Bio-intelligence smart card public key organic integration of three technologies

2019-03-22 07:19:12
The organic integration of biometrics, smart cards, and public key infrastructure (PKI) technologies can be described as a three-card, complementary, truly enabling people to enjoy the convenience and safety when surfing the Internet.

1 Introduction

With the continuous development of the Internet, more and more people are beginning to try online trading. However, malicious threats such as viruses, hackers, phishing, and phishing scams pose great challenges to the security of online transactions. According to surveys conducted by the survey agencies, the direct losses suffered by banks and consumers in the United States last year totaled $2.4 billion due to cyber fraud, and the average cost per victim was about $1,200. According to Hong Kong Ming Pao News, Hong Kong’s direct losses due to online fraud last year amounted to HK$1.4 million.

The endless stream of cybercrime has caused people to trust the network identity. How to prove "who am I?" and how to prevent identity fraud has once again become the focus of attention.

2 Analysis of major identity authentication technologies

At present, there are mainly the following types of identity authentication methods commonly used in computers and network systems:

2.1 Username/Password Mode

The username/password is the simplest and most commonly used authentication method and is based on the "what you know" verification method. The password of each user is set by the user himself, and only the user knows it. As long as the password is entered correctly, the computer considers the operator to be a legitimate user. In fact, because many users often use a string that is easy to be guessed, such as a birthday or a phone number, as a password, or put a password on paper and put it in a place that is considered safe, in order to prevent forgetting the password, it is easy to cause password leakage. . Even if the user password is not leaked, since the password is static data, it needs to be transmitted in the computer memory and in the network during the verification process, and the verification information used for each verification is the same, and it is easy to be resident in the computer. Intercepted by a Trojan in memory or a listening device in the network. Therefore, in terms of security, the username/password method is a very insecure authentication method.

2.2 Smart Card Authentication

A smart card is a chip with a built-in integrated circuit. The chip stores data related to the user's identity. The smart card is produced by a specialized manufacturer through a special device and is a non-replicable hardware. The smart card is carried by a legitimate user. When logging in, the smart card must be inserted into a dedicated card reader to read the information to verify the identity of the user. Smart card authentication is based on the "what you have" approach, and the smart card hardware cannot be copied to ensure that the user's identity is not spoofed. However, since the data read from the smart card is static every time, it is easy to intercept the user's authentication information through technologies such as memory scanning or network monitoring, so there is still a security risk.

2.3 Dynamic Password

Dynamic password technology is a technology that allows users to change their passwords according to time or number of uses, and each password can only be used once. It uses a dedicated hardware called dynamic token, built-in power supply, password generation chip and display screen. The password generation chip runs a special password algorithm to generate the current password according to the current time or number of uses and display it on the display. The authentication server uses the same algorithm to calculate the current valid password. The user only needs to input the current password displayed on the dynamic token into the client computer to realize identity authentication. Since the password used each time must be generated by a dynamic token, only the legitimate user holds the hardware, so the identity of the user can be considered reliable by password verification. The password used by the user is different every time. Even if the hacker intercepts the password once, the password cannot be used to fake the identity of the legitimate user.

Dynamic password technology adopts a one-time and one-secret method to effectively ensure the security of user identity. However, if the time or number of times between the client and the server cannot be well synchronized, a problem that a legitimate user cannot log in may occur. And each time the user logs in, he needs to input a long string of irregular passwords through the keyboard. Once the error is entered, it is necessary to re-operate, which is very inconvenient to use.

2.4 USB Key Certification

The USB Key-based identity authentication method is a convenient and secure identity authentication technology developed in recent years. It adopts a strong two-factor authentication mode combining hardware and software and one time and one secret, which solves the contradiction between security and ease of use. The USB Key is a USB interface hardware device. It has a built-in single-chip or smart card chip, which can store the user's key or digital certificate, and uses the built-in cryptographic algorithm of the USB Key to authenticate the user. There are two application modes based on the USB Key identity authentication system: one is based on the impact/response authentication mode, and the other is the authentication mode based on the PKI system.

3 Technical return

Traditional identity authentication technology has always been outside the human body. The technical means of identity verification has been in the circle, and it has become more and more complicated. For example, the method of "user name + password" transition to smart card first needs to carry a smart card at any time. Secondly, it is easy to lose or stolen. The re-registration procedure is cumbersome and lengthy, and you still need to issue other documents that can prove your identity. It is very inconvenient to use.

It was not until the successful application of biometrics that the circle finally came back. This kind of "back" is not only in the advancement of technology, but also in the "experience economy" and humanistic perspective. It truly returns to the most primitive physiological affiliation of human beings, and through this ultimate attachment, returns to humanity. At the same time, it also maximizes the enormous energy that this “absolute personalization” originally had in guiding humanity’s own safe and simple life.

Biometric technology is primarily a technique for authenticating a biometric through a measurable body or behavior. Biometrics are the only physiological features or behaviors that can be measured or automatically identified and verified. Biological characteristics are divided into two categories: physical characteristics and behavioral characteristics. Physical characteristics include: fingerprint, palm shape, retina, iris, human body odor, face shape, blood vessels of the hand and DNA; behavioral characteristics include: signature, voice, walking gait, etc. At present, some scholars classify retinal recognition, iris recognition and fingerprint recognition as advanced biometrics; classify palm recognition, face recognition, speech recognition and signature recognition as secondary biometrics; vascular texture recognition and human odor recognition DNA identification and so on are classified as "deep" biometrics.

Compared with traditional identity authentication technology, biometric technology has the following characteristics:

(1) Portable: Biological characteristics are inherent characteristics of the human body, and are uniquely bound to the human body and have a portable body.

(2) Security: Human characteristics are themselves the best proof of personal identity and meet higher security needs.

(3) Uniqueness: Each person has different biological characteristics.

(4) Stability: Biological characteristics such as fingerprints, irises and other human characteristics do not change with time and other conditions.

(5) Extensive: Everyone has this characteristic.

(6) Convenience: Biometric technology does not require memorizing passwords and carrying special tools (such as keys) and will not be lost.

(7) Collectability: The selected biometrics are easy to measure.

(8) Acceptability: The user is willing to accept the selected personal biometrics and their application.

Based on the above characteristics, biometric technology has the advantages that traditional identity authentication methods cannot match. With biometrics, you don't have to remember and set passwords, making it easier to use.

4 Outlook

As far as the current trend is concerned, the integration and application of several security mechanisms including biometrics is becoming a new trend. Among them, the more striking is the combination of biometrics, smart cards, and public key infrastructure (PKI) technologies, such as fingerprint KEY products. In theory, PKI provides a perfect security framework. The core of its security is the protection of the private key. The smart card has built-in CPU and secure storage unit. The security operation involving the private key is completed in the card, which can guarantee that the private key will never be Exporting the card, thus ensuring the absolute security of the private key; biometric technology no longer needs to remember and set the password, the absolute differentiation of the individual makes the biometric identification the highest authority from the beginning. The organic integration of the three technologies can be described as a three-card, complement each other, and truly enable people to enjoy the convenience and safety when surfing the Internet.

A Hollow Board Turnover Box

A Hollow Plate Turnover Box

Hollow Board turnover box with bending, anti-aging, bearing strength, tensile, compression, tearing, high temperature, rich colors, to make the packing box turnover box can be used for flow and can be used in the finished product packaging of shipment, lightweight, durable, can be stacked. Can be customized according to user demand various specifications, dimensions, aluminum alloy wrap side, can add cover, dustproof, the appearance is beautiful and generous. The hollow plate turnover box is designed and made according to the size of the customer, and the most reasonable loading is made, and the multi-boxes can be overlapped, which can effectively utilize the plant space, increase the storage of spare parts, and save the production cost.

Corrugated Plastic Box 

A good product to replace the carton box. It's waterproof and reusable. In general, one corrugated bin can reuse about 20 times!

A better choice as packing material than paper, whose cost is lower and more environmentally friendly. 
We can supply many kinds of the corrugated plastic box, which can be used to shipping boxes, storge boxes, fruit and vegetables packing boxes or other corrugated plastic containers. What's more, We`re also a supplier who can provide customized services,we can design corrugated plastic box according to your request!


Turnover Box(Corrugated Plastic Box)

A Hollow Plate Turnover Box,Wantong Board Turnover Box,Conduction Turnover Box,PP Plastic Hollow Box

Shenzhen HLC Plastic Products Co., Ltd. , http://www.hlcplastic.com