CN105245529A - User biological characteristic code-based distributed authentication method, terminal and system - Google Patents
User biological characteristic code-based distributed authentication method, terminal and system Download PDFInfo
- Publication number
- CN105245529A CN105245529A CN201510686617.8A CN201510686617A CN105245529A CN 105245529 A CN105245529 A CN 105245529A CN 201510686617 A CN201510686617 A CN 201510686617A CN 105245529 A CN105245529 A CN 105245529A
- Authority
- CN
- China
- Prior art keywords
- information
- cipher
- user biological
- condition code
- biological condition
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3231—Biological data, e.g. fingerprint, voice or retina
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- General Health & Medical Sciences (AREA)
- Biomedical Technology (AREA)
- Computer Networks & Wireless Communication (AREA)
- Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Life Sciences & Earth Sciences (AREA)
- Biodiversity & Conservation Biology (AREA)
- Storage Device Security (AREA)
Abstract
The invention belongs to the information security technical field and relates to a user biological characteristic code-based distributed authentication method, terminal and system. According to the user biological characteristic code-based distributed authentication method, special user biological characteristic codes for a user are saved and transmitted in an incomplete manner, so that authentication between the user and a terminal and authentication between the user and an authentication server can be completed, and therefore, safety authentication between two sides of communication can be accelerated, and an authentication principle that who I am, I am the answer can be actually realized, and information security issues in user information which are caused by leakage occurs on the server can be avoided, and the interests of the user can be ensured.
Description
Technical field
The present invention relates to field of information security technology, particularly, relate to a kind of distributed authentication method based on user biological condition code, terminal and system.
Background technology
In order to ensure the safety between communicating pair, need before a communication to carry out unidirectional identity information certification (such as mobile phone terminal and Mobile Communication Service business) or two-way identity information certification (in such as WiFi network site STA and focus AP), the legitimacy of the other side for confirmation and fail safe.Traditional identity information authentication mode mainly authentication storage mode, namely service provider sets up the corresponding relation of user profile and account information when user registers, then user profile and account information are stored in corresponding server respectively, user's correct input account information on the electronic equipments such as such as computer can realize the safety certification of service provider to user, then communicates.If but information leakage appears in the server of service provider side, will cause the serious consequence occurring that account is usurped and user profile is revealed, the legitimate interests of infringement user, therefore traditional authentication storage mode, well can not ensure the interests of user.
For the problem of above-mentioned conventional store authentication mode, be necessary to provide a kind of novel authentication method in conjunction with user biological condition code technology, terminal and system, by carrying out incomplete preservation and transmission to user's distinctive user biological condition code information, come completing user and terminal and certification between user and certificate server, thus the safety certification not only can accelerated between communicating pair, real realization " Who Am I? I is exactly answer " certification theory, can also guarantee that user profile can not cause information security issue because server occurs leaking, ensure the interests of user.
Summary of the invention
For the problem of aforementioned conventional authentication storage mode, the invention provides a kind of distributed authentication method based on user biological condition code, terminal and system, by carrying out incomplete preservation and transmission to user's distinctive user biological condition code information, come completing user and terminal and certification between user and certificate server, thus the safety certification not only can accelerated between communicating pair, real realization " Who Am I? I is exactly answer " certification theory, can also guarantee that user profile can not cause information security issue because server occurs leaking, ensure the interests of user.
The technical solution used in the present invention, provides a kind of distributed authentication method based on user biological condition code on the one hand, comprises the steps: that S101. gathers first user biological condition code information; S102. by the first hash algorithm, described first user biological condition code information is encrypted, generates the first cipher-text information; S103. described first cipher-text information and local the second cipher-text information stored are mated, if the match is successful, then first time authentication success, continue to perform step S104, otherwise authentification failure for the first time; S104. the second user biological condition code information is gathered; S105. by the second hash algorithm, described second user biological condition code information is encrypted, generates the 3rd cipher-text information; S106. the information to be certified comprising described 3rd cipher-text information is sent to certificate server, if receive from certificate server, for the authentication success message of described information to be certified, then second time authentication success, if receive from certificate server, for the authentication failure message of described information to be certified, then second time authentification failure.Described step S101 to S103 relates to and utilizes described first user biological condition code information to carry out the certification between user and terminal, described step S104 to S106 relates to the certification utilizing described second user biological condition code information to carry out between user and certificate server, by this distributed authentication method, not only can accelerate the safety certification between communicating pair, real realization " Who Am I? I is exactly answer " certification understand, simultaneously owing to having carried out transmission and the encrypting storing of incomplete property in verification process to user biological condition code information, can also guarantee that user profile can not cause information security issue because server occurs leaking, ensure the interests of user.
Concrete, before described step S102, also comprise the steps: that S201. is encrypted described first user biological information by the first hash algorithm, generate described second cipher-text information; S202. described second cipher-text information is saved in local memory cell.Described step S201 to S202 is used for the information encryption of described first user biological condition code being kept at end side, to utilize described first user biological condition code information to carry out the certification between user and terminal in step s 103.Concrete further, described memory cell is key string unit.
Concrete, before described step S105, also comprise the steps: that S301. is encrypted described second user biological characteristic information by the second hash algorithm, generate the 4th cipher-text information; S302. the log-on message comprising described 4th cipher-text information is sent to described certificate server, and accepts the information that succeeds in registration from described certificate server.Described step S301 to S302 is used for described second user biological condition code information encryption to be saved in certificate server side, utilizes described second user biological condition code information to carry out the certification between user and certificate server so that follow-up in certificate server side.Concrete further, described log-on message and described information to be certified also comprise local device hardware information.By uploading described device hardware information to certificate server, can also when carrying out the certification between user and certificate server, utilize the certification that described device hardware information is carried out between terminal and certificate server, improve the fail safe of described authentication method further.
Concrete, described first user biological condition code information or described second user biological condition code information are the combination in any of any one or they in finger print information, voiceprint and face information.
Concrete, described first user biological condition code information is identical with described second user biological condition code information.
The technical solution used in the present invention, provides a kind of distributed authentication terminal based on user biological condition code on the other hand, comprises collecting unit, the first ciphering unit, the second ciphering unit, memory cell, local authentication unit and Transmit-Receive Unit; Described collecting unit, for gathering first user biological condition code information and the second user biological condition code information, and described first user biological condition code information is delivered to the first ciphering unit, described second user biological condition code information is delivered to described second ciphering unit; Described first ciphering unit, for being encrypted described first user biological information by the first hash algorithm, and is delivered to described local authentication unit by the first cipher-text information generated, or the second cipher-text information generated is delivered to described memory cell; Described second ciphering unit, for being encrypted described second user biological characteristic information by the second hash algorithm, and is delivered to described Transmit-Receive Unit by the 3rd cipher-text information generated, or the 4th cipher-text information generated is delivered to described Transmit-Receive Unit; Described memory cell, for storing described second cipher-text information; Described local authentication unit, for reading described second cipher-text information from described storage element, and mates described second cipher-text information with described first cipher-text information, if the match is successful, then first time authentication success, otherwise first time authentification failure; Described Transmit-Receive Unit, for communicating with certificate server, the log-on message comprising described 4th cipher-text information is sent to certificate server, and the information that succeeds in registration received from certificate server, with the information to be certified comprising described 3rd cipher-text information to certificate server transmission, and receive from certificate server, for the authentication success message of described information to be certified or authentication failure message, if receive described authentication success message, then second time authentication success, if receive described authentication failure message, then second time authentification failure.
Concrete, described memory cell is key string unit.
The technical solution used in the present invention, additionally provides a kind of distributed authentication system based on user biological condition code on the other hand, comprising: collecting unit, the first ciphering unit, the second ciphering unit, memory cell, local authentication unit and certificate server; Described collecting unit, for gathering first user biological condition code information and the second user biological condition code information, and described first user biological condition code information is delivered to the first ciphering unit, described second user biological condition code information is delivered to described second ciphering unit; Described first ciphering unit, for being encrypted described first user biological information by the first hash algorithm, and is delivered to described local authentication unit by the first cipher-text information generated, or the second cipher-text information generated is delivered to described memory cell; Described second ciphering unit, for being encrypted described second user biological characteristic information by the second hash algorithm, and is delivered to described certificate server by the 3rd cipher-text information generated, or the 4th cipher-text information generated is delivered to described certificate server; Described memory cell, for storing described second cipher-text information; Described local authentication unit, for reading described second cipher-text information from described storage element, and mates described second cipher-text information with described first cipher-text information, if the match is successful, then first time authentication success, otherwise first time authentification failure; Described certificate server, for receiving package containing the log-on message of described 4th cipher-text information and the information to be certified comprising described 3rd cipher-text information, and described log-on message is mated with described information to be certified, if the match is successful, then second time authentication success, otherwise second time authentification failure.
To sum up, adopt a kind of distributed authentication method based on user biological condition code provided by the present invention, terminal and system, there is following beneficial effect: (1) is by the distributed authentication method based on user biological condition code, the safety certification between communicating pair can be accelerated, real to realize " Who Am I? I is exactly answer " certification theory; (2) owing to having carried out transmission and the encrypting storing of incomplete property in verification process to user biological condition code information, can also guarantee that user profile can not cause information security issue because server occurs leaking, ensure the interests of user; (3) can when carrying out the certification between user and certificate server, utilize the certification that described device hardware information is carried out between terminal and certificate server, improve the fail safe of described authentication method further.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
Fig. 1 is the schematic flow sheet of the distributed authentication method based on user biological condition code provided by the invention.
Fig. 2 is the distributed authentication terminal based on user biological condition code provided by the invention.
Fig. 3 is the distributed authentication system based on user biological condition code provided by the invention.
Embodiment
Hereinafter with reference to accompanying drawing, describe the distributed authentication method based on user biological condition code provided by the invention, terminal and system in detail by way of example.It should be noted that at this, the explanation for these way of example understands the present invention for helping, but does not form limitation of the invention.
Various technology described herein may be used for but be not limited to field of information security technology, can also be used for other similar field.
Term "and/or" herein, it is only a kind of incidence relation describing affiliated partner, three kinds of relations can be there are in expression, such as, A and/or B, can represent: individualism A, individualism B, there are A and B tri-kinds of situations simultaneously, term "/and " describes another kind of affiliated partner relation herein, and expression can exist two kinds of relations, such as, A/ and B, can represent: individualism A, individualism A and B two kinds of situations, in addition, character "/" herein, general expression forward-backward correlation is to liking a kind of "or" relation.
Embodiment one
Fig. 1 shows the schematic flow sheet of the distributed authentication method based on user biological condition code provided by the invention.The described distributed authentication method based on user biological condition code, comprises the steps.
S101. first user biological condition code information is gathered.
In step S101, concrete, described first user biological condition code information can be but be not limited to be the combination in any of any one or they in the biological condition code information such as finger print information, voiceprint and face information.Utilize collecting unit terminal with corresponding acquisition function to gather described first user biological condition code information, such as, utilize finger scan unit to gather finger print information, utilize recoding unit to gather voiceprint, utilize image unit to gather face information.Described terminal is the electronic equipment being configured with collecting unit, such as smart mobile phone, intelligent watch, intelligent glasses or panel computer etc.
S102. by the first hash algorithm, described first user biological condition code information is encrypted, generates the first cipher-text information.
Before step S102, the certification between user and terminal is carried out for the ease of first user biological condition code information described in later use, user is needed to input described first user biological condition code information, the information encryption of described first user biological condition code is kept at end side, and then completing user is in the registration of end side.Concrete, before described step S102, also comprise the steps: that S201. is encrypted described first user biological information by the first hash algorithm, generate described second cipher-text information; S202. described second cipher-text information is saved in local memory cell.Described first hash algorithm can be but be not limited to be any one hash algorithm in national regulation SM3, it performs encipheror with the form of soft plug-in unit in terminal, complete and be encrypted described first user biological information, finally obtain high security, have the second cipher-text information of uniqueness.Finally described second cipher-text information be kept at safely in local memory cell, concrete further, described memory cell can be but be not limited to be key string unit.Described key string unit is the Password Management unit in Apple MacOS, has quite high fail safe, can meet technical need of the present invention.
S103. described first cipher-text information and local the second cipher-text information stored are mated, if the match is successful, then first time authentication success, continue to perform step S104, otherwise authentification failure for the first time.
In step s 103, described second cipher-text information is second cipher-text information of to preserve in step S202 in the memory unit.After carrying out coupling contrast, if the match is successful, then user is at the authentication success of end side, and user can obtain the right to use of terminal, and such as user logs in APP in end side, carries out the application operating in end side; If it fails to match, then user can not pass through in the certification of end side, need user to return step S101 and again initiate certification.
S104. the second user biological condition code information is gathered.
In step S104, concrete, described second user biological condition code information can be but be not limited to be the combination in any of any one or they in the biological condition code information such as finger print information, voiceprint and face information.Utilize collecting unit terminal with corresponding acquisition function to gather described second user biological condition code information, such as, utilize finger scan unit to gather finger print information, utilize recoding unit to gather voiceprint, utilize image unit to gather face information.Described second user biological condition code information can be identical with described second user biological condition code information, also can be different, as an example, concrete, in the present embodiment, described first user biological condition code information is identical with described second user biological condition code information.
S105. by the second hash algorithm, described second user biological condition code information is encrypted, generates the 3rd cipher-text information.
Before step S105, utilize described second user biological condition code information to carry out the certification between user and certificate server for the ease of follow-up in certificate server side, user is needed to input described second user biological condition code information, described second user biological condition code information encryption is kept at certificate server, and then completing user is in the registration of certificate server side.Concrete, before described step S105, also comprise the steps: that S301. is encrypted described second user biological characteristic information by the second hash algorithm, generate the 4th cipher-text information; S302. the log-on message comprising described 4th cipher-text information is sent to described certificate server, and accepts the information that succeeds in registration from described certificate server.Described second hash algorithm can be but be not limited to be any one hash algorithm in national regulation SM3, be different from described first hash algorithm when described first user biological condition code information is identical with described second user biological condition code information, it performs encipheror with the form of soft plug-in unit in terminal, complete and be encrypted described second user biological characteristic information, finally obtain high security, have the 4th cipher-text information of uniqueness.Finally described 4th cipher-text information is kept at safely in the certificate server of far-end.
S106. the information to be certified comprising described 3rd cipher-text information is sent to certificate server, if receive from certificate server, for the authentication success message of described information to be certified, then second time authentication success, if receive from certificate server, for the authentication failure message of described information to be certified, then second time authentification failure.
In step s 106, described certificate server receives described information to be certified, it is mated with at described log-on message, if the match is successful, then to end side feedback authentication success message, otherwise to end side feedback authentication failure message.End side is after receiving described authentication success message, then second time authentication success---the certification namely between completing user and certificate server, the communications applications that user can be undertaken between service provider by terminal, what such as user was undertaken by the APP of end side such as transfers accounts, changes the operations such as account password.End side after receiving described authentification failure message, then second time authentification failure---namely there is no the certification between completing user and certificate server, will forbid that user carries out the communications applications between service provider by terminal.Concrete further, described log-on message and described information to be certified also comprise local device hardware information.By uploading described device hardware information to certificate server, can also when carrying out the certification between user and certificate server, utilize the certification that described device hardware information is carried out between terminal and certificate server, improve the fail safe of described authentication method further.
Described step S101 to S103 relates to and utilizes described first user biological condition code information to carry out the certification between user and terminal, described step S104 to S106 relates to the certification utilizing described second user biological condition code information to carry out between user and certificate server, by this distributed authentication method, not only can accelerate the safety certification between communicating pair, real realization " Who Am I? I is exactly answer " certification understand, simultaneously owing to having carried out transmission and the encrypting storing of incomplete property in verification process to user biological condition code information, can also guarantee that user profile can not cause information security issue because server occurs leaking, ensure the interests of user.
To sum up, the distributed authentication method based on user biological condition code that the present embodiment provides, there is following beneficial effect: (1) is by the distributed authentication method based on user biological condition code, the safety certification between communicating pair can be accelerated, real to realize " Who Am I? I is exactly answer " certification theory; (2) owing to having carried out transmission and the encrypting storing of incomplete property in verification process to user biological condition code information, can also guarantee that user profile can not cause information security issue because server occurs leaking, ensure the interests of user; (3) can when carrying out the certification between user and certificate server, utilize the certification that described device hardware information is carried out between terminal and certificate server, improve the fail safe of described authentication method further.
Embodiment two
Fig. 2 shows the distributed authentication terminal based on user biological condition code provided by the invention.The described distributed authentication terminal based on user biological condition code, is characterized in that, comprises collecting unit, the first ciphering unit, the second ciphering unit, memory cell, local authentication unit and Transmit-Receive Unit; Described collecting unit, for gathering first user biological condition code information and the second user biological condition code information, and described first user biological condition code information is delivered to the first ciphering unit, described second user biological condition code information is delivered to described second ciphering unit; Described first ciphering unit, for being encrypted described first user biological information by the first hash algorithm, and is delivered to described local authentication unit by the first cipher-text information generated, or the second cipher-text information generated is delivered to described memory cell; Described second ciphering unit, for being encrypted described second user biological characteristic information by the second hash algorithm, and is delivered to described Transmit-Receive Unit by the 3rd cipher-text information generated, or the 4th cipher-text information generated is delivered to described Transmit-Receive Unit; Described memory cell, for storing described second cipher-text information; Described local authentication unit, for reading described second cipher-text information from described storage element, and mates described second cipher-text information with described first cipher-text information, if the match is successful, then first time authentication success, otherwise first time authentification failure; Described Transmit-Receive Unit, for communicating with certificate server, the log-on message comprising described 4th cipher-text information is sent to certificate server, and the information that succeeds in registration received from certificate server, with the information to be certified comprising described 3rd cipher-text information to certificate server transmission, and receive from certificate server, for the authentication success message of described information to be certified or authentication failure message, if receive described authentication success message, then second time authentication success, if receive described authentication failure message, then second time authentification failure.
Concrete, described memory cell is key string unit.
Embodiment two is for realizing the end side hardware configuration of distributed authentication method described in embodiment one, and its technique effect can obtain based on the technique effect of embodiment one, repeats no more in this.
Embodiment three
Fig. 3 shows the distributed authentication system based on user biological condition code provided by the invention.Based on the distributed authentication system of user biological condition code, comprising: collecting unit, the first ciphering unit, the second ciphering unit, memory cell, local authentication unit and certificate server; Described collecting unit, for gathering first user biological condition code information and the second user biological condition code information, and described first user biological condition code information is delivered to the first ciphering unit, described second user biological condition code information is delivered to described second ciphering unit; Described first ciphering unit, for being encrypted described first user biological information by the first hash algorithm, and is delivered to described local authentication unit by the first cipher-text information generated, or the second cipher-text information generated is delivered to described memory cell; Described second ciphering unit, for being encrypted described second user biological characteristic information by the second hash algorithm, and is delivered to described certificate server by the 3rd cipher-text information generated, or the 4th cipher-text information generated is delivered to described certificate server; Described memory cell, for storing described second cipher-text information; Described local authentication unit, for reading described second cipher-text information from described storage element, and mates described second cipher-text information with described first cipher-text information, if the match is successful, then first time authentication success, otherwise first time authentification failure; Described certificate server, for receiving package containing the log-on message of described 4th cipher-text information and the information to be certified comprising described 3rd cipher-text information, and described log-on message is mated with described information to be certified, if the match is successful, then second time authentication success, otherwise second time authentification failure.
Embodiment three is for realizing the system hardware structure of distributed authentication method described in embodiment one, and its technique effect can obtain based on the technique effect of embodiment one, repeats no more in this.
As mentioned above, the present invention can be realized preferably.For a person skilled in the art, according to instruction of the present invention, designing the multi-form distributed authentication method based on user biological condition code, terminal and system does not need performing creative labour.Without departing from the principles and spirit of the present invention these embodiments changed, revise, replace, integrate and modification still falls within the scope of protection of the present invention.
Claims (10)
1. based on a distributed authentication method for user biological condition code, it is characterized in that, comprise the steps:
S101. first user biological condition code information is gathered;
S102. by the first hash algorithm, described first user biological condition code information is encrypted, generates the first cipher-text information;
S103. described first cipher-text information and local the second cipher-text information stored are mated, if the match is successful, then first time authentication success, continue to perform step S104, otherwise authentification failure for the first time;
S104. the second user biological condition code information is gathered;
S105. by the second hash algorithm, described second user biological condition code information is encrypted, generates the 3rd cipher-text information;
S106. the information to be certified comprising described 3rd cipher-text information is sent to certificate server, if receive from certificate server, for the authentication success message of described information to be certified, then second time authentication success, if receive from certificate server, for the authentication failure message of described information to be certified, then second time authentification failure.
2. a kind of distributed authentication method based on user biological condition code as claimed in claim 1, is characterized in that, also comprised the steps: before described step S102
S201. by the first hash algorithm, described first user biological information is encrypted, generates described second cipher-text information;
S202. described second cipher-text information is saved in local memory cell.
3. a kind of distributed authentication method based on user biological condition code as claimed in claim 2, it is characterized in that, described memory cell is key string unit.
4. a kind of distributed authentication method based on user biological condition code as claimed in claim 1, is characterized in that, also comprised the steps: before described step S105
S301. by the second hash algorithm, described second user biological characteristic information is encrypted, generates the 4th cipher-text information;
S302. the log-on message comprising described 4th cipher-text information is sent to described certificate server, and accepts the information that succeeds in registration from described certificate server.
5. a kind of distributed authentication method based on user biological condition code as claimed in claim 4, is characterized in that, described log-on message and described information to be certified also comprise local device hardware information.
6. a kind of distributed authentication method based on user biological condition code as claimed in claim 1, it is characterized in that, described first user biological condition code information or described second user biological condition code information are the combination in any of any one or they in finger print information, voiceprint and face information.
7. a kind of distributed authentication method based on user biological condition code as claimed in claim 1, it is characterized in that, described first user biological condition code information is identical with described second user biological condition code information.
8. based on a distributed authentication terminal for user biological condition code, it is characterized in that, comprise collecting unit, the first ciphering unit, the second ciphering unit, memory cell, local authentication unit and Transmit-Receive Unit;
Described collecting unit, for gathering first user biological condition code information and the second user biological condition code information, and described first user biological condition code information is delivered to the first ciphering unit, described second user biological condition code information is delivered to described second ciphering unit;
Described first ciphering unit, for being encrypted described first user biological information by the first hash algorithm, and is delivered to described local authentication unit by the first cipher-text information generated, or the second cipher-text information generated is delivered to described memory cell;
Described second ciphering unit, for being encrypted described second user biological characteristic information by the second hash algorithm, and is delivered to described Transmit-Receive Unit by the 3rd cipher-text information generated, or the 4th cipher-text information generated is delivered to described Transmit-Receive Unit;
Described memory cell, for storing described second cipher-text information;
Described local authentication unit, for reading described second cipher-text information from described storage element, and mates described second cipher-text information with described first cipher-text information, if the match is successful, then first time authentication success, otherwise first time authentification failure;
Described Transmit-Receive Unit, for communicating with certificate server, the log-on message comprising described 4th cipher-text information is sent to certificate server, and the information that succeeds in registration received from certificate server, with the information to be certified comprising described 3rd cipher-text information to certificate server transmission, and receive from certificate server, for the authentication success message of described information to be certified or authentication failure message, if receive described authentication success message, then second time authentication success, if receive described authentication failure message, then second time authentification failure.
9. a kind of distributed authentication terminal based on user biological condition code as claimed in claim 8, it is characterized in that, described memory cell is key string unit.
10. based on a distributed authentication system for user biological condition code, it is characterized in that, comprising: collecting unit, the first ciphering unit, the second ciphering unit, memory cell, local authentication unit and certificate server;
Described collecting unit, for gathering first user biological condition code information and the second user biological condition code information, and described first user biological condition code information is delivered to the first ciphering unit, described second user biological condition code information is delivered to described second ciphering unit;
Described first ciphering unit, for being encrypted described first user biological information by the first hash algorithm, and is delivered to described local authentication unit by the first cipher-text information generated, or the second cipher-text information generated is delivered to described memory cell;
Described second ciphering unit, for being encrypted described second user biological characteristic information by the second hash algorithm, and is delivered to described certificate server by the 3rd cipher-text information generated, or the 4th cipher-text information generated is delivered to described certificate server;
Described memory cell, for storing described second cipher-text information;
Described local authentication unit, for reading described second cipher-text information from described storage element, and mates described second cipher-text information with described first cipher-text information, if the match is successful, then first time authentication success, otherwise first time authentification failure;
Described certificate server, for receiving package containing the log-on message of described 4th cipher-text information and the information to be certified comprising described 3rd cipher-text information, and described log-on message is mated with described information to be certified, if the match is successful, then second time authentication success, otherwise second time authentification failure.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510686617.8A CN105245529A (en) | 2015-10-21 | 2015-10-21 | User biological characteristic code-based distributed authentication method, terminal and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510686617.8A CN105245529A (en) | 2015-10-21 | 2015-10-21 | User biological characteristic code-based distributed authentication method, terminal and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105245529A true CN105245529A (en) | 2016-01-13 |
Family
ID=55043029
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510686617.8A Pending CN105245529A (en) | 2015-10-21 | 2015-10-21 | User biological characteristic code-based distributed authentication method, terminal and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105245529A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107256387A (en) * | 2017-05-23 | 2017-10-17 | 崔俊新 | Fingerprint verification method, system and computer-readable recording medium |
| CN108599957A (en) * | 2018-04-16 | 2018-09-28 | Oppo广东移动通信有限公司 | Authentication method, information collecting device, authenticating device and Verification System |
| CN109246133A (en) * | 2018-10-19 | 2019-01-18 | 清华大学 | A kind of network access verifying method based on bio-identification |
| CN109960915A (en) * | 2017-12-22 | 2019-07-02 | 苏州迈瑞微电子有限公司 | A kind of identity authentication method |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2051178A1 (en) * | 2006-07-05 | 2009-04-22 | Valley Technologies, LLC. | Method, device, server and system for authenticating identity with biological character |
| CN102945365A (en) * | 2012-10-19 | 2013-02-27 | 西安凯虹电子科技有限公司 | Handheld iris identification device with multiple data transmission modes and method thereof |
| CN104951680A (en) * | 2014-03-27 | 2015-09-30 | 阿里巴巴集团控股有限公司 | Biological characteristic information processing method, storage method and device |
| CN104954328A (en) * | 2014-03-27 | 2015-09-30 | 阿里巴巴集团控股有限公司 | On-line registration and authentication method and apparatus |
-
2015
- 2015-10-21 CN CN201510686617.8A patent/CN105245529A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2051178A1 (en) * | 2006-07-05 | 2009-04-22 | Valley Technologies, LLC. | Method, device, server and system for authenticating identity with biological character |
| CN102945365A (en) * | 2012-10-19 | 2013-02-27 | 西安凯虹电子科技有限公司 | Handheld iris identification device with multiple data transmission modes and method thereof |
| CN104951680A (en) * | 2014-03-27 | 2015-09-30 | 阿里巴巴集团控股有限公司 | Biological characteristic information processing method, storage method and device |
| CN104954328A (en) * | 2014-03-27 | 2015-09-30 | 阿里巴巴集团控股有限公司 | On-line registration and authentication method and apparatus |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107256387A (en) * | 2017-05-23 | 2017-10-17 | 崔俊新 | Fingerprint verification method, system and computer-readable recording medium |
| CN107256387B (en) * | 2017-05-23 | 2019-12-10 | 深圳市优点智联科技有限公司 | Fingerprint authentication method, system and computer readable storage medium |
| CN109960915A (en) * | 2017-12-22 | 2019-07-02 | 苏州迈瑞微电子有限公司 | A kind of identity authentication method |
| CN108599957A (en) * | 2018-04-16 | 2018-09-28 | Oppo广东移动通信有限公司 | Authentication method, information collecting device, authenticating device and Verification System |
| CN109246133A (en) * | 2018-10-19 | 2019-01-18 | 清华大学 | A kind of network access verifying method based on bio-identification |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Odelu et al. | SEAP: Secure and efficient authentication protocol for NFC applications using pseudonyms | |
| US9848320B2 (en) | Encrypted communications method and encrypted communications system | |
| CN103886661B (en) | Access control management method and system | |
| US11636478B2 (en) | Method of performing authentication for a transaction and a system thereof | |
| CN101842795B (en) | For carrying out mutual system, the method and apparatus with dynamic security | |
| CN107784499B (en) | Secure payment system and method of near field communication mobile terminal | |
| CN104361493A (en) | Electronic payment method on basis of biological characteristics | |
| CN104756458A (en) | Method and apparatus for securing a connection in a communications network | |
| CN103853950A (en) | Authentication method based on mobile terminal and mobile terminal | |
| US20150264570A1 (en) | Method and device for proving his identity | |
| CN104901935A (en) | Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem) | |
| CN105245529A (en) | User biological characteristic code-based distributed authentication method, terminal and system | |
| CN104580256A (en) | Method and device for logging in through user equipment and verifying user's identity | |
| WO2015109949A1 (en) | Network security method and network security system | |
| CN103839160B (en) | A kind of network trading digital signature method and device | |
| CN102056077A (en) | Method and device for applying smart card by key | |
| CN103905400A (en) | Service authentication method, apparatus and system | |
| KR101202245B1 (en) | System and Method For Transferring Money Using OTP Generated From Account Number | |
| CN109587100A (en) | A kind of cloud computing platform user authentication process method and system | |
| Jarecki et al. | Two-factor password-authenticated key exchange with end-to-end security | |
| CN104301886A (en) | Short message reading method and system, terminal and wearable device | |
| CN103368831A (en) | Anonymous instant messaging system based on frequent visitor recognition | |
| CN103297940A (en) | Short message encryption communication system and method | |
| CN102255904A (en) | Communication network and terminal authentication method thereof | |
| CN114139176A (en) | Industrial internet core data protection method and system based on state secret |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20160608 Address after: 200000, Room 305, 1501-6 Ying Ying Road, Shanghai, Zhabei District Applicant after: Shanghai Financial Cloud Service Group Security Technology Co., Ltd. Address before: 610000, No. 1, North 78, purple North Street, Chengdu hi tech Zone, Sichuan, 2 Applicant before: Sichuan Ningchao Technology Co., Ltd. |
|
| AD01 | Patent right deemed abandoned |
Effective date of abandoning: 20191122 |
|
| AD01 | Patent right deemed abandoned |