[go: up one dir, main page]

CN107612949B - Wireless intelligent terminal access authentication method and system based on radio frequency fingerprint - Google Patents

Wireless intelligent terminal access authentication method and system based on radio frequency fingerprint Download PDF

Info

Publication number
CN107612949B
CN107612949B CN201711112106.0A CN201711112106A CN107612949B CN 107612949 B CN107612949 B CN 107612949B CN 201711112106 A CN201711112106 A CN 201711112106A CN 107612949 B CN107612949 B CN 107612949B
Authority
CN
China
Prior art keywords
intelligent terminal
server
wireless intelligent
radio frequency
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201711112106.0A
Other languages
Chinese (zh)
Other versions
CN107612949A (en
Inventor
陈宜
文红
谢非佚
陈松林
宋欢欢
胡林
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
University of Electronic Science and Technology of China
Original Assignee
University of Electronic Science and Technology of China
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by University of Electronic Science and Technology of China filed Critical University of Electronic Science and Technology of China
Priority to CN201711112106.0A priority Critical patent/CN107612949B/en
Publication of CN107612949A publication Critical patent/CN107612949A/en
Application granted granted Critical
Publication of CN107612949B publication Critical patent/CN107612949B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a wireless intelligent terminal access authentication method and a wireless intelligent terminal access authentication system based on radio frequency fingerprints, wherein the method comprises the following steps: s1, initializing, registering and inputting: the wireless intelligent terminal encrypts a registration password input by a user and transmits the encrypted registration password to the server, initiates a registration request to the server, and the server completes initialization registration entry according to the encrypted password and the radio frequency fingerprint of the wireless intelligent terminal; s2, operating login authentication: when a user requests to log in the server, bidirectional legality authentication between the wireless intelligent terminal and the server is carried out according to the initialized registration input information, and the conversation on-off of the wireless intelligent terminal and the server is managed according to an authentication result. The invention provides a wireless intelligent terminal access authentication method and system based on radio frequency fingerprints, which can realize mutual authentication between a wireless intelligent terminal and a server, reduce the complexity of identity authentication of a mobile intelligent terminal and improve the safety of identity authentication.

Description

Wireless intelligent terminal access authentication method and system based on radio frequency fingerprint
Technical Field
The invention relates to the field of wireless intelligent terminal equipment access authentication, in particular to a wireless intelligent terminal access authentication method and system based on radio frequency fingerprints.
Background
With the rapid development of mobile internet technology and the change of mobile terminals, various mobile terminals such as smart phones and tablet computers have penetrated into daily life and work, and especially have a wide application prospect in the aspects of emerging internet of things and cloud computing. However, the performance of the mobile intelligent terminal is limited due to the cost limitation, and the open mobile wireless network itself has many risks, and is vulnerable to intrusion by hackers or illegal users and other attacks, such as cloning, replay, impersonation, eavesdropping, tampering, denial of service attack, and the like. Identity authentication of two communication parties is the basis and key of information security and privacy protection, and once an identity authentication system is damaged, the system has no security.
The traditional authentication system is implemented based on a cryptographic system and a security protocol, that is, two communication parties verify the validity of the identities of each other by means of interaction of challenge and response according to secret information shared in advance. Common identity authentication modes mainly comprise static password authentication, one-time password authentication, digital certificate-based identity authentication and hardware equipment-based identity authentication. But their application has certain limitations. Compared with the traditional PC identity authentication, the identity authentication of the mobile intelligent terminal has some differences, such as: the mobile intelligent terminal has limited calculation and storage capacity and limited energy consumption, is not suitable for adopting a complex encryption algorithm, and needs to avoid frequent communication times and the like. Therefore, a safe identity authentication scheme suitable for the mobile intelligent terminal communication system needs to be designed.
In recent years, a non-password authentication technology based on physical layer information is proposed for information security and privacy protection of wireless devices, and the non-password authentication mode has the characteristics of higher security performance and low complexity. Radio Frequency Fingerprint (RFF) based radio transmission device identification and verification is one of the non-password authentication techniques. The technology carries out waveform extraction on a received radio signal carrying hardware information of radio transmitting equipment to obtain an RFF, wherein the RFF embodies the unique characteristic of the hardware of the radio transmitting equipment; the main reason for the RFF is the tolerance phenomenon of the electronic components of the wireless transmitter. Component tolerances result in the system properties not being exactly the same even if the structure of the radio transmitting part is the same as the component nominal value; in the radio frequency band, small component difference can also cause great difference of radio frequency signals, so that the unique identification of the electronic equipment through the RFF is feasible; and the RFF-based authentication fully utilizes the hardware characteristics of the terminal, almost does not need additional calculation and has low complexity.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provides a wireless intelligent terminal access authentication method and system based on radio frequency fingerprints, which can realize mutual authentication between a wireless intelligent terminal and a server, reduce the complexity of identity authentication of the wireless intelligent terminal and improve the safety of identity authentication.
The purpose of the invention is realized by the following technical scheme: a wireless intelligent terminal access authentication method based on radio frequency fingerprints comprises the following steps:
s1, initializing, registering and inputting: the wireless intelligent terminal encrypts a registration password input by a user and transmits the encrypted registration password to the server, initiates a registration request to the server, and the server completes initialization registration entry according to the encrypted password and the radio frequency fingerprint of the wireless intelligent terminal; specifically, the step S1 includes the following sub-steps: s101, a user inputs a password PW to a wireless intelligent terminal, and the wireless intelligent terminal encrypts the input password to obtain an encrypted password CS (H) (PW), wherein H (PW) represents that the input password PW is encrypted and calculated by using a Hash function; s102, the wireless intelligent terminal transmits the encrypted password CS to a server and sends a registration request Reg to the server; s103, the server