CN101431410B - Authentication method for network game client and server cluster - Google Patents
Authentication method for network game client and server cluster Download PDFInfo
- Publication number
- CN101431410B CN101431410B CN2007101244268A CN200710124426A CN101431410B CN 101431410 B CN101431410 B CN 101431410B CN 2007101244268 A CN2007101244268 A CN 2007101244268A CN 200710124426 A CN200710124426 A CN 200710124426A CN 101431410 B CN101431410 B CN 101431410B
- Authority
- CN
- China
- Prior art keywords
- server
- key
- random number
- client
- network game
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
The present invention discloses a verification method to on-line game client side and server cluster and comprises the following steps: verifying ID to authentication server with username and password by client; assigning a random number and a symmetric encryption key to client; encrypting the random number with the symmetric encryption key by client and taking the encrypted random number as verification evidence for ID verification with other server in server cluster. The random number and symmetric encryption key assigned by authentication server are taken as the basis of ID verification and authentication between client and on-line game server in server cluster through the invention; hence, there is no need to save username and password for long time in client side and possibility of leaking username and password is prevented, verification process of server cluster is simplified, efficiency of on-line game server is improved.
Description
Technical field
The present invention relates to field of network game technology, be specifically related to the authentication method of a kind of network game client and server cluster.
Background technology
Development along with computer network game, the number of players of a single gaming world carrying is constantly increasing, processing requirements to server is also constantly promoting, therefore can not use a station server just can realize a gaming world, and often need multiple servers (server cluster) cooperation to finish this task.Every station server is only born the part of whole gaming world, and concrete dividing mode has so just effectively been divided equally the pressure of server by concrete recreation implementation strategy decision, feasible smoothness, grand gaming world becomes possibility.
Just caused a problem thus, between the various piece of player, shift at gaming world, when switching between the corresponding station server of each in server cluster just, how to authenticate player's identity? as shown in Figure 1, when client when server a switches to server b, rebulid connection on server b, it is exactly the player on server a rather than other people just now that server b must have a kind of method to determine to sign in to player above own.If what this point can not be strict accomplishes that just situation about might act as fraudulent substitute for a person causes player's benefit damage.
Summary of the invention
The technical problem to be solved in the present invention provides the authentication method of a kind of network game client and server cluster, makes when the user is switched between the heterogeneous networks game server, not the phenomenon that can act as fraudulent substitute for a person.
The present invention solves the problems of the technologies described above the technical scheme that is adopted to be:
The authentication method of a kind of network game client and server cluster, described server cluster comprise a certificate server and at least one network game server, comprise step:
It is right that A1, client generate first asymmetric cryptographic key, and the PKI with user name, password and the first asymmetric cryptographic key centering sends to described certificate server;
A2, described certificate server are verified the validity of described username and password, after authentication is passed through, described certificate server distributes a random number and a symmetry algorithm key, and described random number and symmetry algorithm key used after the public key encryption of the first asymmetric cryptographic key centering, form feedback information, send to described client, on described certificate server, preserve described user name, described random number and described symmetry algorithm key simultaneously;
A3, described client use the private key of the first asymmetric cryptographic key centering to decipher described feedback information, obtain first random number and described symmetry algorithm key;
A4, described client are used described symmetry algorithm secret key encryption first random number, form verification msg, send to network game server, described network game server obtains described random number and described symmetry algorithm key from described certificate server, use the described verification msg of described symmetry algorithm secret key decryption, first random number that obtains and the described random number that obtains from described certificate server are compared, if two random numbers are identical, then confirm the user identity of described user name correspondence, otherwise refusal is confirmed the user identity of described user name correspondence;
A5, when described client is switched between the heterogeneous networks game server, repeated execution of steps A4.
The authentication method of described network game client and server cluster, wherein in steps A 4, described network game server sends to described certificate server with described verification msg, finishes checking work by described certificate server.
The authentication method of described network game client and server cluster, wherein first asymmetric cryptographic key is to being generated by RSA Algorithm.
The authentication method of described network game client and server cluster, wherein said symmetry algorithm key is generated by the DES algorithm.
The authentication method of a kind of network game client and server cluster, described server cluster comprise a certificate server and at least one network game server, comprise step:
B1, at the private key of the described certificate server deploy first asymmetric cryptographic key centering, at the PKI of the client deployment first asymmetric cryptographic key centering;
B2, that described client generates second asymmetric cryptographic key is right, and the PKI of user name, password and the second asymmetric cryptographic key centering is used the public key encryption of the first asymmetric cryptographic key centering, forms authentication information, sends to described certificate server;
B3, described certificate server use the private key of the first asymmetric cryptographic key centering to decipher described authentication information, verify the validity of described username and password, after authentication is passed through, described certificate server distributes a random number and a symmetry algorithm key, and described random number and symmetry algorithm key used after the public key encryption of the second asymmetric cryptographic key centering, form feedback information, send to described client, on described certificate server, preserve described user name, described random number and described symmetry algorithm key simultaneously;
B4, described client use the private key of the second asymmetric cryptographic key centering to decipher described feedback information, obtain first random number and described symmetry algorithm key;
B5, described client are used described symmetry algorithm secret key encryption first random number, form verification msg, send to network game server, described network game server obtains described random number and described symmetry algorithm key from described certificate server, use the described verification msg of described symmetry algorithm secret key decryption, first random number that obtains and the described random number that obtains from described certificate server are compared, if two random numbers are identical, then confirm the user identity of described user name correspondence, otherwise refusal is confirmed the user identity of described user name correspondence;
B6, when described client is switched between the heterogeneous networks game server, repeated execution of steps B5.
The authentication method of described network game client and server cluster, wherein in step B5, described network game server sends to described certificate server with described verification msg, finishes checking work by described certificate server.
The authentication method of described network game client and server cluster, wherein first asymmetric cryptographic key is to being generated by RSA Algorithm.
The authentication method of described network game client and server cluster, wherein second asymmetric cryptographic key is to being generated by RSA Algorithm.
The authentication method of described network game client and server cluster, wherein said symmetry algorithm key is generated by the DES algorithm.
Beneficial effect of the present invention is: the present invention uses random number of certificate server distribution and symmetric cryptographic key carries out authentication and authentication as the network game server in client and the server cluster basis, thereby not be used in client long preservation user's username and password, the possibility of having avoided username and password to leak, simplify the verification process of server cluster, improved the efficient of network game server.
Description of drawings
Fig. 1 switches schematic diagram for the prior art client between network game server;
Fig. 2 switches schematic diagram for client of the present invention between network game server;
Fig. 3 is a client login authentication server schematic diagram of the present invention;
Fig. 4 sends random number and symmetric key schematic diagram for certificate server of the present invention;
The schematic diagram that Fig. 5 verifies to network game server for client of the present invention.
Embodiment
With embodiment the present invention is described in further detail with reference to the accompanying drawings below:
As shown in Figure 2, the server in the server cluster has two kinds of roles' difference, and a kind of is certificate server, and another is a network game server, and certificate server is only disposed one, and network game server is disposed many.Authentication method described in the invention carries out concrete enforcement according to following steps:
1. as shown in Figure 3, it is right that client generates the key of own rivest, shamir, adelman, username and password also had the PKI KClientPub of the cipher key pair of own rivest, shamir, adelman use the asymmetric encryption PKI KServerPub encryption of certificate server to send to certificate server afterwards.The asymmetric encryption PKI KServerPub of certificate server just obtains after client software is installed.
2. the authentication information that certificate server uses the rivest, shamir, adelman private key KServerPrv deciphering client of oneself to send, the validity of checking username and password as shown in Figure 4.After authentication is passed through, the key K that certificate server distributes a random number and a symmetry algorithm for this user, and send to client after the asymmetric public key KClientPub encryption with this random number and key use client.On certificate server, also preserve simultaneously player, random number and symmetric key.After client is received, use the private key KClientPrv deciphering of cipher key pair of the rivest, shamir, adelman of oneself, obtain random number and symmetry algorithm key K.
3. as shown in Figure 5, the random number that client uses the symmetry algorithm key K to encrypt oneself sends to game server and verifies, game server obtains the symmetry algorithm key and the random number of player's correspondence from certificate server, use the verify data and the comparison random number wherein of symmetry algorithm secret key decryption client, confirm player's identity with this.
4. repeat the 3rd the step between different game servers, switch.
Those skilled in the art do not break away from essence of the present invention and spirit, can there be the various deformation scheme to realize the present invention, the above only is the preferable feasible embodiment of the present invention, be not so limit to interest field of the present invention, the equivalent structure that all utilizations specification of the present invention and accompanying drawing content are done changes, and all is contained within the interest field of the present invention.
Claims (9)
1. the authentication method of network game client and server cluster is characterized in that described server cluster comprises a certificate server and at least one network game server, comprises step:
It is right that A1, client generate first asymmetric cryptographic key, and the PKI with user name, password and the first asymmetric cryptographic key centering sends to described certificate server;
A2, described certificate server are verified the validity of described username and password, after authentication is passed through, described certificate server distributes a random number and a symmetry algorithm key, and described random number and symmetry algorithm key used after the public key encryption of the first asymmetric cryptographic key centering, form feedback information, send to described client, on described certificate server, preserve described user name, described random number and described symmetry algorithm key simultaneously;
A3, described client use the private key of the first asymmetric cryptographic key centering to decipher described feedback information, obtain first random number and described symmetry algorithm key;
A4, described client are used described symmetry algorithm secret key encryption first random number, form verification msg, send to network game server, described network game server obtains described random number and described symmetry algorithm key from described certificate server, use the described verification msg of described symmetry algorithm secret key decryption, first random number that obtains and the described random number that obtains from described certificate server are compared, if two random numbers are identical, then confirm the user identity of described user name correspondence, otherwise refusal is confirmed the user identity of described user name correspondence;
A5, when described client is switched between the heterogeneous networks game server, repeated execution of steps A4.
2. the authentication method of network game client according to claim 1 and server cluster, it is characterized in that: in steps A 4, described network game server sends to described certificate server with described verification msg, finishes checking work by described certificate server.
3. the authentication method of network game client according to claim 1 and 2 and server cluster is characterized in that: first asymmetric cryptographic key is to being generated by RSA Algorithm.
4. the authentication method of network game client according to claim 3 and server cluster is characterized in that: described symmetry algorithm key is generated by the DES algorithm.
5. the authentication method of network game client and server cluster is characterized in that described server cluster comprises a certificate server and at least one network game server, comprises step:
B1, at the private key of the described certificate server deploy first asymmetric cryptographic key centering, at the PKI of the client deployment first asymmetric cryptographic key centering;
B2, that described client generates second asymmetric cryptographic key is right, and the PKI of user name, password and the second asymmetric cryptographic key centering is used the public key encryption of the first asymmetric cryptographic key centering, forms authentication information, sends to described certificate server;
B3, described certificate server use the private key of the first asymmetric cryptographic key centering to decipher described authentication information, verify the validity of described username and password, after authentication is passed through, described certificate server distributes a random number and a symmetry algorithm key, and described random number and symmetry algorithm key used after the public key encryption of the second asymmetric cryptographic key centering, form feedback information, send to described client, on described certificate server, preserve described user name, described random number and described symmetry algorithm key simultaneously;
B4, described client use the private key of the second asymmetric cryptographic key centering to decipher described feedback information, obtain first random number and described symmetry algorithm key;
B5, described client are used described symmetry algorithm secret key encryption first random number, form verification msg, send to network game server, described network game server obtains described random number and described symmetry algorithm key from described certificate server, use the described verification msg of described symmetry algorithm secret key decryption, first random number that obtains and the described random number that obtains from described certificate server are compared, if two random numbers are identical, then confirm the user identity of described user name correspondence, otherwise refusal is confirmed the user identity of described user name correspondence;
B6, when described client is switched between the heterogeneous networks game server, repeated execution of steps B5.
6. the authentication method of network game client according to claim 5 and server cluster, it is characterized in that: in step B5, described network game server sends to described certificate server with described verification msg, finishes checking work by described certificate server.
7. according to the authentication method of claim 5 or 6 described network game clients and server cluster, it is characterized in that: first asymmetric cryptographic key is to being generated by RSA Algorithm.
8. the authentication method of network game client according to claim 7 and server cluster is characterized in that: second asymmetric cryptographic key is to being generated by RSA Algorithm.
9. the authentication method of network game client according to claim 8 and server cluster is characterized in that: described symmetry algorithm key is generated by the DES algorithm.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007101244268A CN101431410B (en) | 2007-11-09 | 2007-11-09 | Authentication method for network game client and server cluster |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007101244268A CN101431410B (en) | 2007-11-09 | 2007-11-09 | Authentication method for network game client and server cluster |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101431410A CN101431410A (en) | 2009-05-13 |
| CN101431410B true CN101431410B (en) | 2011-11-30 |
Family
ID=40646591
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2007101244268A Active CN101431410B (en) | 2007-11-09 | 2007-11-09 | Authentication method for network game client and server cluster |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101431410B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105812124A (en) * | 2014-12-31 | 2016-07-27 | 环达电脑(上海)有限公司 | Password generation method and password verification method |
Families Citing this family (24)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101770374B (en) * | 2008-12-26 | 2013-12-04 | 北京谊安医疗系统股份有限公司 | Machine software function starting method and system |
| FR2951343A1 (en) * | 2009-10-14 | 2011-04-15 | Alcatel Lucent | COMMUNICATION DEVICE MANAGEMENT THROUGH A TELECOMMUNICATIONS NETWORK |
| CN101699893B (en) * | 2009-11-10 | 2012-09-05 | 广州杰赛科技股份有限公司 | Method for changing states of authentication service entities of certificate server cluster |
| CN102202040B (en) * | 2010-03-26 | 2014-06-04 | 联想(北京)有限公司 | Client authentication method and device |
| CN102158847A (en) * | 2010-12-01 | 2011-08-17 | 北京迅捷英翔网络科技有限公司 | Communication method and system between mobilephone and server |
| CN102624710B (en) * | 2012-02-27 | 2015-03-11 | 福建联迪商用设备有限公司 | Sensitive information transmission method and sensitive information transmission system |
| CN107451472B (en) | 2012-03-08 | 2021-06-04 | 阿里巴巴集团控股有限公司 | Form verification method, device and system |
| CN103020825B (en) * | 2012-12-05 | 2016-05-11 | 福建派活园科技信息股份公司 | A kind of secure payment authentication method based on software client |
| CN104580063A (en) * | 2013-10-10 | 2015-04-29 | 中兴通讯股份有限公司 | A network management security authentication method and device, and network management security authentication system |
| CN103763355B (en) * | 2014-01-07 | 2017-02-01 | 天地融科技股份有限公司 | Cloud data uploading and access control method |
| CN104219228B (en) * | 2014-08-18 | 2018-01-02 | 四川长虹电器股份有限公司 | A kind of user's registration, user identification method and system |
| CN105516055B (en) * | 2014-09-23 | 2020-07-14 | 腾讯科技(深圳)有限公司 | Data access method, access device, target device and management server |
| CN104836802B (en) * | 2015-04-24 | 2018-04-06 | 深圳墨麟科技股份有限公司 | Link method and system are logged in based on game server |
| CN104811451A (en) * | 2015-04-24 | 2015-07-29 | 深圳市墨麟科技有限公司 | Link login method and system |
| CN104994095B (en) * | 2015-07-01 | 2018-10-19 | 广州密码科技有限公司 | A kind of equipment authentication method, server and system |
| TW201709145A (en) * | 2015-08-25 | 2017-03-01 | Xian-Li Peng | Online gambling game device including a server host, a calculation device, an operation device and a display device |
| CN105376221B (en) * | 2015-10-30 | 2019-05-21 | 福建天晴数码有限公司 | Game message encryption mechanism and game system based on dynamic password |
| CN106878005B (en) * | 2016-12-23 | 2020-03-03 | 中国电子科技集团公司第三十研究所 | Root key management method and device based on network friends |
| CN106850670A (en) * | 2017-03-06 | 2017-06-13 | 浙江晨泰科技股份有限公司 | A kind of charging pile communication system encrypting and decrypting method |
| CN107896224A (en) * | 2017-12-04 | 2018-04-10 | 宁波升维信息技术有限公司 | A kind of Web information issuance method based on dual link safety check |
| CN108377231A (en) * | 2018-01-26 | 2018-08-07 | 珠海金山网络游戏科技有限公司 | A kind of online game security administrative system apparatus and its method |
| CN110688646B (en) * | 2019-10-14 | 2021-12-03 | 广州麦仑信息科技有限公司 | Multi-server cluster security authentication method applied to palm vein recognition |
| CN111241523B (en) * | 2020-01-08 | 2022-07-26 | 中国联合网络通信集团有限公司 | Authentication processing method, apparatus, device and storage medium |
| CN116743829A (en) * | 2023-06-19 | 2023-09-12 | 广州慧思软件科技有限公司 | An intelligent data analysis method for online games |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CA2153879C (en) * | 1993-12-14 | 1999-02-23 | Kenneth C. Kung | Method for providing mutual authentication of a user and a server on a network |
| CN1338841A (en) * | 2000-08-11 | 2002-03-06 | 海南格方网络安全有限公司 | Intelligent key for security authentication of computer |
| CN1764195A (en) * | 2005-11-15 | 2006-04-26 | 中兴通讯股份有限公司 | Non peer-to-peer entity safety grade arranging method |
| CN1846397A (en) * | 2003-06-27 | 2006-10-11 | 株式会社Kt | Two-factor authenticated key exchange method and authentication method using the same, and recording medium storing program including the same |
| CN101022337A (en) * | 2007-03-28 | 2007-08-22 | 胡祥义 | Network identification card realizing method |
-
2007
- 2007-11-09 CN CN2007101244268A patent/CN101431410B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CA2153879C (en) * | 1993-12-14 | 1999-02-23 | Kenneth C. Kung | Method for providing mutual authentication of a user and a server on a network |
| CN1338841A (en) * | 2000-08-11 | 2002-03-06 | 海南格方网络安全有限公司 | Intelligent key for security authentication of computer |
| CN1846397A (en) * | 2003-06-27 | 2006-10-11 | 株式会社Kt | Two-factor authenticated key exchange method and authentication method using the same, and recording medium storing program including the same |
| CN1764195A (en) * | 2005-11-15 | 2006-04-26 | 中兴通讯股份有限公司 | Non peer-to-peer entity safety grade arranging method |
| CN101022337A (en) * | 2007-03-28 | 2007-08-22 | 胡祥义 | Network identification card realizing method |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105812124A (en) * | 2014-12-31 | 2016-07-27 | 环达电脑(上海)有限公司 | Password generation method and password verification method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101431410A (en) | 2009-05-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101431410B (en) | Authentication method for network game client and server cluster | |
| CN111371730B (en) | Lightweight authentication method supporting anonymous access of heterogeneous terminal in edge computing scene | |
| CN111010410B (en) | Mimicry defense system based on certificate identity authentication and certificate signing and issuing method | |
| CN110932870B (en) | Quantum communication service station key negotiation system and method | |
| He et al. | A strong user authentication scheme with smart cards for wireless communications | |
| CN110069918B (en) | Efficient double-factor cross-domain authentication method based on block chain technology | |
| CN101090316B (en) | Identify authorization method between storage card and terminal equipment at off-line state | |
| CN108683501B (en) | Multiple identity authentication system and method with timestamp as random number based on quantum communication network | |
| US20120278628A1 (en) | Digital Signature Method and System | |
| CN108650028B (en) | Multiple identity authentication system and method based on quantum communication network and true random number | |
| Lee | Provably secure anonymous single-sign-on authentication mechanisms using extended Chebyshev chaotic maps for distributed computer networks | |
| CN110020524B (en) | A Two-way Authentication Method Based on Smart Card | |
| CN103763631A (en) | Authentication method, server and television | |
| JP2005236850A (en) | Data communication apparatus and method, and program | |
| CN103634265B (en) | Method, equipment and the system of safety certification | |
| CN112351037B (en) | Information processing method and device for secure communication | |
| Imine et al. | MASFOG: An efficient mutual authentication scheme for fog computing architecture | |
| CN111416715A (en) | Quantum secret communication identity authentication system and method based on secret sharing | |
| Chang et al. | An anonymous and self-verified mobile authentication with authenticated key agreement for large-scale wireless networks | |
| CN111416712B (en) | Quantum secret communication identity authentication system and method based on multiple mobile devices | |
| Lee et al. | Two factor authentication for cloud computing | |
| JP2010231404A (en) | System, method, and program for managing secret information | |
| Itoo et al. | A robust ECC-based authentication framework for energy internet (EI)-based vehicle to grid communication system | |
| CN117278330A (en) | Lightweight networking and secure communication method for electric power Internet of things equipment network | |
| CN104125239A (en) | Network authentication method and system based on data link encryption transmission |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |