Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem)

Abstract

The invention provides a bilateral authentication and data interaction security protection method based on a CPK (Combined Public Key Cryptosystem). The method is applied to bilateral authentication between a user server (S1) and user equipment (D1) and interaction protection of all data. The method comprises the following steps that: the S1 receives a user login request transmitted by the D1, generates a random number a, a CPK identification public-private key pair of the random number and identification private key signature information of the S1, encrypts the random number a, the CPK identification public-private key pair and the identification private key signature information, and downloads the encrypted random number a, CPK identification public-private key pair and identification private key signature information to the D1; the D1 verifies whether or not the signature information of the S1 is legal with an identification public key of the S1 to finish authentication of the S1; the S1 performs comparative verification with the hash value of the received user login password and a saved value to finish authentication of the D1; if bilateral authentication is passed, the S1 generates a random number b, encrypts the random number b, and transmits the encrypted random number b to the D1; otherwise the S1 returns bilateral authentication failure information; and after the success of bilateral authentication of a user, the random number b is taken as a session key for all data between the D1 and the S1 in order to perform bilateral all-homomorphism data interaction.

Description

technical field [0001] The invention relates to the field of Internet communication data interaction security protection, in particular to a CPK-based two-way authentication and data interaction security protection method. Background technique [0002] With the rapid development of the Internet, various Internet-based user services emerge in an endless stream. The Internet has penetrated into all aspects of users' lives. Users often use various services closely related to life, work and entertainment through the Internet. How to make all data interactions of Internet users more credible and secure is particularly important. Data encryption is the only effective method to ensure the safe transmission of data. According to the key type, it can be divided into two categories: symmetric encryption algorithm and asymmetric encryption algorithm. The symmetric encryption algorithm uses the same key (symmetric key) to encrypt and decrypt data, and the encryption and decryption spe...

AI Technical Summary

Problems solved by technology

The symmetric encryption algorithm uses the same key (symmetric key) to encrypt and decrypt data, and the encryption and decryption speed is fast. The main disadvantage is that due to the single key, the system security is poor when used for a long time, and it is not easy to use in an open network. Environment use

Asymmetric encryption algorithm (public key encryption) uses a pair of different keys (that is, an asymmetric key, including a public key, which can be made public; the other is a private key, which is kept secret by the user himself). It is very difficult to decipher, and the system security is very high, so it is especially suitable for use in an open network environment. Its main disadvantage is that the algorithm is complex, and the speed and efficiency o

Images