CN104811303B - The method, apparatus and system of two-way authentication - Google Patents
The method, apparatus and system of two-way authentication Download PDFInfo
- Publication number
- CN104811303B CN104811303B CN201410036296.2A CN201410036296A CN104811303B CN 104811303 B CN104811303 B CN 104811303B CN 201410036296 A CN201410036296 A CN 201410036296A CN 104811303 B CN104811303 B CN 104811303B
- Authority
- CN
- China
- Prior art keywords
- authentication
- nonce
- terminal
- response value
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The present invention provides a kind of method, apparatus of two-way authentication and system, in the mutual authentication method: terminal to server initiates certification request;Server generates random number, and the certification factor response of this certification is calculated according to the certification factor response that random number, authentication key and last time authenticate, and random number and the authentication key of encryption are issued to terminal;Terminal calculates the certification factor response of this certification according to the certification factor response that random number, the authentication key of encryption, terminal root key and last time authenticate, and is uploaded to server;The certification factor response for this certification that terminal is sent is compared by server with the certification factor response of itself this calculated certification, if it does, then passing through certification.The present invention effectively prevents the clone to terminal, has ensured the safety of terminal.In addition, realizing the complanation of terminal market invention also improves the versatility of terminal.
Description
Technical Field
The invention relates to the technical field of digital televisions, in particular to a method, a device and a system for bidirectional authentication.
Background
In the field of digital televisions, the security chips of terminals (e.g., set-top boxes) of service and content protection systems based on single and two-way networks all adopt the standard ETSI TS103162V1.1.1 (2010-10). The general method for producing the safety chip is as follows:
1. the cable operator puts forward the demand of purchasing the security chip to the local service and content scheme provider, and the service and content scheme provider provides the operator with a list of security chip manufacturers integrated with the scheme provider;
2. after a cable operator selects a safety chip manufacturer, the cable operator proposes a safety chip manufacturer to customize a safety chip matched with a local service and content scheme provider;
3. the service and content scheme provider places a black box in each integrated security chip manufacturer, and sends the security key (SCK) of the security chip customized by the operator to the black box, wherein the security key (SCK) of the security chip is also called a terminal root key.
4. The black box writes a security key (SCK) into a security chip, and a security chip manufacturer produces the security chip;
5. the safety chip manufacturer sends the produced safety chip to a service and content scheme provider and returns a safety key (SCK) of the safety chip;
6. the service and content scheme provider provides the purchased security chip and security key (SCK) to the cable operator.
As can be seen from the above process, in the prior art, the security chip of each terminal needs to embed the security key (SCK) in advance during production, and the security key (SCK) needs to be provided by the service and content scheme providers, and the security keys (SCK) of each service and content scheme provider are different, which results in that the terminal can only match its own key provider, that is, only the digital operator using the key provider scheme can use the terminal, thereby resulting in poor versatility of the terminal.
In addition, according to the standard ETSI TS103162V1.1.1(2010-10), the system authentication process only requires the front-end server to generate a random number, the terminal sends the random number as a nonce (authentication factor) to its security chip, and the security chip of the terminal generates a nonce response and returns the nonce response to the front-end server to complete the authentication. In the authentication process, the cloning of the terminal can be completed only by acquiring the random number issued by the front-end server by a cloner and cracking the nonce response mechanism, so that the existing terminal has low security and the risk of being intercepted and cloned.
Disclosure of Invention
The invention aims to provide a method, a device and a system for bidirectional authentication so as to improve the security of a terminal.
In order to achieve the above object, the present invention provides a terminal authentication method, comprising the steps of:
initiating an authentication request to a server;
receiving a Random number Random and an encrypted authentication key EK3(K2) transmitted by the server;
acquiring an authentication factor Response (NCR) Response value of the authentication according to the Random, the EK3(K2), a terminal root key (SCK) and an authentication factor Response (L _ NCR) Response value of the last authentication;
uploading the Nonce Response value to the server.
The terminal authentication method according to the present invention, wherein acquiring the Nonce Response value according to the Random, the EK3(K2), the SCK, and the L _ Nonce Response value, specifically includes:
calculating an authentication factor Nonce value of the authentication by adopting an authentication factor generation algorithm according to the Random and the L _ Nonce Response values;
generating an operator root key K3 according to the SCK;
decrypting the EK3(K2) with the K3 for an authentication key K2;
and calculating the Nonce response value by adopting an authentication factor response generation algorithm according to the Nonce value and the K2.
In the terminal authentication method of the present invention, the SCK is obtained by:
in the pre-registration process, the terminal receives an encrypted terminal root key (ESCK) issued by the server, decrypts the ESCK to obtain the SCK and writes the SCK into a read-only memory of the terminal.
In the terminal authentication method of the present invention, in the pre-registration process, the terminal receives the ESCK issued by the server, specifically:
initiating a registration application to the server, wherein the registration application comprises a terminal ID and a first terminal certificate issued by a root encryption machine;
and receiving an operator certificate sent by the server after verifying that the first terminal certificate is legal, the ESCK and a second terminal certificate signed by an operator encryption machine.
In order to achieve the above object, the present invention further provides a server authentication method, including the following steps:
receiving an authentication request initiated by a terminal;
generating a Random number Random, and acquiring an authentication factor Response value of the current authentication according to the Random, an authentication key K2 and an authentication factor Response L _ Nonce Response value of the last authentication;
issuing the Random and an encrypted authentication key EK3(K2) to the terminal;
receiving a Nonce Response value sent by the terminal;
and comparing the Nonce Response value sent by the terminal with the Nonce Response value calculated by the terminal, and if the Nonce Response value is matched with the Nonce Response value, passing the authentication.
The server authentication method of the present invention, acquiring the Nonce Response value according to the Random, the K2, the SCK, and the L _ Nonce Response value, specifically includes:
calculating an authentication factor Nonce value of the authentication by adopting an authentication factor generation algorithm according to the Random and the L _ Nonce Response values;
and calculating the Nonce response value by adopting an authentication factor response generation algorithm according to the Nonce value and the K2.
In the server authentication method of the present invention, the K2 and the EK3(K2) are obtained by:
generating the K2 according to an authentication key KeyID;
encrypt the K2 with a carrier root key K3, generating the EK3 (K2).
In order to achieve the above object, the present invention further provides a mutual authentication method, including the following steps:
the terminal initiates an authentication request to the server;
the server generates a Random number Random, calculates an authentication factor Response value of the authentication according to the Random, an authentication key K2 and an authentication factor Response L _ Nonce Response value of the last authentication, and sends the Random and an encrypted authentication key EK3(K2) to the terminal;
the terminal calculates a Nonce Response value according to the Random, the EK3(K2), a terminal root key (SCK), and the L _ Nonce Response value, and uploads the Nonce Response value to the server;
and the server compares the Nonce Response value sent by the terminal with the Nonce Response value calculated by the server, and if the Nonce Response value is matched with the Nonce Response value, the server passes the authentication.
In order to achieve the above object, the present invention further provides a terminal, including:
the request sending module is used for sending an authentication request to the server;
a data receiving module for receiving the Random number Random and the encrypted certification key EK3(K2) sent by the server;
the authentication calculation module is used for acquiring an authentication factor Response value of the authentication according to the Random, the EK3(K2), the SCK and the authentication factor Response L _ Nonce Response value of the last authentication;
and the Response sending module is used for uploading the Nonce Response value to the server.
In the terminal of the invention, the SCK is obtained by the following method:
in the pre-registration process, the terminal receives an encrypted terminal root key (ESCK) issued by the server, decrypts the ESCK to obtain the SCK and writes the SCK into a read-only memory of the terminal.
In order to achieve the above object, the present invention further provides a server, including:
the request receiving module is used for receiving an authentication request initiated by a terminal;
the authentication processing module is used for generating a Random number Random and acquiring an authentication factor Response Nonce value of the current authentication according to the Random, an authentication key K2 and an authentication factor Response L _ Nonce Response value of the last authentication;
the data issuing module is used for issuing the Random and the encrypted authentication key EK3(K2) to the terminal;
a Response receiving module, configured to receive a Nonce Response value sent by the terminal;
and the authentication comparison module is used for comparing the Nonce Response value sent by the terminal with the Nonce Response value calculated by the terminal, and if the Nonce Response value is matched with the Nonce Response value, the authentication is passed.
In the server of the present invention, the SCK is obtained by:
in the pre-registration process, the server issues an encrypted terminal root key (ESCK) to the terminal;
and the terminal decrypts the ESCK to obtain the SCK and writes the SCK into a read-only memory of the terminal.
In order to achieve the above object, the present invention further provides a mutual authentication system, including:
at least one terminal and the server.
Even if the cloner can intercept the random number issued by the server, the cloning terminal can not obtain the response value of the authentication factor of the last authentication, and the response value of the authentication factor of the current authentication can not be obtained, so that the bidirectional authentication with the server can not be completed.
In addition, in the bidirectional authentication method, when the bidirectional authentication method is registered in advance, the server distributes the encrypted authentication key for the terminal, and the security chip of the terminal does not need to embed the terminal root key in advance, so that all terminals which support the bidirectional network and can receive the server signal in the market can be suitable for use without being limited to the customized terminal with the embedded terminal root key, therefore, the method improves the universality of the terminal and realizes the levelization of the terminal market.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the principles of the invention. In the drawings:
fig. 1 is a flowchart of an embodiment of a terminal authentication method of the present invention;
FIG. 2 is a flow diagram of one embodiment of a server authentication method of the present invention;
FIG. 3 is a flow chart of one embodiment of a mutual authentication method of the present invention;
FIG. 4 is a flow chart of another embodiment of a mutual authentication method of the present invention;
fig. 5 is a schematic structural diagram of an embodiment of the mutual authentication system of the present invention.
FIG. 6 is a schematic structural diagram of a terminal in the mutual authentication system according to the present invention;
fig. 7 is a schematic structural diagram of a server in the mutual authentication system of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail below with reference to the following embodiments and the accompanying drawings. The exemplary embodiments and descriptions of the present invention are provided to explain the present invention, but not to limit the present invention.
The following describes embodiments of the present invention in further detail with reference to the accompanying drawings.
Referring to fig. 1, a terminal authentication method according to an embodiment of the present invention includes the following steps:
step S11, an authentication request is initiated to the server.
Step S12, receiving the Random number (i.e., Random) and the encrypted authentication key (i.e., EK3 (K2)) sent by the server.
Step S13, calculating the authentication factor Response value (i.e., Nonce Response value) of the present authentication from Random, EK3(K2), the terminal root key (i.e., SCK), and the authentication factor Response value (i.e., L _ Nonce Response value) of the previous authentication. Specifically, firstly, an authentication factor value (i.e. a Nonce value) of the current authentication is calculated according to the Random and the L _ Nonce Response values and by using an authentication factor generation algorithm (for example, an algorithm such as AES, DES, 3DES, RSA, or RC 4), wherein in the authentication factor generation algorithm, the L _ Nonce Response is used as a secret key, and the Random is used as an input; then, generating an operator root key (i.e., K3) from the SCK; then, decrypting EK3(K2) with K3 yields K2 (authentication key); finally, a Nonce Response value is calculated from the Nonce value and K2 using an authentication factor Response generation algorithm (e.g., AES, DES, 3DES, RSA, or RC4 algorithm) in which K2 is used as a key and Nonce is used as an input.
And step S14, uploading the Nonce Response value to the server.
In addition, in the embodiment of the present invention, the SCK of the terminal is obtained by the following method:
in the pre-registration process, the terminal receives an encrypted terminal root key (i.e., an ESCK) issued by the server, decrypts the ESCK to obtain an SCK, and writes the SCK into an OTP (One Time programmable) rom of the terminal. In the pre-registration process, the terminal receives an ESCK issued by the server, and the specific process is as follows:
the terminal initiates a registration application to the server, wherein the registration application comprises a terminal ID and a first terminal certificate signed and issued by a root encryption machine; and then, the terminal receives the operator certificate, the ESCK and the second terminal certificate signed by the operator encryption machine, which are sent by the server after the first terminal certificate is verified to be legal.
In the embodiment of the invention, the terminal needs to obtain the authentication of the server every time when communicating with the server, and the relevant information can be obtained only after the authentication is passed. Therefore, even if a cloner can intercept the random number issued by the server, the cloning terminal cannot obtain the response value of the authentication factor of the last authentication, and cannot obtain the response value of the authentication factor of the current authentication, so that the bidirectional authentication with the server cannot be completed.
In the embodiment of the invention, the server distributes the SCK to the terminal during registration, so that the terminal does not need to embed the SCK in advance, and all terminals (such as a bidirectional set top box, a smart phone and the like) which support a bidirectional network and can receive server signals in the market can be suitable for the terminal without being limited to the customized terminal embedded with the SCK in advance, thereby improving the universality of the terminal and realizing the levelization of the terminal market.
Referring to fig. 2, a server authentication method according to an embodiment of the present invention includes the following steps:
and step S21, receiving an authentication request initiated by the terminal.
And step S22, generating a Random, and calculating a Nonce Response value of the authentication according to the Random, the K2 and the L _ Nonce Response value. Specifically, firstly, a Nonce value of the current authentication is calculated according to the Random and the L _ Nonce Response values and by using an authentication factor generation algorithm (for example, an algorithm such as AES, DES, 3DES, RSA, or RC 4), wherein in the authentication factor generation algorithm, the L _ Nonce Response is used as a key, and the Random is used as an input; then, a Nonce Response value is calculated from the Nonce value and K2 using an authentication factor Response generation algorithm (e.g., AES, DES, 3DES, RSA, or RC4 algorithm) in which K2 is used as a key and Nonce is used as an input.
And step S23, sending Random and EK3(K2) to the terminal.
And step S24, receiving the Nonce Response value sent by the terminal.
Step S25, comparing the Nonce Response value sent by the terminal with the Nonce Response value calculated by the terminal, if matching, passing the authentication; otherwise, the server determines that the terminal is illegal and refuses to pass the authentication.
Further, in the present example, K2 and EK3(K2) were obtained by:
generating K2 from the authentication key (i.e., KeyID);
k2 was encrypted with K3 to generate EK3 (K2).
In the embodiment of the invention, the terminal needs to obtain the authentication of the server every time when communicating with the server, and the relevant information can be obtained only after the authentication is passed. Therefore, even if a cloner can intercept the random number issued by the server, the cloning terminal cannot obtain the response value of the authentication factor of the last authentication, and cannot obtain the response value of the authentication factor of the current authentication, so that the bidirectional authentication with the server cannot be completed.
Referring to fig. 3, the bidirectional authentication method according to the embodiment of the present invention includes the following steps:
step S31, the terminal initiates an authentication request to the server.
Step S32, the server generates Random, calculates the Nonce Response value of this authentication according to the Random, K2 and L _ Nonce Response values, and issues the Random and EK3(K2) to the terminal. Specifically, firstly, a Nonce value of the current authentication is calculated according to the Random and the L _ Nonce Response values and by using an authentication factor generation algorithm (for example, an algorithm such as AES, DES, 3DES, RSA, or RC 4), wherein in the authentication factor generation algorithm, the L _ Nonce Response is used as a key, and the Random is used as an input; then, calculating a Nonce Response value according to the Nonce value and the K2 and by using an authentication factor Response generation algorithm (such as AES, DES, 3DES, RSA, or RC 4), wherein in the authentication factor Response generation algorithm, the K2 is used as a key and the Nonce is used as an input; and finally, transmitting the Random and EK3(K2) to the terminal.
At step S33, the terminal calculates a Nonce Response value from Random, EK3(K2), SCK and the authentication factor Response value L _ Nonce Response value of the last authentication, and uploads it to the server. Specifically, firstly, a Nonce value is calculated according to the Random and the L _ Nonce Response values and by using an authentication factor generation algorithm (for example, an algorithm such as AES, DES, 3DES, RSA, or RC 4), wherein in the authentication factor generation algorithm, the L _ Nonce Response is used as a key, and the Random is used as an input; then, K3 is generated according to the SCK; then, decrypting EK3(K2) with K3 yields K2; then, a Nonce Response value is calculated according to the Nonce value and K2 by using an authentication factor Response generation algorithm (for example, an algorithm such as AES, DES, 3DES, RSA, or RC 4), in which K2 is used as a key and the Nonce is used as an input, and finally, the calculated Nonce Response value is uploaded to the server.
Step S34, the server compares the Nonce Response value sent by the terminal with the Nonce Response value calculated by the server, and if the Nonce Response value is matched with the Nonce Response value, the server passes the authentication; otherwise, the server determines that the terminal is illegal and refuses to pass the authentication.
In addition, in the embodiment of the present invention, the SCK of the terminal is obtained by the following method:
in the pre-registration process, the terminal receives an encrypted terminal root key (namely, an ESCK) issued by the server, decrypts the ESCK to obtain the SCK, and writes the SCK into the OTP read-only memory of the terminal. In the pre-registration process, the terminal receives an ESCK issued by the server, and the specific process is as follows:
the terminal initiates a registration application to the server, wherein the registration application comprises a terminal ID and a first terminal certificate signed and issued by a root encryption machine; and then, the terminal receives the operator certificate, the ESCK and the second terminal certificate signed by the operator encryption machine, which are sent by the server after the first terminal certificate is verified to be legal.
In the embodiment of the invention, the terminal needs to obtain the authentication of the server every time when communicating with the server, and the relevant information can be obtained only after the authentication is passed. Therefore, even if a cloner can intercept the random number issued by the server, the cloning terminal cannot obtain the response value of the authentication factor of the last authentication, and cannot obtain the response value of the authentication factor of the current authentication, so that the bidirectional authentication with the server cannot be completed.
In the embodiment of the invention, the server distributes the SCK to the terminal during registration, so that the terminal does not need to embed the SCK in advance, and all terminals (such as a bidirectional set top box, a smart phone and the like) which support a bidirectional network and can receive server signals in the market can be suitable for the terminal without being limited to the customized terminal embedded with the SCK in advance, thereby improving the universality of the terminal and realizing the levelization of the terminal market.
Referring to fig. 4, a bidirectional authentication method according to another embodiment of the present invention includes the following steps:
step S41, the terminal sends an authentication request to the front-end server.
Step S42, the front-end server determines whether the terminal is registered, if so, step S43 is executed, otherwise, the authentication request of the front-end server is rejected, or a registration prompt is sent to the front-end server at the same time. This step is an optional step.
And step S43, the front-end server sends an authentication processing instruction to the operator encryption machine according to the authentication request. The authentication processing instruction includes a KeyID and an L _ Nonce Response value. Step S44, the operator encryption device calculates the Nonce Response value of the current authentication according to the authentication processing instruction, that is, performs the authentication processing according to the authentication processing instruction. The specific treatment process is as follows:
1) the operator encryption machine generates a key K2 according to the KeyID in the authentication processing instruction;
2) the operator encryptor encrypts K2 by using K3 to generate EK3 (K2);
3) the operator encryptor generates Random;
4) the operator encryptor calculates a Nonce value according to the Random and the L _ Nonce Response values and by adopting an authentication factor generation algorithm (such as AES, DES, 3DES, RSA or RC4 and other algorithms), wherein in the authentication factor generation algorithm, the L _ Nonce Response is used as a secret key, and the Random is used as an input;
5) and the operator encryptor calculates a Nonce Response value according to the Nonce and the K2 by adopting an authentication factor Response generation algorithm (such as AES, DES, 3DES, RSA or RC4 and the like), wherein in the authentication factor Response generation algorithm, the K2 is used as a secret key, and the Nonce is used as an input.
Step S45, the operator encryptor sends the Random, EK3(K2) and Nonce Response values to the front-end server as a Response to the authentication processing instruction.
In step S46, the front-end server issues Random and EK3(K2) to the terminal as a response to the authentication request.
Step S47, the terminal calculates the Nonce Response value according to Random, L _ Nonce Response value, SCK and EK3(K2), and the specific procedure is as follows:
1) the terminal calculates a Nonce value according to the Random and the L _ Nonce Response values and by adopting an authentication factor generation algorithm (such as AES, DES, 3DES, RSA or RC 4), wherein in the authentication factor generation algorithm, the L _ Nonce Response is used as a secret key, and the Random is used as an input;
2) generating K3 according to SCK;
3) decrypting EK3(K2) by using K3 to obtain K2;
4) and calculating a Nonce Response value according to the Nonce value and the K2 by adopting an authentication factor Response generation algorithm (such as AES, DES, 3DES, RSA or RC4, and the like), wherein in the authentication factor Response generation algorithm, the K2 is used as a secret key and the Nonce is used as an input.
Step S48, the terminal returns a Nonce Response value to the front-end server, while retaining the Nonce Response value.
Step S49, the front-end server compares the Nonce Response value returned by the terminal with the Nonce Response value sent by the operator encryption machine; and if the two are matched, the authentication is passed. Otherwise, the front-end server determines that the terminal is illegal and refuses to pass the authentication.
The difference from the bidirectional authentication method shown in fig. 3 is that the work of the server in the embodiment of the present invention is completed by the cooperation of the front-end server and the operator encryptor. In addition, in the embodiment of the invention, the front-end server also performs registration judgment after receiving the authentication request, and only if the terminal is a registered terminal, the front-end server provides authentication service for the terminal.
In addition, in the embodiment of the present invention, the SCK of the terminal is obtained by the following method:
in the pre-registration process, the terminal receives an encrypted terminal root key (namely, an ESCK) issued by the server, decrypts the ESCK to obtain the SCK, and writes the SCK into the OTP read-only memory of the terminal. In the pre-registration process, the terminal receives an ESCK issued by the server, and the specific process is as follows:
the terminal initiates a registration application to the server, wherein the registration application comprises a terminal ID and a first terminal certificate signed and issued by a root encryption machine; and then, the terminal receives the operator certificate, the ESCK and the second terminal certificate signed by the operator encryption machine, which are sent by the server after the first terminal certificate is verified to be legal.
In the embodiment of the invention, the terminal needs to obtain the authentication of the server every time when communicating with the server, and the relevant information can be obtained only after the authentication is passed. Therefore, even if a cloner can intercept the random number issued by the server, the cloning terminal cannot obtain the response value of the authentication factor of the last authentication, and cannot obtain the response value of the authentication factor of the current authentication, so that the bidirectional authentication with the server cannot be completed.
In the embodiment of the invention, the server distributes the SCK to the terminal during registration, so that the terminal does not need to embed the SCK in advance, and all terminals (such as a bidirectional set top box, a smart phone and the like) which support a bidirectional network and can receive server signals in the market can be suitable for the terminal without being limited to the customized terminal embedded with the SCK in advance, thereby improving the universality of the terminal and realizing the levelization of the terminal market.
Referring to fig. 5, the mutual authentication system according to the embodiment of the present invention includes a server 52 and at least one terminal 51.
As shown in fig. 6, the terminal 51 includes a request transmission module 511, a data reception module 512, an authentication calculation module 513, and a response transmission module 514. The request sending module 511 is configured to initiate an authentication request to the server; the data receiving module 512 is used for receiving Random and EK3(K2) sent by the server; the authentication calculation module is configured to obtain a Nonce Response value according to the Random, EK3(K2), SCK, and L _ Nonce Response values (see the above terminal authentication method embodiment for a specific process); the Response sending module 514 is configured to upload the Nonce Response value to the server. Wherein the SCK is obtained by:
in the pre-registration process, the terminal receives the ESCK sent by the server, decrypts the ESCK to obtain the SCK and writes the SCK into the OTP read-only memory of the terminal.
As shown in fig. 7, the server 52 includes a request receiving module 521, an authentication processing module 522, a data issuing module 523, a response receiving module 524, and an authentication comparing module 525. The request receiving module 521 is configured to receive an authentication request initiated by a terminal; the authentication processing module 522 is configured to generate a Random, and obtain a Nonce Response value according to the Random, K2, and the L _ Nonce Response value (see the above server authentication method embodiment for a specific process); the data issuing module 523 is configured to issue Random and EK3(K2) to the terminal; the Response receiving module 524 is configured to receive a Nonce Response value sent by the terminal; the authentication comparison module 525 is used for comparing the Nonce Response value sent by the terminal with the Nonce Response value calculated by the terminal, and if the Nonce Response value is matched with the Nonce Response value, the terminal passes the authentication, otherwise, the terminal is determined to be illegal and the authentication is rejected.
In the embodiment of the invention, the terminal needs to obtain the authentication of the server every time when communicating with the server, and the relevant information can be obtained only after the authentication is passed. Therefore, even if a cloner can intercept the random number issued by the server, the cloning terminal cannot obtain the response value of the authentication factor of the last authentication, and cannot obtain the response value of the authentication factor of the current authentication, so that the bidirectional authentication with the server cannot be completed.
In the embodiment of the invention, the server distributes the SCK to the terminal during registration, so that the terminal does not need to embed the SCK in advance, and all terminals (such as a bidirectional set top box, a smart phone and the like) which support a bidirectional network and can receive server signals in the market can be suitable for the terminal without being limited to the customized terminal embedded with the SCK in advance, thereby improving the universality of the terminal and realizing the levelization of the terminal market.
Those of skill would further appreciate that the various illustrative logical blocks, units, and steps described in connection with the embodiments disclosed herein may be implemented as hardware, software, or combinations of both. Whether implemented in hardware or software depends upon the particular application and design requirements of the overall system. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present embodiments.
The various illustrative logical blocks, or elements, described in connection with the embodiments disclosed herein may be implemented or performed with a general purpose processor, a digital signal processor, an Application Specific Integrated Circuit (ASIC), a field programmable gate array or other programmable logic device, discrete gate or transistor logic, discrete hardware components, or any combination thereof designed to perform the functions described herein. A general-purpose processor may be a microprocessor, but in the alternative, the processor may be any conventional processor, controller, microcontroller, or state machine. A processor may also be implemented as a combination of computing devices, e.g., a digital signal processor and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a digital signal processor core, or any other similar configuration.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may be stored in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art. For example, a storage medium may be coupled to the processor such the processor can read information from, and write information to, the storage medium. In the alternative, the storage medium may be integral to the processor. The processor and the storage medium may reside in an ASIC, which may be located in a user terminal. In the alternative, the processor and the storage medium may reside in different components in a user terminal.
In one or more exemplary designs, the functions described above in connection with the embodiments of the invention may be implemented in hardware, software, firmware, or any combination of the three. If implemented in software, the functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium. Computer-readable media includes both computer storage media and communication media that facilitate transfer of a computer program from one place to another. Storage media may be any available media that can be accessed by a general purpose or special purpose computer. For example, such computer-readable media can include, but is not limited to, RAM, ROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to carry or store program code in the form of instructions or data structures and which can be read by a general-purpose or special-purpose computer, or a general-purpose or special-purpose processor. Additionally, any connection is properly termed a computer-readable medium, and, thus, is included if the software is transmitted from a website, server, or other remote source via a coaxial cable, fiber optic cable, twisted pair, Digital Subscriber Line (DSL), or wirelessly, e.g., infrared, radio, and microwave. Such discs (disk) and disks (disc) include compact disks, laser disks, optical disks, DVDs, floppy disks and blu-ray disks where disks usually reproduce data magnetically, while disks usually reproduce data optically with lasers. Combinations of the above may also be included in the computer-readable medium.
The above-mentioned embodiments are intended to illustrate the objects, technical solutions and advantages of the present invention in further detail, and it should be understood that the above-mentioned embodiments are only exemplary embodiments of the present invention, and are not intended to limit the scope of the present invention, and any modifications, equivalent substitutions, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.
Claims (10)
1. A terminal authentication method is characterized by comprising the following steps:
initiating an authentication request to a server;
receiving a Random number Random and an encrypted authentication key EK3(K2) transmitted by the server;
acquiring an authentication factor Response (NCR) Response value of the authentication according to the Random, the EK3(K2), a terminal root key (SCK) and an authentication factor Response (L _ NCResponse) value of the last authentication;
uploading the Nonce Response value to the server; wherein,
the acquiring the Nonce Response value according to the Random, the EK3(K2), the SCK, and the L _ Nonce Response value specifically includes:
calculating an authentication factor Nonce value of the authentication by adopting an authentication factor generation algorithm according to the Random and the L _ Nonce Response values;
generating an operator root key K3 according to the SCK;
decrypting the EK3(K2) with the K3 for an authentication key K2;
and calculating the Nonce response value by adopting an authentication factor response generation algorithm according to the Nonce value and the K2.
2. The terminal authentication method according to claim 1, wherein the SCK is obtained by:
in the pre-registration process, the terminal receives an encrypted terminal root key (ESCK) issued by the server, decrypts the ESCK to obtain the SCK and writes the SCK into a read-only memory of the terminal.
3. The terminal authentication method according to claim 2, wherein in the pre-registration process, the terminal receives the ESCK delivered by the server, specifically:
initiating a registration application to the server, wherein the registration application comprises a terminal ID and a first terminal certificate issued by a root encryption machine;
and receiving an operator certificate sent by the server after verifying that the first terminal certificate is legal, the ESCK and a second terminal certificate signed by an operator encryption machine.
4. A server authentication method, comprising the steps of:
receiving an authentication request initiated by a terminal;
generating a Random number Random, and acquiring an authentication factor Response value of the current authentication according to the Random, an authentication key K2 and an authentication factor Response L _ Nonce Response value of the last authentication;
issuing the Random and an encrypted authentication key EK3(K2) to the terminal;
receiving a Nonce Response value sent by the terminal;
comparing the Nonce Response value sent by the terminal with the Nonce Response value calculated by the terminal, and if the Nonce Response value is matched with the Nonce Response value, passing the authentication; wherein,
the acquiring the Nonce Response value according to the Random, the K2, and the L _ Nonce Response value specifically includes:
calculating an authentication factor Nonce value of the authentication by adopting an authentication factor generation algorithm according to the Random and the L _ Nonce Response values;
and calculating the Nonce response value by adopting an authentication factor response generation algorithm according to the Nonce value and the K2.
5. The server authentication method according to claim 4, wherein the K2 and the EK3(K2) are obtained by:
generating the K2 according to an authentication key KeyID;
encrypt the K2 with a carrier root key K3, generating the EK3 (K2).
6. A mutual authentication method, comprising the steps of:
the terminal initiates an authentication request to the server;
the server generates a Random number Random, calculates an authentication factor Response value of the authentication according to the Random, an authentication key K2 and an authentication factor Response L _ Nonce Response value of the last authentication, and sends the Random and an encrypted authentication key EK3(K2) to the terminal;
the terminal calculates a Nonce Response value according to the Random, the EK3(K2), a terminal root key (SCK), and the L _ Nonce Response value, and uploads the Nonce Response value to the server;
the server compares the Nonce Response value sent by the terminal with the Nonce Response value calculated by the server, and if the Nonce Response value is matched with the Nonce Response value, the server passes authentication; wherein,
the acquiring the Nonce Response value according to the Random, the EK3(K2), the SCK, and the L _ Nonce Response value specifically includes:
calculating an authentication factor Nonce value of the authentication by adopting an authentication factor generation algorithm according to the Random and the L _ Nonce Response values;
generating an operator root key K3 according to the SCK;
decrypting the EK3(K2) with the K3 for an authentication key K2;
calculating to obtain the Nonce response value by adopting an authentication factor response generation algorithm according to the Nonce value and the K2;
the acquiring the Nonce Response value according to the Random, the K2, and the L _ Nonce Response value specifically includes:
calculating an authentication factor Nonce value of the authentication by adopting an authentication factor generation algorithm according to the Random and the L _ Nonce Response values;
and calculating the Nonce response value by adopting an authentication factor response generation algorithm according to the Nonce value and the K2.
7. A terminal, comprising:
the request sending module is used for sending an authentication request to the server;
a data receiving module for receiving the Random number Random and the encrypted certification key EK3(K2) sent by the server;
the authentication calculation module is used for acquiring an authentication factor Response value of the authentication according to the Random, the EK3(K2), the SCK and the authentication factor Response L _ Nonce Response value of the last authentication;
the Response sending module uploads the Nonce Response value to the server; wherein,
the acquiring the Nonce Response value according to the Random, the EK3(K2), the SCK, and the L _ Nonce Response value specifically includes:
calculating an authentication factor Nonce value of the authentication by adopting an authentication factor generation algorithm according to the Random and the L _ Nonce Response values;
generating an operator root key K3 according to the SCK;
decrypting the EK3(K2) with the K3 for an authentication key K2;
and calculating the Nonce response value by adopting an authentication factor response generation algorithm according to the Nonce value and the K2.
8. The terminal of claim 7, wherein the SCK is obtained by:
in the pre-registration process, the terminal receives an encrypted terminal root key (ESCK) issued by the server, decrypts the ESCK to obtain the SCK and writes the SCK into a read-only memory of the terminal.
9. A server, comprising:
the request receiving module is used for receiving an authentication request initiated by a terminal;
the authentication processing module is used for generating a Random number Random and acquiring an authentication factor Response Nonce value of the current authentication according to the Random, an authentication key K2 and an authentication factor Response L _ Nonce Response value of the last authentication;
the data issuing module is used for issuing the Random and the encrypted authentication key EK3(K2) to the terminal;
a Response receiving module, configured to receive a Nonce Response value sent by the terminal;
the authentication comparison module is used for comparing the Nonce Response value sent by the terminal with the Nonce Response value calculated by the terminal, and if the Nonce Response value is matched with the Nonce Response value, the authentication is passed; wherein,
the acquiring the Nonce Response value according to the Random, the K2, and the L _ Nonce Response value specifically includes:
calculating an authentication factor Nonce value of the authentication by adopting an authentication factor generation algorithm according to the Random and the L _ Nonce Response values;
and calculating the Nonce response value by adopting an authentication factor response generation algorithm according to the Nonce value and the K2.
10. A mutual authentication system, comprising:
at least one terminal according to claim 7 and a server according to claim 9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410036296.2A CN104811303B (en) | 2014-01-24 | 2014-01-24 | The method, apparatus and system of two-way authentication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410036296.2A CN104811303B (en) | 2014-01-24 | 2014-01-24 | The method, apparatus and system of two-way authentication |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104811303A CN104811303A (en) | 2015-07-29 |
| CN104811303B true CN104811303B (en) | 2018-12-18 |
Family
ID=53695822
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410036296.2A Active CN104811303B (en) | 2014-01-24 | 2014-01-24 | The method, apparatus and system of two-way authentication |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104811303B (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017125265A1 (en) * | 2016-01-19 | 2017-07-27 | British Telecommunications Public Limited Company | Authentication of data transmission devices |
| CN107704758A (en) * | 2017-08-25 | 2018-02-16 | 郑州云海信息技术有限公司 | A kind of SQL injection leak detection method and detection means |
| CN108718237A (en) * | 2018-03-20 | 2018-10-30 | 如般量子科技有限公司 | A kind of modified AKA identity authorization systems and method based on pool of symmetric keys |
| WO2020172887A1 (en) * | 2019-02-28 | 2020-09-03 | 云图有限公司 | Data processing method, apparatus, smart card, terminal device, and server |
| CN112016082B (en) * | 2020-10-26 | 2021-01-22 | 成都掌控者网络科技有限公司 | Authority list safety control method |
| CN112738043B (en) * | 2020-12-22 | 2023-06-27 | 北京八分量信息科技有限公司 | Method, system and related products for legality authentication of user identity in big data system |
| CN112751674B (en) * | 2020-12-30 | 2023-05-02 | 上海优咔网络科技有限公司 | Virtual private network access authentication method, system, equipment and readable storage medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101807994A (en) * | 2009-12-18 | 2010-08-18 | 北京握奇数据系统有限公司 | Method and system for application data transmission of IC card |
| CN102047266A (en) * | 2008-10-10 | 2011-05-04 | 松下电器产业株式会社 | Information processing device, authentication system, authentication device, information processing method, information processing program, recording medium, and integrated circuit |
-
2014
- 2014-01-24 CN CN201410036296.2A patent/CN104811303B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102047266A (en) * | 2008-10-10 | 2011-05-04 | 松下电器产业株式会社 | Information processing device, authentication system, authentication device, information processing method, information processing program, recording medium, and integrated circuit |
| CN101807994A (en) * | 2009-12-18 | 2010-08-18 | 北京握奇数据系统有限公司 | Method and system for application data transmission of IC card |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104811303A (en) | 2015-07-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104811303B (en) | The method, apparatus and system of two-way authentication | |
| US20210367795A1 (en) | Identity-Linked Authentication Through A User Certificate System | |
| KR102138283B1 (en) | Method of using one device to unlock another device | |
| US10826704B2 (en) | Blockchain key storage on SIM devices | |
| US20190173873A1 (en) | Identity verification document request handling utilizing a user certificate system and user identity document repository | |
| US11601409B2 (en) | Establishing a secure communication session with an external security processor | |
| US12126737B2 (en) | Method for downloading key, client, password device, and terminal device | |
| CN112823503B (en) | Data access method, data access device and mobile terminal | |
| US11159329B2 (en) | Collaborative operating system | |
| CN107358441A (en) | Method, system and the mobile device and safety certificate equipment of payment verification | |
| CN107733652B (en) | Unlocking method and system and vehicle lock for shared vehicle | |
| US20140337927A1 (en) | Authorization of media content transfer between home media server and client device | |
| JP2012519995A5 (en) | ||
| KR20170124953A (en) | Method and system for automating user authentication with decrypting encrypted OTP using fingerprint in mobile phone | |
| CN112839019B (en) | Vehicle-mounted data transmission method, device and system | |
| CN110838919B (en) | Communication method, storage method, operation method and device | |
| CN111901303A (en) | Device authentication method and apparatus, storage medium, and electronic apparatus | |
| WO2018157724A1 (en) | Method for protecting encrypted control word, hardware security module, main chip and terminal | |
| CN107682380B (en) | Cross authentication method and device | |
| KR101771484B1 (en) | Creation Method of Signature Key to use Security Token efficiently | |
| CN115103356A (en) | Computer security verification system, method, mobile terminal and readable storage medium | |
| CN107911223B (en) | Cross signature method and device | |
| CN111107038B (en) | Encryption method, decryption method and device | |
| KR101536594B1 (en) | Official Certificate Using Method By Using Management Company Server to improve Security and Official Certificate Using System | |
| US20220052838A1 (en) | Reinitialization of an application secret by way of the terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| EXSB | Decision made by sipo to initiate substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |