CN110690956B

CN110690956B - Bidirectional authentication method and system, server and terminal

Info

Publication number: CN110690956B
Application number: CN201910927499.3A
Authority: CN
Inventors: 王国云; 陈逸恺; 陈思
Original assignee: Hangzhou Hikvision Digital Technology Co Ltd
Current assignee: Hangzhou Hikvision Digital Technology Co Ltd
Priority date: 2019-09-27
Filing date: 2019-09-27
Publication date: 2022-09-06
Anticipated expiration: 2039-09-27
Also published as: CN110690956A

Abstract

The invention discloses a bidirectional authentication method and system, a server and a terminal. The method is respectively realized on a server and a terminal, and comprises the following steps: the terminal sends first authentication information including a second verification information ciphertext to the server, and the second verification information ciphertext is related to the first verification information. And the server performs white-box decryption on the second verification information ciphertext in the first authentication information to generate third verification information, and when the first verification information is matched with the third verification information, the server completes authentication on the terminal. And the server sends second authentication information comprising a fifth verification information ciphertext to the terminal, wherein the fifth verification information ciphertext is related to the third verification information. And when the second check information is matched with the fifth check information ciphertext, the terminal completes the authentication of the server. Therefore, the authentication information can be prevented from being acquired by a third party when being transmitted on a public channel, the counterfeit attack on the authentication system can be carried out, and the safety of the authentication system is improved.

Description

Bidirectional authentication method and system, server and terminal

[ technical field ] A method for producing a semiconductor device

The present invention relates to the field of information security technologies, and in particular, to a bidirectional authentication method and system, a server, and a terminal.

[ background of the invention ]

In the internet of things, before a terminal communicates with a server, identity authentication is required, and after the authentication is passed, data transmission is allowed between the terminal and the server.

Considering that the terminal of the internet of things is usually deployed outdoors, a third party can easily contact the terminal to make a white box attack on the terminal, even steal the terminal, and replace a legal terminal with an illegal terminal.

In the related technology, before the terminal communicates with the server each time, the sent identity authentication information is kept unchanged, and the terminal is easy to be intercepted by a third party and then counterfeit attacks are carried out. After the third party intercepts and captures the encrypted information sent by the terminal (or the server), the third party directly utilizes illegal equipment to send the encrypted information to the server (or the terminal) without cracking the encrypted information, and the third party copies a legal terminal (or the server), communicates with the server (or the terminal) and steals confidential information.

[ summary of the invention ]

In view of this, embodiments of the present invention provide a bidirectional authentication method and system, a server, and a terminal, so that identity authentication information sent by the terminal and the server before each communication changes dynamically, thereby avoiding that the authentication information is acquired by a third party when being transmitted on a public channel, performing a counterfeit attack on the authentication system, and improving the security of the authentication system.

In one aspect, an embodiment of the present invention provides a bidirectional authentication method, where the method is implemented on a server, and the method includes: receiving first authentication information; the first authentication information comprises a second check information cryptograph, the second check information cryptograph is generated by second check information after white box encryption, the second check information is related to first check information, and the first check information is stored on the terminal and the server; performing white-box decryption on the second check information ciphertext to generate third check information; when the first verification information is matched with the third verification information, the terminal is authenticated; sending second authentication information to the terminal so that the terminal can authenticate the server; the second authentication information comprises a fifth verification information ciphertext, the fifth verification information ciphertext is generated by white-box encryption of the fifth verification information, the fifth verification information is related to the third verification information, and the second authentication information is different from the first authentication information.

Optionally, the check information is a hash value, the check information ciphertext is a hash value ciphertext, the first check information is a first hash value, the second check information is a second hash value, the second check information ciphertext is a second hash value ciphertext, the third check information is a third hash value, the fifth check information is a fifth hash value, and the fifth check information ciphertext is a fifth hash value ciphertext.

Optionally, the first authentication information further includes an identification code of the terminal, and the white-box decrypting the second verification information ciphertext to generate third verification information includes: determining a key corresponding to the terminal according to the identification code of the terminal; and performing white-box decryption on the second hash value ciphertext by using the key corresponding to the terminal to generate the third hash value.

Optionally, the first authentication information further includes a second hash number, where the second hash value is generated by the first hash value after the hash operation of the second hash number, and when the first verification information matches the third verification information, the authentication of the terminal is completed, including: performing the second hash times of hash operation on the first hash value to generate a fourth hash value; and when the fourth hash value and the third hash value are equal, finishing the authentication of the terminal.

Optionally, before the receiving the first authentication information, the method further includes: generating a first random number and sending the first random number to the terminal; receiving a first random number ciphertext; the first random number ciphertext is generated by white-box encrypting the first random number; performing white-box decryption on the first random number ciphertext to generate a second random number; when the first random number and the second random number are equal, finishing the first authentication of the terminal; sending the first hash value ciphertext to the terminal so that the terminal can authenticate the server for the first time; the first hash value ciphertext is generated by the first hash value after being encrypted by a white box, and the first hash value is generated by the first random number after being subjected to hash operation for a first hash number.

Optionally, before the generating the first random number, the method further includes: and generating a plurality of keys and a universal white box library, and respectively sending the keys and the universal white box library to the corresponding terminals.

In one aspect, an embodiment of the present invention provides a bidirectional authentication method, where the method is implemented on a terminal, and the method includes: acquiring first check information; wherein the first verification information is stored on the terminal and the server; sending the first authentication information to the server so that the server can authenticate the terminal; the first authentication information comprises a second check information ciphertext, the second check information ciphertext is generated by second check information after the second check information is encrypted by a white box, and the second check information is related to the first check information; receiving second authentication information; the second authentication information comprises a fifth verification information ciphertext, the fifth verification information ciphertext is generated by encrypting fifth verification information through a white box, the fifth verification information is related to the second verification information, and the second authentication information is different from the first authentication information; and when the second check information is matched with the fifth check information ciphertext, finishing the authentication of the server.

Optionally, the check information is a hash value, the check information ciphertext is a hash value ciphertext, the first check information is a first hash value, the second check information is a second hash value, the second check information ciphertext is a second hash value ciphertext, the fifth check information is a fifth hash value, and the fifth check information ciphertext is a fifth hash value ciphertext.

Optionally, the second authentication information further includes a third hash number, the fifth hash value is generated by performing hash operation on a third hash value for the third hash number, the third hash value is generated by performing white-box decryption on the second hash value ciphertext, and when the second verification information matches the fifth verification information ciphertext, the authenticating the server is completed, including: performing white-box decryption on the fifth hash value ciphertext to generate a sixth hash value; performing the third hash operation on the second hash value for the third hash number to generate a seventh hash value; and when the sixth hash value and the seventh hash value are equal, completing the authentication of the server.

Optionally, before the obtaining the first verification information, the method further includes: sending the identification code of the terminal to the server; receiving the first random number; performing white-box encryption on the first random number by using the terminal white-box library to generate a first random number ciphertext; sending the first random number ciphertext to the server so that the server can perform first authentication on the terminal; receiving a first hash value ciphertext and a first hash frequency; the first hash value ciphertext is generated by the first hash value after being subjected to white-box encryption; the first hash value is generated by the first random number after the first hash operation for a first hash number; performing white-box decryption on the first hash value ciphertext by using the terminal white-box library to generate an eighth hash value; performing a hash operation on the first random number for the first hash number to generate a ninth hash value; and under the condition that the eighth hash value and the ninth hash value are equal, finishing the first authentication of the server.

Optionally, before sending the identifier of the terminal to the server, the method further includes: and receiving a key and a general white box library corresponding to the terminal, and generating the terminal white box library according to the key and the general white box library corresponding to the terminal.

In one aspect, an embodiment of the present invention provides a server, where the server is configured to receive first authentication information; the first authentication information comprises a second check information cryptograph, the second check information cryptograph is generated by second check information after white box encryption, the second check information is related to first check information, and the first check information is stored on the terminal and the server; performing white-box decryption on the second check information ciphertext to generate third check information; when the first verification information is matched with the third verification information, the authentication of the terminal is completed; sending second authentication information to the terminal so that the terminal can authenticate the server; the second authentication information comprises a fifth verification information ciphertext, the fifth verification information ciphertext is generated by encrypting the fifth verification information through a white box, the fifth verification information is related to the third verification information, and the second authentication information is different from the first authentication information.

In one aspect, an embodiment of the present invention provides a terminal, where the terminal is configured to obtain first verification information; wherein the first verification information is stored on the terminal and the server; sending the first authentication information to the server so that the server can authenticate the terminal; the first authentication information comprises a second check information ciphertext, the second check information ciphertext is generated by second check information after the second check information is encrypted by a white box, and the second check information is related to the first check information; receiving second authentication information; the second authentication information comprises a fifth verification information ciphertext, the fifth verification information ciphertext is generated by encrypting fifth verification information through a white box, the fifth verification information is related to the second authentication information, and the second authentication information is different from the first authentication information; and when the second check information is matched with the fifth check information ciphertext, finishing the authentication of the server.

In one aspect, an embodiment of the present invention provides a system, where the system includes the foregoing server and the foregoing terminal.

In the embodiment of the invention, in each authentication process, different authentication information is transmitted on the public channel, so that the authentication information is prevented from being acquired by a third party when being transmitted on the public channel, the counterfeit attack is carried out on the authentication system, and the safety of the authentication system is improved. Moreover, the authentication information sent by the server and the terminal is subjected to white-box encryption, so that the white-box attack can be resisted. In addition, the bidirectional authentication process of the server and the terminal only comprises one-time interaction, so that the authentication system is conveniently deployed in a network system with limited bandwidth.

[ description of the drawings ]

In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive labor.

Fig. 1 is a schematic flowchart of a mutual authentication method according to an embodiment of the present invention;

fig. 2 is a schematic flowchart of another mutual authentication method according to an embodiment of the present invention;

fig. 3 is a flowchart illustrating another bidirectional authentication method according to an embodiment of the present invention;

fig. 4 is a flowchart of an example of a mutual authentication method provided by an embodiment of the present invention;

fig. 5 is a schematic structural diagram of a server according to an embodiment of the present invention; and

fig. 6 is a schematic structural diagram of a terminal according to an embodiment of the present invention.

[ detailed description ] embodiments

In order to better understand the technical scheme of the invention, the following detailed description of the embodiments of the invention is made with reference to the accompanying drawings.

It should be understood that the described embodiments are only some embodiments of the invention, and not all embodiments. All other embodiments, which can be obtained by a person skilled in the art without making any creative effort based on the embodiments in the present invention, belong to the protection scope of the present invention.

The terminology used in the embodiments of the invention is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in the examples of the present invention and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.

It should be understood that the term "and/or" as used herein is merely a field that describes the same of an associated object, meaning that three relationships may exist, e.g., A and/or B, may indicate: a exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" herein generally indicates that the former and latter associated objects are in an "or" relationship.

It should be understood that although the terms first, second, third, etc. may be used to describe preset ranges, etc. in embodiments of the present invention, these preset ranges should not be limited to these terms. These terms are only used to distinguish preset ranges from each other. For example, the first preset range may also be referred to as a second preset range, and similarly, the second preset range may also be referred to as the first preset range, without departing from the scope of the embodiments of the present invention.

The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination" or "in response to a detection", depending on the context. Similarly, the phrases "if determined" or "if detected (a stated condition or event)" may be interpreted as "when determined" or "in response to a determination" or "when detected (a stated condition or event)" or "in response to a detection (a stated condition or event)", depending on the context.

Based on the foregoing description of the prior art, it can be known that, in the related art, before the terminal communicates with the server each time, the sent identity authentication information remains unchanged, and is easily intercepted by a third party and then hacked. That is, after the third party intercepts and captures the encrypted information sent by the terminal (or the server), the third party directly utilizes the illegal equipment to send the encrypted information to the server (or the terminal) without cracking the encrypted information, and the third party emulates a legal terminal (or the server) to communicate with the server (or the terminal) so as to steal the confidential information.

In order to solve the problem, embodiments of the present invention provide a bidirectional authentication method and system, a server, and a terminal. The identity authentication information sent by the terminal and the server before each communication is dynamically changed, so that the authentication information is prevented from being acquired by a third party when being transmitted on a public channel, the counterfeit attack is carried out on the authentication system, and the safety of the authentication system is improved.

The authentication method of the terminal is realized on the server, the server completes the one-way authentication of the terminal, the authentication method of the server is realized on the terminal, the terminal completes the one-way authentication of the server, and when the server completes the authentication of the terminal and the terminal completes the authentication of the server, the server and the terminal complete the two-way authentication. Moreover, the authentication information sent by the server and the terminal is subjected to white-box encryption, so that white-box attack can be resisted. In addition, the bidirectional authentication process of the server and the terminal only comprises one-time interaction, so that the authentication system is conveniently deployed in a network system with limited bandwidth.

For convenience of description, first, a bidirectional authentication method is described, where the bidirectional authentication method is implemented on a server and a terminal, and fig. 1 is a schematic flow diagram of a bidirectional authentication method according to an embodiment of the present invention. As shown in fig. 1, the method comprises the steps of:

step S101, the terminal acquires first check information.

Wherein the first check information is stored on the terminal and the server.

The bidirectional authentication method provided by the embodiment of the invention is a step of bidirectional authentication between the terminal and the server after the terminal and the server complete the first bidirectional authentication and when the terminal subsequently accesses the server. In other words, the terminal has performed at least one bidirectional authentication with the server, and the terminal and the server have performed information transmission during the last bidirectional authentication.

