CN106230840A

CN106230840A - A kind of command identifying method of high security

Info

Publication number: CN106230840A
Application number: CN201610635430.XA
Authority: CN
Inventors: 黄海平; 李正韬; 徐宁; 祁凌涛; 沙超; 王汝传
Original assignee: Nanjing Post and Telecommunication University
Current assignee: Nanjing Post and Telecommunication University
Priority date: 2016-08-04
Filing date: 2016-08-04
Publication date: 2016-12-14
Anticipated expiration: 2036-08-04
Also published as: CN106230840B

Abstract

The invention discloses a high-security password authentication method, which adopts the combination of smart card hardware and cryptographic algorithm, and can be applied to a series of security mechanisms of network services such as finance, online shopping, social interaction and security. The present invention focuses on the combination of smart card and password authentication, including four stages of user registration, login, server and user two-way authentication, and user password modification, in which light functions such as hash functions, XOR operations, and symmetric keys are mainly used. Quantitatively efficient and secure cryptographic protocols and methods. The present invention has high security. By performing special security processing on the user name and password in the information transmission process, the risk of the user name and password being stolen is reduced, and replay attacks and information interception attacks can be effectively prevented. Change your password freely through the server.

Description

A High Security Password Authentication Method

技术领域technical field

本发明属于信息安全和密码学技术领域，具体涉及一种结合智能卡并具有高安全性的口令认证方法。The invention belongs to the technical fields of information security and cryptography, and in particular relates to a high-security password authentication method combined with a smart card.

背景技术Background technique

在计算机网络技术高速发展的当下，云计算以及云存储技术使得大量原本存储在用户端的数据可以存储在云端服务器中。这不但大幅度释放了用户端的存储空间，减轻了本地存储数据的压力，同时也大大扩展了用户存储数据的空间范围，实现了不同用户之间数据的共享。然而，随着使用云服务的用户数量的增加，如何保障用户隐私不受侵害成为社会信息化发展进程中一个无法忽视的问题。With the rapid development of computer network technology, cloud computing and cloud storage technology enable a large amount of data originally stored in the client to be stored in the cloud server. This not only greatly releases the storage space of the user end, reduces the pressure of local storage data, but also greatly expands the space range of user storage data, and realizes the sharing of data among different users. However, with the increase in the number of users using cloud services, how to protect user privacy from infringement has become a problem that cannot be ignored in the process of social informatization development.

针对以上问题，人们根据现代密码学中对称加密以及非对称加密技术设计了多种认证机制。口令认证作为一种高效、简洁的身份认证方法广泛使用于金融、网购、社交、安保等各个领域。大多数社交网络软件，公司门禁等基于硬件或者软件的身份认证机制都将口令认证作为其最为核心的部分。但是，口令认证因为其操作简单，认证因素不足等特性，极易受到攻击者不同类型的攻击，比如中间人攻击和字典攻击等。针对这类攻击，现有技术中比较有代表性的措施是通过网络中的可信主机存储各终端的加密密钥，发送方使用本端的加密密钥对信息进行加密，然后将密文以及本端的身份信息发送给接收方。接收方收到信息后，将发送方的身份信息发送给可信主机，由可信主机对发送方的合法性进行判断。如公开号为CN105471845A、名称为“防止中间人攻击的通信方法及系统”，公开号为CN104936170A、名称为“检测中间人攻击的方法与装置”的发明专利都属于这种技术。但是这种纯粹依赖加密技术的数据共享技术依然存在着算法复杂、算法需要适时更新以防被解密的风险。In response to the above problems, people have designed a variety of authentication mechanisms based on symmetric encryption and asymmetric encryption techniques in modern cryptography. As an efficient and concise identity authentication method, password authentication is widely used in various fields such as finance, online shopping, social networking, and security. Most social network software, corporate access control and other hardware or software-based identity authentication mechanisms use password authentication as their core part. However, password authentication is vulnerable to different types of attacks, such as man-in-the-middle attacks and dictionary attacks, because of its simple operation and insufficient authentication factors. For this type of attack, a representative measure in the prior art is to store the encryption key of each terminal through a trusted host in the network, and the sender uses the encryption key of the local end to encrypt the information, and then sends the ciphertext and this The identity information of the terminal is sent to the receiver. After receiving the information, the receiver sends the identity information of the sender to the trusted host, and the trusted host judges the legitimacy of the sender. For example, the invention patent with publication number CN105471845A titled "Communication Method and System for Preventing Man-in-the-Middle Attack" and publication number CN104936170A titled "Method and Device for Detecting Man-in-the-Middle Attack" all belong to this technology. However, this data sharing technology that relies purely on encryption technology still has the risk of complex algorithms, which need to be updated in a timely manner to prevent them from being decrypted.

