CN110020524A - A kind of mutual authentication method based on smart card - Google Patents
A kind of mutual authentication method based on smart card Download PDFInfo
- Publication number
- CN110020524A CN110020524A CN201910255283.7A CN201910255283A CN110020524A CN 110020524 A CN110020524 A CN 110020524A CN 201910255283 A CN201910255283 A CN 201910255283A CN 110020524 A CN110020524 A CN 110020524A
- Authority
- CN
- China
- Prior art keywords
- smart card
- background server
- key
- signature
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
Abstract
A kind of identity identifying method based on smart card, including registration step, login step and authenticating step, wherein, registration step includes, user is to backstage server registration, background server provides smart card to user, and there are two the unique identifiers of newest random key and smart card for storage in each smart card;Login step includes that smart card is inserted into card reader to log in background server by user;Authenticating step includes, after logining successfully, the legitimacy of authentication smart card and background server, wherein, described two random keys are digitally signed using improved ECC endorsement method, whole encryption is carried out to digital certificate, random key and signature by AES encryption algorithm using shared key, and updates random key after smart card authenticates successfully background server and after background server is successful to smart card authentication.This method can resist the various attacks such as common go-between, parallel session, forgery and playback, improve the safety and efficiency of verification process.
Description
Technical field
The disclosure belongs to secure identity understanding and communication technique field, and in particular to a kind of two-way authentication based on smart card
Method.
Background technique
With the fast development of smart card industry, application of IC cards is more and more extensive, therefore guarantees that smart card is set with outside
Being mutually authenticated between standby is most important to the safe transmission of data.Since Lamport has been put forward for the first time in 1981 based on not
After the remote password authentication agreement of exit passageway, there are Many researchers to propose remote user authentication agreement to improve data friendship
The safety changed.2014, Huang H F et al. proposed a kind of improved, intelligent card subscriber authenticating party based on timestamp
Case, remote server do not need to provide any verification information for user, can resist all possible attack safely.But Amin
Et al. discovery Huang H F scheme can not safely resist offline cryptogram conjecture, internal staff and forge three kinds attack.2014
Year, Islam et al. proposes one kind safely and flexibly, and the smart card remote user of the elliptic curve cipher based on dynamic I D is two-way
Certificate scheme.2015, Sarvabhatla et al. pointed out that Islam scheme can not resist the keys such as password conjecture, user's simulation and attack
It hits, and proposes a kind of smart card mutual authentication schemes based on dynamic I D, all cryptographic attacks can be resisted.Recently, Luo
Et al. propose a kind of efficient identity of the smart card security based on elliptic curve cryptosystem and be mutually authenticated scheme, can overcome
The defect of Islam scheme, and user anonymity is provided and is mutually authenticated.2015, HuangB et al. proposed a kind of based on ellipse
The key protocol certificate scheme of curve cryptography system, the program can resist card and be stolen and pretend to be attack.Chaudhry et al. is pointed out
Huang B scheme still may be influenced by pretending to be with forgery attack, and proposed one kind and can be resisted impersonation attack and mention
For enough safeties, while reducing the improvement project for calculating cost.2016, Kaul et al. proposed a kind of safety of upgrading
Efficient authentication protocol, the program can resist internal attack, the attack such as Denial of Service attack, man-in-the-middle attack.And then Mo
Et al. discovery Kaul scheme cannot keep the anonymity of user, the reason is that the client ID number in authentication phase message is not hidden
Hiding.
It is many to be suggested using the certificate scheme of ECC system in order to improve the authentication efficiency of smart card and external equipment, and
It is constantly iterated and improves, to save authenticated time, improve authentication efficiency.To sum up, current smart cards application authorization mistake
Cheng Zhong has that the attacks such as go-between, parallel session, forgery and playback cause information leakage, exists simultaneously authenticated time
The problem of long low efficiency.
Summary of the invention
In consideration of it, present disclose provides a kind of identity identifying method based on smart card, including registration step, login step
And authenticating step, wherein
Registration step includes, and user is to backstage server SBRegistration, background server SBSmart card C is provided to user, each
There are two newest random key k for storage in smart card C1, k2With the unique identifier ID of smart cardC;
Login step includes that smart card C is inserted into card reader R by userCIn to log in background server SB;
Authenticating step includes, after logining successfully, authentication smart card C and background server SBLegitimacy, wherein it is described
Two random key k1, k2It is digitally signed using improved ECC endorsement method, while being added using shared key K by AES
Close algorithm is to digital certificate, random key k1, k2And signature carries out whole encryption, and in smart card C to background server SBCertification
Success after and background server SBIt is intended to update random key k after authenticating successfully smart card C1, k2。
Through the above technical solutions, can not only to resist go-between, parallel session, forgery and playback etc. common for this method
Attack, and have calculation amount small, processing speed is fast, and it is small to occupy memory space, digital signature procedure time short advantage.
Detailed description of the invention
Fig. 1 is a kind of process signal of the identity identifying method based on smart card provided in an embodiment of the present disclosure
Figure;
Fig. 2 is the flow diagram of specific verification process provided in an embodiment of the present disclosure.
Specific embodiment
The present invention is further described in detail with reference to the accompanying drawing.
In one embodiment, referring to Fig. 1, it discloses a kind of identity identifying methods based on smart card, including registration
Step, login step and authenticating step, wherein
Registration step includes, and user is to backstage server SBRegistration, background server SBSmart card C is provided to user, each
There are two newest random key k for storage in smart card C1, k2With the unique identifier ID of smart cardC;
Login step includes that smart card C is inserted into card reader R by userCIn to log in background server SB;
Authenticating step includes, after logining successfully, authentication smart card C and background server SBLegitimacy, wherein it is described
Two random key k1, k2It is digitally signed using improved ECC endorsement method, while being added using shared key K by AES
Close algorithm is to digital certificate, random key k1, k2And signature carries out whole encryption, and in smart card C to background server SBCertification
Success after and background server SBIt is intended to update random key k after authenticating successfully smart card C1, k2。
For the embodiment, most of smart cards carry out encryption data using DES or 3DES algorithm.DES is used only 56
Key, a bit in each of 8 eight bit bytes for the odd parity in each eight bit byte, this
Weakness is easy to be utilized by attack and other known methods, therefore DES also becomes a kind of unsafe block cipher.3DES is to be based on
The Encryption Algorithm of DES, so that the limitation of 64 byte of block length causes to realize that speed is slower, during AES encryption, every wheel all makes
With displacement and alternative networks, it is suitable for hardware and software and realizes.Therefore, AES is introduced to replace DES and 3DES, can improve we
The safety of information and initial data in method.
In ECC signature process, inversion operation needs to spend longer time.Use improved ECC signature scheme logarithm
During signature, transmitting terminal calculates s=k-hrd when signingA, and r '=sG+h ' rQ is calculated in certification end sign testA=(k-
hrdA)G+h′rdAG=kG=r has calculation amount small it follows that improved ECC signature scheme does not need mould inverse operation, place
It is fast to manage speed, occupancy memory space is small, the fireballing advantage of digital signature procedure.
It is understood that the present embodiment is in verification process, using improved ECC endorsement method to random key k1, k2It carries out
Digital signature verifies signature by public key in certification end, ensure that random key k1, k2The legitimacy in source, avoids
The threat changed in transmission process by attacker.Authentication information before transmitting, is encrypted with AES symmetric key algorithm, is made
Safety in transmission process has obtained very big promotion.Aes algorithm variable-key, can independently be appointed as 128bits,
192bits,256bits.Because of the use of long key, a possibility that relieving exhaustive attack at this stage, and have stable
Fundamentals of Mathematics have the intensity of anti-cryptanalysis.
In addition, each smart card has oneself unique identification data i.e. unique identifier, user data privacy ensure that
And location privacy.
In another embodiment, the registration step further comprises: the smart card C is background server SBIt uses
Unique identifier IDC, shared key K, user password P ' and two random key k1, k2After carrying out personal settings to smart card C
It is sent by exit passageway to user;Wherein, user password P ' is not stored in background server SBDatabase in, but deposit
Storage is in smart card C, smart card C and background server SBDatabase in all store described two random key k1, k2, only
One identifier IDCWith the AES encryption key K as shared key.
Wherein, raw information to be transmitted is carried out encryption and is packed into nested again after protocol encapsulation processing by exit passageway
The data packet of another agreement is sent into network, is transmitted as general data packet.By such processing, only source
Explanation and processing are able to carry out to the nest information in channel with the user of destination, and are only not intended to for other users
The information of justice.
For the embodiment, illegal card reader RCSmart card C and background server S can not be served asBBetween centre
People, because only that when he knows shared key K and random key k1, k2Shi Caineng decrypts the information intercepted, and attacker is come
It says, it is highly difficult for finding these parameters, because these parameters are only in smart card C and background server SBBetween share.Therefore,
This method can prevent illegal card reader RCMan-in-the-middle attack.
If background server stores user password P ', when safeguarding P ', there are the risks that password is stolen.This method
It does not need user password P ' being stored in background server SBIn, it is thus eliminated that the risk that password is stolen.Therefore, this method pair
It is also safety in internaling attack.
In another embodiment, the login step further comprises: user inputs user password P, and smart card C compares
Whether user password P is equal to the user password P ' being stored in smart card C, and smart card C refusal, which logs in, if unequal asks
It asks and smart card C and card reader RCBetween there is no data exchange, otherwise card reader RCTo backstage server SBIt sends to log in and ask
It asks.
In another embodiment, it joined hardware function on smart card C and operation be updated to random key.
For the embodiment, the validity of key updating ensure that.After smart card will authenticate message transmission, need more
The random key of new storage inside, therefore introduce the function f () being solidificated in smart card hardware and update random key k1, k2,
It avoids due to the problem of key updating fails when smartcard internal breaks down.
Referring to fig. 2, in another embodiment, the authenticating step further comprises:
Step 1, background server SBUse own private keyBy improved ECC endorsement method to random key k1, k2
Signature obtainsWith shared key K by AES encryption algorithm to random key k1, k2,With background server SBCertificateEncryption, is sent to card reader R for encrypted messageC,
Card reader RCTransmit the message to smart card C;
After step 2, smart card C receive message, it is decrypted with shared key K, obtains random key k1, k2, signatureWith background server SBCertificateFirst verify background server SBCertificate it is legal
Property, it is legal, take out background server SBCertificate in SBPublic keyComplete improved ECC verifying signature, the improvement
ECC verifying sign successfully the random key k that will acquire later1, k2With the random key k of smart card C storage inside1, k2It carries out
Compare, unanimously then to card reader RCIt is proved to be successful, otherwise fails;
Step 3, to card reader RCAfter verifying terminates, smart card C own private key SKCPass through improved ECC endorsement method
To random key k1, k2With unique identifier IDCSignature obtainsPassed through with shared key K
AES encryption algorithm is to random key k1, k2With unique identifier IDC, signatureWith smart card C's
Certificate CertCEncryption, is sent to card reader R for encrypted messageC, then with the Sharing Function f () being solidificated on smart card C
Update random key k1, k2;
Step 4, card reader RCThe ciphertext E that will directly receiveK((k1||k2||IDC)||
It is transmitted to background server SB;
Step 5, background server SBThe message received is decrypted with shared key K to obtain random key k1, k2, uniquely
Identifier IDC, signatureWith the certificate Cert of smart card CC;First verify the certificate of smart card C
CertCLegitimacy, it is legal, take out the certificate Cert of smart card CCIn smart card C public key PKCRealize improved ECC
Verifying signature, improved ECC verifying sign successfully after by unique identifier IDCWith background server SBStorage inside is only
One identifierCompare, unanimously then verifies random key k1And k2Whether background server S is equal toBThe random key of storage inside
k1And k2, it is equal, smart card C is proved to be successful, then with being stored in background server SBIn Sharing Function f () update with
Secret key k1, k2。
Wherein, f () function updates k in accordance with the following methods1And k2: Wherein h () is One-Way Encryption hash function, h (IDC) it is unique identification to smart card
Accord with IDCIt picks and wants.
In the method, smart card C is by comparing message
In k1、k2With the random key k stored in smart card C1、k2Verify background server SBLegitimacy.Equally, background server
SBBy comparing messageIn IDC、k1、k2
With background server SBThe unique identifier ID of middle storageCWith random key k1、k2Verify the legitimacy of smart card C.Therefore, originally
It include smart card C and background server S in methodBBetween authentication.
For the embodiment, after attacker listens to the communication between smart card and background server, in effective time
It retransmits in range window in smart card C and background server SBBetween the capture message transmitted, start parallel session with mould
Imitative legitimate user logs in background server.Attacker can not create effective new login message, because each new session is random
Key k1And k2It is all new.Therefore, this method is safe for Parallel attacks.
If attacker eavesdrops discovery
He can not obtain unique identifier IDCValue because he does not know shared key K and random key k1, k2.Due to background service
Device SBStore unique identifier IDC, background server SBUnique identifier ID can be passed throughCJudge EK((k1||k2||IDC)||Connection between smart card C, to prevent from forging and reset.Therefore, backstage
Server SBIt can detecte and prevent forgery and Replay Attack.
If attacker intercepts the output of smart card
In authen session next time, he cannot be disguised as legal reader, because of random key k1And k2It can be sent out in each session
Changing.Using AES encryption algorithm to message encryption, even if output is captured by attacker, smart card unique identifying number IDCWith with
Secret key k1, k2Also it is protected.Therefore, this method is not easy to be ravesdropping.
In another embodiment, the identity identifying method further includes password update step, the password update step
It further comprise that when user needs to change password, smart card C is inserted into card reader R by userCIn and input user password P, intelligence
Card C compares whether user password P is equal to the user password P ' being stored in smart card C, refuses to change if unequal close
The request of code, smart card C and card reader RCBetween there is no data exchange;If equal, user can input new user password P 'n,
The smart card C new user password P 'nInstead of the user password P ' stored in smart card C, change of secret code is completed.
In another embodiment, the improved ECC endorsement method specifically refers to:
Step 1), transmitting terminal A select random number k, k ∈ [1, p-1];
Step 2) calculates r=kG (x, y)=(x1, y1), if r=0, return to step 1);
Step 3), the abstract for calculating message m, i.e. h=H (m);
Step 4) calculates s=k-hrdAIf s=0 goes to step 1);
Step 5), (r, s) conduct, which signs to be attached to after m, is sent to receiving end B;
Wherein, p is prime number;G (x, y) is a basic point on elliptic curve;R is a part to message m signature;H is
The abstract of message m;H () indicates hash function;DA is the private key of transmitting terminal A;S is another part to message m signature;(r, s)
For the signature of message m.
For the embodiment, using improved ECC endorsement method, without carrying out mould inverse operation, it is possible to reduce operation is negative
Load, improves efficiency.It is wanted in addition, first being picked to message m, then signature and sign test is carried out to abstract, this have the advantage that raisings
Calculating speed has been saved the time, and in this way because the length of abstract is less than the length of clear-text message m when calculating s
The safety of signature is also improved, because one-way Hash function is irreversible, even if attacker obtains the abstract of message m,
Message m can not therefrom be solved.
In another embodiment, improved ECC verifying signature specifically refers to:
1) receiving end B first judges whether r and s is integer in section [1, p-1], if any one examines failure, refuses
Signature absolutely, otherwise continues;
2) h '=H (m) is calculated;
3) r '=sG (x, y)+h ' rQ is calculatedA;
4) receive signature when r '=r, otherwise refusal signature;
Wherein, p is prime number;G (x, y) is a basic point on elliptic curve;R ' is a part to message m signature;h′
It is the abstract of message m;S is another part to message m signature;(r, s) is the signature of message m;H () indicates hash function;QA
It is the public key of transmitting terminal A.
For the embodiment, endorsement method is verified using improved ECC, without carrying out mould inverse operation, it is possible to reduce fortune
Burden is calculated, is improved efficiency.
In another embodiment, the efficiency of this method and other certificate schemes and the comparison of safety are given.
Compared with table 1 is the efficiency between this method and other schemes.In table 1, Te、Th、TmAnd TaIt is exponentiation respectively, breathes out
Time needed for the signed magnitude arithmetic(al) of uncommon, elliptic curve multiplication and elliptic curve point, TAESIt is AES encryption and decryption operation in this method
The required time.In general, the time complexity of these operations can roughly be expressed as Te> Th> > Tm> Ta.It can be with from table 1
Find out, the time complexity of this method is lower in each scheme.
Table 2 is this method compared with the safety of other schemes, and as can be seen from Table 2, this method can be resisted in table and be arranged
All attacks out have higher safety.
Table 1
Table 2
Although embodiment of the present invention is described in conjunction with attached drawing above, the invention is not limited to above-mentioned
Specific embodiments and applications field, above-mentioned specific embodiment are only schematical, directiveness, rather than restricted
's.Those skilled in the art are under the enlightenment of this specification and in the range for not departing from the claims in the present invention and being protected
In the case where, a variety of forms can also be made, these belong to the column of protection of the invention.
Claims (8)
1. a kind of identity identifying method based on smart card, including registration step, login step and authenticating step, wherein
Registration step includes, and user is to backstage server SBRegistration, background server SBSmart card C, each intelligence are provided to user
Blocking storage in C, there are two newest random key k1, k2With the unique identifier ID of smart cardC;
Login step includes that smart card C is inserted into card reader R by userCIn to log in background server SB;
Authenticating step includes, after logining successfully, authentication smart card C and background server SBLegitimacy, wherein it is described two
Random key k1, k2It is digitally signed using improved ECC endorsement method, while being calculated using shared key K by AES encryption
Method is to digital certificate, random key k1, k2And signature carries out whole encryption, and in smart card C to background server SBIt authenticates successfully
Afterwards and background server SBIt is intended to update random key k after authenticating successfully smart card C1, k2。
2. according to the method described in claim 1, the registration step further comprises:
Preferably, the smart card C is background server SBUse unique identifier IDC, shared key K, user password P ' and two
A random key k1, k2Pass through what exit passageway was sent to user after carrying out personal settings to smart card C;
Wherein, user password P ' is not stored in background server SBDatabase in, and be stored in smart card C, smart card C
With background server SBDatabase in all store described two random key k1, k2, unique identifier IDCWith as shared
The AES encryption key K of key.
3. institute's method according to claim 1, the login step further comprises:
User inputs user password P, and smart card C compares whether user password P is equal to the user password being stored in smart card C
P ', smart card C refuses logging request and smart card C and card reader R if unequalCBetween there is no data exchange, otherwise
Card reader RCTo backstage server SBSend logging request.
4. according to the method described in claim 1, wherein, joined hardware function on smart card C and carried out more to random key
New operation.
5. according to the method described in claim 1, the authenticating step further comprises:
Step 1, background server SBUse own private keyBy improved ECC endorsement method to random key k1, k2It signs
It arrivesWith shared key K by AES encryption algorithm to random key k1, k2,
With background server SBCertificateEncryption, is sent to card reader R for encrypted messageC, card reader RCMessage is sent
Give smart card C;
After step 2, smart card C receive message, it is decrypted with shared key K, obtains random key k1, k2, signatureWith background server SBCertificateFirst verify background server SBCertificate it is legal
Property, it is legal, take out background server SBCertificate in SBPublic keyImproved ECC verifying signature is completed, this is improved
The random key k that ECC verifying will acquire after signing successfully1, k2With the random key k of smart card C storage inside1, k2Compared
Compared with unanimously then to card reader RCIt is proved to be successful, otherwise fails;
Step 3, to card reader RCAfter verifying terminates, smart card C own private key SKCBy improved ECC endorsement method to
Secret key k1, k2With unique identifier IDCSignature obtainsPass through AES encryption with shared key K
Algorithm is to random key k1, k2With unique identifier IDC, signatureWith the certificate of smart card C
CertCEncryption, is sent to card reader R for encrypted messageC, then updated with the Sharing Function f () being solidificated on smart card C
Random key k1, k2;
Step 4, card reader RCThe ciphertext that will directly receive
It is transmitted to background server SB;
Step 5, background server SBThe message received is decrypted with shared key K to obtain random key k1, k2, unique identification
Accord with IDC, signatureWith the certificate Cert of smart card CC;First verify the certificate Cert of smart card Cc's
Legitimacy, it is legal, take out the certificate Cert of smart card CCIn smart card C public key PKCRealize improved ECC verifying label
Name, improved ECC verifying sign successfully after by unique identifier IDCWith background server SBThe unique identification of storage inside
SymbolCompare, unanimously then verifies random key k1And k2Whether background server S is equal toBThe random key k of storage inside1With
k2, it is equal, smart card C is proved to be successful, then with being stored in background server SBIn Sharing Function f () update with secret
Key k1, k2。
6. according to the method described in claim 1, the identity identifying method further includes password update step, the password update
Step further comprises, when user needs to change password, smart card C is inserted into card reader R by userCIn and input user password P,
Smart card C compares whether user password P is equal to the user password P ' being stored in smart card C, refuses more if unequal
Change the request of password, smart card C and card reader RCBetween there is no data exchange;If equal, it is close that user can input new user
Code P 'n, the smart card C new user password P 'nInstead of the user password P ' stored in smart card C, change of secret code is completed.
7. according to the method described in claim 1, wherein, the improved ECC endorsement method specifically refers to:
Step 1), transmitting terminal A select random number k, k ∈ [1, p-1];
Step 2) calculates r=kG (x, y)=(x1, y1), if r=0, return to step 1);
Step 3), the abstract for calculating message m, i.e. h=H (m);
Step 4) calculates s=k-hrdAIf s=0 goes to step 1);
Step 5), (r, s) conduct, which signs to be attached to after m, is sent to receiving end B;
Wherein, p is prime number;G (x, y) is a basic point on elliptic curve;R is a part to message m signature;H is message m
Abstract;H () indicates hash function;DA is the private key of transmitting terminal A;S is another part to message m signature;(r, s) is to disappear
Cease the signature of m.
8. according to the method described in claim 5, wherein, improved ECC verifying signature specifically refers to:
1) receiving end B first judges whether r and s is integer in section [1, p-1], if any one examines failure, refuses to sign
Name, otherwise continues;
2) h '=H (m) is calculated;
3) r '=sG (x, y)+h ' rQ is calculatedA;
4) receive signature when r '=r, otherwise refusal signature;
Wherein, p is prime number;G (x, y) is a basic point on elliptic curve;R ' is a part to message m signature;H ' is to disappear
Cease the abstract of m;S is another part to message m signature;(r, s) is the signature of message m;H () indicates hash function;QAIt is hair
The public key of sending end A.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910255283.7A CN110020524B (en) | 2019-03-31 | 2019-03-31 | Bidirectional authentication method based on smart card |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910255283.7A CN110020524B (en) | 2019-03-31 | 2019-03-31 | Bidirectional authentication method based on smart card |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110020524A true CN110020524A (en) | 2019-07-16 |
CN110020524B CN110020524B (en) | 2021-05-18 |
Family
ID=67190317
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910255283.7A Active CN110020524B (en) | 2019-03-31 | 2019-03-31 | Bidirectional authentication method based on smart card |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110020524B (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111314081A (en) * | 2020-01-16 | 2020-06-19 | 西安邮电大学 | Lightweight elliptic curve digital signature method for Internet of things equipment |
CN112241633A (en) * | 2019-07-17 | 2021-01-19 | 杭州海康威视数字技术股份有限公司 | Bidirectional authentication implementation method and system for non-contact smart card |
CN111932285B (en) * | 2020-09-28 | 2021-02-09 | 四川省数字证书认证管理中心有限公司 | Anti-counterfeiting verification method based on digital signature technology |
CN112770321A (en) * | 2021-01-18 | 2021-05-07 | 四川长虹电器股份有限公司 | Internet of things equipment authentication and secure transmission method, computer equipment and storage medium |
CN113364585A (en) * | 2021-06-04 | 2021-09-07 | 晶澄微电子(宁波)有限公司 | ECC authentication method and system for reducing modular inverse computation |
CN114900288A (en) * | 2022-05-23 | 2022-08-12 | 科大天工智能装备技术(天津)有限公司 | Industrial environment authentication method based on edge service |
CN115622779A (en) * | 2022-10-13 | 2023-01-17 | 杭州光海科技有限公司 | Low-cost campus card information transmission method |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103780393A (en) * | 2014-01-15 | 2014-05-07 | 重庆邮电大学 | Virtual-desktop security certification system and method facing multiple security levels |
CN104506483A (en) * | 2014-10-21 | 2015-04-08 | 中兴通讯股份有限公司 | Method for encrypting and decrypting information and managing secret key as well as terminal and network server |
CN104901809A (en) * | 2015-04-23 | 2015-09-09 | 北京航空航天大学 | Remote authentication protocol method based on password and intelligent card |
CN105072110A (en) * | 2015-08-06 | 2015-11-18 | 山东科技大学 | Two-factor remote identity authentication method based on smart card |
KR101609274B1 (en) * | 2014-02-20 | 2016-04-05 | 류창화 | Smart card, smart authentication server and smart card authentication method |
CN106027457A (en) * | 2015-11-10 | 2016-10-12 | 天地融科技股份有限公司 | Identity card information transmission method and system |
-
2019
- 2019-03-31 CN CN201910255283.7A patent/CN110020524B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103780393A (en) * | 2014-01-15 | 2014-05-07 | 重庆邮电大学 | Virtual-desktop security certification system and method facing multiple security levels |
KR101609274B1 (en) * | 2014-02-20 | 2016-04-05 | 류창화 | Smart card, smart authentication server and smart card authentication method |
CN104506483A (en) * | 2014-10-21 | 2015-04-08 | 中兴通讯股份有限公司 | Method for encrypting and decrypting information and managing secret key as well as terminal and network server |
CN104901809A (en) * | 2015-04-23 | 2015-09-09 | 北京航空航天大学 | Remote authentication protocol method based on password and intelligent card |
CN105072110A (en) * | 2015-08-06 | 2015-11-18 | 山东科技大学 | Two-factor remote identity authentication method based on smart card |
CN106027457A (en) * | 2015-11-10 | 2016-10-12 | 天地融科技股份有限公司 | Identity card information transmission method and system |
Non-Patent Citations (5)
Title |
---|
严佳韵: ""基于椭圆曲线的快速数字签名算法"", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
刘亮: ""基于公钥密码体制的移动支付安全协议研究"", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
李海峰 等: "《现代密码学原理及应用》", 30 June 2013, 国防工业出版社 * |
杨小宝 等: ""一种多应用智能卡数据的保护方法"", 《智慧家庭与城市》 * |
杨小宝 等: ""基于智能卡的云终端设备安全接入"", 《西安邮电大学学报》 * |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112241633A (en) * | 2019-07-17 | 2021-01-19 | 杭州海康威视数字技术股份有限公司 | Bidirectional authentication implementation method and system for non-contact smart card |
CN112241633B (en) * | 2019-07-17 | 2023-03-14 | 杭州海康威视数字技术股份有限公司 | Bidirectional authentication implementation method and system for non-contact smart card |
CN111314081A (en) * | 2020-01-16 | 2020-06-19 | 西安邮电大学 | Lightweight elliptic curve digital signature method for Internet of things equipment |
CN111932285B (en) * | 2020-09-28 | 2021-02-09 | 四川省数字证书认证管理中心有限公司 | Anti-counterfeiting verification method based on digital signature technology |
CN112770321A (en) * | 2021-01-18 | 2021-05-07 | 四川长虹电器股份有限公司 | Internet of things equipment authentication and secure transmission method, computer equipment and storage medium |
CN113364585A (en) * | 2021-06-04 | 2021-09-07 | 晶澄微电子(宁波)有限公司 | ECC authentication method and system for reducing modular inverse computation |
CN114900288A (en) * | 2022-05-23 | 2022-08-12 | 科大天工智能装备技术(天津)有限公司 | Industrial environment authentication method based on edge service |
CN114900288B (en) * | 2022-05-23 | 2023-08-25 | 北京科技大学 | Industrial environment authentication method based on edge service |
CN115622779A (en) * | 2022-10-13 | 2023-01-17 | 杭州光海科技有限公司 | Low-cost campus card information transmission method |
Also Published As
Publication number | Publication date |
---|---|
CN110020524B (en) | 2021-05-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8689290B2 (en) | System and method for securing a credential via user and server verification | |
CN107360571B (en) | Method for anonymous mutual authentication and key agreement protocol in mobile network | |
CN110020524A (en) | A kind of mutual authentication method based on smart card | |
CN110932870B (en) | Quantum communication service station key negotiation system and method | |
CN101902476B (en) | Method for authenticating identity of mobile peer-to-peer user | |
CN108270571A (en) | Internet of Things identity authorization system and its method based on block chain | |
CN109327313A (en) | A kind of Bidirectional identity authentication method with secret protection characteristic, server | |
US20030041244A1 (en) | Method for securing communications between a terminal and an additional user equipment | |
CN108418691A (en) | Dynamic network identity identifying method based on SGX | |
KR20120101523A (en) | Secure multi-uim authentication and key exchange | |
CN109359464B (en) | Wireless security authentication method based on block chain technology | |
CN113301022B (en) | Internet of things equipment identity security authentication method based on block chain and fog calculation | |
CN111404664A (en) | Quantum secret communication identity authentication system and method based on secret sharing and multiple mobile devices | |
CN110505055A (en) | Based on unsymmetrical key pond to and key card outer net access identity authentication method and system | |
CN111416712B (en) | Quantum secret communication identity authentication system and method based on multiple mobile devices | |
JP2016522637A (en) | Secured data channel authentication that implies a shared secret | |
Liou et al. | T-auth: A novel authentication mechanism for the IoT based on smart contracts and PUFs | |
CN111245611B (en) | Anti-quantum computation identity authentication method and system based on secret sharing and wearable equipment | |
Tsague et al. | An advanced mutual-authentication algorithm using 3DES for smart card systems | |
CN116388995A (en) | Lightweight smart grid authentication method based on PUF | |
CN106230840A (en) | A kind of command identifying method of high security | |
Srinivas et al. | An authentication framework for roaming service in global mobility networks | |
CN115001658A (en) | Credible subway identity authentication and access control method under unstable network environment | |
CN114666114A (en) | Mobile cloud data security authentication method based on biological characteristics | |
CN110572257B (en) | Identity-based data source identification method and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |