Presently, as the Internet technologies and e-business develop rapidly, more and more business activities have been transferred to carry out on networks. The face-to-face business transactions are being replaced by the non-face-to-face business transactions, which require that both of the transaction parties have an approach to indicating their own identities and identifying each other quickly and accurately.
In addition to the business field, the Internet technologies also have been introduced by the government departments into their work for improving office efficiency. The networks enable a rapid transmission of government information, which in turn requires that both of the communication parties can make identity authentication quickly and accurately.
The requirement of personal identity authentication on networks can be satisfied very well by using an intelligent encryption key. The intelligent encryption key has a built-in microprocessor capable of performing RSA algorithm, which can generate and store inside the hardware thereof a private key that indicates the identity of a user. The private key can be used to “sign” data, so as to indicate the identity of the sender and be verified by the receiver during communication.
As mentioned above, the “private key” of the intelligent encryption key user must be well “secured”, and can only be used under the authorization of the user. In the prior art, the security is obtained by disposing the “private key” into a secure storage chip, and the “authorization” to the use of the “private key” is made by means of the “Personal Identification Number (PIN)” of the user.
Recently, as great progress has been made in biometric identification technology, fingerprint, iris, voice or even face of a person can be used as the biometric of the person to identify the person's identity. Wherein the fingerprint identification technology is relatively more sophisticated and some practical hardware modules have been realized for it. Therefore, it is a necessity to combine the biometric identification technology with the intelligent encryption key for improving the security and usability of the intelligent encryption key.
At present, the biometric identification technology and the intelligent encryption key are usually combined in such a way that a host (terminal) is connected with a biometric identification module and an intelligent encryption key and communicates with them respectively to complete identification operation. This application form has two defects: one is the high cost, because the two parts of hardware systems separate from each other and have respective data communication ports, which require some additional hardware (e.g. a hub) to connect the two parts; the other is the poor security, because the hardware of the biometric identification module and the hardware of the intelligent encryption key are not integrated seamlessly, and the software of the biometric identification module and the software of the intelligent encryption key are separated from each other and lack of cooperation, resulting in being susceptible to being attacked.