Two-factor remote identity authentication method based on smart card

Abstract

The invention discloses a two-factor remote identity authentication method based on a smart card. The method comprises the following steps that a user and a server register; the user logs in; the smart card verifies locally, if passing the verification, the smart card generates first verification data and sends the first verification data to the server; the server verifies the identity of the smart card, if passing the verification, the server generates second verification data and sends the second verification data to the smart card; the smart card verifies validity of the identity of the server, if passing the verification, the smart card generates a smart card end session key and third verification data and sends the third verification data to the server; and the server carries out second verification on the identity of the smart card according to the received third verification data, if passing the verification, the server generates a server side session key. The method has the beneficial effects of user anonymity, capabilities of resisting a Dos attack and a stolen attack of the smart card and the like.

Description

technical field [0001] The present invention relates to the field of information security and network technology, in particular to a smart card-based two-factor remote identity authentication method Background technique [0002] The rapid development of network communication technology has made more and more people accustomed to using the services provided by the network, such as e-commerce, e-government, and electronic logistics. To obtain information from the server or enjoy the services provided by the server, the user must first log in to the server. Therefore, there needs to be a remote identity authentication scheme applied to the network to verify the legitimacy of the user. However, the Internet is a public environment, and anyone can intercept messages between users and servers, so how to protect user information and prevent illegal communication is very important. [0003] The two-factor authentication method is to judge the identity of the user through the two f...

AI Technical Summary

Problems solved by technology

If the campus card and financial card are lost and the key information is stolen by the attacker, it will lead to the leakage of personal information and even property loss

Although the existing technology provides some solutions, such as commonly used credit card verification methods, there is no local verification step in these methods. If an attacker obtains a smart card in a certain way, he can continue to send login requests to the server. , so that the system cannot work normally, resulting in a denial of service attack; not only that, in the login phase of these methods, the user transmits his identity to the server in plain text through a public channel, and the attacker can intercept the communication between the user and the server to monitor the user's identity. The login time and regularity can realize anonymous attacks; in addition, in these methods, the user identity is stored in the smart card, so that the method can be attacked by smart card theft; in addition, these methods cannot change the password, which is not suitable for practical applications

Images