Authentication
Authentication, also known as "verification", "Authentication" means to complete the identification of the user through certain means. There are many methods of authentication, which can be divided into three parts: Authentication based on shared key, authentication based on biological feature and authentication based on public key encryption algorithm . Different authentication methods, security also have high and low.
The purpose of authentication is to confirm that the user who is currently claiming to be a certain identity is indeed the claimed user. In daily life, authentication is not uncommon; for example, by checking each other's credentials, we can generally be sure of the other person's identity. Although the practice of confirming each other's identity in daily life is also a generalized "authentication", the term "authentication" is used more and more in the fields of computer and communication.
Based on shared secret key
Authentication based on shared key means that the server side and the user share a password or a group of passwords. When a user needs authentication, the user submits a password that is shared by the user and the server by entering or storing a device with a password. After receiving the user's password, the server checks that the password submitted by the user is the same as the server-side password and, if so, judges the user as a legitimate user. Authentication fails if the user submits a password that is inconsistent with the password stored on the server side.
There are many services that use authentication based on shared keys, such as the vast majority of Internet access services, the vast majority of BBS and Wikipedia, and so on.
based on biological characteristics
Biometric authentication is based on the unique physical characteristics of each person, such as fingerprints, Iris, and so on.
based on public key encryption algorithm
Authentication based on public key encryption algorithm means that both parties hold public and private keys in communication. By using a private key to encrypt a particular data, the other party uses a public key to decrypt the data, and if the decryption succeeds, the user is considered a legitimate user, otherwise it is considered an authentication failure.
Services that use authentication based on the public key encryption algorithm are: SSL, digital signature, and so on.