CN114117527A

CN114117527A - Information authentication method, system, device and readable storage medium

Info

Publication number: CN114117527A
Application number: CN202111417119.5A
Authority: CN
Inventors: 李新宇; 李晓伟; 李彦平; 杨帆; 李雪鹏; 曹瑜
Original assignee: China Banknote Printing Technology Research Institute Co ltd; China Banknote Printing and Minting Corp
Current assignee: China Banknote Printing Technology Research Institute Co ltd; China Banknote Printing and Minting Corp
Priority date: 2021-11-25
Filing date: 2021-11-25
Publication date: 2022-03-01

Abstract

The invention provides an information authentication method, an information authentication system, an information authentication device and a readable storage medium. The information authentication method comprises the following steps: responding to the authentication signal of the information to be authenticated, and generating N pieces of sub information to be authenticated according to the information to be authenticated; authenticating the ith sub-information to be authenticated according to the stored preset authentication key and the acquired authentication key; and authenticating the ith sub information to be authenticated based on the authentication passing of the ith sub information to be authenticated. In the technical scheme of the invention, any one of the N pieces of sub information to be authenticated is authenticated, and any one piece of sub information to be authenticated which passes the authentication is authenticated and debugged, so that a user who executes debugging is a legal user, and the integrity verification of the debugging information to be authenticated is also ensured.

Description

Information authentication method, system, device and readable storage medium

Technical Field

The present disclosure relates to the field of information management, and in particular, to an information authentication method, an information authentication system, an information authentication apparatus, and a readable storage medium.

Background

In the related art, in the authentication process of a message, only one authentication is performed on a first instruction before debugging in a simple challenge-response protocol mode, and the security is low.

Disclosure of Invention

The present application is directed to solving at least one of the problems of the prior art or the related art.

To this end, the first aspect of the present invention proposes an information authentication method.

A second aspect of the present invention provides an information authentication system.

A third aspect of the present invention provides an information authentication apparatus.

A fourth aspect of the invention proposes a readable storage medium.

In view of the above, according to a first aspect of the present invention, an information authentication method is provided, which includes: responding to the authentication signal of the information to be authenticated, and generating N pieces of sub information to be authenticated according to the information to be authenticated; and authenticating the ith authentication sub-information according to the stored preset authentication key and the acquired authentication key, and authenticating the ith authentication sub-information based on passing authentication of the ith authentication sub-information to be authenticated.

In the technical scheme, a preset authentication key is stored in advance. When a user inputs information to be authenticated and an authentication key, the authentication information is further processed when responding to an authentication signal of the information to be authenticated and acquiring the authentication key input by the user, and the input information to be authenticated is divided into N pieces of sub information to be authenticated with the same digits, wherein the digits are preset digits, so that the information to be authenticated input by the user is not directly verified, the complexity of an information authentication process is improved, and the safety of information authentication is improved.

And authenticating the ith sub information to be authenticated based on passing of authentication of the ith information to be authenticated. Namely, the current ith sub information to be authenticated is authenticated according to a pre-stored preset authentication key and an acquired authentication key, and after the authentication is passed, the current sub information to be authenticated is authenticated and debugged. Before the authentication and debugging of each piece of sub information to be authenticated, the set of information is authenticated through an authentication key input by a user and a pre-stored preset authentication key, so that the information before the authentication and debugging at each time needs to be authenticated, a process that one piece of authentication information is split into N pieces of sub information to be authenticated and then can be authenticated randomly and repeatedly is formed, and the safety of the authentication process is further ensured.

In the technical scheme of the invention, the information is divided into N pieces of sub information to be authenticated by the information authentication mode of information authentication and authentication debugging, any piece of sub information to be authenticated in the N pieces of sub information to be authenticated is authenticated based on an authentication key preset by a system and an authentication key input by a user, and any piece of sub information to be authenticated which passes the authentication is authenticated and then is subjected to authentication debugging. On one hand, the information before authentication and debugging at each time needs to pass authentication first, and the user executing the debugging is guaranteed to be a legal user, on the other hand, the complexity of the information authentication process is improved, the integrity verification of the information to be authenticated and debugged is also realized, and the safety and the accuracy of the authentication and debugging process are guaranteed.

The information authentication method provided by the invention can also have the following additional technical characteristics:

in the above technical solution, the step of authenticating the ith sub-information to be authenticated specifically includes: carrying out initialization assignment on the first authentication parameter value and the second authentication parameter value; generating a first authentication code of the ith sub information to be authenticated according to the ith sub information to be authenticated, the first authentication parameter value and the authentication key; generating a second authentication code of the ith sub information to be authenticated according to the ith sub information to be authenticated, the second authentication parameter value and the authentication key; based on the fact that the first authentication code of the ith sub information to be authenticated is the same as the second authentication code of the ith sub information to be authenticated, judging that the ith sub information to be authenticated passes the authentication, updating the first authentication parameter value into the first authentication code of the ith sub information to be authenticated, and updating the second authentication parameter value into the second authentication code of the ith sub information to be authenticated; wherein N is a positive integer greater than or equal to 1, and i belongs to any one positive integer of [1, N ].

In the technical scheme, the step of authenticating the ith sub-information to be authenticated specifically comprises: the method comprises the steps of firstly carrying out initialization assignment on a first authentication parameter value and a second authentication parameter value, then generating a first authentication code of ith sub information to be authenticated according to ith sub information to be authenticated, the first authentication parameter value and an authentication key, generating a second authentication code of ith sub information to be authenticated according to the ith sub information to be authenticated, the second authentication parameter value and the authentication key, judging whether the first authentication code and the second authentication code of the ith sub information to be authenticated are the same or not, and judging that the ith sub information to be authenticated passes the authentication under the condition that the first authentication code and the second authentication code of the ith sub information to be authenticated are the same.

Further, the first authentication parameter is updated to the first authentication code of the ith sub-information to be authenticated, and the second authentication parameter value is updated to the second authentication code of the ith sub-information to be authenticated. And after the current ith sub information to be authenticated is authenticated, performing authentication debugging on the current ith sub information to be authenticated. On the basis that the authentication of the last sub information to be authenticated (which can be understood as the (i-1) th sub information to be authenticated) passes, the current sub information to be authenticated is authenticated by using the authentication debugging result in the self-confidence authentication debugging of the last sub information to be authenticated, namely the ith sub information to be authenticated. Through the authentication debugging mode, on the basis that the authentication debugging process of the previous sub-information to be authenticated is not known, even if an illegal user masters the authentication key and the key, the correct first authentication code and the correct second authentication code are difficult to generate, the integrity verification of debugging information is realized, and the accuracy of information authentication is ensured.

