IDENTITY AUTHENTICATION METHOD AND APPARATUS AND SERVER

US 20150163065A1
Filed: 12/02/2014
Published: 06/11/2015
Est. Priority Date: 12/05/2013
Status: Abandoned Application

First Claim

Patent Images

1. An identity authentication method, comprising:

an authentication end obtaining a token sent by a server according to a client'"'"'s access;

the authentication end encrypting the token with a private key to obtain a signature; and

the authentication end sending a first identity identifier, the token and the signature to the server so that the server obtains a second identity identifier according to the token and the signature, and performs identity authentication according to the first identity identifier and the second identity identifier, wherein the first identity identifier is generated by the authentication end according to a public key corresponding to the private key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present disclosure provides an identity authentication method and apparatus and a server. Embodiments may avoid inconvenience of input of authentication information via the input device and easy occurrence of errors in the prior art and thereby improve efficiency and reliability of identity authentication in the following manner: the authentication end encrypts the obtained token with a private key to obtain a signature so that the authentication end can send to the server the first identity identifier, the token and the signature generated according to the public key corresponding to the private key such that the server obtains the second identity identifier according to the token and the signature, and performs identity authentication according to the first identity identifier and the second identity identifier.

Citations

13 Claims

1. An identity authentication method, comprising:
- an authentication end obtaining a token sent by a server according to a client'"'"'s access;
  
  the authentication end encrypting the token with a private key to obtain a signature; and
  
  the authentication end sending a first identity identifier, the token and the signature to the server so that the server obtains a second identity identifier according to the token and the signature, and performs identity authentication according to the first identity identifier and the second identity identifier, wherein the first identity identifier is generated by the authentication end according to a public key corresponding to the private key.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method according to claim 1 wherein the authentication end is provided in the client or independently from the client.
  - 3. The method according to claim 1 wherein the step of the authentication end encrypting the token with a private key to obtain a signature comprises:
    - the authentication end performing a Hash operation for the token to obtain a Hash value of the token; and
      
      the authentication end using the private key to encrypt the Hash value of the token to obtain the signature.
  - 4. The method according to claim 3 wherein the step of the server obtaining a second identity identifier according to the token and the signature, and performing identity authentication according to the first identity identifier and the second identity identifier comprises:
    - the server performing a Hash operation for the token to obtain a Hash value of the token;
      
      the server obtaining the public key corresponding to the signature according to the Hash value of the token and the signature;
      
      the server generating the second identity identifier according to the public key corresponding to the signature; and
      
      the server performing an operation of passing the identity authentication if the second identity identifier accords with the first identity identifier.
  - 5. The method according to claim 1 wherein before the authentication end encrypts the token with a private key to obtain the signature, the method further comprises:
    - the authentication end, according to a website to be accessed, selecting a set of secret key information as the private key and the public key corresponding to the private key.
  - 6. The method according to claim 1 wherein the step of the server performing an operation of passing the identity authentication comprises:
    - the server obtaining a user account corresponding to the first identity identifier according to the first identity identifier; and
      
      the server sending service data related to the user account to the client.

7. An identity authentication apparatus, comprising:
- an obtaining unit configured to obtain a token sent by a server according to a client'"'"'s access behavior;
  
  a signing unit configured to encrypt the token with a private key to obtain a signature; and
  
  a sending unit configured to send a first identity identifier, the token and the signature to the server so that the server obtains a second identity identifier according to the token and the signature, and performs identity authentication according to the first identity identifier and the second identity identifier;
  
  wherein the first identity identifier is generated according to a public key corresponding to the private key.
- View Dependent Claims (8, 9, 10)
- - 8. The identity authentication apparatus according to claim 7 wherein the authentication apparatus is provided in the client or independently from the client.
  - 9. The identity authentication apparatus according to claim 7 wherein the signing unit is configured toperform a Hash operation for the token to obtain a Hash value of the token;
    - anduse the private key to encrypt the Hash value of the token to obtain the signature.
  - 10. The identity authentication apparatus according to claim 7 wherein the apparatus further comprises a selection unit configured to,according to a website to be accessed, select a set of secret key information as the private key and the public key corresponding to the private key.

11. A server, comprising:
- an allocating unit configured to allocate a token to a client according to the client'"'"'s access behavior;
  
  a transmitting unit configured to transmit the token to an authentication end so that the authentication end uses the private key to encrypt the token to obtain a signature;
  
  a receiving unit configured to receive the first identity identifier, the token and the signature transmitted by the authentication end, wherein the first identity identifier is generated by the authentication end according to the public key corresponding to the private key; and
  
  an authentication unit configured to obtain a second identity identifier according to the token and the signature, and perform identity authentication according to the first identity identifier and the second identity identifier.
- View Dependent Claims (12, 13)
- - 12. The server according to claim 11 wherein the authentication unit is configured toperform a Hash operation for the token to obtain a Hash value of the token;
    - obtain the public key corresponding to the signature according to the Hash value of the token and the signature;
      
      generate the second identity identifier according to the public key corresponding to the signature; and
      
      perform an operation of passing the identity authentication if the second identity identifier accords with the first identity identifier.
  - 13. The server according to claim 11 wherein the authentication unit is configured toobtain a user account corresponding to the first identity identifier according to the first identity identifier;
    - andsend service data related to the user account to the client.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Xiaolai Li
Original Assignee
Xiaolai Li
Inventors
Pan, Zhibiao, Zhang, Zhibin

Application Number

US14/557,868
Publication Number

US 20150163065A1
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/126   the source of the received ...

H04L 9/3234   involving additional secure...

H04L 9/3247   involving digital signatures

IDENTITY AUTHENTICATION METHOD AND APPARATUS AND SERVER

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

IDENTITY AUTHENTICATION METHOD AND APPARATUS AND SERVER

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links