CN101291228B - Generating, authenticating method for super code, system and device thereof - Google Patents
Generating, authenticating method for super code, system and device thereof Download PDFInfo
- Publication number
- CN101291228B CN101291228B CN2008101152044A CN200810115204A CN101291228B CN 101291228 B CN101291228 B CN 101291228B CN 2008101152044 A CN2008101152044 A CN 2008101152044A CN 200810115204 A CN200810115204 A CN 200810115204A CN 101291228 B CN101291228 B CN 101291228B
- Authority
- CN
- China
- Prior art keywords
- super code
- super
- algorithm
- time
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title claims abstract description 50
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 103
- 238000000205 computational method Methods 0.000 claims description 12
- 238000012795 verification Methods 0.000 claims description 8
- 238000012797 qualification Methods 0.000 claims description 7
- 238000013475 authorization Methods 0.000 claims description 5
- 238000004891 communication Methods 0.000 abstract description 2
- 230000000875 corresponding effect Effects 0.000 description 11
- 239000000047 product Substances 0.000 description 11
- 230000008569 process Effects 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 3
- 238000004519 manufacturing process Methods 0.000 description 3
- 230000003068 static effect Effects 0.000 description 3
- 230000008878 coupling Effects 0.000 description 2
- 238000010168 coupling process Methods 0.000 description 2
- 238000005859 coupling reaction Methods 0.000 description 2
- 230000002123 temporal effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 230000002596 correlated effect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000012467 final product Substances 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000008676 import Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 239000011159 matrix material Substances 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
Images
Abstract
The invention discloses a method, a system and a device for generating and authenticating a super password, belonging to the communication field. The method comprises the following steps that: a request message is received; according to the system time, a super password generating algorithm is selected; according to system time and device identification, the super password is generated; after the device receives the super password, the device identification and the system time of the current time are obtained;according to the system time of the current time, the super password generating algorithm is selected;according to the system time of the current time and the device identification, a authentication password is generated by the selected super password generating algorithm; whether the authentication password matches the super password is judged;if yes, the super password is qualified. The system comprises a super password generating device and an authentication device. The method takes the system time and the device identification as the foundation to generate the super password, sets the permission for the generated super password, completely guarantees the safety of the super password obtained by a valid user, and reduces the potential safety hazard.
Description
Technical field
The present invention relates to the communications field, particularly a kind of generation of super code, authentication method and system, equipment.
Background technology
Raising along with the community networkization and the level of informatization; information has become people's the closely bound up a kind of industry of vital interests; the fail safe of information also more and more is subjected to people's attention; be used to protect the private information resource not to be subjected to other people to invade the most convenient effective and efficient manner and password is people always, the cipher authentication technique of Dan Shenging is also increasingly mature thereupon.Cipher authentication is as one of authentication mode of the simplest and most convenient, it uses the resource of remote server that chance is provided to validated user, but under unsafe network environments such as Internet, in the process of cipher authentication, login be stolen and be used repeatedly to any data of transmission all might by victim, thereby obtain more privately owned resource, have a lot of potential safety hazards.
Simultaneously, the user is accessing to your password when carrying out the visit of resource after getting access to password, and also can occur some user unavoidably can be because reasons such as carelessness have been forgotten the password of original own setting, in order to retrieve the loss that forgets Password and bring, the demand to super code has been proposed to the user.Utilize super code, when the user has forgotten password, enter system, can reset new password etc. then by the super code that gets access to.
Prior art proposes a kind of generation and authentication method of super code, and this method comprises: user place equipment generates super code according to the customizing messages of equipment; This super code of equipment utilization authenticates the user.But, has equipment uniqueness because user equipment information (as Equipment Serial Number) is unique definite by device fabrication.For the equipment in the placement of canyon, the assailant on the Internet is the production information of not knowing equipment, has certain fail safe.But determine that because facility information is static when producing the super code of deriving out according to this facility information must be a static super code, as long as in a single day the user obtains this password and just can forever use, has certain potential safety hazard.
In order to overcome the potential safety hazard that above-mentioned static super code brings, prior art also provides a kind of generation method of dynamic super code and has utilized this super code to carry out the method for switch safety management, wherein, the generation method of this dynamic super code is: the MAC of fetch equipment (Media Access Control, FDDI sublayer protocol) address, generate dynamic super code according to MAC Address and cryptographic algorithm, store this dynamic super code.Utilize the switch method for managing security of above-mentioned super code to be:
B1, input start password;
B2, system judge whether the startup password is correct: start password and correctly then enter step B4, start password bad and then enter step B3;
B3, input super code;
B4, enter the boot file system.
Can make the super code safety and reliability of switch by this method, in case after the configuration password loss, operation to configuration file is simpler, eliminates managerial a series of troubles of bringing after the multiple password of switch is lost effectively, has improved the safe operation of equipment, the performance of simple management.
But, the inventor is in realizing process of the present invention, find that there is following shortcoming at least in prior art: dynamically generate super code because this method is a MAC Address by equipment, the disabled user can pass through ARP (Address ResolutionProtocol, address resolution protocol) mode such as request message obtains the MAC Address of equipment, this moment is in case calculate the algorithm leakage of super code, the super code that MAC Address that just exists the disabled user to utilize to steal and algorithm computation go out device logs, therefore, also there is bigger potential safety hazard in this method.
Summary of the invention
To guarantee that in order making validated user gets access to the fail safe of super code, to reduce potential safety hazard, the embodiment of the invention provides a kind of generation, authentication method and system, equipment of super code.Described technical scheme is as follows:
On the one hand, provide a kind of generation method of super code, described method comprises:
Receive solicited message, described request information is carried the device identification of equipment;
Adopt 14 kinds of unidirectional super code computational methods of 2*7, wherein, laterally the product ID end numeral odevity decision that provides according to the user is to adopt the algorithm of first row or the algorithm of second row; Then again according to the same day system time be that what day to decide be which corresponding row algorithm, select the super code generating algorithm, by the super code generating algorithm of selecting,, generate super code according to described system time and described device identification.
On the one hand, provide a kind of authentication method of super code, described method comprises:
Subscriber equipment sends solicited message, and described request information is carried the device identification of described subscriber equipment;
Described subscriber equipment receives super code, the super code generating algorithm of described super code by selecting, generate according to system time and described device identification, described super code generating algorithm adopts 14 kinds of unidirectional super code computational methods of 2*7, wherein, the product ID end numeral odevity decision that laterally provides according to the user is to adopt the algorithm of first row or the algorithm of second row; Then again according to the same day system time be that what day to decide be which corresponding row algorithm;
After described subscriber equipment obtains described super code, obtain the device identification of self and the system time of current time, system time according to described current time is selected the super code generating algorithm, by the super code generating algorithm of selecting, according to the system time and the described device identification of described current time, generate authentication password;
Judge whether described authentication password and described super code mate, if then described super code authentication is passed through.
On the one hand, provide a kind of super code generating apparatus again, described device comprises:
Receiver module is used for the solicited message that receiving equipment sends, and described request information is carried the device identification of described equipment;
Generation module, be used for after described receiver module receives request message, adopt 14 kinds of unidirectional super code computational methods of 2*7, wherein, laterally the product ID end numeral odevity decision that provides according to the user is to adopt the algorithm of first row or the algorithm of second row; Then again according to the same day system time be that what day to decide be which corresponding row algorithm, select the super code generating algorithm, by the super code generating algorithm of selecting,, generate super code according to described system time and described device identification.
On the one hand, provide a kind of super code Verification System again, described system comprises: super code generating apparatus and authenticating device, and wherein, described super code generating apparatus comprises:
Receiver module is used to receive solicited message, and described request information is carried the device identification of described authenticating device;
Generation module, be used for after described receiver module receives request message, adopt 14 kinds of unidirectional super code computational methods of 2*7, wherein, laterally the product ID end numeral odevity decision that provides according to the user is to adopt the algorithm of first row or the algorithm of second row; Then again according to the same day system time be that what day to decide be which corresponding row algorithm, select the super code generating algorithm, by the super code generating algorithm of selecting,, generate super code according to described system time and described device identification;
Sending module is used to send the super code that described generation module generates;
Wherein, described authenticating device comprises:
Acquisition module is used to obtain the super code that described super code generating apparatus generates;
Generation module, be used to obtain the device identification of self and the system time of current time, adopt 14 kinds of unidirectional super code computational methods of 2*7, wherein, laterally the product ID end numeral odevity decision that provides according to the user is to adopt the algorithm of first row or the algorithm of second row; Then again according to the same day system time be that what day to decide be which corresponding row algorithm, select the super code generating algorithm, by the super code generating algorithm of selecting,, generate authentication password according to the system time and the described device identification of described current time;
Authentication module is used to judge whether the authentication password of described generation module generation and the super code that described acquisition module obtains mate, if then described super code authentication is passed through.
On the one hand, also provide a kind of authenticating device again, described equipment comprises:
Acquisition module is used to obtain super code;
Generation module, be used to obtain the device identification of self and the system time of current time, adopt 14 kinds of unidirectional super code computational methods of 2*7, wherein, laterally the product ID end numeral odevity decision that provides according to the user is to adopt the algorithm of first row or the algorithm of second row; Then again according to the same day system time be that what day to decide be which corresponding row algorithm, select the super code generating algorithm, by the super code generating algorithm of selecting,, generate authentication password according to the system time and the described device identification of described current time;
Authentication module is used to judge whether the authentication password of described generation module generation and the super code that described acquisition module obtains mate, if then described super code authentication is passed through.
The beneficial effect of the technical scheme that the embodiment of the invention provides is:
By with the sign of system time and equipment self as the foundation that generates super code, fully guaranteed the fail safe of the super code that validated user obtains, reduced potential safety hazard.
Description of drawings
In order to be illustrated more clearly in the embodiment of the invention or technical scheme of the prior art, to do to introduce simply to the accompanying drawing of required use in embodiment or the description of the Prior Art below, apparently, accompanying drawing in describing below only is some embodiments of the present invention, for those of ordinary skills, under the prerequisite of not paying creative work, can also obtain other accompanying drawing according to these accompanying drawings.
Fig. 1 is the generation method flow diagram of the super code that provides of the embodiment of the invention 1;
Fig. 2 is the authentication method flow chart of the super code that provides of the embodiment of the invention 1;
Fig. 3 is the super code generating apparatus schematic diagram that the embodiment of the invention 2 provides;
Fig. 4 is the super code Verification System schematic diagram that the embodiment of the invention 3 provides;
Fig. 5 is the authenticating device schematic diagram that the embodiment of the invention 4 provides.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the invention, the technical scheme in the embodiment of the invention is clearly and completely described, obviously, described embodiment only is the present invention's part embodiment, rather than whole embodiment.Based on the embodiment among the present invention, those of ordinary skills belong to the scope of protection of the invention not making the every other embodiment that is obtained under the creative work prerequisite.
When equipment managers such as fire compartment wall are forgotten entry password etc. similarly situation are taken place, by the sequence number that dispatches from the factory to the equipment that this hope login is provided with clothes equipment, with clothes equipment according to above-mentioned dispatch from the factory sequence number and the system time received (as the date on the same day of receiving etc.), after the super code algorithm computation, generate super code and transmission, the keeper uses this super code that obtains, and logins.Wherein, it is as follows to generate the method for this super code with clothes equipment:
Receive solicited message, solicited message is carried the device identification of equipment;
Select the super code generating algorithm according to system time,,, generate super code according to system time and device identification by the super code generating algorithm of selecting.
Wherein, after generating this super code, can also generate an effective time, be used for this super code is carried out the qualification of rights of using this effective time for this super code with clothes equipment.
When concrete the application, the said equipment sign is specifically as follows Equipment Serial Number etc., is used for unique identification and goes out equipment.
Wherein, after the keeper of equipment such as fire compartment wall got access to super code, facility was logined with this super code, and when login, equipment need authenticate this super code, and wherein, the method for the authentication of super code is as follows:
After equipment is received super code, obtain the device identification of self and the system time of current time, select the super code generating algorithm according to the system time of current time, by the super code generating algorithm of selecting, according to the system time and the device identification of current time, generate authentication password;
Whether authentication password and super code that judgment device self generates mate, if then the super code authentication is passed through.
Wherein, when equipment except receiving super code, when also having received the effective time of this super code, whether effective according to judging super code effective time, if then obtain the device identification of self and the system time of current time, system time according to current time is selected the super code generating algorithm, by the super code generating algorithm of selecting,, generate authentication password according to the system time and the device identification of current time; Judge whether authentication password and super code mate, if then the super code authentication is passed through.
Wherein, after equipment received super code (perhaps receiving super code and effective time), equipment self can also be set the authentication whether self allows to carry out super code, if then carry out corresponding authenticating step.
The generation method of the super code that provides at the embodiment of the invention and utilize the method for this super code authentication to be elaborated respectively below.
Embodiment 1
Referring to Fig. 1, the embodiment of the invention provides a kind of generation method of super code, and method thes contents are as follows:
101: the user obtains the equipment mark information of wishing login, as the sequence number of equipment etc.
Wherein, because for the equipment of each regular production, have one product ID at its Shi Douhui that dispatches from the factory, and this product ID is a uniquely identified, the mode of this product ID by label can be attached to equipment surface, also can be embedded in the equipment by modes such as softwares; Correspondingly, the user can be by checking the mode of label, and perhaps the mode that reads by product software gets access to the sequence number of this equipment, when the user is this equipment of Telnet, can obtain the sequence number of this equipment by corresponding other indirect mode.
102: the user wherein, comprises equipment mark information and the device authentication information that is used for the Authentication devices identity to sending solicited message with clothes equipment in the solicited message, specifically comprise sequence number, the time of purchase of equipment, buys user's name or the like.
Wherein, the content of specifically carrying in the authorization information, can be provided with according to prior concrete needs with clothes equipment, for example the information of registering when buying this equipment according to the user is set the content that authorization information is specifically carried, as userspersonal information, time buying or the like, the embodiment of the invention does not limit content-form concrete in the authorization information.
103: after receiving the solicited message that the user sends with clothes equipment,, judge whether this equipment is legal, if then execution in step 104 according to carrying device authentication information in the solicited message; Otherwise, execution in step 106.
Wherein, receive the solicited message that the user sends with clothes equipment after, judge whether legal purpose mainly is in order to confirm whether this user really has this equipment to this equipment.
104: with clothes equipment according to the sequence number in the solicited message of obtaining and the same day system time, select the super code generating algorithm, generate super code.
Wherein, the embodiment of the invention when generating super code, be with the sequence number of equipment and the same day system time as being input as example, wherein, system time specifically can carry out determining of span as required: get the date as system time, promptly be accurate to Year/Month/Day; When can be as accurate as, i.e. Year/Month/Day/time or the like; Perhaps system time can also be the running time of system's self-starting use, for example for the equipment of some low side, equipment self can't provide the function of system data, just can correspondingly the system time of mentioning in the embodiment of the invention be defined as the running time of having been experienced since system's self-starting is used this moment.Correspondingly, utilize super code to carry out in the super code verification process, equipment changes when generating the super code of self accordingly, promptly needs the running time of sequence number and equipment of the input as the super code of input calculating equipment self; No matter be to adopt system data or system operation time or the input of the time of other kind, as long as guarantee that it is dynamically to change in time that super code is obtained in generation, all in the scope that the embodiment of the invention contained.
Wherein, when selecting the super code algorithm, in advance can provide multiple super code computational algorithm selective use with clothes equipment, can be when selecting according to the temporal regularity of system time, as week rule (Monday corresponding first super code computational algorithm, Tuesday the corresponding second super code algorithm or the like), perhaps according to the date rule on the same day (as odevity etc., as No. 3 correspondence first super code computational algorithms, No. 4 correspondence second super code computational algorithms or the like) etc. mode is selected employed super code computational algorithm, thereby has guaranteed the dynamic and the confidentiality of the super code that generates.In order further how this step 104 to be generated super code be elaborated, see for details hereinafter:
By pre-installing a plurality of folk prescriptions to the cryptographic calculations algorithm, so-called folk prescription is to being exactly can not instead release the input parameter that calculates super code according to the super code (being the output of algorithm) that calculates, according to the algorithm matrix of two dimension.For example can adopt 14 kinds of unidirectional super code computational methods of 2*7, wherein, laterally the product ID end numeral odevity decision that provides according to the user is to adopt the algorithm of first row or the algorithm of second row; Then again according to the same day system time be that what day to decide be which corresponding row algorithm; The algorithm of determining according to both is imported current system time and product ID total data at last, produces a string character visible string (wherein, this character string similarly is a random string In the view of the user), promptly is required super code.Certainly, the selection of super code algorithm can be simpler.For example, can be what day to decide algorithm only according to current date.
Wherein, in this step 104, use the fail safe of this super code in order further to guarantee the user, can also set effective time for the super code that generates, promptly subscriber equipment can only have the rights of using of this super code in the effective time of setting.Present embodiment is when generating super code, and be that example describes the effective time that generates this super code.
105: with the super code and the effective time that generate, send to the user with clothes equipment.
106: return error message with clothes equipment to the user, refusal provides service.Since with the clothes device authentication subscriber equipment be the disabled user, so refuse to provide the generation service of super code for it.
In sum, when the user gets access to the super code that returns with clothes equipment, just can utilize this super code logging device, when login, equipment can authenticate super code, correspondingly, referring to Fig. 2, the embodiment of the invention also provides a kind of authentication method of super code, and wherein, this authentication method is as follows:
201: equipment obtains the super code of user's input.
202: equipment judges self whether to allow to carry out the super code authentication, if then execution in step 203; Otherwise, execution in step 207.
Wherein, equipment is for security consideration, can set the super code authentication that self allows to carry out limited number of time, for example, the equipment of being set at is only to have allowed to carry out a super code authentication since the self-starting, correspondingly, when this equipment authenticates for carrying out for the first time super code at this moment, then can continue execution in step 203; Otherwise, execution in step 207.
203. equipment is judged the super code receive whether in effective time, if then execution in step 204, otherwise, execution in step 207.
204: equipment obtains sequence number and the system time of this moment of self, selects the super code algorithm, generates the super code of self, this self the super code authentication password of saying so accurately, and its effect is to be used for verifying the super code that the user imports.
Wherein, the super code algorithm that use the inside of equipment self and be consistent with the super code algorithm that clothes equipment provides gets final product, and does not need concrete algorithm is limited.
205: equipment judges whether the authentication password that this super code and equipment self generate mates, if then execution in step 206 according to the super code that obtains; Otherwise, execution in step 207.
Wherein, when judging whether authentication password and super code mate, whether the character string that can be by judging authentication password and the character string of super code fit like a glove and determine whether coupling.
206: equipment is accepted user's login, the user is carried out the mandate of rights of using.
Wherein, when the user is carried out the mandate of rights of using, can authorize user power user's authority, as check, create and delete the authority etc. of keeper's account, the concrete authority of setting is specified according to the equipment needs.
Wherein, being set at of equipment self only allowed to carry out a super code authentication since the self-starting, then when proceeding to this step, need equipment self also can be set not allow to reuse super code when the user be carried out the mandate of rights of using.
207: the login of equipment refusing user's.
Wherein, also can generate the checking user name when in step 204, generating authentication password, correspondingly, in step 201, when obtaining super code, also obtain the username information of user input, when the user name of super code and authentication password coupling and user's input and checking user that equipment self generates are mated, equipment is accepted user's login, the user is carried out the mandate of rights of using.
The generation method of the super code that the invention described above embodiment provides is unified into into super code by equipment mark information is correlated with temporal information, and by this super code being generated the mode of effective time, has guaranteed the fail safe of super code.Simultaneously, the authentication method of the super code that the embodiment of the invention provides is by the super code that obtains, when carrying out device logs, the authentication password of using equipment self to generate authenticates this super code, has reduced potential safety hazard, has improved the satisfaction of user to the equipment supplier.
Embodiment 2
Referring to Fig. 3, the embodiment of the invention provides a kind of super code generating apparatus, and device comprises:
Receiver module 301 is used for the solicited message that receiving equipment sends, and solicited message is carried the device identification of equipment;
Generation module 302 is used for after receiver module 301 receives request message, selects the super code generating algorithm according to system time, by the super code generating algorithm of selecting, according to system time and device identification, generates super code.
Wherein, further, generation module 302 also is used to generate the effective time of super code, is used for this super code is carried out the qualification of rights of using effective time, and when super code used in effective time, then super code is effectively to use.
Further, above-mentioned solicited message also comprises: device authentication information; Correspondingly, device comprises that also authentication module is used for the authorization information according to equipment, and whether Authentication devices is legal.
The super code generating apparatus that the embodiment of the invention provides, equipment identification information and system time are carried out related generation super code, reduced potential safety hazard, and the super code that generates rights of using have been set, once effective etc. as this super code, fully guarantee the fail safe of the super code that validated user obtains, reduced potential safety hazard.
Embodiment 3
Referring to Fig. 4, the embodiment of the invention provides a kind of super code Verification System, and system comprises: super code generating apparatus 401 and authenticating device 402, and wherein, super code generating apparatus 401 comprises:
Sending module 4013 is used to send the super code that generation module 4012 generates;
Wherein, authenticating device 402 comprises:
Wherein, further, the generation module 4012 of super code generating apparatus 401 also is used to generate the effective time of super code; Be used for this super code is carried out the qualification of rights of using effective time, be used for effective time using in effective time when super code, then super code is effectively to use.
The sending module 4013 of super code generating apparatus 401 also is used to send the effective time of super code;
Correspondingly,
The acquisition module 4021 of authenticating device 402 also is used to obtain the effective time of super code;
Effective judge module, be used for according to acquisition module obtain effective time, judge that super code that acquisition module 4021 obtains is whether in effective time, if then super code is effective.
Further, authenticating device 402 also comprises:
Judge module is used for whether allowing to carry out the authentication of super code according to the configuration determination of equipment self after acquisition module 4021 obtains super code.
The super code Verification System that the embodiment of the invention provides, equipment identification information and system time are carried out related generation super code, reduced potential safety hazard, and the super code that generates set rights of using, once effective etc. as this super code, and based on the super code that generates, carry out login authentication, fully guaranteed the fail safe of the super code that validated user obtains, reduced potential safety hazard, improved the satisfaction of user the equipment supplier.
Embodiment 4
Referring to Fig. 5, the embodiment of the invention provides a kind of authenticating device, and equipment comprises:
Further, acquisition module 502 also is used to obtain the effective time of super code;
Correspondingly, authenticating device also comprises:
Effective judge module is used for according to judging that super code is whether in effective time, if then super code is effective effective time.
Further, authenticating device also comprises judge module, is used for whether allowing to carry out the authentication of super code according to the configuration determination of equipment self after acquisition module 501 receives super code.
The authenticating device that the embodiment of the invention provides, equipment identification information and system time are carried out related generation authentication password, utilize authentication password, the super code that obtains is authenticated, reduced potential safety hazard, fully guaranteed the fail safe of super code, reduced potential safety hazard, improved the satisfaction of user the equipment supplier.
One of ordinary skill in the art will appreciate that all or part of flow process that realizes in the foregoing description method, be to instruct relevant hardware to finish by computer program, described program can be stored in the computer read/write memory medium, this program can comprise the flow process as the embodiment of above-mentioned each side method when carrying out.Wherein, described storage medium can be magnetic disc, CD, read-only storage memory body (Read-Only Memory, ROM) or at random store memory body (Random Access Memory, RAM) etc.
The above only is specific embodiments of the invention;, for those skilled in the art, not all under the prerequisite that does not break away from the principle of the invention in order to restriction the present invention; any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (15)
1. the generation method of a super code is characterized in that, described method comprises:
Receive solicited message, described request information is carried the device identification of equipment;
Adopt 14 kinds of unidirectional super code computational methods of 2*7, wherein, laterally the product ID end numeral odevity decision that provides according to the user is to adopt the algorithm of first row or the algorithm of second row; Then again according to the same day system time be that what day to decide be which corresponding row algorithm, select the super code generating algorithm, by the super code generating algorithm of selecting,, generate super code according to described system time and described device identification.
2. the generation method of super code as claimed in claim 1, it is characterized in that, described method also comprises: the effective time that generates described super code, be used for this super code is carried out the qualification of rights of using described effective time, when described super code used in described effective time, then described super code is effectively to use.
3. the generation method of super code as claimed in claim 1 is characterized in that, described device identification is specially Equipment Serial Number.
4. the authentication method of a super code is characterized in that, described method comprises:
Subscriber equipment sends solicited message, and described request information is carried the device identification of described subscriber equipment;
Described subscriber equipment receives super code, the super code generating algorithm of described super code by selecting, generate according to system time and described device identification, described super code generating algorithm adopts 14 kinds of unidirectional super code computational methods of 2*7, wherein, the product ID end numeral odevity decision that laterally provides according to the user is to adopt the algorithm of first row or the algorithm of second row; Then again according to the same day system time be that what day to decide be which corresponding row algorithm,
After described subscriber equipment obtains described super code, obtain the device identification of self and the system time of current time, system time according to described current time is selected the super code generating algorithm, by the super code generating algorithm of selecting, according to the system time and the described device identification of described current time, generate authentication password;
Judge whether described authentication password and described super code mate, if then described super code authentication is passed through.
5. the authentication method of super code as claimed in claim 4 is characterized in that, described method also comprises:
Receive the effective time of described super code, be used for this super code is carried out the qualification of rights of using described effective time, when described super code used in described effective time, then described super code is effectively to use;
Correspondingly, also comprise before the step of the system time of described device identification of obtaining self and current time:
Described subscriber equipment obtains described effective time, according to described super code and effective time, judges that described super code whether in described effective time, if then described super code is effective, carries out subsequent step.
6. the authentication method of super code as claimed in claim 4 is characterized in that, described device identification is specially Equipment Serial Number.
7. a super code generating apparatus is characterized in that, described device comprises:
Receiver module is used for the solicited message that receiving equipment sends, and described request information is carried the device identification of described equipment;
Generation module, be used for after described receiver module receives request message, adopt 14 kinds of unidirectional super code computational methods of 2*7, wherein, laterally the product ID end numeral odevity decision that provides according to the user is to adopt the algorithm of first row or the algorithm of second row; Then again according to the same day system time be that what day to decide be which corresponding row algorithm, select the super code generating algorithm, by the super code generating algorithm of selecting,, generate super code according to described system time and described device identification.
8. super code generating apparatus as claimed in claim 7 is characterized in that, described request information also comprises: device authentication information;
Correspondingly, described device also comprises authentication module, is used for the authorization information according to described equipment, verifies whether described equipment is legal.
9. super code generating apparatus as claimed in claim 7, it is characterized in that, described generation module also is used to generate the effective time of described super code, be used for this super code is carried out the qualification of rights of using described effective time, when described super code used in described effective time, then described super code is effectively to use.
10. a super code Verification System is characterized in that, described system comprises: super code generating apparatus and authenticating device, and wherein, described super code generating apparatus comprises:
Receiver module is used to receive solicited message, and described request information is carried the device identification of described authenticating device;
Generation module, be used for after described receiver module receives request message, adopt 14 kinds of unidirectional super code computational methods of 2*7, wherein, laterally the product ID end numeral odevity decision that provides according to the user is to adopt the algorithm of first row or the algorithm of second row; Then again according to the same day system time be that what day to decide be which corresponding row algorithm, select the super code generating algorithm, by the super code generating algorithm of selecting,, generate super code according to described system time and described device identification;
Sending module is used to send the super code that described generation module generates;
Wherein, described authenticating device comprises:
Acquisition module is used to obtain the super code that described super code generating apparatus generates;
Generation module, be used to obtain the device identification of self and the system time of current time, system time according to described current time is selected the super code generating algorithm, by the super code generating algorithm of selecting, according to the system time and the described device identification of described current time, generate authentication password;
Authentication module is used to judge whether the authentication password of described generation module generation and the super code that described acquisition module obtains mate, if then described super code authentication is passed through.
11. super code Verification System as claimed in claim 10 is characterized in that the generation module of described super code generating apparatus also is used to generate the effective time of described super code; Be used for this super code is carried out the qualification of rights of using described effective time, when described super code used in described effective time, then described super code is effectively to use.
The sending module of described super code generating apparatus also is used to send the effective time of described super code;
Correspondingly,
The acquisition module of described authenticating device also is used to obtain the effective time of described super code;
Described authenticating device also comprises:
Effective judge module, be used for according to described acquisition module obtain effective time, judge that super code that described acquisition module obtains is whether in described effective time, if then described super code is effective.
12. super code Verification System as claimed in claim 10 is characterized in that, described authenticating device also comprises:
Judge module is used for whether allowing to carry out the authentication of super code according to the configuration determination of equipment self after described acquisition module gets access to super code.
13. an authenticating device is characterized in that, described equipment comprises:
Acquisition module is used to obtain super code;
Generation module, be used to obtain the device identification of self and the system time of current time, adopt 14 kinds of unidirectional super code computational methods of 2*7, wherein, laterally the product ID end numeral odevity decision that provides according to the user is to adopt the algorithm of first row or the algorithm of second row; Then again according to the same day system time be that what day to decide be which corresponding row algorithm, select the super code generating algorithm, by the super code generating algorithm of selecting,, generate authentication password according to the system time and the described device identification of described current time;
Authentication module is used to judge whether the authentication password of described generation module generation and the super code that described acquisition module obtains mate, if then described super code authentication is passed through.
14. authenticating device as claimed in claim 13 is characterized in that, described acquisition module also is used to obtain the effective time of described super code;
Correspondingly, described authenticating device also comprises:
Effective judge module is used for according to judging that described super code is whether in described effective time, if then described super code is effective described effective time.
15. authenticating device as claimed in claim 13 is characterized in that, described authenticating device also comprises:
Judge module is used for whether allowing to carry out the authentication of super code according to the configuration determination of equipment self after described acquisition module gets access to super code.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008101152044A CN101291228B (en) | 2008-06-18 | 2008-06-18 | Generating, authenticating method for super code, system and device thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008101152044A CN101291228B (en) | 2008-06-18 | 2008-06-18 | Generating, authenticating method for super code, system and device thereof |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101291228A CN101291228A (en) | 2008-10-22 |
| CN101291228B true CN101291228B (en) | 2011-05-18 |
Family
ID=40035327
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2008101152044A Expired - Fee Related CN101291228B (en) | 2008-06-18 | 2008-06-18 | Generating, authenticating method for super code, system and device thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101291228B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104105096A (en) * | 2014-07-28 | 2014-10-15 | 浙江宇视科技有限公司 | Wireless access method of internet protocol camera (IPC) devices |
Families Citing this family (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101969377B (en) * | 2010-10-09 | 2012-09-05 | 成都市华为赛门铁克科技有限公司 | Zero-knowledge identity authentication method and system |
| CN102195983B (en) * | 2011-05-12 | 2015-08-19 | 深圳Tcl新技术有限公司 | network terminal encryption authentication method and server |
| CN102629900B (en) * | 2012-03-06 | 2016-03-30 | 北京东土科技股份有限公司 | A kind of super password generation system and application process |
| KR101416538B1 (en) * | 2012-08-01 | 2014-07-09 | 주식회사 로웸 | System for processing lost password using user's long term memory and method thereof |
| CN104426657B (en) * | 2013-08-23 | 2017-12-26 | 阿里巴巴集团控股有限公司 | A kind of service authentication method, system and server |
| CN104426662B (en) * | 2013-09-05 | 2018-11-06 | 珠海格力电器股份有限公司 | The processing method and processing device of physical equipment login password |
| CN105407085B (en) * | 2015-10-26 | 2018-04-06 | 武汉帕菲利尔信息科技有限公司 | The method and device of user name password is generated according to patient user's information |
| CN107135229A (en) * | 2017-06-02 | 2017-09-05 | 云丁网络技术(北京)有限公司 | Intelligent home information safe verification method, device, equipment and system |
| CN107528829B (en) * | 2017-07-31 | 2021-07-27 | 湖南国科微电子股份有限公司 | BMC chip, server side and remote monitoring management method thereof |
| CN108777615B (en) * | 2018-09-17 | 2021-07-16 | 上海并擎软件科技有限公司 | Dynamic password authentication method and device |
| CN109587180B (en) * | 2019-01-28 | 2021-11-09 | 杭州涂鸦信息技术有限公司 | Method for establishing connection, client and server |
| CN111163432B (en) * | 2019-08-07 | 2022-07-26 | 上海钧正网络科技有限公司 | Battery anti-theft method, management equipment, battery and server |
| CN111163044B (en) * | 2019-08-07 | 2020-08-21 | 上海钧正网络科技有限公司 | Battery management method, equipment, server and system |
| CN111444498B (en) * | 2020-03-27 | 2023-08-25 | 北京骑胜科技有限公司 | Unlocking method and shared service system |
| CN112134885A (en) * | 2020-09-23 | 2020-12-25 | 国网江苏省电力有限公司泰州供电分公司 | Method and system for encrypting access of internet terminal |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1635731A (en) * | 2003-12-27 | 2005-07-06 | 海信集团有限公司 | Reconfigurable password coprocessor circuit |
| CN1694555A (en) * | 2005-05-24 | 2005-11-09 | 北京易诚世纪科技有限公司 | Dynamic cipher system and method based on mobile communication terminal |
| CN1703002A (en) * | 2005-07-05 | 2005-11-30 | 江苏乐希科技有限公司 | Portable one-time dynamic password generator and security authentication system using the same |
| CN1773991A (en) * | 2005-11-17 | 2006-05-17 | 上海汉邦京泰数码技术有限公司 | Information safety management multilevel distributing transmission controlling method |
-
2008
- 2008-06-18 CN CN2008101152044A patent/CN101291228B/en not_active Expired - Fee Related
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1635731A (en) * | 2003-12-27 | 2005-07-06 | 海信集团有限公司 | Reconfigurable password coprocessor circuit |
| CN1694555A (en) * | 2005-05-24 | 2005-11-09 | 北京易诚世纪科技有限公司 | Dynamic cipher system and method based on mobile communication terminal |
| CN1703002A (en) * | 2005-07-05 | 2005-11-30 | 江苏乐希科技有限公司 | Portable one-time dynamic password generator and security authentication system using the same |
| CN1773991A (en) * | 2005-11-17 | 2006-05-17 | 上海汉邦京泰数码技术有限公司 | Information safety management multilevel distributing transmission controlling method |
Non-Patent Citations (2)
| Title |
|---|
| 沈桂兰等.一次改进的动态口令认证实现方案.福建电脑 11.2005,(11),145-146. |
| 沈桂兰等.一次改进的动态口令认证实现方案.福建电脑 11.2005,(11),145-146. * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104105096A (en) * | 2014-07-28 | 2014-10-15 | 浙江宇视科技有限公司 | Wireless access method of internet protocol camera (IPC) devices |
| CN104105096B (en) * | 2014-07-28 | 2018-01-16 | 浙江宇视科技有限公司 | A kind of radio switch-in method of IPC equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101291228A (en) | 2008-10-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101291228B (en) | Generating, authenticating method for super code, system and device thereof | |
| US11743054B2 (en) | Method and system for creating and checking the validity of device certificates | |
| US8683562B2 (en) | Secure authentication using one-time passwords | |
| CN101401387B (en) | Access control protocol for embedded devices | |
| CN101018127B (en) | Remote access system, gateway, client device, program, and storage medium | |
| JP6275653B2 (en) | Data protection method and system | |
| KR100936920B1 (en) | Method, Client and System for Reservation Connection to Management Server using One-Time Password | |
| US20090158033A1 (en) | Method and apparatus for performing secure communication using one time password | |
| AU2004251364B2 (en) | Access control | |
| CN109756446B (en) | Access method and system for vehicle-mounted equipment | |
| CN101816140A (en) | Token-based management system for PKI personalization process | |
| EP2894891B1 (en) | Mobile token | |
| WO2004079988A1 (en) | Secure object for convenient identification | |
| CN101507233A (en) | Method and apparatus for providing trusted single sign-on access to applications and internet-based services | |
| EP2548353A2 (en) | System and method of enforcing a computer policy | |
| CA2884005A1 (en) | Method and system for verifying an access request | |
| CN112187931A (en) | Session management method, device, computer equipment and storage medium | |
| US9954853B2 (en) | Network security | |
| CN107133512B (en) | POS terminal control method and device | |
| CN111159656A (en) | Method, device, equipment and storage medium for preventing software from being used without authorization | |
| CN101577697A (en) | Authentication method and authentication system for enforced bidirectional dynamic password | |
| CN100476841C (en) | Method and system for centrally managing code to hard disk of enterprise | |
| JP2009003501A (en) | Onetime password authentication system | |
| CN106529216B (en) | Software authorization system and software authorization method based on public storage platform | |
| CN106027477B (en) | A kind of identity card reading response method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| ASS | Succession or assignment of patent right |
Owner name: CHENGDU CITY HUAWEI SAIMENTEKE SCIENCE CO., LTD. Free format text: FORMER OWNER: HUAWEI TECHNOLOGY CO., LTD. Effective date: 20090424 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20090424 Address after: Qingshui River District, Chengdu high tech Zone, Sichuan Province, China: 611731 Applicant after: CHENGDU HUAWEI SYMANTEC TECHNOLOGIES Co.,Ltd. Address before: Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen Province, China: 518129 Applicant before: HUAWEI TECHNOLOGIES Co.,Ltd. |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| ASS | Succession or assignment of patent right |
Owner name: HUAWEI DIGITAL TECHNOLOGY (SUZHOU) CO., LTD. Free format text: FORMER OWNER: HUAWEI DIGITAL TECHNOLOGY (CHENGDU) CO., LTD. Effective date: 20131230 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| C56 | Change in the name or address of the patentee |
Owner name: HUAWEI DIGITAL TECHNOLOGY (CHENGDU) CO., LTD. Free format text: FORMER NAME: CHENGDU HUAWEI SYMANTEC TECHNOLOGIES CO., LTD. |
|
| COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 611731 CHENGDU, SICHUAN PROVINCE TO: 215123 SUZHOU, JIANGSU PROVINCE |
|
| CP01 | Change in the name or title of a patent holder |
Address after: 611731 Chengdu high tech Zone, Sichuan, West Park, Qingshui River Patentee after: HUAWEI DIGITAL TECHNOLOGIES (CHENG DU) Co.,Ltd. Address before: 611731 Chengdu high tech Zone, Sichuan, West Park, Qingshui River Patentee before: CHENGDU HUAWEI SYMANTEC TECHNOLOGIES Co.,Ltd. |
|
| TR01 | Transfer of patent right |
Effective date of registration: 20131230 Address after: Xinghu street Suzhou Industrial Park in Jiangsu province 215123 No. 328 Creative Industrial Park building A3 Patentee after: Huawei digital technology (Suzhou) Co.,Ltd. Address before: 611731 Chengdu high tech Zone, Sichuan, West Park, Qingshui River Patentee before: HUAWEI DIGITAL TECHNOLOGIES (CHENG DU) Co.,Ltd. |
|
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20110518 Termination date: 20180618 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |