CN113037701A

CN113037701A - Method and system for identity authentication based on time calibration data

Info

Publication number: CN113037701A
Application number: CN202011273196.3A
Authority: CN
Inventors: 不公告发明人
Original assignee: Du Guangxiang
Current assignee: Gainet Big Data Technology Co ltd
Priority date: 2017-09-29
Filing date: 2017-09-29
Publication date: 2021-06-25
Anticipated expiration: 2037-09-29
Also published as: CN113037701B; CN107454113A; CN107454113B

Abstract

The invention discloses a method and a system for identity authentication based on time calibration data, wherein the method comprises the following steps: generating time calibration data, and generating modified time calibration data and sending the modified time calibration data to each user terminal when identity authentication is required after time calibration; each user terminal updates local time by the server standard time to realize time calibration; after each user terminal completes time calibration, determining and analyzing the first and second identification data items by identifying the zone bit of the identification data item to determine a forward user terminal and a reverse user terminal; selecting an initial authentication data block for identity authentication from a plurality of preset data blocks according to the second data and the random natural number in the time information; generating a forward authentication data block and a reverse authentication data block based on the initial authentication data block; and the forward user terminal and the reverse user terminal perform identity authentication based on the forward authentication data block and the reverse authentication data block.

Description

Method and system for identity authentication based on time calibration data

Divisional application

The application is a divisional application of a patent application which is filed on 29/09/2017, has an application number of 201710911162.4 and is entitled "a method and a system for identity authentication based on time calibration data".

Technical Field

The present invention relates to the field of network communications, such as the field of internet of things communications, and more particularly, to a method and system for performing identity authentication based on time calibration data.

Background

At present, as the convenience of mobile devices is getting more and more focused by users, the application scenarios of mobile devices such as mobile phones are also more and more extensive, and with the help of rich applications, the mobile devices may have the functions of microcomputers. Various application programs supported by the operating system of the mobile device can realize the processing and recording of related data or files through the date and time provided by the operating system or directly using the date and time generated by the timer.

Along with the intelligent development of mobile devices, the functions of the mobile devices are more and more powerful, and the requirements on the accuracy of the moving time are higher and higher. Mobile payments may require the processing of funding services using mobile devices, which may affect the user experience if the mobile device uses the wrong time information.

When a server is ready to time align multiple mobile devices, a period of data interaction or processing is typically required to complete the time alignment. However, after the server is ready to time calibrate, the authentication request of the mobile device cannot be responded to in time because the authentication completion time of the server for the authentication request may be after the time calibration is completed. In this case, data errors are often caused because time modifications of the mobile device may be involved after the time alignment is completed. For this reason, the server typically delays the authentication request to wait for the time alignment to complete. However, this approach may result in a poor user experience for the user requesting authentication through the mobile device, and cannot handle the user's authentication request immediately.

Disclosure of Invention

According to an aspect of the present invention, there is provided a method of identity authentication based on time alignment data, the method comprising:

the method comprises the steps that a server generates time calibration data used for carrying out time calibration on a plurality of user terminals in a communication domain, wherein the time calibration data comprises time information and redundant information, when identity authentication needs to be carried out between any two user terminals in the user terminals after the time calibration is carried out on the user terminals, two identification data items are added into the redundant information by the server to generate modified time calibration data, and each identification data item is quintuple < flag bit, authentication identification, processing type, opposite terminal address and random natural number >; the server sending the modified time alignment data to each of the plurality of user terminals;

after each of the plurality of user terminals receives the modified time calibration data, each user terminal determines a server standard time based on the respective network transmission time and time information in the modified time calibration data, and updates a local time with the server standard time to achieve time calibration;

after each user terminal completes time calibration, each user terminal determines a first identification data item and a second identification data item in the modified time calibration data by identifying a zone bit of the identification data item, analyzes the first identification data item and the second identification data item, determines a user terminal with a forward processing type in the first identification data item as a forward user terminal and determines a user terminal with a reverse processing type in the second identification data item as a reverse user terminal when the user terminal determines that identity authentication is required based on an authentication identification;

the forward user terminal and the reverse user terminal respectively select an initial authentication data block for identity authentication from a plurality of preset data blocks according to the second data and the random natural number in the time information, wherein each preset data block in the plurality of preset data blocks comprises a plurality of data bits with different digits, and the initial value of all the data bits is 1;

the forward user terminal determines an initial data bit for performing forward processing on the initial authentication data block according to clock data and the random natural number in the time information, determines a first number of continuous data bits for performing processing from the initial data bit by using minute data and the random natural number in the time information, and sets each bit of the first number of continuous data bits to 0 to generate a forward authentication data block;

the reverse user terminal determines a starting data bit for performing reverse processing on the initial authentication data block according to clock data and the random natural number in the time information, determines a second number of continuous data bits for performing processing from the starting data bit by using minute data and the random natural number in the time information, and sets each of other data bits except the second number of continuous data bits in the plurality of data bits to 0 to generate a reverse authentication data block;

the forward user terminal sends the forward authentication data block to a reverse user terminal based on the opposite terminal address in the first identification data item, and the reverse user terminal sends the reverse authentication data block to the forward user terminal based on the opposite terminal address in the second identification data item; and

the forward user terminal carries out XOR operation on the forward authentication data block and the received reverse authentication data block according to bits to generate a first authentication data block, and when the first authentication data block is the same as the initial authentication data block, the first user terminal determines that the identity authentication result of the second user terminal is successful; the reverse user terminal carries out bitwise XOR operation on the reverse authentication data block and the received forward authentication data block to generate a second authentication data block; and when the second authentication data block is the same as the initial authentication data block, the second user terminal determines that the identity authentication result of the first user terminal is successful.

According to another aspect of the present invention, there is provided a system for identity authentication based on time calibration data, the system comprising:

the time calibration method comprises the steps that a server generates time calibration data used for time calibration of a plurality of user terminals in a communication domain, wherein the time calibration data comprises time information and redundant information, when identity authentication needs to be carried out between any two user terminals in the user terminals after the time calibration of the user terminals, two identification data items are added in the redundant information by the server to generate modified time calibration data, and each identification data item is a quintuple < flag bit, an authentication identification, a processing type, an opposite terminal address and a random natural number >; the server sending the modified time alignment data to each of the plurality of user terminals;

a plurality of user terminals, each of which determines a server standard time based on a respective network transmission time and time information in the modified time calibration data after receiving the modified time calibration data, and updates a local time with the server standard time to implement time calibration;

the forward user terminal and the reverse user terminal respectively select an initial authentication data block for identity authentication from a plurality of preset data blocks according to second data and the random natural number in the time information, wherein each preset data block in the plurality of preset data blocks comprises a plurality of data bits with different digits, and the initial value of all the data bits is 1;

When the server receives authentication requests from any two user terminals in the plurality of user terminals within a preset time after entering a time calibration preparation state, it is determined that identity authentication needs to be performed between any two user terminals in the plurality of user terminals after time calibration is performed on the plurality of user terminals.

When the server does not receive authentication requests from any two user terminals in the plurality of user terminals within a preset time after entering a time calibration preparation state, it is determined that identity authentication is not required to be performed between any two user terminals in the plurality of user terminals after time calibration is performed on the plurality of user terminals, the server does not modify the redundant information, wherein the redundant information is used for performing data reservation on information to be transmitted by the server, and an initial value of the redundant information is randomly generated by the server.

The server adding two identification data items in the redundant information comprises:

adding the first identification data item in the redundant information, wherein the flag bit of the first identification data item is the identifier of the server, the authentication identification is the hardware address of the first user terminal, the processing type is forward processing, and the opposite terminal address is the network address of the second user terminal and a first random natural number;

adding a second identification data item in the redundant information, wherein the flag bit of the second identification data item is the identifier of the server, the authentication identification is the hardware address of a second user terminal, the processing type is reverse processing, and the opposite terminal address is the network address of the first user terminal and a second random natural number;

wherein the first random natural number is equal to the second random natural number.

The server sets a timer in the time information, and starts the timer to start timing the network transmission time when the server sends the time calibration data or the modified time calibration data.

And when each user terminal receives the time calibration data or the modified time calibration data, determining the respective network transmission time based on the value timed by the counter.

