CN103997728B - A kind of machine card mutual authentication method and system - Google Patents

A kind of machine card mutual authentication method and system Download PDF

Info

Publication number
CN103997728B
CN103997728B CN201310053267.2A CN201310053267A CN103997728B CN 103997728 B CN103997728 B CN 103997728B CN 201310053267 A CN201310053267 A CN 201310053267A CN 103997728 B CN103997728 B CN 103997728B
Authority
CN
China
Prior art keywords
uicc
mtc
msub
hss
random number
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201310053267.2A
Other languages
Chinese (zh)
Other versions
CN103997728A (en
Inventor
张滨
袁捷
冯运波
乔喆
邱勤
王馨裕
安宝宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
Original Assignee
China Mobile Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd filed Critical China Mobile Communications Group Co Ltd
Priority to CN201310053267.2A priority Critical patent/CN103997728B/en
Publication of CN103997728A publication Critical patent/CN103997728A/en
Application granted granted Critical
Publication of CN103997728B publication Critical patent/CN103997728B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The present invention provides a kind of machine card mutual authentication method and system.Wherein method includes:HSS distinguishes preset identity and sequence number to MTC and UICC, and initial random number is generated to MTC;MTC generates the first random number and is sent to UICC;UICC calculates the first median, own identification is identified, the first median, the second random number are sent to MTC;MTC calculates the second median, own identification is identified, UICC identity, the first random number, the second random number, the first median, the second median are sent to HSS;HSS judges whether MTC and UICC is legal, and returns result to MTC;MTC and UICC completes its own sequence number renewal.Compared with prior art, the present invention can solve the problems, such as the two-way authentication during terminal and card binding under conditions of machine card shared secret information is not required, it is ensured that bound terminal and card is all legal.

Description

A kind of machine card mutual authentication method and system
Technical field
The present invention relates to machine card authentication techniques field, more particularly to a kind of machine card mutual authentication method and system.
Background technology
During binding machine and card of the prior art, some binding machine and card method supports conditions receive list of the card to terminal To certification.For example, giving terminal preset one numbering, user directly is prompted by the numbering and condition reception of terminal by man-machine interface Card number is sent to conditional access system and performs binding machine and card, then retransmits or generates user key using function, with checking Condition reception information or numbering etc., reach checking of the condition receiving card to terminal.
Although the two-way authentication of some improved binding machine and card method support cards and terminal, it is required that card and terminal are communicating The preceding secret information for grasping other side in advance, certification is carried out according to this secret information.In a kind of scheme, Subscriber Identity Module and terminal are pre- First mutually grasp other side key configured information, compare the key information it is identical when determine that machine card certification passes through.In addition In a kind of scheme, using identical between subscriber identification card (Subscriber Identity Module, SIM) and terminal Cryptographic algorithm and certification key be mutually authenticated.In another scheme, card preserves certification key in advance with terminal interaction, presses The interaction flow and agreement defined according to both sides, two-way authentication is carried out using certification key.
During the present invention is realized, inventor has found in existing binding machine and card scheme that some schemes are not in machine Certification system is established between card, or only establishes unilateral authentication mechanism of the card to terminal, can not ensure that terminal and card are all legal , the use of illegal card or illegal terminal may be caused.The problem of being abused in order to avoid card abuse or machine is, it is necessary in legal card Incidence relation is established between legal equipment.Some schemes establish the bidirectional authentication mechanism between machine card, but require communication Preceding machine, card mutually grasp the certification key or key configured information of other side, are tested using this key or key configured information to reach The purpose of card.These require the card and terminal preset secret information to needing to be bound, spirit based on the scheme that secret information is shared Activity is poor, and secret information is once cracked and will cause the failure of whole authentication mechanism.
The content of the invention
The shortcomings that it is an object of the invention to overcome prior art and deficiency, there is provided a kind of machine card mutual authentication method and be System.
A kind of machine card mutual authentication method, methods described include:
A, user's subscribed services device HSS is stayed in advance respectively to internet-of-things terminal equipment MTC and Universal Integrated Circuit Card UICC Part mark and sequence number, and MTC generations initial random number is stored on MTC;
B, MTC generations are sent to UICC different from the first random number of the initial random number;UICC is according to described first Random number calculates the first median, and own identification identified, the first median, the second random number for randomly selecting are sent to MTC;MTC calculates the second median according to first random number and its own sequence number, own identification is identified, UICC identity marks Knowledge, the first random number, the second random number, the first median, the second median are sent to HSS;
C, HSS judges whether MTC and UICC is legal according to the information received, and returns result to MTC;
D, MTC and UICC is respectively completed the sequence number update of itself.
Methods described also includes the process of initialization, specific as follows:
HSS generates two Big primes p and q, and meets q | and (p-1);
For a generation member, randomly selectAnd calculate y=gx
Set Hi, (i=1,2,3,4) is collisionless Hash functions, and
H4:{0,1}m→{0,1}m;Obtain system Parameter { p, q, g, y, H1,H2,H3,H4};
HSS is randomly selectedAnd calculate ω=gaAnd t=a+xH1(IDU, ω), and willMake UICC is preset to for UICC part private key secret;
After UICC is inserted into MTC, UICC is randomly selectedAnd willSecret value as UICC itself;
The key of oneself is calculated in UICC
UICC calculates μ=gz, the public key for obtaining oneself isAnd externally announce.
The step B is specifically included:
MTC device, which is sent, is different from initial random number NM,oldThe first random number NM∈{0,1}mTo UICC;
UICC randomly selects the second random number NU∈{0,1}mAnd calculate r=H2(IDU,SU), generate the first medianSend { IDU,MU,NUGive MTC;The IDUFor UICC identity, SU For UICC sequence number;
MTC calculates the second medianSend { IDU,IDM,MU,MM,NU,NMGive HSS;It is described IDMFor MTC identity, SMFor MTC sequence number.
The step C is specifically included:
HSS receives the array { ID that MTC is sentU,IDM,MU,MM,NU,NMAfter:
Compare NMWith NM,oldWhether equal, if equal, MTC device is counterfeit devices, and refuses certification;Otherwise, by NM It is stored in database;
CalculateJudge MU' and MUWhether Equal, if equal, UICC is legal;Otherwise, certification is refused;
CalculateJudge MM' and MMWhether equal, if equal, MTC is legal;Otherwise, refuse Exhausted certification;
HSS generates the 3rd random number NH∈{0,1}m, and MTC and UICC sequence number are updated;
HSS sends NHTo MTC device.
The step D is specifically included:
MTC receives the 3rd random number NHAfterwards, the sequence number of oneself choosing is updated
And by NHIt is sent to UICC;
UICC utilizes NH, complete the renewal of oneself sequence number
The sequence number of the MTC and UICC are underground, are secret informations.
The HSS safeguards MTC initial random value list;Safeguard MTC and UICC list of sequence numbers;And only dispenser Divide private key to UICC.
A kind of machine card two-way authentication system, the system include user's subscribed services device HSS, internet-of-things terminal equipment MTC With Universal Integrated Circuit Card UICC, wherein,
The HSS, for distinguishing preset identity and sequence number to MTC and UICC, and MTC is generated initial random Number;Judge whether MTC and UICC is legal, and return result to MTC;
The MTC, the first random number for generating different from the initial random number are sent to UICC;According to described One random number and its own sequence number calculate the second median, own identification is identified, UICC identity, the first random number, the Two random numbers, the first median, the second median are sent to HSS;Its own sequence number is updated according to HSS authentication results;
The UICC, for calculating the first median according to first random number, and own identification is identified, in first Between be worth, the second random number for randomly selecting is sent to MTC;Its own sequence number is updated according to HSS authentication results.
The UICC is additionally operable to preserve the part private key of itself, and calculates itself secret value and key;Calculate itself Public key is simultaneously externally announced.
The HSS is additionally operable to safeguard MTC initial random value list;Safeguard MTC and UICC list of sequence numbers;Dispenser Divide private key to UICC.
The present invention includes user's subscribed services device (Home Subscriber Server, HSS), Internet of Things (Machine- Type Communications, MTC) terminal device, Universal Integrated Circuit Card (Universal Integrated Circuit Card,UICC).MTC device and UICC sequence number are preserved by HSS;MTC device and UICC sequence number are underground, are secret Confidential information;HSS safeguards the initial random value list and MTC device and UICC list of sequence numbers of MTC device;HSS dispenser Divide private key to UICC, in the absence of key escrow.Compared with prior art, the condition of machine card shared secret information is not being required Under, solve the problems, such as the two-way authentication during terminal and card binding, it is ensured that bound terminal and card is all legal.
Brief description of the drawings
Fig. 1 is the machine card mutual authentication method principle flow chart that the embodiment of the present invention 1 provides;
Fig. 2 is the machine card two-way authentication schematic flow sheet that the embodiment of the present invention 1 provides;
Fig. 3 is the machine card two-way authentication system structural representation that the embodiment of the present invention 2 provides.
Embodiment
The embodiment of the present invention is described in detail below in conjunction with the accompanying drawings.But embodiments of the present invention are unlimited In this.
The inventive method embodiment is based on calculation type Diffie-Hellman problems, and in the process for carrying out two-way authentication In, network side can timely be updated to equipment and secret information preset in card, resisted the eavesdropping of attacker, reset Deng attack, make this programme that there is higher security.MTC device and UICC sequence number are preserved by HSS;MTC device with UICC sequence number is underground, is secret information;HSS safeguards the initial random value list and MTC device and UICC of MTC device List of sequence numbers;HSS distribution portion private key is to UICC, in the absence of key escrow.
As shown in figure 1, the machine card mutual authentication method principle flow chart provided for the embodiment of the present invention 1, specific as follows:
Step 10, HSS distinguishes preset identity and sequence number to MTC and UICC, and MTC generations initial random number is deposited Storage is on MTC.
Before MTC device and UICC are applied, distinguish preset identity to them from HSS and sequence number, wherein MTC are set Standby identity and Serial No. { IDM,SM, UICC identity and Serial No. { IDU,SU, and their sequence number is secret Preserve.In addition, HSS generates initial random number N to MTC deviceM,old∈{0,1}m, and by NM,oldIt is stored in MTC device.HSS Two-way authentication to MTC device and UICC is completed by preset sequence number.
Step 20, MTC generations are sent to UICC different from the first random number of initial random number;UICC is random according to first Number calculates the first median, and own identification identified, the first median, the second random number for randomly selecting are sent to MTC; MTC calculates the second median according to the first random number and its own sequence number, own identification is identified, UICC identity, first Random number, the second random number, the first median, the second median are sent to HSS.
This step is the processing procedure of the MTC and UICC sides in specific mutual authentication process.Specifically, it is exactly that MTC is set Preparation is sent different from NM,oldThe first random number NM∈{0,1}mTo UICC;
UICC randomly selects the second random number NU∈{0,1}mAnd calculate r=H2(IDU,SU) and the first median:Send { IDU,MU,NUGive MTC device;
MTC device calculates the second medianSend
{IDU,IDM,MU,MM,NU,NMGive HSS.
Before this step 20, the process of also one initialization, particularly as being:
HSS generates two Big primes p and q, meets q | (p-1), orderIt is a generation member, randomly selects And calculate y=gx.If Hi, (i=1,2,3,4) is collisionless Hash functions, and
H4:{0,1}m→{0,1}m.It can thus be concluded that systematic parameter is { p, q, g, y, H1,H2,H3,H4, the master key of system Preserved for x by HSS is secret.
Part private key distribution:HSS is randomly selectedAnd calculate ω=gaAnd t=a+xH1(IDU, ω), and willPart private key secret as UICC is preset to UICC;
Secret value is set:After UICC is inserted into MTC device, UICC is randomly selectedAnd willAs UICC oneself secret value;
Private key is set:UICC obtains the key of oneself
Public key is set:UICC calculates μ=gz, the public key for obtaining itself isAnd outwardly announce public key
Step 30, HSS judges whether MTC and UICC is legal according to the information received, and returns result to MTC.
HSS receives the array { ID that MTC device is sentU,IDM,MU,MM,NU,NMAfter:
Compare NMWith NM,oldWhether equal, if equal, MTC device is counterfeit devices, and refuses certification;Otherwise, by NM It is stored in database;
CalculateJudge MU' and MUWhether phase Deng if equal, UICC is legal;Otherwise, certification is refused;
CalculateJudge MM' and MMWhether equal, if equal, MTC device is legal;It is no Then, certification is refused;
HSS generates the 3rd random number NH∈{0,1}m, and MTC device and UICC sequence number are updated;
HSS sends NHTo MTC device.
Step 40, MTC and UICC is respectively completed the sequence number update of itself.
MTC device receives NHAfterwards, the sequence number of oneself choosing is updatedAnd By NHIt is sent to UICC;
UICC utilizes NH, complete the renewal of oneself sequence numberSo far, complete The process of machine card two-way authentication.
The present embodiment specific implementation flow is as shown in Figure 2.
In fact, in the embodiment of the present invention, HSS is preserving the sequence number of MTC device and UICC;MTC device and UICC Sequence number it is underground, be secret information;HSS also need to safeguard the initial random value list of MTC device and safeguard MTC device with UICC list of sequence numbers;HSS distribution portion private key is to UICC, in the absence of key escrow.
Relative to scheme of the prior art, the embodiment of the present invention is not required to machine card both sides and shares secret for certification in advance Information.In some versions, its certification is based on DSE arithmetic, it is desirable to the advance shared secret information of machine card both sides, and according to This secret information extrapolates identical result of calculation, so as to realize two-way authentication.The embodiment of the present invention is in public-key cryptosystem On the basis of the mutual authentication schemes that propose, machine card both sides do not need advance shared secret information, greatly improve the flexible of system Property and robustness.
The embodiment of the present invention is not required to be managed public key certificate.Come pair, it is necessary to use public key certificate in some versions Key is managed, and establishes safe lane, can thus take the memory space of equipment, increases the consumption of the equipment energy.This hair Bright embodiment is the mutual authentication schemes proposed on the basis of without CertPubKey cipher system, makes the member in system need not Certificate is safeguarded, on the premise of security of system is ensured, greatly improves the efficiency of system.
In some versions, HSS has the MTC device all information related to UICC, and HSS is in absolute in systems Leading position, the leakage of user profile is so easily caused, certain threat is produced to privacy of user.Due to implementing in the present invention Use avoids the key escrow shared in the mutual authentication schemes of identity-based without certificate two-way authentication algorithm in example. The private key of UICC communications is that secret value and the part private key of HSS distribution produce jointly caused by oneself, HSS is not obtained Used key when UICC communicates, prevent HSS from forging validated user using UICC private key, user is caused damage, this is not Key escrow is only avoided, ensure that the privacy information of user is not compromised to a certain extent.
In some versions, the verification process between MTC device and UICC is to carry out between them, and this is resulted in HSS can not obtain correct the result, correctly timely be handled so as to be made to MTC device and whole system, right System causes huge loss.At the same time, carried out just because of verification process between MTC device and UICC, this increasing The energy resource consumption of equipment is added.And in embodiments of the present invention, the legitimacy certification to MTC device and UICC is carried out by HSS , HSS is grasped the result of certification, and made according to the result of certification and timely handled, avoid making to system Into huge loss.Data in verification process, which calculate most of, to be completed by HSS, and this reduces devices in system Energy resource consumption, be advantageous to that equipment is long-term, sustainable use.
In embodiments of the present invention, the security of system, which is built upon, calculates the vacation of Diffie-Hellman mathematical difficulties problem If on, there is higher security.Impersonation attack, Replay Attack can also be resisted and there is forward security:
For impersonation attack:Attacker wants to palm off MTC device and UICC, must just generate corresponding { MM,MU}.Every In conversation procedure, { MM,MUIn the sequence number { S comprising MTC device and UICCM,SU, these are secret in a device protect Deposit, attacker can not obtain.Therefore attacker can not palm off legal MTC device and UICC generations correctly { MM,MU};
For Replay Attack:In data transfer, even if attacker obtains the data { M of last session transmissionM, MU, and legal MTC device and UICC are palmed off by { MM,MUIt is transferred again to HSS.Due to the sequence number after upper once conversation end All updated, generate new sequence number { S 'M,S′U, and corresponding legal authentication information is { M 'M,M′U, therefore, Attacker utilizes last { MM,MUThis HSS checking can not be passed through;
For forward security:Sequence number { the S stored by MTC device and UICC and HSSM,SUEach time can Words can be all updated after terminating, and therefore, sequence number used in session and the sequence number used before are no inevitable each time Contact, the system of ensure that has forward security.
And in terms of efficiency, MTC device and UICC need to only store respective identity and sequence number, reduce equipment and deposit Store up space;And simple Hash functions and exponent arithmetic are only existed during certification, in the absence of without CertPubKey password Through commonly used bilinear map in system, the energy resource consumption of equipment is reduced;And seven arrays are only transmitted in whole process, The communication cost of system is set to maintain a relatively low level.
As shown in figure 3, the machine card two-way authentication system structural representation provided for the embodiment of the present invention 2, the system include User's subscribed services device HSS100, internet-of-things terminal equipment MTC200 and Universal Integrated Circuit Card UICC300, wherein,
HSS100, for distinguishing preset identity and sequence number to MTC200 and UICC300, and MTC200 is generated just Beginning random number;Judge whether MTC200 and UICC300 is legal, and return result to MTC200;
MTC200, the first random number for generating different from initial random number are sent to UICC300;It is random according to first Number and its own sequence number calculate the second median, and own identification is identified, be UICC identity, the first random number, second random Number, the first median, the second median are sent to HSS100;Its own sequence number is updated according to HSS100 authentication results;
UICC300, for calculating the first median according to the first random number, and own identification identified, the first median, The second random number randomly selected is sent to MTC200;Its own sequence number is updated according to HSS100 authentication results.
Further, UICC300 is additionally operable to preserve the part private key of itself, and calculates itself secret value and key;Meter Calculate the public key of itself and externally announce.
Further, HSS100 is additionally operable to safeguard MTC200 initial random value list;Safeguard MTC200's and UICC300 List of sequence numbers;Distribution portion private key is to UICC300.
To sum up, the present invention preserves MTC device and UICC sequence number by HSS;MTC device and UICC sequence number are unjust Open, be secret information;HSS safeguards the initial random value list and MTC device and UICC list of sequence numbers of MTC device;HSS is only Distribution portion private key is to UICC, in the absence of key escrow.Compared with prior art, machine card shared secret information is not being required Under conditions of, solve the problems, such as the two-way authentication during terminal and card binding, it is ensured that bound terminal and card is all conjunction Method.
Above-described embodiment is the preferable embodiment of the present invention, but embodiments of the present invention are not by above-described embodiment Limitation, other any Spirit Essences without departing from the present invention with made under principle change, modification, replacement, combine, simplification, Equivalent substitute mode is should be, is included within protection scope of the present invention.

Claims (7)

1. a kind of machine card mutual authentication method, it is characterised in that methods described includes:
A, user's subscribed services device HSS distinguishes preset identity mark to internet-of-things terminal equipment MTC and Universal Integrated Circuit Card UICC Knowledge and sequence number, and MTC generations initial random number is stored on MTC;
B, MTC generations are sent to UICC different from the first random number of the initial random number;UICC is random according to described first Number calculates the first median, and own identification identified, the first median, the second random number for randomly selecting are sent to MTC; MTC calculates the second median according to first random number and its own sequence number, own identification is identified, UICC identity, First random number, the second random number, the first median, the second median are sent to HSS;
C, HSS judges whether MTC and UICC is legal according to the information received, and returns result to MTC;
D, MTC and UICC is respectively completed the sequence number update of itself;
Wherein, the step B is specifically included:
MTC device, which is sent, is different from initial random number NM,oldThe first random number NM∈{0,1}mTo UICC;
UICC randomly selects the second random number NU∈{0,1}mAnd calculate r=H2(IDU,SU), generate the first medianSend { IDU,MU,NUGive MTC;The IDUFor UICC identity, SU For UICC sequence number;
MTC calculates the second medianSend { IDU,IDM,MU,MM,NU,NMGive HSS;The IDMFor MTC identity, SMFor MTC sequence number;
The step C is specifically included:
HSS receives the array { ID that MTC is sentU,IDM,MU,MM,NU,NMAfter:
Compare NMWith NM,oldWhether equal, if equal, MTC device is counterfeit devices, and refuses certification;Otherwise, by NMIt is stored in In database;
CalculateJudge MU' and MUIt is whether equal, If equal, UICC is legal;Otherwise, certification is refused;
CalculateJudge MM' and MMWhether equal, if equal, MTC is legal;Otherwise, refusal is recognized Card;
HSS generates the 3rd random number NH∈{0,1}m, and MTC and UICC sequence number are updated;
<mrow> <msub> <mi>S</mi> <mrow> <mi>M</mi> <mo>,</mo> <mi>n</mi> <mi>e</mi> <mi>w</mi> </mrow> </msub> <mo>=</mo> <msub> <mi>H</mi> <mn>4</mn> </msub> <mrow> <mo>(</mo> <msub> <mi>S</mi> <mi>M</mi> </msub> <mo>&amp;CirclePlus;</mo> <msub> <mi>N</mi> <mi>H</mi> </msub> <mo>&amp;CirclePlus;</mo> <msub> <mi>ID</mi> <mi>M</mi> </msub> <mo>&amp;CirclePlus;</mo> <msub> <mi>N</mi> <mi>M</mi> </msub> <mo>)</mo> </mrow> <mo>;</mo> <msub> <mi>S</mi> <mrow> <mi>U</mi> <mo>,</mo> <mi>n</mi> <mi>e</mi> <mi>w</mi> </mrow> </msub> <mo>=</mo> <msub> <mi>H</mi> <mn>4</mn> </msub> <mrow> <mo>(</mo> <msub> <mi>S</mi> <mi>U</mi> </msub> <mo>&amp;CirclePlus;</mo> <msub> <mi>N</mi> <mi>H</mi> </msub> <mo>&amp;CirclePlus;</mo> <msub> <mi>ID</mi> <mi>U</mi> </msub> <mo>&amp;CirclePlus;</mo> <msub> <mi>N</mi> <mi>U</mi> </msub> <mo>)</mo> </mrow> <mo>;</mo> </mrow>
HSS sends NHTo MTC device;
The step D is specifically included:
MTC receives the 3rd random number NHAfterwards, the sequence number of oneself choosing is updatedAnd will NHIt is sent to UICC;
UICC utilizes NH, complete the renewal of oneself sequence number
2. the method as described in claim 1, it is characterised in that methods described also includes the process of initialization, specific as follows:
HSS generates two Big primes p and q, and meets q | and (p-1);
For a generation member, randomly selectAnd calculate y=gx
Set Hi, (i=1,2,3,4) is collisionless Hash functions, and H4:{0,1}m→{0,1}m;Obtain systematic parameter { p, q, g, y, H1,H2,H3,H4};
HSS is randomly selectedAnd calculate ω=gaAnd t=a+xH1(IDU, ω), and willAs UICC part private key secret is preset to UICC;
After UICC is inserted into MTC, UICC is randomly selectedAnd willSecret value as UICC itself;
The key of oneself is calculated in UICC
UICC calculates μ=gz, the public key for obtaining oneself isAnd externally announce.
3. method as claimed in claim 1 or 2, it is characterised in that the sequence number of the MTC and UICC are underground, are secret Information.
4. method as claimed in claim 1 or 2, it is characterised in that the HSS safeguards MTC initial random value list;Safeguard MTC and UICC list of sequence numbers;And only distribution portion private key is to UICC.
5. a kind of machine card two-way authentication system, it is characterised in that it is whole that the system includes user's subscribed services device HSS, Internet of Things End equipment MTC and Universal Integrated Circuit Card UICC, wherein,
The HSS, for distinguishing preset identity and sequence number to MTC and UICC, and initial random number is generated to MTC;Sentence Whether disconnected MTC and UICC is legal, and returns result to MTC;
The MTC, the first random number for generating different from the initial random number are sent to UICC;According to described first with Machine number and its own sequence number calculate the second median, own identification is identified, UICC identity, the first random number, second with Machine number, the first median, the second median are sent to HSS;Its own sequence number is updated according to HSS authentication results;
The UICC, for calculating the first median according to first random number, and own identification is identified, among first The second random number be worth, randomly selected is sent to MTC;Its own sequence number is updated according to HSS authentication results;
Wherein, MTC device, which is sent, is different from initial random number NM,oldThe first random number NM∈{0,1}mTo UICC;
UICC randomly selects the second random number NU∈{0,1}mAnd calculate r=H2(IDU,SU), generate the first medianSend { IDU,MU,NUGive MTC;The IDUFor UICC identity, SU For UICC sequence number;
MTC calculates the second medianSend { IDU,IDM,MU,MM,NU,NMGive HSS;The IDMFor MTC identity, SMFor MTC sequence number;
HSS receives the array { ID that MTC is sentU,IDM,MU,MM,NU,NMAfter:
Compare NMWith NM,oldWhether equal, if equal, MTC device is counterfeit devices, and refuses certification;Otherwise, by NMIt is stored in In database;
CalculateJudge MU' and MUIt is whether equal, If equal, UICC is legal;Otherwise, certification is refused;
CalculateJudge MM' and MMWhether equal, if equal, MTC is legal;Otherwise, refusal is recognized Card;
HSS generates the 3rd random number NH∈{0,1}m, and MTC and UICC sequence number are updated;
<mrow> <msub> <mi>S</mi> <mrow> <mi>M</mi> <mo>,</mo> <mi>n</mi> <mi>e</mi> <mi>w</mi> </mrow> </msub> <mo>=</mo> <msub> <mi>H</mi> <mn>4</mn> </msub> <mrow> <mo>(</mo> <msub> <mi>S</mi> <mi>M</mi> </msub> <mo>&amp;CirclePlus;</mo> <msub> <mi>N</mi> <mi>H</mi> </msub> <mo>&amp;CirclePlus;</mo> <msub> <mi>ID</mi> <mi>M</mi> </msub> <mo>&amp;CirclePlus;</mo> <msub> <mi>N</mi> <mi>M</mi> </msub> <mo>)</mo> </mrow> <mo>;</mo> <msub> <mi>S</mi> <mrow> <mi>U</mi> <mo>,</mo> <mi>n</mi> <mi>e</mi> <mi>w</mi> </mrow> </msub> <mo>=</mo> <msub> <mi>H</mi> <mn>4</mn> </msub> <mrow> <mo>(</mo> <msub> <mi>S</mi> <mi>U</mi> </msub> <mo>&amp;CirclePlus;</mo> <msub> <mi>N</mi> <mi>H</mi> </msub> <mo>&amp;CirclePlus;</mo> <msub> <mi>ID</mi> <mi>U</mi> </msub> <mo>&amp;CirclePlus;</mo> <msub> <mi>N</mi> <mi>U</mi> </msub> <mo>)</mo> </mrow> <mo>;</mo> </mrow>
HSS sends NHTo MTC device;
MTC receives the 3rd random number NHAfterwards, the sequence number of oneself choosing is updated And by NHIt is sent to UICC;
UICC utilizes NH, complete the renewal of oneself sequence number
6. system as claimed in claim 5, it is characterised in that the UICC is additionally operable to preserve the part private key of itself, and counts Calculate the secret value and key of itself;Calculate the public key of itself and externally announce.
7. the system as described in claim 5 or 6, it is characterised in that the HSS is additionally operable to safeguard MTC initial random value row Table;Safeguard MTC and UICC list of sequence numbers;Distribution portion private key is to UICC.
CN201310053267.2A 2013-02-19 2013-02-19 A kind of machine card mutual authentication method and system Active CN103997728B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310053267.2A CN103997728B (en) 2013-02-19 2013-02-19 A kind of machine card mutual authentication method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310053267.2A CN103997728B (en) 2013-02-19 2013-02-19 A kind of machine card mutual authentication method and system

Publications (2)

Publication Number Publication Date
CN103997728A CN103997728A (en) 2014-08-20
CN103997728B true CN103997728B (en) 2017-11-21

Family

ID=51311705

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310053267.2A Active CN103997728B (en) 2013-02-19 2013-02-19 A kind of machine card mutual authentication method and system

Country Status (1)

Country Link
CN (1) CN103997728B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112333705B (en) * 2021-01-07 2021-04-02 北京电信易通信息技术股份有限公司 Identity authentication method and system for 5G communication network

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1478196A2 (en) * 2003-05-12 2004-11-17 Vodafone Group PLC Module and method for detecting at least one event in a cellular mobile telephony subscriber equipment, a computer program to carry out the method and a card and terminal with the module.
CN101064606A (en) * 2006-04-29 2007-10-31 华为技术有限公司 System, apparatus and method for authentication
CN101883357A (en) * 2010-06-22 2010-11-10 北京握奇数据系统有限公司 Method, device and system for mutual authentication between terminal and intelligent card
CN102833068A (en) * 2011-06-15 2012-12-19 中兴通讯股份有限公司 Method for bidirectional authentication of terminal and smart card, protocol and smart card

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1478196A2 (en) * 2003-05-12 2004-11-17 Vodafone Group PLC Module and method for detecting at least one event in a cellular mobile telephony subscriber equipment, a computer program to carry out the method and a card and terminal with the module.
CN101064606A (en) * 2006-04-29 2007-10-31 华为技术有限公司 System, apparatus and method for authentication
CN101883357A (en) * 2010-06-22 2010-11-10 北京握奇数据系统有限公司 Method, device and system for mutual authentication between terminal and intelligent card
CN102833068A (en) * 2011-06-15 2012-12-19 中兴通讯股份有限公司 Method for bidirectional authentication of terminal and smart card, protocol and smart card

Also Published As

Publication number Publication date
CN103997728A (en) 2014-08-20

Similar Documents

Publication Publication Date Title
CN108270571B (en) Internet of Things identity authorization system and its method based on block chain
EP3005608B1 (en) Authentication
Tsai Efficient multi-server authentication scheme based on one-way hash function without verification table
CN107342859B (en) A kind of anonymous authentication method and its application
US8930704B2 (en) Digital signature method and system
CN101189827B (en) Method for inclusive authentication and management of service provider, terminal and user identity module, and system and terminal device using the method
US8971540B2 (en) Authentication
US9106644B2 (en) Authentication
CN107483195A (en) Safe mutual authentication and key agreement protocol under environment of internet of things
CN102882685A (en) Identity authentication system and identity authentication method
CN102946313A (en) Model and method for user authentication for quantum key distribution network
CN101814991B (en) Mutual authentication method and system based on identity
CN106130716A (en) Cipher key exchange system based on authentication information and method
CN104901809B (en) Remote authentication protocol method based on password and smart card
CN103853950A (en) Authentication method based on mobile terminal and mobile terminal
CN105072110A (en) Two-factor remote identity authentication method based on smart card
CN103346887A (en) Low-complexity identity authentication method based on intelligent card and under multiserver environment
CN103347018A (en) Long-distance identity authentication method based on intelligent card and under multiple-service environment
CN103338202A (en) Remote user password dual-verification method based on intelligent card
CN111416712B (en) Quantum secret communication identity authentication system and method based on multiple mobile devices
CN107248997A (en) Authentication method based on smart card under environment of multi-server
CN107154849A (en) Three-side password authentication and key agreement protocol based on highly reliable smart card
CN106571913A (en) Two-party authentication key negotiation method for power wireless private network
KR101509079B1 (en) Smart Card and Dynamic ID Based Electric Vehicle User Authentication Scheme
CN103997728B (en) A kind of machine card mutual authentication method and system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant