CN109639731B - Multi-factor general combinable authentication and service authorization method and communication service system - Google Patents

Multi-factor general combinable authentication and service authorization method and communication service system Download PDF

Info

Publication number
CN109639731B
CN109639731B CN201910060302.0A CN201910060302A CN109639731B CN 109639731 B CN109639731 B CN 109639731B CN 201910060302 A CN201910060302 A CN 201910060302A CN 109639731 B CN109639731 B CN 109639731B
Authority
CN
China
Prior art keywords
authentication
user
service
server
time stamp
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910060302.0A
Other languages
Chinese (zh)
Other versions
CN109639731A (en
Inventor
曹进
罗玙榕
李晖
赵兴文
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN201910060302.0A priority Critical patent/CN109639731B/en
Publication of CN109639731A publication Critical patent/CN109639731A/en
Application granted granted Critical
Publication of CN109639731B publication Critical patent/CN109639731B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • H04L63/205Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • Algebra (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Computer And Data Communications (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention belongs to the technical field of communication network security, and discloses a multi-factor general combinable authentication and service authorization method and a communication service system; the method comprises the following steps: an authentication initialization stage; a registration stage; an authentication access stage; biometric and smart card authentication processes; password and smart card authentication processes; a session key negotiation stage; and a service authorization phase. The invention combines three factors such as biological characteristics, passwords, smart cards and the like to carry out identity authentication, and through the modularized design, the authentication stages can be flexibly combined or split to be executed, thereby realizing the identity authentication of four security levels, greatly reducing the complexity of the system and improving the efficiency of the system; corresponding key agreement protocols are designed according to the authentication with different strengths, service authorization is completed, service control in various electronic service systems can be completed, the service systems comprise a 5G network and other service systems under other complex network environments, and all known attacks can be resisted.