发明内容Contents of the invention

本发明要解决的技术问题是提出一种能够实现用户认证信息的机密性，允许用户随时更改密码，在提高安全性的同时又具有较低能耗和较高效率的方法。The technical problem to be solved by the present invention is to propose a method that can realize the confidentiality of user authentication information, allow users to change passwords at any time, and has lower energy consumption and higher efficiency while improving security.

为此，为了在保证较高安全性的同时尽可能地实现操作简单和高效，我们将一些加密后的身份认证信息存储在硬件中以分担软件中存储身份认证信息被攻击者获取的风险，设计出了基于硬件和软件相结合的身份认证技术。相对于传统口令认证技术，这种方式能有效抵抗多种类型攻击。For this reason, in order to make the operation as simple and efficient as possible while ensuring high security, we store some encrypted identity authentication information in the hardware to share the risk of the identity authentication information stored in the software being obtained by an attacker. The identity authentication technology based on the combination of hardware and software has been developed. Compared with traditional password authentication technology, this method can effectively resist various types of attacks.

具体的技术方案为：一种高安全性的口令认证方法，包含以下步骤：The specific technical solution is: a high-security password authentication method comprising the following steps:

步骤一，用户注册阶段，在这个阶段，注册的用户需要先申请一张智能卡，智能卡中存储了用户的个人信息；Step 1, the user registration stage, at this stage, the registered user needs to apply for a smart card first, and the user's personal information is stored in the smart card;

步骤1-1，在用户注册的初始化阶段，用户U_i可以自由选择他的用户名(ID_i)以及密码(PW_i)。Step 1-1, in the initial stage of user registration, user U _i can freely choose his user name (ID _i ) and password (PW _i ).

步骤1-2，智能卡使用单向哈希函数h()对用户名(ID_i)以及密码(PW_i)进行加密，得到信息对(h(ID_i||PW_i),h(ID_i))并将其通过一个安全的信道发送给服务器S。Step 1-2, the smart card uses the one-way hash function h() to encrypt the user name (ID _i ) and password (PW _i ), and obtains the information pair (h(ID _i ||PW _i ), h(ID _i ) ) and send it to server S through a secure channel.

步骤1-3，服务器S使用单向哈希函数h()以及服务器密钥x和y对发送过来的用户信息进行加密，得到：In steps 1-3, server S encrypts the sent user information using the one-way hash function h() and server keys x and y to obtain:

$A A = = h h ((h h (({ID ID}_{i i})) &CirclePlus; &CirclePlus; x x))$

$B B = = A A &CirclePlus; &CirclePlus; h h (({ID ID}_{i i} | | | | {PW PW}_{i i})) &CirclePlus; &CirclePlus; h h (({ID ID}_{i i}))$

C＝h(A)C=h(A)

$D D. = = h h ((h h (({ID ID}_{i i} | | | | {PW PW}_{i i})) &CirclePlus; &CirclePlus; y the y)) . .$

步骤1-4，服务器S将(B,C,D)通过一个安全的信道返回给用户U_i。In steps 1-4, the server S returns (B, C, D) to the user U _i through a secure channel.

步骤1-5，用户U_i将(B,C,D)存入智能卡中。In steps 1-5, the user U _i stores (B, C, D) in the smart card.

步骤二，登录阶段，用户U_i登录时，需要将智能卡插入对应设备中并输入他的用户名(ID_i)以及密码(PW_i)；Step 2, in the login phase, when user U _i logs in, he needs to insert the smart card into the corresponding device and enter his user name (ID _i ) and password (PW _i );

步骤2-1，智能卡调用存储的信息计算：Step 2-1, the smart card calls the stored information to calculate:

${A A}_{i i} = = B B &CirclePlus; &CirclePlus; h h (({ID ID}_{i i} | | | | {PW PW}_{i i})) &CirclePlus; &CirclePlus; h h (({ID ID}_{i i})),,$

C_i＝h(A_i)C _i =h(A _i )

步骤2-2，智能卡比较C_i＝C是否成立，如果成立，则证明了用户U_i的合法身份；Step 2-2, the smart card compares whether C _i =C is established, and if it is established, it proves the legal identity of the user U _i ;

步骤2-3，智能卡随机生成一个整数N并做如下计算：Step 2-3, the smart card randomly generates an integer N and performs the following calculations:

${E E.}_{i i} = = {A A}_{i i} &CirclePlus; &CirclePlus; N N$

${CID CID}_{i i} = = {A A}_{i i} &CirclePlus; &CirclePlus; h h (({ID ID}_{i i} | | | | {PW PW}_{i i})) &CirclePlus; &CirclePlus; N N$

F_i＝h(A_i||D_i||N)F _i ＝h(A _i ||D _i ||N)

步骤2-4，智能卡将登录请求(h(ID_i),E_i,CID_i,F_i)发送给服务器S；Step 2-4, the smart card sends the login request (h(ID _i ), E _i , CID _i , F _i ) to the server S;

步骤三，认证阶段，本阶段实现了服务器和用户的相互认证，主要步骤如下：Step 3, the authentication stage, this stage realizes the mutual authentication between the server and the user, the main steps are as follows:

步骤3-1，接收到用户U_i请求(h(ID_i),E_i,CID_i,F_i)后，服务器S计算：Step 3-1, after receiving the user U _i request (h(ID _i ), E _i , CID _i , F _i ), the server S calculates:

${A A}_{i i}^{' '} = = h h ((h h (({ID ID}_{i i})) &CirclePlus; &CirclePlus; x x))$

${N N}_{i i}^{' '} = = {A A}_{i i} &CirclePlus; &CirclePlus; {E E.}_{i i}$

$h h {(({ID ID}_{i i} | | | | {PW PW}_{i i}))}^{' '} = = {CID CID}_{i i} &CirclePlus; &CirclePlus; x x$

${D D.}_{i i}^{' '} = = h h ((h h {(({ID ID}_{i i} | | | | {PW PW}_{i i}))}^{' '} &CirclePlus; &CirclePlus; y the y))$

F_i′＝h(A_i′||D_i′||N_i′)F _i ′=h(A _i ′||D _i ′||N _i ′)

步骤3-2，服务器S比较F_i'＝F_i是否成立，如果不成立，则服务器对用户的认证失败，服务器拒绝用户的登录请求。如果成立，则服务器完成对用户的认证，服务器S选择一个大于1024bits的随机数N'并进行如下计算：In step 3-2, the server S compares whether F _i '=F _i is established, and if not, the server fails to authenticate the user, and the server rejects the user's login request. If it is established, the server completes the authentication of the user, and the server S selects a random number N' greater than 1024 bits and performs the following calculation:

SK'＝h(A_i'||D_i'||N_i'||N')SK'＝h(A _i '||D _i '||N _i '||N')

其中SK'为服务器和用户之间服务器端的对称加密密钥。Wherein SK' is a symmetric encryption key on the server side between the server and the user.

使用SK'进行加密得到： Encryption using SK' yields:

步骤3-3，服务器S将(G',N')发送给用户U_i；Step 3-3, server S sends (G', N') to user U _i ;

步骤3-4，收到(G',N')后，用户U_i执行如下计算：Step 3-4, after receiving (G',N'), user U _i performs the following calculation:

SK_i＝h(A_i||D_i||N_i||N')SK _i ＝h(A _i ||D _i ||N _i ||N')

其中SK_i为服务器和用户之间用户端的对称加密密钥。Where SK _i is the symmetric encryption key between the server and the user at the user end.

使用SK_i进行解密得到：G_i＝SK_i(G')Use SK _i to decrypt: G _i = SK _i (G')

步骤3-5，用户U_i验证是否成立，如果不成立，则用户对服务器的身份认证失败，用户断开连接；如果成功，则完成服务器和用户的双向身份认证。Step 3-5, user U _i authentication Whether it is established, if not, the user's identity authentication to the server fails, and the user is disconnected; if successful, the two-way identity authentication between the server and the user is completed.

为提高本发明方法的使用效果，本发明还可以完成用户密码修改，系统允许用户自由更改自己的密码而不需要再次登录服务器，假设一个用户希望将他的密码更改为PW_new，那么在他需要输入用户名(ID_i)以及密码(PW_i)后遵循如下步骤：In order to improve the use effect of the method of the present invention, the present invention can also complete user password modification, and the system allows users to freely change their own passwords without logging in to the server again. Suppose a user wishes to change his password to PW _new , then when he needs After entering the username (ID _i ) and password (PW _i ), follow the steps below:

步骤1，智能卡执行如下操作：Step 1, the smart card performs the following operations:

${A A}_{i i} = = B B &CirclePlus; &CirclePlus; h h (({ID ID}_{i i} | | | | {PW PW}_{i i})) &CirclePlus; &CirclePlus; h h (({ID ID}_{i i}))$

C_i＝h(A_i)；C _i =h(A _i );

步骤2，智能卡比较C_i＝C是否成立，如果成立，则证明了用户U_i的合法身份；Step 2, the smart card compares whether C _i =C is established, and if it is established, it proves the legal identity of the user U _i ;

步骤3，用户选择一个新的密码PW_new；Step 3, the user chooses a new password PW _new ;

步骤4，智能卡计算并将内部存储的B替换为B_new，如此则完成用户密码的修改。Step 4, smart card calculation And replace B in the internal storage with B _new , so that the modification of the user password is completed.

进一步，步骤一中的个人信息包含出生日期、电话号码、住址以及签名。Further, the personal information in step 1 includes date of birth, telephone number, address and signature.

进一步，步骤2-3中的整数大于1024bits。Further, the integer in step 2-3 is greater than 1024 bits.

与现有技术相比，本发明的有益效果在于：Compared with prior art, the beneficial effect of the present invention is:

(1)相对于传统口令认证，本发明提出的方法能实现远端服务器不存储用户密码的功能。这极大减轻了服务器数据存储的压力，并且保护了用户数据不会在服务器端被盗取，既保护了用户信息，又消除了服务器承担丢失用户信息责任的隐患。(1) Compared with the traditional password authentication, the method proposed by the present invention can realize the function that the remote server does not store the user password. This greatly reduces the pressure on server data storage, and protects user data from being stolen on the server side. It not only protects user information, but also eliminates the hidden danger that the server will be responsible for losing user information.

(2)相对于其他口令认证方案，本发明在注册阶段、登录阶段、认证阶段以及用户密码修改阶段实现了用户名和密码的保密性，即将用户名和密码都进行加密传输，提高了整个系统的安全性。(2) Compared with other password authentication schemes, the present invention realizes the confidentiality of user names and passwords in the registration stage, login stage, authentication stage and user password modification stage, is about to carry out encrypted transmission of user names and passwords, and improves the security of the whole system sex.

(3)本发明的口令认证协议中加入每次登录产生的随机数，能够有效防范重放攻击以及信息拦截攻击，增加了整个系统的安全性。(3) Adding random numbers generated each time into the password authentication protocol of the present invention can effectively prevent replay attacks and information interception attacks, and increase the security of the entire system.

(4)用户可以在任何时间更改密码而不需要向服务器提出申请，这体现了系统良好的用户体验。(4) The user can change the password at any time without applying to the server, which reflects the good user experience of the system.

附图说明Description of drawings

图1为本发明注册信息交流图。Fig. 1 is a registration information exchange diagram of the present invention.

图2为本发明服务器认证信息交流图。FIG. 2 is a diagram of server authentication information exchange in the present invention.

图3为认证信息交流图。Figure 3 is a diagram of authentication information exchange.

图4为用户修改密码交流图。Figure 4 is an exchange diagram for users to modify their passwords.

图5为本发明主要步骤的流程图。Fig. 5 is a flowchart of the main steps of the present invention.

具体实施方式detailed description

现结合附图对本发明的具体实施方式作进一步详细的说明。The specific embodiment of the present invention will be further described in detail in conjunction with the accompanying drawings.

本发明要实现的目标为：The goal that the present invention will realize is:

(1)用户密码可以被用户自定义修改或者删除。(1) The user password can be modified or deleted by the user.

(2)用户名以及密码是以密文形式进行传输的。(2) The user name and password are transmitted in cipher text.

(3)没有人能够假冒某一个用户进行登录。(3) No one can log in as a certain user.

(4)用户名和密码的明文形式无法被服务器端人员获取。(4) The plaintext form of the user name and password cannot be obtained by the server-side personnel.

(5)认证系统能够抵御重放攻击、口令猜测攻击和伪装攻击等攻击。(5) The authentication system can resist attacks such as replay attack, password guessing attack and masquerading attack.

(6)认证系统具有较高效率。(6) The authentication system has high efficiency.

(7)如果智能卡丢失，持有智能卡的攻击者不能通过猜测密码登录系统。(7) If the smart card is lost, the attacker holding the smart card cannot log in to the system by guessing the password.

本发明包含以下四个步骤：The present invention comprises following four steps:

步骤一，用户注册阶段。如图1所示，用户自行选择方便自己记忆的用户名(ID)以及密码(PW)。通过智能卡加密后以密文的形式发送给服务器。服务器使用服务器端密钥计算相应安全参数并将其返回并存储在智能卡中。Step 1, user registration stage. As shown in FIG. 1 , the user chooses a user name (ID) and a password (PW) that are convenient for the user to remember. After being encrypted by the smart card, it is sent to the server in the form of cipher text. The server calculates the corresponding security parameters using the server-side key and returns and stores them in the smart card.

步骤二，登录阶段。用户将智能卡插入终端并输入自己的用户名(ID)以及密码(PW)。智能卡将用户登录信息进行处理后与自身存储的认证信息进行比对以确定用户身份是否合法。如果合法，智能卡计算相应安全参数并将其发送给服务器。Step two, the login phase. The user inserts the smart card into the terminal and enters his user name (ID) and password (PW). After the smart card processes the user login information, it compares it with the authentication information stored in itself to determine whether the user's identity is legal. If valid, the smart card calculates the corresponding security parameters and sends them to the server.

步骤三，认证阶段。如图2和3所示，服务器将智能卡发送来的信息进行处理后校验用户信息是否合法，如果合法，服务器将身份信息加密后发送给智能卡，智能卡对数据进行处理后校验服务器信息是否合法。如果合法则完成用户登录，两者建立联系。步骤四，用户密码修改阶段，如图4所示。本阶段允许用户自行修改密码。Step three, the authentication stage. As shown in Figures 2 and 3, the server processes the information sent by the smart card and verifies whether the user information is legal. If it is legal, the server encrypts the identity information and sends it to the smart card. The smart card processes the data and verifies whether the server information is legal. . If it is legal, the user login is completed, and the two establish a relationship. Step 4, the user password modification stage, as shown in FIG. 4 . At this stage, users are allowed to change their passwords by themselves.

重要术语及约束：Important terms and constraints:

对称加密算法：对称算法(symmetric algorithm)，有时又叫传统密码算法，就是加密密钥能够从解密密钥中推算出来，同时解密密钥也可以从加密密钥中推算出来。而在大多数的对称算法中，加密密钥和解密密钥是相同的。所以也称这种加密算法为秘密密钥算法或单密钥算法。它要求发送方和接收方在安全通信之前，商定一个密钥。对称算法的安全性依赖于密钥，泄漏密钥就意味着任何人都可以对他们发送或接收的消息解密，所以密钥的保密性对通信性至关重要。Symmetric encryption algorithm: Symmetric algorithm (symmetric algorithm), sometimes called traditional encryption algorithm, is that the encryption key can be derived from the decryption key, and the decryption key can also be calculated from the encryption key. In most symmetric algorithms, the encryption key and decryption key are the same. Therefore, this encryption algorithm is also called a secret key algorithm or a single key algorithm. It requires the sender and receiver to agree on a key before communicating securely. The security of the symmetric algorithm depends on the key. Leaking the key means that anyone can decrypt the messages they send or receive, so the secrecy of the key is very important to the communication.

单向哈希函数：单向哈希函数又称单向散列函数、杂凑函数，就是把任意长的输入消息串变化成固定长的输出串且由输出串难以得到输入串的一种函数。这个输出串称为该消息的散列值。一个安全的单向散列函数应该至少满足以下几个条件：(1)输入长度是任意的；(2)输出长度是固定的，根据目前的计算技术应至少取128bits长，以便抵抗生日攻击；(3)对每一个给定的输入，计算输出即散列值是很容易的；(4)给定散列函数的描述，找到两个不同的输入消息杂凑到同一个值是计算上不可行的，或给定杂凑函数的描述和一个随机选择的消息，找到另一个与该消息不同的消息使得它们杂凑到同一个值是计算上不可行的。One-way hash function: One-way hash function, also known as one-way hash function and hash function, is a function that changes an arbitrarily long input message string into a fixed-length output string and it is difficult to obtain an input string from the output string. This output string is called the hash value of the message. A secure one-way hash function should at least meet the following conditions: (1) The input length is arbitrary; (2) The output length is fixed, and should be at least 128 bits long according to the current computing technology, so as to resist birthday attacks; (3) For each given input, it is easy to calculate the output, that is, the hash value; (4) Given the description of the hash function, it is computationally infeasible to find two different input messages hashed to the same value , or given a description of a hash function and a message chosen at random, it is computationally infeasible to find another message different from that message such that they hash to the same value.

异或运算法则：XOR algorithm:

异或(xor)是一个数学运算符。它应用于逻辑运算。异或的数学符号为“⊕”，计算机符号为“xor”。其运算法则为：Exclusive or (xor) is a mathematical operator. It is applied to logical operations. The mathematical symbol for XOR is "⊕", and the computer symbol is "xor". Its algorithm is:

1. 1.

2. 2.

3. 3.

4.可以推出 4. can launch

5. 5.

下面对本发明的具体步骤再作进一步的说明。The specific steps of the present invention will be further described below.

图5为本发明主要步骤的流程图，用户注册后进行登录，然后与服务器完成双向认证，并可以修改密码，整个流程是基于智能卡与口令认证这种软硬件结合的方式实现的。现予以详细说明如下：Fig. 5 is a flowchart of the main steps of the present invention. After the user registers, he logs in, and then completes two-way authentication with the server, and can modify the password. The whole process is realized based on the combination of software and hardware of the smart card and password authentication. It is now described in detail as follows:

步骤一，用户注册阶段。在这个阶段，注册的用户需要先申请一张智能卡，智能卡中存储了用户的各种信息，比如出生日期、家庭住址、手机号码以及本人的亲笔签名等。步骤1，在用户注册的初始化阶段，用户U_i可以自由选择他的用户名(ID_i)以及密码(PW_i)。Step 1, user registration stage. At this stage, the registered user needs to apply for a smart card first, which stores various information of the user, such as date of birth, home address, mobile phone number and personal signature. Step 1, in the initial stage of user registration, user U _i can freely choose his user name (ID _i ) and password (PW _i ).

步骤2，智能卡使用单向哈希函数h()对用户名(ID_i)以及密码(PW_i)进行加密，得到信息对(h(ID_i||PW_i),h(ID_i))并将其通过一个安全的信道发送给服务器S。Step 2, the smart card uses the one-way hash function h() to encrypt the user name (ID _i ) and password (PW _i ), to obtain the information pair (h(ID _i ||PW _i ), h(ID _i )) and Send it to server S through a secure channel.

步骤3，服务器S使用单向哈希函数h()以及服务器密钥x和y对发送过来的用户信息进行加密，得到：Step 3, the server S encrypts the sent user information using the one-way hash function h() and the server keys x and y to obtain:

$A A = = h h ((h h (({ID ID}_{i i})) &CirclePlus; &CirclePlus; x x))$

C＝h(A)C=h(A)

步骤4，服务器S将(B,C,D)通过一个安全的信道返回给用户U_i。Step 4, the server S returns (B, C, D) to the user U _i through a secure channel.

步骤5，用户U_i将(B,C,D)存入智能卡中。Step 5, the user U _i stores (B, C, D) in the smart card.

步骤二，登录阶段。用户U_i登录时，需要将智能卡插入对应设备中并输入他的用户名(ID_i)以及密码(PW_i)。Step two, the login phase. When the user U _i logs in, he needs to insert the smart card into the corresponding device and input his user name (ID _i ) and password (PW _i ).

步骤1，智能卡调用存储的信息计算：Step 1, the smart card invokes the stored information to calculate:

C_i＝h(A_i)C _i =h(A _i )

步骤2，智能卡比较C_i＝C是否成立，如果成立，则证明了用户U_i的合法身份。In step 2, the smart card compares whether C _i =C is established, and if it is established, it proves the legal identity of the user U _i .

步骤3，智能卡随机生成一个大于1024bits的整数N并做如下计算：Step 3, the smart card randomly generates an integer N greater than 1024 bits and performs the following calculation:

${A A}_{i i} = = {A A}_{i i} &CirclePlus; &CirclePlus; N N$

F_i＝h(A_i||D_i||N)F _i ＝h(A _i ||D _i ||N)

步骤4，智能卡将登录请求(h(ID_i),E_i,CID_i,F_i)发送给服务器S。Step 4, the smart card sends the login request (h(ID _i ), E _i , CID _i , F _i ) to the server S.

步骤三，认证阶段。本阶段实现了服务器和用户的相互认证。主要步骤如下。Step three, the authentication stage. At this stage, the mutual authentication between the server and the user is realized. The main steps are as follows.

步骤1，接收到用户U_i请求(h(ID_i),E_i,CID_i,F_i)后，服务器S计算：Step 1. After receiving the user U _i request (h(ID _i ), E _i , CID _i , F _i ), the server S calculates:

${N N}_{i i}^{' '} = = {A A}_{i i} &CirclePlus; &CirclePlus; {E E.}_{i i}$

F_i′＝h(A_i′||D_i′||N_i′)F _i ′=h(A _i ′||D _i ′||N _i ′)

步骤2，服务器S比较F_i'＝F_i是否成立，如果不成立，则服务器对用户的认证失败，服务器拒绝用户的登录请求。如果成立，则服务器完成对用户的认证，服务器S选择一个大于1024bits的随机数N'并进行如下计算：Step 2, the server S compares whether F _i '=F _i is established, if not, the server fails to authenticate the user, and the server rejects the user's login request. If it is established, the server completes the authentication of the user, and the server S selects a random number N' greater than 1024 bits and performs the following calculation:

SK'＝h(A_i'||D_i'||N_i'||N')SK'＝h(A _i '||D _i '||N _i '||N')

其中SK'为服务器和用户之间服务器端的对称加密密钥。Where SK' is a symmetric encryption key on the server side between the server and the user.

使用SK'进行加密得到： Encryption using SK' yields:

步骤3，服务器S将(G',N')发送给用户U_i。Step 3, the server S sends (G', N') to the user U _i .

步骤4，收到(G',N')后，用户U_i执行如下计算：Step 4, after receiving (G', N'), user U _i performs the following calculation:

SK_i＝h(A_i||D_i||N_i||N')SK _i ＝h(A _i ||D _i ||N _i ||N')

步骤5，用户U_i验证是否成立，如果不成立，则用户对服务器的身份认证失败，用户断开连接。如果成功，则完成服务器和用户的双向身份认证。Step 5, user U _i verification Whether it is established, if not, the user's identity authentication to the server fails, and the user disconnects. If successful, the two-way authentication of the server and the user is completed.

步骤四，用户密码修改阶段。系统允许用户自由更改自己的密码而不需要再次登录服务器。假设一个用户希望将他的密码更改为PW_new，那么在他需要输入用户名(ID_i)以及密码(PW_i)后遵循如下步骤：Step 4, user password modification stage. The system allows users to freely change their passwords without having to log in to the server again. Suppose a user wants to change his password to PW _new , then he needs to enter the username (ID _i ) and password (PW _i ) and follow the steps below:

C_i＝h(A_i)C _i =h(A _i )

步骤3，用户选择一个新的密码PW_new。Step 3, the user chooses a new password PW _new .

步骤4，智能卡计算并将内部存储的B替换为B_new。如此则完成用户密码的修改。Step 4, smart card calculation and replace the internally stored B with B _new . In this way, the modification of the user password is completed.

Claims

1. the command identifying method of a high security, it is characterised in that comprise the steps of

Step one, user's registration phase, in this stage, the user of registration needs first to file one sheet smart card, deposits in smart card Store up the personal information of user；

Step 1-1, at the initial phase of user's registration, user U_iCan be with his user name (ID of unrestricted choice_i) and password (PW_i)；Step 1-2, smart card uses one-way Hash function h () to user name (ID_i) and password (PW_i) be encrypted, obtain Information is to (h (ID_i||PW_i),h(ID_i)) and be sent to server S by the channel of a safety；

Step 1-3, server S uses one-way Hash function h () and server key x and the y user profile to sending over It is encrypted, obtains:

A = h (h ({ID}_{i}) &CirclePlus; x)

B = A &CirclePlus; h ({ID}_{i} | | {PW}_{i}) &CirclePlus; h ({ID}_{i})

C=h (A)

D = h (h ({ID}_{i} | | {PW}_{i}) &CirclePlus; y);

Step 1-4, (B, C, D) is returned to user U by the channel of a safety by server S_i；

Step 1-5, user U_i(B, C, D) is stored in smart card；

Step 2, entry stage, user U_iDuring login, need insert in corresponding device by smart card and input his user name (ID_i) and password (PW_i)；

Step 2-1, smart card calls the information of storage and calculates:

A_{i} = B &CirclePlus; h ({ID}_{i} | | {PW}_{i}) &CirclePlus; h ({ID}_{i}),

C_i=h (A_i)；

Step 2-2, smart card compares C_iWhether=C sets up, if set up, then demonstrates user U_iLegal identity；

Step 2-3, one Integer N of smart card stochastic generation is also done calculated as below:

E_{i} = A_{i} &CirclePlus; N

{CID}_{i} = A_{i} &CirclePlus; h ({ID}_{i} | | {PW}_{i}) &CirclePlus; N

F_i=h (A_i||D_i||N)；

Step 2-4, smart card is by logging request (h (ID_i),E_i,CID_i,F_i) it is sent to server S；

Step 3, authentication phase, this stage achieves being mutually authenticated of server and user, and key step is as follows:

Step 3-1, receives user U_iRequest (h (ID_i),E_i,CID_i,F_iAfter), server S calculates:

{A_{i}}^{'} = h (h ({ID}_{i}) &CirclePlus; x)

{N_{i}}^{'} = A_{i} &CirclePlus; E_{i}

h {({ID}_{i} | | {PW}_{i})}^{'} = {CID}_{i} &CirclePlus; x

{D_{i}}^{'} = h (h {({ID}_{i} | | {PW}_{i})}^{'} &CirclePlus; y)

F_i'=h (A_i′||D_i′||N_i′)；

Step 3-2, server S compares F_i'=F_iWhether set up, if be false, then the server authentification failure to user, clothes The logging request of business device refusal user, if set up, then server completes the certification to user, and server S selects one at random Number N' also carries out calculated as below:

SK'=h (A_i'||D_i'||N_i'||N')

Wherein SK' is the symmetric cryptographic key of server end between server and user, uses SK' to be encrypted and obtains:

G^{'} = {SK}^{'} ({N_{i}}^{'} &CirclePlus; N^{'});

Step 3-3, (G', N') is sent to user U by server S_i；

Step 3-4, after receiving (G', N'), user U_iPerform calculated as below:

SK_i=h (A_i||D_i||N_i||N')

Wherein SK_iFor the symmetric cryptographic key of user side between server and user, use SK_iIt is decrypted and obtains: G_i=SK_i (G')；Step 3-5, user U_iCheckingWhether set up, if be false, then user's authentication to server Failure, user disconnects；If it succeeds, complete the bidirectional identity authentication of server and user.

The command identifying method of a kind of high security the most according to claim 1, it is characterised in that user can also be completed Password is revised, and system allows user freely to change the password of oneself without logging on server, it is assumed that a user wishes Hope his change of secret code to be PW_new, then need to input user name (ID at him_i) and password (PW_iFollowing steps are followed after):

Step 1, smart card performs to operate as follows:

A_{i} = B &CirclePlus; h ({ID}_{i} | | {PW}_{i}) &CirclePlus; h ({ID}_{i})

C_i=h (A_i)；

Step 2, smart card compares C_iWhether=C sets up, if set up, then demonstrates user U_iLegal identity；

Step 3, user selects a new password PW_new；

Step 4, smart card calculatesAnd the B of storage inside is replaced with B_new, so Then complete the amendment of user cipher.

The command identifying method of a kind of high security the most according to claim 1, it is characterised in that the individual in step one Information comprises date of birth, telephone number, address and signature.

The command identifying method of a kind of high security the most according to claim 1, it is characterised in that the integer in step 2-3 More than 1024bits.

The command identifying method of a kind of high security the most according to claim 1, it is characterised in that in step 3-2, N' is big Integer in 1024bits.