CN110020524A - A kind of mutual authentication method based on smart card - Google Patents

A kind of mutual authentication method based on smart card Download PDF

Info

Publication number
CN110020524A
CN110020524A CN201910255283.7A CN201910255283A CN110020524A CN 110020524 A CN110020524 A CN 110020524A CN 201910255283 A CN201910255283 A CN 201910255283A CN 110020524 A CN110020524 A CN 110020524A
Authority
CN
China
Prior art keywords
smart card
background server
key
signature
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910255283.7A
Other languages
Chinese (zh)
Other versions
CN110020524B (en
Inventor
杨小宝
惠小强
刘圆
王敏
刘亚雪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xian University of Posts and Telecommunications
Original Assignee
Xian University of Posts and Telecommunications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xian University of Posts and Telecommunications filed Critical Xian University of Posts and Telecommunications
Priority to CN201910255283.7A priority Critical patent/CN110020524B/en
Publication of CN110020524A publication Critical patent/CN110020524A/en
Application granted granted Critical
Publication of CN110020524B publication Critical patent/CN110020524B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards

Abstract

A kind of identity identifying method based on smart card, including registration step, login step and authenticating step, wherein, registration step includes, user is to backstage server registration, background server provides smart card to user, and there are two the unique identifiers of newest random key and smart card for storage in each smart card;Login step includes that smart card is inserted into card reader to log in background server by user;Authenticating step includes, after logining successfully, the legitimacy of authentication smart card and background server, wherein, described two random keys are digitally signed using improved ECC endorsement method, whole encryption is carried out to digital certificate, random key and signature by AES encryption algorithm using shared key, and updates random key after smart card authenticates successfully background server and after background server is successful to smart card authentication.This method can resist the various attacks such as common go-between, parallel session, forgery and playback, improve the safety and efficiency of verification process.

Description

A kind of mutual authentication method based on smart card
Technical field
The disclosure belongs to secure identity understanding and communication technique field, and in particular to a kind of two-way authentication based on smart card Method.
Background technique
With the fast development of smart card industry, application of IC cards is more and more extensive, therefore guarantees that smart card is set with outside Being mutually authenticated between standby is most important to the safe transmission of data.Since Lamport has been put forward for the first time in 1981 based on not After the remote password authentication agreement of exit passageway, there are Many researchers to propose remote user authentication agreement to improve data friendship The safety changed.2014, Huang H F et al. proposed a kind of improved, intelligent card subscriber authenticating party based on timestamp Case, remote server do not need to provide any verification information for user, can resist all possible attack safely.But Amin Et al. discovery Huang H F scheme can not safely resist offline cryptogram conjecture, internal staff and forge three kinds attack.2014 Year, Islam et al. proposes one kind safely and flexibly, and the smart card remote user of the elliptic curve cipher based on dynamic I D is two-way Certificate scheme.2015, Sarvabhatla et al. pointed out that Islam scheme can not resist the keys such as password conjecture, user's simulation and attack It hits, and proposes a kind of smart card mutual authentication schemes based on dynamic I D, all cryptographic attacks can be resisted.Recently, Luo Et al. propose a kind of efficient identity of the smart card security based on elliptic curve cryptosystem and be mutually authenticated scheme, can overcome The defect of Islam scheme, and user anonymity is provided and is mutually authenticated.2015, HuangB et al. proposed a kind of based on ellipse The key protocol certificate scheme of curve cryptography system, the program can resist card and be stolen and pretend to be attack.Chaudhry et al. is pointed out Huang B scheme still may be influenced by pretending to be with forgery attack, and proposed one kind and can be resisted impersonation attack and mention For enough safeties, while reducing the improvement project for calculating cost.2016, Kaul et al. proposed a kind of safety of upgrading Efficient authentication protocol, the program can resist internal attack, the attack such as Denial of Service attack, man-in-the-middle attack.And then Mo Et al. discovery Kaul scheme cannot keep the anonymity of user, the reason is that the client ID number in authentication phase message is not hidden Hiding.
It is many to be suggested using the certificate scheme of ECC system in order to improve the authentication efficiency of smart card and external equipment, and It is constantly iterated and improves, to save authenticated time, improve authentication efficiency.To sum up, current smart cards application authorization mistake Cheng Zhong has that the attacks such as go-between, parallel session, forgery and playback cause information leakage, exists simultaneously authenticated time The problem of long low efficiency.
Summary of the invention
In consideration of it, present disclose provides a kind of identity identifying method based on smart card, including registration step, login step And authenticating step, wherein
Registration step includes, and user is to backstage server SBRegistration, background server SBSmart card C is provided to user, each There are two newest random key k for storage in smart card C1, k2With the unique identifier ID of smart cardC
Login step includes that smart card C is inserted into card reader R by userCIn to log in background server SB
Authenticating step includes, after logining successfully, authentication smart card C and background server SBLegitimacy, wherein it is described Two random key k1, k2It is digitally signed using improved ECC endorsement method, while being added using shared key K by AES Close algorithm is to digital certificate, random key k1, k2And signature carries out whole encryption, and in smart card C to background server SBCertification Success after and background server SBIt is intended to update random key k after authenticating successfully smart card C1, k2
Through the above technical solutions, can not only to resist go-between, parallel session, forgery and playback etc. common for this method Attack, and have calculation amount small, processing speed is fast, and it is small to occupy memory space, digital signature procedure time short advantage.
Detailed description of the invention
Fig. 1 is a kind of process signal of the identity identifying method based on smart card provided in an embodiment of the present disclosure Figure;
Fig. 2 is the flow diagram of specific verification process provided in an embodiment of the present disclosure.
Specific embodiment
The present invention is further described in detail with reference to the accompanying drawing.
In one embodiment, referring to Fig. 1, it discloses a kind of identity identifying methods based on smart card, including registration Step, login step and authenticating step, wherein
Registration step includes, and user is to backstage server SBRegistration, background server SBSmart card C is provided to user, each There are two newest random key k for storage in smart card C1, k2With the unique identifier ID of smart cardC
Login step includes that smart card C is inserted into card reader R by userCIn to log in background server SB
Authenticating step includes, after logining successfully, authentication smart card C and background server SBLegitimacy, wherein it is described Two random key k1, k2It is digitally signed using improved ECC endorsement method, while being added using shared key K by AES Close algorithm is to digital certificate, random key k1, k2And signature carries out whole encryption, and in smart card C to background server SBCertification Success after and background server SBIt is intended to update random key k after authenticating successfully smart card C1, k2
For the embodiment, most of smart cards carry out encryption data using DES or 3DES algorithm.DES is used only 56 Key, a bit in each of 8 eight bit bytes for the odd parity in each eight bit byte, this Weakness is easy to be utilized by attack and other known methods, therefore DES also becomes a kind of unsafe block cipher.3DES is to be based on The Encryption Algorithm of DES, so that the limitation of 64 byte of block length causes to realize that speed is slower, during AES encryption, every wheel all makes With displacement and alternative networks, it is suitable for hardware and software and realizes.Therefore, AES is introduced to replace DES and 3DES, can improve we The safety of information and initial data in method.
In ECC signature process, inversion operation needs to spend longer time.Use improved ECC signature scheme logarithm During signature, transmitting terminal calculates s=k-hrd when signingA, and r '=sG+h ' rQ is calculated in certification end sign testA=(k- hrdA)G+h′rdAG=kG=r has calculation amount small it follows that improved ECC signature scheme does not need mould inverse operation, place It is fast to manage speed, occupancy memory space is small, the fireballing advantage of digital signature procedure.
It is understood that the present embodiment is in verification process, using improved ECC endorsement method to random key k1, k2It carries out Digital signature verifies signature by public key in certification end, ensure that random key k1, k2The legitimacy in source, avoids The threat changed in transmission process by attacker.Authentication information before transmitting, is encrypted with AES symmetric key algorithm, is made Safety in transmission process has obtained very big promotion.Aes algorithm variable-key, can independently be appointed as 128bits, 192bits,256bits.Because of the use of long key, a possibility that relieving exhaustive attack at this stage, and have stable Fundamentals of Mathematics have the intensity of anti-cryptanalysis.
In addition, each smart card has oneself unique identification data i.e. unique identifier, user data privacy ensure that And location privacy.
In another embodiment, the registration step further comprises: the smart card C is background server SBIt uses Unique identifier IDC, shared key K, user password P ' and two random key k1, k2After carrying out personal settings to smart card C It is sent by exit passageway to user;Wherein, user password P ' is not stored in background server SBDatabase in, but deposit Storage is in smart card C, smart card C and background server SBDatabase in all store described two random key k1, k2, only One identifier IDCWith the AES encryption key K as shared key.
Wherein, raw information to be transmitted is carried out encryption and is packed into nested again after protocol encapsulation processing by exit passageway The data packet of another agreement is sent into network, is transmitted as general data packet.By such processing, only source Explanation and processing are able to carry out to the nest information in channel with the user of destination, and are only not intended to for other users The information of justice.
For the embodiment, illegal card reader RCSmart card C and background server S can not be served asBBetween centre People, because only that when he knows shared key K and random key k1, k2Shi Caineng decrypts the information intercepted, and attacker is come It says, it is highly difficult for finding these parameters, because these parameters are only in smart card C and background server SBBetween share.Therefore, This method can prevent illegal card reader RCMan-in-the-middle attack.
If background server stores user password P ', when safeguarding P ', there are the risks that password is stolen.This method It does not need user password P ' being stored in background server SBIn, it is thus eliminated that the risk that password is stolen.Therefore, this method pair It is also safety in internaling attack.
In another embodiment, the login step further comprises: user inputs user password P, and smart card C compares Whether user password P is equal to the user password P ' being stored in smart card C, and smart card C refusal, which logs in, if unequal asks It asks and smart card C and card reader RCBetween there is no data exchange, otherwise card reader RCTo backstage server SBIt sends to log in and ask It asks.
In another embodiment, it joined hardware function on smart card C and operation be updated to random key.
For the embodiment, the validity of key updating ensure that.After smart card will authenticate message transmission, need more The random key of new storage inside, therefore introduce the function f () being solidificated in smart card hardware and update random key k1, k2, It avoids due to the problem of key updating fails when smartcard internal breaks down.
Referring to fig. 2, in another embodiment, the authenticating step further comprises:
Step 1, background server SBUse own private keyBy improved ECC endorsement method to random key k1, k2 Signature obtainsWith shared key K by AES encryption algorithm to random key k1, k2,With background server SBCertificateEncryption, is sent to card reader R for encrypted messageC, Card reader RCTransmit the message to smart card C;
After step 2, smart card C receive message, it is decrypted with shared key K, obtains random key k1, k2, signatureWith background server SBCertificateFirst verify background server SBCertificate it is legal Property, it is legal, take out background server SBCertificate in SBPublic keyComplete improved ECC verifying signature, the improvement ECC verifying sign successfully the random key k that will acquire later1, k2With the random key k of smart card C storage inside1, k2It carries out Compare, unanimously then to card reader RCIt is proved to be successful, otherwise fails;
Step 3, to card reader RCAfter verifying terminates, smart card C own private key SKCPass through improved ECC endorsement method To random key k1, k2With unique identifier IDCSignature obtainsPassed through with shared key K AES encryption algorithm is to random key k1, k2With unique identifier IDC, signatureWith smart card C's Certificate CertCEncryption, is sent to card reader R for encrypted messageC, then with the Sharing Function f () being solidificated on smart card C Update random key k1, k2
Step 4, card reader RCThe ciphertext E that will directly receiveK((k1||k2||IDC)|| It is transmitted to background server SB
Step 5, background server SBThe message received is decrypted with shared key K to obtain random key k1, k2, uniquely Identifier IDC, signatureWith the certificate Cert of smart card CC;First verify the certificate of smart card C CertCLegitimacy, it is legal, take out the certificate Cert of smart card CCIn smart card C public key PKCRealize improved ECC Verifying signature, improved ECC verifying sign successfully after by unique identifier IDCWith background server SBStorage inside is only One identifierCompare, unanimously then verifies random key k1And k2Whether background server S is equal toBThe random key of storage inside k1And k2, it is equal, smart card C is proved to be successful, then with being stored in background server SBIn Sharing Function f () update with Secret key k1, k2
Wherein, f () function updates k in accordance with the following methods1And k2: Wherein h () is One-Way Encryption hash function, h (IDC) it is unique identification to smart card Accord with IDCIt picks and wants.
In the method, smart card C is by comparing message In k1、k2With the random key k stored in smart card C1、k2Verify background server SBLegitimacy.Equally, background server SBBy comparing messageIn IDC、k1、k2 With background server SBThe unique identifier ID of middle storageCWith random key k1、k2Verify the legitimacy of smart card C.Therefore, originally It include smart card C and background server S in methodBBetween authentication.
For the embodiment, after attacker listens to the communication between smart card and background server, in effective time It retransmits in range window in smart card C and background server SBBetween the capture message transmitted, start parallel session with mould Imitative legitimate user logs in background server.Attacker can not create effective new login message, because each new session is random Key k1And k2It is all new.Therefore, this method is safe for Parallel attacks.
If attacker eavesdrops discovery He can not obtain unique identifier IDCValue because he does not know shared key K and random key k1, k2.Due to background service Device SBStore unique identifier IDC, background server SBUnique identifier ID can be passed throughCJudge EK((k1||k2||IDC)||Connection between smart card C, to prevent from forging and reset.Therefore, backstage Server SBIt can detecte and prevent forgery and Replay Attack.
If attacker intercepts the output of smart card In authen session next time, he cannot be disguised as legal reader, because of random key k1And k2It can be sent out in each session Changing.Using AES encryption algorithm to message encryption, even if output is captured by attacker, smart card unique identifying number IDCWith with Secret key k1, k2Also it is protected.Therefore, this method is not easy to be ravesdropping.
In another embodiment, the identity identifying method further includes password update step, the password update step It further comprise that when user needs to change password, smart card C is inserted into card reader R by userCIn and input user password P, intelligence Card C compares whether user password P is equal to the user password P ' being stored in smart card C, refuses to change if unequal close The request of code, smart card C and card reader RCBetween there is no data exchange;If equal, user can input new user password P 'n, The smart card C new user password P 'nInstead of the user password P ' stored in smart card C, change of secret code is completed.
In another embodiment, the improved ECC endorsement method specifically refers to:
Step 1), transmitting terminal A select random number k, k ∈ [1, p-1];
Step 2) calculates r=kG (x, y)=(x1, y1), if r=0, return to step 1);
Step 3), the abstract for calculating message m, i.e. h=H (m);
Step 4) calculates s=k-hrdAIf s=0 goes to step 1);
Step 5), (r, s) conduct, which signs to be attached to after m, is sent to receiving end B;
Wherein, p is prime number;G (x, y) is a basic point on elliptic curve;R is a part to message m signature;H is The abstract of message m;H () indicates hash function;DA is the private key of transmitting terminal A;S is another part to message m signature;(r, s) For the signature of message m.
For the embodiment, using improved ECC endorsement method, without carrying out mould inverse operation, it is possible to reduce operation is negative Load, improves efficiency.It is wanted in addition, first being picked to message m, then signature and sign test is carried out to abstract, this have the advantage that raisings Calculating speed has been saved the time, and in this way because the length of abstract is less than the length of clear-text message m when calculating s The safety of signature is also improved, because one-way Hash function is irreversible, even if attacker obtains the abstract of message m, Message m can not therefrom be solved.
In another embodiment, improved ECC verifying signature specifically refers to:
1) receiving end B first judges whether r and s is integer in section [1, p-1], if any one examines failure, refuses Signature absolutely, otherwise continues;
2) h '=H (m) is calculated;
3) r '=sG (x, y)+h ' rQ is calculatedA
4) receive signature when r '=r, otherwise refusal signature;
Wherein, p is prime number;G (x, y) is a basic point on elliptic curve;R ' is a part to message m signature;h′ It is the abstract of message m;S is another part to message m signature;(r, s) is the signature of message m;H () indicates hash function;QA It is the public key of transmitting terminal A.
For the embodiment, endorsement method is verified using improved ECC, without carrying out mould inverse operation, it is possible to reduce fortune Burden is calculated, is improved efficiency.
In another embodiment, the efficiency of this method and other certificate schemes and the comparison of safety are given.
Compared with table 1 is the efficiency between this method and other schemes.In table 1, Te、Th、TmAnd TaIt is exponentiation respectively, breathes out Time needed for the signed magnitude arithmetic(al) of uncommon, elliptic curve multiplication and elliptic curve point, TAESIt is AES encryption and decryption operation in this method The required time.In general, the time complexity of these operations can roughly be expressed as Te> Th> > Tm> Ta.It can be with from table 1 Find out, the time complexity of this method is lower in each scheme.
Table 2 is this method compared with the safety of other schemes, and as can be seen from Table 2, this method can be resisted in table and be arranged All attacks out have higher safety.
Table 1
Table 2
Although embodiment of the present invention is described in conjunction with attached drawing above, the invention is not limited to above-mentioned Specific embodiments and applications field, above-mentioned specific embodiment are only schematical, directiveness, rather than restricted 's.Those skilled in the art are under the enlightenment of this specification and in the range for not departing from the claims in the present invention and being protected In the case where, a variety of forms can also be made, these belong to the column of protection of the invention.

Claims (8)

1. a kind of identity identifying method based on smart card, including registration step, login step and authenticating step, wherein
Registration step includes, and user is to backstage server SBRegistration, background server SBSmart card C, each intelligence are provided to user Blocking storage in C, there are two newest random key k1, k2With the unique identifier ID of smart cardC
Login step includes that smart card C is inserted into card reader R by userCIn to log in background server SB
Authenticating step includes, after logining successfully, authentication smart card C and background server SBLegitimacy, wherein it is described two Random key k1, k2It is digitally signed using improved ECC endorsement method, while being calculated using shared key K by AES encryption Method is to digital certificate, random key k1, k2And signature carries out whole encryption, and in smart card C to background server SBIt authenticates successfully Afterwards and background server SBIt is intended to update random key k after authenticating successfully smart card C1, k2
2. according to the method described in claim 1, the registration step further comprises:
Preferably, the smart card C is background server SBUse unique identifier IDC, shared key K, user password P ' and two A random key k1, k2Pass through what exit passageway was sent to user after carrying out personal settings to smart card C;
Wherein, user password P ' is not stored in background server SBDatabase in, and be stored in smart card C, smart card C With background server SBDatabase in all store described two random key k1, k2, unique identifier IDCWith as shared The AES encryption key K of key.
3. institute's method according to claim 1, the login step further comprises:
User inputs user password P, and smart card C compares whether user password P is equal to the user password being stored in smart card C P ', smart card C refuses logging request and smart card C and card reader R if unequalCBetween there is no data exchange, otherwise Card reader RCTo backstage server SBSend logging request.
4. according to the method described in claim 1, wherein, joined hardware function on smart card C and carried out more to random key New operation.
5. according to the method described in claim 1, the authenticating step further comprises:
Step 1, background server SBUse own private keyBy improved ECC endorsement method to random key k1, k2It signs It arrivesWith shared key K by AES encryption algorithm to random key k1, k2, With background server SBCertificateEncryption, is sent to card reader R for encrypted messageC, card reader RCMessage is sent Give smart card C;
After step 2, smart card C receive message, it is decrypted with shared key K, obtains random key k1, k2, signatureWith background server SBCertificateFirst verify background server SBCertificate it is legal Property, it is legal, take out background server SBCertificate in SBPublic keyImproved ECC verifying signature is completed, this is improved The random key k that ECC verifying will acquire after signing successfully1, k2With the random key k of smart card C storage inside1, k2Compared Compared with unanimously then to card reader RCIt is proved to be successful, otherwise fails;
Step 3, to card reader RCAfter verifying terminates, smart card C own private key SKCBy improved ECC endorsement method to Secret key k1, k2With unique identifier IDCSignature obtainsPass through AES encryption with shared key K Algorithm is to random key k1, k2With unique identifier IDC, signatureWith the certificate of smart card C CertCEncryption, is sent to card reader R for encrypted messageC, then updated with the Sharing Function f () being solidificated on smart card C Random key k1, k2
Step 4, card reader RCThe ciphertext that will directly receive It is transmitted to background server SB
Step 5, background server SBThe message received is decrypted with shared key K to obtain random key k1, k2, unique identification Accord with IDC, signatureWith the certificate Cert of smart card CC;First verify the certificate Cert of smart card Cc's Legitimacy, it is legal, take out the certificate Cert of smart card CCIn smart card C public key PKCRealize improved ECC verifying label Name, improved ECC verifying sign successfully after by unique identifier IDCWith background server SBThe unique identification of storage inside SymbolCompare, unanimously then verifies random key k1And k2Whether background server S is equal toBThe random key k of storage inside1With k2, it is equal, smart card C is proved to be successful, then with being stored in background server SBIn Sharing Function f () update with secret Key k1, k2
6. according to the method described in claim 1, the identity identifying method further includes password update step, the password update Step further comprises, when user needs to change password, smart card C is inserted into card reader R by userCIn and input user password P, Smart card C compares whether user password P is equal to the user password P ' being stored in smart card C, refuses more if unequal Change the request of password, smart card C and card reader RCBetween there is no data exchange;If equal, it is close that user can input new user Code P 'n, the smart card C new user password P 'nInstead of the user password P ' stored in smart card C, change of secret code is completed.
7. according to the method described in claim 1, wherein, the improved ECC endorsement method specifically refers to:
Step 1), transmitting terminal A select random number k, k ∈ [1, p-1];
Step 2) calculates r=kG (x, y)=(x1, y1), if r=0, return to step 1);
Step 3), the abstract for calculating message m, i.e. h=H (m);
Step 4) calculates s=k-hrdAIf s=0 goes to step 1);
Step 5), (r, s) conduct, which signs to be attached to after m, is sent to receiving end B;
Wherein, p is prime number;G (x, y) is a basic point on elliptic curve;R is a part to message m signature;H is message m Abstract;H () indicates hash function;DA is the private key of transmitting terminal A;S is another part to message m signature;(r, s) is to disappear Cease the signature of m.
8. according to the method described in claim 5, wherein, improved ECC verifying signature specifically refers to:
1) receiving end B first judges whether r and s is integer in section [1, p-1], if any one examines failure, refuses to sign Name, otherwise continues;
2) h '=H (m) is calculated;
3) r '=sG (x, y)+h ' rQ is calculatedA
4) receive signature when r '=r, otherwise refusal signature;
Wherein, p is prime number;G (x, y) is a basic point on elliptic curve;R ' is a part to message m signature;H ' is to disappear Cease the abstract of m;S is another part to message m signature;(r, s) is the signature of message m;H () indicates hash function;QAIt is hair The public key of sending end A.
CN201910255283.7A 2019-03-31 2019-03-31 Bidirectional authentication method based on smart card Active CN110020524B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910255283.7A CN110020524B (en) 2019-03-31 2019-03-31 Bidirectional authentication method based on smart card

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910255283.7A CN110020524B (en) 2019-03-31 2019-03-31 Bidirectional authentication method based on smart card

Publications (2)

Publication Number Publication Date
CN110020524A true CN110020524A (en) 2019-07-16
CN110020524B CN110020524B (en) 2021-05-18

Family

ID=67190317

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910255283.7A Active CN110020524B (en) 2019-03-31 2019-03-31 Bidirectional authentication method based on smart card

Country Status (1)

Country Link
CN (1) CN110020524B (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111314081A (en) * 2020-01-16 2020-06-19 西安邮电大学 Lightweight elliptic curve digital signature method for Internet of things equipment
CN112241633A (en) * 2019-07-17 2021-01-19 杭州海康威视数字技术股份有限公司 Bidirectional authentication implementation method and system for non-contact smart card
CN111932285B (en) * 2020-09-28 2021-02-09 四川省数字证书认证管理中心有限公司 Anti-counterfeiting verification method based on digital signature technology
CN112770321A (en) * 2021-01-18 2021-05-07 四川长虹电器股份有限公司 Internet of things equipment authentication and secure transmission method, computer equipment and storage medium
CN113364585A (en) * 2021-06-04 2021-09-07 晶澄微电子(宁波)有限公司 ECC authentication method and system for reducing modular inverse computation
CN114900288A (en) * 2022-05-23 2022-08-12 科大天工智能装备技术(天津)有限公司 Industrial environment authentication method based on edge service
CN115622779A (en) * 2022-10-13 2023-01-17 杭州光海科技有限公司 Low-cost campus card information transmission method

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103780393A (en) * 2014-01-15 2014-05-07 重庆邮电大学 Virtual-desktop security certification system and method facing multiple security levels
CN104506483A (en) * 2014-10-21 2015-04-08 中兴通讯股份有限公司 Method for encrypting and decrypting information and managing secret key as well as terminal and network server
CN104901809A (en) * 2015-04-23 2015-09-09 北京航空航天大学 Remote authentication protocol method based on password and intelligent card
CN105072110A (en) * 2015-08-06 2015-11-18 山东科技大学 Two-factor remote identity authentication method based on smart card
KR101609274B1 (en) * 2014-02-20 2016-04-05 류창화 Smart card, smart authentication server and smart card authentication method
CN106027457A (en) * 2015-11-10 2016-10-12 天地融科技股份有限公司 Identity card information transmission method and system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103780393A (en) * 2014-01-15 2014-05-07 重庆邮电大学 Virtual-desktop security certification system and method facing multiple security levels
KR101609274B1 (en) * 2014-02-20 2016-04-05 류창화 Smart card, smart authentication server and smart card authentication method
CN104506483A (en) * 2014-10-21 2015-04-08 中兴通讯股份有限公司 Method for encrypting and decrypting information and managing secret key as well as terminal and network server
CN104901809A (en) * 2015-04-23 2015-09-09 北京航空航天大学 Remote authentication protocol method based on password and intelligent card
CN105072110A (en) * 2015-08-06 2015-11-18 山东科技大学 Two-factor remote identity authentication method based on smart card
CN106027457A (en) * 2015-11-10 2016-10-12 天地融科技股份有限公司 Identity card information transmission method and system

Non-Patent Citations (5)

* Cited by examiner, † Cited by third party
Title
严佳韵: ""基于椭圆曲线的快速数字签名算法"", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *
刘亮: ""基于公钥密码体制的移动支付安全协议研究"", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *
李海峰 等: "《现代密码学原理及应用》", 30 June 2013, 国防工业出版社 *
杨小宝 等: ""一种多应用智能卡数据的保护方法"", 《智慧家庭与城市》 *
杨小宝 等: ""基于智能卡的云终端设备安全接入"", 《西安邮电大学学报》 *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112241633A (en) * 2019-07-17 2021-01-19 杭州海康威视数字技术股份有限公司 Bidirectional authentication implementation method and system for non-contact smart card
CN112241633B (en) * 2019-07-17 2023-03-14 杭州海康威视数字技术股份有限公司 Bidirectional authentication implementation method and system for non-contact smart card
CN111314081A (en) * 2020-01-16 2020-06-19 西安邮电大学 Lightweight elliptic curve digital signature method for Internet of things equipment
CN111932285B (en) * 2020-09-28 2021-02-09 四川省数字证书认证管理中心有限公司 Anti-counterfeiting verification method based on digital signature technology
CN112770321A (en) * 2021-01-18 2021-05-07 四川长虹电器股份有限公司 Internet of things equipment authentication and secure transmission method, computer equipment and storage medium
CN113364585A (en) * 2021-06-04 2021-09-07 晶澄微电子(宁波)有限公司 ECC authentication method and system for reducing modular inverse computation
CN114900288A (en) * 2022-05-23 2022-08-12 科大天工智能装备技术(天津)有限公司 Industrial environment authentication method based on edge service
CN114900288B (en) * 2022-05-23 2023-08-25 北京科技大学 Industrial environment authentication method based on edge service
CN115622779A (en) * 2022-10-13 2023-01-17 杭州光海科技有限公司 Low-cost campus card information transmission method

Also Published As

Publication number Publication date
CN110020524B (en) 2021-05-18

Similar Documents

Publication Publication Date Title
US8689290B2 (en) System and method for securing a credential via user and server verification
CN107360571B (en) Method for anonymous mutual authentication and key agreement protocol in mobile network
CN110020524A (en) A kind of mutual authentication method based on smart card
CN110932870B (en) Quantum communication service station key negotiation system and method
CN101902476B (en) Method for authenticating identity of mobile peer-to-peer user
CN108270571A (en) Internet of Things identity authorization system and its method based on block chain
CN109327313A (en) A kind of Bidirectional identity authentication method with secret protection characteristic, server
US20030041244A1 (en) Method for securing communications between a terminal and an additional user equipment
CN108418691A (en) Dynamic network identity identifying method based on SGX
KR20120101523A (en) Secure multi-uim authentication and key exchange
CN109359464B (en) Wireless security authentication method based on block chain technology
CN113301022B (en) Internet of things equipment identity security authentication method based on block chain and fog calculation
CN111404664A (en) Quantum secret communication identity authentication system and method based on secret sharing and multiple mobile devices
CN110505055A (en) Based on unsymmetrical key pond to and key card outer net access identity authentication method and system
CN111416712B (en) Quantum secret communication identity authentication system and method based on multiple mobile devices
JP2016522637A (en) Secured data channel authentication that implies a shared secret
Liou et al. T-auth: A novel authentication mechanism for the IoT based on smart contracts and PUFs
CN111245611B (en) Anti-quantum computation identity authentication method and system based on secret sharing and wearable equipment
Tsague et al. An advanced mutual-authentication algorithm using 3DES for smart card systems
CN116388995A (en) Lightweight smart grid authentication method based on PUF
CN106230840A (en) A kind of command identifying method of high security
Srinivas et al. An authentication framework for roaming service in global mobility networks
CN115001658A (en) Credible subway identity authentication and access control method under unstable network environment
CN114666114A (en) Mobile cloud data security authentication method based on biological characteristics
CN110572257B (en) Identity-based data source identification method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant