One or more embodiments of the present specification provide an identity authentication method, a terminal and a server. The terminal obtains a public key and a private key pair according to a deviceidentification number, generates a random number, and performs digital signature processing on the device identification number and the random number by using a private key to obtain signature data, and sends the device identification number, the random number and the signature data to a server, so that the server searches a public key corresponding to the terminal from a preset public key matrixaccording to the device identification number, verifies the signature data by using the searched public key, generates a communication key if the verification is passed, encrypts the communication keyby using the searched public key, obtains a ciphertext communication key, sends the ciphertext communication key to the terminal, receives a ciphertext communication key sent by the server, decryptsthe ciphertext communication key by using the private key to obtain a communication key, and performs secret communication with the server by using the communication key. According to the embodiment of the invention, identity authentication between the terminal and the server can be realized, and the authentication process is relatively simple.