+

CN110020524B - A Two-way Authentication Method Based on Smart Card - Google Patents

A Two-way Authentication Method Based on Smart Card Download PDF

Info

Publication number
CN110020524B
CN110020524B CN201910255283.7A CN201910255283A CN110020524B CN 110020524 B CN110020524 B CN 110020524B CN 201910255283 A CN201910255283 A CN 201910255283A CN 110020524 B CN110020524 B CN 110020524B
Authority
CN
China
Prior art keywords
smart card
signature
background server
key
random
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910255283.7A
Other languages
Chinese (zh)
Other versions
CN110020524A (en
Inventor
杨小宝
惠小强
刘圆
王敏
刘亚雪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xian University of Posts and Telecommunications
Original Assignee
Xian University of Posts and Telecommunications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xian University of Posts and Telecommunications filed Critical Xian University of Posts and Telecommunications
Priority to CN201910255283.7A priority Critical patent/CN110020524B/en
Publication of CN110020524A publication Critical patent/CN110020524A/en
Application granted granted Critical
Publication of CN110020524B publication Critical patent/CN110020524B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

一种基于智能卡的身份认证方法,包括注册步骤、登录步骤和认证步骤,其中,注册步骤包括,用户向后台服务器注册,后台服务器向用户发放智能卡,每个智能卡中存储有两个最新的随机密钥和智能卡的唯一标识符;登录步骤包括,用户将智能卡插入读卡器中以登录后台服务器;认证步骤包括,登录成功后,认证智能卡与后台服务器的合法性,其中,所述两个随机密钥使用改进的ECC签名方法进行数字签名,使用共享密钥通过AES加密算法对数字证书、随机密钥及签名进行整体加密,并在智能卡对后台服务器认证成功后以及后台服务器对智能卡认证成功后更新随机密钥。该方法能抵御常见的中间人、并行会话、伪造和重放等多种攻击,提高认证过程的安全性和效率。

Figure 201910255283

A smart card-based identity authentication method includes a registration step, a login step and an authentication step, wherein the registration step includes: a user registers with a background server, the background server issues a smart card to the user, and each smart card stores two latest random passwords. key and the unique identifier of the smart card; the login step includes that the user inserts the smart card into the card reader to log in to the background server; the authentication step includes, after successful login, verifying the legitimacy of the smart card and the background server, wherein the two random passwords The key uses the improved ECC signature method for digital signature, and uses the shared key to encrypt the digital certificate, random key and signature as a whole through the AES encryption algorithm, and is updated after the smart card is successfully authenticated to the background server and the background server is successfully authenticated to the smart card. random key. The method can resist common man-in-the-middle, parallel session, forgery and replay attacks, and improve the security and efficiency of the authentication process.

Figure 201910255283

Description

Bidirectional authentication method based on smart card
Technical Field
The disclosure belongs to the technical field of safety identity recognition and communication, and particularly relates to a bidirectional authentication method based on a smart card.
Background
With the rapid development of the smart card industry, the smart card is more and more widely applied, so that the mutual authentication between the smart card and the external equipment is guaranteed to be important for the safe transmission of data. Since Lamport first proposed an unsecure channel based remote password authentication protocol in 1981, there have been many researchers proposing remote user authentication protocols to improve the security of data exchange. In 2014, Huang H F et al proposed an improved time stamp-based smart card user authentication scheme, and the remote server did not need to provide any authentication information for the user, and could safely defend against all possible attacks. Amin et al, however, found that the Huang HF scheme is not secure against three attacks, off-line password guessing, insider, and forgery. In 2014, Islam et al proposed a secure and flexible smart card remote user mutual authentication scheme based on dynamic ID elliptic curve passwords. In 2015, sarvabhalta et al indicated that Islam cannot resist key attacks such as password guessing and user simulation, and proposed a smart card bidirectional authentication scheme based on dynamic ID, which can resist all password attacks. Recently, Luo et al have proposed a safe and efficient mutual authentication scheme for identities of smart cards based on elliptic curve cryptosystem, which can overcome the defects of Islam scheme and provide users with anonymity and mutual authentication. In 2015, Huanggb et al proposed a key agreement authentication scheme based on elliptic curve cryptosystem, which could resist card theft and impersonation attacks. Chaudhry et al indicate that the Huang B scheme may still be susceptible to impersonation and forgery attacks, and propose an improved scheme that can resist impersonation attacks and provide sufficient security while reducing computational costs. In 2016, Kaul et al proposed an upgraded secure and efficient authentication protocol that can resist attacks such as internal attacks, denial of service attacks, man-in-the-middle attacks, etc. The next time Mo et al found that the Kaul scheme failed to preserve the anonymity of the user, since the client ID number in the authentication phase message was not hidden.
In order to improve the authentication efficiency of the smart card and the external device, many authentication schemes adopting an ECC system are proposed and are continuously iterated and improved to save the authentication time and improve the authentication efficiency. In summary, in the current smart card application authentication process, the problem of information leakage caused by attacks such as man-in-the-middle, parallel conversation, forgery and replay exists, and meanwhile, the problem of long authentication time and low efficiency exists.
Disclosure of Invention
In view of this, the present disclosure provides a smart card-based identity authentication method, comprising a registration step, a login step, and an authentication step, wherein,
the registration step includes the user registering with the background server SBRegistration, background Server SBIssuing to the user smart cards C, each of which stores two latest random keys k1,k2And a unique identifier ID of the smart cardC
The login step comprises that the user inserts the smart card C into the card reader RCMiddle to login background server SB
The authentication step comprises that after the login is successful, the smart card C and the background server S are authenticatedBWherein the two random keys k1,k2Digital signature is carried out by using an improved ECC signature method, and simultaneously a digital certificate and a random key K are subjected to AES (advanced encryption standard) encryption algorithm by using a shared key K1,k2And the signature is integrally encrypted, and the background server S is carried out on the smart card CBAfter the authentication is successful and the background server SBAfter the smart card C is successfully authenticated, the random key k is updated1,k2
Through the technical scheme, the method can resist common attacks such as man-in-the-middle, parallel conversation, counterfeiting and replay and the like, and has the advantages of small calculated amount, high processing speed, small occupied storage space and short time of a digital signature process.
Drawings
Fig. 1 is a schematic flow chart of a smart card-based identity authentication method provided in an embodiment of the present disclosure;
fig. 2 is a flow diagram of a specific authentication process provided in one embodiment of the present disclosure.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings.
In one embodiment, referring to fig. 1, a smart card based identity authentication method is disclosed, comprising a registration step, a login step and an authentication step, wherein,
the registration step includes the user registering with the background server SBRegistration, background Server SBTo the userIssuing smart cards C, each smart card C having two latest random keys k stored therein1,k2And a unique identifier ID of the smart cardC
The login step comprises that the user inserts the smart card C into the card reader RCMiddle to login background server SB
The authentication step comprises that after the login is successful, the smart card C and the background server S are authenticatedBWherein the two random keys k1,k2Digital signature is carried out by using an improved ECC signature method, and simultaneously a digital certificate and a random key K are subjected to AES (advanced encryption standard) encryption algorithm by using a shared key K1,k2And the signature is integrally encrypted, and the background server S is carried out on the smart card CBAfter the authentication is successful and the background server SBAfter the smart card C is successfully authenticated, the random key k is updated1,k2
For this embodiment, most smart cards use the DES or 3DES algorithm to encrypt data. DES uses only a 56-bit key, one bit in each of the 8 octets for odd parity on each octet, a weakness that is easily exploited by attacks and other known methods, and DES thus becomes an insecure block cipher. The 3DES is a DES-based encryption algorithm, so that the realization speed is low due to the limitation of 64 bytes in the packet length, and in the AES encryption process, a permutation and replacement network is used in each round, so that the method is suitable for hardware and software realization. Therefore, the AES is introduced to replace DES and 3DES, so that the safety of information and original data in the method can be improved.
In the ECC signature process, the inversion operation takes a long time. In the process of signing data by using the improved ECC signature scheme, when a transmitting end signs, s is k-hrdAAnd r '═ sG + h' rQ is calculated during the verification of the certification endA=(k-hrdA)G+h′rdATherefore, the improved ECC signature scheme does not need modular inversion operation, and has the advantages of small calculation amount, high processing speed, small occupied storage space and high speed of the digital signature process.
As can be appreciated, the first and second,the embodiment uses the improved ECC signature method to carry out the authentication on the random key k1,k2Digital signature is carried out, the signature is verified through a public key at an authentication end, and a random secret key k is ensured1,k2The source legitimacy avoids the threat of being altered by an attacker during transmission. Before the authentication information is sent, the authentication information is encrypted by using an AES symmetric key algorithm, so that the security in the transmission process is greatly improved. The AES algorithm key is variable and may be independently designated 128bits, 192bits, 256 bits. Because of the use of long keys, the possibility of exhaustive attacks is relieved at the present stage, and the method has stable mathematical basis and is resistant to cryptanalysis.
In addition, each smart card has unique identification data, namely unique identifiers, so that the data privacy and the position privacy of the user are guaranteed.
In another embodiment, the registering step further comprises: the smart card C is a background server SBUsing a unique identifier IDCA shared secret key K, a user password P' and two random secret keys K1,k2The smart card C is sent to the user through a security channel after being personalized; wherein the user password P' is not stored in the background server SBBut in the smart card C, the smart card C and the background server SBHas stored therein both said two random keys k1,k2Unique identifier IDCAnd an AES encryption key K as a shared key.
The secure channel is to embed the original information to be transmitted into a data packet of another protocol after encryption and protocol encapsulation processing, and to transmit the data packet like a common data packet. Through such processing, only the source and destination users can interpret and process the nesting information in the channel, and the nesting information is meaningless information for other users.
For this embodiment, an illegal reader RCCan not be used as a smart card C and a background server SBIn between, because he only knows the shared secret K andsecret key k1,k2The intercepted information can only be decrypted at any time, and it is difficult for an attacker to find the parameters because the parameters are only located in the smart card C and the backend server SBAre shared between them. Therefore, the method can prevent illegal card reader RCMan-in-the-middle attacks.
If the backend server stores the user password P ', there is a risk of password theft while maintaining P'. The method does not need to store the user password P' in the background server SBThus eliminating the risk of password theft. Thus, the method is also secure against internal attacks.
In another embodiment, the step of logging further comprises: the user inputs a user password P, the smart card C compares whether the user password P is equal to the user password P' stored in the smart card C, if not, the smart card C rejects the login request and the smart card C and the card reader R are connectedCThere is no data exchange between them, otherwise the card reader RCTo a background server SBAnd sending a login request.
In another embodiment, a hardware function is added to the smart card C to update the random key.
With this embodiment, the validity of the key update is ensured. After the smart card sends the authentication message, the internally stored random key needs to be updated, so a function f () solidified on the smart card hardware is introduced to update the random key k1,k2The problem that the key updating fails when the intelligent card is internally failed is solved.
Referring to fig. 2, in another embodiment, the authenticating step further comprises:
step 1, background server SBUsing self-private keys
Figure BDA0002013374390000061
Random key k by improved ECC signature method1,k2Signature derivation
Figure BDA0002013374390000062
Random key K by AES encryption algorithm using shared key K1,k2
Figure BDA0002013374390000063
And a background server SBCertificate of
Figure BDA0002013374390000064
Encrypting, sending the encrypted message to the reader RCCard reader RCSending the message to the smart card C;
step 2, after receiving the message, the smart card C decrypts the message by using the shared secret key K to obtain a random secret key K1,k2Signature, system and method
Figure BDA0002013374390000065
And a background server SBCertificate of
Figure BDA0002013374390000066
First, the background server S is verifiedBIf the certificate is legal, the background server S is taken outBIn certificate of (2) SBOf (2) a public key
Figure BDA0002013374390000067
Completing an improved ECC verification signature that is a random key k to be obtained after the successful ECC verification signature1,k2With a random key k stored internally of the smart card C1,k2Comparing, if they are identical, then making comparison with card reader RCThe verification is successful, otherwise, the verification fails;
step 3, for the card reader RCAfter the verification is finished, the smart card C uses the self private key SKCRandom key k by improved ECC signature method1,k2And a unique identifier IDCSignature derivation
Figure BDA0002013374390000071
Random key K by AES encryption algorithm using shared key K1,k2And a unique identifier IDCSignature, system and method
Figure BDA0002013374390000072
And certificate Cert of the Smart card CCEncrypting, sending the encrypted message to the reader RCThe random key k is then updated with a shared function f () fixed on the smart card C1,k2
Step 4, the card reader RCDirectly transmitting the received ciphertext EK((k1||k2||IDC)||
Figure BDA0002013374390000073
Forward to background server SB
Step 5, background server SBDecrypting the received message with the shared secret key K to obtain a random secret key K1,k2Unique identifier IDCSign of
Figure BDA0002013374390000074
And certificate Cert of the Smart card CC(ii) a Certificate Cert of prior-certificate smart card CCIf the certificate is legal, the certificate Cert of the smart card C is taken outCPublic key PK of smart card C in (1)CImplementing an improved ECC verification signature that will be successful followed by a unique identifier IDCAnd a background server SBInternally stored unique identifier
Figure BDA0002013374390000077
Comparing, if they are identical, verifying random key k1And k2Is equal to the background server SBInternally stored random key k1And k2If equal, the smart card C is successfully verified and then stored in the background server SBThe shared function f () in (1) updates the random key k1,k2
Wherein the f () function updates k as follows1And k2
Figure BDA0002013374390000075
Figure BDA0002013374390000076
Where h () is a one-way cryptographic hash function, h (ID)C) Is a unique identifier ID to a smart cardCAnd (6) taking the abstract.
In the method, the smart card C compares the messages
Figure BDA0002013374390000081
Figure BDA0002013374390000082
K in (1)1、k2With the random key k stored in the smart card C1、k2Authentication backend server SBThe validity of (2). Likewise, a background server SBBy comparing messages
Figure BDA0002013374390000083
ID of (1)C、k1、k2With a background server SBThe unique identifier ID stored thereinCAnd a random key k1、k2And verifying the validity of the smart card C. Therefore, the method comprises the smart card C and the background server SBAuthentication in between.
With this embodiment, the attacker, after listening to the communication between the smart card and the background server, retransmits the data at the smart card C and the background server S in the validity time range windowBAnd a parallel session is started to imitate a legal user to log in a background server. The attacker cannot create a valid new login message because of the random key k for each new session1And k2Are all new. Thus, the method is secure against parallel session attacks.
If an attacker eavesdrops on the discovery
Figure BDA0002013374390000084
Figure BDA0002013374390000085
He cannot obtainUnique identifier IDCBecause he does not know the shared key K and the random key K1,k2. Due to the background server SBStoring a unique identifier IDCBackground server SBCan be identified by a unique identifier IDCJudgment EK((k1||k2||IDC)||
Figure BDA0002013374390000086
And a smart card C to prevent counterfeiting and playback. Thus, the background server SBForgery and replay attacks can be detected and prevented.
If an attacker eavesdrops on the output of the smart card
Figure BDA0002013374390000087
In the next authentication session he cannot pretend to be a legitimate reader because of the random key k1And k2Changes occur in each session. Encrypting the message using AES encryption algorithm, the smart card unique identification number ID even if the output was captured by an attackerCAnd a random key k1,k2Is also protected. Therefore, the method is not easily eavesdropped.
In another embodiment, the identity authentication method further comprises a password updating step, and the password updating step further comprises that when the user needs to change the password, the user inserts the smart card C into the card reader RCInputting a user password P, comparing whether the user password P is equal to the user password P' stored in the smart card C by the smart card C, if not, refusing the request of changing the password, and the smart card C and the card reader RCThere is no data exchange between them; if equal, the user can input a new user password P'nThe smart card C uses the new user password P'nThe password change is completed instead of the user password P' stored in the smart card C.
In another embodiment, the improved ECC signature method specifically refers to:
step 1), a sending end A selects a random number k, wherein k belongs to [1, p-1 ];
step 2), calculating r ═ kG (x, y) ═ x1,y1) If r is 0, returning to step 1);
step 3), calculating the abstract of the message m, namely h ═ h (m);
step 4), calculating s ═ k-hrdAIf s is equal to 0, go to step 1);
step 5), attaching (r, s) as a signature to m and then sending the signature to a receiving end B;
wherein p is a prime number; g (x, y) is a base point on the elliptic curve; r is part of the signature on message m; h is the digest of message m; h () represents a hash function; dA is the private key of sender A; s is another part of the signature for message m; (r, s) is the signature of message m.
With this embodiment, with the improved ECC signature method, modulo inversion operation is not required, which can reduce the computational burden and improve efficiency. In addition, the message m is firstly abstracted, and then the abstract is signed and checked, so that the calculation speed is improved, the length of the abstract is smaller than that of the plaintext message m, the time is saved during calculation of s, the signature safety is improved, and the one-way hash function is irreversible, so that even if an attacker obtains the abstract of the message m, the attacker cannot solve the message m from the message m.
In another embodiment, the improved ECC verification signature specifically refers to:
1) the receiving end B firstly judges whether r and s are integers in the interval [1, p-1], if any one of the checks fails, the signature is rejected, otherwise, the signature continues;
2) calculating h ═ h (m);
3) calculate r '═ sG (x, y) + h' rQA
4) Accepting the signature if and only if r' ═ r, else rejecting the signature;
wherein p is a prime number; g (x, y) is a base point on the elliptic curve; r' is a part of the signature for message m; h' is the digest of message m; s is another part of the signature for message m; (r, s) is the signature of message m; h () represents a hash function; qAIs the public key of the sender a.
With the embodiment, the improved ECC signature verification method is used, modular inversion operation is not needed, the operation burden can be reduced, and the efficiency can be improved.
In another embodiment, a comparison of the efficiency and security of the present method and other authentication schemes is presented.
Table 1 is a comparison of the efficiency of the present process with other protocols. In Table 1, Te、Th、TmAnd TaThe time required for exponentiation, hash, elliptic curve multiplication and addition and subtraction of elliptic curve points, TAESIs the time required by AES encryption and decryption operation in the method. In general, the temporal complexity of these operations can be roughly expressed as Te>Th>>Tm>Ta. As can be seen from table 1, the time complexity of the method is lower in each scheme.
Table 2 shows the security comparison between the present method and other schemes, and it can be seen from table 2 that the present method can resist all attacks listed in the table, and has higher security.
Figure BDA0002013374390000111
TABLE 1
Figure BDA0002013374390000112
TABLE 2
Although the embodiments of the present invention have been described above with reference to the accompanying drawings, the present invention is not limited to the above-described embodiments and application fields, and the above-described embodiments are illustrative, instructive, and not restrictive. Those skilled in the art, having the benefit of this disclosure, may effect numerous modifications thereto without departing from the scope of the invention as defined by the appended claims.

Claims (7)

1. An identity authentication method based on a smart card comprises a registration step, a login step and an authentication step, wherein,
the registration step includes the user registering with the background server SBRegistration, background Server SBIssuing to the user smart cards C, each of which stores two latest random keys k1,k2And a unique identifier ID of the smart cardC
The login step comprises that the user inserts the smart card C into the card reader RCMiddle to login background server SB
The authentication step comprises that after the login is successful, the smart card C and the background server S are authenticatedBWherein the random key k1,k2Digital signature is carried out by using an improved ECC signature method, and simultaneously a digital certificate and a random key K are subjected to AES (advanced encryption standard) encryption algorithm by using a shared key K1,k2And the signature is integrally encrypted, and the background server S is carried out on the smart card CBAfter the authentication is successful and the background server SBAfter the smart card C is successfully authenticated, the random key k is updated1,k2
The authenticating step further comprises:
step 1, background server SBUsing self-private keys
Figure FDA0002816172010000016
Random key k by improved ECC signature method1,k2Signature derivation
Figure FDA0002816172010000011
Random key K by AES encryption algorithm using shared key K1,k2
Figure FDA0002816172010000012
And a background server SBCertificate of
Figure FDA0002816172010000013
Encrypting, and sending the encrypted message to the card readerRCCard reader RCSending the message to the smart card C;
step 2, after receiving the message, the smart card C decrypts the message by using the shared secret key K to obtain a random secret key K1,k2Signature, system and method
Figure FDA0002816172010000014
And a background server SBCertificate of
Figure FDA0002816172010000015
First, the background server S is verifiedBIf the certificate is legal, the background server S is taken outBIn certificate of (2) SBOf (2) a public key
Figure FDA0002816172010000021
Completing an improved ECC verification signature that is a random key k to be obtained after the successful ECC verification signature1,k2With a random key k stored internally of the smart card C1,k2Comparing, if they are identical, then making comparison with card reader RCThe verification is successful, otherwise, the verification fails;
step 3, for the card reader RCAfter the verification is finished, the smart card C uses the self private key SKCRandom key k by improved ECC signature method1,k2And a unique identifier IDCSignature derivation
Figure FDA0002816172010000022
Random key K by AES encryption algorithm using shared key K1,k2And a unique identifier IDCSignature, system and method
Figure FDA0002816172010000023
And certificate Cert of the Smart card CCEncrypting, sending the encrypted message to the reader RCThe random key k is then updated with a shared function f () fixed on the smart card C1,k2
Step 4, the card reader RCDirectly transmitting the received cipher text
Figure FDA0002816172010000024
Figure FDA0002816172010000025
Forward to background server SB
Step 5, background server SBDecrypting the received message with the shared secret key K to obtain a random secret key K1,k2Unique identifier IDCSign of
Figure FDA0002816172010000026
And certificate Cert of the Smart card CC(ii) a Certificate Cert of prior-certificate smart card CCIf the certificate is legal, the certificate Cert of the smart card C is taken outCPublic key PK of smart card C in (1)CImplementing an improved ECC verification signature that will be successful followed by a unique identifier IDCAnd a background server SBInternally stored unique identifier
Figure FDA0002816172010000027
Comparing, if they are identical, verifying random key k1And k2Is equal to the background server SBInternally stored random key k1And k2If equal, the smart card C is successfully verified and then stored in the background server SBThe shared function f () in (1) updates the random key k1,k2
2. The method of claim 1, the registering step further comprising:
the smart card C is a background server SBUsing a unique identifier IDCA shared secret key K, a user password P' and two random secret keys K1,k2The smart card C is sent to the user through a security channel after being personalized;
wherein the user password P' is not stored in the background serverSBBut in the smart card C, the smart card C and the background server SBHas stored therein both said two random keys k1,k2Unique identifier IDCAnd an AES encryption key K as a shared key.
3. The method of claim 1, the step of logging further comprising:
the user inputs a user password P, the smart card C compares whether the user password P is equal to the user password P' stored in the smart card C, if not, the smart card C rejects the login request and the smart card C and the card reader R are connectedCThere is no data exchange between them, otherwise the card reader RCTo a background server SBAnd sending a login request.
4. The method of claim 1, wherein a hardware function is added to the smart card C to perform the update operation on the random key.
5. The method of claim 1, wherein the identity authentication method further comprises a password updating step, and the password updating step further comprises the step that when the user needs to change the password, the user inserts the smart card C into the card reader RCInputting a user password P, comparing whether the user password P is equal to the user password P' stored in the smart card C by the smart card C, if not, refusing the request of changing the password, and the smart card C and the card reader RCThere is no data exchange between them; if equal, the user can input a new user password P'nThe smart card C uses the new user password P'nThe password change is completed instead of the user password P' stored in the smart card C.
6. The method according to claim 1, wherein the improved ECC signature method specifically refers to:
step 1), a sending end A selects a random number k, wherein k belongs to [1, p-1 ];
step 2), calculating r ═ kG (x, y), and returning to step 1 if r ═ 0;
step 3), calculating the abstract of the message m, namely h ═ h (m);
step 4), calculating s ═ k-hrdAIf s is equal to 0, go to step 1);
step 5), attaching (r, s) as a signature to m and then sending the signature to a receiving end B;
wherein p is a prime number; g (x, y) is a base point on the elliptic curve; r is part of the signature on message m; h is the digest of message m; h () represents a hash function; dAIs the private key of the sending end a; s is another part of the signature for message m; (r, s) is the signature of message m.
7. The method of claim 1, wherein the modified ECC verification signature is specifically:
1) the receiving end B firstly judges whether r and s are integers in the interval [1, p-1], if any one of the checks fails, the signature is rejected, otherwise, the signature continues;
2) calculating h ═ h (m);
3) calculate r '═ sG (x, y) + h' rQA
4) Accepting the signature if and only if r' ═ r, else rejecting the signature;
wherein p is a prime number; g (x, y) is a base point on the elliptic curve; r' is a part of the signature for message m; h' is the digest of message m; s is another part of the signature for message m; (r, s) is the signature of message m; h () represents a hash function; qAIs the public key of the sender a.
CN201910255283.7A 2019-03-31 2019-03-31 A Two-way Authentication Method Based on Smart Card Active CN110020524B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910255283.7A CN110020524B (en) 2019-03-31 2019-03-31 A Two-way Authentication Method Based on Smart Card

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910255283.7A CN110020524B (en) 2019-03-31 2019-03-31 A Two-way Authentication Method Based on Smart Card

Publications (2)

Publication Number Publication Date
CN110020524A CN110020524A (en) 2019-07-16
CN110020524B true CN110020524B (en) 2021-05-18

Family

ID=67190317

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910255283.7A Active CN110020524B (en) 2019-03-31 2019-03-31 A Two-way Authentication Method Based on Smart Card

Country Status (1)

Country Link
CN (1) CN110020524B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112241633B (en) * 2019-07-17 2023-03-14 杭州海康威视数字技术股份有限公司 Bidirectional authentication implementation method and system for non-contact smart card
CN111314081A (en) * 2020-01-16 2020-06-19 西安邮电大学 A Lightweight Elliptic Curve Digital Signature Method for IoT Devices
CN111932285B (en) * 2020-09-28 2021-02-09 四川省数字证书认证管理中心有限公司 Anti-counterfeiting verification method based on digital signature technology
CN112770321A (en) * 2021-01-18 2021-05-07 四川长虹电器股份有限公司 Internet of things equipment authentication and secure transmission method, computer equipment and storage medium
CN113364585B (en) * 2021-06-04 2022-09-13 晶澄微电子(宁波)有限公司 ECC authentication method and system for reducing modular inverse computation
CN114900288B (en) * 2022-05-23 2023-08-25 北京科技大学 Industrial environment authentication method based on edge service
CN115396149B (en) * 2022-07-22 2025-07-18 太原理工大学 Authentication key exchange method based on privacy protection
CN115622779B (en) * 2022-10-13 2023-04-28 杭州光海科技有限公司 Low-cost campus card information transmission method

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103780393A (en) * 2014-01-15 2014-05-07 重庆邮电大学 Virtual-desktop security certification system and method facing multiple security levels
CN104506483A (en) * 2014-10-21 2015-04-08 中兴通讯股份有限公司 Method for encrypting and decrypting information and managing secret key as well as terminal and network server
CN104901809A (en) * 2015-04-23 2015-09-09 北京航空航天大学 Remote authentication protocol method based on password and intelligent card
CN105072110A (en) * 2015-08-06 2015-11-18 山东科技大学 Two-factor remote identity authentication method based on smart card
KR101609274B1 (en) * 2014-02-20 2016-04-05 류창화 Smart card, smart authentication server and smart card authentication method
CN106027457A (en) * 2015-11-10 2016-10-12 天地融科技股份有限公司 Identity card information transmission method and system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103780393A (en) * 2014-01-15 2014-05-07 重庆邮电大学 Virtual-desktop security certification system and method facing multiple security levels
KR101609274B1 (en) * 2014-02-20 2016-04-05 류창화 Smart card, smart authentication server and smart card authentication method
CN104506483A (en) * 2014-10-21 2015-04-08 中兴通讯股份有限公司 Method for encrypting and decrypting information and managing secret key as well as terminal and network server
CN104901809A (en) * 2015-04-23 2015-09-09 北京航空航天大学 Remote authentication protocol method based on password and intelligent card
CN105072110A (en) * 2015-08-06 2015-11-18 山东科技大学 Two-factor remote identity authentication method based on smart card
CN106027457A (en) * 2015-11-10 2016-10-12 天地融科技股份有限公司 Identity card information transmission method and system

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
"一种多应用智能卡数据的保护方法";杨小宝 等;《智慧家庭与城市》;20150717;第39卷(第14期);第25-29页,正文第1-4节 *
"基于公钥密码体制的移动支付安全协议研究";刘亮;《中国优秀硕士学位论文全文数据库 信息科技辑》;20131215(第2013-12期);第I136-57页,正文第3章第3.4-3.5节、图3-5 *
"基于智能卡的云终端设备安全接入";杨小宝 等;《西安邮电大学学报》;20150310;第20卷(第2期);第115-120页,正文第1-4节 *
"基于椭圆曲线的快速数字签名算法";严佳韵;《中国优秀硕士学位论文全文数据库 信息科技辑》;20130115(第2013-01期);第I136-248页,正文第4章 *

Also Published As

Publication number Publication date
CN110020524A (en) 2019-07-16

Similar Documents

Publication Publication Date Title
CN110020524B (en) A Two-way Authentication Method Based on Smart Card
US8670563B2 (en) System and method for designing secure client-server communication protocols based on certificateless public key infrastructure
EP0651533B1 (en) Method and apparatus for privacy and authentication in a mobile wireless network
US7607012B2 (en) Method for securing a communication
US7895437B2 (en) Augmented single factor split key asymmetric cryptography-key generation and distributor
US20070033642A1 (en) Protecting one-time-passwords against man-in-the-middle attacks
WO2007011897A2 (en) Cryptographic authentication, and/or establishment of shared cryptographic keys, using a signing key encrypted with a non-one-time-pad encryption, including (but not limited to) techniques with improved security against malleability attacks
WO2002051049A9 (en) One time password entry to access multiple network sites
JP2012235214A (en) Encryption communication device and encryption communication system
Ashraf et al. Robust and lightweight symmetric key exchange algorithm for next-generation IoE
CN114172745A (en) Internet of things security protocol system
CN119011115A (en) Secure communication method and secure communication system based on Internet of things
CN113014376B (en) Method for safety authentication between user and server
US7360238B2 (en) Method and system for authentication of a user
CN106230840B (en) A kind of command identifying method of high security
CN117615373B (en) Lightweight key negotiation identity authentication and communication method based on ECC and PUF
KR20080005344A (en) System where authentication server authenticates user terminal
CN112822015A (en) Information transmission method and related device
EP3185504A1 (en) Security management system for securing a communication between a remote server and an electronic device
CN110784305A (en) Single sign-on authentication method based on careless pseudorandom function and signcryption
Chatterjee et al. A novel multi-server authentication scheme for e-commerce applications using smart card
Godfrey A Comparison of Security Protocols in a Wireless Network Environment
KR20070035342A (en) Password-based lightweight mutual authentication
Phan Security limitations of an authorized anonymous ID-based scheme for mobile communication
WO2022218544A1 (en) Device and method for decision-making

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载