Wherein each user terminal determining a first identification data item and a second identification data item in the modified time alignment data by identifying a flag bit of an identification data item comprises: and each user terminal identifies the redundant information, and determines that a first identification data item and a second identification data item exist in the redundant information when the identification value is the zone bit of the identifier of the server.

When the user terminal in the plurality of user terminals determines that the authentication identifier is the hardware address of the user terminal, the user terminal determines that identity authentication is required, determines a first user terminal with the processing type of forward processing as a forward user terminal, and determines a second user terminal with the processing type of reverse processing as a reverse user terminal.

The forward user terminal and the reverse user terminal respectively select an initial authentication data block for identity authentication from a plurality of preset data blocks according to the second data and the random natural number in the time information, and the initial authentication data block comprises: and the forward user terminal and the reverse user terminal respectively perform arithmetic operation on the second data and the random natural number in the time information to obtain a data block sequence number, and select a preset data block positioned at the data block sequence number as an initial authentication data block for identity authentication.

The arithmetic operation includes: summation, modulo, absolute difference, and averaging.

Wherein the determining, by the forward user terminal, a start data bit for performing forward processing on the initial authentication data block according to the clock data in the time information and the random natural number includes: the forward user terminal takes the arithmetic operation result of the clock data value and the random natural number in the time information as the serial number of the initial data bit for performing forward processing on the initial authentication data block;

wherein determining a first number of consecutive data bits to process from a starting data bit using minute data in the time information and the random natural number comprises: and taking the numerical value of the minute data in the time information and the arithmetic operation result of the random natural number as a first number of continuous data bits which are processed from the initial data bit.

The reverse user terminal determining the initial data bit for performing reverse processing on the initial authentication data block according to the clock data in the time information and the random natural number comprises: the reverse user terminal takes the arithmetic operation result of the clock data value and the random natural number in the time information as the serial number of the initial data bit for performing reverse processing on the initial authentication data block;

determining a second number of consecutive data bits to process from a starting data bit using a random natural number and minute data in the time information and the random natural number comprises: and taking the numerical value of the minute data in the time information and the arithmetic operation result of the random natural number as a second number of continuous data bits which are processed from the initial data bit.

According to yet another aspect of the present invention, there is provided a method of identity authentication based on time alignment data, the method comprising:

the forward user terminal and the reverse user terminal respectively use the random natural number and the second data in the time information to select an initial authentication data block for identity authentication from a plurality of preset data blocks, wherein each preset data block in the plurality of preset data blocks comprises a plurality of data bits with different digits, and the initial value of all the data bits is 1 or 0 generated randomly;

the forward user terminal determines an initial data bit for performing forward processing on the initial authentication data block according to clock data and the random natural number in the time information, determines a first number of continuous data bits for performing processing from the initial data bit by using minute data and the random natural number in the time information, and negates each bit in the first number of continuous data bits to generate a forward authentication data block;

the reverse user terminal determines a starting data bit for performing reverse processing on the initial authentication data block according to clock data and the random natural number in the time information, determines a second number of continuous data bits for performing processing from the starting data bit by using minute data and the random natural number in the time information, and inverts each of other data bits except the second number of continuous data bits in the plurality of data bits to generate a reverse authentication data block;

the forward user terminal carries out bitwise XOR operation on the forward authentication data block and the received reverse authentication data block to generate a first authentication data block, and when the first authentication data block has the same number of bits as the initial authentication data block and each data bit of the first authentication data block is 1, the first user terminal determines that the identity authentication result of the second user terminal is successful;

and the reverse user terminal performs exclusive-or operation on the reverse authentication data block and the received forward authentication data block according to bits to generate a second authentication data block, and when the number of bits of the second authentication data block is the same as that of the initial authentication data block and each data bit of the second authentication data block is 1, the second user terminal determines that the identity authentication result of the first user terminal is successful.

According to still another aspect of the present invention, there is provided a system for identity authentication based on time calibration data, the system comprising:

Setting a timer in the time information, and starting the timer to start timing network transmission time when the server sends the time calibration data or the modified time calibration data.

the forward user terminal and the reverse user terminal respectively use the random natural number and the second data in the time information to select an initial authentication data block for identity authentication from a plurality of preset data blocks, wherein each preset data block in the plurality of preset data blocks comprises a plurality of data bits with the same number of bits but different initial values, and the initial values of all the data bits are randomly generated 1 or 0;

the forward user terminal determines a first shift direction for circularly shifting the initial authentication data block according to clock data and the random natural number in the time information, determines a first shift quantity for circularly shifting the initial authentication data block by using minute data and the random natural number in the time information, and circularly shifts the initial authentication data block based on the first shift direction and the first shift quantity to generate a forward authentication data block;

the reverse user terminal determines a second shift direction for circularly shifting the initial authentication data block according to the clock data and the random natural number in the time information, determines a second shift quantity for circularly shifting the initial authentication data block by using the minute data and the random natural number in the time information, and circularly shifts the initial authentication data block based on the second shift direction and the second shift quantity to generate a reverse authentication data block;

and when the forward user terminal determines that the forward authentication data block is the same as the received reverse authentication data block, the first user terminal determines that the identity authentication result of the second user terminal is successful, and when the reverse user terminal determines that the reverse authentication data block is the same as the received forward authentication data block, the second user terminal determines that the identity authentication result of the first user terminal is successful.

the forward user terminal determines a first shift direction for circularly shifting the initial authentication data block according to clock data in the time information, determines a first shift quantity for circularly shifting the initial authentication data block by using minute data and the random natural number in the time information, and circularly shifts the initial authentication data block based on the first shift direction and the first shift quantity to generate a forward authentication data block;

the reverse user terminal determines a second shifting direction for circularly shifting the initial authentication data block according to clock data in the time information, determines a second shifting quantity for circularly shifting the initial authentication data block by using minute data and the random natural number in the time information, and circularly shifts the initial authentication data block based on the second shifting direction and the second shifting quantity to generate a reverse authentication data block;

The determining, by the forward user terminal according to the clock data in the time information, a first shift direction of the initial authentication data block by cyclic shift includes: the forward user terminal determines a first shift direction for circularly shifting the initial authentication data block according to the parity of the clock data in the time information; and

determining a first shift number for cyclically shifting an initial authentication data block using minute data in time information and the random natural number includes: the arithmetic sum of the remainder modulo 10 by the value of the minute data in the time information and the random natural number is used as a first shift amount for cyclically shifting the initial authentication data block.

The determining, by the reverse user terminal, a second shift direction of the cyclic shift of the initial authentication data block according to the clock data in the time information includes: the reverse user terminal determines a second shift direction for circularly shifting the initial authentication data block according to the parity of the clock data in the time information;

determining a second shift number for cyclically shifting the initial authentication data block using the minute data in the time information and the random natural number includes: and taking the difference value of the remainder of the number of bits of the data bits of the initial authentication data block modulo 10 with the value of the minute data in the time information and the arithmetic sum of the random natural numbers as a second shifting quantity for circularly shifting the initial authentication data block. .

Wherein when the clock data in the time information is an even number, the first shift direction is determined to be rightward; when the clock data in the time information is an even number, the second shift direction is determined to be to the left.

Wherein when the clock data in the time information is an odd number, the first shift direction is determined to be rightward; when the clock data in the time information is odd, the second shift direction is determined to be to the left.

Wherein a sum of the first and second shift amounts is equal to a number of bits of data bits of the initial authentication data block. Wherein the first shift direction is opposite to the second shift direction, and the first shift quantity and the second shift quantity are not equal to 0. The number of bits of each preset data block is greater than or much greater than (e.g., greater than 30 or more than) a threshold value, which is an arithmetic sum of the random natural number and 9.

the forward user terminal and the reverse user terminal respectively select an initial authentication data block for identity authentication from a plurality of preset data blocks according to the random natural number and the second data in the time information, wherein each preset data block in the plurality of preset data blocks comprises a plurality of data bits with different digits, and the initial value of all the data bits is 1 or 0 generated randomly;

the forward user terminal determines a starting data bit for performing data extraction on the initial authentication data block according to clock data and the random natural number in the time information, determines a first number of continuous data bits for performing data extraction from the starting data bit by using minute data and the random natural number in the time information, and takes the first number of continuous data bits as a forward authentication data block;

the reverse user terminal determines an initial data bit for performing data extraction on the initial authentication data block according to clock data and the random natural number in the time information, determines a second number of continuous data bits for performing data extraction from the initial data bit by using minute data and the random natural number in the time information, and takes the second number of continuous data bits as a reverse authentication data block;

Wherein the determining, by the forward user terminal, a start data bit for performing forward processing on the initial authentication data block according to the clock data in the time information and the random natural number includes: the forward user terminal takes the arithmetic operation result of the clock data value and the random natural number in the time information as the serial number of the initial data bit for performing forward processing, namely data extraction, on the initial authentication data block;

wherein determining a first number of consecutive data bits for data extraction starting from a starting data bit using minute data in the time information and the random natural number comprises: and taking the numerical value of the minute data in the time information and the arithmetic operation result of the random natural number as a first number of continuous data bits for data extraction from the initial data bit.

The reverse user terminal determining the initial data bit for performing reverse processing on the initial authentication data block according to the clock data in the time information and the random natural number comprises: the reverse user terminal takes the arithmetic operation result of the clock data value and the random natural number in the time information as the serial number of the initial data bit for performing reverse processing, namely data extraction, on the initial authentication data block;

determining a second number of consecutive data bits for data extraction starting from a starting data bit using a random natural number and minute data in the time information and the random natural number comprises: and taking the numerical value of the minute data in the time information and the arithmetic operation result of the random natural number as a second number of continuous data bits for data extraction from the initial data bit.

Drawings

A more complete understanding of exemplary embodiments of the present invention may be had by reference to the following drawings in which:

fig. 1 is a schematic structural diagram of a communication system according to an embodiment of the present invention;

fig. 2 is a schematic diagram of identity authentication in a communication system according to an embodiment of the present invention;

FIG. 3 is a schematic diagram of a system for identity authentication based on time alignment data according to an embodiment of the present invention;

FIG. 4 is a flow chart of a method of time calibration according to an embodiment of the present invention;

FIG. 5 is a flow chart of a method of identity authentication based on time alignment data according to an embodiment of the present invention;

FIG. 6 is a flow chart of a method of identity authentication based on time alignment data according to another embodiment of the present invention;

FIG. 7 is a flow chart of a method of identity authentication based on time alignment data according to yet another embodiment of the present invention; and

fig. 8 is a flowchart of a method for performing identity authentication based on time alignment data according to another embodiment of the present invention.

Detailed Description

Fig. 1 is a schematic diagram of a communication system 100 according to a preferred embodiment of the present invention. The communication system 100 includes: server, user terminal 1, user terminal 2, user terminal 3, user terminal 4, user terminal 5, user terminal 6, user terminals 7, …, and user terminal N. Wherein the server is in wireless connection with any of the user terminals 1-N to provide services to the user terminals. The server time-calibrates the user terminals 1-N with the time calibration data and provides the user terminals 1-N with identity authentication. For example, when the user terminal 2 wishes to perform data communication with the user terminal 5, the user terminal 2 sends a communication request carrying identity information and peer device information to the server. The server authenticates the identity of the user terminal 2 based on the identity information and sends a communication request to the user terminal 5 based on the peer device information. The user terminal 5 sends a response message carrying the identity information to the server. The server authenticates the identity of the user terminal 5 based on the identity information. After the user terminal 2 and the user terminal 5 both pass the identity authentication of the server, the user terminal 2 can perform data communication with the user terminal 5. This process may be, for example, authentication of the handset communication by the subscriber identity module.

Fig. 2 is a schematic diagram of identity authentication in a communication system according to a preferred embodiment of the present invention. As shown in fig. 2, when the user terminal 2 wishes to communicate data with the user terminal 5, the server may use the procedure described above to complete the identity authentication and thereby enable the user terminals 2 and 5 to communicate data. However, when the server is ready to time-calibrate the user terminals 1-N, time calibration needs to be completed through data interaction or processing. For this reason, the authentication request of the user terminal 1-N cannot be responded to in time after the server prepares to perform the time calibration and before the time calibration is completed. This is because the authentication completion time of the server for the authentication request may be after the time alignment is completed, i.e. after the user terminal 1-N modifies the local time. In this case, data errors are usually caused because time modification of the user terminal may be involved after the time alignment is completed. To this end, the present application uses a system for authentication based on time calibration data to enable authentication of a user terminal during time calibration.

Fig. 3 is a schematic diagram of a system 300 for identity authentication based on time alignment data according to a preferred embodiment of the present invention. The system 300 includes: a server and user terminals 1-N. The server generates time alignment data for time aligning the user terminals 1-N within the communication domain, wherein the time alignment data comprises time information and redundant information. Wherein the time information is used to indicate a standard time of the server, and the standard time can be obtained by satellite time service, clock oscillator time service or any other method. The time information includes year data, month data, date data, clock data, minute data, and second data. The redundant information is used for data reservation for information to be transmitted by the server, and an initial value of the redundant information is randomly generated by the server. For example, the redundant information may be a plurality of data bits of all 0 s or all 1 s.

When the server does not receive authentication requests from any two user terminals in the user terminals 1 to N within a predetermined time after entering the time calibration preparation state, it is determined that identity authentication is not required to be performed between any two user terminals after time calibration is performed on the user terminals 1 to N. Wherein the predetermined time is, for example, 10 seconds, 20 seconds, 30 seconds, 1 minute, etc. After entering the time calibration preparation state, the server performs preparation work related to time calibration, such as generating time calibration data and determining a user terminal to be prepared for time calibration. And under the condition that identity authentication between any two user terminals is not required, the server does not modify the redundant information.

When the server receives authentication requests from any two user terminals, e.g., user terminals 2 and 5, among the user terminals 1-N within a predetermined time after entering the time alignment preparation state, it is determined that the authentication needs to be performed between the user terminals 2 and 5 after performing the time alignment on the user terminals 1-N.

When the server needs to perform authentication between the user terminals 2 and 5 after performing time calibration on the user terminals 1-N, the server adds two identification data items to the redundant information to generate modified time calibration data. Each identification data item is a five-tuple < flag bit, authentication identification, processing type, opposite terminal address, random natural number >. Wherein the flag bit is data for indicating the start of each identification data item; the authentication identification is used for identifying which user terminal in the user terminals 1-N needs to perform identity authentication; the processing type is used for representing the type or role of processing required by the user terminal in the identity authentication process, namely, what kind of processing is performed; the opposite terminal address is used for indicating the network address of the opposite user terminal performing identity authentication with the specific user terminal (the target terminal address of the opposite user terminal is the network address of the specific user terminal); and the random natural number is random data used for data subsequent data processing. For example, the random number natural number is any of 1 to 9.

The server adding two identification data items to the redundant information may include: a first identification data item is added to the redundant information. Wherein the flag bit of the first identification data item is an identifier of the server, a network address or any data capable of indicating the start of the data item; the authentication flag is the hardware address of the user terminal 2, the processing type is forward processing, the counter terminal address is the network address of the user terminal 5, and the first random natural number is, for example, 6.

Adding a second identification data item in the redundant information, wherein the zone bit of the second identification data item is the identifier of the server, the network address or any data capable of indicating the starting point of the data item; the authentication flag is the hardware address of the user terminal 5, the processing type is reverse processing, the counter terminal address is the network address of the user terminal 2, and the second random natural number is, for example, 6. Wherein the first random natural number is equal to the second random natural number.

The server then sends the time alignment data or the modified time alignment data to each of the user terminals 1-N. When each of the user terminals 1-N receives the time calibration data or the modified time calibration data, each user terminal determines a server standard time based on the respective network transmission time and the time information in the time calibration data or the modified time calibration data, and updates the local time with the server standard time to achieve time calibration.

The server sets a timer in the time information, and the timer may be, for example, a program module or a code or a functional block having a timing function. When the server sends the time alignment data or the modified time alignment data, a timer is started to start timing the network transmission time. Each user terminal, upon receiving the time alignment data or the modified time alignment data, determines a respective network transmission time based on a value timed by a counter. For example, when the value counted by the timer is 3 seconds and the time information is 2016, 8, 20, 8 minutes and 5 seconds, it may be determined that the current standard time of the server is 2016, 8, 20, 8 minutes and 8 seconds.

Identity authentication initialization

After the user terminals 1-N have all completed the time alignment, each user terminal determines the first identification data item and the second identification data item in the modified time alignment data by identifying the flag bit of the identification data item. Subsequently, each user terminal parses the first identification data item and the second identification data item. When any user terminal in the plurality of user terminals 1-N determines that identity authentication is required based on the authentication identifier, the user terminal 2 whose processing type is forward processing in the first identification data item is determined as a forward user terminal, and the user terminal 5 whose processing type is reverse processing in the second identification data item is determined as a reverse user terminal. That is, when the user terminal 2 determines that the authentication identifier of the first identification data item is the hardware address of the user terminal 2, it is determined that the user terminal 2 needs to perform identity authentication; and when the user terminal 5 determines that the authentication identifier of the second identification data item is the hardware address of the user terminal, determining that the user terminal 5 needs to perform identity authentication. The other ones of the user terminals 1-N determine that no authentication is required.

Wherein the user terminal 1-N determining the first identification data item and the second identification data item in the modified time alignment data by identifying a flag bit of the identification data item may comprise: each user terminal identifies the redundant information and determines that an identification data item, e.g., the first and second identification data items, is present in the redundant information when a flag bit having a value of an identifier of the server, a network address, or any data capable of indicating the start of the data item is identified. When any user terminal in the user terminals 1-N determines that the authentication identifier is the hardware address of the user terminal, the user terminal determines that identity authentication is required. Determining two user terminals needing identity authentication, determining a first user terminal (user terminal 2) with the processing type of forward processing as a forward user terminal, and determining a second user terminal (mobile address 5) with the processing type of reverse processing as a reverse user terminal.

Preferably, when the user terminal 1-N joins the communication domain for initialization, the server sends a plurality of preset data blocks to the user terminal authenticated by initialization. Or a plurality of preset data blocks are pre-stored in each of the user terminals 1-N before the provider provides the user terminals 1-N to the user. Each preset data block can be used for identity authentication between user terminals, and each preset data block is a data segment composed of a plurality of data bits or bits. In general, the number of bits of data bits of the plurality of preset data blocks may be the same or different, and the value of the data bit may be 1 or 0.

For example, each of the plurality of preset data blocks includes a plurality of data bits each having a different number of bits and all the data bits have the same initial value, for example, 1 (or 0). For example, the number of bits of the preset data block is 100, 115, 120, 150, etc. For example, the predetermined data block is 1111111. Each of the plurality of preset data blocks includes a plurality of data bits each having a different number of bits and an initial value of all the data bits is a randomly generated 1 or 0. For example, the preset data block is 101110100.. 01101. Each of the plurality of preset data blocks includes a plurality of data bits having the same number of bits but different initial values and the initial values of all the data bits are randomly generated 1 or 0. For example, the number of bits of the predetermined data block is 150.

Identity authentication implementation mode one

The forward user terminal (user terminal 2) selects an initial authentication data block for identity authentication from a plurality of preset data blocks according to the second data and the (first) random natural number in the time information. The reverse user terminal (user terminal 5) selects an initial authentication data block for identity authentication from a plurality of preset data blocks according to the second data and the (second) random natural number in the time information. Wherein each of the plurality of preset data blocks includes a plurality of data bits each having a different number of bits and an initial value of all the data bits is 1. Wherein, the first random natural number and the second random natural number are the same.

The method for selecting the initial authentication data block for identity authentication from the plurality of preset data blocks by the forward user terminal and the reverse user terminal respectively according to the second data and the corresponding random natural number in the time information comprises the following steps: the method comprises the steps that a forward user terminal and a reverse user terminal respectively carry out arithmetic operation on second data and (first or second) random natural numbers to obtain preset data block sequence numbers, and preset data blocks located at the preset data block sequence numbers are selected as initial authentication data blocks for identity authentication. Wherein the arithmetic operation comprises: summation, modulo arithmetic, arithmetic of absolute differences, and averaging, etc. For example, the second data is 15 seconds and the (first or second) random natural number is 9. The preset data block sequence number determined in the above manner may be: 15+9 ═ 24, 15mod 9 ═ 6, |15-9| ═ 6, and (15+9)/2 ═ 12. Further, when the result of the averaging operation is not an integer, the result may be rounded up or rounded down.

The forward user terminal determines a starting data bit for performing forward processing on an initial authentication data block according to clock data in the time information and the random natural number, determines a first number of continuous data bits for performing processing from the starting data bit by using minute data in the time information and the random natural number, and sets each bit of the first number of continuous data bits to 0 to generate a forward authentication data block.

The forward user terminal determines the initial data bit for performing forward processing on the initial authentication data block according to the clock data in the time information and the random natural number, and the method comprises the following steps: the forward user terminal uses the clock data in the time information and the arithmetic operation result of the random natural number, such as arithmetic sum, as the serial number of the initial data bit for forward processing of the initial authentication data block. Alternatively, the arithmetic operation result, for example, an arithmetic sum, may be arithmetically operated on with a specific numerical value and the calculation result may be taken as the sequence number of the start data bit forward-processing the initial authentication data block. Wherein the arithmetic operation comprises: summation, modulo arithmetic, arithmetic of absolute differences, and averaging, etc.

Wherein determining a first number of consecutive data bits to process from a starting data bit using minute data in the time information and the random natural number comprises: the minute data in the time information and the arithmetic operation result of the random natural number, such as an arithmetic sum, are taken as the first number of consecutive data bits to be processed from the start data bit. Alternatively, the arithmetic operation result, for example, an arithmetic sum, may be arithmetically operated on with a specific numerical value and the calculation result may be taken as the sequence number of the start data bit forward-processing the initial authentication data block. Wherein the arithmetic operation comprises: summation, modulo arithmetic, arithmetic of absolute differences, and averaging, etc.

For example, in the case where the clock data is 5 and the random natural number is 6, the sequence number of the start data bit subjected to the forward processing may be set to the arithmetic sum 11 of 5 and 6. In the case where the arithmetic sum is 11 and the specific value is 9, the sequence number of the start data bit determined in the above manner may be: 11+9 ═ 20, 11mod 9 ═ 2, |11-9| ═ 2, and (11+9)/2 ═ 10.

For example, in the case where the minute data is 1 and the random natural number is 4, the first number of consecutive data bits to be processed is set to the arithmetic sum 5 of 1 and 4. In the case where the arithmetic sum is 5 and the specific numerical value is 3, the first number of consecutive data bits to be processed determined in the above manner may be: 5+3 ═ 8, 5mod 3 ═ 2, |5-3| ═ 2, and (5+3)/2 ═ 4.

In this case, for example, the forward user terminal sets each of 5 consecutive data bits to 0 starting at the 11 th data bit of the initial authentication data block. For example, the initial authentication data block is 20 bits and each bit is 1, and thus it is known that the forward user terminal modifies the initial authentication data block 11111111111111111111 to 11111111110000011111 (forward authentication data block).

The reverse user terminal determines a starting data bit for performing reverse processing on the initial authentication data block according to the clock data and the random natural number in the time information, determines a second number of continuous data bits for performing processing from the starting data bit by using the minute data and the random natural number in the time information, and sets each of other data bits except the second number of continuous data bits in the plurality of data bits to 0 to generate a reverse authentication data block.

The reverse user terminal determines the initial data bit for performing reverse processing on the initial authentication data block according to the clock data in the time information and the random natural number, and the method comprises the following steps: the reverse user terminal uses the arithmetic operation result, such as arithmetic sum, of the clock data and the random natural number in the time information as the serial number of the initial data bit for reverse processing of the initial authentication data block. Alternatively, the arithmetic operation result, for example, an arithmetic sum, may be arithmetically operated on with a specific numerical value and the calculation result may be taken as the sequence number of the start data bit that reversely processes the initial authentication data block. Wherein the arithmetic operation comprises: summation, modulo arithmetic, arithmetic of absolute differences, and averaging, etc.

Wherein determining a second number of consecutive data bits to process from the starting data bit using the minute data in the time information and the random natural number comprises: the minute data in the time information and the arithmetic operation result of the random natural number, such as an arithmetic sum, are used as the second number of consecutive data bits to be processed from the start data bit. Alternatively, the arithmetic operation result, for example, an arithmetic sum, may be arithmetically operated on with a specific numerical value and the calculation result may be taken as the sequence number of the start data bit that reversely processes the initial authentication data block. Wherein the arithmetic operation comprises: summation, modulo arithmetic, arithmetic of absolute differences, and averaging, etc.

For example, in the case where the clock data is 5 and the random natural number is 6, the order number of the start data bit subjected to the reverse processing may be set to the arithmetic sum 11 of 5 and 6. In the case where the arithmetic sum is 11 and the specific value is 9, the sequence number of the start data bit determined in the above manner may be: 11+9 ═ 20, 11mod 9 ═ 2, |11-9| ═ 2, and (11+9)/2 ═ 10.

For example, in the case where the minute data is 1 and the random natural number is 4, the second number of consecutive data bits to be processed is set to the arithmetic sum 5 of 1 and 4. In the case where the arithmetic sum is 5 and the specific value is 3, the second number of consecutive data bits to be processed determined in the above manner may be: 5+3 ═ 8, 5mod 3 ═ 2, |5-3| ═ 2, and (5+3)/2 ═ 4.

In this case, for example, the reverse user terminal holds each of 5 consecutive data bits as 1 and sets each of the other 5 consecutive data bits to zero starting at the 11 th data bit of the initial authentication data block. For example, the initial authentication data block is 20 bits and each bit is 1, and thus it is known that the reverse user terminal modifies 11111111111111111111 to 00000000001111100000 (reverse authentication data block).

It should be appreciated that the starting data bit processed in the forward direction and the starting data bit processed in the reverse direction are both greater than zero. Wherein the first number and the second number are both greater than zero. The number of bits of each preset data block is greater than or much greater than (e.g., greater than 30 or more than) a threshold value, which is the maximum of the first number of arithmetic sums and the sequence number of the starting data bit being processed forward in different cases. Furthermore, the number of bits of each preset data block is greater than or much greater than (e.g., greater than 30 or more than) a threshold value, which is the maximum of the number of the first and second number of arithmetic sums of the starting data bits that are processed in reverse in different cases.

The forward user terminal sends the forward authentication data block to the reverse user terminal based on the subtended terminal address (network address of the reverse user terminal, e.g. IP address) in the first identification data item, and the reverse user terminal sends the reverse authentication data block to the forward user terminal based on the subtended terminal address (network address of the forward user terminal, e.g. IP address) in the second identification data item.

The forward user terminal performs bitwise XOR operation on the forward authentication data block and the received reverse authentication data block to generate a first authentication data block. The forward authentication data block 11111111110000011111 is exclusive-ored with the reverse authentication data block 00000000001111100000 to generate a first authentication data block 11111111111111111111. The first user terminal determines that the authentication result of the second user terminal is authentication success when the first authentication data block 11111111111111111111 is the same as the initial authentication data block 11111111111111111111.

The reverse user terminal performs bitwise exclusive-or operation on the reverse authentication data block and the received forward authentication data block to generate a second authentication data block. The reverse authentication data block 00000000001111100000 is exclusive-ored with the forward authentication data block 11111111110000011111 to generate a second authentication data block 11111111111111111111. When the second authentication data block 11111111111111111111 is the same as the initial authentication data block 11111111111111111111, the second user terminal determines that the identity authentication result of the first user terminal is authentication success.

Identity authentication implementation mode two

The forward user terminal (user terminal 2) selects an initial authentication data block for identity authentication from a plurality of preset data blocks according to the second data and the (first) random natural number in the time information. The reverse user terminal (user terminal 5) selects an initial authentication data block for identity authentication from a plurality of preset data blocks according to the second data and the (second) random natural number in the time information. Wherein each of the plurality of preset data blocks includes a plurality of data bits each having a different number of bits and an initial value of all the data bits is a randomly generated 1 or 0. Wherein, the first random natural number and the second random natural number are the same.

The forward user terminal determines a starting data bit for performing forward processing on the initial authentication data block according to clock data and a random natural number in the time information, determines a first number of continuous data bits for performing processing from the starting data bit by using minute data and the random natural number in the time information, and negates each bit in the first number of continuous data bits to generate the forward authentication data block.

The forward user terminal determines the initial data bit for performing forward processing on the initial authentication data block according to the clock data and the random natural number in the time information, and the method comprises the following steps: the forward user terminal uses the arithmetic operation result, such as arithmetic sum, of the clock data and the random natural number in the time information as the serial number of the start data bit of the forward processing for the initial authentication data block. Alternatively, the arithmetic operation result, for example, an arithmetic sum, may be arithmetically operated on with a specific numerical value and the calculation result may be taken as the sequence number of the start data bit forward-processing the initial authentication data block. Wherein the arithmetic operation comprises: summation, modulo arithmetic, arithmetic of absolute differences, and averaging, etc.

Wherein determining the first number of consecutive data bits to process from the starting data bit using the minute data and the random natural number in the time information comprises: the minute data in the time information and the arithmetic operation result of the random natural number, such as an arithmetic sum, are taken as the first number of consecutive data bits to be processed from the start data bit. Alternatively, the arithmetic operation result, for example, an arithmetic sum, may be arithmetically operated on with a specific numerical value and the calculation result may be taken as the sequence number of the start data bit forward-processing the initial authentication data block. Wherein the arithmetic operation comprises: summation, modulo arithmetic, arithmetic of absolute differences, and averaging, etc.

In this case, for example, the forward user terminal inverts each of 5 consecutive data bits starting at the 11 th data bit of the initial authentication data block. For example, the initial authentication data block is 20-bit data 10111101100001010111, and thus it is known that the forward user terminal modifies the initial authentication data block 10111101100001010111 to 10111101101110110111 (forward authentication data block).

The reverse user terminal determines a starting data bit for performing reverse processing on the initial authentication data block according to clock data and a random natural number in the time information, determines a second number of continuous data bits for performing processing from the starting data bit by using minute data and the random natural number in the time information, and negates each of other data bits except the second number of continuous data bits in the plurality of data bits to generate a reverse authentication data block.

The reverse user terminal determines the initial data bit for performing reverse processing on the initial authentication data block according to the clock data and the random natural number in the time information, and the method comprises the following steps: the reverse user terminal uses the arithmetic operation result, such as arithmetic sum, of the clock data and the random natural number in the time information as the serial number of the start data bit for reverse processing of the initial authentication data block. Alternatively, the arithmetic operation result, for example, an arithmetic sum, may be arithmetically operated on with a specific numerical value and the calculation result may be taken as the sequence number of the start data bit that reversely processes the initial authentication data block. Wherein the arithmetic operation comprises: summation, modulo arithmetic, arithmetic of absolute differences, and averaging, etc.

Wherein determining a second number of consecutive data bits to process from the starting data bit using the minute data and the random natural number in the time information comprises: the minute data in the time information and the arithmetic operation result of the random natural number, such as an arithmetic sum, are used as the second number of consecutive data bits to be processed from the start data bit. Alternatively, the arithmetic operation result, for example, an arithmetic sum, may be arithmetically operated on with a specific numerical value and the calculation result may be taken as the sequence number of the start data bit that reversely processes the initial authentication data block. Wherein the arithmetic operation comprises: summation, modulo arithmetic, arithmetic of absolute differences, and averaging, etc.

For example, in the case where the clock data is 5 and the random natural number is 6, the order number of the start data bit subjected to the reverse processing may be set to the arithmetic sum 11 of 5 and 6. In the case where the arithmetic sum is 11 and the specific value is 9, the sequence number of the start data bit determined in the above manner may be: 11+9 ═ 20, 11mod 9 ═ 2, |11-9| ═ 2, and (11+9)/2 ═ 10. For example, in the case where the minute data is 1 and the random natural number is 4, the second number of consecutive data bits to be processed is set to the arithmetic sum 5 of 1 and 4. In the case where the arithmetic sum is 5 and the specific value is 3, the second number of consecutive data bits to be processed determined in the above manner may be: 5+3 ═ 8, 5mod 3 ═ 2, |5-3| ═ 2, and (5+3)/2 ═ 4.

In this case, for example, the reverse user terminal keeps each of 5 consecutive data bits unchanged starting at the 11 th data bit of the initial authentication data block and inverts each bit other than the 5 consecutive data bits. For example, the initial authentication data block is 20 bits of data 10111101100001010111, so that it can be known that the forward user terminal initial authentication data block 10111101100001010111 is modified to 01000010010001001000 (reverse authentication data block).

The forward user terminal sends the forward authentication data block to the reverse user terminal based on the subtended terminal address in the first identification data item (the network address of the reverse user terminal, e.g. the IP address), and the reverse user terminal sends the reverse authentication data block to the terminal address (the network address of the forward user terminal, e.g. the IP address) based on the subtended terminal address in the second identification data item.

The forward user terminal performs bitwise XOR operation on the forward authentication data block and the received reverse authentication data block to generate a first authentication data block. For example, the forward user terminal bitwise xors the forward authentication data block 10111101101110110111 and the reverse authentication data block 01000010010001001000 to obtain a first authentication data block 11111111111111111111(20 bits). When the first authentication data block (20 bits) and the initial authentication data block (20 bits) have the same number of bits and each data bit of the first authentication data block is 1, the first user terminal determines that the identity authentication result of the second user terminal is successful.

The reverse user terminal performs bitwise exclusive-or operation on the reverse authentication data block and the received forward authentication data block to generate a second authentication data block. For example, the reverse user terminal bitwise xors the reverse authentication data block 01000010010001001000 and the forward authentication data block 10111101101110110111 to obtain a second authentication data block 11111111111111111111(20 bits). And when the second authentication data block (20 bits) has the same number of bits as the initial authentication data block (20 bits) and each data bit of the second authentication data block is 1, the second user terminal determines that the identity authentication result of the first user terminal is successful.

Identity authentication implementation mode three

The forward user terminal (user terminal 2) selects an initial authentication data block for identity authentication from a plurality of preset data blocks according to the second data and the (first) random natural number in the time information. The reverse user terminal (user terminal 5) selects an initial authentication data block for identity authentication from a plurality of preset data blocks according to the second data and the (second) random natural number in the time information. Wherein each of the plurality of preset data blocks includes a plurality of data bits having the same number of bits but different initial values and the initial values of all the data bits are randomly generated 1 or 0. Wherein, the first random natural number and the second random natural number are the same.

The forward user terminal determines a first shift direction for circularly shifting the initial authentication data block according to clock data in the time information, determines a first shift quantity for circularly shifting the initial authentication data block by using minute data and the random natural number in the time information, and circularly shifts the initial authentication data block based on the first shift direction and the first shift quantity to generate the forward authentication data block.

The forward user terminal determines a first shift direction for circularly shifting the initial authentication data block according to the clock data in the time information, and the first shift direction comprises the following steps: the forward user terminal determines a first shift direction for cyclically shifting the initial authentication data block according to the parity of the clock data in the time information. For example, when the clock data is odd, the first shift direction is to the right. Or, when the clock data is odd, the first shift direction is to the left; when the clock data is even, the first shift direction is rightward; and when the clock data is even, the first shift direction is to the left.

Determining a first shift number for cyclically shifting an initial authentication data block using minute data in time information and the random natural number includes: the arithmetic sum of the remainder modulo 10 by the value of the minute data in the time information and the random natural number is used as a first shift amount for cyclically shifting the initial authentication data block. Alternatively, the arithmetic sum may be arithmetically operated with a specific numerical value and the calculation result may be taken as the first shift amount by which the initial authentication data block is cyclically shifted. Wherein the arithmetic operation comprises: summation, modulo arithmetic, arithmetic of absolute differences, and averaging, etc.

For example, in the case where the minute data is 1 and the random number is 4, the first shift number of cyclically shifting the initial authentication data block is set to (1mod 10) +4 ═ 5. In the case where the arithmetic sum is 5 and the specific numerical value is 3, the first shift amount determined in the above manner may be: 5+3 ═ 8, 5mod 3 ═ 2, |5-3| ═ 2, and (5+3)/2 ═ 4.

In this case, for example, a clock data of 7 indicates that the first shift direction is to the right, and in the case of an arithmetic sum of 5, it is determined that the first shift amount is 5, and then when the initial authentication data block is 20-bit data 10111101100001010111, the forward user terminal cyclically shifts the initial authentication data block by 5 bits to the right to obtain a forward authentication data block 10111101111011000010.

The reverse user terminal determines a second shifting direction for circularly shifting the initial authentication data block according to the clock data in the time information, determines a second shifting quantity for circularly shifting the initial authentication data block by using the minute data and the random natural number in the time information, and circularly shifts the initial authentication data block based on the second shifting direction and the second shifting quantity to generate the reverse authentication data block.

The reverse user terminal determines a second shift direction for circularly shifting the initial authentication data block according to the clock data in the time information, and the second shift direction comprises the following steps: the reverse user terminal determines a second shift direction for cyclically shifting the initial authentication data block according to the parity of the clock data in the time information. For example, when the clock data is odd, the second shift direction is to the left. Or, when the clock data is odd, the second shift direction is rightward; when the clock data is even, the second shift direction is to the left; and when the clock data is even, the second shift direction is to the right.

Determining a second shift number for cyclically shifting the initial authentication data block using the minute data in the time information and the random natural number includes: a difference value between [ the number of bits of data bits of the initial authentication data block ] and [ the remainder of the numerical value of minute data in the time information modulo 10 and the arithmetic sum of the random natural numbers ] is taken as a second shift amount for cyclically shifting the initial authentication data block. Alternatively, the arithmetic sum may be arithmetically operated with a specific numerical value and a difference value of the number of bits of the data bits of the initial authentication data block and the calculation result may be taken as the second shift amount for cyclically shifting the initial authentication data block. Wherein the arithmetic operation comprises: summation, modulo arithmetic, arithmetic of absolute differences, and averaging, etc.

For example, in the case where the minute data is 1 and the random number is 4, the second shift number for cyclically shifting the initial authentication data block is set to 20- ((1mod 10) +4) ═ 15, where 20 is the number of bits of the data bits of the initial authentication data block. In the case where the minute data is 5 and the specific numerical value is 3, the second shift amount determined in the above manner may be: 20- (5+3) ═ 12, 20- (5mod 3) ═ 18, 20- |5-3| ═ 18, and 20- (5+3)/2 ═ 16.

In this case, for example, a clock data of 7 indicates that the second shift direction is to the left, and in the case where the minute data is 5, it is determined that the second shift amount is 15, and then when the initial authentication data block is 20-bit data 10111101100001010111, the reverse user terminal circularly shifts the initial authentication data block to the left by 15 bits to obtain a reverse authentication data block 10111101111011000010.

Wherein the first shift direction is opposite to the second shift direction, and the first shift quantity and the second shift quantity are not equal to 0. The number of bits of each preset data block is greater than or much greater than (e.g., greater than 30 or more than) a threshold value, which is an arithmetic sum of the random natural number and 9.

The forward user terminal sends the forward authentication data block to the reverse user terminal based on the opposite terminal address in the first identification data item, and the reverse user terminal sends the reverse authentication data block to the forward user terminal based on the opposite terminal address in the second identification data item.

And when the reverse user terminal determines that the reverse authentication data block is the same as the received forward authentication data block, the second user terminal determines that the identity authentication result of the first user terminal is successful.

Wherein when the clock data in the time information is an even number, the first shift direction is determined to be rightward; when the clock data in the time information is an even number, the second shift direction is determined to be to the left. Wherein when the clock data in the time information is an odd number, the first shift direction is determined to be rightward; when the clock data in the time information is odd, the second shift direction is determined to the left. Wherein a sum of the first and second shift amounts is equal to a number of bits of data bits of the initial authentication data block.

Identity authentication implementation mode four

And the forward user terminal determines a starting data bit for performing data extraction on the initial authentication data block according to the clock data and the random natural number in the time information, determines a first number of continuous data bits for performing data extraction from the starting data bit by using the minute data and the random natural number in the time information, and takes the first number of continuous data bits as the forward authentication data block.

Wherein, the forward user terminal determines to forward process the initial authentication data block according to the clock data and the random natural number in the time information, for example, data extraction, and the initial data bit comprises: the forward user terminal uses the arithmetic operation result, such as arithmetic sum, of the clock data and the random natural number in the time information as the serial number of the start data bit for data extraction of the initial authentication data block. Alternatively, the arithmetic operation result, for example, an arithmetic sum, may be arithmetically operated on with a specific numerical value and the calculation result may be taken as the sequence number of the start data bit of data extraction for the initial authentication data block. Wherein the arithmetic operation comprises: summation, modulo arithmetic, arithmetic of absolute differences, and averaging, etc.

Wherein determining a first number of consecutive data bits for data extraction starting from the starting data bit using minute data and a random natural number in the time information comprises: the minute data in the time information and the arithmetic operation result of the random natural number, such as an arithmetic sum, are taken as the first number of consecutive data bits from which data extraction is performed starting from the start data bit. Alternatively, the arithmetic operation result, for example, an arithmetic sum, may be arithmetically operated on with a specific numerical value and the calculation result may be taken as the sequence number of the start data bit forward-processing the initial authentication data block. Wherein the arithmetic operation comprises: summation, modulo arithmetic, arithmetic of absolute differences, and averaging, etc.

For example, in the case where the clock data is 5 and the random natural number is 6, the order number of the start data bit for data extraction may be set to the arithmetic sum 11 of 5 and 6. In the case where the arithmetic sum is 11 and the specific value is 9, the sequence number of the start data bit determined in the above manner may be: 11+9 ═ 20, 11mod 9 ═ 2, |11-9| ═ 2, and (11+9)/2 ═ 10.

For example, in the case where the minute data is 1 and the random natural number is 4, the first number of consecutive data bits for data extraction is set to the arithmetic sum of 1 and 4 of 5. In the case where the arithmetic sum is 5 and the specific value is 3, the first number of start data bits determined in the above manner may be: 5+3 ═ 8, 5mod 3 ═ 2, |5-3| ═ 2, and (5+3)/2 ═ 4.

In this case, for example, the forward user terminal extracts data in 5 consecutive data bits starting at the 11 th data bit of the initial authentication data block. For example, the initial authentication data block is 20-bit data 10111101100001010111, and thus it is known that 11101 (forward authentication data block) is extracted from the initial authentication data block 10111101100001010111 by the forward user terminal.

And the reverse user terminal determines the initial data bit for extracting the initial authentication data block according to the clock data and the random natural number in the time information, determines a second number of continuous data bits extracted from the initial data bit by using the minute data and the random natural number in the time information, and takes the second number of continuous data bits as the reverse authentication data block.

Wherein, the initial data bit of the reverse user terminal determining to perform reverse processing, such as data extraction, on the initial authentication data block according to the clock data and the random natural number in the time information comprises: the reverse user terminal uses the arithmetic operation result, such as arithmetic sum, of the clock data and the random natural number in the time information as the serial number of the start data bit for data extraction of the initial authentication data block. Alternatively, the arithmetic operation result, for example, an arithmetic sum, may be arithmetically operated on with a specific numerical value and the calculation result may be taken as the sequence number of the start data bit of data extraction for the initial authentication data block. Wherein the arithmetic operation comprises: summation, modulo arithmetic, arithmetic of absolute differences, and averaging, etc.

Wherein the second number of consecutive data bits for which a reverse process, such as data extraction, is to be performed starting from the starting data bit is determined using minute data and random natural numbers in the time information comprises: the minute data in the time information and the arithmetic operation result of the random natural number, for example, an arithmetic sum, are taken as the second number of consecutive data bits from which data extraction is performed starting from the start data bit. Alternatively, the arithmetic operation result, for example, an arithmetic sum, may be arithmetically operated on with a specific numerical value and the calculation result may be taken as the sequence number of the start data bit that reversely processes the initial authentication data block. Wherein the arithmetic operation comprises: summation, modulo arithmetic, arithmetic of absolute differences, and averaging, etc.

For example, in the case where the minute data is 1 and the random natural number is 4, the second number of consecutive data bits for which data extraction is performed is set to the arithmetic sum 5 of 1 and 4. In the case where the arithmetic sum is 5 and the specific value is 3, the second number of start data bits determined in the above manner may be: 5+3 ═ 8, 5mod 3 ═ 2, |5-3| ═ 2, and (5+3)/2 ═ 4.

In this case, for example, the reverse user terminal extracts data in 5 consecutive data bits starting at the 11 th data bit of the initial authentication data block. For example, the initial authentication data block is 20-bit data 10111101100001010111, and thus it is known that the reverse user terminal extracts 11101 (reverse authentication data block) from the initial authentication data block 10111101100001010111. The forward user terminal sends the forward authentication data block to the reverse user terminal based on the opposite terminal address in the first identification data item, and the reverse user terminal sends the reverse authentication data block to the forward user terminal based on the opposite terminal address in the second identification data item.

It should be appreciated that the starting data bit processed in the forward direction and the starting data bit processed in the reverse direction are both greater than zero. Wherein the first number and the second number are both greater than zero. The number of bits of each preset data block is greater than or much greater than (e.g., greater than 30 or more than) a threshold value, which is an arithmetic sum of the sequence number of the starting data bits being processed in the forward direction and the first number, or the sequence number of the starting data bits being processed in the reverse direction and the second number.

Preferably, after the first user terminal determines that the authentication result of the second user terminal is successful, and the second user terminal determines that the authentication result of the first user terminal is successful, the first user terminal and the second user terminal can perform various types of data communication.

Fig. 4 is a flow chart of a time alignment method 400 according to a preferred embodiment of the present invention. The time alignment method 400 begins at step 401. In step 401, the server generates time alignment data for time aligning a plurality of user terminals within a communication domain, wherein the time alignment data includes time information and redundant information. In step 402, when the plurality of user terminals need to perform identity authentication between any two user terminals of the plurality of user terminals after performing time calibration on the plurality of user terminals, the server adds two identification data items to the redundant information to generate modified time calibration data.

In step 403, the server transmits the modified time alignment data to each of the plurality of user terminals. In step 404, after each of the plurality of user terminals receives the modified time alignment data, each user terminal determines a server standard time based on the respective network transmission time and the time information in the modified time alignment data, and updates the local time with the server standard time to achieve time alignment. And

in step 405, after the time calibration of each user terminal is completed, each user terminal determines a first identification data item and a second identification data item in the modified time calibration data by identifying a flag bit of the identification data item, analyzes the first identification data item and the second identification data item, determines a user terminal whose processing type is forward processing in the first identification data item as a forward user terminal and determines a user terminal whose processing type is reverse processing in the second identification data item as a reverse user terminal when the user terminal determines that identity authentication is required based on the authentication identifier.

Fig. 5 is a flow chart of a method 500 for identity authentication based on time alignment data in accordance with a preferred embodiment of the present invention. The method 500 begins at step 501. In step 501, the forward user terminal and the reverse user terminal respectively select an initial authentication data block for identity authentication from a plurality of preset data blocks according to the second data and the random natural number in the time information, where each preset data block in the plurality of preset data blocks includes a plurality of data bits with different bits and an initial value of all the data bits is 1.

In step 502, the forward user terminal determines a starting data bit for performing forward processing on the initial authentication data block according to the clock data and the random natural number in the time information, determines a first number of consecutive data bits to be processed from the starting data bit by using the minute data and the random natural number in the time information, and sets each bit of the first number of consecutive data bits to 0 to generate a forward authentication data block.

In step 503, the reverse user terminal determines a starting data bit for performing reverse processing on the initial authentication data block according to the clock data in the time information and the random natural number, determines a second number of consecutive data bits to be processed from the starting data bit by using the minute data in the time information and the random natural number, and sets each of the other data bits except the second number of consecutive data bits to 0 to generate a reverse authentication data block. In step 504, the forward user terminal sends the forward authentication data block to the reverse user terminal based on the subtended terminal address in the first identification data item, and the reverse user terminal sends the reverse authentication data block to the forward user terminal based on the subtended terminal address in the second identification data item.

In step 505, the forward user terminal performs a bitwise xor operation on the forward authentication data block and the received reverse authentication data block to generate a first authentication data block, and when the first authentication data block is the same as the initial authentication data block, the first user terminal determines that the identity authentication result of the second user terminal is successful. And

in step 506, the reverse user terminal performs a bitwise xor operation on the reverse authentication data block and the received forward authentication data block to generate a second authentication data block; and when the second authentication data block is the same as the initial authentication data block, the second user terminal determines that the identity authentication result of the first user terminal is successful.

Fig. 6 is a flow chart of a method 600 for identity authentication based on time alignment data according to another preferred embodiment of the present invention. The method 600 begins at step 601. In step 601, the forward user terminal and the reverse user terminal respectively use the random natural number and the second data in the time information to select an initial authentication data block for identity authentication from a plurality of preset data blocks, wherein each preset data block in the plurality of preset data blocks comprises a plurality of data bits with different numbers of bits and the initial value of all the data bits is a randomly generated 1 or 0.

In step 602, the forward user terminal determines a starting data bit for performing forward processing on the initial authentication data block according to the clock data in the time information and the random natural number, determines a first number of consecutive data bits to be processed from the starting data bit by using the minute data in the time information and the random natural number, and negates each bit in the first number of consecutive data bits to generate a forward authentication data block.

In step 603, the reverse user terminal determines a starting data bit for performing reverse processing on the initial authentication data block according to the clock data in the time information and the random natural number, determines a second number of consecutive data bits to be processed from the starting data bit by using the minute data in the time information and the random natural number, and inverts each of the other data bits except the second number of consecutive data bits in the plurality of data bits to generate a reverse authentication data block. In step 604, the forward user terminal sends the forward authentication data block to the reverse user terminal based on the subtended terminal address in the first identification data item, and the reverse user terminal sends the reverse authentication data block to the forward user terminal based on the subtended terminal address in the second identification data item.

In step 605, the forward user terminal performs a bitwise xor operation on the forward authentication data block and the received reverse authentication data block to generate a first authentication data block, and when the first authentication data block has the same number of bits as the initial authentication data block and each data bit of the first authentication data block is 1, the first user terminal determines that the identity authentication result of the second user terminal is successful. And

in step 606, the reverse user terminal performs a bitwise xor operation on the reverse authentication data block and the received forward authentication data block to generate a second authentication data block, and when the number of bits of the second authentication data block is the same as that of the initial authentication data block and each data bit of the second authentication data block is 1, the second user terminal determines that the identity authentication result of the first user terminal is successful.

Fig. 7 is a flowchart of a method 700 for performing identity authentication based on time alignment data according to still another preferred embodiment of the present invention. The method 700 begins at step 701. In step 701, the forward user terminal and the reverse user terminal respectively use the random natural number and the second data in the time information to select an initial authentication data block for identity authentication from a plurality of preset data blocks, wherein each preset data block in the plurality of preset data blocks comprises a plurality of data bits with the same number of bits but different initial values, and the initial values of all the data bits are randomly generated 1 or 0.

In step 702, the forward user terminal determines a first shift direction for cyclically shifting the initial authentication data block according to the clock data and the random natural number in the time information, determines a first shift quantity for cyclically shifting the initial authentication data block by using the minute data and the random natural number in the time information, and cyclically shifts the initial authentication data block based on the first shift direction and the first shift quantity to generate a forward authentication data block.

In step 703, the reverse user terminal determines a second shift direction for cyclically shifting the initial authentication data block according to the clock data and the random natural number in the time information, determines a second shift quantity for cyclically shifting the initial authentication data block by using the minute data and the random natural number in the time information, and cyclically shifts the initial authentication data block based on the second shift direction and the second shift quantity to generate a reverse authentication data block.

In step 704, the forward user terminal sends the forward authentication data block to the reverse user terminal based on the subtended terminal address in the first identification data item, and the reverse user terminal sends the reverse authentication data block to the forward user terminal based on the subtended terminal address in the second identification data item.

In step 705, when the forward user terminal determines that the forward authentication data block is the same as the received reverse authentication data block, the first user terminal determines that the identity authentication result of the second user terminal is successful.

In step 706, when the reverse user terminal determines that the reverse authentication data block is the same as the received forward authentication data block, the second user terminal determines that the identity authentication result of the first user terminal is successful.

Fig. 8 is a flow chart of a method 800 for identity authentication based on time alignment data according to yet another preferred embodiment of the present invention. The method 800 begins at step 801. In step 801, the forward user terminal and the reverse user terminal respectively select an initial authentication data block for identity authentication from a plurality of preset data blocks according to the random natural number and the second data in the time information, wherein each preset data block in the plurality of preset data blocks comprises a plurality of data bits with different bits and the initial value of all the data bits is a randomly generated 1 or 0.

In step 802, the forward user terminal determines a starting data bit for performing data extraction on the initial authentication data block according to the clock data and the random natural number in the time information, and determines a first number of consecutive data bits for performing data extraction from the starting data bit by using the minute data and the random natural number in the time information, and takes the first number of consecutive data bits as a forward authentication data block.

In step 803, the reverse user terminal determines a starting data bit for data extraction of the initial authentication data block according to the clock data and the random natural number in the time information, and determines a second number of consecutive data bits for data extraction from the starting data bit using the minute data and the random natural number in the time information, and takes the second number of consecutive data bits as a reverse authentication data block.

In step 804, the forward user terminal sends the forward authentication data block to the reverse user terminal based on the opposite terminal address in the first identification data item, and the reverse user terminal sends the reverse authentication data block to the forward user terminal based on the opposite terminal address in the second identification data item.

In step 805, when the forward user terminal determines that the forward authentication data block is the same as the received reverse authentication data block, the first user terminal determines that the identity authentication result of the second user terminal is successful.

In step 806, when the reverse user terminal determines that the reverse authentication data block is the same as the received forward authentication data block, the second user terminal determines that the identity authentication result of the first user terminal is successful.

Although the present application relates to identity authentication between any two user terminals in a plurality of user terminals, it should be understood by those skilled in the art that, with the technical solution of the present application, identity authentication can be performed between a plurality of user terminals in a plurality of user terminals. Wherein each user terminal pair comprises two user terminals.

Claims

1. A method of identity authentication based on time alignment data, the method comprising:

2. The method of claim 1, wherein when the server receives authentication requests from any two of the plurality of user terminals within a predetermined time after entering the time alignment ready state, determining that authentication is required between any two of the plurality of user terminals after time aligning the plurality of user terminals.

3. The method according to any one of claims 1 to 2, when the server does not receive an authentication request from any two of the plurality of user terminals within a predetermined time after entering the time alignment preparation state, determining that identity authentication is not required between any two of the plurality of user terminals after time alignment of the plurality of user terminals, the server does not modify the redundant information, wherein the redundant information is used for data reservation for information to be delivered by the server, and an initial value of the redundant information is randomly generated by the server.

4. The method of any one of claims 1 to 3, the server adding two identification data items in the redundant information comprising:

5. The method according to any one of claims 1 to 4, wherein the selecting, by the forward user terminal and the reverse user terminal, an initial authentication data block for identity authentication from a plurality of preset data blocks according to the second data and the random natural number in the time information comprises: and the forward user terminal and the reverse user terminal respectively perform arithmetic operation on the second data and the random natural number in the time information to obtain a data block sequence number, and select a preset data block positioned at the data block sequence number as an initial authentication data block for identity authentication.

6. A system for identity authentication based on time alignment data, the system comprising:

7. The system of claim 6, wherein when the server receives an authentication request from any two of the plurality of user terminals within a predetermined time after entering the time alignment ready state, it is determined that authentication is required between any two of the plurality of user terminals after time aligning the plurality of user terminals.

8. The system according to any one of claims 6 to 7, wherein when the server does not receive an authentication request from any two of the plurality of user terminals within a predetermined time after entering the time alignment preparation state, it is determined that the authentication between any two of the plurality of user terminals is not required after the time alignment of the plurality of user terminals, the server does not modify the redundant information, wherein the redundant information is used for data reservation for information to be transferred by the server, and an initial value of the redundant information is randomly generated by the server.

9. The system of any one of claims 6 to 8, the server adding two identification data items to the redundant information comprising:

10. The system according to any one of claims 6 to 9, wherein the selecting, by the forward user terminal and the reverse user terminal, an initial authentication data block for identity authentication from a plurality of preset data blocks according to the second data and the random natural number in the time information comprises: and the forward user terminal and the reverse user terminal respectively perform arithmetic operation on the second data and the random natural number in the time information to obtain a data block sequence number, and select a preset data block positioned at the data block sequence number as an initial authentication data block for identity authentication.