Authentication method for client certificate, server and client

An authentication method and client-side technology, applied in the client certificate authentication method, server and client fields, can solve the problems of client loss, digital certificate and password leakage, and achieve the effect of avoiding identity misidentification

Active Publication Date: 2013-11-27
BEIJING XINWANG RUIJIE NETWORK TECH CO LTD
View PDF2 Cites 22 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In the traditional client certificate authentication method, if the digital certificate and password are stolen, it will cause leakage and bring immeasurable losses to customers

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Authentication method for client certificate, server and client
  • Authentication method for client certificate, server and client
  • Authentication method for client certificate, server and client

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] figure 1 It is a flow chart of Embodiment 1 of the client certificate authentication method of the present invention, as shown in figure 1 As shown, the method provided in this embodiment includes the following steps:

[0040] Step 101. The server receives the certificate chain sent by the client. The certificate chain includes a secondary CA certificate and a temporary client certificate. The secondary CA certificate contains the first MD5 value corresponding to the hardware signature of the client. feature code.

[0041] Among them, the client temporary certificate is issued by the secondary CA certificate, and the secondary CA certificate is issued by the primary CA certificate. When the server needs to verify the identity of the client, the client issues a client temporary certificate through the local secondary CA certificate. The validity period of the client temporary certificate is very short, such as 1 minute or 30 seconds. A temporary client certificate is ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an authentication method for a client certificate, a server and a client. The authentication method includes the steps that the server receives a certificate chain sent by the client, the certificate chain comprises a second-level CA certificate and a client temporary certificate, the second-level CA certificate includes a first MD5 value corresponding to a hardware feature code of the client, and the client temporary certificate includes a hardware feature code; the server verifies whether the certificate chain is legal or not, if the certificate chain is legal, a corresponding second MD5 value is generated according to the hardware feature code included in the client temporary certificate, the first MD5 value and the second MD5 value are compared whether to be same or not, and if yes, the situation that the identification of the client is effective is determined. Due to the uniqueness of the MD5 values, if the client temporary certificate is stolen, the second MD5 value is bound to be different from the first MD5 value. Therefore, the client can not be counterfeited, and the situation that in the prior art, a digital certificate is stolen and causes identification mistakes is avoided.

Description

technical field [0001] The invention relates to communication technology, in particular to a client certificate authentication method, a server and a client. Background technique [0002] With the development of Internet technology, identity authentication has become one of the problems that Internet applications need to solve. According to the different requirements of the security level and the equipped external authentication facilities, the user can perform identity authentication in a variety of ways, among which the higher security method is the digital certificate authentication. [0003] The digital certificate contains information about the public key, the certificate holder, and the issuer. The certificate holder has the corresponding private key and public key. The Certificate Authority (CA) certificate is a certificate that can issue sub-certificates. The CA certificate is called the root certificate, and there are secondary CA certificates below it. During the...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 刘桂源
Owner BEIJING XINWANG RUIJIE NETWORK TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap