CN1430400A - Identity identification method specially used in mobile phone networking insertion service - Google Patents

Identity identification method specially used in mobile phone networking insertion service Download PDF

Info

Publication number
CN1430400A
CN1430400A CN 02109003 CN02109003A CN1430400A CN 1430400 A CN1430400 A CN 1430400A CN 02109003 CN02109003 CN 02109003 CN 02109003 A CN02109003 A CN 02109003A CN 1430400 A CN1430400 A CN 1430400A
Authority
CN
China
Prior art keywords
client
server
service request
message
identity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN 02109003
Other languages
Chinese (zh)
Other versions
CN100394754C (en
Inventor
杨义光
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
HARBIN WANBO INFORMATION TECHONOLOGY CO Ltd
Original Assignee
HARBIN WANBO INFORMATION TECHONOLOGY CO Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by HARBIN WANBO INFORMATION TECHONOLOGY CO Ltd filed Critical HARBIN WANBO INFORMATION TECHONOLOGY CO Ltd
Priority to CNB021090033A priority Critical patent/CN100394754C/en
Publication of CN1430400A publication Critical patent/CN1430400A/en
Application granted granted Critical
Publication of CN100394754C publication Critical patent/CN100394754C/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Landscapes

  • Computer And Data Communications (AREA)

Abstract

A method specioally used for status authentication in etnering service of mobilephone network connection includes initial preparation work and status authentication course which includes sending information to request service from the client end to the server end, the server sending information of comfirmation or synchronization to the client end after it has received information requesting for service, the client adopting different measures according to the returned information of confirmation or synchronization by the server, a processing rerult is accordance with the request service to be obtained, if it is a confirmation information or otherwise the client sending the information requesting for service again or the client not sending any information.

Description

Be specifically designed to the identity identifying method of mobile phone networking access service
Technical field: the present invention relates to a kind of mobile phone network the safe access control in the access service and method of authentication used, be in related hardware, carry out information storage distribute, by the function of subscriber signal is confirmed the information processing system that the software and hardware of identity combines with the comparing result of the function of the signal of storage element.
Background technology:
This explanation is right, and term " service request " is a general term.This service request comprises following request: request provides Internet resources, and request provides computational resource, the request Stock Trading, and the request bank transfer, request provides some information material etc.
In the various application based on communication network, server is according to client's service request, for the client provides corresponding service.Sometimes, server need carry out authentication to the client when this service is provided, and be sure of a certain service of the qualified request of client.In shares trusting, stock invester end is the client, and exchange's end is a server, and when stock invester's request server end was traded security for it, server need verify that stock invester's identity be sure of that it has the right to carry out Stock Trading.Server is a secret of sharing between server and the client to the foundation that the client carries out authentication, just usually said password.Server authenticates different client identity authentication by the password shared different with different clients.
To be the client send to server with identity ID of oneself and password through communication network to the simplest existing authentication method, and server verifies according to own client identity ID and password information of storing whether client's password is correct.Client identity authentication correctly then believed in password, the service request of accepting its proposition, and password is incorrect then thinks illegal client, the service request of not accepting its proposition.
The client identity ID and password are sent in the process of server through communication network, because the existing communication network opening, the listener-in can intercept client identity authentication ID and password, thereby this authentication method is unsafe.Prevent that the listener-in obtains client's password from communication network a kind of way from being the password encryption with the client, transmit password with the form of ciphertext.But this way does not prevent replay attack, that is to say that the listener-in utilizes the ciphertext of the client's who intercepts and captures from communication network password still can palm off this client and sends some service that service request information acquisition server provides to server.Prevent that the listener-in obtains client's password from communication network another kind of way from being " challenge 1 is replied " formula authentication method.In this method, be that it carries out certain when service, at first need to send service request, after server is received service request, generate a random number and send to the client as " challenge " to server when the client needs request server.After the client receives " challenge " random number, utilize the own secret of sharing with server oneself password and verification function just, " challenge " random number is calculated, result of calculation is sent to server as " replying " information.After server is received " replying " information, utilize identical password and verification function that " challenge " random number is calculated.Accept the service request that the client sends if " replying " information that result of calculation and client send is identical, otherwise do not accept the service request that the client sends.This service request authentication method is as safe as a house, can prevent replay attack, but the every request server of client is served and once all needed to send message twice to server.Under the situation of communication cost pay-per-use, increased client's communication cost undoubtedly.
Summary of the invention: the purpose of this invention is to provide and a kind ofly can either carry out the service request authentication method that safety identification authentication can reduce number of communications again.Under the normal condition, utilizing this authentication method client requests server to serve once only needs to send a message to server, and this authentication method can prevent replay attack.
Above-mentioned purpose realizes by following technical scheme:
A kind of identity identifying method that is specifically designed to the mobile phone networking access service: its composition comprises:
A, initial preparation: identity table, request agent list are promptly set up in the distribution of (1) memory block in the data in server storehouse; (2) user's registration and negotiation authenticate password.Client by the identify label of server given client, and is consulted authenticate password to the server end registration, client is authenticate password, identify label, and sequence number writes in the identity memory block, server end is client's authenticate password, identify label, and sequence number writes in the identity table.
B. authentication process:
The user end to server end sends request service message (m), after server is received service request information (m), send acknowledge message (m ') or send synchronization message (m "); the message that the client returns according to server is that (m ") takes different measures for acknowledge message (m ') or synchronization message to client, if acknowledge message (m '), just obtain the result of service request; (m ") client sends the request service message or the client does not send any message to server once more if synchronization message.
In order to help description, used following symbol to patent specification:
Id identify label or identity ID
The key authenticate password
The n sequence number
Id_block identity memory block
Rq_block service request memory block
Id_table identity table
Rq_table asks agent list
The service request information that data is concrete
The length of l_data data
The m service request information
M ' acknowledge message
The affirmation sequence number that comprises among n ' m '
M " synchronization message
The SYN that comprises among the n " m "
The r random number is used to identify concrete service request information data
The rm server is to the result of concrete service request information data
The length of l_rm rm
Flag ' affirmation sign
Flag " sync id
M message, the backup of partial information is stored among the rq_block among the m
H is the message authentication function, is used to calculate message authentication code
(X, Y) expression X connects with the simple of Y
Under regard to method of the present invention and be described in detail:
1 initial preparation
In order to realize service request authentication method provided by the invention, client and server end must carry out disposable initial preparation, and particular content comprises:
(1) distribution of memory block.Set up identity table id_table in the data in server storehouse, be used to store each client identity authentication sign id, authenticate password key and sequence number n set up request agent list rq_table simultaneously, are used for stores processor rm as a result, length l _ rm of rm, n, r and id.Client distributes identity memory block id_block to be used to store client's oneself id, authenticate password key and sequence number n, and distribution services request memory block rq_block is used for storing message M simultaneously.
(2) user's registration and negotiation authenticate password.Client by the identify label id of server given client, and is consulted authenticate password key to the server end registration, and this part need of work off-line is finished.Client is with authenticate password key, and identify label id, sequence number n=0 write among the id_block of identity memory block.Server end is with client's authenticate password key, and identify label id, sequence number n=0 write among the identity table id_table.
2 authentication processes have been passed through after the necessary preparation, just can carry out authentication, and detailed process is as follows:
(1) when the client need be when server sends concrete concrete service request information data, client generates random number r and calculates MAC then 1=H ((id, r, l_data, data, n), and key), with service request information m=(id, r, l_data, data, n, MAC 1) send to server, (data n) is stored among the rq_block of service request memory block for r, l_data with M=simultaneously.Wherein, id, key, n are value corresponding among the id_block of client identity memory block.R is a random number, and l_data is the length of concrete service request information data.
(2) concrete verification process:
[1] receives service request information m=(id, r, l_data, data, n, the MAC that client is sent when server 1) after, at first verify MAC 1Whether correct:
If MAC 1Incorrect, shut-down operation finishes;
If MAC 1Correctly, whether all M ' of this client among the request agent list rq_table of server retrieves database, the r among the service request information m that relatively receives are identical with r among certain M ' of this client:
Be, then return the affirmation message m of this business '=(flag ', n ', r, l_rm, rm, MAC 3), finish then.Wherein flag ' is the acknowledge message sign, rm, and l_rm, r, n are the value of the middle correspondence of M ',
MAC 3=H (flag ', n ', r, l_rm, rm), key), key is the authenticate password of this client among the identity table id_table.
Not, sequence number n among the service request information m that then relatively receives and database stock invester identity table
Whether this client's sequence number n is identical among the id_table:
Inequality, then send synchronization message m "=(flag ", n to client ", id, r, l_data, data, MAC 2), finish then.
MAC wherein 2=H ((flag ", n ", id, r, l_data, data), key), flag " is the synchronization message sign; n " be respectively this client's sequence number n and the authenticate password key that stores among the server end database identity table id_table, id wherein, r with key, data, l_data are the respective value in the message m that receives.
Identical, then handle the concrete service request information data that the client sends.And will
M′=(id,n+1,r,l_rm,rm)
Store among the database request agent list rq_table.Wherein rm is that server is to service request
The result who handles, l_rm is the length of rm, r, id, n are the service request information m that receives
In to deserved value.And to stock invester's mobile phone transmission acknowledge message
m′=(flag′,n′,r,l_rm,rm,MAC 3),
MAC wherein 3=H (flag ', n ', r, l_rm, rm), key), flag ' is for confirming sign, rm
Be the result that server is handled concrete service request information data, l_rm is the length of rm,
N '=n+1, key are the authenticate password of this client among the identity table id_table, and r, n are what receive
The value of correspondence among the service request information m.Subsequently with this client among the database identity table id_table
Sequence number n add 1, finish then (to see Fig. 2
[2] if the information that client is received be acknowledge message m '=(flag ', n ', r, l_data, rm, MAC 3), verify MAC earlier 3Whether correct:
MAC 3Incorrect, finish;
MAC 3Correctly, canned data M among the rq_block of retrieval service request memory block:
If the r , inequality among r among the m ' and the service request memory block rq_block among all M Ze Lost abandons m ' shut-down operation finishes;
If the r among the m ' is identical with r among certain M, this M of deletion from the rq_block of service request memory block, then relatively the n among the m ' whether greater than the n among the id_block of identity memory block:
Greater than, the n among the local identity memory block id_block adds 1, finishes;
Smaller or equal to, the n among the id_block of identity memory block does not add 1, finishes;
[3] if the message that client is received is synchronization message m "=(flag ", n ", id, r, l_data, data, MAC 2), verify MAC earlier 2Whether correct:
MAC 2Incorrect, " shut-down operation finishes then to abandon m;
MAC 2Correctly, canned data M among the rq_block of retrieval service request memory block then, relatively m " in r whether identical with r among certain M:
All inequality, then abandon m " shut-down operation.
Identical, then generate new m=(id, r, l_data, data, n, MAC 1) sending to server, r wherein, l_data, data are values corresponding among the M, id, n are the synchronization message m that returns " in pairing id, n ", MAC 1=H ((id, r, l_data, data, n), key), key is a value corresponding among the id_block of identity memory block.And the n among the M is updated to m " in n ".Simultaneously the n among the id_block of identity memory block is updated to m " in n ".
[4] please not receive that for a long time server returns result after the service request information m when the client sends, when the client also wanted to resend this service request, what the client will do was to utilize the M=(r that stores when sending m, l_data, data, n) r in, .l_data, data; And the sequence number n among the id_block of identity memory block,, identify label id, authenticate password key calculates new MAC 1=H ((id, r, l, data, n), key), generate new m=((id, r, l, data n), key), sends to server with new m.Use M=(id, r, l, data, n) n among the n update service request memory block rq_block among the id_block of identity memory block simultaneously.
In above verification process, for each service request client need be in the id_block of service request memory block store M, in order to prevent from unrestrictedly to take memory space, need deletion M.The method of the M of deletion storage is as follows, make it of the n among each M among n among the id_block of identity memory block and the service request memory block rq_block poor, for certain M,, just from the rq_block of service request memory block, delete it if difference has surpassed the higher limit of defined.This higher limit can be formulated according to concrete realization environment.Also adopt as above method for the deletion of the record among the server database rq_table.For the memory range that guarantees server end more than or equal to client, require the higher limit at least big 1 of the higher limit of server than the client.
Utilize the present invention to carry out authentication and utilize existing other method to carry out authentication to compare and have following advantage:
1. can prevent because the unnecessary loss that the network service time delay causes.Consider such a case, when the client wishes server is that it carries out certain service, such as be to buy a book, because the propagation delay time of communication line, the client does not receive the return results of server for a long time, at this moment the client what is to be done, if once-requested is not crossed this service before not considering, and send new service request to server, following problem may occur: the serviced device of the service request of New Development has been handled, and the service request that sent has in the past also arrived server through after the delay of Network Transmission, the service request before server has equally also been handled, like this, the client wishes that server buys a book, and server has bought twice for it, and this has caused loss to the client.Adopt authentication method provided by the invention, server can guarantee only to carry out once for same service request, and the service request that arrives is not processed for the second time.
2. when can preventing password eavesdropping attack and replay attack, saved communication cost.Owing to no longer include client's password in the service request information, it is obviously invalid to want by the attack method of eavesdropping password customer name in communication network.For intercepting and capturing service request information m from communication network, the malicious attack of retransmitting afterwards, owing to used sequence number n, service request information indicates r the present invention can prevent replay attack.Under normal circumstances, utilizing the present invention to carry out a service request only needs, and only needs a server and client computer transmission a piece of news, has saved communication cost.
Description of drawings
Table 1 is stock invester's identity memory block;
Table 2 is stock invester's service request memory block;
Table 3 is a server end request agent list;
Table 4 is a server end identity table;
Fig. 1 is for sending service request information m flow chart;
Fig. 2 is the flow chart of server process service request information m;
Fig. 3 is the flow chart of client process server return messages.
Embodiment:
Embodiment 1.
A kind of identity identifying method that is specifically designed to the mobile phone networking access service: its composition comprises:
A. initial preparation: identity table, request agent list are promptly set up in the distribution of (1) memory block in the data in server storehouse; (2) user's registration and negotiation authenticate password.Client by the identify label of server given client, and is consulted authenticate password to the server end registration, client is authenticate password, identify label, and sequence number writes in the identity memory block, server end is client's authenticate password, identify label, and sequence number writes in the identity table.
B. authentication process:
The user end to server end sends request service message (m), after server is received service request information (m), send acknowledge message (m ') or send synchronization message (m "); the message that the client returns according to server is that (m ") takes different measures for acknowledge message (m ') or synchronization message to client, if acknowledge message (m '), just obtain the result of service request; (m ") client sends the request service message or the client does not send any message to server once more if synchronization message.
In the above-mentioned identity identifying method that is specifically designed to the mobile phone networking access service, service request information (m) also comprises described SYN (n) and the random number (r) that indicates service request information (data) when comprising this service request information (data); The client will preserve described service request information (data), random number (r), sequence number (n) when sending described service request information (m).In the above-mentioned identity identifying method that is specifically designed to the mobile phone networking access service, this server needs to store particular customer identify label (id), random number (r), sequence number (n) and to the result (rm) of service request information (data) after sending described acknowledge message (m '); The message that server sends to the client is that (m ") depends on server end and whether stored this client's random number (r) for acknowledge message (m ') or synchronization message.
In the above-mentioned identity identifying method that is specifically designed to the mobile phone networking access service, the client receives that the synchronization message that server sends (behind the m "), sends service request information once more or do not send any message and depend on whether client stores the synchronization message (random number (r) among the m ").
Below we with reference to figure 1-3 and the table 1-4 be described in detail:.
Below be service request authentication method of the present invention based on the application in the mobile phone speculation in stocks business of short message, here stock invester's mobile phone is a client, and the transaction acting server of stock exchange is a server end.
1. initial the preparation
(1) stored configuration of SIM cards of mobile phones and server.
Distribute two memory blocks in the SIM cards of mobile phones: a memory block is called stock invester's identity memory block id_block, be used for depositing stock invester's identify label (id), authenticate password (key) and sequence number (n) (seeing Table 1), another is called service request memory block rq_block, is used for storing message
M=(random number (r), service request length (l_data), concrete service request information (data), sequence number (n)) (seeing Table 2);
The transaction on stock exchange acting server is set up two tables, a table is called stock invester's identity table id_table, be used for storing all stock investers' identify label (id), authenticate password (key), sequence number n (seeing Table 3), another table is called request agent list rq_table and is used for storage
M '=(result (rm), the length of rm (l_rm), sequence number (n), random number (r), stock invester's identity (id)) (seeing Table 4);
(2) after mobile phone has carried out necessary configuration with the transaction acting server, the stock invester registers the mobile phone speculation in stocks service of opening based on short message to stock exchange: stock invester and stock exchange consult authentication password key, and, write respectively in the identity memory block and the stock invester's identity table in the stock brokerage services device in stock invester's SIM cards of mobile phones authenticate password key, stock invester's identify label id and sequence number n=0:
2. verification process
(1) when the stock invester need ask the securities trading acting server to carry out stock exchange for it, the transaction menu that the stock invester provides by mobile phone, the input transaction data forms concrete service request information data; Authentication software in the mobile phone calculates MAC 1=H ((id, r, l_data, data, n), and key), with service request information m=(id, r, l_data, data, n, MAC 1) send to the transaction acting server of stock exchange as short message, (data n), is stored in the service request memory block rq_block in the SIM card for r, l_data with message M=simultaneously; Wherein, H is the message authentication function, and wherein, id, n, key are value corresponding among the id_block of client identity memory block, and r is a random number, and l_data is the length of concrete service request information data.(see figure 1).
(2) receive service request information m=(id, r, l_data, data, n, the MAC that mobile phone is sent when the transaction acting server of stock exchange 1) after, at first verify MAC 1Whether correct:
If MAC 1Incorrect, abandon service request information m, shut-down operation;
If MAC 1Correctly, whether all M ' of this stock invester among the request agent list rq_table of server retrieves database, the r among the service request information m that relatively receives are identical with r among certain M ' of this stock invester:
Be, then return the affirmation message m of this business '=(flag ', n ', r, l_rm, rm, MAC 3), finish then.Wherein flag ' is the acknowledge message sign, rm, and l_rm, r, n are the value of the middle correspondence of M ', MAC 3=H (flag ', n ', r, l_rm, rm), key), key is the authenticate password of this stock invester among stock invester's identity table id_table.
, whether this stock invester's sequence number n is not identical among the sequence number n among the service request information m that then relatively receives and the database stock invester identity table id_table:
Unequal, then send synchronization message m "=(flag ", n-to stock invester's mobile phone ", id, r, l_data, data, MAC 2), finish then.MAC wherein 2=H ((flag ", n-", id, r, l_data, data,), key), flag " being sync id, n " and key are respectively this stock invester's who stores among the transaction proxy database stock invester identity table id_table sequence number and authenticate password, id, r, l_data, data are the respective value among the service request information m that receives.
Equate, then handle the concrete service request information data that stock invester's mobile phone sends.And will
M′=(id,n+1,r,l_rm,rm)
Store among the database request agent list rq_table.Wherein rm is the result that server is handled service request, and l_rm is the length of rm, and r, id, n are to deserved value among the service request information m that receives.And to stock invester's mobile phone transmission acknowledge message
m′=(flag′,n′,r,l_rm,rm,MAc 3),
MAC wherein 3=H (flag ', n ', r, l_rm, rm), key), flag ' is for confirming sign, and rm is the result that server is handled concrete service request information data, and l_rm is the length of rm,
N '=n+1, key are the authenticate password of this stock invester in stock invester's identity table, and r, n are value corresponding among the service request information m that receives.Sequence number n with this stock invester among the database stock invester identity table id_table adds 1 subsequently, finishes (see figure 2) then.
(3) if the short message rm that stock invester's mobile phone is received be acknowledge message m '=(flag ', n ', r, l_rm, rm, MAC 3), whether checking MAC3 is correct earlier:
MAC3 is incorrect, then finishes.
MAC3 is correct, then all M that store in the retrieval service request memory block.
If the r among the r among the m ' and all M of service request memory block is inequality, then finish.If the r among the m ' is identical with r among certain M, this M of deletion from the service request memory block then, relatively whether the n ' among the m ' greater than n in then stock invester identity memory block adds 1, smaller or equal to then n constant greater than the n in stock invester's identity memory block then.
If the short message rm that stock invester's mobile phone is received is synchronization message m "=(flag ", n-", id, r, l_data, data, MAC 2), verify MAC earlier 2Whether correct:
MAC 2Incorrect, then finish.
MAC 2Correctly, canned data M in the retrieval service request memory block then, relatively m " in r whether identical with r among certain M:
Inequality, then finish.
Identical, then generate new m=(id, r, l_data, data, n, MAC 1) send to server, and the sequence number n among this M of service request memory block in the SIM card is updated to m " in n, finish then.
Id wherein, r, l_data, data, n are m " corresponding value,
MAC 1=H ((id, r, l_data, data, n), key), key is the authenticate password (see figure 3) among stock invester's identity memory block id_block.
(4) please not receive the result that the transaction on stock exchange acting server returns for a long time after the service request information when stock invester's mobile phone sends, when the stock invester also wanted to resend this service request, what the client will do was to utilize to be stored in the M=(r among the rq_block in the SIM card when sending m for the first time, l_data, data, n) r in, .l_data, data,, and the sequence number n among the id_block of identity memory block, identify label id, authenticate password key calculates new MAC 1=H ((id, r, l .data, n), key), generate new m=((id, r, l, data n), key), sends to server with new m.Use M=(id, r, l, data, n) n among the n update service request memory block rq_block among the id_block of identity memory block simultaneously.
(5) service request memory block and the management of asking agent list.In order to prevent from unrestrictedly to take memory space, the record of the record of needs deletion mobile phone end service request memory block and the request agent list of server end.In the present embodiment, the method of mobile phone end deletion service request memory block record is as follows, make it of the traffic sequence n among each M in sequence number n among stock invester's identity memory block id_block and the service request memory block poor, if this difference has surpassed the higher limit CM of defined, the memory block zero clearing that this M is shared; In the present embodiment, this higher limit CM of client is decided to be 8; When handling mobile phone end transmission service request, server end also will be asked the management of agent list rq_block: it is poor to make of all traffic sequence n ' of this client among the sequence number n of this stock invester among stock invester's the identity table id_table and the request agent list rq_table, if there is difference to surpass the higher limit SM of defined, then ask this traffic sequence in the agent list number for this record of n ' with deleted; In the present embodiment, this higher limit SM is decided to be 9; SM=CM+1; Server end also can utilize timer to ask the management of agent list.
Present embodiment is to it seems the embodiment of practical optimum at present.When understanding in conjunction with present embodiment when of the present invention, it is to be understood that, the invention is not restricted to present embodiment.
This method can be under the wireless communication network environments of mobile phone, finishes the authentication between the side of service and customer in the network with the simplest and the most direct communication mode, this authentication finish the basis that must have the special-purpose communication and the network equipment to do its enforcement.

Claims (4)

1. identity identifying method that is specifically designed to the mobile phone networking access service: its composition comprises:
A. initial preparation: identity table, request agent list are promptly set up in the distribution of (1) memory block in the data in server storehouse; (2) user's registration and negotiation authenticate password.Client by the identify label of server given client, and is consulted authenticate password to the server end registration, client is authenticate password, identify label, and sequence number writes in the identity memory block, server end is client's authenticate password, identify label, and sequence number writes in the identity table.
B. authentication process:
The user end to server end sends request service message (m), after server is received service request information (m), send acknowledge message (m ') or send synchronization message (m "); the message that the client returns according to server is that (m ") takes different measures for acknowledge message (m ') or synchronization message to client, if acknowledge message (m '), just obtain the result of service request; (m ") client sends the request service message or the client does not send any message to server once more if synchronization message.
2. the identity identifying method that is specifically designed to the mobile phone networking access service according to claim 1 is characterized in that: described service request information also comprises described SYN and the random number that indicates service request information when comprising described service request information; The client will preserve described service request information, random number, sequence number when sending described service request information.
3. the identity identifying method that is specifically designed to the mobile phone networking access service according to claim 1 and 2 is characterized in that: described server needs to store described client identity sign, random number, sequence number and to the result of service request information after sending described acknowledge message; The message that server sends to the client is that acknowledge message or synchronization message depend on server end and whether stored this client's random number.
4. the identity identifying method that is specifically designed to the mobile phone networking access service according to claim 1 and 2, it is characterized in that: the client sends service request information once more or does not send any message and depend on whether client stores the random number in the synchronization message after receiving the synchronization message of server transmission.
CNB021090033A 2002-01-01 2002-01-01 Identity identification method specially used in mobile phone networking insertion service Expired - Fee Related CN100394754C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB021090033A CN100394754C (en) 2002-01-01 2002-01-01 Identity identification method specially used in mobile phone networking insertion service

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB021090033A CN100394754C (en) 2002-01-01 2002-01-01 Identity identification method specially used in mobile phone networking insertion service

Publications (2)

Publication Number Publication Date
CN1430400A true CN1430400A (en) 2003-07-16
CN100394754C CN100394754C (en) 2008-06-11

Family

ID=4740436

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB021090033A Expired - Fee Related CN100394754C (en) 2002-01-01 2002-01-01 Identity identification method specially used in mobile phone networking insertion service

Country Status (1)

Country Link
CN (1) CN100394754C (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006131061A1 (en) * 2005-06-04 2006-12-14 Huawei Technologies Co., Ltd. Authentication method and corresponding information transmission method
CN100389634C (en) * 2005-08-02 2008-05-21 华为技术有限公司 Synchronously attach protecting method and relative power authentifying method
CN100396156C (en) * 2005-07-26 2008-06-18 华为技术有限公司 Synchronous SQN processing method
CN100459801C (en) * 2005-10-20 2009-02-04 ***通信集团公司 Method of automobile log-on service
CN1949924B (en) * 2005-10-10 2010-04-07 华为技术有限公司 User terminal idel mode managing method and wireless communication system
CN101160985B (en) * 2005-06-04 2010-05-19 华为技术有限公司 Authentication method and corresponding information transfer method
CN1933657B (en) * 2005-09-15 2010-10-06 华为技术有限公司 Method for resisting attack from pretended legal mobile station in RSA authentication process
CN101976418A (en) * 2005-01-31 2011-02-16 佩利耐特株式会社 Rental article administration system
CN101355799B (en) * 2007-07-26 2011-11-30 成均馆大学校产学协力团 Resynchronization method for mobile communication terminal
CN101431594B (en) * 2007-11-07 2012-05-23 富士施乐株式会社 Information processing device, information processing method

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FI102343B (en) * 1996-02-20 1998-11-13 Sonera Oyj System and method for transmitting data

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101976418A (en) * 2005-01-31 2011-02-16 佩利耐特株式会社 Rental article administration system
WO2006131061A1 (en) * 2005-06-04 2006-12-14 Huawei Technologies Co., Ltd. Authentication method and corresponding information transmission method
CN101160985B (en) * 2005-06-04 2010-05-19 华为技术有限公司 Authentication method and corresponding information transfer method
US7773973B2 (en) 2005-06-04 2010-08-10 Huawei Technologies Co., Ltd. Method for authentication between a mobile station and a network
CN100396156C (en) * 2005-07-26 2008-06-18 华为技术有限公司 Synchronous SQN processing method
CN100389634C (en) * 2005-08-02 2008-05-21 华为技术有限公司 Synchronously attach protecting method and relative power authentifying method
CN1933657B (en) * 2005-09-15 2010-10-06 华为技术有限公司 Method for resisting attack from pretended legal mobile station in RSA authentication process
CN1949924B (en) * 2005-10-10 2010-04-07 华为技术有限公司 User terminal idel mode managing method and wireless communication system
CN100459801C (en) * 2005-10-20 2009-02-04 ***通信集团公司 Method of automobile log-on service
CN101355799B (en) * 2007-07-26 2011-11-30 成均馆大学校产学协力团 Resynchronization method for mobile communication terminal
CN101431594B (en) * 2007-11-07 2012-05-23 富士施乐株式会社 Information processing device, information processing method

Also Published As

Publication number Publication date
CN100394754C (en) 2008-06-11

Similar Documents

Publication Publication Date Title
CN1203689C (en) Method for processing position information of terminals connected to group data network through honeycom network
CN1767438A (en) System and method for verifying digital signatures on certificates
EP2710776B1 (en) Anonymous signalling
CN1287305C (en) Network system
CN1744489A (en) Providing certificate matching in a system and method for searching and retrieving certificates
CN1241368C (en) Virtual private network
EP1841260A2 (en) Wireless terminal and authentication device
US20080159536A1 (en) Automatic Wireless Network Password Update
CN101068245A (en) Shared file issuing and downloading method and file sharing control system
CN1537374A (en) Providing position independent information bag routing select and secure network access for short-range wireless network environment
CN1604520A (en) Control method for wireless communication system, wireless communication device, base station, and authentication device in communication system
CN1539226A (en) Communication method and communication system
CN1369183A (en) Method and system for verifying authenticity of first communication participants in communications network
CN1653783A (en) System and method of mobile lightweight directory access
CN1700699A (en) Method of providing a signing key for digitally signing verifying or encrypting data and mobile terminal
CN101032142A (en) Means and methods for signal sign-on access to service network through access network
CN1512708A (en) Radio communication system, co-shared key management server and terminal
JP2003330861A (en) Automatic change system for user data
JP2006217196A (en) Method and system for authenticating radio lan
CN101034984A (en) Establishing the true identify database of the user with the personal information submitted by the user
CN1929371A (en) Method for negotiating key share between user and peripheral apparatus
CN1628449A (en) Method system and device for transferring accounting information
US20070214224A1 (en) System and method for transmitting cyber threat information in real time
CN1430400A (en) Identity identification method specially used in mobile phone networking insertion service
CN1860818A (en) Method and system for controlling resources via a mobile terminal, related network and its computer program product

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C17 Cessation of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20080611

Termination date: 20110101