基于BIP安全通道的iOS系统安全便捷身份认证方案  

作　　者：黄世烨 黄一平[1] 梁梓辰 农丽萍[3] HUANG Shiye;HUANG Yiping;LIANG Zichen;NONG Liping(School of Electronic and Information Engineering,Guangxi Normal University,Guilin 541000,China;School of Computer Science and Engineering,Guangxi Normal University,Guilin 541000,China;School of Physical Science and Technology,Guangxi Normal University,Guilin 541000,China)

机构地区：[1]广西师范大学电子与信息工程学院,广西桂林541000 [2]广西师范大学计算机科学与工程学院,广西桂林541000 [3]广西师范大学物理科学与技术学院,广西桂林541000

出　　处：《现代电子技术》2024年第19期40-46,共7页Modern Electronics Technique

基　　金：广西科技计划项目(桂科AD23026225);2019年广西第四批创新驱动发展专项资金项目(桂科AA19254001)。

摘　　要：针对iOS系统应用软件与移动安全加密智能芯片间无法直接交互的问题,提出一种BIP安全通道通信方案,进而为iOS系统应用软件提供一种安全便捷的身份认证解决方案。该方案包括客户端与BIP服务器安全通信、BIP与移动安全加密智能芯片安全通信以及客户端与移动安全加密智能芯片安全通信三个模块。方案利用移动安全加密智能芯片提供的数字签名技术为iOS客户端APP提供安全便捷的身份认证服务。通过对该方案进行安全性分析及对客户端进行性能测试,结果表明,该方案既具有安全便捷的应用效果,又具备低开销和低延迟特性。目前已应用于手机银行和信息加密领域中,具有广阔的应用前景。In view of the fact that the iOS application software and the mobile secure encryption smart chip fail to interact with each other directly,a BIP(bearer independent protocol)secure channel communication scheme,which in turn provides a secure and convenient identity authentication solution for the iOS application software,is proposed.The scheme includes three modules,named secure communication between client and BIP server,secure communication between BIP and mobile secure encryption smart chip,and secure communication between client and mobile secure encryption smart chip.In the solution,the digital signature technology provided by the mobile secure encryption smart chip is used to provide secure and convenient identity authentication services for the APP of the iOS client.The security analysis of the scheme and the performance test of the client are implemented.The results show that the proposed scheme not only has the secure and convenient performance,but also has the low overhead and low latency characteristics in the application.It has been applied in the field of mobile banking and information encryption.It will have a broad application prospect.

关 键 词：BIP通道技术 移动安全加密智能芯片 iOS系统 国密算法 身份认证 密钥协商 数字签名 客户端应用 

分 类 号：TN918.9-34[电子电信—通信与信息系统]