The invention discloses an
authentication method and device based on a
generic bootstrapping architecture (GBA). The method comprises the steps of: receiving an initial request message which is sent from a user terminal through a
bootstrapping server function (BSF), and obtaining and storing
authentication parameters and guide
authentication parameters from a user attribution
server according to a user identification which is carried in the message; receiving and storing the guide authentication parameters which are sent from the BSF through utilizing the user terminal, transmitting the guide authentication parameters to a user card, and receiving the authentication parameters which are set back from the user card; obtaining the corresponding preset secret keys of
user authentication module (UAM) product serial numbers through a UAM module, generating
random parameters, and generating certification parameters according to the preset secret keys, the
random parameters and the authentication parameters and the guide authentication parameters which are set by the user terminal; obtaining the corresponding preset secret key through the BSF according to the UAM product serial numbers carried in the initial request message, and authenticating the certification parameters according to the
random parameters, the authentication parameters, the guide authentication parameters and the preset secret keys. Compared with the prior art, the safety of a GBA initial process can be improved.