Description

Multi-factor general combinable authentication and service authorization method and communication service system
Technical Field
The invention belongs to the technical field of communication network security, and particularly relates to a multi-factor general combinable authentication and service authorization method and a communication service system.
Background
Currently, the current state of the art commonly used in the industry is such that: with the development of communication technology and wireless networks, more and more complex service systems are developed, which not only provide single kind of services, but also provide diversified services for users and the systems are composed of differentiated servers. Taking a 5G network to provide services as an example, 5G will provide users with high capacity, low latency and better user experience, and many services such as high definition video communication, car networking and electronic medical services will be added to the 5G platform, so secure user authentication and service authorization are the basis for system security. However, different services have differentiated security requirements, such as electronic medical needs for high-intensity security, and browsing some public information has low-latency user requirements. If different authentication and authorization schemes are designed for each service, the system complexity is greatly increased, but the services with differentiated security requirements use a uniform authentication scheme, which is obviously unreasonable, and resource waste and efficiency reduction are caused by the need of ensuring the highest level of security strength.
Currently, in order to solve the problem of authentication security of a service system, researchers have provided solutions for a variety of scenarios. For example, in order to improve the authentication strength, a multi-factor authentication mode is adopted, and authentication factors such as biological characteristics, passwords, smart cards and short messages are combined to authenticate the entity user. These solutions are mostly based on a specific scene design or can only provide a fixed security strength. Some researchers have also proposed generic authentication frameworks that can perform two-factor authentication schemes separately by combining a two-factor authentication scheme with a single-factor authentication scheme, where the two-factor scheme is a generic switchable module. If the multi-factor scheme is directly combined with the single-factor authentication scheme, the safety intensity is not improved too much, and the efficiency of the scheme is greatly reduced, so that the direct combination is not meaningful. An entity Authentication architecture (Extensible Authentication Protocol) EAP is also designed in the 3GPP standard, but each EAP series Protocol only employs a fixed Authentication scheme, such as a public key or a symmetric cryptosystem, and a plurality of independent EAP series protocols respectively provide Authentication schemes for different services or applications.
So far, only a few solutions consider implementing user authentication and authorization in a multi-service system by using a general combinable architecture, and these solutions generally start from the perspective of general design, and some modules in the designed solutions can be replaced by any sub-protocol meeting the requirements, so the design emphasis is on a general multi-factor authentication protocol design framework. However, none of these schemes address the issue of diversified usage, and cannot classify certificates according to service requirements or security levels. These schemes still can only complete a certain specific security strength, and cannot dynamically adjust the execution steps of the protocol according to different service requirements, so that the schemes are only suitable for completing the authentication function of a certain type of service of the system. If the services with different safety requirements are classified according to the safety intensity or requirements, a general authentication scheme is designed, the authentication with different safety requirements and efficiency can be completed by splitting protocol steps or combining a certain part of protocols to form a new sub-protocol to be executed independently, the service authentication and authorization work with different safety requirements can be completed by only deploying a uniform protocol in the system, and the complexity of the system is greatly reduced. In order to meet the highest security requirement of the system, the system is a multi-factor authentication scheme, but the multi-factor cannot directly superpose single-factor schemes, so that the efficiency is greatly reduced, and the security gain is not obvious. The difficulty in designing the protocol is that the protocol is reconstructed by mixing various authentication factors, but the protocol is required to be ensured to be used in a modularization mode. At present, no general authentication protocol which can be used by splitting and combining can realize multi-security-level user authentication and service authorization scheme exists. Therefore, how to implement a single scheme to accomplish service authentication and authorization with differentiated requirements is a key issue facing complex service systems.
In summary, the problems of the prior art are as follows: the prior art does not classify and authenticate according to the service requirements; at present, no detachable and combinable general authentication protocol is available for realizing multi-security-level user authentication and service authorization schemes.
The difficulty of solving the technical problems is as follows: the current general combinable scheme does not consider the problem of splitting and combining use, is generally designed aiming at the problem of replaceable general architecture, and starts from the diversity of protocol splitting and combining use and is classified and used according to the security strength. The multi-factor scheme is designed, the single-factor scheme cannot be directly superposed for use, the calculation consumption is greatly increased by direct superposition, the protocol efficiency is influenced, and the safety is not obviously improved. Therefore, the effective multi-factor scheme must be combined with a plurality of authentication factors to reconstruct the protocol, which also increases the difficulty of protocol separability, and how to mashup the plurality of factors for authentication but the protocol remains modularized and can be separated and combined for use is a design difficulty.
The significance of solving the technical problems is as follows: after the services are classified according to the security requirements, security level parameters are added in the authentication protocol, a multi-factor authentication protocol capable of being split and combined is designed, and user authentication and authorization of multiple services in the system can be completed by using a universal protocol. In the past, various different identity authentication protocols are often adopted for differentiated services in the system, which increases the burden of the system in terms of complexity, efficiency and the like. If the multi-factor authentication protocol can be used in a split and combined mode, efficiency and safety can be balanced without deploying various schemes, and the multi-factor authentication ensures the safety intensity of the schemes and can be used for completing efficient and safe user authentication and service authorization in a complex service network.
Disclosure of Invention
Aiming at the problems in the prior art, the invention provides a multi-factor general combinable authentication and service authorization method and a communication service system.
The invention is realized in this way, a multi-factor general combinable authentication and service authorization method, the multi-factor general combinable authentication and service authorization method combines three factors such as biological characteristics, passwords and smart cards to carry out identity authentication, and through modular design, the authentication stages are flexibly combined or split to be executed, thereby realizing the identity authentication of four security levels; and designing a corresponding key agreement protocol according to the authentication with different strengths and completing service authorization.
Further, the multi-factor general combinable authentication and service authorization method specifically comprises the following steps:
the first step, authentication initialization phase;
the second step, the registration stage;
step three, authentication access phase;
fourthly, the authentication process of the biological characteristics and the smart card;
fifthly, the password and smart card authentication process;
sixthly, a session key negotiation stage;
and step seven, a service authorization phase.
Further, the authentication initialization phase of the first step specifically includes:
(1) the authentication server AS runs a public key generation algorithm to generate onePair Key (PK)AS,SKAS);
(2) AS runs a symmetric key generation algorithm to generate a private key SK for the user authenticationC
(3) AS determines an elliptic curve E and calculates its base point P, n being the order of the base point P.
Further, the registration stage of the second step specifically includes:
(1) the authentication server AS checks whether the user is registered, if so, the stage S3 is directly executed; if not, generating a system unique user identification IDCThis identity is followed by two extensible domains: function identification and security level can be obtained; the value of the safety level is one of 0, 1, 2 and 3, and the safety intensity is enhanced one by one from 0 to 3;
(2) a user C collects biological characteristics on a credible device and inputs the biological characteristics into a fuzzy extractor to generate a pair of (R, N), wherein R is a random number extracted from the biological characteristics, N is an auxiliary parameter which can be disclosed, and R can be recovered if the same biological characteristics and N are input into the fuzzy extractor;
(3) user C calculates a message authentication code key KBHash (R) and (K)BN) to an authentication server AS;
(4) after the authentication server AS receives the message, the NRF generates a random number RN1And using symmetric encryption algorithm SKECWill KBEncrypt to generate DK
Figure GDA0002994272750000031
The calculation formula is as follows:
Figure GDA0002994272750000032
Figure GDA0002994272750000033
AS constructs biometric authentication information group DBio
Figure GDA0002994272750000034
The calculation formula is as follows:
DBio=(N,DK,Hash,Rep);
Figure GDA0002994272750000035
wherein, the Hash is a Hash function used in the scheme, and the Rep is a recovery function in the fuzzy extractor; AS generates 2 new random numbers RN2、RN3And calculates password authentication information DE
Figure GDA0002994272750000036
The calculation formula is as follows:
Figure GDA0002994272750000037
Figure GDA0002994272750000038
AS structure
Figure GDA0002994272750000039
(5) The authentication server AS will have D storedC、DBioAnd the smart card SC of the shared elliptic curve E, P is handed over to the user C; for mobile equipment in a wireless network, the data is safely transmitted and stored;
(6) k for user CBEncryption DBioStoring and selecting a password PW, and producing a random number RN by the user equipment4And calculates password authentication information
Figure GDA00029942727500000310
(7) Authentication server storage
Figure GDA00029942727500000311
And deletes RN3,DBio
Further, the authentication access phase of the third step specifically includes:
(1) selecting the required service and checking whether the effective token exists or not by the user C, if the user C has the effective token for obtaining the service, not executing the following steps, directly executing the step six, and if the effective token does not exist, executing the step (2);
(2) c sending a service authentication request (ID)CRequest) to the authentication server;
(3) authentication server AS checks the IDCThe maximum of the security levels of the back links is SR, if SR is 0, the authentication is completed, step four, step five and step six are not performed, and step seven is directly performed; if the SR is 1 and 3, executing the step four, if the SR is 2, not executing the step four, and directly executing the step five; and the AS informs the user C to execute corresponding steps according to the judgment and transmission (SR, Attach).
Further, the biometric and smart card authentication process of the fourth step specifically includes:
(1) user C generates a new random number RN5And will (ID)C,T1,RN5) Sending the information to an authentication server AS;
(2) after receiving the message, the authentication server AS executes the following steps:
1) checking the time stamp T1Whether the time stamp is valid or not, if the time stamp is not valid, the authentication fails, the authentication is stopped, and if the time stamp is valid, 2) is executed;
2) by IDCFinding the user's corresponding one in the database
Figure GDA0002994272750000041
Using SK in combinationCDecrypting to obtain KB
3) Generation of random number RN6And calculates an authentication message DK、MKThe calculation formula is as follows:
Figure GDA0002994272750000049
Figure GDA0002994272750000042
4) transmitting (T)2||RN6,MK) To user C;
(3) after receiving the message, the user C executes the following steps:
1) checking the time stamp T2Whether the time stamp is valid or not, if the time stamp is not valid, the authentication fails, the authentication is stopped, and if the time stamp is valid, 2) is executed;
2) the biometric Bio ' is recorded on the device, R ' Rep (Bio ', N) is recovered by the fuzzy extractor and the auxiliary string N and K ' is calculated 'B=Hash(R');
3) By KBDecryption
Figure GDA0002994272750000043
Obtaining DK、MKThe calculation formula is as follows:
Figure GDA0002994272750000044
4) calculating MKWhether or not equal to
Figure GDA0002994272750000045
If the equation is not satisfied, the authentication is failed, and if the equation is satisfied, 5) is executed;
5) computing
Figure GDA0002994272750000046
And send (Tag, T)3) To the authentication server AS;
(4) after receiving the message, the authentication server AS executes the following steps:
1) checking the time stamp T3Whether the time stamp is valid or not, if the time stamp is not valid, the authentication fails, the authentication is stopped, and if the time stamp is valid, 2) is executed;
2) authentication
Figure GDA0002994272750000047
If the equation is not established, the authentication fails, and if the equation is established, the step (5) is executed;
(5) and when the SR is 1, the authentication is successful, the step six is directly executed, and if the SR is 3, the step five is executed.
Further, the password and smart card authentication process in the fifth step specifically includes:
(1) user C inputs password PW' and calculates password authentication message M1The calculation formula is as follows:
Figure GDA0002994272750000048
c will (ID)C,RN2,DE,M1,T3) Sending the information to an authentication server AS;
(2) after receiving the message, the authentication server AS executes the following steps:
1) checking the time stamp T4Whether the time stamp is valid or not, if the time stamp is not valid, the authentication fails, the authentication is stopped, and if the time stamp is valid, 2) is executed;
2) computing
Figure GDA0002994272750000051
And verify
Figure GDA0002994272750000052
Whether the equality is established or not, if not, the authentication fails; if the equation is true, then execute 3);
3) generating new random numbers
Figure GDA0002994272750000053
And calculates new password parameters
Figure GDA0002994272750000054
The calculation formula is as follows:
Figure GDA0002994272750000055
Figure GDA0002994272750000056
4) computing authentication messages M2、M3The calculation formula is as follows:
Figure GDA0002994272750000057
Figure GDA0002994272750000058
5) sending
Figure GDA0002994272750000059
To user C;
(3) after receiving the message, the user C executes the following steps:
1) checking the time stamp T5Whether the time stamp is valid or not, if the time stamp is not valid, the authentication fails, the authentication is stopped, and if the time stamp is valid, 2) is executed;
2) verification equation
Figure GDA00029942727500000510
And
Figure GDA00029942727500000511
if yes, executing 3), and if one equation is not satisfied, failing authentication;
3) generation of a new random number RN4And calculates new authentication information DnewThe calculation formula is as follows:
Figure GDA00029942727500000512
4) will (D)E,D,RN2,RN4) Is replaced by
Figure GDA00029942727500000513
Further, the session key negotiation stage in the sixth step specifically includes:
(1) the authentication server AS performs the following steps:
1) checking the SR in the fourth step and the fifth step, and if the SR is 0, directly performing the seventh step, otherwise, performing 2);
2) selecting a random number
Figure GDA00029942727500000514
3) Calculating secret side information SMASThe calculation formula is as follows:
when SR is 1, SMAS=Hash(IDC||KB||RN6);
When the SR is 2, the process is repeated,
Figure GDA00029942727500000515
when SR is 3:
Figure GDA00029942727500000516
4) computing
Figure GDA00029942727500000517
5) Sending KASTo user C;
(2) after receiving the message, the user C executes the following steps:
1) selecting a random number
Figure GDA0002994272750000061
2) Calculating secret side information SMCThe calculation formula is as follows:
when SR is 1, SMC=Hash(IDC||KB||RN6);
When SR ═At the time of 2, the reaction kettle is opened,
Figure GDA0002994272750000062
when SR is 3:
Figure GDA0002994272750000063
3) computing
Figure GDA0002994272750000064
4) Computing
Figure GDA0002994272750000065
KSA session key negotiated for the authentication server and the user;
5) sending
Figure GDA0002994272750000066
To the authentication server AS;
(3) after receiving the message, the authentication server AS executes the following steps:
1) computing
Figure GDA0002994272750000067
2) By KSDecryption
Figure GDA0002994272750000068
If the decryption result is aP, the authentication server considers that the negotiation is successful, otherwise, the negotiation is failed;
3) sending
Figure GDA00029942727500000613
To user C;
(4) k for user CSDecryption
Figure GDA0002994272750000069
If the decryption result is bP, C considers the negotiation to be successful, otherwise, the negotiation fails.
Further, the service authorization phase in the seventh step specifically includes:
(1) when a user C needs to obtain a certain service, inquiring whether the user C has an effective token for obtaining the service, if so, directly executing the step, otherwise, executing the step (2);
(2) the user C and the authentication server AS execute the third step to finish authentication and key agreement of corresponding levels; if the authentication or the key agreement fails, ending the seventh step, if the authentication or the key agreement fails, and if the authentication or the key agreement fails, executing the step (3);
(3) user C sends a service authorization request MRS=(IDCServiceRequest) to the authentication server AS;
(4) after receiving the message, the authentication server AS executes the following steps:
1) determining that the SR in the service request is smaller than or equal to the SR in the authentication process, and if the SR in the service request is larger than the SR in the authentication process, skipping to execute (2);
2) generating tokens
Figure GDA00029942727500000610
Wherein the IDSTo provide a service on demand of a user, KCSFor the session key between the server and the user, the authentication server will pass K through the secure system channelCSSending to the server;
3) sending
Figure GDA00029942727500000611
To user C, when SR is 0, the data is not encrypted;
(5) after user C receives the message, use K for the messageSAfter decryption, sending the service request to a server providing the service:
Figure GDA00029942727500000612
(6) the server verifies the validity of the token through the authentication server after receiving the message;
(7) the authentication server returns the verification result to the server providing the service, if the token is illegal, the authorization fails, if the token is legal, the authorization succeeds, and the service required by the user is provided.
The invention also aims to provide a communication service system applying the multi-factor general combinable authentication and service authorization method.
In summary, the advantages and positive effects of the invention are: the invention combines three authentication factors of biological characteristics, password and intelligent card to carry out authentication, thereby improving the security intensity of entity user authentication.
The invention provides the security level of authentication, the protocol adopts a modularized design, a plurality of authentication factors are organically combined, the protocol can be split or combined for use according to the security level, the authentication server completes the functions of user authentication and service authorization, and the corresponding server is redistributed to provide the service required by the user. Therefore, the service authorization with different safety requirements can be completed by using a uniform authentication and authorization scheme in a system with multiple types of services, the complexity of the system is greatly reduced, the service authorization efficiency is improved, and the calculation and communication overhead in the authentication process is reduced.
The invention can directly realize the differential authentication and the service authorization in a complex service system and can resist all known attacks at present.
Drawings
Fig. 1 is a flowchart of a multi-factor general combinable authentication and service authorization method according to an embodiment of the present invention.
Fig. 2 is a flowchart of an implementation of the multi-factor general combinable authentication and service authorization method according to the embodiment of the present invention.
Fig. 3 is a flowchart of a multi-factor user identity authentication and session key agreement process in the service system according to an embodiment of the present invention.
Fig. 4 is a flowchart of a user service authorization process in the service system according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail with reference to the following embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The technical problem to be solved by the invention is to provide a multi-factor general combinable authentication and service authorization method suitable for a service system, greatly reduce the complexity of the service system through a new method, improve the authentication and service authorization efficiency of entity users in the system, and realize the high-efficiency and safe user authentication and service authorization of differentiated services in the service system.
The application of the principles of the present invention will now be described in detail with reference to the accompanying drawings.
As shown in fig. 1, the multi-factor general combinable authentication and service authorization method provided by the embodiment of the present invention includes the following steps:
s101: identity authentication is carried out by combining three factors such as biological characteristics, passwords, smart cards and the like, and through a modular design, the authentication stages are flexibly combined or split to be executed, so that the identity authentication of four security levels is realized;
s102: and designing a corresponding key agreement protocol according to the authentication with different strengths and completing service authorization.
The application of the principles of the present invention will be further described with reference to fig. 2-4.
In a diversified service system, a biological characteristic, password and smart card three-factor authentication technology is used, an authentication protocol is designed in a modularized mode, and a unified scheme is achieved to finish user authentication and service authorization of four security levels. The system divides the service into four different security levels according to the security intensity requirement of the service, and the user firstly enters the system to register in a secure environment. When a user needs to obtain a certain service or a plurality of services, whether the user has a token authorizing the service is checked, if not, a part of or all steps in an authentication protocol need to be selected and executed according to the security level of the service. When the highest security level of the required service is 0, the token can be obtained only by reading the information in the smart card to complete the authentication access step for the service with low security requirement and higher efficiency requirement, and the service is obtained on the corresponding server. When the highest security level of the required service is 1 or 2, the identity authentication of the biometric combined with the smart card and the identity authentication of the password combined with the smart card need to be respectively executed, and the biometric authentication is a faster and user-friendly authentication mode compared with the password. When the highest security level of the required service is 3, the whole authentication scheme is required to be executed, complete three-factor authentication is completed, and the highest security strength is guaranteed. The method greatly reduces the complexity of the system, improves the service authorization efficiency, reduces the calculation and communication expenses in the authentication process, and can resist all known attacks at present.
For the purpose of clearly explaining the technical scheme of the invention, firstly, the meaning of technical terms in the invention is defined as follows:
AS: an authentication server; c: a user/client; SKE: a symmetric cryptosystem;
sign: an electronic signature; hash: a hash algorithm; MAC: a message authentication code.
The multi-factor general combinable authentication and service authorization method provided by the embodiment of the invention comprises the following steps:
s1, authentication initialization phase;
s2, registration phase;
s3, authenticating the access stage;
s4, biometric feature and smart card authentication process;
s5, password and smart card authentication process;
s6, a session key negotiation stage;
s7, service authorization phase.
In this embodiment, step S1 includes:
s11, the authentication server AS generates a Pair of Keys (PK) by running a public key generation algorithmAS,SKAS);
S12, AS runs symmetric key generation algorithm to generate private key SK for user authenticationC
S13, AS determines an elliptic curve E and calculates a base point P, wherein n is the order of the base point P;
in this embodiment, step S2 specifically includes:
s21, the authentication server AS checks whether the user is registered, if so, the stage S3 is executed directly; if not, a system unique is generatedUser identification IDCThis identity is followed by two extensible domains: the function identification and the security level can be obtained. The value of the safety level is one of 0, 1, 2 and 3, and the safety intensity is enhanced one by one from 0 to 3;
s22, a user C collects biological characteristics on a credible device and inputs the biological characteristics into a fuzzy extractor to generate a pair of R and N, wherein R is a random number extracted from the biological characteristics, N is an auxiliary parameter which can be disclosed, and R can be recovered if the same biological characteristics (allowing an error with certain precision) and N are input into the fuzzy extractor;
s23, user C calculates a message authentication code key KBHash (R) and (K)BN) to an authentication server AS;
s24, after the authentication server AS receives the message, NRF generates random number RN1And using symmetric encryption algorithm SKECWill KBEncrypt to generate DK
Figure GDA0002994272750000081
The calculation formula is as follows:
Figure GDA0002994272750000082
Figure GDA0002994272750000091
AS constructs biometric authentication information group DBio
Figure GDA0002994272750000092
The calculation formula is as follows:
DBio=(N,DK,Hash,Rep);
Figure GDA0002994272750000093
where Hash is the Hash function used in the scheme and Rep is the recovery in the fuzzy extractorA function; AS generates 2 new random numbers RN2、RN3And calculates password authentication information DE
Figure GDA0002994272750000094
The calculation formula is as follows:
Figure GDA0002994272750000095
Figure GDA0002994272750000096
AS structure
Figure GDA0002994272750000097
S25, authentication server AS will store DC、DBioAnd the smart card SC sharing the elliptic curve E, P is handed over to user C. For mobile equipment in a wireless network, such as 5G equipment, a USIM card is generally arranged, and only the data needs to be transmitted and stored safely;
s26, K for user CBEncryption DBioStoring and selecting a password PW, and producing a random number RN by the user equipment4And calculates password authentication information
Figure GDA0002994272750000098
S27, authentication server storage
Figure GDA0002994272750000099
And deletes RN3,DBio
In this embodiment, step S3 specifically includes:
s31, selecting the needed service and checking whether there is a valid authorization token, if the user C has a valid token for obtaining the service, executing the following steps directly S6, and if there is no valid token, executing the following S32;
s32, C sends a service authentication request (ID)CRequest) to the authentication server;
s33, authentication server AS check IDCThe maximum security level of the back link is SR, and if SR is 0, the authentication is completed and S4, S5, and S6 are not performed, and S7 is directly performed. If SR is 1, 3, S4 is executed, and if SR is 2, S4 is not executed, and S5 is directly executed. The AS informs the user C to execute corresponding steps according to the judgment and transmission (SR, Attach);
in this embodiment, step S4 specifically includes:
s41, user C generates a new random number RN5And will (ID)C,T1,RN5) Sending the information to an authentication server AS;
s42, when the authentication server AS receives the message, executing the following steps:
(1) checking the time stamp T1If the time stamp is valid, the authentication fails if the time stamp is not valid, the authentication is stopped, and if the time stamp is valid, the step (2) is executed;
(2) by IDCFinding the user's corresponding one in the database
Figure GDA00029942727500000910
Using SK in combinationCDecrypting to obtain KB
(3) Generation of random number RN6And calculates an authentication message DK、MKThe calculation formula is as follows:
Figure GDA00029942727500000911
Figure GDA00029942727500000912
(4) transmitting (T)2||RN6,MK) To user C;
s43, when the user C receives the message, executing the following steps:
(1) checking the time stamp T2If the time stamp is valid, the authentication fails if the time stamp is not valid, the authentication is stopped, and if the time stamp is valid, the authentication is executedRow (2);
(2) the biometric Bio ' is recorded on the device, R ' Rep (Bio ', N) is recovered by the fuzzy extractor and the auxiliary string N and K ' is calculated 'B=Hash(R');
(3) By KBDecryption
Figure GDA0002994272750000101
Obtaining DK、MKThe calculation formula is as follows:
Figure GDA0002994272750000102
(4) calculating MKWhether or not equal to
Figure GDA0002994272750000103
If the equation is not satisfied, the authentication fails, if so, the step (5) is executed;
(5) computing
Figure GDA0002994272750000104
And send (Tag, T)3) To the authentication server AS;
s44, when the authentication server AS receives the message, executing the following steps:
(1) checking the time stamp T3If the time stamp is valid, the authentication fails if the time stamp is not valid, the authentication is stopped, and if the time stamp is valid, the step (2) is executed;
(2) authentication
Figure GDA0002994272750000105
If the equation is not satisfied, the authentication fails, and if the equation is not satisfied, the step S45 is executed;
s45, when SR is 1, the authentication is successful, and the step S6 is directly executed, and if SR is 3, the step S5 is executed;
in this embodiment, the step S5 specifically includes:
s51, user C inputs password PW' and calculates password authentication message M1The calculation formula is as follows:
Figure GDA0002994272750000106
c will (ID)C,RN2,DE,M1,T3) Sending the information to an authentication server AS;
s52, when the authentication server AS receives the message, executing the following steps:
(1) checking the time stamp T4If the time stamp is valid, the authentication fails if the time stamp is not valid, the authentication is stopped, and if the time stamp is valid, the step (2) is executed;
(2) computing
Figure GDA0002994272750000107
And verify
Figure GDA0002994272750000108
Whether the equality is established or not, if not, the authentication fails; if the equation is established, executing (3);
(3) generating new random numbers
Figure GDA0002994272750000109
And calculates new password parameters
Figure GDA00029942727500001010
The calculation formula is as follows:
Figure GDA00029942727500001011
Figure GDA00029942727500001012
(4) computing authentication messages M2、M3The calculation formula is as follows:
Figure GDA00029942727500001013
Figure GDA00029942727500001014
(5) sending
Figure GDA00029942727500001015
To user C;
s53, when the user C receives the message, executing the following steps:
(1) checking the time stamp T5If the time stamp is valid, the authentication fails if the time stamp is not valid, the authentication is stopped, and if the time stamp is valid, the step (2) is executed;
(2) verification equation
Figure GDA0002994272750000111
And
Figure GDA0002994272750000112
if the two equations are not satisfied, the authentication fails;
(3) generation of a new random number RN4And calculates new authentication information DnewThe calculation formula is as follows:
Figure GDA0002994272750000113
(4) will (D)E,D,RN2,RN4) Is replaced by
Figure GDA0002994272750000114
In this embodiment, step S6 specifically includes:
s61, the authentication server AS executes the following steps:
(1) checking SR at S4 and S5 stages, if SR is 0, then proceed directly to S7, otherwise execute (2);
(2) selecting a random number
Figure GDA0002994272750000115
(3) Calculating secret side information SMASThe calculation formula is as follows:
when SR is 1, SMAS=Hash(IDC||KB||RN6);
When the SR is 2, the process is repeated,
Figure GDA0002994272750000116
when SR is 3:
Figure GDA0002994272750000117
(4) computing
Figure GDA0002994272750000118
(5) Sending KASTo user C;
s62, after receiving the message, the user C executes the following steps:
(1) selecting a random number
Figure GDA0002994272750000119
(2) Calculating secret side information SMCThe calculation formula is as follows:
when SR is 1, SMC=Hash(IDC||KB||RN6);
When the SR is 2, the process is repeated,
Figure GDA00029942727500001110
when SR is 3:
Figure GDA00029942727500001111
(3) computing
Figure GDA00029942727500001112
(4) Computing
Figure GDA00029942727500001113
KSA session key negotiated for the authentication server and the user;
(5) sending
Figure GDA00029942727500001114
To the authentication server AS;
s63, when the authentication server AS receives the message, executing the following steps:
(1) computing
Figure GDA00029942727500001115
(2) By KSDecryption
Figure GDA00029942727500001116
If the decryption result is aP, the authentication server considers that the negotiation is successful, otherwise, the negotiation is failed;
(3) sending
Figure GDA0002994272750000121
To user C;
s64, K for user CSDecryption
Figure GDA0002994272750000122
If the decryption result is bP, C considers that the negotiation is successful, otherwise, the negotiation is failed;
in this embodiment, step S7 specifically includes:
s71, when the user C needs to obtain a certain service, inquiring whether the user C has an effective token for obtaining the service, if yes, directly executing the step, otherwise, executing S72;
s72, user C and AS execute S3 to complete corresponding grade authentication and key agreement; if the authentication or the key agreement fails, ending the step S7, if the authentication or the key agreement fails, executing the step S73;
s73, user C sends service authorization request MRS=(IDCServiceRequest) to the authentication server AS;
s74, when the authentication server AS receives the message, executing the following steps:
(1) determining that the SR in the service request is less than or equal to the SR in the authentication process, and if the SR in the service request is greater than the SR in the authentication process, skipping to execute S72;
(2) generating tokens
Figure GDA0002994272750000123
Wherein the IDSTo provide a service on demand of a user, KCSFor the session key between the server and the user, the authentication server will pass K through the secure system channelCSSending to the server;
(3) sending
Figure GDA0002994272750000124
To user C, when SR is 0, the data is not encrypted;
s75, after user C receives the message, using K for the messageSAfter decryption, sending the service request to a server providing the service:
Figure GDA0002994272750000125
s76, the server verifies the validity of token after receiving the message through the authentication server;
s77, the authentication server returns the verification result to the server providing the service, if the token is illegal, the authorization is failed, and if the token is legal, the service required by the user is provided;
in this embodiment, if the server providing the service in step S77 receives the verification success return message from the authentication server, it sends a service reply to the user C and provides the corresponding service requested by the user C, and the authorization is successful.
The invention has the following characteristics:
1) the invention combines three authentication factors of biological characteristics, password and intelligent card to carry out authentication, thereby improving the security strength of entity user authentication;
2) the invention designs the safety level of authentication, the protocol adopts a modularized design, a plurality of authentication factors are organically combined, the protocol can be split or combined for use according to the safety level, the authentication server completes the functions of user authentication and service authorization, and the corresponding server is redistributed to provide the service required by the user. Therefore, the service authorization with different safety requirements can be completed by using a uniform authentication and authorization scheme in a system with multiple types of services, thereby greatly reducing the complexity of the system, improving the service authorization efficiency and reducing the calculation and communication overhead in the authentication process;
3) the invention can directly realize the differential authentication and the service authorization in a complex service system and can resist all known attacks at present.
The application of the principles of the present invention will now be described in further detail with reference to specific embodiments.
(1) Authentication of user C by the authentication server AS: when the security level is 1, the server verifies whether the challenge response Tag is
Figure GDA0002994272750000126
To authenticate the user. The attacker cannot obtain the correct KBAnd decrypt in the smart card
Figure GDA0002994272750000131
Since he cannot forge the fingerprint data of the legitimate user C. When the security level is 2, the server authenticates the user by verifying whether the equation holds:
Figure GDA0002994272750000132
if the password PW' input this time is PW, the equation:
Figure GDA0002994272750000133
this is true. Without the correct password, the attacker cannot generate the correct M because of the collision resistance of the hash function1. When the security level is 3, the server authenticates the user in the above two ways.
(2) Authentication of user C to the authentication server AS: while being safeAt level 1, the user passes the authentication equation
Figure GDA0002994272750000134
If it is true, the attacker does not have KBOr SKCTime-unavailable access to construct D from smart card or serverKThen authentication cannot be passed. When the security level is 2, the user passes the authentication equation
Figure GDA0002994272750000135
And equation
Figure GDA0002994272750000136
And whether the validity of the server is established or not is judged. If there is no secret parameter (SK) of the serverC,RN3) If M is not constructed2And M3. Similarly, when the security level is 3, the user performs the above two methods to authenticate the server.
(3) And key negotiation security: k sent by server in key agreement phaseASAnd K sent by the userCThe key information is obtained by exclusive-or between the hash value of the secret value at the time of authentication and the key information generated by the ECDH algorithm. First, the attacker does not have the user's biometric, password, and server secret parameters (SK)C,RN3) When the aP or bP cannot be derived from the intercepted information in the public channel. Secondly, even if the adversary obtains partial secret data or accidentally deduces aP or bP, he cannot calculate the session key abP because the scheme is based on the elliptic curve Diffie-Hellman problem (ECDHP) and the Elliptic Curve Discrete Logarithm Problem (ECDLP).
(4) Resisting replay attack: in the scheme, the time stamp and the random number are used for preventing replay attack. In each round of verification, the two parties check whether the received message timestamp is valid, and the attacker cannot pass the verification of the message before sending because the attacker does not have the biological characteristics, the password and the SKCWhen the secret information is obtained, new cognitive information Tag and M cannot be constructed for each roundk. And random number RN for password authentication2、RN3And RN4At each authenticationAnd then updated.
(5) Counterfeiting attack: in this scheme, if the attacker has no server secret information SKCThen it is impossible to forge M that can pass the verificationK、M2And M3. Furthermore, based on the unidirectionality of the hash function, an attacker cannot deduce SK from public parameters or informationCAnd RN3. On the other hand, an attacker attacks the slave M according to the collision resistance of the hash1It is not possible to extract authentication information, such as a password. For the biological characteristic authentication, an attacker cannot obtain the correct KBThe challenge of the server is fulfilled.
(6) Resisting man-in-the-middle attack: in the key agreement phase, aP is secret information SMASHidden, and similarly, the bP is hidden by the secret information SMCIs hidden. SMASAnd SMCThe secret information owned by the two parties in the authentication process can not be obtained by an attacker, so that the attacker can not intercept K transmitted on a public channelASAnd KCIntermediate keys taP and tbP are generated.
(7) The method is used for resisting the smart card loss attack: if the attacker obtains the smart card, the attacker cannot obtain K because of no user biological characteristics when the security level is 1BTherefore, D stored in the card cannot be decryptedKThe challenge of the server cannot be fulfilled. When the security level is 2, an attacker does not know the password PW of the user, and cannot construct M1Because of the unidirectional property of the hash function, the password PW cannot be derived from the data D in the smart card.
The above proves that the scheme can complete the authentication and key agreement functions and resist the existing attack.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.

Claims (7)

1. A multi-factor general combinable authentication and service authorization method is characterized in that the multi-factor general combinable authentication and service authorization method is combined with biological characteristics, passwords and smart cards to carry out identity authentication, and through a modular design, authentication stages are flexibly combined or split to be executed, so that identity authentication of four security levels is realized; providing a corresponding key agreement protocol according to the authentication with different strengths and completing service authorization;
the multi-factor general combinable authentication and service authorization method specifically comprises the following steps:
the first step, authentication initialization phase;
the second step, the registration stage; the method specifically comprises the following steps:
(1) the authentication server AS checks whether the user is registered, if so, the third step is directly executed; if not, generating a system unique user identification IDCThis identity is followed by two extensible domains: function identification and security level can be obtained; the value of the safety level is one of 0, 1, 2 and 3, and the safety intensity is enhanced one by one from 0 to 3;
(2) a user C collects biological characteristics on a credible device and inputs the biological characteristics into a fuzzy extractor to generate a pair of (R, N), wherein R is a random number extracted from the biological characteristics, N is an auxiliary parameter which can be disclosed, and R can be recovered if the same biological characteristics and N are input into the fuzzy extractor;
(3) user C calculates a message authentication code key KBHash (R) and (K)BN) to an authentication server AS;
(4) after receiving the message, the authentication server AS generates a random number RN1And using symmetric encryption algorithm SKECWill KBEncrypt to generate DK
Figure FDA0003207185630000011
The calculation formula is as follows:
Figure FDA0003207185630000012
Figure FDA0003207185630000013
AS constructs biometric authentication information group DBio
Figure FDA0003207185630000014
The calculation formula is as follows:
DBio=(N,DK,Hash,Rep);
Figure FDA0003207185630000015
wherein, the Hash is a Hash function used in the scheme, and the Rep is a recovery function in the fuzzy extractor; AS generates 2 new random numbers RN2、RN3And calculates password authentication information DE
Figure FDA0003207185630000016
The calculation formula is as follows:
Figure FDA0003207185630000017
Figure FDA0003207185630000018
Figure FDA0003207185630000019
(5) the authentication server AS will have D storedC、DBioAnd the smart card SC of the shared elliptic curve E, P is handed over to the user C; for mobile equipment in a wireless network, the data is safely transmitted and stored;
(6) k for user CBEncryption DBioStoring and selecting a password PW, and generating a random number RN by the user equipment4And calculate the mouthPassword authentication information
Figure FDA00032071856300000110
(7) Authentication server storage
Figure FDA00032071856300000111
And deletes RN3,DBio
Step three, authentication access phase;
fourthly, the authentication process of the biological characteristics and the smart card;
fifthly, the password and smart card authentication process;
sixthly, a session key negotiation stage;
and step seven, a service authorization phase.
2. The multi-factor generic combinable authentication and service authorization method of claim 1, wherein the authentication initialization phase of the first step specifically comprises:
(1) the authentication server AS runs a public key generation algorithm to generate a pair of secret keys (PK)AS,SKAS);
(2) AS runs symmetric key generation algorithm to generate key SK for user authenticationC
(3) AS determines an elliptic curve E and calculates its base point P, n being the order of the base point P.
3. The multi-factor generic combinable authentication and service authorization method of claim 1, wherein the authenticated access phase of the third step specifically comprises:
(1) the user C selects the required service and checks whether an effective token exists, if the user C has the effective token for obtaining the service, the following steps are not executed, the sixth step is directly executed, and if the user C does not have the effective token, the step (2) is executed;
(2) c sending a service authentication request (ID)CRequest) to the authentication server;
(3) authentication server AS checks the IDCAfter-linkingThe maximum security level is SR, if SR is 0, the authentication is finished, the fourth step, the fifth step and the sixth step are not performed any more, and the seventh step is directly executed; if SR is 1, 3, executing the fourth step, if SR is 2, not executing the fourth step, and directly executing the fifth step; and the AS informs the user C to execute corresponding steps according to the judgment and transmission (SR, Attach).
4. The multi-factor universal combinable authentication and service authorization method of claim 1, wherein the biometric and smart card authentication process of the fourth step specifically comprises:
(1) user C generates a new random number RN5And will (ID)C,T1,RN5) Sending the information to an authentication server AS;
(2) after receiving the message, the authentication server AS executes the following steps:
2.1) checking the time stamp T1Whether the time stamp is valid or not, if the time stamp is not valid, the authentication fails, the authentication is stopped, and if the time stamp is valid, 2.2) is executed;
2.2) passing IDCFinding the user's corresponding one in the database
Figure FDA0003207185630000021
Using SK in combinationCDecrypting to obtain KB
2.3) generating random numbers RN6And calculates an authentication message DK、MKThe calculation formula is as follows:
Figure FDA0003207185630000022
Figure FDA0003207185630000023
2.4) Transmission (T)2||RN6,MK) To user C;
(3) after receiving the message, the user C executes the following steps:
3.1) checking the time stamp T2Whether the time stamp is valid or not, if the time stamp is not valid, the authentication fails, the authentication is stopped, and if the time stamp is valid, 3.2) is executed;
3.2) recording the biometric Bio ' on the device, recovering R ' ═ Rep (Bio ', N) and calculating K ' by means of the fuzzy extractor and the auxiliary parameter N 'BHash (R'); wherein N is an auxiliary parameter which can be disclosed;
3.3) with KBDecryption
Figure FDA0003207185630000031
Obtaining DK、MKThe calculation formula is as follows:
Figure FDA0003207185630000032
3.4) calculating MKWhether or not equal to
Figure FDA0003207185630000033
If the equation is not satisfied, the authentication fails, and if the equation is satisfied, 3.5) is executed;
3.5) calculation
Figure FDA0003207185630000034
And send (Tag, T)3) To the authentication server AS;
(4) after receiving the message, the authentication server AS executes the following steps:
4.1) check the timestamp T3Whether the time stamp is valid or not, if the time stamp is not valid, the authentication fails, the authentication is stopped, and if the time stamp is valid, 4.2) is executed;
4.2) verification
Figure FDA0003207185630000035
If the equation is not established, the authentication fails, and if the equation is established, the step (5) is executed;
(5) and when the SR is 1, the authentication is successful, the sixth step is directly executed, and if the SR is 3, the fifth step is executed.
5. The multi-factor generic combinable authentication and service authorization method of claim 4, wherein the password and smart card authentication process of the fifth step specifically comprises:
(1) user C inputs password PW' and calculates password authentication message M1The calculation formula is as follows:
Figure FDA0003207185630000036
c will (ID)C,RN2,DE,M1,T3) Sending the information to an authentication server AS;
(2) after receiving the message, the authentication server AS executes the following steps:
2-1) checking the time stamp T4Whether the time stamp is valid or not, if the time stamp is not valid, the authentication fails, the authentication is stopped, and if the time stamp is valid, 2-2) is executed;
2-2) calculation
Figure FDA0003207185630000037
And verify
Figure FDA0003207185630000038
Whether the equality is established or not, if not, the authentication fails; if the equation is true, execute 2-3);
2-3) generating a new random number
Figure FDA0003207185630000039
And calculates new password parameters
Figure FDA00032071856300000310
The calculation formula is as follows:
Figure FDA00032071856300000311
Figure FDA00032071856300000312
2-4) computing an authentication message M2、M3The calculation formula is as follows:
Figure FDA00032071856300000313
Figure FDA00032071856300000314
2-5) transmitting
Figure FDA00032071856300000315
To user C;
(3) after receiving the message, the user C executes the following steps:
3-1) checking the time stamp T5Whether the time stamp is valid or not, if the time stamp is not valid, the authentication fails, the authentication is stopped, and if the time stamp is valid, 3-2) is executed;
3-2) verification equation
Figure FDA00032071856300000316
And
Figure FDA0003207185630000041
whether all the equations are established or not, if all the equations are established, executing 3-3), and if one of the equations is not established, failing the authentication;
3-3) generating a new random number RN4And calculates new authentication information DnewThe calculation formula is as follows:
Figure FDA0003207185630000042
3-4) mixing (D)E,D,RN2,RN4) Is replaced by
Figure FDA0003207185630000043
6. The multi-factor general combinable authentication and service authorization method of claim 5, wherein the session key agreement phase of the sixth step specifically comprises:
(1) the authentication server AS performs the following steps:
i-1) checking the SR in the fourth step and the fifth step, if the SR is 0, directly performing the seventh step, otherwise, performing i-2);
i-2) selecting a random number
Figure FDA0003207185630000044
i-3) calculating secret side information SMASThe calculation formula is as follows:
when SR is 1, SMAS=Hash(IDC||KB||RN6);
When SR is 2:
Figure FDA0003207185630000045
when SR is 3:
Figure FDA0003207185630000046
i-4) calculation
Figure FDA0003207185630000047
i-5) Transmission KASTo user C;
(2) after receiving the message, the user C executes the following steps:
ii-1) selecting a random number
Figure FDA0003207185630000048
ii-2) calculating secret side information SMCThe calculation formula is as follows:
when SR is 1, SMC=Hash(IDC||KB||RN6);
When SR is 2:
Figure FDA0003207185630000049
when SR is 3:
Figure FDA00032071856300000410
ii-3) calculation of
Figure FDA00032071856300000411
ii-4) calculation of
Figure FDA00032071856300000412
KSA session key negotiated for the authentication server and the user;
ii-5) transmission
Figure FDA00032071856300000413
To the authentication server AS;
(3) after receiving the message, the authentication server AS executes the following steps:
iii-1) calculation
Figure FDA00032071856300000414
iii-2) with KSDecryption
Figure FDA00032071856300000415
If the decryption result is aP, the authentication server considers that the negotiation is successful, otherwise, the negotiation is failed;
iii-3) Transmission
Figure FDA00032071856300000416
To user C;
(4) k for user CSDecryption
Figure FDA0003207185630000051
If the decryption result is bP, C considers the negotiation to be successful, otherwise, the negotiation fails.
7. The multi-factor general combinable authentication and service authorization method of claim 6, wherein the service authorization phase of the seventh step specifically comprises:
(1) when a user C needs to obtain a certain service, inquiring whether the user C has an effective token for obtaining the service, if so, directly executing the step (3), otherwise, executing the step (2);
(2) the user C and the authentication server AS execute authentication and key agreement of corresponding levels; if authentication or key agreement fails, finishing the seventh step, if both are successful, executing (3);
(3) user C sends a service authorization request MRS=(IDCServiceRequest) to the authentication server AS;
(4) after receiving the message, the authentication server AS executes the following steps:
1) determining that the SR in the service authorization request is less than or equal to the SR in the authentication process, and if the SR in the service authorization request is greater than the SR in the authentication process, skipping to execute (2);
2) generating tokens
Figure FDA0003207185630000052
Wherein the IDSIdentification of a server, K, for providing a user demand serviceCSFor the session key between the server and the user, the authentication server will pass K through the secure system channelCSSending to the server;
3) sending
Figure FDA0003207185630000053
To user C, when SR is 0, the data is not encrypted;
(5) after user C receives the message, use K for the messageSAfter decryption, sending a service authorization request to a server providing the service:
Figure FDA0003207185630000054
(6) the server verifies the validity of the token through the authentication server after receiving the message;
(7) the authentication server returns the verification result to the server providing the service, if the token is illegal, the authorization fails, if the token is legal, the authorization succeeds, and the service required by the user is provided.
CN201910060302.0A 2019-01-22 2019-01-22 Multi-factor general combinable authentication and service authorization method and communication service system Active CN109639731B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910060302.0A CN109639731B (en) 2019-01-22 2019-01-22 Multi-factor general combinable authentication and service authorization method and communication service system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910060302.0A CN109639731B (en) 2019-01-22 2019-01-22 Multi-factor general combinable authentication and service authorization method and communication service system

Publications (2)

Publication Number Publication Date
CN109639731A CN109639731A (en) 2019-04-16
CN109639731B true CN109639731B (en) 2021-11-30

Family

ID=66063040

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910060302.0A Active CN109639731B (en) 2019-01-22 2019-01-22 Multi-factor general combinable authentication and service authorization method and communication service system

Country Status (1)

Country Link
CN (1) CN109639731B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110661800A (en) * 2019-09-25 2020-01-07 北京计算机技术及应用研究所 Multi-factor identity authentication method supporting guarantee level
CN113691367B (en) * 2020-05-16 2024-04-12 成都天瑞芯安科技有限公司 Desensitization safety biological characteristic identity authentication method
CN115804063A (en) * 2020-07-10 2023-03-14 维萨国际服务协会 Engine for configuring access request authentication
CN112333152A (en) * 2020-10-13 2021-02-05 西安电子科技大学 Bidirectional authentication method, system, medium, computer device, terminal and application
CN112367665B (en) * 2020-11-02 2022-02-01 广州爱浦路网络技术有限公司 Method, device and system for allowing pNF in 5G core network to pass NRF authentication cNF
CN112954675B (en) * 2021-03-02 2023-03-24 西安电子科技大学 Multi-gateway authentication method, system, storage medium, computer device and terminal
CN114125833B (en) * 2021-10-29 2023-05-09 南京信息工程大学 Multi-factor authentication key negotiation method for intelligent device communication
CN114205091B (en) * 2021-11-30 2023-11-03 安徽大学 Network authentication and key negotiation method for automatic driving vehicle based on chaotic mapping

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102510337A (en) * 2011-12-15 2012-06-20 复旦大学 Quantitative risk and income self-adaptive dynamic multiple-factor authentication method
CN102695170A (en) * 2011-03-25 2012-09-26 国民技术股份有限公司 Mobile platform possessing identity authentication function and identity authentication method
CN105871553A (en) * 2016-06-28 2016-08-17 电子科技大学 Identity-free three-factor remote user authentication method
CN107294725A (en) * 2016-04-05 2017-10-24 电子科技大学 A kind of three factor authentication methods under environment of multi-server
CN108400962A (en) * 2017-02-08 2018-08-14 上海格尔软件股份有限公司 A kind of Authentication and Key Agreement method under multiserver framework
CN108965338A (en) * 2018-09-21 2018-12-07 杭州师范大学 The method of three factor authentications and key agreement under environment of multi-server

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9807086B2 (en) * 2015-04-15 2017-10-31 Citrix Systems, Inc. Authentication of a client device based on entropy from a server or other device
CN107360571B (en) * 2017-09-08 2020-09-01 哈尔滨工业大学深圳研究生院 Method for anonymous mutual authentication and key agreement protocol in mobile network

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102695170A (en) * 2011-03-25 2012-09-26 国民技术股份有限公司 Mobile platform possessing identity authentication function and identity authentication method
CN102510337A (en) * 2011-12-15 2012-06-20 复旦大学 Quantitative risk and income self-adaptive dynamic multiple-factor authentication method
CN107294725A (en) * 2016-04-05 2017-10-24 电子科技大学 A kind of three factor authentication methods under environment of multi-server
CN105871553A (en) * 2016-06-28 2016-08-17 电子科技大学 Identity-free three-factor remote user authentication method
CN108400962A (en) * 2017-02-08 2018-08-14 上海格尔软件股份有限公司 A kind of Authentication and Key Agreement method under multiserver framework
CN108965338A (en) * 2018-09-21 2018-12-07 杭州师范大学 The method of three factor authentications and key agreement under environment of multi-server

Also Published As

Publication number Publication date
CN109639731A (en) 2019-04-16

Similar Documents

Publication Publication Date Title
CN109639731B (en) Multi-factor general combinable authentication and service authorization method and communication service system
KR101485230B1 (en) Secure multi-uim authentication and key exchange
Tsai Efficient multi-server authentication scheme based on one-way hash function without verification table
Wang et al. A smart card based efficient and secured multi-server authentication scheme
Karuppiah et al. A dynamic id-based generic framework for anonymous authentication scheme for roaming service in global mobility networks
Lin et al. A new strong-password authentication scheme using one-way hash functions
KR20090095630A (en) Authentication delegation based on re-verification of cryptographic evidence
Nagaraju et al. SecAuthn: provably secure multi-factor authentication for the cloud computing systems
WO2014069985A1 (en) System and method for identity-based entity authentication for client-server communications
Hsu et al. A privacy-preserved E2E authenticated key exchange protocol for multi-server architecture in edge computing networks
CN116388995A (en) Lightweight smart grid authentication method based on PUF
Savitha et al. A unique secure multimodal biometrics-based user anonymous authenticated key management protocol (SMUAAKAP) based on block chain mechanism for generic HIoTNs
Liou et al. T-auth: A novel authentication mechanism for the IoT based on smart contracts and PUFs
CN110784305B (en) Single sign-on authentication method based on careless pseudorandom function and signcryption
Zhu et al. Provably Secure Multi-server Privacy-Protection System Based on Chebyshev Chaotic Maps without Using Symmetric Cryptography.
Sun et al. A lightweight multi-factor mobile user authentication scheme
KR100553792B1 (en) Apparatus and method having a function of client-to-clinet authenticattion
Sarvabhatla et al. An Energy efficient temporal credential based mutual authentication scheme for WSN
CN111062029A (en) Multi-factor authentication protocol based on identification password
Jung et al. Secure hash-based password authentication protocol using smartcards
Gupta et al. Secure and efficient session initiation protocol authentication scheme for voip communications
Chatterjee et al. A novel multi-server authentication scheme for e-commerce applications using smart card
Ngo et al. Formal verification of a secure mobile banking protocol
Luo et al. DIAM: Diversified identity authentication mechanism for 5G multi-service system
Naidu et al. Rabin cryptosystem based biometric privacy-preserving user authentication scheme for iot devices over cloud

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
CB03 Change of inventor or designer information

Inventor after: Cao Jin

Inventor after: Luo Yurong

Inventor after: Li Hui

Inventor after: Zhao Xingwen

Inventor before: Cao Jin

Inventor before: Luo Yurong

Inventor before: Li Hui

Inventor before: Zhao Xingwen

CB03 Change of inventor or designer information
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant