmitted m, M u, and palm off legal MTC equipment and UICC by { M m, M uagain pass to HSS.Because sequence number after upper once conversation end all upgrades, generate new sequence number and corresponding legal authentication information is therefore, assailant utilizes last { M m, M ucannot pass through the checking of this HSS;
For forward security: the sequence number { S storing due to MTC equipment and UICC and HSS m, S uafter conversation end, all can upgrade each time, therefore, the sequence number that session is each time used and the sequence number using before do not have inevitable contact, and the system that guaranteed has forward security.
And aspect efficiency, MTC equipment and UICC only need store identity and sequence number separately, reduced device memory; And in the process of authentication, only there is simple Hash function and exponent arithmetic, do not have the bilinear map of often using without in certificate public-key cryptosystem, reduced the energy resource consumption of equipment; And in whole process, only transmit seven arrays, make the communication cost of system maintain a lower level.
As shown in Figure 3, be the machine card two-way authentication system structural representation that the embodiment of the present invention 2 provides, this system comprises user's subscribed services device HSS100, internet-of-things terminal equipment MTC200 and Universal Integrated Circuit Card UICC300, wherein,
HSS100, for distinguishing preset identify label and sequence number to MTC200 and UICC300, and generates initial random number to MTC200; Judge that whether MTC200 and UICC300 be legal, and result is returned to MTC200;
MTC200, the random number 1 that is different from initial random number for generating sends to UICC300; According to random number 1 and self sequence number, calculate median 2, self identify label, UICC identify label, random number 1, random number 2, median 1, median 2 are sent to HSS100; According to HSS100 authentication result, upgrade self sequence number;
UICC300, for calculating median 1 according to random number 1, and sends to MTC200 by self identify label, median 1, the random number 2 chosen at random; According to HSS100 authentication result, upgrade self sequence number.
Further, UICC300 is also for preserving the part private key of self, and calculates self secret value and key; Calculate the PKI of self and externally announce.
Further, HSS100 is also for safeguarding the initial random value list of MTC200; Safeguard the list of sequence numbers of MTC200 and UICC300; Distribution portion private key is to UICC300.
To sum up, the present invention preserves the sequence number of MTC equipment and UICC by HSS; The sequence number of MTC equipment and UICC is underground, is secret information; HSS safeguards the list of sequence numbers of initial random value list and MTC equipment and the UICC of MTC equipment; To UICC, there is not key escrow in HSS distribution portion private key.Compared with prior art, do not requiring under the condition of machine card shared secret information, solving the two-way authentication problem in the process of terminal and card binding, guaranteeing that bound terminal and card are all legal.
Above-described embodiment is preferably execution mode of the present invention; but embodiments of the present invention are not restricted to the described embodiments; other any do not deviate from change, the modification done under Spirit Essence of the present invention and principle, substitutes, combination, simplify; all should be equivalent substitute mode, within being included in protection scope of the present invention.

Claims (10)

1. a machine card mutual authentication method, is characterized in that, described method comprises:
A, user's subscribed services device HSS distinguish preset identify label and sequence number to internet-of-things terminal equipment MTC and Universal Integrated Circuit Card UICC, and MTC generation initial random number is stored on MTC;
The random number 1 that B, MTC generation is different from described initial random number sends to UICC; UICC calculates median 1 according to described random number 1, and self identify label, median 1, the random number 2 chosen are at random sent to MTC; MTC calculates median 2 according to described random number 1 and self sequence number, and self identify label, UICC identify label, random number 1, random number 2, median 1, median 2 are sent to HSS;
C, HSS according to the information that receives judge MTC and UICC whether legal, and result is returned to MTC;
D, MTC and UICC complete respectively the sequence number update of self.
2. the method for claim 1, is characterized in that, described method also comprises initialized process, specific as follows:
HSS generates two large prime number p and q, and meets q| (p-1);
be a generator, choose at random and calculate y=g x;
Set H i, (i=1,2,3,4) are collisionless Hash function, and H 2 : { 0,1 } m × { 0,1 } m → Z q * , H 3 : Z p * × Z p * → { 0,1 } m , H 4: { 0,1} m→ { 0,1} m; Obtain system parameters { p, q, g, y, H 1, H 2, H 3, H 4;
HSS chooses at random and calculate ω=g aand t=a+xH 1(ID u, ω), and will the preset UICC that gives of part private key secret as UICC;
When UICC is inserted into after MTC, UICC chooses at random and will secret value as UICC self;
The key that UICC calculates oneself is
UICC calculates μ=g z, the PKI that obtains oneself is and externally announce.
3. ten thousand methods as claimed in claim 1, is characterized in that, described step B specifically comprises:
MTC equipment sends and is different from initial random number N m, oldrandom number 1N m∈ { 0,1} mgive UICC;
UICC chooses random number 2N at random u∈ { 0,1} mand calculate r=H 2(ID u, S u), generate median 1M u=H 4(H 3(g rz, g rt) ⊕ N m⊕ N u); Send { ID u, M u, N uto MTC; Described ID ufor the identify label of UICC, S usequence number for UICC;
MTC calculates median 2M m=H 4(S m⊕ N m), send { ID u, ID m, M u, M m, N u, N mto HSS; Described ID mfor the identify label of MTC, S msequence number for MTC.
4. method as claimed in claim 3, is characterized in that, described step C specifically comprises:
HSS receives the array { ID that MTC sends u, ID m, M u, M m, N u, N mafter:
Compare N mwith N m, oldwhether equate, if equate, MTC equipment, and refusal authentication if being personation equipment; Otherwise, by N mbe stored in database;
Calculate M U ′ = H 4 ( H 3 ( μ H 2 ( ID U , S U ) , ω · y H 1 ( ID U , ω ) · H 2 ( ID U , S U ) ) ⊕ N M ⊕ N U ) , Judgement M u' with M uwhether equate, if equate, UICC is legal; Otherwise, refusal authentication;
Calculate M m'=H 4(S m⊕ N m), judgement M m' with M mwhether equate, if equate, MTC is legal; Otherwise, refusal authentication;
HSS generates random number 3N h∈ { 0,1} m, and the sequence number of MTC and UICC is upgraded; S m, new=H 4(S m⊕ N h⊕ ID m⊕ N m); S u, new=H 4(S u⊕ N h⊕ ID u⊕ N u);
HSS sends N hgive MTC equipment.
5. method as claimed in claim 4, is characterized in that, described step D specifically comprises:
MTC receives random number 3N hafter, upgrade the sequence number S oneself selecting m, new=H 4(S m⊕ N h⊕ ID m⊕ N m), and by N hsend to UICC;
UICC utilizes N h, complete the renewal S of own sequence number u, new=H 4(S u⊕ N h⊕ ID u⊕ N u).
6. the method as described in as arbitrary in claim 1~5, is characterized in that, the sequence number of described MTC and UICC is underground, is secret information.
7. the method as described in as arbitrary in claim 1~5, is characterized in that, described HSS safeguards the initial random value list of MTC; Safeguard the list of sequence numbers of MTC and UICC; And only distribution portion private key is to UICC.
8. a machine card two-way authentication system, is characterized in that, described system comprises user's subscribed services device HSS, internet-of-things terminal equipment MTC and Universal Integrated Circuit Card UICC, wherein,
Described HSS, for distinguishing preset identify label and sequence number to MTC and UICC, and generates initial random number to MTC; Judge that whether MTC and UICC be legal, and result is returned to MTC;
Described MTC, the random number 1 that is different from described initial random number for generating sends to UICC; According to described random number 1 and self sequence number, calculate median 2, self identify label, UICC identify label, random number 1, random number 2, median 1, median 2 are sent to HSS; According to HSS authentication result, upgrade self sequence number;
Described UICC, for calculating median 1 according to described random number 1, and sends to MTC by self identify label, median 1, the random number 2 chosen at random; According to HSS authentication result, upgrade self sequence number.
9. system as claimed in claim 8, is characterized in that, described UICC is also for preserving the part private key of self, and calculates self secret value and key; Calculate the PKI of self and externally announce.
10. system as claimed in claim 8 or 9, is characterized in that, described HSS is also for safeguarding the initial random value list of MTC; Safeguard the list of sequence numbers of MTC and UICC; Distribution portion private key is to UICC.
CN201310053267.2A 2013-02-19 2013-02-19 A kind of machine card mutual authentication method and system Active CN103997728B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310053267.2A CN103997728B (en) 2013-02-19 2013-02-19 A kind of machine card mutual authentication method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310053267.2A CN103997728B (en) 2013-02-19 2013-02-19 A kind of machine card mutual authentication method and system

Publications (2)

Publication Number Publication Date
CN103997728A true CN103997728A (en) 2014-08-20
CN103997728B CN103997728B (en) 2017-11-21

Family

ID=51311705

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310053267.2A Active CN103997728B (en) 2013-02-19 2013-02-19 A kind of machine card mutual authentication method and system

Country Status (1)

Country Link
CN (1) CN103997728B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112333705A (en) * 2021-01-07 2021-02-05 北京电信易通信息技术股份有限公司 Identity authentication method and system for 5G communication network

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1478196A2 (en) * 2003-05-12 2004-11-17 Vodafone Group PLC Module and method for detecting at least one event in a cellular mobile telephony subscriber equipment, a computer program to carry out the method and a card and terminal with the module.
CN101064606A (en) * 2006-04-29 2007-10-31 华为技术有限公司 System, apparatus and method for authentication
CN101883357A (en) * 2010-06-22 2010-11-10 北京握奇数据系统有限公司 Method, device and system for mutual authentication between terminal and intelligent card
CN102833068A (en) * 2011-06-15 2012-12-19 中兴通讯股份有限公司 Method for bidirectional authentication of terminal and smart card, protocol and smart card

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1478196A2 (en) * 2003-05-12 2004-11-17 Vodafone Group PLC Module and method for detecting at least one event in a cellular mobile telephony subscriber equipment, a computer program to carry out the method and a card and terminal with the module.
CN101064606A (en) * 2006-04-29 2007-10-31 华为技术有限公司 System, apparatus and method for authentication
CN101883357A (en) * 2010-06-22 2010-11-10 北京握奇数据系统有限公司 Method, device and system for mutual authentication between terminal and intelligent card
CN102833068A (en) * 2011-06-15 2012-12-19 中兴通讯股份有限公司 Method for bidirectional authentication of terminal and smart card, protocol and smart card

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112333705A (en) * 2021-01-07 2021-02-05 北京电信易通信息技术股份有限公司 Identity authentication method and system for 5G communication network
CN112333705B (en) * 2021-01-07 2021-04-02 北京电信易通信息技术股份有限公司 Identity authentication method and system for 5G communication network

Also Published As

Publication number Publication date
CN103997728B (en) 2017-11-21

Similar Documents

Publication Publication Date Title
CN103297403B (en) A kind of method and system for realizing dynamic cipher verification
CN106936566B (en) Outsourcing document signing method based on block chain technology
US8930704B2 (en) Digital signature method and system
CN102098317B (en) Data transmitting method and system applied to cloud system
CN103078744B (en) Public key-based bidirectional radio frequency identification authorization method
CN109714167A (en) Authentication and cryptographic key negotiation method and equipment suitable for mobile application signature
CN104901809B (en) Remote authentication protocol method based on password and smart card
EP3005608A2 (en) Authentication
CN102882685A (en) Identity authentication system and identity authentication method
CN101873307A (en) Digital signature method, device and system based on identity forward secrecy
CN104821933A (en) Device and method certificate generation
CN107294725A (en) A kind of three factor authentication methods under environment of multi-server
CN103347018A (en) Long-distance identity authentication method based on intelligent card and under multiple-service environment
CN103346887A (en) Low-complexity identity authentication method based on intelligent card and under multiserver environment
CN104767624A (en) Remote protocol authentication method based on biological features
CN103338202A (en) Remote user password dual-verification method based on intelligent card
CN103338201A (en) Remote identity authentication method participated in by registration center under multi-sever environment
CN104468099A (en) Dynamic password generating method and device based on CPK (Combined Public Key) and dynamic password authentication method and device based on CPK (Combined Public Key)
CN105450623A (en) Access authentication method of electric automobile
CN104954137A (en) Method of virtual machine security certification based on domestic password technique
US20190007218A1 (en) Second dynamic authentication of an electronic signature using a secure hardware module
CN113055394A (en) Multi-service double-factor authentication method and system suitable for V2G network
CN107248997A (en) Authentication method based on smart card under environment of multi-server
CN101582761B (en) Identity authentication method adopting password firewall
KR101509079B1 (en) Smart Card and Dynamic ID Based Electric Vehicle User Authentication Scheme

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant