摘要 |
An authentication method is provided to increase the security even though many users use by deriving the secret keys from the user password. An ID and a password(PW) for user authentication are inputted to a terminal(S200). The terminal produces the secret key K and OPc of 128 bit from the inputted password(S210). If the user ID is delivered to the certificate server(S220), an authentication server produces the secret key K and OPc of 128 bit from the password(PW) corresponding to the user ID(S230). The random number(RAND) and the authentication token(AUTN) are generated(S240). The generated random number(RAND) and authentication token(AUTN) are transmitted to the terminal(S250). The validity of the authentication token(AUTN) delivered from the certificate server is verified(S260). The response(RES) value is generated through the AKA conversion algorithm(S270). The generated response value is transmitted to the certificate server(S280). After inspecting the generated response value coincided with the response(RES) value delivered from the terminal(S290), the authentication success signal is transmitted to the terminal(S300).
|