CN103178955A - Authentication method, device and system - Google Patents
Authentication method, device and system Download PDFInfo
- Publication number
- CN103178955A CN103178955A CN2011104375686A CN201110437568A CN103178955A CN 103178955 A CN103178955 A CN 103178955A CN 2011104375686 A CN2011104375686 A CN 2011104375686A CN 201110437568 A CN201110437568 A CN 201110437568A CN 103178955 A CN103178955 A CN 103178955A
- Authority
- CN
- China
- Prior art keywords
- password
- way function
- enciphered message
- authenticating device
- random number
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses an authentication method, device and system, belonging to the field of information security. According to the invention, an authenticating device sends a serial number of a one-way function and/or a serial number of an encrypted message to an authenticated device; and the authenticated device processes a password of an electronic password card by using the corresponding one-way function and/or encrypted message, and then sends the processed password to the authenticating device for authentication. Due to the special property that an independent variable of the one-way function is not easy to obtain through a dependent variable, or due to the encryption processing for the password carried out by the encrypted message, an interceptor still cannot obtain the password even the reply message from the authenticated device is intercepted and captured. Consequently, the security of authentication between devices is improved.
Description
Technical field
The present invention relates to field of information security technology, particularly a kind of authentication method, equipment and system.
Background technology
In order to ensure the fail safe of user profile, the systems such as Net silver, game need to authenticate the user.At present, usually use electronics password card scheme that the user is authenticated.
In electronics password card scheme, Verification System can be given electronics password card of user, and the electronics password card is that a vang draws and password card one to one, wherein, index can be coordinate etc. can unique definite card on the sign of password, for example, index can be row-coordinate, row coordinate.Also have a sequence number on card, be used for and the user account binding.When needs authenticated, Verification System can random produce several index, the user need to be in Verification System the password corresponding with index on input card.Referring to Fig. 1, shown in Figure 1 is that a sequence number is 123456789XXXX, has the electronics password card of 8 row, 10 row.When needs authenticated, Verification System can generate several coordinates at random, as 2E, and 5H, 3B, the user need to input the password corresponding with coordinate, as 59,19,43.If the user inputs correctly, authentication is passed through, and is incorrect if the user inputs, and authentication is not passed through.
In realizing process of the present invention, the inventor finds that there is following problem at least in prior art:
Password limited amount on the electronics password card, the password of user's input may be intercepted and captured, used password just becomes no longer safe, therefore the access times of electronics password card are limited, if surpassing number of times continues to use, the electronics password card is just no longer safe, is difficult to ensure the fail safe of user profile.
Summary of the invention
In order to improve the fail safe of authentication, the embodiment of the present invention provides a kind of authentication method, equipment and system.Described technical scheme is as follows:
A kind of authentication method, described method comprises:
In the situation that certified equipment and authenticating device are confirmed the other side's sequence number and the sequence numbers match of self mutually, described authenticating device produces one group of random number, and described random number is sent to described certified equipment, described random number comprises: the sequence number of the electronics password card that authentication is used, the index on the electronics password card, and described random number also comprises: the sequence number of one-way function and/or the sequence number of enciphered message;
Described authenticating device receives the first answer information that described certified equipment sends, and described the first answer information is that described certified equipment adopts the method identical with described authenticating device to generate;
described authenticating device finds corresponding electronics password card according to the sequence number of the electronics password card that the authentication that described random number is carried is used from the data of self preserving, index on the electronics password card that carries according to described random number is determined corresponding password at the described electronics password card that finds, the sequence number of the one-way function that carries according to described random number and/or the sequence number of enciphered message find corresponding one-way function and/or enciphered message from the data of self preserving, and use the one-way function find and/or enciphered message that the password of determining is processed to obtain result, with described result as the second answer information,
Described authenticating device compares the second answer information that self produces and the first answer information that receives from described certified equipment, if consistent, judges that described certified equipment is legal, authentication is passed through, if inconsistent, judge that described certified equipment is illegal, authentication is not passed through.
A kind of authentication method, described method comprises:
In the situation that certified equipment and authenticating device are confirmed the other side's sequence number and the sequence numbers match of self mutually, described certified equipment receives one group of random number that described authenticating device produces and sends, described random number comprises: the sequence number of the electronics password card that authentication is used, the index on the electronics password card, and described random number also comprises: the sequence number of one-way function and/or the sequence number of enciphered message;
the sequence number of the electronics password card that the authentication that described certified equipment carries according to described random number is used finds corresponding electronics password card from the data of self preserving, index on the electronics password card that carries according to described random number is determined corresponding password at the described electronics password card that finds, the sequence number of the one-way function that carries according to described random number and/or the sequence number of enciphered message find corresponding one-way function and/or enciphered message from the data of self preserving, and use the one-way function find and/or enciphered message that the password of determining is processed to obtain result, with described result as the first answer information,
Described certified equipment sends described the first answer information to described authenticating device, make described authenticating device adopt the method identical with described certified equipment to generate the second answer information, and the second answer information that self produces and the first answer information that receives from described certified equipment are compared, if consistent, judge that described certified equipment is legal, authentication is passed through, if inconsistent, judge that described certified equipment is illegal, authentication is not passed through.
A kind of authenticating device, described equipment comprises:
Sending module, be used in the situation that certified equipment and described equipment are confirmed the other side's sequence number and the sequence numbers match of self mutually, produce one group of random number, and described random number is sent to described certified equipment, described random number comprises: the sequence number of the electronics password card that authentication is used, the index on the electronics password card, and described random number also comprises: the sequence number of one-way function and/or the sequence number of enciphered message;
Receiver module is used for receiving the first answer information that described certified equipment sends, and described the first answer information is that described certified equipment adopts the method identical with described authenticating device to generate;
generation module, the sequence number that is used for the electronics password card that uses according to the authentication that described random number is carried finds corresponding electronics password card from the data of self preserving, index on the electronics password card that carries according to described random number is determined corresponding password at the described electronics password card that finds, the sequence number of the one-way function that carries according to described random number and/or the sequence number of enciphered message find corresponding one-way function and/or enciphered message from the data of self preserving, and use the one-way function find and/or enciphered message that the password of determining is processed to obtain result, with described result as the second answer information,
Comparison module is used for the second answer information that will self produce and the first answer information that receives from described certified equipment and compares, if consistent, judge that described certified equipment is legal, authentication is passed through, if inconsistent, judge that described certified equipment is illegal, authentication is not passed through.
A kind of authenticating device, described equipment comprises:
Receiver module, be used in the situation that described equipment and authenticating device are confirmed the other side's sequence number and the sequence numbers match of self mutually, receive one group of random number that described authenticating device produces and sends, described random number comprises: the sequence number of the electronics password card that authentication is used, the index on the electronics password card, and described random number also comprises: the sequence number of one-way function and/or the sequence number of enciphered message;
generation module, the sequence number that is used for the electronics password card that uses according to the authentication that described random number is carried finds corresponding electronics password card from the data of self preserving, index on the electronics password card that carries according to described random number is determined corresponding password at the described electronics password card that finds, the sequence number of the one-way function that carries according to described random number and/or the sequence number of enciphered message find corresponding one-way function and/or enciphered message from the data of self preserving, and use the one-way function find and/or enciphered message that the password of determining is processed to obtain result, with described result as the first answer information,
Sending module, be used for sending described the first answer information to described authenticating device, make described authenticating device adopt the method identical with described equipment to generate the second answer information, and the second answer information that self produces and the first answer information that receives from described equipment are compared, if consistent, judge that described equipment is legal, authentication is passed through, if inconsistent, judge that described equipment is illegal, authentication is not passed through.
A kind of Verification System, described system comprises: certified equipment and authenticating device;
In the situation that certified equipment and authenticating device are confirmed the other side's sequence number and the sequence numbers match of self mutually, described authenticating device, for generation of one group of random number, and described random number is sent to described certified equipment, described random number comprises: the sequence number of the electronics password card that authentication is used, the index on the electronics password card, and described random number also comprises: the sequence number of one-way function and/or the sequence number of enciphered message;
Described certified equipment is used for receiving described random number, adopts the method identical with described authenticating device to generate the first answer information, and described the first answer information is sent to described authenticating device;
described authenticating device, also be used for receiving the first answer information that described certified equipment sends, the sequence number of the electronics password card that the authentication of carrying according to described random number is used finds corresponding electronics password card from the data of self preserving, index on the electronics password card that carries according to described random number is determined corresponding password at the described electronics password card that finds, the sequence number of the one-way function that carries according to described random number and/or the sequence number of enciphered message find corresponding one-way function and/or enciphered message from the data of self preserving, and use the one-way function find and/or enciphered message that the password of determining is processed to obtain result, with described result as the second answer information, the the second answer information that self produces and the first answer information that receives from described certified equipment are compared, if consistent, judge that described certified equipment is legal, authentication is passed through, if inconsistent, judge that described certified equipment is illegal, authentication is not passed through.
The beneficial effect that the technical scheme that the embodiment of the present invention provides is brought is:
By certified equipment, the password of electronics password card is used one-way function or/and after enciphered message processes, send to again authenticating device to authenticate, be difficult for finding the solution the special nature of independent variable by dependent variable due to one-way function, perhaps due to the encryption of enciphered message to password, even the answer information of certified equipment is intercepted and captured, the interceptor can not obtain password, thereby has improved the fail safe of inter-device authentication.
Description of drawings
In order to be illustrated more clearly in the technical scheme in the embodiment of the present invention, during the below will describe embodiment, the accompanying drawing of required use is done to introduce simply, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skills, under the prerequisite of not paying creative work, can also obtain according to these accompanying drawings other accompanying drawing.
Fig. 1 is the electronics password card schematic diagram that prior art provides;
Fig. 2 is the authentication method flow chart that provides in the embodiment of the present invention 1;
Fig. 3 is the authentication method flow chart that provides in the embodiment of the present invention 2;
Fig. 4 is the authentication method flow chart that provides in the embodiment of the present invention 3;
Fig. 5 is the authenticating device structural representation that provides in the embodiment of the present invention 4;
Fig. 6 is the authenticating device structural representation that provides in the embodiment of the present invention 5;
Fig. 7 is the Verification System structural representation that provides in the embodiment of the present invention 6.
Embodiment
For making the purpose, technical solutions and advantages of the present invention clearer, embodiment of the present invention is described further in detail below in conjunction with accompanying drawing.
At first, word and term in following each embodiment are made an explanation:
The electronics password card of mentioning in the embodiment of the present invention is that a vang draws and password card one to one, wherein, index can be coordinate etc. can unique definite card on the sign of password, for example, index can be row-coordinate, row coordinate.Also have a sequence number on card, be used for and the user account binding.
The one-way function of mentioning in the embodiment of the present invention refers to: if a function, for any one group of independent variable, there is unique dependent variable corresponding with this group independent variable, and for nearly all dependent variable, but can't draw one group of independent variable of determining by finding the solution this function, this function is exactly one-way function.
That mention in the embodiment of the present invention and/or, at least one in referring to both.For example, A and/or B comprise: A, B, A and three kinds of situations of B.
The ordinal numbers such as " first " mentioned in the embodiment of the present invention, " second ", " the 3rd ", " the 4th ", unless the meaning of its certain order of representation based on context, should be understood to has been only the use of differentiation.
Referring to Fig. 2, the present embodiment provides a kind of authentication method, and the method comprises:
S11: in the situation that certified equipment and authenticating device are confirmed the other side's sequence number and the sequence numbers match of self mutually, authenticating device produces one group of random number, and random number is sent to certified equipment, random number comprises: the sequence number of the electronics password card that authentication is used, the index on the electronics password card, and random number also comprises: the sequence number of one-way function and/or the sequence number of enciphered message;
Wherein, enciphered message comprises key and cryptographic algorithm, and corresponding, the sequence number of enciphered message comprises the sequence number of key and the sequence number of cryptographic algorithm.
S12: authenticating device receives the first answer information that certified equipment sends, and the first answer information is that certified equipment adopts the method identical with authenticating device to generate;
S13: authenticating device finds corresponding electronics password card according to the sequence number of the electronics password card that the authentication that random number is carried is used from the data of self preserving, index on the electronics password card that carries according to random number is determined corresponding password at the electronics password card that finds, the sequence number of the one-way function that carries according to random number and/or the sequence number of enciphered message find corresponding one-way function and/or enciphered message from the data of self preserving, and use the one-way function find and/or enciphered message that the password of determining is processed to obtain result, with result as the second answer information,
S14: authenticating device compares the second answer information that self produces and the first answer information that receives from certified equipment, if consistent, judges that certified equipment is legal, authentication is passed through, if inconsistent, judge that certified equipment is illegal, authentication is not passed through.
The present embodiment sends to certified equipment by authenticating device with the sequence number of one-way function and/or the sequence number of enciphered message, certified equipment uses corresponding one-way function or/and after the enciphered message processing with the password of electronics password card, send to again authenticating device to authenticate, be difficult for finding the solution the special nature of independent variable by dependent variable due to one-way function, perhaps due to the encryption of enciphered message to password, even the answer information of certified equipment is intercepted and captured, the interceptor can not obtain password, thereby has improved the fail safe of inter-device authentication.
Referring to Fig. 3, the present embodiment provides a kind of authentication method, and the method comprises:
S21: in the situation that certified equipment and authenticating device are confirmed the other side's sequence number and the sequence numbers match of self mutually, certified equipment receives one group of random number that authenticating device produces and sends, random number comprises: the sequence number of the electronics password card that authentication is used, the index on the electronics password card, and random number also comprises: the sequence number of one-way function and/or the sequence number of enciphered message;
Wherein, enciphered message comprises key and cryptographic algorithm, and corresponding, the sequence number of enciphered message comprises the sequence number of key and the sequence number of cryptographic algorithm.
S22: certified equipment finds corresponding electronics password card according to the sequence number of the electronics password card that the authentication that random number is carried is used from the data of self preserving, index on the electronics password card that carries according to random number is determined corresponding password at the electronics password card that finds, the sequence number of the one-way function that carries according to random number and/or the sequence number of enciphered message find corresponding one-way function and/or enciphered message from the data of self preserving, and use the one-way function find and/or enciphered message that the password of determining is processed to obtain result, with result as the first answer information,
S23: certified equipment sends the first answer information to authenticating device, make authenticating device adopt the method identical with certified equipment to generate the second answer information, and the second answer information that self produces and the first answer information that receives from certified equipment are compared, if consistent, judge that certified equipment is legal, authentication is passed through, if inconsistent, judge that certified equipment is illegal, authentication is not passed through.
The present embodiment is by the sequence number of the one-way function of certified equipment reception authenticating device transmission and/or the sequence number of enciphered message, the password of electronics password card is used corresponding one-way function or/and after the enciphered message processing, send to again authenticating device to authenticate, be difficult for finding the solution the special nature of independent variable by dependent variable due to one-way function, perhaps due to the encryption of enciphered message to password, even the answer information of certified equipment is intercepted and captured, the interceptor can not obtain password, thereby has improved the fail safe of inter-device authentication.
Referring to Fig. 4, the present embodiment provides a kind of authentication method, and the method comprises:
201: certified equipment is initiated authentication application to authenticating device, certified equipment and authenticating device confirm mutually whether the other side's sequence number and the sequence number of self mate, if coupling, execution in step 202 or directly execution in step 203, if do not mate, withdraw from verification process.
Certified equipment and authenticating device confirm mutually whether the other side's sequence number and the sequence number of self mate, specifically comprise: certified equipment sends to authenticating device with the sequence number of self, authenticating device mates the sequence number of this equipment and the sequence number of certified equipment, authenticating device sends to certified equipment with the sequence number of self, and certified equipment mates the sequence number of this equipment and the sequence number of authenticating device.
Wherein, authentication application can be initiated by master authentication equipment or from authenticating device.
202: certified equipment authenticates authenticating device, if authentication is passed through, execution in step 203, if authentication is not passed through, withdraws from verification process.
Wherein, step 202 is optional, if execution in step 202 can further improve the fail safe of authentication.
203: authenticating device authenticates certified equipment, if authentication is passed through, execution in step 204, if authentication is not passed through, withdraws from verification process.
204: verification process is completed.
In order to realize that authenticating device authenticates certified equipment, perhaps in order to realize that certified equipment authenticates authenticating device, need respectively to preserve at least one group of identical electronics password card of content, at least one one-way function at authenticating device and certified equipment, at least one encrypts the data such as enciphered message of use.Wherein, enciphered message comprises key and cryptographic algorithm, and corresponding, the sequence number of enciphered message comprises the sequence number of key and the sequence number of cryptographic algorithm.Further, in order to prevent being stolen in the data of authenticating device and the preservation of certified equipment, authenticating device and certified equipment can be encrypted the data of self preserving respectively, the present embodiment does not limit concrete encryption method, and authenticating device and certified equipment can adopt identical or different encryption method that the data of self preserving are encrypted.Held by the user with respect to electronics password card in prior art, any holder can see the information on the electronics password card, the disabled user is by the information that the means that copy just can the electron gain password card such as scanning, take a picture, copy, the electronics password card of the embodiment of the present invention is kept at equipment (authenticating device or certified equipment), and can encrypting storing, the disabled user is difficult for the information of electron gain password card.Further, when electronics password card, one-way function or enciphered message have when a plurality of, increase password and intercepted and captured the difficulty of decoding, improved the fail safe of authentication.In order further to improve the fail safe of authentication, the electronics password card can be divided into two groups, one group of electronics password card is specifically designed to authenticating device certified equipment is authenticated, and another group electronics password card is specifically designed to certified equipment authenticating device is authenticated; In like manner, one-way function can be divided into two groups, and one group of one-way function is specifically designed to authenticating device certified equipment is authenticated, and another group one-way function is specifically designed to certified equipment authenticating device is authenticated; In like manner, enciphered message can be divided into two groups, and a group encryption information is specifically designed to authenticating device certified equipment is authenticated, and another group encryption information is specifically designed to certified equipment authenticating device is authenticated.
The certified equipment of step 202 authenticates authenticating device, can adopt following methods:
2021: certified equipment produces one group of second random number, and should organize the second random number and send to authenticating device;
Wherein, this group second random number comprises: the sequence number of the electronics password card that authentication is used, the index on the electronics password card; This group random number also comprises: the sequence number of one-way function and/or the sequence number of enciphered message.Wherein, enciphered message comprises key and cryptographic algorithm, and corresponding, the sequence number of enciphered message comprises the sequence number of key and the sequence number of cryptographic algorithm.
Further, the electronics password card that carries of this group random number, one-way function are or/and the information such as enciphered message can be specifically designed to certified equipment that authenticating device is authenticated.
2022: after authenticating device received this group second random number, the information of carrying according to this group second random number produced the 3rd answer information, and the 3rd answer information is sent to certified equipment;
Concrete, the sequence number of the electronics password card that authenticating device uses according to the authentication that this group second random number is carried finds corresponding the second electronics password card from the data of self preserving, and the second password of correspondence determined in the index on the electronics password card that carries according to this group random number at the electronics password card that finds; The sequence number of the one-way function that carries according to this group random number and/or the sequence number of enciphered message find corresponding the second one-way function and/or the second enciphered message from the data of self preserving, and use the second one-way function find and/or the second enciphered message that the second password of determining is processed to obtain the second result, with the second result as the 3rd answer information.
Wherein, the second one-way function that use is found and/or the second enciphered message are processed the second password of determining and are obtained the second result, and four kinds of methods specifically can be arranged.The first is to use the second one-way function that finds to calculate the second result to the second password of determining.The second is to use the second enciphered message that finds that the second password of determining is encrypted and obtain the second result.The third is that the second one-way function that first use is found calculates the second intermediate object program to the second password of determining, then uses the second enciphered message that finds that the second intermediate object program that calculates is encrypted and obtains the second result.The 4th kind is, first uses the second enciphered message that finds that the second password of determining is encrypted and obtains the second intermediate object program, then uses the second one-way function that finds to calculate the second result to the second intermediate object program that encryption obtains.
2023: certified equipment adopts the method identical with authenticating device, the information of carrying according to this group second random number produces the 4th answer information, and the 4th answer information that self produces and the 3rd answer information that receives from authenticating device are compared, if consistent, judge that authenticating device is legal, authentication is passed through, if inconsistent, judge that authenticating device is illegal, authentication is not passed through.
Wherein, certified equipment adopts the method identical with authenticating device, and the information of carrying according to this group second random number produces the 4th answer information, specifically comprises:
The sequence number of the electronics password card that the authentication of carrying according to this group second random number is used finds corresponding the second electronics password card from the data of self preserving, and the second password of correspondence determined in the index on the electronics password card that carries according to this group random number at the electronics password card that finds; The sequence number of the one-way function that carries according to this group random number and/or the sequence number of enciphered message find corresponding the second one-way function and/or the second enciphered message from the data of self preserving, and use the second one-way function find and/or the second enciphered message that the second password of determining is processed to obtain the second result, with the second result as the 4th answer information.
Wherein, the second one-way function that use is found and/or the second enciphered message are processed the second password of determining and are obtained the second result, and four kinds of methods specifically can be arranged.The first is to use the second one-way function that finds to calculate the second result to the second password of determining.The second is to use the second enciphered message that finds that the second password of determining is encrypted and obtain the second result.The third is that the second one-way function that first use is found calculates the second intermediate object program to the second password of determining, then uses the second enciphered message that finds that the second intermediate object program that calculates is encrypted and obtains the second result.The 4th kind is, first uses the second enciphered message that finds that the second password of determining is encrypted and obtains the second intermediate object program, then uses the second one-way function that finds to calculate the second result to the second intermediate object program that encryption obtains.
Step 203 authenticating device authenticates certified equipment, can adopt following methods:
2031: authenticating device produces one group of random number, and should organize random number and send to certified equipment;
Wherein, this group random number comprises: the sequence number of the electronics password card that authentication is used, the index on the electronics password card; This group random number also comprises: the sequence number of one-way function and/or the sequence number of enciphered message.Wherein, enciphered message comprises key and cryptographic algorithm, and corresponding, the sequence number of enciphered message comprises the sequence number of key and the sequence number of cryptographic algorithm.
Further, the electronics password card that carries of this group random number, one-way function are or/and the information such as enciphered message can be specifically designed to authenticating device that certified equipment is authenticated.
2032: after certified equipment received this group random number, the information of carrying according to this group random number produced the first answer information, and the first answer information is sent to authenticating device;
Concrete, the sequence number of the electronics password card that certified equipment uses according to the authentication that this group random number is carried finds corresponding electronics password card from the data of self preserving, and the password of correspondence determined in the index on the electronics password card that carries according to this group random number at the electronics password card that finds; The sequence number of the one-way function that carries according to this group random number and/or the sequence number of enciphered message find corresponding one-way function and/or enciphered message from the data of self preserving, and use one-way function and/or the enciphered message find to calculate result to the password of determining, with result as the first answer information.
Wherein, the one-way function that use is found and enciphered message are processed the password of determining and are obtained result, and four kinds of methods specifically can be arranged.The first is to use the one-way function that finds to calculate result to the password of determining.The second is to use the enciphered message that finds that the password of determining is encrypted and obtain result.The third is that the one-way function that first use is found calculates intermediate object program to the password of determining, then uses the enciphered message that finds that middle result is encrypted and obtains result.The 4th kind is, first uses the enciphered message that finds that the password of determining is encrypted and obtains intermediate object program, then uses the one-way function that finds to calculate result to middle result.
2033: authenticating device adopts the method identical with certified equipment, the information of carrying according to this group random number produces the second answer information, and the second answer information that self produces and the first answer information that receives from certified equipment are compared, if consistent, judge that certified equipment is legal, authentication is passed through, if inconsistent, judge that certified equipment is illegal, authentication is not passed through.
Wherein, authenticating device adopts the method identical with certified equipment, and the information of carrying according to this group random number produces the second answer information, specifically comprises:
The sequence number of the electronics password card that authenticating device uses according to the authentication that this group random number is carried finds corresponding electronics password card from the data of self preserving, and the password of correspondence determined in the index on the electronics password card that carries according to this group random number at the electronics password card that finds; The sequence number of the one-way function that carries according to this group random number and/or the sequence number of enciphered message find corresponding one-way function and/or enciphered message from the data of self preserving, and use one-way function and/or the enciphered message find to calculate result to the password of determining, with result as the second answer information.
Wherein, the one-way function that use is found and enciphered message are processed the password of determining and are obtained result, and four kinds of methods specifically can be arranged.The first is to use the one-way function that finds to calculate result to the password of determining.The second is to use the enciphered message that finds that the password of determining is encrypted and obtain result.The third is that the one-way function that first use is found calculates intermediate object program to the password of determining, then uses the enciphered message that finds that middle result is encrypted and obtains result.The 4th kind is, first uses the enciphered message that finds that the password of determining is encrypted and obtains intermediate object program, then uses the one-way function that finds to calculate result to middle result.
The method of the authentication that the present embodiment provides can be applied to electronic lock, gate control system, electronic fare payment system, electronic device authentication etc.Take electronic lock as example, lockset and key are equivalent to respectively authenticating device and the certified equipment in the present embodiment.The verification process of brief description electronic lock.
301: key is initiated authentication application to lockset, and key and lockset confirm mutually whether the other side's sequence number and the sequence number of self mate, if coupling, execution in step 302 or directly execution in step 303 if do not mate, withdraw from verification process.
Key and lockset confirm mutually whether the other side's sequence number and the sequence number of self mate, specifically comprise: key sends to lockset with the sequence number of self, lockset mates the sequence number of this equipment and the sequence number of key, lockset sends to key with the sequence number of self, and key mates the sequence number of this equipment and the sequence number of lockset.
302: key authenticates lockset, if authentication is passed through, execution in step 303, if authentication is not passed through, withdraws from verification process.
Wherein, step 302 is optional, if execution in step 302 can further improve the fail safe of authentication.
303: lockset authenticates key, if authentication is passed through, execution in step 304, if authentication is not passed through, withdraws from verification process.
304: verification process is completed.
In order to realize that lockset authenticates key, perhaps in order to realize that key authenticates lockset, need respectively to preserve at least one group of identical electronics password card of content, at least one one-way function at lockset and key, at least one encrypts the data such as enciphered message of use.Further, in order to prevent being stolen in the data of lockset and key preservation, lockset and key can be encrypted the data of self preserving respectively, the present embodiment does not limit concrete encryption method, and lockset and key can adopt identical or different encryption method that the data of self preserving are encrypted.Further, when electronics password card, one-way function or enciphered message have when a plurality of, increase password and intercepted and captured the difficulty of decoding, improved the fail safe of authentication.In order further to improve the fail safe of authentication, the electronics password card can be divided into two groups, one group of electronics password card is specifically designed to lockset key is authenticated, and another group electronics password card is specifically designed to key lockset is authenticated; In like manner, one-way function can be divided into two groups, and one group of one-way function is specifically designed to lockset key is authenticated, and another group one-way function is specifically designed to key lockset is authenticated; In like manner, enciphered message can be divided into two groups, and a group encryption information is specifically designed to lockset key is authenticated, and another group encryption information is specifically designed to key lockset is authenticated.
Step 302 key authenticates lockset, can adopt following methods:
3021: key produces one group of second random number, and should organize the second random number and send to lockset;
Wherein, this group second random number comprises: the sequence number of the electronics password card that authentication is used, the index on the electronics password card; This group random number also comprises: the sequence number of one-way function and/or the sequence number of enciphered message.Wherein, enciphered message comprises key and cryptographic algorithm, and corresponding, the sequence number of enciphered message comprises the sequence number of key and the sequence number of cryptographic algorithm.
Further, the electronics password card that carries of this group random number, one-way function are or/and the information such as enciphered message can be specifically designed to key that lockset is authenticated.
3022: after lockset received this group second random number, the information of carrying according to this group second random number produced the 3rd answer information, and the 3rd answer information is sent to key;
Concrete, the sequence number of the electronics password card that lockset uses according to the authentication that this group second random number is carried finds corresponding the second electronics password card from the data of self preserving, and the second password of correspondence determined in the index on the electronics password card that carries according to this group random number at the electronics password card that finds; The sequence number of the one-way function that carries according to this group random number and/or the sequence number of enciphered message find corresponding the second one-way function and/or the second enciphered message from the data of self preserving, and use the second one-way function find and/or the second enciphered message that the second password of determining is processed to obtain the second result, with the second result as the 3rd answer information.
Wherein, the second one-way function that use is found and/or the second enciphered message are processed the second password of determining and are obtained the second result, and four kinds of methods specifically can be arranged.The first is to use the second one-way function that finds to calculate the second result to the second password of determining.The second is to use the second enciphered message that finds that the second password of determining is encrypted and obtain the second result.The third is that the second one-way function that first use is found calculates the second intermediate object program to the second password of determining, then uses the second enciphered message that finds that the second intermediate object program that calculates is encrypted and obtains the second result.The 4th kind is, first uses the second enciphered message that finds that the second password of determining is encrypted and obtains the second intermediate object program, then uses the second one-way function that finds to calculate the second result to the second intermediate object program that encryption obtains.
3023: key adopts the method identical with lockset, the information of carrying according to this group second random number produces the 4th answer information, and the 4th answer information that self produces and the 3rd answer information that receives from lockset are compared, if consistent, judge that lockset is legal, authentication is passed through, if inconsistent, judge that lockset is illegal, authentication is not passed through.
Wherein, key adopts the method identical with lockset, and the information of carrying according to this group second random number produces the 4th answer information, specifically comprises:
The sequence number of the electronics password card that the authentication of carrying according to this group second random number is used finds corresponding the second electronics password card from the data of self preserving, and the second password of correspondence determined in the index on the electronics password card that carries according to this group random number at the electronics password card that finds; The sequence number of the one-way function that carries according to this group random number and/or the sequence number of enciphered message find corresponding the second one-way function and/or the second enciphered message from the data of self preserving, and use the second one-way function find and/or the second enciphered message that the second password of determining is processed to obtain the second result, with the second result as the 4th answer information.
Wherein, the second one-way function that use is found and/or the second enciphered message are processed the second password of determining and are obtained the second result, and four kinds of methods specifically can be arranged.The first is to use the second one-way function that finds to calculate the second result to the second password of determining.The second is to use the second enciphered message that finds that the second password of determining is encrypted and obtain the second result.The third is that the second one-way function that first use is found calculates the second intermediate object program to the second password of determining, then uses the second enciphered message that finds that the second intermediate object program that calculates is encrypted and obtains the second result.The 4th kind is, first uses the second enciphered message that finds that the second password of determining is encrypted and obtains the second intermediate object program, then uses the second one-way function that finds to calculate the second result to the second intermediate object program that encryption obtains.
Step 303 lockset authenticates key, can adopt following methods:
3031: lockset produces one group of random number, and should organize random number and send to key;
Wherein, this group random number comprises: the sequence number of the electronics password card that authentication is used, the index on the electronics password card; This group random number also comprises: the sequence number of one-way function and/or the sequence number of enciphered message.Wherein, enciphered message comprises key and cryptographic algorithm, and corresponding, the sequence number of enciphered message comprises the sequence number of key and the sequence number of cryptographic algorithm.
Further, the electronics password card that carries of this group random number, one-way function are or/and the information such as enciphered message can be specifically designed to lockset that key is authenticated.
3032: after key received this group random number, the information of carrying according to this group random number produced the first answer information, and the first answer information is sent to lockset;
Concrete, the sequence number of the electronics password card that key uses according to the authentication that this group random number is carried finds corresponding electronics password card from the data of self preserving, and the password of correspondence determined in the index on the electronics password card that carries according to this group random number at the electronics password card that finds; The sequence number of the one-way function that carries according to this group random number and/or the sequence number of enciphered message find corresponding one-way function and/or enciphered message from the data of self preserving, and use one-way function and/or the enciphered message find to calculate result to the password of determining, with result as the first answer information.
Wherein, the one-way function that use is found and enciphered message are processed the password of determining and are obtained result, and four kinds of methods specifically can be arranged.The first is to use the one-way function that finds to calculate result to the password of determining.The second is to use the enciphered message that finds that the password of determining is encrypted and obtain result.The third is that the one-way function that first use is found calculates intermediate object program to the password of determining, then uses the enciphered message that finds that middle result is encrypted and obtains result.The 4th kind is, first uses the enciphered message that finds that the password of determining is encrypted and obtains intermediate object program, then uses the one-way function that finds to calculate result to middle result.
3033: lockset adopts the method identical with key, the information of carrying according to this group random number produces the second answer information, and the second answer information that self produces and the first answer information that receives from key are compared, if consistent, judge that key is legal, authentication is passed through, if inconsistent, judge that key is illegal, authentication is not passed through.
Wherein, lockset adopts the method identical with key, and the information of carrying according to this group random number produces the second answer information, specifically comprises:
The sequence number of the electronics password card that lockset uses according to the authentication that this group random number is carried finds corresponding electronics password card from the data of self preserving, and the password of correspondence determined in the index on the electronics password card that carries according to this group random number at the electronics password card that finds; The sequence number of the one-way function that carries according to this group random number and/or the sequence number of enciphered message find corresponding one-way function and/or enciphered message from the data of self preserving, and use one-way function and/or the enciphered message find to calculate result to the password of determining, with result as the second answer information.
Wherein, the one-way function that use is found and enciphered message are processed the password of determining and are obtained result, and four kinds of methods specifically can be arranged.The first is to use the one-way function that finds to calculate result to the password of determining.The second is to use the enciphered message that finds that the password of determining is encrypted and obtain result.The third is that the one-way function that first use is found calculates intermediate object program to the password of determining, then uses the enciphered message that finds that middle result is encrypted and obtains result.The 4th kind is, first uses the enciphered message that finds that the password of determining is encrypted and obtains intermediate object program, then uses the one-way function that finds to calculate result to middle result.
The present embodiment sends to certified equipment by authenticating device with the sequence number of one-way function and/or the sequence number of enciphered message, certified equipment uses corresponding one-way function or/and after the enciphered message processing with the password of electronics password card, send to again authenticating device to authenticate, be difficult for finding the solution the special nature of independent variable by dependent variable due to one-way function, perhaps due to the encryption of enciphered message to password, even the answer information of certified equipment is intercepted and captured, the interceptor can not obtain password, thereby has improved the fail safe of inter-device authentication.Simultaneously, electronics password card, one-way function or enciphered message can have when a plurality of, and can encrypting storing, have increased password and have been intercepted and captured the difficulty of decoding, have improved the fail safe of authentication.And, two-way authentication can further improve the fail safe of authentication, can also be with electronics password card, one-way function or/and the enciphered message grouping, be respectively used to certified equipment with to the authentication of authenticating device, the isolation of these data is used, and has further improved the fail safe of authentication.
Referring to Fig. 5, the present embodiment provides a kind of authenticating device, and this equipment can be specifically authenticating device, and this equipment comprises:
Sending module 401, be used in the situation that certified equipment and equipment are confirmed the other side's sequence number and the sequence numbers match of self mutually, produce one group of random number, and random number is sent to certified equipment, random number comprises: the sequence number of the electronics password card that authentication is used, the index on the electronics password card, and random number also comprises: the sequence number of one-way function and/or the sequence number of enciphered message;
Receiver module 402 is used for receiving the first answer information that certified equipment sends, and the first answer information is that certified equipment adopts the method identical with authenticating device to generate;
generation module 403, the sequence number that is used for the electronics password card that uses according to the authentication that random number is carried finds corresponding electronics password card from the data of self preserving, index on the electronics password card that carries according to random number is determined corresponding password at the electronics password card that finds, the sequence number of the one-way function that carries according to random number and/or the sequence number of enciphered message find corresponding one-way function and/or enciphered message from the data of self preserving, and use the one-way function find and/or enciphered message that the password of determining is processed to obtain result, with result as the second answer information,
Comparison module 404 is used for the second answer information that will self produce and the first answer information that receives from certified equipment and compares, if consistent, judge that certified equipment is legal, authentication is passed through, if inconsistent, judge that certified equipment is illegal, authentication is not passed through.
Wherein, the one-way function that generation module 403 finds in use and/or enciphered message are processed when obtaining as a result the password of determining, specifically are used for:
The one-way function that use is found calculates result to the password of determining;
Perhaps,
The enciphered message that use is found is encrypted the password of determining and obtains result;
Perhaps,
The one-way function that use is found calculates intermediate object program to the password of determining, and uses the enciphered message that finds that the intermediate object program that calculates is encrypted to obtain result;
Perhaps,
The enciphered message that use is found is encrypted the password of determining and obtains intermediate object program, and uses the one-way function that finds to calculate result to the intermediate object program that encryption obtains.
Further, certified equipment is by after authentication, and equipment also comprises:
Authentication module is used for receiving one group of second random number that certified equipment produces and sends; Produce the 3rd answer information according to the second random number, and the 3rd answer information is sent to certified equipment, make certified equipment adopt the method identical with authenticating device to generate the 4th answer information, and the 4th answer information that self produces and the 3rd answer information that receives from authenticating device are compared, if consistent, judge that authenticating device is legal, authentication is passed through, if inconsistent, judge that authenticating device is illegal, authentication is not passed through.
Wherein, authentication module specifically is used for when producing the 3rd answer information according to the second random number:
The sequence number of the electronics password card that the authentication of carrying according to the second random number is used finds corresponding the second electronics password card from the data of self preserving, the index on the electronics password card that carries according to the second random number is determined the second corresponding password at the second electronics password card that finds; The sequence number of the one-way function that carries according to the second random number and/or the sequence number of enciphered message find corresponding the second one-way function and/or the second enciphered message from the data of self preserving, the second one-way function that use is found and/or the second enciphered message are processed the second password of determining and are obtained the second result, with the second result as the 3rd answer information.
Wherein, the second one-way function that authentication module finds in use and/or the second enciphered message are processed the second password of determining and are obtained second as a result the time, specifically are used for:
The second one-way function that use is found calculates the second result to the second password of determining;
Perhaps,
The second enciphered message that use is found is encrypted the second password of determining and obtains the second result;
Perhaps,
The second one-way function that use is found calculates the second intermediate object program to the second password of determining, and uses the second enciphered message that finds that the second intermediate object program that calculates is encrypted to obtain the second result;
Perhaps,
The second enciphered message that use is found is encrypted the second password of determining and obtains the second intermediate object program, and uses the second one-way function that finds to calculate the second result to the second intermediate object program that encryption obtains.
In order to realize that authenticating device authenticates certified equipment, perhaps in order to realize that certified equipment authenticates authenticating device, need respectively to preserve at least one group of identical electronics password card of content, at least one one-way function at authenticating device and certified equipment, at least one encrypts the data such as enciphered message of use.Wherein, enciphered message comprises key and cryptographic algorithm, and corresponding, the sequence number of enciphered message comprises the sequence number of key and the sequence number of cryptographic algorithm.Further, in order to prevent being stolen in the data of authenticating device and the preservation of certified equipment, authenticating device and certified equipment can be encrypted the data of self preserving respectively, the present embodiment does not limit concrete encryption method, and authenticating device and certified equipment can adopt identical or different encryption method that the data of self preserving are encrypted.Held by the user with respect to electronics password card in prior art, any holder can see the information on the electronics password card, the disabled user is by the information that the means that copy just can the electron gain password card such as scanning, take a picture, copy, the electronics password card of the embodiment of the present invention is kept at equipment (authenticating device or certified equipment), and can encrypting storing, the disabled user is difficult for the information of electron gain password card.Further, when electronics password card, one-way function or enciphered message have when a plurality of, increase password and intercepted and captured the difficulty of decoding, improved the fail safe of authentication.In order further to improve the fail safe of authentication, the electronics password card can be divided into two groups, one group of electronics password card is specifically designed to authenticating device certified equipment is authenticated, and another group electronics password card is specifically designed to certified equipment authenticating device is authenticated; In like manner, one-way function can be divided into two groups, and one group of one-way function is specifically designed to authenticating device certified equipment is authenticated, and another group one-way function is specifically designed to certified equipment authenticating device is authenticated; In like manner, enciphered message can be divided into two groups, and a group encryption information is specifically designed to authenticating device certified equipment is authenticated, and another group encryption information is specifically designed to certified equipment authenticating device is authenticated.
The equipment that the present embodiment provides is by sending to certified equipment with the sequence number of one-way function and/or the sequence number of enciphered message, certified equipment uses corresponding one-way function or/and after the enciphered message processing with the password of electronics password card, send to again this equipment to authenticate, be difficult for finding the solution the special nature of independent variable by dependent variable due to one-way function, perhaps due to the encryption of enciphered message to password, even the answer information of certified equipment is intercepted and captured, the interceptor can not obtain password, thereby has improved the fail safe of inter-device authentication.
Referring to Fig. 6, the present embodiment provides a kind of authenticating device, and this equipment can be specifically certified equipment, and this equipment comprises:
Receiver module 501, be used in the situation that equipment and authenticating device are confirmed the other side's sequence number and the sequence numbers match of self mutually, receive one group of random number that authenticating device produces and sends, random number comprises: the sequence number of the electronics password card that authentication is used, the index on the electronics password card, and random number also comprises: the sequence number of one-way function and/or the sequence number of enciphered message;
generation module 502, the sequence number that is used for the electronics password card that uses according to the authentication that random number is carried finds corresponding electronics password card from the data of self preserving, index on the electronics password card that carries according to random number is determined corresponding password at the electronics password card that finds, the sequence number of the one-way function that carries according to random number and/or the sequence number of enciphered message find corresponding one-way function and/or enciphered message from the data of self preserving, and use the one-way function find and/or enciphered message that the password of determining is processed to obtain result, with result as the first answer information,
Sending module 503, be used for the first answer information that sends to authenticating device, make authenticating device adopt the method identical with equipment to generate the second answer information, and the second answer information that self produces and the first answer information that receives from equipment are compared, if consistent, determining apparatus is legal, authentication is passed through, if inconsistent, determining apparatus is illegal, and authentication is not passed through.
Wherein, the one-way function that generation module 502 finds in use and/or enciphered message are processed when obtaining as a result the password of determining, specifically are used for:
The one-way function that use is found calculates result to the password of determining;
Perhaps,
The enciphered message that use is found is encrypted the password of determining and obtains result;
Perhaps,
The one-way function that use is found calculates intermediate object program to the password of determining, and uses the enciphered message that finds that the intermediate object program that calculates is encrypted to obtain result;
Perhaps,
The enciphered message that use is found is encrypted the password of determining and obtains intermediate object program, and uses the one-way function that finds to calculate result to the intermediate object program that encryption obtains.
Further, equipment is by after authentication, and equipment also comprises:
Authentication module for generation of one group of second random number, and sends to authenticating device with the second random number, makes authenticating device adopt the method identical with certified equipment to generate the 3rd answer information, and the 3rd answer information is sent to equipment; Produce the 4th answer information according to the second random number, and the 4th answer information that self produces and the 3rd answer information that receives from authenticating device are compared, if consistent, judge that authenticating device is legal, authentication is passed through, if inconsistent, judge that authenticating device is illegal, authentication is not passed through.
Wherein, authentication module specifically is used for when producing the 4th answer information according to the second random number:
The sequence number of the electronics password card that the authentication of carrying according to the second random number is used finds corresponding the second electronics password card from the data of self preserving, the index on the electronics password card that carries according to the second random number is determined the second corresponding password at the second electronics password card that finds; The sequence number of the one-way function that carries according to the second random number and/or the sequence number of enciphered message find corresponding the second one-way function and/or the second enciphered message from the data of self preserving, the second one-way function that use is found and/or the second enciphered message are processed the second password of determining and are obtained the second result, with the second result as the 4th answer information.
Wherein, the second one-way function that authentication module finds in use and/or the second enciphered message are processed the second password of determining and are obtained second as a result the time, specifically are used for:
The second one-way function that use is found calculates the second result to the second password of determining;
Perhaps,
The second enciphered message that use is found is encrypted the second password of determining and obtains the second result;
Perhaps,
The second one-way function that use is found calculates the second intermediate object program to the second password of determining, and uses the second enciphered message that finds that the second intermediate object program that calculates is encrypted to obtain the second result;
Perhaps,
The second enciphered message that use is found is encrypted the second password of determining and obtains the second intermediate object program, and uses the second one-way function that finds to calculate the second result to the second intermediate object program that encryption obtains.
In order to realize that authenticating device authenticates certified equipment, perhaps in order to realize that certified equipment authenticates authenticating device, need respectively to preserve at least one group of identical electronics password card of content, at least one one-way function at authenticating device and certified equipment, at least one encrypts the data such as enciphered message of use.Wherein, enciphered message comprises key and cryptographic algorithm, and corresponding, the sequence number of enciphered message comprises the sequence number of key and the sequence number of cryptographic algorithm.Further, in order to prevent being stolen in the data of authenticating device and the preservation of certified equipment, authenticating device and certified equipment can be encrypted the data of self preserving respectively, the present embodiment does not limit concrete encryption method, and authenticating device and certified equipment can adopt identical or different encryption method that the data of self preserving are encrypted.Held by the user with respect to electronics password card in prior art, any holder can see the information on the electronics password card, the disabled user is by the information that the means that copy just can the electron gain password card such as scanning, take a picture, copy, the electronics password card of the embodiment of the present invention is kept at equipment (authenticating device or certified equipment), and can encrypting storing, the disabled user is difficult for the information of electron gain password card.Further, when electronics password card, one-way function or enciphered message have when a plurality of, increase password and intercepted and captured the difficulty of decoding, improved the fail safe of authentication.In order further to improve the fail safe of authentication, the electronics password card can be divided into two groups, one group of electronics password card is specifically designed to authenticating device certified equipment is authenticated, and another group electronics password card is specifically designed to certified equipment authenticating device is authenticated; In like manner, one-way function can be divided into two groups, and one group of one-way function is specifically designed to authenticating device certified equipment is authenticated, and another group one-way function is specifically designed to certified equipment authenticating device is authenticated; In like manner, enciphered message can be divided into two groups, and a group encryption information is specifically designed to authenticating device certified equipment is authenticated, and another group encryption information is specifically designed to certified equipment authenticating device is authenticated.
The equipment that the present embodiment provides, sequence number by receiving the one-way function that authenticating device sends and/or the sequence number of enciphered message, the password of electronics password card is used corresponding one-way function or/and after the enciphered message processing, send to again authenticating device to authenticate, be difficult for finding the solution the special nature of independent variable by dependent variable due to one-way function, perhaps due to the encryption of enciphered message to password, even the answer information of certified equipment is intercepted and captured, the interceptor can not obtain password, thereby has improved the fail safe of inter-device authentication.
Referring to Fig. 7, the present embodiment provides a kind of Verification System, and this system comprises: certified equipment 601 and authenticating device 602;
In the situation that certified equipment 601 and authenticating device 602 are confirmed the other side's sequence number and the sequence numbers match of self mutually, authenticating device 602, for generation of one group of random number, and random number is sent to certified equipment 601, random number comprises: the sequence number of the electronics password card that authentication is used, the index on the electronics password card, and random number also comprises: the sequence number of one-way function and/or the sequence number of enciphered message;
Certified equipment 601 is used for receiving random number, adopts the method identical with authenticating device 602 to generate the first answer information, and the first answer information is sent to authenticating device 602;
authenticating device 602, also be used for receiving the first answer information that certified equipment 601 sends, the sequence number of the electronics password card that the authentication of carrying according to random number is used finds corresponding electronics password card from the data of self preserving, index on the electronics password card that carries according to random number is determined corresponding password at the electronics password card that finds, the sequence number of the one-way function that carries according to random number and/or the sequence number of enciphered message find corresponding one-way function and/or enciphered message from the data of self preserving, and use the one-way function find and/or enciphered message that the password of determining is processed to obtain result, with result as the second answer information, the the second answer information that self produces and the first answer information that receives from certified equipment 601 are compared, if consistent, judge that certified equipment 601 is legal, authentication is passed through, if inconsistent, judges that certified equipment 601 is illegal, and authentication is not passed through.
22, according to claim 21 system is characterized in that, the one-way function that authenticating device 602 finds in use and/or enciphered message are processed when obtaining as a result the password of determining, specifically are used for:
Authenticating device 602 uses the one-way function that finds to calculate result to the password of determining;
Perhaps,
Authenticating device 602 uses the enciphered message that finds that the password of determining is encrypted and obtains result;
Perhaps,
Authenticating device 602 uses the one-way function that finds to calculate intermediate object program to the password of determining, and uses the enciphered message that finds that the intermediate object program that calculates is encrypted to obtain result;
Perhaps,
Authenticating device 602 uses the enciphered message that finds that the password of determining is encrypted and obtains intermediate object program, and uses the one-way function that finds to calculate result to the intermediate object program that encryption obtains.
23, according to claim 21 system is characterized in that, certified equipment 601 is by after authentication, and authenticating device 602 also is used for receiving one group of second random number that certified equipment 601 produces and sends; Produce the 3rd answer information according to the second random number, and the 3rd answer information is sent to certified equipment 601;
Certified equipment 601, be used for receiving the 3rd answer information that authenticating device 602 sends, adopt the method identical with authenticating device 602 to generate the 4th answer information, and the 4th answer information that self produces and the 3rd answer information that receives from authenticating device 602 are compared, if consistent, judge that authenticating device 602 is legal, authentication is passed through, if inconsistent, judge that authenticating device 602 is illegal, authentication is not passed through.
24, according to claim 23 system is characterized in that, authenticating device 602 is producing the 3rd when answering information according to the second random number, specifically be used for:
The sequence number of the electronics password card that authenticating device 602 uses according to the authentication that the second random number is carried finds corresponding the second electronics password card from the data of self preserving, the index on the electronics password card that carries according to the second random number is determined the second corresponding password at the second electronics password card that finds;
The sequence number of the one-way function that authenticating device 602 carries according to the second random number and/or the sequence number of enciphered message find corresponding the second one-way function and/or the second enciphered message from the data of self preserving, the second one-way function that use is found and/or the second enciphered message are processed the second password of determining and are obtained the second result, with the second result as the 3rd answer information.
25, according to claim 24 system is characterized in that, the second one-way function that authenticating device 602 finds in use and/or the second enciphered message are processed the second password of determining and obtained second as a result the time, specifically are used for:
Authenticating device 602 uses the second one-way function that finds to calculate the second result to the second password of determining;
Perhaps,
Authenticating device 602 uses the second enciphered message that finds that the second password of determining is encrypted and obtains the second result;
Perhaps,
Authenticating device 602 uses the second one-way function that finds to calculate the second intermediate object program to the second password of determining, and uses the second enciphered message that finds that the second intermediate object program that calculates is encrypted to obtain the second result;
Perhaps,
Authenticating device 602 uses the second enciphered message that finds that the second password of determining is encrypted and obtains the second intermediate object program, and uses the second one-way function that finds to calculate the second result to the second intermediate object program that encryption obtains.
In order to realize that authenticating device authenticates certified equipment, perhaps in order to realize that certified equipment authenticates authenticating device, need respectively to preserve at least one group of identical electronics password card of content, at least one one-way function at authenticating device and certified equipment, at least one encrypts the data such as enciphered message of use.Wherein, enciphered message comprises key and cryptographic algorithm, and corresponding, the sequence number of enciphered message comprises the sequence number of key and the sequence number of cryptographic algorithm.Further, in order to prevent being stolen in the data of authenticating device and the preservation of certified equipment, authenticating device and certified equipment can be encrypted the data of self preserving respectively, the present embodiment does not limit concrete encryption method, and authenticating device and certified equipment can adopt identical or different encryption method that the data of self preserving are encrypted.Held by the user with respect to electronics password card in prior art, any holder can see the information on the electronics password card, the disabled user is by the information that the means that copy just can the electron gain password card such as scanning, take a picture, copy, the electronics password card of the embodiment of the present invention is kept at equipment (authenticating device or certified equipment), and can encrypting storing, the disabled user is difficult for the information of electron gain password card.Further, when electronics password card, one-way function or enciphered message have when a plurality of, increase password and intercepted and captured the difficulty of decoding, improved the fail safe of authentication.In order further to improve the fail safe of authentication, the electronics password card can be divided into two groups, one group of electronics password card is specifically designed to authenticating device certified equipment is authenticated, and another group electronics password card is specifically designed to certified equipment authenticating device is authenticated; In like manner, one-way function can be divided into two groups, and one group of one-way function is specifically designed to authenticating device certified equipment is authenticated, and another group one-way function is specifically designed to certified equipment authenticating device is authenticated; In like manner, enciphered message can be divided into two groups, and a group encryption information is specifically designed to authenticating device certified equipment is authenticated, and another group encryption information is specifically designed to certified equipment authenticating device is authenticated.
The present embodiment sends to certified equipment by authenticating device with the sequence number of one-way function and/or the sequence number of enciphered message, certified equipment uses corresponding one-way function or/and after the enciphered message processing with the password of electronics password card, send to again authenticating device to authenticate, be difficult for finding the solution the special nature of independent variable by dependent variable due to one-way function, perhaps due to the encryption of enciphered message to password, even the answer information of certified equipment is intercepted and captured, the interceptor can not obtain password, thereby has improved the fail safe of inter-device authentication.
One of ordinary skill in the art will appreciate that all or part of step that realizes above-described embodiment can complete by hardware, also can come the relevant hardware of instruction to complete by program, described program can be stored in a kind of computer-readable recording medium, the above-mentioned storage medium of mentioning can be read-only memory, disk or CD etc.
The above is only preferred embodiment of the present invention, and is in order to limit the present invention, within the spirit and principles in the present invention not all, any modification of doing, is equal to replacement, improvement etc., within all should being included in protection scope of the present invention.
Claims (25)
1. an authentication method, is characterized in that, described method comprises:
In the situation that certified equipment and authenticating device are confirmed the other side's sequence number and the sequence numbers match of self mutually, described authenticating device produces one group of random number, and described random number is sent to described certified equipment, described random number comprises: the sequence number of the electronics password card that authentication is used, the index on the electronics password card, and described random number also comprises: the sequence number of one-way function and/or the sequence number of enciphered message;
Described authenticating device receives the first answer information that described certified equipment sends, and described the first answer information is that described certified equipment adopts the method identical with described authenticating device to generate;
described authenticating device finds corresponding electronics password card according to the sequence number of the electronics password card that the authentication that described random number is carried is used from the data of self preserving, index on the electronics password card that carries according to described random number is determined corresponding password at the described electronics password card that finds, the sequence number of the one-way function that carries according to described random number and/or the sequence number of enciphered message find corresponding one-way function and/or enciphered message from the data of self preserving, and use the one-way function find and/or enciphered message that the password of determining is processed to obtain result, with described result as the second answer information,
Described authenticating device compares the second answer information that self produces and the first answer information that receives from described certified equipment, if consistent, judges that described certified equipment is legal, authentication is passed through, if inconsistent, judge that described certified equipment is illegal, authentication is not passed through.
2. method according to claim 1, is characterized in that, the one-way function that described authenticating device use is found and/or enciphered message are processed the password of determining and obtained result, specifically comprise:
Described authenticating device uses the one-way function that finds to calculate described result to the password of determining;
Perhaps,
Described authenticating device uses the enciphered message that finds that the password of determining is encrypted and obtains described result;
Perhaps,
Described authenticating device uses the one-way function that finds to calculate intermediate object program to the password of determining, and uses the enciphered message that finds that the intermediate object program that calculates is encrypted to obtain described result;
Perhaps,
Described authenticating device uses the enciphered message that finds that the password of determining is encrypted and obtains intermediate object program, and uses the intermediate object program that the one-way function that finds obtains encryption to calculate described result.
3. method according to claim 1 and 2, is characterized in that, described certified equipment is by after authentication, and described method also comprises:
Described authenticating device receives one group of second random number that described certified equipment produces and sends;
Described authenticating device produces the 3rd answer information according to described the second random number, and described the 3rd answer information is sent to described certified equipment, make described certified equipment adopt the method identical with described authenticating device to generate the 4th answer information, and the 4th answer information that self produces and the 3rd answer information that receives from described authenticating device are compared, if consistent, judge that described authenticating device is legal, authentication is passed through, if inconsistent, judge that described authenticating device is illegal, authentication is not passed through.
4. method according to claim 3, is characterized in that, described authenticating device produces the 3rd answer information according to described the second random number, specifically comprises:
The sequence number of the electronics password card that described authenticating device uses according to the authentication that described the second random number is carried finds corresponding the second electronics password card from the data of self preserving, the index on the electronics password card that carries according to described the second random number is determined the second corresponding password at described the second electronics password card that finds;
The sequence number of the one-way function that described authenticating device carries according to described the second random number and/or the sequence number of enciphered message find corresponding the second one-way function and/or the second enciphered message from the data of self preserving, described the second one-way function that use is found and/or the second enciphered message are processed described the second password of determining and are obtained the second result, with described the second result as the 3rd answer information.
5. method according to claim 4, is characterized in that, described the second one-way function that described authenticating device use is found and/or the second enciphered message are processed described the second password of determining and obtained the second result, specifically comprise:
Described authenticating device uses the second one-way function that finds to calculate described the second result to the second password of determining;
Perhaps,
Described authenticating device uses the second enciphered message that finds that the second password of determining is encrypted and obtains described the second result;
Perhaps,
Described authenticating device uses the second one-way function that finds to calculate the second intermediate object program to the second password of determining, and uses the second enciphered message that finds that the second intermediate object program that calculates is encrypted to obtain described the second result;
Perhaps,
Described authenticating device uses the second enciphered message that finds that the second password of determining is encrypted and obtains the second intermediate object program, and uses the second intermediate object program that the second one-way function of finding obtains encryption to calculate described the second result.
6. an authentication method, is characterized in that, described method comprises:
In the situation that certified equipment and authenticating device are confirmed the other side's sequence number and the sequence numbers match of self mutually, described certified equipment receives one group of random number that described authenticating device produces and sends, described random number comprises: the sequence number of the electronics password card that authentication is used, the index on the electronics password card, and described random number also comprises: the sequence number of one-way function and/or the sequence number of enciphered message;
the sequence number of the electronics password card that the authentication that described certified equipment carries according to described random number is used finds corresponding electronics password card from the data of self preserving, index on the electronics password card that carries according to described random number is determined corresponding password at the described electronics password card that finds, the sequence number of the one-way function that carries according to described random number and/or the sequence number of enciphered message find corresponding one-way function and/or enciphered message from the data of self preserving, and use the one-way function find and/or enciphered message that the password of determining is processed to obtain result, with described result as the first answer information,
Described certified equipment sends described the first answer information to described authenticating device, make described authenticating device adopt the method identical with described certified equipment to generate the second answer information, and the second answer information that self produces and the first answer information that receives from described certified equipment are compared, if consistent, judge that described certified equipment is legal, authentication is passed through, if inconsistent, judge that described certified equipment is illegal, authentication is not passed through.
7. method according to claim 6, is characterized in that, the one-way function that described certified equipment use is found and/or enciphered message are processed the password of determining and obtained result, specifically comprise:
Described certified equipment uses the one-way function that finds to calculate described result to the password of determining;
Perhaps,
Described certified equipment uses the enciphered message that finds that the password of determining is encrypted and obtains described result;
Perhaps,
Described certified equipment uses the one-way function that finds to calculate intermediate object program to the password of determining, and uses the enciphered message that finds that the intermediate object program that calculates is encrypted to obtain described result;
Perhaps,
Described certified equipment uses the enciphered message that finds that the password of determining is encrypted and obtains intermediate object program, and uses the intermediate object program that the one-way function that finds obtains encryption to calculate described result.
8. according to claim 6 or 7 described methods, is characterized in that, described certified equipment is by after authentication, and described method also comprises:
Described certified equipment produces one group of second random number, and described the second random number is sent to described authenticating device, make described authenticating device adopt the method identical with described certified equipment to generate the 3rd answer information, and described the 3rd answer information is sent to described certified equipment;
Described certified equipment produces the 4th answer information according to described the second random number, and the 4th answer information that self produces and the 3rd answer information that receives from described authenticating device are compared, if consistent, judge that described authenticating device is legal, authentication is passed through, if inconsistent, judge that described authenticating device is illegal, authentication is not passed through.
9. method according to claim 8, is characterized in that, described certified equipment produces the 4th answer information according to described the second random number, specifically comprises:
The sequence number of the electronics password card that described certified equipment uses according to the authentication that described the second random number is carried finds corresponding the second electronics password card from the data of self preserving, the index on the electronics password card that carries according to described the second random number is determined the second corresponding password at described the second electronics password card that finds;
The sequence number of the one-way function that described certified equipment carries according to described the second random number and/or the sequence number of enciphered message find corresponding the second one-way function and/or the second enciphered message from the data of self preserving, described the second one-way function that use is found and/or the second enciphered message are processed described the second password of determining and are obtained the second result, with described the second result as the 4th answer information.
10. method according to claim 9, is characterized in that, described the second one-way function that described certified equipment use is found and/or the second enciphered message are processed described the second password of determining and obtained the second result, specifically comprise:
Described certified equipment uses the second one-way function that finds to calculate described the second result to the second password of determining;
Perhaps,
Described certified equipment uses the second enciphered message that finds that the second password of determining is encrypted and obtains described the second result;
Perhaps,
Described certified equipment uses the second one-way function that finds to calculate the second intermediate object program to the second password of determining, and uses the second enciphered message that finds that the second intermediate object program that calculates is encrypted to obtain described the second result;
Perhaps,
Described certified equipment uses the second enciphered message that finds that the second password of determining is encrypted and obtains the second intermediate object program, and uses the second intermediate object program that the second one-way function of finding obtains encryption to calculate described the second result.
11. an authenticating device is characterized in that, described equipment comprises:
Sending module, be used in the situation that certified equipment and described equipment are confirmed the other side's sequence number and the sequence numbers match of self mutually, produce one group of random number, and described random number is sent to described certified equipment, described random number comprises: the sequence number of the electronics password card that authentication is used, the index on the electronics password card, and described random number also comprises: the sequence number of one-way function and/or the sequence number of enciphered message;
Receiver module is used for receiving the first answer information that described certified equipment sends, and described the first answer information is that described certified equipment adopts the method identical with described authenticating device to generate;
generation module, the sequence number that is used for the electronics password card that uses according to the authentication that described random number is carried finds corresponding electronics password card from the data of self preserving, index on the electronics password card that carries according to described random number is determined corresponding password at the described electronics password card that finds, the sequence number of the one-way function that carries according to described random number and/or the sequence number of enciphered message find corresponding one-way function and/or enciphered message from the data of self preserving, and use the one-way function find and/or enciphered message that the password of determining is processed to obtain result, with described result as the second answer information,
Comparison module is used for the second answer information that will self produce and the first answer information that receives from described certified equipment and compares, if consistent, judge that described certified equipment is legal, authentication is passed through, if inconsistent, judge that described certified equipment is illegal, authentication is not passed through.
12. equipment according to claim 11 is characterized in that, the one-way function that described generation module finds in use and/or enciphered message are processed when obtaining as a result the password of determining, specifically are used for:
The one-way function that use is found calculates described result to the password of determining;
Perhaps,
The enciphered message that use is found is encrypted the password of determining and obtains described result;
Perhaps,
The one-way function that use is found calculates intermediate object program to the password of determining, and uses the enciphered message that finds that the intermediate object program that calculates is encrypted to obtain described result;
Perhaps,
The enciphered message that use is found is encrypted the password of determining and obtains intermediate object program, and uses the intermediate object program that the one-way function that finds obtains encryption to calculate described result.
13. according to claim 11 or 12 described equipment is characterized in that, described certified equipment is by after authentication, and described equipment also comprises:
Authentication module is used for receiving one group of second random number that described certified equipment produces and sends; Produce the 3rd answer information according to described the second random number, and described the 3rd answer information is sent to described certified equipment, make described certified equipment adopt the method identical with described authenticating device to generate the 4th answer information, and the 4th answer information that self produces and the 3rd answer information that receives from described authenticating device are compared, if consistent, judge that described authenticating device is legal, authentication is passed through, if inconsistent, judge that described authenticating device is illegal, authentication is not passed through.
14. equipment according to claim 13 is characterized in that, described authentication module specifically is used for when producing the 3rd answer information according to described the second random number:
The sequence number of the electronics password card that the authentication of carrying according to described the second random number is used finds corresponding the second electronics password card from the data of self preserving, the index on the electronics password card that carries according to described the second random number is determined the second corresponding password at described the second electronics password card that finds;
The sequence number of the one-way function that carries according to described the second random number and/or the sequence number of enciphered message find corresponding the second one-way function and/or the second enciphered message from the data of self preserving, described the second one-way function that use is found and/or the second enciphered message are processed described the second password of determining and are obtained the second result, with described the second result as the 3rd answer information.
15. equipment according to claim 14 is characterized in that, described the second one-way function that described authentication module finds in use and/or the second enciphered message are processed described the second password of determining and are obtained second as a result the time, specifically are used for:
The second one-way function that use is found calculates described the second result to the second password of determining;
Perhaps,
The second enciphered message that use is found is encrypted the second password of determining and obtains described the second result;
Perhaps,
The second one-way function that use is found calculates the second intermediate object program to the second password of determining, and uses the second enciphered message that finds that the second intermediate object program that calculates is encrypted to obtain described the second result;
Perhaps,
The second enciphered message that use is found is encrypted the second password of determining and obtains the second intermediate object program, and uses the second intermediate object program that the second one-way function of finding obtains encryption to calculate described the second result.
16. an authenticating device is characterized in that, described equipment comprises:
Receiver module, be used in the situation that described equipment and authenticating device are confirmed the other side's sequence number and the sequence numbers match of self mutually, receive one group of random number that described authenticating device produces and sends, described random number comprises: the sequence number of the electronics password card that authentication is used, the index on the electronics password card, and described random number also comprises: the sequence number of one-way function and/or the sequence number of enciphered message;
generation module, the sequence number that is used for the electronics password card that uses according to the authentication that described random number is carried finds corresponding electronics password card from the data of self preserving, index on the electronics password card that carries according to described random number is determined corresponding password at the described electronics password card that finds, the sequence number of the one-way function that carries according to described random number and/or the sequence number of enciphered message find corresponding one-way function and/or enciphered message from the data of self preserving, and use the one-way function find and/or enciphered message that the password of determining is processed to obtain result, with described result as the first answer information,
Sending module, be used for sending described the first answer information to described authenticating device, make described authenticating device adopt the method identical with described equipment to generate the second answer information, and the second answer information that self produces and the first answer information that receives from described equipment are compared, if consistent, judge that described equipment is legal, authentication is passed through, if inconsistent, judge that described equipment is illegal, authentication is not passed through.
17. equipment according to claim 16 is characterized in that, the one-way function that described generation module finds in use and/or enciphered message are processed when obtaining as a result the password of determining, specifically are used for:
The one-way function that use is found calculates described result to the password of determining;
Perhaps,
The enciphered message that use is found is encrypted the password of determining and obtains described result;
Perhaps,
The one-way function that use is found calculates intermediate object program to the password of determining, and uses the enciphered message that finds that the intermediate object program that calculates is encrypted to obtain described result;
Perhaps,
The enciphered message that use is found is encrypted the password of determining and obtains intermediate object program, and uses the intermediate object program that the one-way function that finds obtains encryption to calculate described result.
18. according to claim 16 or 17 described equipment is characterized in that, described equipment is by after authentication, and described equipment also comprises:
Authentication module, for generation of one group of second random number, and described the second random number is sent to described authenticating device, make described authenticating device adopt the method identical with described certified equipment to generate the 3rd answer information, and described the 3rd answer information is sent to described equipment; Produce the 4th answer information according to described the second random number, and the 4th answer information that self produces and the 3rd answer information that receives from described authenticating device are compared, if consistent, judge that described authenticating device is legal, authentication is passed through, if inconsistent, judge that described authenticating device is illegal, authentication is not passed through.
19. equipment according to claim 18 is characterized in that, described authentication module specifically is used for when producing the 4th answer information according to described the second random number:
The sequence number of the electronics password card that the authentication of carrying according to described the second random number is used finds corresponding the second electronics password card from the data of self preserving, the index on the electronics password card that carries according to described the second random number is determined the second corresponding password at described the second electronics password card that finds; The sequence number of the one-way function that carries according to described the second random number and/or the sequence number of enciphered message find corresponding the second one-way function and/or the second enciphered message from the data of self preserving, described the second one-way function that use is found and/or the second enciphered message are processed described the second password of determining and are obtained the second result, with described the second result as the 4th answer information.
20. equipment according to claim 19 is characterized in that, described the second one-way function that described authentication module finds in use and/or the second enciphered message are processed described the second password of determining and are obtained second as a result the time, specifically are used for:
The second one-way function that use is found calculates described the second result to the second password of determining;
Perhaps,
The second enciphered message that use is found is encrypted the second password of determining and obtains described the second result;
Perhaps,
The second one-way function that use is found calculates the second intermediate object program to the second password of determining, and uses the second enciphered message that finds that the second intermediate object program that calculates is encrypted to obtain described the second result;
Perhaps,
The second enciphered message that use is found is encrypted the second password of determining and obtains the second intermediate object program, and uses the second intermediate object program that the second one-way function of finding obtains encryption to calculate described the second result.
21. a Verification System is characterized in that, described system comprises: certified equipment and authenticating device;
In the situation that certified equipment and authenticating device are confirmed the other side's sequence number and the sequence numbers match of self mutually, described authenticating device, for generation of one group of random number, and described random number is sent to described certified equipment, described random number comprises: the sequence number of the electronics password card that authentication is used, the index on the electronics password card, and described random number also comprises: the sequence number of one-way function and/or the sequence number of enciphered message;
Described certified equipment is used for receiving described random number, adopts the method identical with described authenticating device to generate the first answer information, and described the first answer information is sent to described authenticating device;
described authenticating device, also be used for receiving the first answer information that described certified equipment sends, the sequence number of the electronics password card that the authentication of carrying according to described random number is used finds corresponding electronics password card from the data of self preserving, index on the electronics password card that carries according to described random number is determined corresponding password at the described electronics password card that finds, the sequence number of the one-way function that carries according to described random number and/or the sequence number of enciphered message find corresponding one-way function and/or enciphered message from the data of self preserving, and use the one-way function find and/or enciphered message that the password of determining is processed to obtain result, with described result as the second answer information, the the second answer information that self produces and the first answer information that receives from described certified equipment are compared, if consistent, judge that described certified equipment is legal, authentication is passed through, if inconsistent, judge that described certified equipment is illegal, authentication is not passed through.
22. system according to claim 21 is characterized in that, the one-way function that described authenticating device finds in use and/or enciphered message are processed when obtaining as a result the password of determining, specifically are used for:
Described authenticating device uses the one-way function that finds to calculate described result to the password of determining;
Perhaps,
Described authenticating device uses the enciphered message that finds that the password of determining is encrypted and obtains described result;
Perhaps,
Described authenticating device uses the one-way function that finds to calculate intermediate object program to the password of determining, and uses the enciphered message that finds that the intermediate object program that calculates is encrypted to obtain described result;
Perhaps,
Described authenticating device uses the enciphered message that finds that the password of determining is encrypted and obtains intermediate object program, and uses the intermediate object program that the one-way function that finds obtains encryption to calculate described result.
23. according to claim 21 or 22 described systems is characterized in that, described certified equipment is by after authentication, and described authenticating device also is used for receiving one group of second random number that described certified equipment produces and sends; Produce the 3rd answer information according to described the second random number, and described the 3rd answer information is sent to described certified equipment;
Described certified equipment, be used for receiving the 3rd answer information that described authenticating device sends, adopt the method identical with described authenticating device to generate the 4th answer information, and the 4th answer information that self produces and the 3rd answer information that receives from described authenticating device are compared, if consistent, judge that described authenticating device is legal, authentication is passed through, if inconsistent, judge that described authenticating device is illegal, authentication is not passed through.
24. system according to claim 23 is characterized in that, described authenticating device specifically is used for when producing the 3rd answer information according to described the second random number:
The sequence number of the electronics password card that described authenticating device uses according to the authentication that described the second random number is carried finds corresponding the second electronics password card from the data of self preserving, the index on the electronics password card that carries according to described the second random number is determined the second corresponding password at described the second electronics password card that finds;
The sequence number of the one-way function that described authenticating device carries according to described the second random number and/or the sequence number of enciphered message find corresponding the second one-way function and/or the second enciphered message from the data of self preserving, described the second one-way function that use is found and/or the second enciphered message are processed described the second password of determining and are obtained the second result, with described the second result as the 3rd answer information.
25. system according to claim 24 is characterized in that, described the second one-way function that described authenticating device finds in use and/or the second enciphered message are processed described the second password of determining and are obtained second as a result the time, specifically are used for:
Described authenticating device uses the second one-way function that finds to calculate described the second result to the second password of determining;
Perhaps,
Described authenticating device uses the second enciphered message that finds that the second password of determining is encrypted and obtains described the second result;
Perhaps,
Described authenticating device uses the second one-way function that finds to calculate the second intermediate object program to the second password of determining, and uses the second enciphered message that finds that the second intermediate object program that calculates is encrypted to obtain described the second result;
Perhaps,
Described authenticating device uses the second enciphered message that finds that the second password of determining is encrypted and obtains the second intermediate object program, and uses the second intermediate object program that the second one-way function of finding obtains encryption to calculate described the second result.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110437568.6A CN103178955B (en) | 2011-12-23 | 2011-12-23 | A kind of authentication method, equipment and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110437568.6A CN103178955B (en) | 2011-12-23 | 2011-12-23 | A kind of authentication method, equipment and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103178955A true CN103178955A (en) | 2013-06-26 |
| CN103178955B CN103178955B (en) | 2016-08-03 |
Family
ID=48638591
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110437568.6A Active CN103178955B (en) | 2011-12-23 | 2011-12-23 | A kind of authentication method, equipment and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103178955B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104850764A (en) * | 2015-05-22 | 2015-08-19 | 东信和平科技股份有限公司 | Smart card based software protection method and system |
| CN107408187A (en) * | 2014-10-09 | 2017-11-28 | 凯里赛克公司 | Pass through the improvement safety of authentication token |
| WO2019178828A1 (en) * | 2018-03-23 | 2019-09-26 | 深圳市大疆创新科技有限公司 | Control method, apparatus, and system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP0921487A2 (en) * | 1997-12-08 | 1999-06-09 | Nippon Telegraph and Telephone Corporation | Method and system for billing on the internet |
| CN1698309A (en) * | 2003-04-21 | 2005-11-16 | 索尼株式会社 | Device authentication system |
| CN1925393A (en) * | 2006-09-08 | 2007-03-07 | 苏州胜联电子信息有限公司 | Point-to-point network identity authenticating method |
| CN101296241A (en) * | 2008-06-30 | 2008-10-29 | 北京飞天诚信科技有限公司 | Method for improving identity authentication security based on password card |
-
2011
- 2011-12-23 CN CN201110437568.6A patent/CN103178955B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP0921487A2 (en) * | 1997-12-08 | 1999-06-09 | Nippon Telegraph and Telephone Corporation | Method and system for billing on the internet |
| CN1698309A (en) * | 2003-04-21 | 2005-11-16 | 索尼株式会社 | Device authentication system |
| CN1925393A (en) * | 2006-09-08 | 2007-03-07 | 苏州胜联电子信息有限公司 | Point-to-point network identity authenticating method |
| CN101296241A (en) * | 2008-06-30 | 2008-10-29 | 北京飞天诚信科技有限公司 | Method for improving identity authentication security based on password card |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107408187A (en) * | 2014-10-09 | 2017-11-28 | 凯里赛克公司 | Pass through the improvement safety of authentication token |
| US10733309B2 (en) | 2014-10-09 | 2020-08-04 | Kelisec Ab | Security through authentication tokens |
| CN104850764A (en) * | 2015-05-22 | 2015-08-19 | 东信和平科技股份有限公司 | Smart card based software protection method and system |
| CN104850764B (en) * | 2015-05-22 | 2018-09-11 | 东信和平科技股份有限公司 | A kind of method for protecting software and system based on smart card |
| WO2019178828A1 (en) * | 2018-03-23 | 2019-09-26 | 深圳市大疆创新科技有限公司 | Control method, apparatus, and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103178955B (en) | 2016-08-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110519260B (en) | Information processing method and information processing device | |
| CN102217277B (en) | Method and system for token-based authentication | |
| CN110473318B (en) | Unlocking method, equipment for realizing unlocking and computer readable medium | |
| CN103731756A (en) | Smart home remote security access control implementation method based on smart cloud television gateway | |
| CN106878318A (en) | A kind of block chain real time polling cloud system | |
| CN106683245B (en) | NFC mobile intelligent terminal safety access control system and control method thereof | |
| CN105989386B (en) | A kind of method and apparatus for reading and writing radio frequency identification card | |
| CN103246842A (en) | Methods and devices for authentication and data encryption | |
| CN1921395B (en) | Method for improving security of network software | |
| CN103001773A (en) | Fingerprint authentication system and fingerprint authentication method based on near field communication (NFC) | |
| CN113472793B (en) | Personal data protection system based on hardware password equipment | |
| CN101588245A (en) | A kind of method of authentication, system and memory device | |
| CN105207776A (en) | Fingerprint authentication method and system | |
| CN101140605A (en) | Data safety reading method and safety storage apparatus thereof | |
| CN105656862A (en) | Authentication method and device | |
| CN101964805B (en) | Method, equipment and system for safely sending and receiving data | |
| CN108768941B (en) | Method and device for remotely unlocking safety equipment | |
| CN113132087A (en) | Internet of things, identity authentication and secret communication method, chip, equipment and medium | |
| CN108199836B (en) | Method and device for binding and unbinding key and equipment | |
| CN103178955A (en) | Authentication method, device and system | |
| CN107589999B (en) | Process communication safety channel establishing method in heaven-earth integrated engineering | |
| CN111709747B (en) | Intelligent terminal authentication method and system | |
| CN103532979A (en) | Method for generating and verifying multi-conversation verification codes under CGI (common gateway interface) for web | |
| CN113115255A (en) | Certificate issuing method, secret key authentication method, vehicle unlocking method, equipment and storage medium | |
| CN111934862B (en) | Server access method and device, readable medium and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 518129 Building 2, B District, Bantian HUAWEI base, Longgang District, Shenzhen, Guangdong. Patentee after: Huawei terminal (Shenzhen) Co.,Ltd. Address before: 518129 Building 2, B District, Bantian HUAWEI base, Longgang District, Shenzhen, Guangdong. Patentee before: HUAWEI DEVICE Co.,Ltd. |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20181219 Address after: 523808 Southern Factory Building (Phase I) Project B2 Production Plant-5, New Town Avenue, Songshan Lake High-tech Industrial Development Zone, Dongguan City, Guangdong Province Patentee after: HUAWEI DEVICE Co.,Ltd. Address before: 518129 Building 2, B District, Bantian HUAWEI base, Longgang District, Shenzhen, Guangdong. Patentee before: Huawei terminal (Shenzhen) Co.,Ltd. |