It can be understood that after the authentication in the last sub-information to be authenticated passes the authentication debugging, the first authentication code and the second authentication code corresponding to the piece of information are generated. And respectively assigning the first authentication code and the second authentication code to a first authentication parameter value and a second authentication parameter value, and updating the first authentication parameter value and the second authentication parameter value. And generating a first authentication code and a second authentication code corresponding to the current sub-information to be authenticated by using the updated first authentication parameter value and the updated second authentication parameter value. And judging that the authentication of the current sub information to be authenticated is passed by judging that the first authentication code and the second authentication code corresponding to the current sub information to be authenticated are the same. And on the basis of passing the authentication of the current sub-information of the information to be authenticated, authenticating and authenticating the next piece of information to be authenticated, and updating the first authentication parameter value and the second authentication parameter value by using the first authentication code and the second authentication code corresponding to the current sub-information to be authenticated after passing the authentication so as to carry out authentication debugging on the next piece of information to be authenticated. The integrity verification of the authentication debugging information is realized, and the accuracy and the safety in the authentication debugging process are ensured.

In any of the above technical solutions, the step of generating the first authentication code of the ith sub-information to be authenticated according to the ith sub-information to be authenticated, the first authentication parameter value and the authentication key specifically includes: generating a first authentication plaintext of the ith sub information to be authenticated according to the ith sub information to be authenticated and the first authentication parameter value; and generating a first authentication code of the ith sub information to be authenticated according to the first authentication plaintext and the authentication key of the ith sub information to be authenticated.

In the technical scheme, the current ith sub information to be authenticated and the first authentication parameter value are subjected to end 0 complementing treatment, so that the digits of the current ith sub information to be authenticated and the first authentication parameter value are both preset digits. And simultaneously carrying out bitwise XOR processing on the current ith sub information to be authenticated after the 0 complementing processing and the first authentication parameter value to generate a first authentication plaintext of the ith sub information to be authenticated. And encrypting the generated first authentication plaintext by using the authentication key input by the user to obtain the first authentication code of the current sub-information to be authenticated.

In the above manner of generating the first authentication plaintext, the first authentication parameter value is related to the first authentication code of the previous sub-information to be authenticated, so that the integrity verification of the debugging information to be authenticated is ensured on the basis that the authentication of the current sub-information is based on the first authentication code in the authentication result of the previous sub-information to be authenticated, thereby ensuring the accuracy and the safety of the authentication process.

In the above technical solution, the step of generating the second authentication code of the ith sub information to be authenticated according to the ith sub information to be authenticated, the second authentication parameter value and the authentication key specifically includes: generating a second authentication plaintext of the ith sub information to be authenticated according to the ith sub information to be authenticated and the second authentication parameter value; and generating a second authentication code of the ith sub information to be authenticated according to the second authentication plaintext and the authentication key of the ith sub information to be authenticated.

In the technical scheme, the current sub information to be authenticated and the second authentication parameter value are subjected to end 0 complementing treatment, so that the digits of the current sub information to be authenticated and the second authentication parameter value are both preset digits. And simultaneously carrying out bit XOR processing on the current sub information to be authenticated after the 0 complementing processing and the second authentication parameter value to generate a second authentication plaintext of the current sub information to be authenticated. And encrypting the generated second authentication plaintext by using the authentication key input by the user to obtain a second authentication code of the ith sub-information to be authenticated.

The current sub-information is authenticated through the first authentication code and the second authentication code, and the method is simple in logic and easy to operate. In the above manner of generating the second authentication plaintext, the second authentication parameter value is related to the second authentication code of the previous sub-information to be authenticated, so that the integrity of the debugging information to be authenticated is verified on the basis that the authentication of the current sub-information is based on the second authentication code in the authentication result of the previous sub-information to be authenticated, thereby ensuring the accuracy and the safety of the authentication process.

In any of the above technical solutions, the information authentication method further includes: and after the authentication of the ith sub information to be authenticated is judged to be passed, storing the ith sub information to be authenticated after the authentication is passed.

In the technical scheme, after the authentication of the current sub-information is passed, the current sub-information after the authentication is passed is stored, so that the sub-information after the authentication is passed is called and counted in the subsequent authentication debugging process.

In any of the above technical solutions, the information authentication method further includes: and if the first authentication code based on the ith sub information to be authenticated is different from the second authentication code based on the ith sub information to be authenticated, the authentication is terminated.

In the technical scheme, when the first authentication code of the current sub-information to be authenticated is judged to be different from the second authentication code of the current sub-information to be authenticated, the current sub-information is not authenticated, the whole authentication debugging process is completely terminated, and the authentication program of the information is re-entered. By the mode, the authentication debugging function is immediately stopped after the input error information is identified, and the whole authentication and authorization process can be automatically stopped when the error information is identified under the condition that the user does not close the authentication debugging function, so that the reliability and the safety in the whole information authentication process are ensured.

In any of the above technical solutions, the information authentication method further includes: and when the number of the stored sub information to be authenticated which passes the authentication is counted to be N, the stored N sub information to be authenticated which passes the authentication is integrated and analyzed to generate the authenticated information.

In the technical scheme, the number of the stored sub information to be authenticated which passes the authentication is counted, and when the number of the sub information to be authenticated is N, the N sub information to be authenticated is proved to pass the authentication, namely the whole information to be authenticated passes the authenticable authentication. And integrating and analyzing the N pieces of sub information to be authenticated which pass the authentication to generate authenticated information, and sending the authenticated information. By the mode, the transmission and the utilization of the information to be authenticated are realized.

In any of the above technical solutions, the step of authenticating the ith sub-information to be authenticated according to the stored preset authentication key and the acquired authentication key specifically includes: responding to the obtained authentication key signal, and generating a first authentication value of the ith sub information to be authenticated; generating a second authentication value of the ith sub information to be authenticated according to the preset authentication key and the first authentication value of the ith sub information to be authenticated; generating a third authentication value of the ith sub information to be authenticated according to the authentication key and the second authentication value of the ith sub information to be authenticated; and authenticating the ith sub information to be authenticated based on the first authentication value of the ith sub information to be authenticated and the third authentication value of the ith sub information to be authenticated.

In the technical scheme, in the process of authenticating the current sub-information to be authenticated, an authentication key signal input by a user is acquired to obtain an authentication key. While randomly generating a first authentication value. And encrypting the randomly generated first authentication value according to a prestored authentication key to obtain a second authentication value. And then the second authentication value is decrypted according to the authentication key input by the user to obtain a third authentication value.

The current sub information to be authenticated is authenticated through the obtained first authentication value and the third authentication value, so that the accuracy of the authentication process of the information to be authenticated is ensured, and the accuracy of the whole information authentication process is ensured.

In any of the above technical solutions, the step of authenticating the ith sub information to be authenticated based on the first authentication value of the ith sub information to be authenticated and the third authentication value of the ith sub information to be authenticated specifically includes: based on that the first authentication value of the ith sub information to be authenticated is equal to the third authentication value of the ith sub information to be authenticated, the authentication of the ith sub information to be authenticated is passed; and based on the fact that the first authentication value of the ith sub information to be authenticated is not equal to the third authentication value of the ith sub information to be authenticated, the authentication of the ith sub information to be authenticated is not passed.

In the technical scheme, if the first authentication value is the same as the third authentication value, the authentication key input by the user is correct, that is, the identity of the user is legal, and a program for performing authentication debugging on the current information to be authenticated can be performed. If the first authentication value is different from the third authentication value, the authentication key input by the user is incorrect, that is, the user currently operating is not a legal user, and the authentication debugging of the current information to be authenticated is not performed.

By the authentication mode, the legality authentication is carried out on the operation user, and the reasonability and the safety of the authentication debugging process are ensured.

In any of the above technical solutions, the step of performing initialization assignment on the first authentication parameter value and the second authentication parameter value specifically includes: taking a third authentication value of the 1 st sub information to be authenticated as a first authentication parameter value; and taking the first authentication value of the 1 st sub information to be authenticated as a second authentication parameter value.

In the technical scheme, after the process of authenticating the information to be authenticated is started, the 1 st sub information to be authenticated is authenticated. In the authentication process, a first authentication value of the 1 st sub information to be authenticated is randomly generated, and a third authentication value is obtained after encryption and decryption are performed according to the first authentication value. And taking the third authentication value as an initial first authentication parameter value and the first authentication value as an initial second authentication parameter value.

The mode of determining the initial first authentication parameter value and the initial second authentication parameter value through the initialization assignment ensures the reliability and rationality of the initialization assignment and also ensures the feasibility and reliability of the whole authentication debugging process.

According to a second aspect of the present invention, there is provided an information authentication system, comprising: the receiving unit is used for receiving the information to be authenticated and generating an authentication signal of the information to be authenticated; the conversion unit is used for responding to the authentication signal of the information to be authenticated and generating N pieces of sub information to be authenticated according to the information to be authenticated; the authentication unit is used for authenticating the ith sub-information to be authenticated according to the stored preset authentication key and the acquired authentication key; and the authentication unit is used for authenticating the ith sub information to be authenticated when the authentication of the ith sub information to be authenticated is passed.

In the technical scheme, the information authentication system comprises a receiving unit, a conversion unit, an authentication unit and an authentication unit, wherein the receiving unit is used for receiving information to be authenticated and generating an authentication signal corresponding to the information to be authenticated according to the information to be authenticated. The conversion unit responds to the authentication signal of the information to be authenticated sent by the receiving unit and converts the information to be authenticated to generate N pieces of sub information to be authenticated. And the authentication unit is used for authenticating the ith sub information to be authenticated in the N sub information to be authenticated according to the stored preset authentication key and the acquired authentication key, and the authentication unit is used for authenticating the ith sub information to be authenticated after the authentication unit authenticates the ith sub information to be authenticated.

In the technical scheme of the invention, the information is divided into N pieces of sub information to be authenticated by the information authentication mode of information authentication and authentication debugging, the authentication unit authenticates any piece of sub information to be authenticated in the N pieces of sub information to be authenticated based on an authentication key preset by a system and an authentication key input by a user, and the authentication unit authenticates any piece of sub information to be authenticated which passes the authentication and then carries out the authentication debugging. On one hand, the information before authentication debugging at each time needs to pass authentication, the user who executes debugging is guaranteed to be a legal user, on the other hand, the complexity of the authentication debugging process is improved, the integrity verification of the information to be authenticated and debugged is also realized, and the safety and the accuracy of the authentication debugging process are guaranteed.

According to a third aspect of the present invention, there is provided an information authentication apparatus comprising: a memory; the processor is connected with the memory and comprises an authentication component, a debugging component and a debugging transmission component, wherein the authentication component is connected with the debugging component, and the debugging component is connected with the debugging transmission component; the authentication component, the debugging component and the debugging transmission component are all provided with one or more communication interfaces, communication connection is established according to the communication interfaces, a computer program capable of running on the processor is stored in the memory, and the information authentication method in any one of the technical schemes is realized when the processor executes the computer program.

In the technical scheme, the information authentication device is provided with a memory and a processor. The processor comprises an authentication component, a debugging component and a debugging transmission component, wherein the authentication component is connected with the debugging component, the debugging component is connected with the debugging transmission component, one or more communication interfaces are arranged on the authentication component, the debugging component and the debugging transmission component, and then communication connection is established for the process of information authentication.

The information authentication device provided by the invention comprises: a memory storing programs or instructions; a processor, which executes the program or the instructions to implement the information authentication method according to any of the technical solutions of the first aspect. Therefore, the information authentication device includes all the beneficial effects of the information authentication method of any of the above technical solutions, which are not described herein again.

In the above technical solution, the debugging component includes: the data exchange register is set to be readable and writable and is connected with the authentication component; the authentication state register is set to be readable and is connected with the authentication component; the authentication permission register is set to be readable and is connected with the authentication component; the debugging transmission component comprises: and the extension register is connected with the debugging transmission component, and the debugging transmission component is used for reading and writing data in the debugging component and the extension register.

In the technical scheme, the debugging component is provided with a data exchange register, an authentication state register and an authentication permission register, and the debugging transmission component comprises an extension register.

Furthermore, the authentication permission register and the authentication status register are set to be readable and used for reading data of the authentication component. The data exchange register is arranged to be readable and writable for reading data from and writing data to the authentication component.

Furthermore, the extension register is connected with the debugging transmission component, so that the debugging transmission component reads and writes data in the debugging component and the extension register.

According to a fourth aspect of the present invention, a readable storage medium is provided, on which a program or an instruction is stored, the program or the instruction is executed by a processor to implement the information authentication method in any one of the above technical solutions.

The readable storage medium provided by the present invention, when the processor executes the instructions or the program, implements the steps of the information authentication method in any of the above technical solutions, and therefore, the readable storage medium includes all the advantages of the information authentication method in any of the above technical solutions.

Additional aspects and advantages of the invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention.

Drawings

The above and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:

FIG. 1 is a flow chart of an information authentication method according to an embodiment of the present invention;

FIG. 2 is a flow chart of an information authentication method according to an embodiment of the present invention;

FIG. 3 is a flow chart of an information authentication method according to an embodiment of the present invention;

FIG. 4 is a flow chart illustrating an information authentication method according to an embodiment of the present invention;

FIG. 5 is a flow chart illustrating an information authentication method according to an embodiment of the present invention;

FIG. 6 is a schematic structural diagram of an information authentication apparatus according to an embodiment of the present invention;

fig. 7 is a flowchart illustrating an information authentication method according to an embodiment of the present invention.

Wherein, the correspondence between the reference numbers and the names of the components in fig. 6 is:

40 memories, 50 processors, 52 authentication components, 54 debugging components, 56 debugging transmission components, 546 data exchange registers, 542 authentication status registers, 544 authentication permission registers, 562 extension registers, 58 extension register buses, 60 encryption layer, 62 debugging translation layer, 64 debugging layer.

Detailed Description

In order that the above objects, features and advantages of the present invention can be more clearly understood, a more particular description of the invention will be rendered by reference to the appended drawings. It should be noted that the embodiments and features of the embodiments of the present application may be combined with each other without conflict.

In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention, however, the present invention may be practiced in other ways than those specifically described herein, and therefore the scope of the present invention is not limited by the specific embodiments disclosed below.

The information authentication method, the information authentication system, the information authentication apparatus, and the readable storage medium according to some embodiments of the present invention will be described in detail with reference to fig. 1 to 7.

Example 1:

as shown in fig. 1, according to an embodiment of the first aspect of the present invention, an information authentication method is provided, the information authentication method including:

step 102, responding to an authentication signal of information to be authenticated, and generating N pieces of sub information to be authenticated according to the information to be authenticated;

104, authenticating the ith sub-information to be authenticated according to the stored preset authentication key and the acquired authentication key, judging whether the authentication passes, if not, entering the step 102, and if so, entering the step 106;

and step 106, starting to authenticate the ith sub information to be authenticated based on the authentication passing of the ith sub information to be authenticated.

In this embodiment, a preset authentication key is stored in advance. When a user inputs information to be authenticated and an authentication key, the authentication information is further processed when responding to an authentication signal of the information to be authenticated and acquiring the authentication key input by the user, and the input information to be authenticated is divided into N pieces of sub information to be authenticated with the same digits, wherein the digits are preset digits, so that the information to be authenticated input by the user is not directly verified, the complexity of an information authentication process is improved, and the safety of information authentication is improved.

And authenticating the ith sub information to be authenticated based on passing of authentication of the ith sub information to be authenticated. Namely, the current ith sub information to be authenticated is authenticated according to a pre-stored preset authentication key and an acquired authentication key, and after the authentication is passed, the current sub information to be authenticated is authenticated and debugged. Before the authentication and debugging of each piece of sub information to be authenticated, the set of information is authenticated through an authentication key input by a user and a pre-stored preset authentication key, so that the information before the authentication and debugging at each time needs to be authenticated, a process that one piece of authentication information is split into N pieces of sub information to be authenticated and then can be authenticated randomly and repeatedly is formed, and the safety of the authentication process is further ensured.

In this embodiment, the information is divided into N pieces of sub information to be authenticated by the above information authentication method for information authentication and authentication debugging, any piece of sub information to be authenticated in the N pieces of sub information to be authenticated is authenticated based on an authentication key preset by the system and an authentication key input by a user, and any piece of sub information to be authenticated that passes the authentication is authenticated and then is debugged. On one hand, the information before authentication and debugging at each time needs to pass authentication first, and the user executing the debugging is guaranteed to be a legal user, on the other hand, the complexity of the information authentication process is improved, the integrity verification of the information to be authenticated and debugged is also realized, and the safety and the accuracy of the authentication and debugging process are guaranteed.

Example 2:

as shown in fig. 2, according to an embodiment of the present invention, on the basis of the above embodiment, further, the information authentication method includes:

step 202, responding to the authentication signal of the information to be authenticated, and generating N pieces of sub information to be authenticated according to the information to be authenticated;

step 204, according to the stored preset authentication key and the obtained authentication key, authenticating the ith sub-information to be authenticated, judging whether the authentication passes, if not, entering step 202, and if so, entering step 206;

step 206, based on the authentication passing of the ith sub information to be authenticated, the authentication of the ith sub information to be authenticated is started;

step 208, performing initialization assignment on the first authentication parameter value and the second authentication parameter value;

step 210, generating a first authentication code of the ith sub information to be authenticated according to the ith sub information to be authenticated, the first authentication parameter value and the authentication key;

step 212, generating a second authentication code of the ith sub information to be authenticated according to the ith sub information to be authenticated, the second authentication parameter value and the authentication key;

step 214, based on that the first authentication code of the ith sub information to be authenticated is the same as the second authentication code of the ith sub information to be authenticated, determining that the authentication of the ith sub information to be authenticated passes, updating the first authentication parameter value to the first authentication code of the ith sub information to be authenticated, and updating the second authentication parameter value to the second authentication code of the ith sub information to be authenticated.

In this embodiment, the step of authenticating the ith sub-information to be authenticated specifically includes: the method comprises the steps of firstly carrying out initialization assignment on a first authentication parameter value and a second authentication parameter value, then generating a first authentication code of ith sub information to be authenticated according to ith sub information to be authenticated, the first authentication parameter value and an authentication key, generating a second authentication code of ith sub information to be authenticated according to the ith sub information to be authenticated, the second authentication parameter value and the authentication key, judging whether the first authentication code and the second authentication code of the ith sub information to be authenticated are the same or not, and judging that the ith self-confidence authentication to be authenticated passes under the condition that the first authentication code and the second authentication code of the ith sub information to be authenticated are the same.

It should be noted that N is a positive integer greater than or equal to 1, i belongs to any positive integer in [1, N ], and the ith sub-information to be authenticated is any sub-information to be authenticated in the N sub-information to be authenticated.

On the basis of the foregoing embodiment, specifically, the step of generating the first authentication code of the ith sub information to be authenticated according to the ith sub information to be authenticated, the first authentication parameter value and the authentication key specifically includes: generating a first authentication plaintext of the ith sub information to be authenticated according to the ith sub information to be authenticated and the first authentication parameter value; and generating a first authentication code of the ith sub information to be authenticated according to the first authentication plaintext and the authentication key of the ith sub information to be authenticated.

In this embodiment, the current ith sub information to be authenticated and the first authentication parameter value are subjected to end 0 complementing processing, so that the digits of the current ith sub information to be authenticated and the first authentication parameter value are both preset digits. And simultaneously carrying out bitwise XOR processing on the current ith sub information to be authenticated after the 0 complementing processing and the first authentication parameter value to generate a first authentication plaintext of the ith sub information to be authenticated. And encrypting the generated first authentication plaintext by using the authentication key input by the user to obtain the first authentication code of the current sub-information to be authenticated.

On the basis of the foregoing embodiment, specifically, the step of generating the second authentication code of the ith sub information to be authenticated according to the ith sub information to be authenticated, the second authentication parameter value, and the authentication key includes: generating a second authentication plaintext of the ith sub information to be authenticated according to the ith sub information to be authenticated and the second authentication parameter value; and generating a second authentication code of the ith sub information to be authenticated according to the second authentication plaintext and the authentication key of the ith sub information to be authenticated.

In this embodiment, the current sub information to be authenticated and the second authentication parameter value are subjected to end 0-complementing processing, so that the digits of the current sub information to be authenticated and the second authentication parameter value are both preset digits. And simultaneously carrying out bit XOR processing on the current sub information to be authenticated after the 0 complementing processing and the second authentication parameter value to generate a second authentication plaintext of the current sub information to be authenticated. And encrypting the generated second authentication plaintext by using the authentication key input by the user to obtain a second authentication code of the ith sub-information to be authenticated.

Example 3:

as shown in fig. 3, according to an embodiment of the present invention, on the basis of the above embodiment, further, the information authentication method includes:

step 302, responding to the authentication signal of the information to be authenticated, and generating N pieces of sub information to be authenticated according to the information to be authenticated;

step 304, according to the stored preset authentication key and the obtained authentication key, authenticating the ith sub-information to be authenticated, judging whether the authentication passes, if not, entering step 302, and if so, entering step 306;

step 306, based on the authentication passing of the ith sub information to be authenticated, the authentication of the ith sub information to be authenticated is started;

308, carrying out initialization assignment on the first authentication parameter value and the second authentication parameter value;

step 310, generating a first authentication code of the ith sub information to be authenticated according to the ith sub information to be authenticated, the first authentication parameter value and the authentication key;

step 312, generating a second authentication code of the ith sub-information to be authenticated according to the ith sub-information to be authenticated, the second authentication parameter value and the authentication key;

step 314, based on that the first authentication code of the ith sub information to be authenticated is the same as the second authentication code of the ith sub information to be authenticated, determining that the authentication of the ith sub information to be authenticated passes, updating the first authentication parameter value to the first authentication code of the ith sub information to be authenticated, and updating the second authentication parameter value to the second authentication code of the ith sub information to be authenticated;

and step 316, storing the ith sub information to be authenticated after the authentication is passed.

In this embodiment, after the authentication of the current sub-information is passed, the current sub-information after the authentication is passed is stored, so that the sub-information after the authentication is passed is called and counted in the subsequent authentication debugging process.

Example 4:

as shown in fig. 4, according to an embodiment of the present invention, on the basis of the above embodiment, further, the information authentication method includes:

step 402, responding to the authentication signal of the information to be authenticated, and generating N pieces of sub information to be authenticated according to the information to be authenticated;

step 404, according to the stored preset authentication key and the obtained authentication key, authenticating the ith sub-information to be authenticated, judging whether the authentication passes, if not, entering step 402, and if so, entering step 406;

step 406, based on the authentication passing of the ith sub information to be authenticated, the authentication of the ith sub information to be authenticated is started;

step 408, performing initialization assignment on the first authentication parameter value and the second authentication parameter value;

step 410, generating a first authentication code of the ith sub-information to be authenticated according to the ith sub-information to be authenticated, the first authentication parameter value and the authentication key;

step 412, generating a second authentication code of the ith sub information to be authenticated according to the ith sub information to be authenticated, the second authentication parameter value and the authentication key;

step 414, based on that the first authentication code of the ith sub information to be authenticated is the same as the second authentication code of the ith sub information to be authenticated, determining that the authentication of the ith sub information to be authenticated passes, updating the first authentication parameter value to the first authentication code of the ith sub information to be authenticated, and updating the second authentication parameter value to the second authentication code of the ith sub information to be authenticated;

step 416, storing the ith sub information to be authenticated after the authentication is passed;

step 418, when the number of the stored authenticated sub information to be authenticated is counted to be N, the stored authenticated sub information to be authenticated is integrated and analyzed to generate authenticated information.

In this embodiment, the number of the stored sub information to be authenticated, which has passed the authentication, is counted, and when the number of the stored sub information to be authenticated is N, it is indicated that all the N sub information to be authenticated pass the authentication, that is, all the information to be authenticated passes the authenticatable authentication. And integrating and analyzing the N pieces of sub information to be authenticated which pass the authentication to generate authenticated information, and sending the authenticated information. By the mode, the transmission and the utilization of the information to be authenticated are realized.

On the basis of any of the above embodiments, specifically, the step of authenticating the ith sub-information to be authenticated according to the stored preset authentication key and the acquired authentication key specifically includes: responding to the obtained authentication key signal, and generating a first authentication value of the ith sub information to be authenticated; generating a second authentication value of the ith sub information to be authenticated according to the preset authentication key and the first authentication value of the ith sub information to be authenticated; generating a third authentication value of the ith sub information to be authenticated according to the authentication key and the second authentication value of the ith sub information to be authenticated; and authenticating the ith sub information to be authenticated based on the first authentication value of the ith sub information to be authenticated and the third authentication value of the ith sub information to be authenticated.

In this embodiment, in the process of authenticating the current sub-information to be authenticated, the authentication key signal input by the user is acquired to obtain the authentication key. While randomly generating a first authentication value. And encrypting the randomly generated first authentication value according to a prestored authentication key to obtain a second authentication value. And then the second authentication value is decrypted according to the authentication key input by the user to obtain a third authentication value.

On the basis of any of the above embodiments, specifically, the step of authenticating the ith sub information to be authenticated based on the first authentication value of the ith sub information to be authenticated and the third authentication value of the ith sub information to be authenticated specifically includes: based on that the first authentication value of the ith sub information to be authenticated is equal to the third authentication value of the ith sub information to be authenticated, the authentication of the ith sub information to be authenticated is passed; and based on the fact that the first authentication value of the ith sub information to be authenticated is not equal to the third authentication value of the ith sub information to be authenticated, the authentication of the ith sub information to be authenticated is not passed.

In this embodiment, if the first authentication value is the same as the third authentication value, it indicates that the authentication key input by the user is correct, that is, it indicates that the identity of the user is legal, and a program for performing authentication debugging on the current information to be authenticated may be performed. If the first authentication value is different from the third authentication value, the authentication key input by the user is incorrect, that is, the user currently operating is not a legal user, and the authentication debugging of the current information to be authenticated is not performed.

On the basis of any of the above embodiments, specifically, the step of performing initialization assignment on the first authentication parameter value and the second authentication parameter value specifically includes: taking a third authentication value of the 1 st sub information to be authenticated as a first authentication parameter value; and taking the first authentication value of the 1 st sub information to be authenticated as a second authentication parameter value.

In this embodiment, after the process of authenticating the information to be authenticated is started, the 1 st sub information to be authenticated is authenticated first. In the authentication process, a first authentication value of the 1 st sub information to be authenticated is randomly generated, and a third authentication value is obtained after encryption and decryption are performed according to the first authentication value. And taking the third authentication value as an initial first authentication parameter value and the first authentication value as an initial second authentication parameter value.

Example 5:

as shown in fig. 5, according to an embodiment of the present invention, on the basis of the above embodiment, further, the information authentication method includes:

step 502, responding to the authentication signal of the information to be authenticated, and generating N pieces of sub information to be authenticated according to the information to be authenticated;

step 504, according to the stored preset authentication key and the obtained authentication key, authenticating the ith sub-information to be authenticated, judging whether the authentication passes, if not, entering step 502, and if so, entering step 506;

step 506, based on the authentication passing of the ith sub information to be authenticated, the authentication of the ith sub information to be authenticated is started;

step 508, carry on the initialized assignment to the first authentication parameter value and second authentication parameter value;

step 510, generating a first authentication code of the ith sub-information to be authenticated according to the ith sub-information to be authenticated, the first authentication parameter value and the authentication key;

step 512, generating a second authentication code of the ith sub information to be authenticated according to the ith sub information to be authenticated, the second authentication parameter value and the authentication key;

step 514, judging whether the first authentication code of the ith sub information to be authenticated and the second authentication code of the ith sub information to be authenticated are the same, if so, entering step 516, otherwise, proceeding to step 518;

step 516, based on passing the authentication of the ith sub-information to be authenticated, updating the first authentication parameter value to the first authentication code of the ith sub-information to be authenticated, and updating the second authentication parameter value to the second authentication code of the ith sub-information to be authenticated;

step 518, if the first authentication code of the ith sub information to be authenticated is different from the second authentication code of the ith sub information to be authenticated, the authentication is terminated.

In this embodiment, when it is determined that the first authentication code of the current sub information to be authenticated is different from the second authentication code of the current sub information to be authenticated, it indicates that the authentication of the current sub information is not passed, and the authentication and authentication debugging process of the entire information is completely terminated. By the mode, the authentication debugging function is immediately stopped after the input error information is identified, and the whole authentication and authorization process can be automatically stopped when the error information is identified under the condition that the user does not close the authentication debugging function, so that the reliability and the safety in the whole information authentication process are ensured.

It should be noted that, after the steps of passing the authentication of the ith sub information to be authenticated, updating the first authentication parameter value to the first authentication code of the ith sub information to be authenticated, and updating the second authentication parameter value to the second authentication code of the ith sub information to be authenticated, the authentication and authentication of the (i +1) th sub information to be authenticated are performed.

Example 6:

according to an embodiment of the second aspect of the present invention, there is provided an information authentication system, including: the receiving unit is used for receiving the information to be authenticated and generating an authentication signal of the information to be authenticated; the conversion unit is used for responding to the authentication signal of the information to be authenticated and generating N pieces of sub information to be authenticated according to the information to be authenticated; the authentication unit is used for authenticating the ith sub-information to be authenticated according to the stored preset authentication key and the acquired authentication key; and the authentication unit is used for authenticating the ith sub information to be authenticated when the authentication of the ith sub information to be authenticated is passed.

In this embodiment, the information authentication system includes a receiving unit, a converting unit, an authenticating unit, and an authenticating unit, wherein the receiving unit is configured to receive information to be authenticated and generate an authentication signal corresponding to the information to be authenticated according to the information to be authenticated. The conversion unit responds to the authentication signal of the information to be authenticated sent by the receiving unit and converts the authentication information to generate N pieces of sub information to be authenticated. And the authentication unit is used for authenticating the ith sub information to be authenticated in the N sub information to be authenticated according to the stored preset authentication key and the acquired authentication key, and the authentication unit is used for authenticating the ith sub information to be authenticated after the authentication unit authenticates the ith sub information to be authenticated.

In this embodiment, the information is divided into N pieces of sub information to be authenticated by the above information authentication method for authenticating and authenticating debugging, the authentication unit authenticates any one piece of sub information to be authenticated based on an authentication key preset in the system and an authentication key input by the user, and the authentication unit authenticates any piece of sub information to be authenticated that passes the authentication and then authenticates and debugs the information. On one hand, the information before each authentication debugging needs to pass the authentication first, and the user executing the debugging is guaranteed to be a legal user, on the other hand, the complexity of the authentication debugging process is improved, the integrity verification of the information to be authenticated and debugged is also realized, and the safety and the accuracy of the authentication debugging process are guaranteed.

Example 7:

as shown in fig. 6, according to an embodiment of the third aspect of the present invention, there is provided an information authentication apparatus including: a memory 40; the processor 50, the processor 50 is connected with the memory 40, the processor 50 includes an authentication component 52, a debugging component 54 and a debugging transmission component 56, wherein the authentication component 52 is connected with the debugging component 54, and the debugging component 54 is connected with the debugging transmission component 56; the authentication component 52, the debugging component 54 and the debugging transmission component 56 are each provided with one or more communication interfaces, communication connections are established according to the communication interfaces, the memory 40 stores a computer program which can run on the processor 50, and the processor 50 implements the steps of the information authentication method in any of the above embodiments when executing the computer program.

In this embodiment, the information authentication apparatus is provided with a memory 40 and a processor 50. The processor 50 includes an authentication component 52, a debugging component 54 and a debugging transmission component 56, wherein the authentication component 52 is connected with the debugging component 54, the debugging component 54 is connected with the debugging transmission component 56, and one or more communication interfaces are respectively arranged on the authentication component 52, the debugging component 54 and the debugging transmission component 56, so as to establish communication connection and perform an information authentication process.

The information authentication device provided by the embodiment comprises: a memory 40 storing programs or instructions; a processor 50, the processor 50 when executing a program or instructions implementing the method of information authentication as in any of the embodiments of the first aspect. Therefore, the information authentication device includes all the beneficial effects of the information authentication method in any of the above embodiments, which are not described herein again.

On the basis of any of the above embodiments, further, the debugging component 54 includes: a data exchange register 546, the data exchange register 546 being arranged to be readable and writable, the data exchange register 546 being connected to the authentication component 52; the authentication status register 542, the authentication status register 542 is set to be readable, the authentication status register 542 is connected with the authentication component 52; an authentication permission register 544, the authentication permission register 544 being configured to be readable, the authentication permission register 544 being connected to the authentication component 52; debug transfer component 56 includes: extension register 562, extension register 562 are connected with debug transmitting component 56, and debug transmitting component 56 is used for reading and writing data in debug component 54 and extension register 562.

In this embodiment, debug component 54 is provided with data exchange register 546, authentication status register 542, authentication permission register 544, and debug transfer component 56 includes extension register 562.

Further, both the authentication permission register 544 and the authentication status register 542 are arranged to be readable for reading data of the authentication component 52. The data exchange register 546 is set to be readable and writable for reading data from the authentication component 52 and writing data to the authentication component 52.

Further, extension registers 562 are connected with debug transfer component 56 such that debug transfer component 56 reads and writes data in debug component 54 and extension registers 562.

Example 8:

the debugging interface of the processor can be used for controlling and observing the running of the program, so as to avoid the problem that the debugging interface is used maliciously by an attacker, and the system data is stolen or the program execution is damaged. When the high-safety-performance safe processor chip is produced, after the processor chip is programmed and debugged by software, a debugging interface is closed by using a fuse wire technology, and then the problem is solved by adopting an authentication debugging mode. Specifically, in the above-mentioned authentication debugging method, the debugging function is locked, and the user is required to perform the identity authentication when using the debugging function, and only the user having the authorized password can use the authentication debugging function through the authentication.

At present, the authentication mode adopted is as follows: the authentication is carried out through an authentication process based on a symmetric cryptographic algorithm, once the authentication is passed, the subsequent authentication debugging operation is not monitored at all until the use is completed, and the user actively resets the authentication permission register. And the authentication approach employed therein is a simple challenge and response protocol. Although this authentication method has certain security, the following problems still exist: firstly, the authentication process is realized by software, the security is low, and the attack is possible to be suffered in the authentication link; secondly, if a legal user passes the authentication and unlocks the debugging function, the authentication and debugging function is forgotten to be locked in time, or an illegal user interferes with the locking operation, so that the debugging function is always in an unlocked state, and any user can use the system at will until the system is powered on or reset again; thirdly, in applications such as the internet of things, the processor may need to perform remote authentication debugging, an attacker may hijack a channel in the communication process, and a challenge-response mechanism is cracked by means of man-in-the-middle attack, replay attack and the like, or an authentication debugging request sent by a legal user is changed, so that an illegal purpose is achieved.

In view of the above disadvantages, the present embodiment provides an information authentication method and an information authentication apparatus for ensuring that each authentication debugging operation is initiated by a valid user and verifying the integrity of information to be authenticated. The authentication process in the information authentication method is realized based on a hardware circuit. As shown in fig. 7, the information authentication method includes:

step 702, acquiring a pre-stored authentication key K;

step 704, randomly generating a first authentication value IV;

step 706, encrypting the first authentication value IV according to the authentication key K to generate a second authentication value IVe;

step 708, receiving an authentication key K' input by a user;

step 710, decrypting the second authentication value IVe according to the authentication key K 'to generate a third authentication value IV';

step 712, determining whether the first authentication value IV and the third authentication value IV' are equal, if yes, proceeding to step 714, otherwise, proceeding to step 702;

step 714, using the third authentication value IV' as a first authentication parameter value, and using the first authentication value IV as a second authentication parameter value;

step 716, i is 1;

step 718, sending the ith sub information m (i) to be authenticated to the debugging component;

step 720, performing bitwise XOR operation on the ith sub-information m (i) to be authenticated and the first authentication parameter value to generate the ith sub-information m (i) to be authenticated as a first authentication plaintext;

step 722, encrypting the first authentication plaintext of the ith sub-information m (i) to be authenticated according to the authentication key K 'to generate a first authentication code Y' (i) of the ith sub-information m (i) to be authenticated;

step 724, performing bitwise XOR operation on the ith sub-information m (i) to be authenticated and the second authentication parameter value to generate the ith sub-information m (i) to be authenticated and a second authentication plaintext;

step 726, encrypt the second authentication plaintext of the ith sub-information m (i) to be authenticated according to the authentication key K to generate a second authentication code y (i) of the ith sub-information m (i) to be authenticated;

step 728, determining whether the first authentication code Y' (i) of the ith sub-information m (i) to be authenticated is the same as the second authentication code Y (i) of the ith sub-information m (i) to be authenticated, if yes, entering step 730, and if not, entering step 702;

step 730, storing the ith sub information m (i) to be authenticated, updating the first authentication parameter value and the second authentication parameter value, taking the first authentication code Y '(i) of the ith sub information m (i) to be authenticated as the first authentication parameter value, and taking the second authentication code Y' (i) of the ith sub information m (i) to be authenticated as the second authentication parameter value;

step 732, i is i +1, and determines whether i is smaller than N, if yes, step 718 is performed, and if no, the process ends.

In this embodiment, the authentication permission register 544 of the debug component 54 is reset, i.e., the authentication permission register 544 is 0, and the authentication component 52 loads the built-in authentication key K. The authentication component 52 randomly generates a first authentication value IV and encrypts the first authentication value IV according to the authentication key K, generates a second authentication value IVe, and writes the second authentication value IVe into the data exchange register 546. The debugging component 54 reads the second authentication value IVe of the data exchange register 546. And receiving the authentication key K ' input by the user, and decrypting the second authentication value IVe according to the authentication key K ' to generate a third authentication value IV '. The third authentication value IV' is written to the data exchange register 546 by the debug transmit component 56.

Further, the third authentication value IV' stored in the data exchange register 546 is read by the authentication component 52. At the same time, a determination is made by the authentication component 52 as to whether the first authentication value IV and the third authentication value IV' are equal. If equal, authentication is carried out, and if not equal, re-authentication is carried out. The authentication permission register 544 is set to 1, the authentication status register 542 is set to 0, the third authentication value IV' is set as the first authentication parameter value, and the first authentication value IV is set as the second authentication parameter value. And authenticating each sub information to be authenticated according to the sequence, and entering re-authentication if one of the sub information to be authenticated fails to be authenticated. If the authentication is passed all the time, the authentication is carried out for N times, and when the authentication is still passed, the whole authentication process is completed, wherein N is the number of the sub information to be authenticated.

The processor includes an authentication component 52, a debug component 54, and a debug transmission component 56. Its debug component 54 is provided with a data exchange register 546, an authentication status register 542, an authentication permission register 544 and an extension register 562.

Specifically, the system components related to the whole debugging function are as shown in fig. 6, and include a hardware portion and a software portion, where the hardware portion is: authentication component 52, debugging component 54, debugging transmission component 56, extension registers 562, software part: the debugging layer 64, the debugging translation layer 62, the encryption layer 60, and the authentication component 52 are implemented by hardware circuits, and function is to perform authentication code checking operation according to the received data exchange register 546, and return the result whether authentication is passed or not.

Specifically, the debugging component 54 of the present embodiment, in addition to having the debugging function specified in the standard, also maintains the data and status of the debugging authentication, and its interior includes three sets of registers, namely, a data exchange register 546, an authentication status register 542 and an authentication permission register 544, which provide an interface for the debugging transmission component 56 to access the data exchange register 546 and the authentication component 52 to access the data exchange register 546, a reset function of the authentication permission register 544, and an interface for the debugging transmission component 56 to read the signal of the authentication status register 542; the debug component 54 also includes an instruction cache register for temporarily storing debug instructions to be executed, which register is readable by the authentication component 52. The debug transfer component 56 is a JTAG (Joint Test Action Group) interface of hardware, and is used to implement communication between the debug component 54 and the debugger, a register inside the debug transfer component 56 is extended to a 96-bit data register named as an extended register 562, where 32 bits are used to store data and instructions exchanged with the debug component 54, and another 64 bits are used to store a MAC (Media Access Control) field.

The debugging layer 64 and the debugging translation layer 62 together form a software part (hereinafter, referred to as a host) on the host side, which is software running in the host computer, the debugging layer 64 is controlled by a debugging user and is communicated with the debugging translation layer 62, and the debugging translation layer 62 is communicated with a bottom hardware interface.

In this embodiment, the debugging translation layer 62 needs to add an encryption layer 60 on the basis of the software of the conventional debugging translation layer 62, where the encryption layer 60 is located at the bottom of the software above the hardware driver layer, and is used to receive the instruction sent by the upper debugging layer 64 and perform MAC generation on the sent instruction, and then complete the transceiving of corresponding information according to the authentication and authorization protocol flow, where it timely requires the user to input a key according to the flow, and the encryption layer 60 is transparent to the returned debugging result (read data) and directly forwards the result to the upper debugging layer 64. The following operations at the host end of the authentication procedure are mainly performed by the encryption layer 60.

When authentication permission register 544 is reset, debug component 54 cannot interact with the rest of the platform or expose any details of the hardware thread to which debug component 54 is connected, except that authentication permission register 544, authentication status register 542 is readable, data exchange register 546 is readable and writeable, and other registers in debug component 54 are not writeable, but return 0. Data exchange register 546 is a 64-bit register in debug component 54 that is a bi-directional port between debug component 54 and authentication component 52. When authentication status register 542 is reset, the debugger may communicate with authentication component 52 by reading and writing data exchange register 546. Debug transfer component 56 reads from or writes to debug component 54 via extended register bus 58, debug transfer component 56 being the master of extended register bus 58, debug component 54 being a slave of extended register bus 58, the data bit width of extended register bus 58 being 64 bits. Authentication status register 542 is controlled by authentication component 52 module and the debugger reads their status through debug component 54. Debug component 54 may reset authentication permission register 544 and authentication component 52 may overwrite authentication permission register 544.

Example 9:

according to an embodiment of the fourth aspect of the present invention, a readable storage medium is provided, on which a program or an instruction is stored, and the program or the instruction is executed by a processor to implement the information authentication method in any one of the above technical solutions.

The readable storage medium provided in this embodiment implements the steps of the information authentication method in any one of the above technical solutions when the processor executes the instructions or the program, and therefore, the readable storage medium includes all the beneficial effects of the information authentication method in any one of the above technical solutions.

In the description herein, the terms "first" and "second" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance unless explicitly stated or limited otherwise; the terms "connected," "mounted," "secured," and the like are to be construed broadly and include, for example, fixed connections, removable connections, or integral connections; may be directly connected or indirectly connected through an intermediate. The specific meanings of the above terms in the present invention can be understood by those skilled in the art according to specific situations.

In the description herein, the description of the terms "one embodiment," "some embodiments," "specific embodiments," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.

The above is only a preferred embodiment of the present invention, and is not intended to limit the present invention, and various modifications and changes will occur to those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims

1. An information authentication method, characterized in that the information authentication method comprises:

responding to an authentication signal of information to be authenticated, and generating N pieces of sub information to be authenticated according to the information to be authenticated;

authenticating the ith sub-information to be authenticated according to the stored preset authentication key and the acquired authentication key;

and authenticating the ith sub information to be authenticated based on the authentication passing of the ith sub information to be authenticated.

2. The information authentication method as claimed in claim 1, wherein the step of authenticating the ith sub-information to be authenticated specifically comprises:

carrying out initialization assignment on the first authentication parameter value and the second authentication parameter value;

generating a first authentication code of the ith sub information to be authenticated according to the ith sub information to be authenticated, the first authentication parameter value and the authentication key;

generating a second authentication code of the ith sub information to be authenticated according to the ith sub information to be authenticated, the second authentication parameter value and the authentication key;

based on the first authentication code of the ith sub-information to be authenticated and the second authentication code of the ith sub-information to be authenticated being the same, judging that the authentication of the ith sub-information to be authenticated is passed, updating the first authentication parameter value to the first authentication code of the ith sub-information to be authenticated, and updating the second authentication parameter value to the second authentication code of the ith sub-information to be authenticated;

wherein N is a positive integer greater than or equal to 1, and i belongs to any one positive integer of [1, N ].

3. The information authentication method of claim 2, wherein the step of generating the first authentication code of the ith sub information to be authenticated according to the ith sub information to be authenticated, the first authentication parameter value and the authentication key specifically comprises:

generating a first authentication plaintext of the ith sub information to be authenticated according to the ith sub information to be authenticated and the first authentication parameter value;

and generating the first authentication code of the ith sub information to be authenticated according to the first authentication plaintext of the ith sub information to be authenticated and the authentication key.

4. The information authentication method according to any one of claims 1 to 3, wherein the step of generating the second authentication code of the ith sub information to be authenticated according to the ith sub information to be authenticated, the second authentication parameter value and the authentication key specifically comprises:

generating a second authentication plaintext of the ith sub information to be authenticated according to the ith sub information to be authenticated and the second authentication parameter value;

and generating the second authentication code of the ith sub information to be authenticated according to the second authentication plaintext of the ith sub information to be authenticated and the authentication key.

5. The information authentication method according to any one of claims 1 to 3, further comprising:

and after the judgment that the authentication of the ith sub information to be authenticated is passed, storing the ith sub information to be authenticated after the authentication is passed.

6. The information authentication method according to claim 2 or 3, wherein the information authentication method further comprises: and if the first authentication code based on the ith sub information to be authenticated is not the same as the second authentication code based on the ith sub information to be authenticated, terminating the authentication.

7. The information authentication method of claim 5, further comprising:

and when the number of the stored sub information to be authenticated which passes the authentication is counted to be N, the stored N sub information to be authenticated which passes the authentication is integrated and analyzed to generate the authenticated information.

8. The information authentication method according to any one of claims 1 to 3, wherein the step of authenticating the ith sub-information to be authenticated according to the stored preset authentication key and the acquired authentication key specifically comprises:

responding to the obtained authentication key signal, and generating a first authentication value of the ith sub information to be authenticated;

generating a second authentication value of the ith sub information to be authenticated according to the preset authentication key and the first authentication value of the ith sub information to be authenticated;

generating a third authentication value of the ith sub information to be authenticated according to the authentication key and the second authentication value of the ith sub information to be authenticated;

and authenticating the ith sub information to be authenticated based on the first authentication value of the ith sub information to be authenticated and the third authentication value of the ith sub information to be authenticated.

9. The information authentication method of claim 8, wherein the step of authenticating the ith sub information to be authenticated based on the first authentication value of the ith sub information to be authenticated and the third authentication value of the ith sub information to be authenticated specifically comprises:

based on that the first authentication value of the ith sub information to be authenticated is equal to the third authentication value of the ith sub information to be authenticated, passing the authentication of the ith sub information to be authenticated;

based on that the first authentication value of the ith sub information to be authenticated is not equal to the third authentication value of the ith sub information to be authenticated, the authentication of the ith sub information to be authenticated is not passed.

10. The information authentication method according to claim 9, wherein the step of performing initialization assignment on the first authentication parameter value and the second authentication parameter value specifically comprises:

taking a third authentication value of the 1 st sub information to be authenticated as the first authentication parameter value;

and taking the first authentication value of the 1 st sub information to be authenticated as the second authentication parameter value.

11. An information authentication system, comprising:

the receiving unit is used for receiving information to be authenticated and generating an authentication signal of the information to be authenticated;

the conversion unit is used for responding to the authentication signal of the information to be authenticated and generating N pieces of sub information to be authenticated according to the information to be authenticated;

the authentication unit is used for authenticating the ith sub-information to be authenticated according to the stored preset authentication key and the acquired authentication key;

and the authentication unit is used for authenticating the ith sub information to be authenticated when the authentication of the ith sub information to be authenticated is passed.

12. An information authentication apparatus, characterized in that the information authentication apparatus comprises:

a memory;

the processor is connected with the memory and comprises an authentication component, a debugging component and a debugging transmission component, wherein the authentication component is connected with the debugging component, and the debugging component is connected with the debugging transmission component;

one or more communication interfaces are arranged on the authentication component, the debugging component and the debugging transmission component, communication connection is established according to the communication interfaces, a computer program which can run on the processor is stored on the memory, and the processor executes the computer program to realize the steps of the information authentication method according to any one of claims 1 to 10.

13. The information authentication device of claim 12, wherein the commissioning component comprises:

a data exchange register configured to be readable and writable, the data exchange register being coupled to the authentication component;

the authentication state register is set to be readable and connected with the authentication component;

the authentication permission register is set to be readable and is connected with the authentication component;

the debug transfer assembly includes:

the extension register is connected with the debugging transmission component, and the debugging transmission component is used for reading and writing data in the debugging component and the extension register.

14. A readable storage medium on which a program or instructions are stored, characterized in that the program or instructions, when executed by a processor, implement the information authentication method of any one of claims 1 to 10.