Data interaction safety protection method based on CPK identity authentication technology

Abstract

The invention provides a data interaction safety protection method based on a CPK identity authentication technology. The method is applied to user login security of a user service system (S1) and interactive protection of all service data. The user service system (S1) is used for receiving a login request transmitted by a user intelligent terminal, generating a random number a and generating a CPK identification public-private key pair of the random number a by using the CPK identity authentication technology, and downwardly transmitting to the user intelligent terminal after using the CPK identification public-private key to encrypt the CPK identification public-private key pair of the random number a. A user inputs a user login command on the intelligent terminal and transmits the user service system (S1) to recognize authenticity of a user identity after encrypting the hash value which is obtained by changing the user login command. The user service system (S1) is used for generating a random number b and transmitting to the user intelligent terminal after being encrypted if the verification is passed, otherwise, returning the data of failing login. After the user registers successfully, all service data between the user intelligent terminal and the user service system (S1) uses the random number b as a session key to perform bidirectional whole secret state service data interaction.

Description

technical field [0001] The invention relates to the field of communication data interaction security protection, in particular to a data interaction security protection method based on CPK identification authentication technology. Background technique [0002] With the rapid development of the Internet, various Internet-based user service systems emerge in an endless stream. The Internet has penetrated into all aspects of users' lives. Users often use various services that are closely related to life, work and entertainment through the Internet. On today's Internet, viruses, phishing websites, Trojan horses, hackers, etc. seriously threaten the security of user service data information interaction, and leaks of user data often occur. [0003] How to protect the Internet user service system and all user service data to make it more credible and safe is particularly important. Data encryption is the only effective method to ensure the safe transmission of data. Nowadays, the...

AI Technical Summary

Problems solved by technology

The symmetric encryption algorithm uses the same key (symmetric key) to encrypt and decrypt data, and the encryption and decryption speed is fast. The main disadvantage is that due to the single key, the system security is poor when used for a long time, and it is not easy to use in an open network. Environment use

Asymmetric encryption algorithm (public key encryption) uses a pair of different keys (that is, an asymmetric key, including a public key, which can be made public; the other is a private key, which is kept secret by the user himself). It is very difficult to decipher, and the system security is very high, so it is especially suitable for use in an open network environment. Its main disadvantage is that the algorithm is complex, and the speed and efficiency of encrypting and decrypting data are relatively low

[0004] The PKI certification system is also an asymmetric encryption certification system currently in use, but it requires the support of a third-party CA certification center. The manufacturer's public key needs to be obtained from the CA center for verification, and the merchant needs to establish an online CA center, which is costly and expensive. Management is complex, and point-to-point offline authentication cannot be realized, and point-to-point static key exchange cannot be realized

Images