extracts a radio frequency fingerprint RFF of the wireless intelligent terminal from the received signal waveforms of the registration request Reg and the encryption password CS; s104, the server verifies the radio frequency fingerprint RFF of the wireless intelligent terminal and judges whether the user already exists: if the user does not exist, generating a shared secret value K, then storing the encryption password CS, the radio frequency fingerprint RFF and the shared secret value K in a database, and sending the shared secret value K to the wireless intelligent terminal; if the user exists, the existing notification information of the user is fed back to the wireless intelligent terminal, and the registration is finished; and S105, after receiving the shared secret value K, the wireless intelligent terminal stores the shared secret value K, sends an acknowledgement message Ack to the server and finishes registration.
S2, operating login authentication: when a user requests to log in the server, bidirectional legality authentication between the wireless intelligent terminal and the server is carried out according to the initialized registration input information, and the conversation on-off of the wireless intelligent terminal and the server is managed according to an authentication result. Specifically, the step S2 includes the following sub-steps: s201, when a user requests to log in a server, a password PW is input through a wireless intelligent terminal, and then a login request message M is generated1And sending the request message M to a server1The ID information is initialized to default to 0; s202, the server verifies the validity of the wireless intelligent terminal, and the server firstly extracts the wireless intelligent terminal from the received signal waveformRadio frequency fingerprint RFFc(M1) Then, the RFF is judgedc(M1) Whether or not it exists in the database: if the wireless intelligent terminal does not exist, the session between the server and the wireless intelligent terminal is disconnected; if yes, go to step S203; s203, searching for radio frequency fingerprints RFF in databasec(M1) Generating a new random number PS (new) by utilizing a pseudo-random generation algorithm, calculating and judging whether H (PS (new)) is equal to H (ID), wherein H (PS (new)) represents a Hash calculation result of the random number PS (new), and H (ID) represents a Hash calculation result of the ID: if H (PS (new)) is equal to H (ID), regenerating new PS (new), returning to step S203 to judge again whether H (PS (new)) is equal to H (ID); if H (PS) (new)) is not equal to H (ID), sending a verification message M to the wireless intelligent terminal2Verification message M2The step (S) includes encrypted password information (CS), random number information (PS) (new), and shared secret value information (K), and the step (S204) is proceeded; s204, the wireless intelligent terminal receives the authentication message M sent by the server2Then, for M2Verifying and judging whether the server is legal: if the verification fails, the server is considered to be illegal, and the wireless intelligent terminal disconnects the session with the server; if the verification is successful, the wireless intelligent terminal updates the ID and sends a verification message M to the server again3(ii) a S205, the server verifies the validity of the wireless intelligent terminal again, and the server receives M3Then, to message M3And (4) carrying out verification: if message M3If the verification fails, the server refuses the login of the wireless intelligent terminal; if message M3After the verification is successful, the server extracts and verifies the radio frequency fingerprint RFF of the wireless intelligent terminal from the received signal waveform againc(M3) If the verification is unsuccessful, the login of the wireless intelligent terminal is refused; and if the verification is successful, sending a confirmation message to the wireless intelligent terminal, finishing the authentication, and successfully accessing the wireless intelligent terminal to the server.
Preferably, in step S104, the server determines whether the user already exists as follows: and if the radio frequency fingerprint RFF of the wireless intelligent terminal does not exist in the current database, the user is considered to exist.
A wireless intelligent terminal access authentication system based on radio frequency fingerprints comprises a wireless intelligent terminal, a server and a database; the wireless intelligent terminal is connected with the server through a wireless network, and the server is connected with the database;
the wireless intelligent terminal is used for registering and logging in a server by a user;
the server is used for interacting with the wireless intelligent terminal, finishing initialization registration entry of a user based on the radio frequency fingerprint, performing bidirectional access authentication with the wireless intelligent terminal according to the initialization registration entry information of the user, and managing the on-off of a session between the wireless intelligent terminal and the server according to an authentication result;
and the database is used for storing the initial registration input information of the user for access authentication between the server and the wireless intelligent terminal.
The invention has the beneficial effects that: the method is efficient, flexible and independent of a third party, the server side has the function of extracting and identifying the radio frequency fingerprint when receiving the signal, and the mobile intelligent terminal does not need to add extra hardware, so that the complexity and the expense of the mobile intelligent terminal are reduced, common attacks such as cloning, replaying, counterfeiting and the like can be resisted, the anonymity requirement of the mobile intelligent terminal is met, mutual authentication between the intelligent terminal and the server is realized, the complexity of identity authentication of the mobile intelligent terminal is reduced, and the safety of identity authentication is improved.
Drawings
FIG. 1 is a flow chart of a method of the present invention;
FIG. 2 is a flow chart of the present invention for performing initial registration entry;
FIG. 3 is a flow chart of the present invention for performing a login authentication;
fig. 4 is a schematic block diagram of the system of the present invention.
Detailed Description
The technical solutions of the present invention are further described in detail below with reference to the accompanying drawings, but the scope of the present invention is not limited to the following.
As shown in fig. 1, a wireless intelligent terminal access authentication method based on radio frequency fingerprint includes the following steps:
s1, initializing, registering and inputting: the wireless intelligent terminal encrypts a registration password input by a user and transmits the encrypted registration password to the server, initiates a registration request to the server, and the server completes initialization registration entry according to the encrypted password and the radio frequency fingerprint of the wireless intelligent terminal;
s2, operating login authentication: when a user requests to log in the server, bidirectional legality authentication between the wireless intelligent terminal and the server is carried out according to the initialized registration input information, and the conversation on-off of the wireless intelligent terminal and the server is managed according to an authentication result.
As shown in fig. 2, the step S1 includes the following sub-steps:
s101, a user inputs a password PW to a wireless intelligent terminal, and the wireless intelligent terminal encrypts the input password to obtain an encrypted password CS (H) (PW), wherein H (PW) represents that the input password PW is encrypted and calculated by using a Hash function;
s102, the wireless intelligent terminal transmits the encrypted password CS to a server and sends a registration request Reg to the server;
s103, the server extracts a radio frequency fingerprint RFF of the wireless intelligent terminal from the received signal waveforms of the registration request Reg and the encryption password CS;
s104, the server verifies the radio frequency fingerprint RFF of the wireless intelligent terminal and judges whether the user already exists:
if the user does not exist, generating a shared secret value K, then storing the encryption password CS, the radio frequency fingerprint RFF and the shared secret value K in a database, and sending the shared secret value K to the wireless intelligent terminal;
if the user exists, the existing notification information of the user is fed back to the wireless intelligent terminal, and the registration is finished;
and S105, after receiving the shared secret value K, the wireless intelligent terminal stores the shared secret value K, sends an acknowledgement message Ack to the server and finishes registration.
In the embodiment of the present application, in the step S104, the server determines whether the user already exists as follows: and if the radio frequency fingerprint RFF of the wireless intelligent terminal does not exist in the current database, the user is considered to exist.
As shown in fig. 3, the step S2 includes the following sub-steps:
s201, when a user requests to log in a server, a password PW is input through a wireless intelligent terminal, and then a login request message M is generated1And sending the request message M to a server1The ID information is initialized to default to 0;
s202, the server verifies the validity of the wireless intelligent terminal, and the server firstly extracts the radio frequency fingerprint RFF of the wireless intelligent terminal from the received signal waveformc(M1) Then, the RFF is judgedc(M1) Whether or not it exists in the database:
if the wireless intelligent terminal does not exist, the session between the server and the wireless intelligent terminal is disconnected;
if yes, go to step S203;
s203, searching for radio frequency fingerprints RFF in databasec(M1) Generating a new random number PS (new) by utilizing a pseudo-random generation algorithm, calculating and judging whether H (PS (new)) is equal to H (ID), wherein H (PS (new)) represents a Hash calculation result of the random number PS (new), and H (ID) represents a Hash calculation result of the ID:
if H (PS (new)) is equal to H (ID), regenerating new PS (new), returning to step S203 to judge again whether H (PS (new)) is equal to H (ID);
if H (PS) (new)) is not equal to H (ID), sending a verification message M to the wireless intelligent terminal2Verification message M2The step (S) includes encrypted password information (CS), random number information (PS) (new), and shared secret value information (K), and the step (S204) is proceeded;
in an embodiment of the present application, the verification message M2Comprising P, W two parameters, wherein:
Figure BDA0001465487090000051
h () represents a hash operation;
s204, the wireless intelligent terminal receives the authentication message M sent by the server2Then, for M2Verifying and judging whether the server is legal:
if the verification fails, the server is considered to be illegal, and the wireless intelligent terminal disconnects the session with the server;
if the verification is successful, the wireless intelligent terminal updates the ID and sends a verification message M to the server again3
In this embodiment, for the authentication message M2The verification method of (1) is as follows:
the parameter CS' ═ h (pw) is calculated,
Figure BDA0001465487090000052
Figure BDA0001465487090000053
if the parameter W 'is equal to W, the authentication is successful, otherwise, the authentication is failed, and the updated ID is equal to PS'; authentication message M sent again to the server3Comprises the following steps:
Figure BDA0001465487090000054
s205, the server verifies the validity of the wireless intelligent terminal again, and the server receives M3Then, to message M3And (4) carrying out verification:
in this embodiment, message M3The verification method of (1) is as follows:
calculating parameters
Figure BDA0001465487090000055
If the parameter M3' and M3If the two are equal, the verification is successful, otherwise, the verification fails.
If message M3If the verification fails, the server refuses the login of the wireless intelligent terminal;
if message M3Is verified asAnd the server extracts and verifies the radio frequency fingerprint RFF of the wireless intelligent terminal from the received signal waveform againc(M3) Verifying, and if the verification is unsuccessful, refusing the login of the wireless intelligent terminal; and if the verification is successful, sending a confirmation message to the wireless intelligent terminal, finishing the authentication, and successfully accessing the wireless intelligent terminal to the server.
All symbols in the above embodiments
Figure BDA0001465487090000056
All represent exclusive or operators; all symbols "|", denote the join operator.
A wireless intelligent terminal access authentication system based on radio frequency fingerprints comprises a wireless intelligent terminal, a server and a database; the wireless intelligent terminal is connected with the server through a wireless network, and the server is connected with the database;
the wireless intelligent terminal is used for registering and logging in a server by a user; in an embodiment of the present application, the wireless smart terminal includes: the registration module is used for inputting a registration password by a user, encrypting the registration password, transmitting the encrypted registration password to the server and storing a shared secret value generated by the server; and the login module is used for inputting a login password by a user and completing bidirectional authentication with the server.
The server is used for interacting with the wireless intelligent terminal, finishing initialization registration entry of a user based on the radio frequency fingerprint, performing bidirectional access authentication with the wireless intelligent terminal according to the initialization registration entry information of the user, and managing the on-off of a session between the wireless intelligent terminal and the server according to an authentication result; in an embodiment of the present application, the server includes: the registration entry module is used for extracting the radio frequency fingerprint of the wireless intelligent terminal initiating the registration request, generating a shared secret value and transmitting the shared secret value to the wireless intelligent terminal, and storing the registration password of the user, the radio frequency fingerprint of the wireless intelligent terminal and the shared secret value as initial registration entry information in a database; and the access authentication module interacts with the wireless intelligent terminal to complete bidirectional interactive authentication according to the radio frequency fingerprint of the wireless intelligent terminal, the login password and the initialized entry information in the database during login when a user initiates a login request.
And the database is used for storing the initial registration input information of the user for access authentication between the server and the wireless intelligent terminal.

Claims (2)

1.一种基于射频指纹的无线智能终端接入认证方法,其特征在于:包括以下步骤:1. a wireless intelligent terminal access authentication method based on radio frequency fingerprint, is characterized in that: comprise the following steps: S1.初始化注册录入:无线智能终端对用户输入的注册密码进行加密后传输给服务器,并向服务器发起注册请求,服务器根据加密后的密码和无线智能终端的射频指纹,完成初始化注册录入;S1. Initial registration entry: the wireless intelligent terminal encrypts the registration password input by the user and transmits it to the server, and initiates a registration request to the server, and the server completes the initial registration entry according to the encrypted password and the radio frequency fingerprint of the wireless intelligent terminal; S2.运行登录认证:用户请求登录服务器时,根据初始化注册录入信息,进行无线智能终端与服务器之间双向的合法性认证,并根据认证结果管理无线智能终端与服务器的会话通断;S2. Run login authentication: when the user requests to log in to the server, according to the initialized registration input information, two-way legality authentication between the wireless intelligent terminal and the server is performed, and the session between the wireless intelligent terminal and the server is managed according to the authentication result; 所述步骤S1包括以下子步骤:The step S1 includes the following sub-steps: S101.用户向无线智能终端输入密码PW,无线智能终端对输入的密码进行加密,得到加密密码CS=H(PW),其中,H(PW)表示利用Hash函数对输入密码PW进行加密计算;S101. The user inputs the password PW to the wireless smart terminal, and the wireless smart terminal encrypts the input password to obtain an encrypted password CS=H(PW), wherein H(PW) represents that the input password PW is encrypted and calculated using a Hash function; S102.无线智能终端将加密密码CS传输给服务器,并向服务器发送注册请求Reg;S102. The wireless intelligent terminal transmits the encrypted password CS to the server, and sends a registration request Reg to the server; S103.服务器从接收到的注册请求Reg和加密密码CS的信号波形中提取无线智能终端的射频指纹RFF;S103. The server extracts the radio frequency fingerprint RFF of the wireless intelligent terminal from the received signal waveform of the registration request Reg and the encrypted password CS; S104.服务器对无线智能终端的射频指纹RFF进行验证,判断用户是否已经存在:S104. The server verifies the radio frequency fingerprint RFF of the wireless intelligent terminal to determine whether the user already exists: 如果用户不存在,则生成共享的秘密值K,然后将加密密码CS、射频指纹RFF和共享秘密值K保存在数据库中,并向无线智能终端发送共享秘密值K;If the user does not exist, generate the shared secret value K, then save the encrypted password CS, the radio frequency fingerprint RFF and the shared secret value K in the database, and send the shared secret value K to the wireless intelligent terminal; 如果用户存在,将用户已存在的通知信息反馈给无线智能终端,注册结束;If the user exists, the existing notification information of the user is fed back to the wireless intelligent terminal, and the registration ends; S105.无线智能终端收到共享秘密值K后,将其进行保存,并向服务器发送确认消息Ack,注册完成;S105. After receiving the shared secret value K, the wireless intelligent terminal stores it, and sends an acknowledgement message Ack to the server, and the registration is completed; 步骤S104中,服务器判断用户是否已经存在的过程如下:若当前数据库中已经存在无线智能终端的射频指纹RFF,则认为用户存在,若当前数据库中不存在无线智能终端的射频指纹RFF,则认为用户不存在;In step S104, the process of the server judging whether the user already exists is as follows: if the radio frequency fingerprint RFF of the wireless intelligent terminal already exists in the current database, it is considered that the user exists; if the radio frequency fingerprint RFF of the wireless intelligent terminal does not exist in the current database, it is considered that the user does not exist; 所述步骤S2包括以下子步骤:The step S2 includes the following sub-steps: S201.用户请求登录服务器时,通过无线智能终端输入密码PW,然后生成登录请求消息M1并发送给服务器,所述请求消息M1中包含ID信息,ID信息初始化默认为0;S201. When the user requests to log in to the server, the password PW is input through the wireless intelligent terminal, and then a login request message M1 is generated and sent to the server, where the request message M1 contains ID information, and the ID information is initialized to 0 by default; S202.服务器验证无线智能终端的合法性,服务器首先从接收到的信号波形中提取无线智能终端的射频指纹RFFc(M1),然后判断射频指纹RFFc(M1)是否存在数据库中:S202. The server verifies the legitimacy of the wireless intelligent terminal. The server first extracts the radio frequency fingerprint RFF c (M 1 ) of the wireless intelligent terminal from the received signal waveform, and then judges whether the radio frequency fingerprint RFF c (M 1 ) exists in the database: 如果不存在,则断开服务器与无线智能终端的会话;If it does not exist, disconnect the session between the server and the wireless intelligent terminal; 如果存在,进入步骤S203;If it exists, go to step S203; S203.在数据库中查找射频指纹RFFc(M1)对应的加密密码CS,接着利用伪随机发生算法生成新的随机数PS(new),计算并判断H(PS(new))是否等于H(ID),其中,H(PS(new))表示随机数PS(new)的Hash计算结果,H(ID)表示对ID的Hash计算结果:S203. Find the encrypted password CS corresponding to the radio frequency fingerprint RFF c (M 1 ) in the database, then use the pseudo-random generation algorithm to generate a new random number PS(new), calculate and judge whether H(PS(new)) is equal to H( ID), where H(PS(new)) represents the Hash calculation result of the random number PS(new), and H(ID) represents the Hash calculation result of the ID: 如果H(PS(new))与H(ID)相等,则重新生成新的PS(new),返回步骤S203重新判断H(PS(new))是否等于H(ID);If H(PS(new)) is equal to H(ID), then regenerate a new PS(new), and return to step S203 to re-judg whether H(PS(new)) is equal to H(ID); 如果H(PS(new))与H(ID)不相等,则向无线智能终端发送验证消息M2,验证消息M2中包含加密密码信息CS,随机数信息PS(new),以及共享秘密值信息K,进入步骤S204;If H(PS(new)) and H(ID) are not equal, send a verification message M 2 to the wireless intelligent terminal, and the verification message M 2 includes encrypted password information CS, random number information PS(new), and shared secret value Information K, enter step S204; 所述验证消息M2包含P、W两个参数,其中:The verification message M2 contains two parameters P and W, wherein:
Figure FDA0002259189390000021
H()表示哈希运算;
Figure FDA0002259189390000022
表示异或运算符;所有符号“||”表示连接运算符;
Figure FDA0002259189390000021
H() represents a hash operation;
Figure FDA0002259189390000022
Represents the XOR operator; all symbols "||" represent the concatenation operator; S204.无线智能终端收到服务器发来的认证消息M2后,对M2进行验证,判断服务器是否合法:S204. After receiving the authentication message M2 sent by the server, the wireless intelligent terminal verifies M2 to determine whether the server is legal: 如果验证失败,则认为服务器为不合法,无线智能终端断开与服务器的会话;If the verification fails, the server is considered illegal, and the wireless intelligent terminal disconnects the session with the server; 如果验证成功,无线智能终端更新ID,并再次向服务器发送验证消息M3If the verification is successful, the wireless intelligent terminal updates the ID, and sends the verification message M3 to the server again ; 对认证消息M2的验证方式如下:The way of verifying the authentication message M 2 is as follows: 计算参数CS′=H(PW),
Figure FDA0002259189390000023
若参数W′与W相等,则认证成功,反之,认证失败,更新后的ID等于PS′;再次向服务器发送的验证消息M3为:The calculation parameter CS'=H(PW),
Figure FDA0002259189390000023
If the parameter W' is equal to W, the authentication succeeds; otherwise, the authentication fails, and the updated ID is equal to PS'; the verification message M3 sent to the server again is:
Figure FDA0002259189390000024
Figure FDA0002259189390000024
 S205.服务器再次验证无线智能终端的合法性,服务器收到M3后,对消息M3进行验证:S205. The server verifies the validity of the wireless intelligent terminal again. After receiving M3, the server verifies the message M3: 如果消息M3验证失败,则服务器拒绝无线智能终端的登录;If the verification of the message M3 fails, the server rejects the login of the wireless intelligent terminal; 如果消息M3验证成功,服务器再次从接收到的信号波形中提取并验证无线智能终端的射频指纹RFFc(M3),若验证不成功,则拒绝无线智能终端的登录;若验证成功,则向无线智能终端发送确认消息,认证完成,无线智能终端成功接入服务器;If the verification of the message M 3 is successful, the server extracts and verifies the radio frequency fingerprint RFF c (M 3 ) of the wireless intelligent terminal from the received signal waveform again. If the verification is unsuccessful, the login of the wireless intelligent terminal is rejected; if the verification is successful, the Send a confirmation message to the wireless intelligent terminal, the authentication is completed, and the wireless intelligent terminal successfully accesses the server; 消息M3的验证方式如下:Message M3 is verified as follows: 计算参数
Figure FDA0002259189390000025
如果参数M3′与M3相等,则验证成功,反之,则验证失败。Calculated parameters
Figure FDA0002259189390000025
If the parameter M 3 ′ is equal to M 3 , the verification succeeds; otherwise, the verification fails. 2.如权利要求1所述的一种基于射频指纹的无线智能终端接入认证方法所采用的系统,其特征在于:包括无线智能终端、服务器和数据库;所述无线智能终端通过无线网络与服务器连接,服务器与数据库连接;2. The system adopted by a radio frequency fingerprint-based wireless intelligent terminal access authentication method according to claim 1, characterized in that: comprising a wireless intelligent terminal, a server and a database; the wireless intelligent terminal communicates with the server through a wireless network connection, the server is connected to the database; 所述无线智能终端,用于供用户在服务器上进行注册和登录;The wireless intelligent terminal is used for users to register and log in on the server; 所述服务器,用于与无线智能终端交互,基于射频指纹完成用户的初始化注册录入,并根据用户初始化注册录入信息,与无线智能终端进行双向接入认证,根据认证结果管理无线智能终端与服务器的会话通断;The server is used to interact with the wireless intelligent terminal, complete the user's initial registration and entry based on the radio frequency fingerprint, and perform two-way access authentication with the wireless intelligent terminal according to the user's initial registration and entry information, and manage the connection between the wireless intelligent terminal and the server according to the authentication result. session on and off; 所述数据库,用于对用户的初始化注册录入信息进行保存,供服务器与无线智能终端之间进行接入认证。The database is used to save the user's initial registration and entry information for access authentication between the server and the wireless intelligent terminal.
CN201711112106.0A 2017-11-13 2017-11-13 Wireless intelligent terminal access authentication method and system based on radio frequency fingerprint Active CN107612949B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711112106.0A CN107612949B (en) 2017-11-13 2017-11-13 Wireless intelligent terminal access authentication method and system based on radio frequency fingerprint

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711112106.0A CN107612949B (en) 2017-11-13 2017-11-13 Wireless intelligent terminal access authentication method and system based on radio frequency fingerprint

Publications (2)

Publication Number Publication Date
CN107612949A CN107612949A (en) 2018-01-19
CN107612949B true CN107612949B (en) 2020-03-24

Family

ID=61086384

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711112106.0A Active CN107612949B (en) 2017-11-13 2017-11-13 Wireless intelligent terminal access authentication method and system based on radio frequency fingerprint

Country Status (1)

Country Link
CN (1) CN107612949B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108551674B (en) * 2018-03-16 2020-07-31 南京东科优信网络安全技术研究院有限公司 Wireless network access safety protection system and method based on device physical fingerprint characteristics
CN108449339B (en) * 2018-03-16 2020-07-31 南京东科优信网络安全技术研究院有限公司 Wired network access security protection system and method based on device physical fingerprint characteristics
CN112543252B (en) * 2020-10-22 2021-10-26 重庆恢恢信息技术有限公司 Work method for capturing construction site behavior image data based on block chain
CN116033540A (en) * 2021-10-25 2023-04-28 中国移动通信有限公司研究院 Terminal equipment registration processing method, communication system and related equipment
CN114297615B (en) * 2022-03-09 2022-05-20 上海物骐微电子有限公司 Identity authentication method, device, equipment and storage medium
CN114501452A (en) * 2022-03-31 2022-05-13 深圳博纳移动信息技术有限公司 Access management method and system for multi-type hardware equipment

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103078741B (en) * 2013-01-07 2016-04-20 南通大学 A kind of RFID bidirectional identification protocol method
US9635044B2 (en) * 2014-06-02 2017-04-25 Bastille Networks, Inc. Electromagnetic persona generation based on radio frequency fingerprints
CN105516201B (en) * 2016-01-20 2018-10-23 陕西师范大学 Lightweight anonymous authentication and cryptographic key negotiation method under a kind of environment of multi-server
CN107070949B (en) * 2017-05-24 2020-05-05 江苏大学 A design method of a lightweight identity authentication protocol for in-vehicle network based on device fingerprint

Also Published As

Publication number Publication date
CN107612949A (en) 2018-01-19

Similar Documents

Publication Publication Date Title
CN107612949B (en) Wireless intelligent terminal access authentication method and system based on radio frequency fingerprint
CN105188055B (en) wireless network access method, wireless access point and server
CN102262793B (en) Entrance guard control method and entrance guard control system
CN103517273B (en) Authentication method, managing platform and Internet-of-Things equipment
CN103780397B (en) A kind of multi-screen multiple-factor convenient WEB identity authentication method
US20170353442A1 (en) Proximity-based authentication
CN103905401B (en) A kind of identity identifying method and equipment
CN108270571A (en) Internet of Things identity authorization system and its method based on block chain
CN112396735B (en) Internet automobile digital key safety authentication method and device
CN110278084B (en) eID establishment method, related equipment and system
CN101039181B (en) Method for Preventing Service Functional Entities in Universal Authentication Framework from Attacking
CN105307108A (en) Internet of things information interactive communication method and system
TWI632798B (en) Server, mobile terminal, and network real-name authentication system and method
CN101867929A (en) Authentication method, system, authentication server and terminal device
CN110659467A (en) A remote user identity authentication method, device, system, terminal and server
CN115001841A (en) Identity authentication method, identity authentication device and storage medium
WO2014110877A1 (en) Mobile terminal device and user authentication method based on pki technology
CN102685749A (en) Wireless safety authentication method orienting to mobile terminal
CN114430324B (en) On-line rapid identity verification method based on hash chain
CN114531277A (en) User identity authentication method based on block chain technology
CN112383401B (en) User name generation method and system for providing identity authentication service
KR101348079B1 (en) System for digital signing using portable terminal
CN105578464A (en) An Enhanced WLAN Certificate Authentication Method, Device and System
CN109587683B (en) Method and system, application program and terminal information database for SMS anti-monitoring
CN105577699B (en) A kind of secure access authentication method of two-way dynamic non-stop layer authentication

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant