Digital certificate authentication method, system, usb Key device and server

A technology of digital certificates and authentication methods, which is applied in the field of information security and can solve problems such as the illegal use of digital certificates

Active Publication Date: 2011-12-07
NSFOCUS INFORMATION TECHNOLOGY CO LTD +1
View PDF2 Cites 49 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0017] The scheme of the present invention provides a digital certificate authentication method, system, USB Key device and server, which are used to solve the problem of illegal use of digital certificates and improve the business security of legitimate users

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Digital certificate authentication method, system, usb Key device and server
  • Digital certificate authentication method, system, usb Key device and server
  • Digital certificate authentication method, system, usb Key device and server

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0048] Such as figure 2 As shown, it is a schematic flow chart of the digital certificate authentication method in Embodiment 1 of the present invention, and the specific content includes the following steps:

[0049] undertake figure 1 In the shown method, step 107: the server sends the digital certificate to the USB Key device.

[0050] Step 201: The USB Key device encrypts the received digital certificate and the locally stored confidentiality identifier to obtain a first calculation result.

[0051] In the scheme of this step, the USB Key device can encrypt the digital certificate and the confidentiality mark according to the MD5 algorithm. Even if the first calculation result is obtained illegally by other devices, the confidential identification cannot be analyzed therefrom. The algorithm used in the first embodiment is not limited to other algorithms with irreversible properties.

[0052] Step 202: The USB Key device sends the first calculation result and user info...

Embodiment 2

[0067] Such as image 3 As shown, it is a schematic flow chart of a digital certificate authentication method in Embodiment 2 of the present invention. The solution in Embodiment 2 is basically the same as the solution in Embodiment 1. The difference is that the solution in Embodiment 1 does not need to use additional verification codes. To authenticate the USB Key device, in the solution of the second embodiment, the server can authenticate the USB Key device by sending a verification code to the USB Key device on the basis of the solution of the first embodiment, specifically, in In the solution of the second embodiment, after step 107 and before step 201, the following steps are also included:

[0068] Step 201 / : The USB Key device receives the first verification code sent by the server.

[0069] The first verification code may be a random number.

[0070] In the scheme of this step 201 / , the server may send the first verification code to the USB Key device while sending ...

Embodiment 3

[0076] Embodiment 3 is based on Embodiment 1 or Embodiment 2, and realizes that the USB Key device authenticates the validity of the digital certificate received. The specific authentication process is: the USB Key device authenticates the server that sends the digital certificate, If the authentication is passed, it is determined that the digital certificate sent by the server is legal; otherwise, it is determined that the digital certificate sent by the server is illegal.

[0077] In the solution of the third embodiment, the USB Key device authenticates the server by sending a verification code to the server.

[0078] Such as Figure 4 As shown, it is a schematic flow chart of the digital certificate authentication method in the third embodiment. In the solution of the third embodiment, after the USB Key device receives the digital certificate, and the USB Key device uses the received digital certificate to perform business At any point before, do the following:

[0079] S...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a certificate authorization method, a certificate authorization system, universal serial bus (USB) Key equipment and a server. A secure storage area in the USB Key equipment additionally stores a security identifier with uniqueness, correspondence between a hardware identifier of the USB Key equipment and the security identifier is established in the server, an operationalresult of an encryption operation performed by utilizing the security identifier and a received digital certificate is transmitted to the server, and the server authenticates the received operationalresult by utilizing a locally stored security identifier and allows the USB Key equipment to use the received digital certificate only when the received operational result passes the authentication. A client cannot read information in the secure storage area in the USB Key equipment, so illegal USB Key equipment cannot pass the authentication of the server even after acquiring the digital certificate to avoid the illegal usage of the digital certificate and improve the service security of a legal user.

Description

technical field [0001] The solution of the invention relates to the field of information security, in particular to a digital certificate authentication method, system, USB Key device and server. Background technique [0002] With the development of the Internet and e-commerce, USB Key, as an "electronic key" for network user identification and data protection, is being recognized and used by more and more users. [0003] The USB Key device is an intelligent storage identity authentication device based on a USB interface. It has a built-in CPU, memory, chip operating system (COS) and a secure file system, and is used for mutual identity authentication between the server and the user. [0004] Each USB Key device can store a digital certificate, which is issued by a third-party authority—a digital certificate certification center (Certificate Authority, CA), and is an authoritative electronic document. Users of Key devices identify themselves through digital certificates. I...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/32H04L29/06
Inventor 刘永军
Owner NSFOCUS INFORMATION TECHNOLOGY CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap