CN115311763A - Identity recognition method and system - Google Patents
Identity recognition method and system Download PDFInfo
- Publication number
- CN115311763A CN115311763A CN202210725306.8A CN202210725306A CN115311763A CN 115311763 A CN115311763 A CN 115311763A CN 202210725306 A CN202210725306 A CN 202210725306A CN 115311763 A CN115311763 A CN 115311763A
- Authority
- CN
- China
- Prior art keywords
- signal
- response signal
- electronic lock
- authentication
- electronic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00309—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
Abstract
The invention relates to an identity recognition method and system, wherein the method comprises the following steps: s1: the electronic key sends an authentication request to the electronic lock; s2: the electronic lock randomly generates a driving signal after receiving the authentication request and sends the driving signal to the electronic key; s3: the electronic key converts the driving signal into a first response signal through the first superlattice password device, converts the first response signal into a reconstruction signal and sends the reconstruction signal to the electronic lock; s4: the electronic lock converts the driving signal into a second response signal through a second superlattice password device; s5: and the electronic lock is used for adjusting the reestablishing signal and the second response signal, if the adjustment is successful, the authentication is successful, otherwise, the authentication is failed. According to the method provided by the invention, the two authentication parties do not need to store fixed keys, and only by utilizing the non-replicability of the superlattice equipment and ensuring that the physical equipment is not damaged by an attacker, the safety of the whole system can be ensured, and the safety is greatly improved.
Description
Technical Field
The invention relates to the technical field of information security, in particular to an identity recognition method and system.
Background
At present, the development of random electronic technology, electronic locks based on electronic authentication technology and communication technology are widely applied.
Generally, the traditional mechanical lock has the problems of poor safety, strong reproducibility and incapability of guaranteeing safety. The electronic lock using the biological characteristic information and the digital password for authentication has the advantages that a user can control the intelligent lock by inputting the target password or the identity information into the electronic lock in advance and accessing or verifying the biological characteristic information through the password, and the intelligent lock is easy to monitor by a hacker in the process of using the electronic lock, so that the risks of copying, forging and replaying the target password and the biological characteristic are increased. In addition, the conventional authentication scheme based on the physical unclonable function needs to store the response pair in the authentication device, and once an attacker acquires the response pair, the attacker can pretend to be the authenticator for authentication.
Disclosure of Invention
In order to solve the above technical problems, the present invention provides an identity recognition method and system.
The technical solution of the invention is as follows: an identity recognition method, comprising:
step S1: the electronic key sends an authentication request to the electronic lock;
step S2: the electronic lock randomly generates a driving signal after receiving the authentication request and sends the driving signal to the electronic key;
and step S3: the electronic key converts the driving signal into a first response signal through a first superlattice password device, converts the first response signal into a reconstruction signal and sends the reconstruction signal to the electronic lock;
and step S4: the electronic lock converts the driving signal into a second response signal through a second superlattice password device;
step S5: and the electronic lock modulates the reestablished signal and the second response signal, if the modulation is successful, the authentication is successful, otherwise, the authentication is failed.
Compared with the prior art, the invention has the following advantages:
1. the invention discloses an identity recognition method, which utilizes the non-replicability and unidirectional non-clonality of a superlattice device, increases the difficulty of counterfeiting and copying compared with the traditional electronic lock system, and effectively improves the safety of identity recognition.
2. Compared with the conventional authentication protocol based on PUF (physical unclonable function), the method provided by the invention has the advantages that the excitation response pair needs to be stored in the authentication equipment, both authentication parties do not need to store a fixed secret key, and the safety of the whole system can be ensured only by ensuring that the physical equipment is not damaged by an attacker by utilizing the non-replicability of the superlattice equipment, so that the safety is greatly improved.
Drawings
Fig. 1 is a flowchart of an identity recognition method according to an embodiment of the present invention;
FIG. 2 is a schematic flow chart illustrating an identity recognition method according to an embodiment of the present invention;
fig. 3 is a flowchart of an identity recognition method according to a second embodiment of the present invention;
fig. 4 is a block diagram of an identity recognition system according to a third embodiment of the present invention;
fig. 5 is a block diagram of an identity recognition system according to a fourth embodiment of the present invention.
Detailed Description
The invention provides an identity recognition method, which effectively improves the safety of identity recognition by utilizing the non-replicability and the unidirectional non-clonality of a superlattice device.
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings.
Example one
As shown in fig. 1, an identity recognition method provided in an embodiment of the present invention includes the following steps:
step S1: the electronic key sends an authentication request to the electronic lock;
step S2: the electronic lock randomly generates a driving signal after receiving the authentication request and sends the driving signal to the electronic key;
and step S3: the electronic key converts the driving signal into a first response signal through the first superlattice password device, converts the first response signal into a reconstruction signal and sends the reconstruction signal to the electronic lock;
and step S4: the electronic lock converts the driving signal into a second response signal through a second superlattice password device;
step S5: and the electronic lock is used for adjusting the reestablishing signal and the second response signal, if the adjustment is successful, the authentication is successful, otherwise, the authentication is failed.
In one embodiment, the electronic key and the electronic lock in steps S3 and S4 are respectively installed with a first superlattice password device and a second superlattice password device, which have the same structure and the same manufacturing process, and are located at adjacent positions of the same semiconductor wafer during manufacturing. In the embodiment of the present invention, the number of the electronic key or the electronic lock is not limited. The number of the electronic keys and the electronic locks depends on the user requirements, the same number of electronic keys and electronic locks and superlattice password devices corresponding to the electronic keys and the electronic locks are manufactured in the same batch according to the requirements, and the authentication work can be completed by the matched electronic keys and electronic locks. The embodiment of the invention does not limit what information communication technology is used between the electronic key and the electronic lock, and the information communication technology can be a Bluetooth communication technology, a Wifi communication technology, an NFC communication technology or a USB interface communication.
Because the superlattice password device has the advantages of non-clonality and one-way unpredictability, compared with the traditional electronic lock system, the invention utilizes the superlattice password device to carry out identity authentication, increases the difficulty of counterfeiting and copying, and effectively improves the safety of identity identification.
In an embodiment, the randomly generating the driving signal in step S2 specifically includes:
a random sequence generated based on a physical random source (e.g., based on time and ambient temperature variables) is used as the drive signal and ensures that the same random sequence does not repeat and is unpredictable.
In an embodiment, the converting the first response signal into the reconstructed signal in step S3 specifically includes:
the first response signal is error correction coded, and error correction codes such as BCH codes, LDPC codes, polar codes and the like can be adopted, but not limited to, to obtain a reconstructed signal.
In an embodiment, the adjusting, by the electronic lock, the reestablishment signal and the second response signal in step S5 specifically includes:
the electronic lock corrects the error of the second response signal by using the reconstructed signal to obtain a first response signal, and if the difference between the second response signal and the first response signal is smaller than a threshold value, the authentication is successful; otherwise, authentication fails.
In this step, the electronic lock firstly calculates according to the received reconstructed signal and the second response signal by a known error correction coding algorithm (i.e. the error correction coding used for converting the first response signal into the reconstructed signal in step S3), so as to obtain an error bit (bit with difference), and then corrects the error bit of the second response signal, when the error correction is successful, the first response signal can be calculated, and at this time, the authentication is successful, so that the electronic lock is unlocked; if the error correction fails and the first response signal cannot be obtained, the authentication fails and the electronic lock is not unlocked.
Compared with the existing authentication protocol based on PUF, the response pair needs to be stored in the authentication device, the authentication parties do not need to store fixed keys, and the safety of the whole system can be ensured only by ensuring that the physical device is not damaged by an attacker by utilizing the non-replicability of the superlattice device, so that the safety is greatly improved.
Fig. 2 shows a schematic flow chart of the identity authentication method provided by the present invention, in which the authentication end is an electronic lock end, and the authenticated end is an electronic key end.
The identity authentication method is only suitable for the electronic key of the electronic lock, and any equipment needing identity authentication can be suitable for the method, such as a radio frequency identification system and an NFC identification system.
On the basis of the first embodiment, the first response signal and the second response signal which are successfully adjusted can be used as a common key to perform encrypted data transmission, so that identity authentication by other authentication factors is realized.
Example two
As shown in fig. 3, an identity recognition method provided in the embodiment of the present invention includes the following steps:
step S1: the electronic key sends an authentication request to the electronic lock;
step S2: the electronic lock randomly generates a driving signal after receiving the authentication request and sends the driving signal to the electronic key;
and step S3: the electronic key converts the driving signal into a first response signal through the first superlattice password device, converts the first response signal into a reconstruction signal and sends the reconstruction signal to the electronic lock;
and step S4: the electronic lock converts the driving signal into a second response signal through a second superlattice password device;
step S5: the electronic lock is used for carrying out identity matching on the reestablishing signal and the second response signal, if the identity matching is successful, the authentication is successful, and otherwise, the authentication is failed;
the specific implementation details of the steps S1 to S5 are the same as those of the steps S1 to S5 in the same embodiment;
step S6: if the authentication is successful, the first response signal and the second response signal after the modulation are used as a common key of the electronic key and the electronic lock, and the first response signal and the second response signal can carry out encrypted data transmission based on the common key.
Based on a common secret key formed by the electronic key and the electronic lock, authentication factors such as passwords and biological signs can be used for identity authentication, and mutual authentication information of the electronic lock and the electronic key end is symmetrically encrypted and transmitted by the same secret key.
EXAMPLE III
As shown in fig. 4, an embodiment of the present invention provides an identity recognition system, including the following modules:
the authentication request sending module 1 is used for sending an authentication request to the electronic lock by the electronic key;
the driving signal generating module 2 is used for randomly generating a driving signal after the electronic lock receives the authentication request and sending the driving signal to the electronic key;
the generation module 3 is used for converting the driving signal into a first response signal by the electronic key through the first superlattice password device, converting the first response signal into a reconstruction signal and sending the reconstruction signal to the electronic lock;
the second response signal generating module 4 is used for converting the driving signal into a second response signal by the electronic lock through a second superlattice password device;
and the adjusting module 5 is used for adjusting the reestablishing signal and the second response signal by the electronic lock, if the adjustment is successful, the authentication is successful, and otherwise, the authentication is failed.
Example four
As shown in fig. 5, an embodiment of the present invention provides an identity recognition system, which includes the following modules:
the authentication request sending module 1 is used for sending an authentication request to the electronic lock by the electronic key;
the driving signal generating module 2 is used for randomly generating a driving signal after the electronic lock receives the authentication request and sending the driving signal to the electronic key;
the generation module 3 is used for converting the driving signal into a first response signal by the electronic key through the first superlattice password device, converting the first response signal into a reconstruction signal and sending the reconstruction signal to the electronic lock;
the second response signal generation module 4 is used for converting the driving signal into a second response signal by the electronic lock through a second superlattice password device;
the adjusting module 5 is used for adjusting the reestablishing signal and the second response signal by the electronic lock, if the adjustment is successful, the authentication is successful, otherwise, the authentication is failed;
the encrypted data transmission module 6: and if the authentication of the adjusting module is successful, the first response signal and the adjusted second response signal are used as a common key of the electronic key and the electronic lock, and the first response signal and the adjusted second response signal can carry out encrypted data transmission based on the common key.
The above examples are provided only for the purpose of describing the present invention, and are not intended to limit the scope of the present invention. The scope of the invention is defined by the appended claims. Various equivalent substitutions and modifications can be made without departing from the spirit and principles of the invention, and are intended to be within the scope of the invention.
Claims (8)
1. An identity recognition method, comprising:
step S1: the electronic key sends an authentication request to the electronic lock;
step S2: the electronic lock randomly generates a driving signal after receiving the authentication request and sends the driving signal to the electronic key;
and step S3: the electronic key converts the driving signal into a first response signal through a first superlattice password device, converts the first response signal into a reconstruction signal and sends the reconstruction signal to the electronic lock;
and step S4: the electronic lock converts the driving signal into a second response signal through a second superlattice password device;
step S5: and the electronic lock modulates the reestablished signal and the second response signal, if the modulation is successful, the authentication is successful, otherwise, the authentication fails.
2. The method of claim 1, wherein the first superlattice password device and the second superlattice password device have the same structure and the same manufacturing process, and are located adjacent to a same semiconductor wafer during manufacturing.
3. The identity recognition method according to claim 1, wherein the step S2 of randomly generating the driving signal specifically comprises:
and taking a random sequence generated based on a physical random source as the driving signal.
4. The identity recognition method according to claim 1, wherein the step S3 of converting the first response signal into a reconstructed signal specifically comprises:
and carrying out error correction coding on the first response signal to obtain the reconstructed signal.
5. The identity recognition method according to claim 1, wherein the electronic lock in step S5 adjusts the reestablished signal and the second response signal, specifically comprising:
the electronic lock corrects the second response signal by using the reestablished signal, and if the difference between the second response signal and the first response signal is smaller than a threshold value, a first response signal can be calculated, and the authentication is successful at the moment; otherwise, the first response signal cannot be calculated, and the authentication fails at this time.
6. An identification method according to any one of claims 1 to 5, further comprising the steps of:
step S6: if the authentication is successful, the first response signal and the second response signal after the modulation serve as a common secret key of the electronic key and the electronic lock, and the first response signal and the second response signal after the modulation can carry out encrypted data transmission based on the common secret key.
7. An identification system, comprising the following modules:
the authentication request sending module is used for sending an authentication request to the electronic lock by the electronic key;
the driving signal generating module is used for randomly generating a driving signal after the electronic lock receives the authentication request and sending the driving signal to the electronic key;
the module for generating a first response signal and a reconstruction signal is used for converting the driving signal into a first response signal by the electronic key through a first superlattice password device, converting the first response signal into a reconstruction signal and sending the reconstruction signal to the electronic lock;
the second response signal generation module is used for converting the driving signal into a second response signal by the electronic lock through a second superlattice password device;
and the identity module is used for identity of the electronic lock to the reestablished signal and the second response signal, if the identity is successful, the authentication is successful, and otherwise, the authentication fails.
8. The identification system of claim 7, further comprising the following modules:
the encrypted data transmission module: and if the authentication of the reconciliation module is successful, the first response signal and the reconciled second response signal serve as a common key of the electronic key and the electronic lock, and the first response signal and the reconciled second response signal can carry out encrypted data transmission based on the common key.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210725306.8A CN115311763A (en) | 2022-06-24 | 2022-06-24 | Identity recognition method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210725306.8A CN115311763A (en) | 2022-06-24 | 2022-06-24 | Identity recognition method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115311763A true CN115311763A (en) | 2022-11-08 |
Family
ID=83854883
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210725306.8A Pending CN115311763A (en) | 2022-06-24 | 2022-06-24 | Identity recognition method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115311763A (en) |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106600799A (en) * | 2017-02-06 | 2017-04-26 | 苏州欧特威电子科技有限公司 | Passive intelligent lock based on wireless charging and cipher mutual authentication |
| US20180363327A1 (en) * | 2015-06-15 | 2018-12-20 | Bum Soo Kim | Electronic key and electronic locking device based on dual authentication |
| WO2019223624A1 (en) * | 2018-05-22 | 2019-11-28 | 中国科学院苏州纳米技术与纳米仿生研究所 | Key distribution method and terminal device |
| US20200014544A1 (en) * | 2018-07-03 | 2020-01-09 | Western Digital Technologies, Inc. | Non-volatile memory with replay protected memory block having dual key |
| CN111049652A (en) * | 2019-12-23 | 2020-04-21 | 北京明朝万达科技股份有限公司 | Data transmission method and device, electronic equipment and computer readable storage medium |
| CN111225358A (en) * | 2019-12-24 | 2020-06-02 | 北京明朝万达科技股份有限公司 | Identity recognition method and device, electronic equipment and storage medium |
| CN111314065A (en) * | 2020-01-21 | 2020-06-19 | 中国科学院苏州纳米技术与纳米仿生研究所 | Data encryption transmission method, server and system based on virtual private network |
| CN111324899A (en) * | 2020-01-21 | 2020-06-23 | 中国科学院苏州纳米技术与纳米仿生研究所 | Method, device and system for storing/reading data |
| CN112102529A (en) * | 2020-09-25 | 2020-12-18 | 无锡职业技术学院 | Power facility protection system based on passive intelligent lock and execution process thereof |
| CN114248722A (en) * | 2020-09-24 | 2022-03-29 | 长城汽车股份有限公司 | Control method and device and vehicle |
-
2022
- 2022-06-24 CN CN202210725306.8A patent/CN115311763A/en active Pending
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20180363327A1 (en) * | 2015-06-15 | 2018-12-20 | Bum Soo Kim | Electronic key and electronic locking device based on dual authentication |
| CN106600799A (en) * | 2017-02-06 | 2017-04-26 | 苏州欧特威电子科技有限公司 | Passive intelligent lock based on wireless charging and cipher mutual authentication |
| WO2019223624A1 (en) * | 2018-05-22 | 2019-11-28 | 中国科学院苏州纳米技术与纳米仿生研究所 | Key distribution method and terminal device |
| US20200014544A1 (en) * | 2018-07-03 | 2020-01-09 | Western Digital Technologies, Inc. | Non-volatile memory with replay protected memory block having dual key |
| CN111049652A (en) * | 2019-12-23 | 2020-04-21 | 北京明朝万达科技股份有限公司 | Data transmission method and device, electronic equipment and computer readable storage medium |
| CN111225358A (en) * | 2019-12-24 | 2020-06-02 | 北京明朝万达科技股份有限公司 | Identity recognition method and device, electronic equipment and storage medium |
| CN111314065A (en) * | 2020-01-21 | 2020-06-19 | 中国科学院苏州纳米技术与纳米仿生研究所 | Data encryption transmission method, server and system based on virtual private network |
| CN111324899A (en) * | 2020-01-21 | 2020-06-23 | 中国科学院苏州纳米技术与纳米仿生研究所 | Method, device and system for storing/reading data |
| CN114248722A (en) * | 2020-09-24 | 2022-03-29 | 长城汽车股份有限公司 | Control method and device and vehicle |
| CN112102529A (en) * | 2020-09-25 | 2020-12-18 | 无锡职业技术学院 | Power facility protection system based on passive intelligent lock and execution process thereof |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11558188B2 (en) | Methods for secure data storage | |
| US9887976B2 (en) | Multi-factor authentication using quantum communication | |
| US7502930B2 (en) | Secure communications | |
| US8332645B2 (en) | Method, apparatus and product for RFID authentication | |
| US11146410B2 (en) | Pseudo-random generation of matrices for a computational fuzzy extractor and method for authentication | |
| CN111669730B (en) | Physical layer key generation method and updating method for one-to-one proximity communication | |
| US7702910B2 (en) | Message authentication | |
| CN113114475B (en) | PUF identity authentication system and protocol based on bit self-checking | |
| CN111865579B (en) | SM2 algorithm transformation-based data encryption and decryption method and device | |
| US11223490B2 (en) | Robust computational fuzzy extractor and method for authentication | |
| CN114070567A (en) | Zero-knowledge proof equal-block chain identity authentication and privacy protection core technology | |
| CN102970676A (en) | Method for processing original data, internet of thing system and terminal | |
| CN115311763A (en) | Identity recognition method and system | |
| CN114244531B (en) | Lightweight self-updating message authentication method based on strong PUF | |
| US20190165958A1 (en) | Reverse Computational Fuzzy Extractor and Method for Authentication | |
| WO2021247646A1 (en) | System and methods for puf-based authentication | |
| US20240163116A1 (en) | Method for implementing mutual authentication protocol based on radio frequency fingerprint and fuzzy extractor | |
| CN116170802B (en) | Internet of things communication method, system and computer readable storage medium | |
| CN114157418B (en) | Trusted data uplink device and method based on quantum network | |
| US11974123B2 (en) | Encrypted communication between an appliance and a device on a motor vehicle | |
| US20240048540A1 (en) | Interactive authentication method, system, computer device, and non-volatile readable storage medium | |
| Hoang et al. | An Integrated Two-Factor Authentication Scheme for Smart Communications and Control Systems | |
| CN115913711A (en) | Method for realizing bidirectional authentication protocol based on radio frequency fingerprint and fuzzy extractor | |
| CN114423004A (en) | Method for realizing virtual connection and safe transmission between Bluetooth devices based on data link | |
| WO2024049352A1 (en) | Methods and systems of using quantum key distribution for secure user and data authentication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |