CN103346888A - Remote identity authentication method based on password, smart card and biological features - Google Patents

Remote identity authentication method based on password, smart card and biological features Download PDF

Info

Publication number
CN103346888A
CN103346888A CN2013102752145A CN201310275214A CN103346888A CN 103346888 A CN103346888 A CN 103346888A CN 2013102752145 A CN2013102752145 A CN 2013102752145A CN 201310275214 A CN201310275214 A CN 201310275214A CN 103346888 A CN103346888 A CN 103346888A
Authority
CN
China
Prior art keywords
server
user
smart card
identity
rpw
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2013102752145A
Other languages
Chinese (zh)
Other versions
CN103346888B (en
Inventor
崔建明
张小军
王凤杰
李恒忠
刘辉
高建新
刘奕辉
霍永
孙晓明
黄贤青
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shandong University of Science and Technology
Original Assignee
Shandong University of Science and Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shandong University of Science and Technology filed Critical Shandong University of Science and Technology
Priority to CN201310275214.5A priority Critical patent/CN103346888B/en
Publication of CN103346888A publication Critical patent/CN103346888A/en
Application granted granted Critical
Publication of CN103346888B publication Critical patent/CN103346888B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Abstract

The invention a remote identity authentication method based on a password, a smart card and biological features. The method includes the step of registration, the step of logging in and the step of authentication. According to the method, a registration center generates a first parameter set and stores the first parameter set onto the smart card; the smart card verifies local legitimacy of the identity of a user, and if the identity of the user is legal, first verification data relevant to random numbers are generated and sent to a server; the server verifies the legitimacy of the identity of the user, and if the identity of the user is legal, second verification data used for verifying the identity of the server are generated and sent to the smart card; the smart card verifies the legitimacy of the identity of the server, and if the identity of the server is legal, third verification data are generated and sent to the server; the server verifies the identity of the user for the second time, and if the identity of the user is legal, the server and the smart card generate the same session key. The method can resist server denial attacks, verification table theft attacks, replay attacks and the problem of forward secrecy.

Description

A kind of long-distance identity-certifying method based on password, smart card and biological characteristic
Technical field
The present invention relates to information security and networking technology area, particularly a kind of long-distance identity-certifying method based on password, smart card and biological characteristic.
Background technology
Along with the fast development of network technology and the communication technology, the identity identifying method of traditional form no longer is safe, and username and password etc. can be stolen by victim, and smart card is easily stolen or lose, and also there is the danger that passes into silence or reveal in password.Yet biometrics identification technology as fingerprint, face and iris, provides a kind of more reliable and more automatic authentication mode based on important physical or behavioural characteristic.These biological characteristics normally generally can get, and are unique and can not be replicated, lose and forget.
Because above advantage, some remote user authentication schemes based on the biostatistics basis are designed to solve the single cipher Authentication Questions.Comparing with traditional cipher authentication scheme, be more safe and reliable based on the remote user authentication of biological characteristic, and it can resist the attack of various specialties.
In 2002, people such as Lee proposed a kind of remote user authentication method based on fingerprint of using smart card.In the entry stage of their method, the user is inserted into smart card in the card reader, keys in ID and password, and user's fingerprint mark is at finger print input device then.Have only after user's fingerprint good authentication, the user just can access server.Yet their scheme can not be resisted spoof attack (Lin and Lai, 2004), the attack of conspiring (Chang and Lin, 2004).
In 2003, Kim et al. (2003) proposed a kind of public key cryptography authentication scheme of using smart card and fingerprint, yet it also is proved to be unsafe (Scott, 2004).
Khan and Zhang (2007) points out that Lin and Lai ' s (2004) is to suffer the server spoofing attack easily based on the authentication scheme of bio-identification.
In 2009, Fan and Lin (2009) proposed a kind of real long-range three factor authentication methods, and the method has been introduced the biological information of encrypting.
Li and Hwang (2010) has proposed a remote user authentication scheme based on bio-identification checking, smart card and one-way hash function recently.Compare with other schemes, this scheme is more effective.Yet people such as Li find the method for Li and Hwang (2010) suitable authentication can not be provided and can't resist man-in-the-middle attack, and these shortcomings make scheme can't be applicable to practical application.
In 2012, people such as Li have proposed a kind of new elimination these weakness and the remote user authentication scheme based on bio-identification of supporting session key agreement.But people's such as Li method can not be resisted the attack of denial of service device, the stolen attack of proof list, Replay Attack and forward secrecy.
Summary of the invention
The object of the present invention is to provide a kind of long-distance identity-certifying method based on password, smart card, biological characteristic three factors, can resist the problem of the attack of denial of service device, the stolen attack of proof list, Replay Attack and forward secrecy.
For achieving the above object, the present invention adopts following technical scheme:
A kind of long-distance identity-certifying method based on password, smart card and biological characteristic, comprise registration step, login step and authenticating step, wherein, registration step further comprises, registration center generates parameter group one according to user's log-on message, and deposit described parameter group one in smart card, and described log-on message comprises identify label, password and biological information, described parameter group one comprises the parameter relevant with biological information; Login step further comprises, the identify label that described smart card provides according to the user, password and biological information are carried out local legitimate verification, if smart card checking user is legal, described smart card generates random number, and the generation first verification data relevant with described random number, and first verification data sent to server; Authenticating step further comprises, described server carries out legitimate verification according to received first verification data to user identity, if described server authentication user identity is legal, then generate second verification msg that is used for the authentication server identity, and second verification msg is sent to smart card; Described smart card carries out legitimate verification according to second verification msg that receives to server identity, if smart card authentication server identity is legal, then generates the 3rd verification msg, and the 3rd verification msg is sent to server; Described server carries out the secondary checking according to the 3rd verification msg that receives to user identity, if the server authentication user identity is legal, server generates identical session key with smart card.
Further, a kind of long-distance identity-certifying method based on password, smart card and biological characteristic, registration step comprise that further smart card generates random number N, calculate RPW i=h (N ‖ PW i), CID i=h (N ‖ ID i), then with { CID i, B i, RPW iSend to registration center by safe lane, wherein, ID iBe i user U iUser's identify label, PW iBe user U iPassword, B iBe user U iBiological information; BPW calculates in described registration center i=B i⊕ h (RPW i), e i=h (CID i‖ X s) ⊕ RPW i, T i=h (CID i‖ RPW i), H i=h (T i), described parameter group one comprises BPW i, e i, H i, h () and y, wherein, y is the private key that registration center and user share.
Further, a kind of long-distance identity-certifying method based on password, smart card and biological characteristic, login step comprises that further smart card is according to user U iThe identify label ID of input iWith password PW i, calculate CID i=h (N ‖ ID i), T i=h (CID i‖ RPW i), the checking H iWith h (T i) whether equate, if unequal, stop session, if equate that then smart card is gathered described user U iBiological information Calculate RPW i=h (N ‖ PW i), B i=P i⊕ h (RPW i), checking And B iDegree of agreement, if less than threshold value, then think non-validated user login stop session, otherwise smart card to generate random number R c, calculate M 1=e i⊕ RPW i, M 2=M 1⊕ R c, M 3=h (y ‖ R c), M 4=RPW i⊕ M 3, M 5=h (M 2‖ M 3‖ M 4), then with first verification data { CID i, M 2, M 4, M 5Pass to server S j
Further, a kind of long-distance identity-certifying method based on password, smart card and biological characteristic, authenticating step further comprises, described server S jCalculate M 6=h (CID i‖ X s), M 7=M 2⊕ M 6, M 8=h (y ‖ M 7), verify h (M then 2‖ M 8‖ M 4) and M 5Whether equate that if equate, described server generates random number R s, calculate M 9=M 4⊕ M 8, M 10=h (M 9‖ SID j‖ M 8‖ M 6), M 11=h (M 9‖ SID j‖ y) ⊕ M 8⊕ R s, M 12=h (M 6‖ M 9‖ R s‖ y), then with the second verification msg { M 10, M 11Send to smart card, wherein, X sIt is the master key that registration center and server are shared; Described smart card checking h (RPW i‖ SID j‖ M 3‖ M 1) and M 10Whether equate, if equate, calculate M 13=h (RPW i‖ SID j‖ y) ⊕ M 3⊕ M 11, M 14=h (M 1‖ RPW i‖ R s‖ y), then with the 3rd verification msg { M 14Issue described server; Described server is M relatively 14With M 12Whether equate, if equate that then server and smart card generate the same session key simultaneously.
Further, a kind of long-distance identity-certifying method based on password, smart card and biological characteristic, the computing formula that generates the same session key is SK=h (M 6‖ M 9‖ R c‖ R s‖ y).
Long-distance identity-certifying method based on password, smart card and biological characteristic provided by the present invention is owing to protected user's identity ID at user's registration phase iWith password PW iAnd user biological information B i, this makes the assailant can't directly obtain user's identity and password and biological information; Increase local verification in entry stage, at first carried out the checking of identity and password, verified user biological information B again i, resisted the denial of service device and attacked; In addition, also just not do not have the stolen attack of proof list owing to do not deposit proof list, owing to increased the situation that user's secondary checking is not just existed yet Replay Attack, the assailant can't obtain random number R c, also just can't carry out the session key forward direction and attack.
Description of drawings
Fig. 1 is the schematic diagram of a specific embodiment of the present invention.
Embodiment
In order to make purpose of the present invention, technical scheme and advantage clearer, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explaining the present invention, and be not used in restriction the present invention.
The sign meaning of symbol to occur as shown in the table:
U i I user
ID i User's identify label
PW i User's password
B i User biological information
N The random number N that smart card generates
RPW i User cipher after the encryption
CID i User Identity after the encryption
R s User biological information after the encryption
R c The random number that smart card produces
X s The master key that registration center and server are shared
y The private key that registration center and user share
R s The random number that server produces
Comprise three participants in the technical scheme of the present invention: user RC, server S jWith the RC of registration center, wherein registration center is a trustworthy side.
As specific embodiment of the present invention, a kind of long-distance identity-certifying method based on password, smart card and biological characteristic, comprise registration step, login step and authenticating step, wherein, registration step comprises that further registration center generates parameter group one according to user's log-on message, and deposits described parameter group one in smart card, described log-on message comprises identify label, password and biological information, and described parameter group one comprises the parameter relevant with biological information; Login step further comprises, the identify label that described smart card provides according to the user, password and biological information are carried out local legitimate verification, if smart card checking user is legal, described smart card generates random number, and the generation first verification data relevant with described random number, and first verification data sent to server; Authenticating step further comprises, described server carries out legitimate verification according to received first verification data to user identity, if described server authentication user identity is legal, then generate second verification msg that is used for the authentication server identity, and second verification msg is sent to smart card; Described smart card carries out legitimate verification according to second verification msg that receives to server identity, if smart card authentication server identity is legal, then generates the 3rd verification msg, and the 3rd verification msg is sent to server; Described server carries out the secondary checking according to the 3rd verification msg that receives to user identity, if the server authentication user identity is legal, server generates identical session key with smart card.In whole process, registration center and server are not deposited proof list.
In the above-described embodiments, owing to protected user's identity ID at user's registration phase iWith password PW iAnd user biological information B i, this makes the assailant can't directly obtain user's identity and password and biological information; Increase local verification in entry stage, at first carried out the checking of identity and password, verified user biological information B again i, resisted the denial of service device and attacked; In addition, also just not do not have the stolen attack of proof list owing to do not deposit proof list, increase the situation that user's secondary checking is not just existed yet Replay Attack, the assailant can't obtain random number R c, also just can't carry out the session key forward direction and attack.
As shown in Figure 1, as a specific embodiment of the present invention, the registration phase specific implementation is user U iSelect the identify label ID of oneself iWith password PW i, and at the described user biological information B of specific sensing equipment collection i, smart card generates random number N, and calculates RPW i=h (N ‖ PW i), CID i=h (N ‖ ID i).Then with { CID i, B i, RPW iSend to registration center by safe lane; { CID receives in described registration center i, B i, RPW iAfter, calculate BPW i=B i⊕ h (RPW i), e i=h (CID i‖ X s) ⊕ RPW i, T i=h (CID i‖ RPW i), H i=h (T i); Described registration center is with { BPW i, H i, e i, h (), y} deposit in the described smart card, and the described random number N that described smart card will generate before is storage in the lump also.Described registration center gives described user U by safe lane with smart card then iSo far, registration phase is finished.Wherein, described parameter group one comprises BPW i, e i, H i, h () and y, its effect is respectively: storage smart card biological characteristic; Contain privacy key in the smart card, guarantee that the user is legal authorization person; Be used for local verification; A kind of Hash operation that algorithmic procedure applies to; The private key that registration center and user share need exist in the smart card.
The entry stage specific implementation is user U iInput identify label ID iWith password PW i, smart card calculates CID i=h (N ‖ ID i), T i=h (CID i‖ RPW i), the checking H iWith h (T i) whether equate, if unequal, stop session, if equate, the step below then continuing, described smart card is gathered described user U iBiological information Calculate RPW i=h (N ‖ PW i), B i=P i⊕ h (RPW i), checking And B iDegree of agreement, if less than threshold value, then think non-validated user login to stop session, if more than or equal to threshold value local the login successfully then; Described smart card generates random number R c, calculate M 1=e i⊕ RPW i, M 2=M 1⊕ R c, M 3=h (y ‖ R c), M 4=RPW i⊕ M 3, M 5=h (M 2‖ M 3‖ M 4), then with first verification data { CID i, M 2, M 4, M 5Pass to server S jWherein, threshold value can freely arrange, and is preferably greater than to equal 95%.In addition, the effect of each parameter of first verification data is respectively: CID i, guarantee privacy of user, utilize privacy key X simultaneously sCalculate important validation value M 6Utilize M 2And M 6The random number R of calculating the generation of user's entry stage but not having expressly to transmit cProtection user's authorization information comprises user cipher RPW iWith private key h (y ‖ R c); As validation value, the value that calculates with server compares checking, if equate that then checking is first finished, otherwise, refusing user's request.
The authentication phase specific implementation is described server S jReceive first verification data { CID i, M 2, M 4, M 5After, calculate M 6=h (CID i‖ X s), M 7=M 2⊕ M 6, M 8=h (y ‖ M 7), verify h (M then 2‖ M 8‖ M 4) and M 5Whether equate, verify user's legitimacy, when described server S jWhat verify described user is legal, and described server generates random number R then s, calculate M 9=M 4⊕ M 8, M 10=h (M 9‖ SID j‖ M 8‖ M 6), M 11=h (M 9‖ SID j‖ y) ⊕ M 8⊕ R s, M 12=h (M 6‖ M 9‖ R s‖ y), then with the second verification msg { M 10, M 11Send to smart card, when described smart card receives the second verification msg { M 10, M 11Back checking h (RPW i‖ SID j‖ M 3‖ M 1) and M 10Whether whether equate, be legal with authentication server.When the described server of described user rs authentication is legal, calculate M then 13=h (RPW i‖ SID j‖ y) ⊕ M 3⊕ M 11, M 14=h (M 1‖ RPW i‖ R s‖ y), then with the 3rd verification msg { M 14Issue described server and verify for secondary.Described server is received the 3rd verification msg { M 14After, with M 12More whether equate.If described server verifies that again the user is legal, then generate session key SK=h (M 6‖ M 9‖ R c‖ R s‖ y), smart card generates identical session key SK=h (M simultaneously 1‖ RPW i‖ R c‖ R s‖ y), the secret key protection of session both sides session is carried out under the environment of safety.Wherein, the effect of two parameters of second verification msg is respectively: the user profile of utilizing server to calculate adds the random number R that the server authentication stage produces s, if the user be legal then can be according to the anti-R of release of character of Given information and boundary's exclusive disjunction s, finish the user to the checking of server with this; Comprise private information and random number that user and server both sides produce, the user adds the R that calculates s, for server user's secondary is verified use.Verification msg is finished server to user's secondary checking for the third time.
In sum, the long-distance identity-certifying method based on password, smart card and biological characteristic provided by the present invention is owing to protected user's identity ID at user's registration phase iWith password PW iAnd user biological information B i, this makes the assailant can't directly obtain user's identity and password and biological information; Increase local verification in entry stage, at first carried out the checking of identity and password, verified user biological information B again i, resisted the denial of service device and attacked; In addition, also just not do not have the stolen attack of proof list owing to do not deposit proof list, the user is carried out the situation that just there is not Replay Attack in the secondary checking yet, the assailant can't obtain random number R c, also just can't carry out the session key forward direction and attack.
The above is preferred embodiment of the present invention only, is not to limit practical range of the present invention; If do not break away from the spirit and scope of the present invention, the present invention is made amendment or is equal to replacement, all should be encompassed in the middle of the protection range of claim of the present invention.

Claims (5)

1. the long-distance identity-certifying method based on password, smart card and biological characteristic is characterized in that, comprises registration step, login step and authenticating step, wherein,
Registration step further comprises, registration center generates parameter group one according to user's log-on message, and deposit described parameter group one in smart card, and described log-on message comprises identify label, password and biological information, described parameter group one comprises the parameter relevant with biological information;
Login step further comprises, the identify label that described smart card provides according to the user, password and biological information are carried out local legitimate verification, if smart card checking user is legal, described smart card generates random number, and the generation first verification data relevant with described random number, and first verification data sent to server;
Authenticating step further comprises, described server carries out legitimate verification according to received first verification data to user identity, if described server authentication user identity is legal, then generate second verification msg that is used for the authentication server identity, and second verification msg is sent to smart card;
Described smart card carries out legitimate verification according to second verification msg that receives to server identity, if smart card authentication server identity is legal, then generates the 3rd verification msg, and the 3rd verification msg is sent to server;
Described server carries out the secondary checking according to the 3rd verification msg that receives to user identity, if the server authentication user identity is legal, server generates identical session key with smart card.
2. long-distance identity-certifying method according to claim 1 is characterized in that, registration step further comprises,
Smart card generates random number N, calculates RPW i=h (N ‖ PW i), CID i=h (N ‖ ID i), then with { CID i, B i, RPW iSend to registration center by safe lane, wherein, ID iBe i user U iUser's identify label, PW iBe user U iPassword, B iBe user U iBiological information;
BPW calculates in described registration center i=B i⊕ h (RPW i), e i=h (CID i‖ X s) ⊕ RPW i, T i=h (CID i‖ RPW i), y, described parameter group one comprises BPW i, e i, T i, h () and y, wherein, y is the private key that registration center and user share.
3. long-distance identity-certifying method according to claim 2 is characterized in that, login step further comprises,
Smart card is according to user U iThe identify label ID of input iWith password PW i, calculate CID i=h (N ‖ ID i), T i=h (CID i‖ RPW i), the checking H iWith h (T i) whether equate, if unequal, stop session, if equate that then smart card is gathered described user U iBiological information Calculate RPW i=h (N ‖ PW i), B i=P i⊕ h (RPW i), checking And B iDegree of agreement, if less than threshold value, then think non-validated user login stop session, otherwise smart card to generate random number R c, calculate M 1=e i⊕ RPW i, M 2=M 1⊕ R c, M 3=h (y ‖ R c), M 4=RPW i⊕ M 3, M 5=h (M 2‖ M 3‖ M 4), then with first verification data { CID i, M 2, M 4, M 5Pass to server S j
4. long-distance identity-certifying method according to claim 3 is characterized in that, authenticating step further comprises,
Described server S jCalculate M 6=h (CID i‖ X s), M 7=M 2⊕ M 6, M 8=h (y ‖ M 7), verify h (M then 2‖ M 8‖ M 4) and M 5Whether equate that if equate, described server generates random number R s, calculate M 9=M 4⊕ M 8, M 10=h (M 9‖ SID j‖ M 8‖ M 6), M 11=h (M 9‖ SID j‖ y) ⊕ M 8⊕ R s, M 12=h (M 6‖ M 9‖ R s‖ y), then with the second verification msg { M 10, M 11Send to smart card, wherein, X sIt is the master key that registration center and server are shared;
Described smart card checking h (RPW i‖ SID j‖ M 3‖ M 1) and M 10Whether equate, if equate, calculate M 13=h (RPW i‖ SID j‖ y) ⊕ M 3⊕ M 11, M 14=h (M 1‖ RPW i‖ R s‖ y), then with the 3rd verification msg M 14Issue described server;
Described server is M relatively 14With M 12Whether equate, if equate that then server and smart card generate the same session key simultaneously.
5. long-distance identity-certifying method according to claim 4 is characterized in that, the computing formula that generates the same session key is SK=h (M 6‖ M 9‖ R c‖ R s‖ y).
CN201310275214.5A 2013-07-02 2013-07-02 A kind of remote identity authentication method based on password, smart card and biological characteristic Active CN103346888B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310275214.5A CN103346888B (en) 2013-07-02 2013-07-02 A kind of remote identity authentication method based on password, smart card and biological characteristic

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310275214.5A CN103346888B (en) 2013-07-02 2013-07-02 A kind of remote identity authentication method based on password, smart card and biological characteristic

Publications (2)

Publication Number Publication Date
CN103346888A true CN103346888A (en) 2013-10-09
CN103346888B CN103346888B (en) 2016-08-10

Family

ID=49281664

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310275214.5A Active CN103346888B (en) 2013-07-02 2013-07-02 A kind of remote identity authentication method based on password, smart card and biological characteristic

Country Status (1)

Country Link
CN (1) CN103346888B (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104778421A (en) * 2014-01-13 2015-07-15 全宏科技股份有限公司 Data securing encryption method, data securing system used for encryption or authentication, and data carrier
WO2017167093A1 (en) * 2016-03-30 2017-10-05 阿里巴巴集团控股有限公司 Method and device for registering biometric identity and authenticating biometric identity
CN107346383A (en) * 2016-09-09 2017-11-14 天地融科技股份有限公司 A kind of authorization method and system
CN108200037A (en) * 2017-12-28 2018-06-22 天地融科技股份有限公司 A kind of method and system that safety operation is performed using safety equipment
CN108322439A (en) * 2017-12-28 2018-07-24 天地融科技股份有限公司 It is a kind of to utilize secure device enrollment method and Accreditation System
CN108322440A (en) * 2017-12-28 2018-07-24 天地融科技股份有限公司 It is a kind of to utilize safety equipment Card Reader login method and Security Login System
CN108322507A (en) * 2017-12-28 2018-07-24 天地融科技股份有限公司 A kind of method and system executing safety operation using safety equipment
CN108337235A (en) * 2017-12-28 2018-07-27 天地融科技股份有限公司 A kind of method and system executing safety operation using safety equipment
CN109327313A (en) * 2018-11-07 2019-02-12 西安电子科技大学 A kind of Bidirectional identity authentication method with secret protection characteristic, server
TWI673621B (en) * 2017-01-19 2019-10-01 香港商阿里巴巴集團服務有限公司 Information registration, authentication method and device

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111104661A (en) * 2019-12-30 2020-05-05 黄策 Distributed biometric verification

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2192513A1 (en) * 2008-12-01 2010-06-02 Research In Motion Limited Authentication using stored biometric data

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2192513A1 (en) * 2008-12-01 2010-06-02 Research In Motion Limited Authentication using stored biometric data

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
CHUN-TA LI,MIN-SHIANG HWANG: "An efficient biometrics-based remote user authentication scheme using smart cards", 《JOURNAL OF NETWORK AND COMPUTER APPLICATIONS》, no. 33, 31 December 2010 (2010-12-31) *
李雄: "多种环境下身份认证协议的研究与设计", 《中国博士学位论文全文数据库信息科技辑》, no. 1, 15 January 2013 (2013-01-15) *
韩涛: "基于智能卡与生物特征的身份认证协议的研究", 《中国优秀硕士学位论文全文数据库》, 30 May 2011 (2011-05-30) *
马慧芳: "基于生物特征的智能卡远程身份认证协议的研究", 《中国优秀硕士学位论文全文数据库》, 3 November 2010 (2010-11-03) *

Cited By (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104778421A (en) * 2014-01-13 2015-07-15 全宏科技股份有限公司 Data securing encryption method, data securing system used for encryption or authentication, and data carrier
WO2017167093A1 (en) * 2016-03-30 2017-10-05 阿里巴巴集团控股有限公司 Method and device for registering biometric identity and authenticating biometric identity
CN107294721A (en) * 2016-03-30 2017-10-24 阿里巴巴集团控股有限公司 The method and apparatus of identity registration, certification based on biological characteristic
US10893044B2 (en) 2016-03-30 2021-01-12 Advanced New Technologies Co., Ltd. Biometric identity registration and authentication
RU2730087C2 (en) * 2016-03-30 2020-08-17 Алибаба Груп Холдинг Лимитед Method and device for biometric identification and biometric identification authentication
CN107294721B (en) * 2016-03-30 2019-06-18 阿里巴巴集团控股有限公司 The method and apparatus of identity registration, certification based on biological characteristic
US11025619B2 (en) 2016-03-30 2021-06-01 Advanced New Technologies Co., Ltd. Biometric identity registration and authentication
CN107346383A (en) * 2016-09-09 2017-11-14 天地融科技股份有限公司 A kind of authorization method and system
CN107346383B (en) * 2016-09-09 2019-12-10 天地融科技股份有限公司 authorization method and system
TWI673621B (en) * 2017-01-19 2019-10-01 香港商阿里巴巴集團服務有限公司 Information registration, authentication method and device
CN108322507A (en) * 2017-12-28 2018-07-24 天地融科技股份有限公司 A kind of method and system executing safety operation using safety equipment
CN108337235A (en) * 2017-12-28 2018-07-27 天地融科技股份有限公司 A kind of method and system executing safety operation using safety equipment
CN108322440A (en) * 2017-12-28 2018-07-24 天地融科技股份有限公司 It is a kind of to utilize safety equipment Card Reader login method and Security Login System
CN108322439A (en) * 2017-12-28 2018-07-24 天地融科技股份有限公司 It is a kind of to utilize secure device enrollment method and Accreditation System
CN108200037A (en) * 2017-12-28 2018-06-22 天地融科技股份有限公司 A kind of method and system that safety operation is performed using safety equipment
CN108200037B (en) * 2017-12-28 2020-12-11 天地融科技股份有限公司 Method and system for executing security operation by using security device
CN108322440B (en) * 2017-12-28 2020-12-11 天地融科技股份有限公司 Card reading login method and security login system by using security equipment
CN108322439B (en) * 2017-12-28 2020-12-15 天地融科技股份有限公司 Registration method and registration system by using security equipment
CN109327313A (en) * 2018-11-07 2019-02-12 西安电子科技大学 A kind of Bidirectional identity authentication method with secret protection characteristic, server

Also Published As

Publication number Publication date
CN103346888B (en) 2016-08-10

Similar Documents

Publication Publication Date Title
CN103346888A (en) Remote identity authentication method based on password, smart card and biological features
Tsai Efficient multi-server authentication scheme based on one-way hash function without verification table
CN108270571B (en) Internet of Things identity authorization system and its method based on block chain
CN106878318B (en) Block chain real-time polling cloud system
Avoine et al. A terrorist-fraud resistant and extractor-free anonymous distance-bounding protocol
WO1999024895A1 (en) Tamper resistant method and apparatus
CN103338201B (en) The remote identity authentication method that under a kind of environment of multi-server, registration center participates in
CN104065487A (en) Random secret value IBC identity authentication method based on digital fingerprint
CN101192927B (en) Authorization based on identity confidentiality and multiple authentication method
CN103347018A (en) Long-distance identity authentication method based on intelligent card and under multiple-service environment
CN109347626A (en) A kind of safety identification authentication method with antitracking characteristic
CN103338202B (en) A kind of long-distance user's password double verification method based on smart card
CN109359464A (en) A kind of wireless security authentication method based on block chain technology
CN105072110A (en) Two-factor remote identity authentication method based on smart card
CN103346887A (en) Low-complexity identity authentication method based on intelligent card and under multiserver environment
CN109327313A (en) A kind of Bidirectional identity authentication method with secret protection characteristic, server
CN109688119A (en) In a kind of cloud computing can anonymous traceability identity identifying method
CN107948143B (en) Identity-based privacy protection integrity detection method and system in cloud storage
CN101567033A (en) Biological authentication method for resisting privacy disclosure
Cheng et al. A novel biometric-based remote user authentication scheme using quadratic residues
CN106230840A (en) A kind of command identifying method of high security
CN110289961A (en) Tele-medicine authentication method
Lee et al. Comment on" A remote user authentication scheme using smart cards with forward secrecy
Yeh et al. Analysis and design of a smart card based authentication protocol
CN104780049B (en) A kind of method of safe read-write data

Legal Events

Date Code Title Description
PB01 Publication
C06 Publication
SE01 Entry into force of request for substantive examination
C10 Entry into substantive examination
GR01 Patent grant
C14 Grant of patent or utility model