Correspondingly, the first check information refers to check information which is synchronously stored by the terminal and the server after the last bidirectional authentication is completed.

It should be noted that, when the terminal and the server perform the first bidirectional authentication, the first check information is generated for the first time, and in the subsequent bidirectional check information process, after the terminal and the server complete the bidirectional authentication each time, the first check information is updated to ensure that the first check information used in each bidirectional authentication is different.

And step S102, the terminal sends the first authentication information to the server so that the server can authenticate the terminal.

The first authentication information comprises a second check information ciphertext, the second check information ciphertext is generated by encrypting the second check information through a white box, and the second check information is related to the first check information.

It should be noted that, in order to enable the first check information to be stored on the terminal and the server at the same time, in the last bidirectional authentication process, the first check information ciphertext corresponding to the first check information has been transmitted on the public channel, and in order to enable the information transmitted on the public channel each time to be different, so as to resist the spoofing attack, in this bidirectional authentication process, the first check information needs to be processed to obtain the second check information different from the first check information.

In addition, considering that the second check-up information is intercepted by a third party when being transmitted on the public channel, in order to enhance the security of the authentication system, the terminal in the embodiment of the present invention needs to encrypt the second check-up information before transmitting the second check-up information, generate a second check-up information ciphertext, send the second check-up information ciphertext to the server, and decrypt the second check-up information ciphertext by the server.

Because the terminal is usually deployed outdoors, a third party can easily contact the terminal and acquire the information stored in the terminal, and in order to avoid that the key stored on the terminal is acquired by the third party, the embodiment of the invention adopts the white-box encryption algorithm to perform white-box encryption on the second check information so as to generate the second check information ciphertext, and correspondingly, the server also adopts the white-box decryption algorithm to decrypt the second check information ciphertext.

The white-box encryption algorithm is an algorithm without a complete key in an operating environment, and the key is mixed as complicated as possible, so that a third party cannot acquire the key from a storage medium of the terminal. That is, the terminal stores a terminal white box library corresponding to the terminal, and the terminal white box library is generated according to the key, but the key is not stored in the terminal white box library, and the terminal white box library is called directly when encryption or decryption operation is performed.

After receiving the second check information ciphertext, the server performs the same processing on the stored first check information, so that the received second check information ciphertext can be checked.

In step S103, the server performs white-box decryption on the second check information ciphertext to generate third check information.

It can be understood that, since the second check information ciphertext is generated by white-box encrypting the second check information, the received second check information ciphertext needs to be white-box decrypted first to generate the third check information.

And step S104, the server completes the authentication of the terminal when the first verification information is matched with the third verification information.

Based on the foregoing description, it can be seen that, if the server processes the stored first check information in the same processing manner as the terminal, and the obtained fourth check information is the same as the third check information, it indicates that the second check information ciphertext received by the server matches the first check information stored in the server, and the first authentication information is indeed sent by the terminal, and the terminal access request is not a spoofing attack, and the server completes authentication on the terminal.

And step S105, the server sends the second authentication information to the terminal so that the terminal can authenticate the server.

The second authentication information comprises a fifth verification information ciphertext, the fifth verification information ciphertext is generated by encrypting the fifth verification information through a white box, the fifth verification information is related to the third verification information, and the second authentication information is different from the first authentication information.

It will be appreciated that after the server has completed authenticating the terminal, the terminal also needs to authenticate the server.

At this time, the third check information on the server is the same as the second check information and the fourth check information, and the second check information cipher text corresponding to the second check information is transmitted on the public channel when the first authentication information is transmitted. In order to enable the information transmitted on the public channel to be different every time so as to resist the counterfeit attack, the third check information needs to be processed to obtain fifth check information different from the third check information, and a fifth check information ciphertext generated after the fifth check information is encrypted by the white box is sent to the server.

And step S106, the terminal completes the authentication of the server when the second check information is matched with the fifth check information ciphertext.

Similarly, after receiving the fifth check information ciphertext, the terminal performs white-box decryption on the fifth check information to generate sixth check information.

And processing the stored second check information in the same processing mode as the server to generate seventh check information.

Based on the foregoing description, it can be seen that, if the terminal processes the stored second verification information in the same processing manner as the server, and the obtained seventh verification information is the same as the sixth verification information, the authentication of the terminal on the server can be completed.

In summary, the bidirectional authentication method provided in the embodiments of the present invention is implemented on a server and a terminal, respectively, and the method includes: the terminal sends the first authentication information comprising the second verification information ciphertext to the server, and the second verification information ciphertext is related to the first verification information. And the server performs white-box decryption on the second verification information ciphertext in the first authentication information to generate third verification information, and when the first verification information is matched with the third verification information, the server completes authentication on the terminal. And the server sends second authentication information comprising a fifth verification information ciphertext to the terminal, wherein the fifth verification information ciphertext is related to the third verification information. And when the second verification information is matched with the fifth verification information ciphertext, the terminal completes the authentication of the server. Therefore, the authentication information can be prevented from being acquired by a third party when being transmitted on a public channel, the counterfeit attack on the authentication system can be carried out, and the safety of the authentication system is improved. Moreover, the authentication information sent by the server and the terminal is subjected to white-box encryption, so that the white-box attack can be resisted. In addition, the bidirectional authentication process of the server and the terminal only comprises one-time interaction, so that the authentication system is conveniently deployed in a network system with limited bandwidth.

Further, in order to achieve that the first authentication information and the second authentication information transmitted on the public channel are different, that is, the second verification information ciphertext and the fifth verification information ciphertext are different, and after the terminal and the server process the first verification information in the same processing manner, the generated second verification information is the same as the fourth verification information, and after the second verification information is processed, the generated fifth verification information is the same as the seventh verification information. The embodiment of the invention provides a possible implementation mode, and the verification information is processed by adopting a hash algorithm, namely the verification information is a hash value, and the verification information ciphertext is a hash value ciphertext. Accordingly, the first check information is a first hash value, the first check information ciphertext is a first hash value ciphertext, the second check information is a second hash value, the second check information ciphertext is a second hash value ciphertext, the third check information is a third hash value, the third check information ciphertext is a third hash value ciphertext, the fourth check information is a fourth hash value, the fourth check information ciphertext is a fourth hash value ciphertext, the fifth check information is a fifth hash value, the fifth check information ciphertext is a fifth hash value ciphertext, the sixth check information is a sixth hash value, the sixth check information ciphertext is a sixth hash value ciphertext, the seventh check information is a seventh hash value, the seventh check information ciphertext is a seventh hash value ciphertext, the eighth check information is an eighth hash value ciphertext, and the ninth check information is a ninth hash value, and the ninth check information ciphertext is a ninth hash value ciphertext.

The hash operation is a function operation of converting input information of an arbitrary length into an output of a fixed length by a hash algorithm, that is, a function operation of compressing information of an arbitrary length into an information digest of a fixed length. The hash algorithm has the characteristic of determinacy, namely the same information is used for carrying out the same times of hash operation by using the same hash algorithm at different times, and the obtained hash values are the same. The hash algorithm also has the characteristic of difficult inverse operation, namely, the compressed information can not be obtained through the information abstract. The hash algorithm adopted in the embodiment of the present invention is an SM3 algorithm, and is mainly used for digital signature and verification, message authentication code generation and verification, random number generation, and the like.

It should be noted that, for the same piece of information, hash operations are performed for different times, and the obtained hash values are different, for example, for the information a, one hash operation is performed to obtain a hash value B corresponding to the information a, and then, one hash operation is performed on the hash value B to obtain a hash value C corresponding to the hash value B, where the hash value B and the hash value C have different values. To determine whether the value of the hash value C is correct, two hash operations may be performed on the information a, or one hash operation may be performed on the hash value B, and whether the result is equal to the hash value C may be determined.

In addition, considering that the terminal and the server generate the hash value ciphertext corresponding to the hash value by adopting the white-box encryption method, generally, one server needs to communicate with a plurality of terminals, and the white-box libraries of the terminals performing the white-box encryption or decryption on each terminal are different, so that the server can perform different white-box encryption or decryption on different terminals respectively. The embodiment of the invention provides a possible implementation mode, a secret key corresponding to each terminal and a general white box library are stored in a server, and when bidirectional authentication is carried out on different terminals, the secret key corresponding to the terminal and the general white box library are combined to carry out white box encryption or decryption.

It should be explained that the terminal white box library is generated by the key corresponding to the terminal and the general white box library, and in order to improve the security of the terminal, the terminal white box library is generated according to the key corresponding to the terminal and the general white box library when the terminal is initialized, and the terminal does not store the key. On the server, because the storage space of the key is smaller than that of the terminal white box library, in order to reduce the storage space occupied by the system, only one general white box library and the key corresponding to each terminal are stored, and when identity authentication is carried out with different terminals, the key corresponding to the terminal and the general white box library are used for encryption or decryption.

Therefore, the first authentication information sent by the terminal to the server needs to include the identification code of the terminal, so that the server knows which terminal is currently performing identity verification, so as to encrypt or decrypt the data by using the corresponding key.

It can be understood that the identification code of the terminal corresponds to the terminal one to one, and corresponds to the key of the terminal one to one.

Based on the foregoing description of the hash algorithm, it can be seen that the factors for determining the output result of the hash algorithm include the input information and the hash number, and if the hash number is different, the same output result cannot be obtained even if the input information is the same. Therefore, for the hash algorithm to confirm whether the value of the hash value is correct, it is necessary to know the input information of the hash operation and the number of hash operations at the same time.

Therefore, the first authentication information sent by the terminal to the server also needs to include a second hash number, the first hash value generates a second hash value after the hash operation of the second hash number, the second authentication information sent by the server to the terminal also needs to include a third hash number, and the third hash value generates a fifth hash value after the hash operation of the third hash number.

Correspondingly, the embodiment of the invention also provides a bidirectional authentication method implemented on the server, which comprises the following steps:

in step S11, the first authentication information is received.

The first authentication information comprises a second check information ciphertext, the second check information ciphertext is generated by encrypting the second check information through a white box, the second check information is related to the first check information, and the first check information is stored on the terminal and the server.

In step S12, white-box decryption is performed on the second check information ciphertext to generate third check information.

And step S13, finishing the authentication of the terminal when the first verification information and the third verification information are matched.

Step S14, the second authentication information is sent to the terminal so that the terminal authenticates the server.

Further, in order to achieve that the first authentication information and the second authentication information transmitted on the public channel are different, that is, the second verification information ciphertext is different from the fifth verification information ciphertext, and the terminal and the server process the first verification information in the same processing manner, the generated second verification information is the same as the fourth verification information, and after the second verification information is processed, the generated fifth verification information is the same as the seventh verification information, a possible implementation manner is that the verification information is a hash value, the verification information ciphertext is a hash value ciphertext, the first verification information is a first hash value, the second verification information is a second hash value, the second verification information ciphertext is a second hash value, the third verification information is a third hash value, the fifth verification information is a fifth hash value, and the fifth verification information is a fifth hash value.

Further, in order to enable the server to perform different white-box encryption or decryption on different terminals respectively, a possible implementation manner is that the first authentication information further includes an identification code of the terminal, and step S12 performs white-box decryption on the second verification information ciphertext to generate third verification information, including: and determining a key corresponding to the terminal according to the identification code of the terminal. And performing white-box decryption on the second hash value ciphertext by using a key corresponding to the terminal to generate a third hash value.

Further, in order to complete the authentication of the terminal, a possible implementation manner is that the first authentication information further includes a second hash number, and the second hash value is generated by performing hash operation on the first hash value for the second hash number, and step S13, when the first verification information matches the third verification information, the method completes the authentication of the terminal, including: and performing the hash operation on the first hash value for the second hash times to generate a fourth hash value. And when the fourth hash value and the third hash value are equal, finishing the authentication of the terminal.

It should be noted that, the foregoing explanation of the embodiment of the bidirectional authentication method implemented on the server and the terminal is also applicable to a bidirectional authentication method implemented on the server in this embodiment, and the embodiment of the present invention is not described again.

Correspondingly, the embodiment of the invention also provides a bidirectional authentication method realized on the terminal, which comprises the following steps:

in step S21, first verification information is obtained.

Wherein the first check information is stored on the terminal and the server.

Step S22, the first authentication information is sent to the server so that the server authenticates the terminal.

The first authentication information comprises a second check information cryptograph, the second check information cryptograph is generated by encrypting the second check information through a white box, and the second check information is related to the first check information.

In step S23, the second authentication information is received.

The second authentication information comprises a fifth verification information ciphertext, the fifth verification information ciphertext is generated by encrypting the fifth verification information through a white box, the fifth verification information is related to the second authentication information, and the second authentication information is different from the first authentication information.

And step S24, finishing the authentication of the server when the second check information is matched with the fifth check information ciphertext.

Further, in order to achieve that the first authentication information and the second authentication information transmitted on the public channel are different, that is, the second verification information ciphertext and the fifth verification information ciphertext are different, and the terminal and the server process the first verification information in the same processing manner, the generated second verification information and the fourth verification information are the same, and after the second verification information is processed, the generated fifth verification information and the seventh verification information are the same, a possible implementation manner is that the verification information is a hash value, the verification information ciphertext is a hash value ciphertext, the first verification information is a first hash value, the second verification information is a second hash value, the second verification information ciphertext is a second hash value, the fifth verification information is a fifth hash value, and the fifth verification information ciphertext is a fifth hash value.

Further, in order to complete the authentication of the server, a possible implementation manner is that the second authentication information further includes a third hash number, the fifth hash value is generated by performing hash operation on the third hash number on the third hash value, the third hash value is generated by performing white box decryption on the second hash value ciphertext, step S24, when the second verification information matches the fifth verification information ciphertext, the authentication of the server is completed, including: and performing white-box decryption on the fifth hash value ciphertext to generate a sixth hash value. And carrying out hash operation on the second hash value for a third hash time to generate a seventh hash value. And when the sixth hash value and the seventh hash value are equal, completing the authentication of the server.

It should be noted that the foregoing explanation of the embodiment of the bidirectional authentication method implemented on the server and the terminal is also applicable to a bidirectional authentication method implemented on the terminal in this embodiment, and the embodiment of the present invention is not described again.

Based on the foregoing description, it can be seen that in the bidirectional authentication method provided in the embodiment of the present invention, the terminal has performed bidirectional authentication with the server at least once, that is, the terminal and the server need to complete the first bidirectional authentication. In order to more clearly illustrate the bidirectional authentication method provided in the embodiment of the present invention, another bidirectional authentication method is further provided in the embodiment of the present invention, and fig. 2 is a schematic flow diagram of another bidirectional authentication method provided in the embodiment of the present invention. As shown in fig. 2, the method includes:

in step S201, the terminal sends the identification code of the terminal to the server.

It should be noted that, in the bidirectional authentication method provided in the embodiment of the present invention, when the terminal and the server perform identity authentication for the first time, the first hash value needs to be stored on the terminal and the server at the same time.

Specifically, the terminal sends the authentication code of the terminal to the server to trigger the process of first identity authentication.

Step S202, the server generates a first random number and sends the first random number to the terminal.

It can be understood that, after the server obtains the identification code of the terminal from the terminal, the terminal is determined to be the first identity authentication, and in order to use the uniform identity authentication information in the subsequent identity authentication, in the embodiment of the present invention, in the first identity authentication process, the server first generates the first random number, and the server sends the first random number to the terminal, so that the server and the terminal can store the same first random number as the verification information of the identity authentication.

In step S203, the terminal performs white-box encryption on the first random number by using the terminal white-box library to generate a first random number ciphertext.

And step S204, the terminal sends the first random number ciphertext to the server so that the server can authenticate the terminal for the first time.

Since the server cannot determine the key corresponding to the terminal before acquiring the identifier of the terminal, the terminal transmits the identifier of the terminal to the server in step S201, and the terminal does not encrypt the transmitted information.

And when the terminal sends information to the server for the second time, the server already acquires the identification code of the terminal and can determine the key corresponding to the terminal, and at the moment, the first random number is encrypted and then sent to the server.

In one aspect, the process of encrypting and decrypting enables the server to determine that the first random number has been received by the corresponding terminal, the encrypting and decrypting being in fact a digital signature of the terminal.

On the other hand, the same information can not be transmitted twice on the public channel, and the counterfeit attack is avoided. That is to say, even if the third party intercepts the first random number sent by the server to the terminal and cannot perform white-box encryption, the third party generates the first random number ciphertext according to the first random number, and cannot counterfeit the terminal.

In step S205, the server performs white-box decryption on the first random number ciphertext to generate a second random number.

And step S206, the server completes the first authentication of the terminal when the first random number and the second random number are equal.

It can be understood that the server stores the first random number, and after the first random number ciphertext is obtained from the terminal, the first random number ciphertext is decrypted by using a key corresponding to the terminal, so as to obtain the second random number.

The transmission and encryption of the first random number is not problematic and the size of the first random number should be equal to the second random number. In other words, if the first random number and the second random number are equal, the server completes the first authentication of the terminal.

And step S207, the server sends the first hash value ciphertext to the terminal so that the terminal can authenticate the server for the first time.

The first hash value ciphertext is generated by the first hash value after being encrypted by the white box, and the first hash value is generated by the first random number after being subjected to the hash operation for the first hash times.

It should be understood that the terminal needs to authenticate the server for the first time after the server completes the first authentication of the terminal.

In addition, since the first random number cipher text has already been transmitted on the public channel, the first random number cipher text cannot be transmitted again.

The embodiment of the invention adopts a mode of carrying out the Hash operation on the first random number for the first Hash times to generate the first Hash value, and the first Hash value is used as new authentication information.

Similar to the foregoing description, since the terminal already stores the first random number, the terminal and the server only need to perform the hash operation on the first random number the same number of times, and verify the result, so as to complete the authentication of the terminal to the server.

And S208, the terminal uses the terminal white box library to perform white box decryption on the first hash value ciphertext to generate an eighth hash value.

In step S209, the terminal performs a hash operation on the first random number for the first hash number to generate a ninth hash value.

And step S210, the terminal completes the first authentication of the server under the condition that the eighth hash value and the ninth hash value are equal.

It is to be understood that in the case where the eighth hash value and the ninth hash value are equal, the first hash value, the eighth hash value, and the ninth hash value should be the same.

In step S211, the terminal acquires a first hash value.

Wherein the first hash value is stored on the terminal and the server.

In step S212, the terminal sends the first authentication information to the server, so that the server authenticates the terminal.

The first authentication information comprises a second hash value ciphertext, the second hash value ciphertext is generated by the second hash value after being encrypted by a white box, and the second hash value is generated by the first hash value after being subjected to hash operation for the first hash times.

In step S213, the server performs white-box decryption on the second hash value ciphertext to generate a third hash value.

And step S214, the server completes the authentication of the terminal when the first hash value is matched with the third hash value.

In step S215, the server sends the second authentication information to the terminal, so that the terminal authenticates the server.

The second authentication information comprises a fifth hash value ciphertext, the fifth hash value ciphertext is generated by encrypting the fifth hash value through a white box, and the fifth hash value is generated by performing hash operation on the third hash value for a third hash number.

And step S216, the terminal completes the authentication of the server when the second hash value is matched with the fifth hash value ciphertext.

It should be particularly noted that the explanation of step S101 to step S106 also applies to step S211 to step S216, and the embodiment of the present invention is not repeated herein.

Therefore, the first authentication of the terminal and the server is realized, the first hash value is stored in the terminal and the server simultaneously, and the identity authentication information is provided for the subsequent identity authentication.

In order to avoid that the number of hash operations is directly transmitted on the public channel, one possible implementation is to transmit the accumulated hash number between the terminal and the server, i.e. the number of hash operations that are passed from the first random number to the corresponding hash value.

It can be understood that, because the accumulative hash times and the hash value are transmitted simultaneously, on one hand, the situation that a third party directly obtains the corresponding hash times of the hash operation can be avoided, and on the other hand, whether the transmission of the hash value is in problem or not can be preliminarily judged by means of the numerical values of the accumulative hash times stored on the terminal and the server.

For example, after the server acquires the second hash value ciphertext and the second cumulative hash number, the server needs to update the cumulative hash number stored in the server, and if a problem occurs when the server acquires the second hash value ciphertext and the cumulative hash number stored in the server is smaller than the cumulative hash number stored in the terminal after the server acquires the second cumulative hash number, the terminal needs to re-authenticate, and the server receives the second hash value ciphertext, the second cumulative hash number and the identification code of the terminal again.

Similarly, if the terminal has a problem in acquiring the fifth hash value ciphertext, the cumulative hash number stored in the terminal is not updated and is smaller than the cumulative hash number stored in the server, and then the terminal needs to perform hash operation for multiple times in the next authentication until the cumulative hash number stored in the terminal is greater than the cumulative hash number stored in the server.

In addition, as the number of verifications increases, the number of accumulated hashes increases, which may cause an overflow of the storage of the number of accumulated hashes, the number of accumulated hashes may be set to zero, and the first authentication may be performed again.

Correspondingly, the embodiment of the present invention further provides another bidirectional authentication method implemented on a server, where the method includes:

step S31, generates a first random number, and transmits the first random number to the terminal.

In step S32, a first random number cipher text is received.

The first random number ciphertext is generated by white-box encrypting the first random number.

In step S33, white-box decryption is performed on the first random number ciphertext to generate a second random number.

In step S34, when the first random number and the second random number are equal, the first authentication of the terminal is completed.

And step S35, sending the first hash value ciphertext to the terminal, so that the terminal performs the first authentication on the server.

The first hash value ciphertext is generated by a first hash value through white box encryption, and the first hash value is generated by a first random number through hash operation for a first hash number.

In step S36, the first authentication information is received.

The first authentication information comprises a second hash value ciphertext, the second hash value ciphertext is generated by encrypting a second hash value through a white box, and the second hash value is generated by performing hash operation on the first hash value for the first hash times.

In step S37, white-box decryption is performed on the second hash value ciphertext to generate a third hash value.

And step S38, when the first hash value and the third hash value match, completing the authentication of the terminal.

Step S39, the second authentication information is sent to the terminal so that the terminal authenticates the server.

It should be particularly noted that the foregoing explanation of another bidirectional authentication method implemented on the server and the terminal is also applicable to another bidirectional authentication method implemented on the server in this embodiment, and details of the embodiment of the present invention are not repeated here.

Correspondingly, the embodiment of the invention also provides another bidirectional authentication method implemented on the terminal, which comprises the following steps:

step S41, the identification code of the terminal is sent to the server.

In step S42, the first random number is received.

Step S43, white-box encrypting the first random number using the terminal white-box library to generate a first random number ciphertext.

And step S44, sending the first random number ciphertext to the server so that the server can perform the first authentication on the terminal.

In step S45, the first hash value ciphertext and the first hash number are received.

In step S46, the first hash value ciphertext is white-box decrypted using the terminal white-box library to generate an eighth hash value.

In step S47, a first hash operation is performed on the first random number for a first hash number to generate a ninth hash value.

In step S48, when the eighth hash value and the ninth hash value are equal, the first authentication of the server is completed.

In step S49, a first hash value is obtained.

Wherein the first hash value is stored on the terminal and the server.

Step S410, sending the first authentication information to the server, so that the server authenticates the terminal.

In step S411, the second authentication information is received.

And step S412, when the second hash value and the fifth hash value ciphertext are matched, the server authentication is completed.

It should be particularly noted that the foregoing explanation on another bidirectional authentication method implemented on the server and the terminal is also applicable to another bidirectional authentication method implemented on the terminal in this embodiment, and details of this embodiment of the present invention are not repeated.

In addition, in the bidirectional authentication method provided in the embodiment of the present invention, the terminal needs to use the white-box library of the terminal for encryption and decryption, and in order to generate the white-box library of the terminal on the terminal, another bidirectional authentication method is also provided in the embodiment of the present invention. Fig. 3 is a schematic flowchart of another bidirectional authentication method according to an embodiment of the present invention, and as shown in fig. 3, based on the method flowchart shown in fig. 2, before the terminal sends the identifier of the terminal to the server in step S201, the method further includes:

step S301, the server generates a plurality of keys and a universal white box library, and respectively sends the keys and the universal white box library to the corresponding terminals.

It can be understood that, during system initialization, the key and the common white-box library need to be synchronized on the server and the terminal, and specifically, the server generates and distributes a plurality of keys and common white-box libraries, so that different terminals receive the same common white-box library and different keys.

And step S302, the terminal acquires the key and the general white box library corresponding to the terminal from the server, and generates the terminal white box library according to the key and the general white box library corresponding to the terminal.

Based on the foregoing description, it can be known that the terminal in the embodiment of the present invention is in a state of being easily attacked by a white box by a third party, and in order to avoid that the key corresponding to the terminal is directly stored on the terminal and is acquired by the third party, the terminal generates the terminal white box library after receiving the key and the general white box library. Even if the third party acquires the white box library of the terminal, the third party cannot obtain the secret key, and the safety of the system is improved.

It should be noted that the terminal white box library provided in the embodiment of the present invention is a dynamic white box library, that is, the white box library can be dynamically updated.

For the dynamic white box library, there are two implementation manners, one is to keep the key unchanged and dynamically update the general white box library, and the other is to keep the general white box library unchanged and dynamically update the key group. Updating the universal white-box library is complex but has high security, and updating the key set is simple but has low security. In practical use, a suitable implementation manner may be selected according to requirements, which is not limited in the embodiment of the present invention.

Therefore, the terminal white box library is used for encryption and decryption on the terminal.

Accordingly, another bidirectional authentication method implemented on a server is further provided in the embodiments of the present invention, where before generating the first random number in step S31, the method further includes: and generating a plurality of keys and a universal white box library, and respectively sending the keys and the universal white box library to corresponding terminals.

It should be particularly noted that the foregoing explanation of another bidirectional authentication method implemented on the server and the terminal is also applicable to another bidirectional authentication method implemented on the server in this embodiment, and details of this embodiment of the present invention are not repeated.

Accordingly, another bidirectional authentication method implemented on a terminal is further provided in the embodiments of the present invention, where before sending the identifier of the terminal to the server in step S41, the method further includes: and receiving the key and the general white box library corresponding to the terminal, and generating the terminal white box library according to the key and the general white box library corresponding to the terminal.

It should be particularly noted that the foregoing explanation of another bidirectional authentication method implemented on the server and the terminal is also applicable to another bidirectional authentication method implemented on the terminal in this embodiment, and details of the embodiment of the present invention are not repeated here.

To more clearly illustrate the mutual authentication method provided in the implementation of the present invention, a distance description is given below, and fig. 4 is a flowchart of an example of the mutual authentication method provided in the embodiment of the present invention, as shown in fig. 4.

When the system is initialized, a plurality of keys and a universal white box library are generated on the server, different keys and the universal white box library are sent to different terminals, and the terminal generates the terminal white box library after acquiring the corresponding keys and the universal white box library.

When the first identity authentication is carried out, the terminal sends the identification code of the terminal to the server, and the server is informed that a new terminal needs to be added into the network and needs to carry out the first identity authentication. The server generates a first random number and sends the first random number to the terminal, after the terminal acquires the first random number, the terminal white box library is used for carrying out white box encryption on the first random number to generate a first random number ciphertext, and the first random number ciphertext is sent to the server.

The server determines a key corresponding to the terminal according to the identification code of the terminal acquired before, white-box decryption is performed on the first random number ciphertext by using the key corresponding to the terminal to obtain a second random number, the first random number stored locally and the second random number obtained through decryption are compared, and if the first random number and the second random number are equal, the server completes the first identity authentication on the terminal.

The server performs hash operation on the first random number for a first hash number to generate a first hash value, and stores the first hash number as a first accumulated hash number on the server. And white-box encryption is carried out on the first hash value by using a key corresponding to the terminal to obtain a first hash value ciphertext, and the first hash value ciphertext and the first accumulated hash times are sent to the terminal.

And after the terminal acquires the first hash value ciphertext, carrying out white box decryption to obtain an eighth hash value. After the terminal obtains the first accumulated hash times, the terminal can further determine the first hash times, and perform hash operation on the locally stored first random number for the first hash times to generate a ninth hash value. And comparing the values of the eighth hash value and the ninth hash value, if the values of the eighth hash value and the ninth hash value are equal, the terminal completes the first identity authentication of the server, and stores the ninth hash value serving as the first hash value locally.

In the subsequent identity authentication process, the terminal performs hash operation on the locally stored first hash value for a second hash number to generate a second hash value, and performs white-box encryption on the second hash value by using the terminal white-box library to generate a second hash value ciphertext. And adding the first accumulated hash times and the second hash times to obtain second accumulated hash times. And sending the second hash value ciphertext, the second accumulated hash times and the identification code of the terminal to the server.

And the server determines a key corresponding to the terminal according to the identification code of the terminal, and performs white-box decryption on the second hash value ciphertext by using the key corresponding to the terminal to generate a third hash value. And the server obtains a second hash frequency according to the second accumulated hash frequency and the first accumulated hash frequency, performs hash operation on the locally stored first hash value for the second hash frequency to generate a fourth hash value, compares the third hash value with the fourth hash value, and if the third hash value and the fourth hash value are equal, completes identity authentication on the terminal.

And the server performs hash operation on the third hash value for the third hash times to obtain a fifth hash value, and performs white-box encryption on the fifth hash value by using a key corresponding to the terminal to obtain a fifth hash value ciphertext. And adding the second accumulated hash times and the third hash times to obtain third accumulated hash times. And sending the fifth hash value ciphertext and the third accumulated hash times to the terminal.

And the terminal acquires the fifth hash value ciphertext and the third accumulated hash times from the server, and then determines the third hash times. And the terminal performs white-box decryption on the fifth hash value ciphertext by using the terminal white-box library to generate a sixth hash value. And the terminal performs hash operation on the locally stored second hash value for a third hash time to generate a seventh hash value. And comparing the sizes of the sixth hash value and the seventh hash value, and if the sizes of the sixth hash value and the seventh hash value are equal, the terminal completes identity authentication on the server.

It should be noted that, in the bidirectional authentication method provided in the embodiment of the present invention, method steps corresponding to the terminal and the server may be interchanged, that is, the steps implemented on the terminal may be implemented on the server, and the steps implemented on the server may also be implemented on the terminal, which is not limited in the embodiment of the present invention.

In order to implement the foregoing embodiment, an embodiment of the present invention further provides a server, where the server is configured to receive the first authentication information. The first authentication information comprises a second check information ciphertext, the second check information ciphertext is generated by encrypting the second check information through a white box, the second check information is related to the first check information, and the first check information is stored on the terminal and the server. And carrying out white-box decryption on the second check information ciphertext to generate third check information. And when the first verification information is matched with the third verification information, the authentication of the terminal is completed. Sending the second authentication information to the terminal so that the terminal can authenticate the server; the second authentication information comprises a fifth verification information ciphertext, the fifth verification information ciphertext is generated by encrypting the fifth verification information through a white box, the fifth verification information is related to the third verification information, and the second authentication information is different from the first authentication information.

Specifically, fig. 5 is a schematic structural diagram of a server according to an embodiment of the present invention, and as shown in fig. 5, the server includes:

the receiving module 110 is configured to receive the first authentication information. The first authentication information comprises a second check information ciphertext, the second check information ciphertext is generated by encrypting the second check information through a white box, the second check information is related to the first check information, and the first check information is stored on the terminal and the server.

The decryption module 120 is configured to perform white-box decryption on the second check information ciphertext received by the receiving module 110, so as to generate third check information.

And the authentication module 130 is configured to complete authentication of the terminal when the first verification information matches the third verification information.

A sending module 140, configured to send the second authentication information to the terminal, so that the terminal authenticates the server. The second authentication information comprises a fifth verification information ciphertext, the fifth verification information ciphertext is generated by encrypting the fifth verification information through a white box, the fifth verification information is related to the third verification information, and the second authentication information is different from the first authentication information.

It should be noted that the foregoing explanation of the bidirectional authentication method implemented on the server is also applicable to the server proposed in the embodiment of the present invention, and details are not described here.

In order to implement the foregoing embodiment, an embodiment of the present invention further provides a terminal, where the terminal is configured to obtain the first verification information. Wherein the first check information is stored on the terminal and the server. And sending the first authentication information to the server so that the server authenticates the terminal. The first authentication information comprises a second check information cryptograph, the second check information cryptograph is generated by encrypting the second check information through a white box, and the second check information is related to the first check information. Second authentication information is received. The second authentication information comprises a fifth verification information ciphertext, the fifth verification information ciphertext is generated by encrypting the fifth verification information through a white box, the fifth verification information is related to the second verification information, and the second authentication information is different from the first authentication information. And when the second verification information is matched with the fifth verification information ciphertext, the server is authenticated.

Specifically, fig. 6 is a schematic structural diagram of a terminal according to an embodiment of the present invention, and as shown in fig. 6, the terminal includes:

the obtaining module 210 obtains the first verification information. Wherein the first check information is stored on the terminal and the server.

The sending module 220 sends the first authentication information to the server, so that the server authenticates the terminal. The first authentication information comprises a second check information cryptograph, the second check information cryptograph is generated by encrypting the second check information through a white box, and the second check information is related to the first check information.

A receiving module 230, configured to receive the second authentication information. The second authentication information comprises a fifth verification information ciphertext, the fifth verification information ciphertext is generated by encrypting the fifth verification information through a white box, the fifth verification information is related to the second authentication information, and the second authentication information is different from the first authentication information.

And the authentication module 240 is configured to complete authentication on the server when the second check information matches the fifth check information ciphertext.

It should be noted that the foregoing explanation on the bidirectional authentication method implemented on the terminal is also applicable to the terminal provided in the embodiment of the present invention, and is not described herein again.

In order to implement the foregoing embodiment, an embodiment of the present invention further provides a bidirectional authentication system, where the system includes the server and the terminal provided in the foregoing embodiment.

It can be clearly understood by those skilled in the art that, for convenience and simplicity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.

In the embodiments provided in the present invention, it should be understood that the disclosed system, apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, a division of a unit is merely a logical division, and an actual implementation may have another division, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.

Units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.

In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional unit.

The integrated unit implemented in the form of a software functional unit may be stored in a computer readable storage medium. The software functional unit is stored in a storage medium and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device) or a Processor (Processor) to execute some steps of the methods according to the embodiments of the present invention. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.

The present invention is not limited to the above preferred embodiments, and any modifications, equivalent substitutions, improvements, etc. made within the spirit and principle of the present invention should be included in the scope of the present invention.

Claims

1. A mutual authentication method, wherein the method is implemented on a server, and wherein the method comprises:

receiving first authentication information; the first authentication information comprises a second check information ciphertext, the second check information ciphertext is generated by second check information after the second check information is encrypted by a white box, the second check information is related to first check information, and the first check information is stored on the terminal and the server;

performing white-box decryption on the second check information ciphertext to generate third check information;

when the first verification information is matched with the third verification information, the terminal is authenticated;

sending second authentication information to the terminal so that the terminal can authenticate the server; the second authentication information comprises a fifth verification information ciphertext, the fifth verification information ciphertext is generated by encrypting the fifth verification information through a white box, the fifth verification information is related to the third verification information, and the second authentication information is different from the first authentication information;

the verification information is a hash value, the verification information ciphertext is a hash value ciphertext, the first verification information is a first hash value, the second verification information is a second hash value, the second verification information ciphertext is a second hash value ciphertext, the third verification information is a third hash value, the fifth verification information is a fifth hash value, and the fifth verification information ciphertext is a fifth hash value ciphertext;

the first authentication information further comprises a second hash number, the second hash value is generated by the first hash value after the hash operation of the second hash number,

when the first verification information is matched with the third verification information, the authentication of the terminal is completed, including:

performing the second hash times of hash operation on the first hash value to generate a fourth hash value;

and when the fourth hash value and the third hash value are equal, finishing the authentication of the terminal.

2. The method of claim 1, wherein the first authentication information further includes an identification code of the terminal,

the white-box decrypting the second check information ciphertext to generate third check information includes:

determining a key corresponding to the terminal according to the identification code of the terminal;

and white box decryption is carried out on the second hash value ciphertext by using the key corresponding to the terminal so as to generate a third hash value.

3. The method of claim 2, wherein prior to said receiving first authentication information, further comprising:

generating a first random number and sending the first random number to the terminal;

receiving a first random number ciphertext; the first random number ciphertext is generated by white-box encrypting the first random number;

performing white-box decryption on the first random number ciphertext to generate a second random number;

when the first random number and the second random number are equal, finishing the first authentication of the terminal;

sending the first hash value ciphertext to the terminal so that the terminal can authenticate the server for the first time; the first hash value ciphertext is generated by the first hash value after being encrypted by a white box, and the first hash value is generated by the first random number after being subjected to hash operation for a first hash number.

4. The method of claim 3, prior to said generating said first random number, further comprising:

and generating a plurality of keys and a universal white box library, and respectively sending the keys and the universal white box library to the corresponding terminals.

5. A mutual authentication method, which is implemented on a terminal, includes:

acquiring first checking information; wherein the first verification information is stored on the terminal and the server;

sending the first authentication information to the server so that the server can authenticate the terminal; the first authentication information comprises a second check information ciphertext, the second check information ciphertext is generated by second check information after the second check information is encrypted by a white box, and the second check information is related to the first check information;

receiving second authentication information; the second authentication information comprises a fifth verification information ciphertext, the fifth verification information ciphertext is generated by encrypting fifth verification information through a white box, the fifth verification information is related to the second verification information, and the second authentication information is different from the first authentication information;

when the second check information is matched with the fifth check information ciphertext, finishing the authentication of the server;

the verification information is a hash value, the verification information ciphertext is a hash value ciphertext, the first verification information is a first hash value, the second verification information is a second hash value, the second verification information ciphertext is a second hash value ciphertext, the fifth verification information is a fifth hash value, and the fifth verification information ciphertext is a fifth hash value ciphertext;

the second authentication information further comprises a third hash frequency, the fifth hash value is generated by a third hash value after the third hash frequency is subjected to hash operation, the third hash value is generated by a second hash value ciphertext after the second hash value ciphertext is subjected to white-box decryption,

when the second check information and the fifth check information ciphertext are matched, completing authentication on the server, including:

performing white-box decryption on the fifth hash value ciphertext to generate a sixth hash value;

performing the third hash operation on the second hash value for the third hash number to generate a seventh hash value;

and when the sixth hash value and the seventh hash value are equal, completing the authentication of the server.

6. The method of claim 5, prior to said obtaining the first verification information, further comprising:

sending the identification code of the terminal to the server;

receiving a first random number;

performing white-box encryption on the first random number by using the terminal white-box library to generate a first random number ciphertext;

sending the first random number ciphertext to the server so that the server can perform first authentication on the terminal;

receiving a first hash value ciphertext and a first hash frequency; the first hash value ciphertext is generated by the first hash value after being subjected to white-box encryption; the first hash value is generated by the first random number after the first hash operation for a first hash number;

performing white-box decryption on the first hash value ciphertext by using the terminal white-box library to generate an eighth hash value;

performing a hash operation on the first random number for the first hash number to generate a ninth hash value;

and under the condition that the eighth hash value and the ninth hash value are equal, finishing the first authentication of the server.

7. The method of claim 6, wherein prior to said sending the identification code of the terminal to the server, further comprising:

and receiving the key and the general white box library corresponding to the terminal, and generating the terminal white box library according to the key and the general white box library corresponding to the terminal.

8. A server, characterized in that the server is configured to,

sending second authentication information to the terminal so that the terminal can authenticate the server; the second authentication information comprises a fifth verification information ciphertext, the fifth verification information ciphertext is generated by white-box encryption of the fifth verification information, the fifth verification information is related to the third verification information, and the second authentication information is different from the first authentication information;

9. A terminal, characterized in that the terminal is configured to,

acquiring first check information; wherein the first verification information is stored on the terminal and the server;

performing the third hash operation on the second hash value for the third hash times to generate a seventh hash value;

10. A mutual authentication system, characterized in that the system comprises a server according to claim 8, and a terminal according to claim 9.