CN101414905A

CN101414905A - Various selectivity cipher safety authentication system and method

Info

Publication number: CN101414905A
Application number: CNA2007101650257A
Authority: CN
Inventors: 谢丹
Original assignee: Individual
Current assignee: Individual
Priority date: 2007-10-17
Filing date: 2007-10-17
Publication date: 2009-04-22

Abstract

The invention relates to a security authentication system, in particular to a security authentication system which can carry out stage treatment to the login password of a user and endows each stage password with specific functional meaning; simultaneously, the invention also relates to a set and a using method of the security authentication system. As the invention needs the user to carry out or guide the operation on site, more opportunities and time are provided for the users of the invention to get rid of the control or alarm when in a non-voluntary moment. A service end provides a personalized response code and a check code for each user; the users can firstly judge and then input the response code and the check code before inputting the passwords, thereby avoiding a fake service end.

Description

Multiple choices cipher safety authentication system and method thereof

Technical field

The present invention relates to a kind of security certification system, particularly a kind of password that lands with the user carries out the classification processing, and gives the security certification system of the specific functional meaning of passwords at different levels; Simultaneously, the setting and the using method that also relate to this security certification system.Belong to field of information security technology.

The present invention relates to the secured inputting method of digitlization input, particularly a kind of strick precaution internal staff, exploit one's office to steal other people identification apparatus, malice means such as wooden horse are installed, or in side stealing, eavesdrop, stealing the method for important input information, and a kind of have remind him to have the people to attempt to steal the method for important input information.Because the important information most cases that will import is expressed with pin mode, therefore, be called password in the present invention's narration, still, the password of its essence under the ordinary meaning also can be the information of mentioning in the 5th purpose of the present invention that will transmit.

Though it is the present invention mainly invents at internal staff's steal information, effective too to pure external staff or collusion from both within and without crime.The input and other identity informations that relates to digitlization input electronic equipment that are mainly used in authentication information on gate inhibition, all-purpose card, ATM, the computer network are imported.

Technical background

In existing electronic equipment, management as router comprises an input operation part (the normally external computer of router) and a controller (in router interior), interconnect by a cable or wireless mode, and equipment such as the service terminal of bank and various automatic charging cards, normally by a cable or similar fashion interconnection.Emphasis of the present invention solves steals peeping and palming off in the mode.

For peeping, present prevention method has following several:

1. use swipe, coordinate figure is changed to the input content.With the people of this method for the convenient face coat of often all hanging, like this steal person take pictures or duplicate after steal password again and just can enter with mastership at any time.

2. produce random number as the input content with the token device.

3. print disposable password inventory and look into usefulness.

4. use smart card.

5. mobile memory such as U shield storage one-time password.

6. the soft keyboard input of randomly changing operating position is set.

Though 1.-5. all very light quantity is many also to be to make people's pain in the neck.The firstth, easily lose, the secondth, leave behind.Therefore, the owning amount of these safety devices is difficult for excessive.6. convenience and habituation that individual method had both hindered the operator, the attack of the film recording software that also unable antagonism video camera video playback and computer are built-in.

For personation, existing prevention method is:

1. distinguish correct network address by the user.

2. the homepage of security website has reliable website links

3. when verifying that number of the account and password are correct, user's reserved information can be responded in the website.

Because the deception of fishing website is to liking unfamiliar people of system and relatively more careless people, therefore, preceding two ways are not enough so that these people resist the deception of fishing website.3. to plant way be just to know fooledly after having inputed number of the account and password, and password is cheated.We usually see that also the holder in bank imports 111111,888888 or go out the adult of day date as password, even see password and write on report on the card.Why can be such? on the one hand we can be described as ard issuers to holder's training seldom, are on the other hand can think the computerite to the concern of machine, be far more than the concern to the people that uses machine.The someone that justs think requires you password not to be recorded on the paper, the meaningless string that will form by the letter more than 8, numeral and other symbols, to change once weekly, and this bank card you may several days or some months just use once, do you think that difficulty is big? so, the computerite should for the user find the user easily note other people seen hard to understandly again, the duplicator also should be them simultaneously basic training is provided according to the invalid again input mode of password input of duplicating.

In addition, now the user to forget Password be by the system security management personnel new password of resetting.Though this can stay audit trail in the time of can making the Security Officer enter system with user's identity, his devious conduct of still having an opportunity to be engaged in.Sometimes the user need authorize the internal staff to make something and just tell him password usually, but does at that time risk and the later risk that he degenerates like this.Because the internal staff coexists for a long time, each other password content and use habit regular meeting are known, but usually variation can be that the he or she also is difficult to remember that these all are that password uses people over more than 40 year to fail the problem of fine solution.

Comprehensive above-mentioned improving one's methods is the difficulty that strengthens onlooker's memory or crack and crack by the complexity that increases password mostly.But this authentication mode has also increased user's memory difficulty or has brought the problem of easily losing password when increase cracks difficulty, steals taker simultaneously and is easier to directly obtain authentication information by stealing passwords recording equipment itself.In addition, because mostly existing safety certification mode is to adopt above-mentioned account and the unique corresponding authentication mode of password, make the user when filling in password, often need other people to avoid.Yet, be to be difficult to satisfy the environmental requirement of filling in like this in a lot of occasions, this has brought inconvenience in many uses to people.If a kind of password form can be arranged, under the situation of other people direct viewing, still can't obtain the authentication information of being correlated with accurately, will improve this problem effectively so.Also have, the only corresponding a kind of password of account number in the existing secure authentication technology, pairing function privilege is directly corresponding with account number after the authentication, and password just plays the effect that user's identity is confirmed.But in some cases, the user may wish account number borrowed and gives other people and only to its open portion authority, this situation is difficult the realization in existing authentication techniques.Moreover usually decryption often needs the account is carried out repeatedly the trial of landing.This operation originally can be used as a kind of early warning information and offers the user, makes the user can discover the danger that account number may be attacked in advance.But this early warning mechanism is difficult the realization in existing secure authentication technology.

In view of the problems that exist in the above-mentioned present secure authentication technology, the present invention proposes a kind of novel security certification system, can effectively address the above problem.

Summary of the invention

First purpose of the present invention is: prevent the system manager behind replacement user password, enter system with the user of service's of system identity.The method that this purpose realizes is as follows: password is divided into two or more parts, and/or (once more) be divided into content and form two parts, divide the work managing of different piece by two or more safety officers.Any one security official just cannot revise separately and enter like this.For example, the concrete password of implementing can be made up of four parts, system assignment part, real-time generating portion, memory conversion portion, check part.By security official's management system distribution portion, another security official manages its excess-three part.Because back three part persons of being to use of this password participate and draw, so how many workloads of actual modification can't the workload when having only a security official have increase.

Second purpose of the present invention is: prevent that the internal staff from stealing important input information in the mode outside the replacement password.Because identity recognition device ratio in kind is easier to be stolen by the internal staff, so emphasis of the present invention is to adopt the method for non-material object to increase the decoding difficulty of password.Increased the system assignment part different as compare this invention with universal code with user's thinking habit, the real-time generating portion that changes with on-the-spot change in time and space, with the relevant memory transform portion of memory content, transmission information is proved effective check part between machine.When each working stage began, the use and management password entered system, produced the security password that uses in the relatively poor place of security context in this working stage.The password that just need input by the side of at inspected object of bank's internal control personnel's Authorized operation for example.Therefore, need guarantee the fail safe of internal control personnel operation with security password.By the division of password kind, reduced the access times of important password, reduced the significance level of stolen input information.

No matter be administrator password or security password, password is by the form branch, can carry out the one or many conversion with yxsj1 and/or yxsj2 by system assignment part, the one or more arrangements in generating portion, memory conversion portion, four parts of check part in real time or rank results and form that (notes: yxsj1 is different effective random number of system prompt with yxsj2, for knowing, the person that prevents the steal yxsj1 and the yxsj2 of use they to be submerged in the redundant random number usually.Sometimes can set effective random number more than 2 for stronger cipher intensity.Conversion need be used effective random number, deviation chart and algorithm, and embodiment is seen example one and example two), the password of so each input is all inequality.

Being described in detail as follows of four parts that password is formed:

1. system assignment part: be by the automated randomized rule definition according to oneself of system (user only with participate in selecting with or need not, can not intervene how to produce), so the user only needs remember between the lifetime at password.The thinking set that the method that machine distributes has automatically broken through the user makes the internal staff be difficult for guessing, and can certainly make conversion to The above results.

2. real-time generating portion: determine at the user scene, the for example current date, time, the part of the local message on certain agreement webpage, temperature, stock share price, price of gold, foreign exchange rate etc., it also can be the part of this screen or the field contents that occurred in the past, particularly the partial content of high spot reviews field can strengthen examining effect, can certainly make up and the result is made conversion foregoing.

3. remember conversion portion: the character string of memory (can be original password), or its conversion form.

4. check part: the part of first three part or full content are handled the result that obtains (when the residue figure place is not enough, can select to get remain character carry out computing or mode such as cast out) with selected algorithm.Because it almost is at every turn all in variation that variation of first three part can cause check part, what the user can Differentiated Services person like this is true and false, and the server also can distinguish the true and false of user.Its content comprises that a. algorithm b. checking data c. result's position puts.

For preventing that the internal staff from having a mind to monitor, study user's password input for a long time, the user also can be divided into administrator password (more easily memory) and security password (being difficult for memory) by usage frequency with password, and the password that top four parts are formed is done further conversion.Administrator password uses once when each working stage begins, and is mainly used to generate the security password that only uses at this working stage, can do further restriction to its service time, place and input method, can reduce the chance that exposes administrator password like this.Administrator password should use in stationary machines, set time section.The environment for use may command, access times reduce, and shorten service time, all can make administrator password safer.Security password is only effective at working stage, and is complicated, is difficult for memory.The use of security password can be open, is difficult for remembering, and this password just cancelled after each working stage used, and was equivalent to a disposal password on the stage.

The 3rd purpose of the present invention is: having the people to attempt to steal or carrying out just being realized when a part is stolen work, and using evidence and clue to find out the internal staff who does this thing, rather than now like this, tracing after causing consequence again.After each use password of the present invention entered system, system can tell that all the user entered the information of system in the past, as place, time, main operation information, checked to make things convenient for the user whether operation in the past is the operation of oneself.The foundation that the present invention is also complete the password work system, what make password uses and manages science more comprehensively.

The present invention has also created inquiry code, use this password to enter system at every turn after, system all can tell the user to enter system in the past and revise the information of password such as place, time, this password by who safety manager are responsible for etc.

In addition, because a guidance code correspondence a plurality of associated cryptographics, if guidance code is correct, and the explanation of input password bad has the people attacking this number of the account, and the user can judge whether it has stolen the correct password of part according to the password of invador's input.

The 4th purpose of the present invention is: solve authorized person's supervision and limit its scope of application, and forget problem when solving a great selection of password.Concrete grammar is to adopt guidance code and implicit prompting.Adopt the guidance code difference owner oneself to use and license, distinguish the use of normally using and report to the police, system gives the user different rights of using.Because guidance code is initiatively input, the password that both can be used as number of the account A is treated, and the number of the account that can be used as following password is again treated, introduce guidance code made password many protective layer.The response of system can be extracted safely by number of the account A and guidance code system, and user's legal identity can be guaranteed by guidance code and cryptographic system at number of the account A.System can also by it finish discriminating whether the someone stolen part valid password in user's the password set, method is that each cipher code set can be specified with guidance code, and system's password of this input below wherein choosing a conduct randomly, and implicit prompting is come out, as showing which bar this uses responding the window assigned address, or its abbreviation; If password does not pass through, and guidance code is correct, illustrates that guidance code divulges a secret; Notify the owner password and the guidance code of user's use at that time, this may be exactly the omen of having divulged a secret.The content of implicit prompting can also be position, quantity, the content of effective random number in addition, service end reserved information, check information, the information of other information that password encryption needs and service end notice.Because the present invention needs the user to operate at the scene or guiding operation at the scene, this is just for using user of the present invention to break away from Be Controlled unwilled the time or warning provides more opportunity and time.

The 5th purpose of the present invention is: it is involuntary allowing the following thing of being done of operator's reporting system oneself, require system to carry out by predetermined scheme, rather than operation is routinely carried out.Operate for like this operator so that press the wish of oneself with time and chance.The enforcement of this scheme will make them dare not go to implement crime to the people who attempts a crime with deterrence.The implementation method of this purpose is as follows:

(1) definition step:

1. define own alarm cipher and need content with other.

Issue specific people's customizing messages when 2. reporting to the police appears in definition.

(2) operating procedure

1. judge that the password of receiving is the alarm password.

2. the relevant personnel that set of reporting system.

3. the customizing messages of reserving is issued specific crowd.

4. the prefabricated whole work of executive system.

(3) modify steps

1. the approval of the safety manager more than or.

2. will be after the approval through just making amendment or/and check current definition behind one section safety time.

3. safety time is provided with the regulation shortest time, as 24 hours, defaults to 48 hours.

Because the present invention needs the user to operate at the scene or guiding operation at the scene, this is just of the present invention for using

The user breaks away from Be Controlled unwilled the time or warning provides more opportunity and time.

The 6th purpose of the present invention is: reduce operator's operand and memory capacitance, reduce and use difficulty, but adhere to just can using system by training.Method is also to have designed deviation chart, operator and inverse operator for conversion and verification except adopting implicit prompting and guidance code, the people of primary school's culture also can be on top of through training, service routine training user, pass through training and just can upload definition of data, thus can using system work.

The 7th purpose of the present invention is: promote user's ability, make it can resist possible injury.Method is to use software that it is trained, by just uploading the result after the check, normal using system.

The 8th purpose of the present invention is: prevent to palm off service end, method is a service end for each user provides personalized response code and check code, and the user inputs and can differentiate afterwards earlier before the own password and import.

The 9th purpose of the present invention is: find a convenient changeable method for generating cipher code of remembering but being not easy to be decrypted.This method Can be divided into and flow process is set and carry out 2 flow processs of identifying procedure.

Flow process is setAs follows:

1, the user sends application for registration to certificate server;

2, server response user applies requires the user to fill in the registration account number;

3, the user sends the registration account number to server;

4, server confirms whether the registration account number is available, as the unavailable step 3 of then returning, requires the user to rewrite; As available then to user's level password log-on message;

5, the user fills in the level password that will register according to the level password log-on message, and selects the open authority of this level password;

6, after server receives the level password log-on message, send secondary identification number register information to the user;

7, the user selects the form of secondary password prompt information, and edits required secondary cryptographic transformation rule according to secondary identification number register information;

8, after server is received secondary identification number register information, send corresponding prompt information, require the user to try to fill out the secondary password to the user;

9, the user fills in the secondary password according to the transformation rule of information and defined;

10, server confirms that whether the user fills out the secondary password effective, as the invalid step 7 of then returning, sends the information requirements of secondary identification number register to the user and re-register; As effectively then pointing out the user whether to want renewal of registration next stage password;

11, the user selects renewal of registration level password, then returns the new level password of step 5 registration; If do not need to register again level password, then finish registration.

Repeatedly input pattern judge to be carried out identifying procedure, is about to level password and secondary password and is divided into a plurality of parts and successively carries out input authentication.Concrete steps are as follows:

1, the user sends authentication request to server;

2, server response user asks, and sends login prompt to the user;

3, the user sends to server with account number and level password information;

4, server authenticates account number and level password information, correctly then returns this level password corresponding prompt information as information; Then in the early warning record, write down logon information as information is incorrect, and return and land failure information;

Owing to adopted and filled in the pattern of filling out the secondary password behind the level password earlier, made that the secondary password prompt information of being returned can be the individual character information according to the specific setting of this level password.

5, the user confirms information, and fills in the secondary password according to information;

The user can confirm the identity of server according to information that server returns, and can realize the bidirectional identification identification between user and the server like this, can prevent that malice such as fishing website from stealing the user profile behavior.In addition, it is corresponding with it that the next level password of this pattern can design a plurality of secondary passwords, and the corresponding information of each secondary password has nothing in common with each other, the user can require to fill in which secondary password and authenticate by the information identified server of individual character, this has further increased the complexity of secondary password, reduces the possibility that is cracked.

6, server reception secondary password authenticates user identity, correctly then authenticates as information and passes through, and then writes down logon information in the early warning record as information is incorrect, and returns and land failure information.

After the user who has the early warning checked to write down authority normally lands, can write down the log-on message of checking login failure, in time take counter-measure by early warning.

7. the processing procedure of similar secondary password is handled remaining multistage password above repeating.

8. for the system that does not need function code,

A kind of input method of optimization is: define the input equipment of passwords at different levels or input forms or be defined in and import to carry out behind some passwords and arrange to operate, finish by appointment during input.

A kind of input method of optimization is: define the input equipment of passwords at different levels or input forms and this input fully or import the implicit prompting of forms, show implicit the prompting in the display device of appointment or in the forms of appointment in the input prompt information, finish by appointment during input.

Another preferred scheme is prompting input equipment position of definition in prompt table, and is just effective with appointed equipment input password when this position display is certain number.

Another preferred scheme is that one of definition produces prompting incoming event (for example click the mouse right button or the left button) position in step in prompt table, when this position display is certain number, be input to and continue other password of input just effectively (for example definition with after having imported the 5th password, continues other passwords again and imports just effectively behind the right button of clicking the mouse) after this need produce this incident with appointed equipment when counting when this position display is 5.

Compound repeatedly input pattern judges and carries out identifying procedure, after being about to some grades of passwords and meeting, is divided into a plurality of parts again and successively carries out input authentication.Specifically Flow process is setThe step difference is to need which grade password of definition to be compound to input together, and is how compound.Finish by appointment when the difference of carrying out identifying procedure is the client input, service end is taken combinatioin code apart by agreement and is the classification password, can judge by input pattern repeatedly afterwards and carry out identifying procedure.

With prior art relatively.Technique effect of the present invention is

● because a large amount of identical logic memory contents and figure memory content are arranged in the password, so the password that the present invention produces under the same password intensity is littler than the memory capacitance of one-time pad.

● the intensity of password no longer only determines the length of password, and is also relevant with content-defined, the structure of password and transform method etc., allows the method for the relieved password setting of user oneself that method is provided for finding under the same system.

● for cryptographic transformation and verification have designed deviation chart, simple and practical operator and inverse operator thereof.

● when the real-time part of the password of audit crew and/or check part must be selected can force audit crew to note the content of examination outlines when examining content and be associated.

● be the ciphertext form just before input equipment, from the information that all can't obtain to import Anywhere expressly, and its complete form is one-time pad, and it is also useless to have stolen.

● memory cipher is the part (other system assignment part, check part, real time information, position, calculating order etc. in addition) of whole password, can guess out the part and can not decode whole password.In addition the part of password, can define repeatedly and to encrypt all, it is relieved to reach the user.

● since any one keeper can only control whole password a part, so any one administrative staff can not palm off user's identity.Can know by the check code of each generation and the date of up-to-date generation when which part is modified by using inquiry code to enter system.

● because the reinforcement of the working dynamics of supervising in ex ante forecasting and the thing, thereby reduced loss after accident takes place.The setting and the amending method of password for inquiry, notice password, locking password make using of password and manage science more comprehensively.

● the use balance of administrator password, security password, alarm cipher, guidance code, implicit prompting and check code safety and easy-to-use between all contradiction.

● the present invention needs the user to operate at the scene or guiding operation at the scene, and this just breaks away from Be Controlled for it or warning provides more opportunity.The method of ability permission modifications has ensured the validity of alarm code behind the modification approval of alarm code and the setting safety time.

● the design that could use after the training makes the user that skilled and safe operation can be arranged.

Description of drawings

Fig. 1. be applicable to the implementing procedure of outer net

Fig. 2. be applicable to the implementing procedure of Intranet

Fig. 3. the handling process of guidance code

Fig. 4. the service end data structure diagram

Fig. 5. the identification service system structure chart

Embodiment

Example 1: deviation chart applicating example

Table 1 is a kind of form of deviation chart, and middle black surround is the viewing area, also can be used as the input area of soft keyboard.The numeral sequence number in zero wherein.From the sequence number in the upper left corner 1., sequence arrangement arrives the lower right corner

If surpass

Then return the upper left corner 1. continuation (

), as the sequence number of character 5 can be 6.,

Deng.

Can intuitively finish computing between the character with this instrument of deviation chart.For example define operator

Be operating as: character

The absolute value of character=two a character ordinal number difference; Character

Numeral=character ordinal number adds value after the digital sequence number as sequence number, word herein or numeral (if surpass table tail just be recycled to gauge outfit continue); Numeral

The sequence number sum of numeral=two numerals, with gained and be sequence number, the character or the numeral of represented sequence number position.

Illustrate: the deviation chart outside provides scale and/or coordinate and/or sequence number value in the viewing area is provided, and can make things convenient for user's mental arithmetic.Operator

Do not meet law of communication, therefore, the function that improves secrecy is arranged when three above computings are arranged.Except that depositing character, can also deposit sentence, phrase and image, in the deviation chart so it can be encoded too.Sequence number prompting and coordinate prompting in the table can be simplified or be changed according to user's level.

Example 2:JY transform method: Chang Yong implicit method for expressing and cryptographic algorithm are concentrated at this and are illustrated in the present invention.The formal representation of example 2-1 jy transform method:

(1) establishes and from prompt table, choose effective random number YXSJ1, YXSJ2.If YXSJ1 be by character yx1 (1), yx1 (2) ..., yx1 (i) forms, note by abridging to be yx1; Yxsj2 be by character yx2 (1) ..., yx2 (j) forms, note by abridging to be yx1; Yx by character yx (1) ..., yx (i) forms.

(2) be transformed content be jy be by character jy (1), jy (2) ..., jy (k), form (i, j, k are natural number).

(3) definition

Be operator, the content in (jx (i)) expression one dimension prompt table under the respective coordinates (jx (i)), the content in the two-dimentional prompt table of (jx (i), jx (j)) expression under the respective coordinates (jx (i), jx (j)), all the other can be analogized.

(4) transform method has so: 1.

②

③

?

?

4. shining upon YXSJ1, YXSJ2 gets to yx

⑤

Example 2-2jy transform method digital application for example

If jy=1357; Jy1=13579

yxsj1＝83907490，yxsj2＝49342437，yxjy3＝13803111914

Operator

Be mould 10 addition without carries, figure place recycles the shortest when not enough, till the longest calculation is intact.

For mould 10 recycles when not enough by absolute value (the being 3-5=5-3=2) figure place of potential difference. For mould 10 by the automatic borrow value of potential difference (be 3-5=8,5-3=2), figure place recycles when not enough.

(4) yxsj2 is mapped to yx and goes up (yx (i), yx (j)), by table 24 be row, 9 are row, content is 9 to be designated as: (4,9)=9, the rest may be inferred by analogy obtains (3,4)=0, (2,4)=6, (3,7)=8 for it.Can get 9068,

(5) as selecting yxsj1 content representation row-coordinate by table 2, yxsj2 content representation row coordinate.Then (8,4)=5, all the other 39,93,04,12,44,93,07 analogize 59887181,

(6) with yxsj1 and yxsj2 Continuous Mappings to yx, and divide 2 coordinates, then 83,90,74,90,49,34,24,37=50109068 ((8,3) here=),

The applicating example that example 2-3 combines with deviation chart

Table 2 is a kind of typical prompt tables, is highlight in the black surround, and frame is a coordinate, and vertical 1 to 0 becomes row-coordinate, and first row horizontal 1 to C becomes the row coordinate.Suitable cut-off rule and shading can make things convenient for the user to search in the highlight, can also place Background, and the data representation that adds frame in the table is exactly to establish for this reason.A kind of safe occupation mode is to forbid that cursor enters highlight, in case stopping leak reveals important information position.But can be the soft keyboard of highlight as the input data.

If jy=7wssbm# (case-insensitive)

Yxsj1=67176152 (by the form of the numeral 1 of (2,5) of table 2 beginning)

Yxsj2=58099778 (by the form of the numeral 2 of (2,0) of table 2 beginning)

Operator

Definition identical with example one, deviation chart is when the table 3

9 (last position 9 is 2

Replenish the result of position 7)

Example 2-4 utilizes memory coding to propose the method that the local data in the system prompt string carries out conversion for coordinate for one kind.

The display mode line number of some equipment (as the little code-disc of password of all-purpose card, IC-card gate inhibition, keypad, bank) is less, and the valid data information amount in the prompt table is less, and top transform method is just not too suitable. and conversion way at this moment just should change into:

■ defines at least one effective random number

■ defines at least one memory cipher

■ defines algorithm

Produce random number during the ■ operation

■ presses the algorithm computing with content on effective random number position and memory cipher content, and the result who obtains is as input

Illustrate: when effective random number only and during memoryless password, transformation results is easy crack relatively; And operand and degree of safety are more moderate when two effective random numbers and a memory cipher are arranged

1. coordinate	0	1	2	3	4	5	6	7	8	9
1. coordinate	0	1	2	3	4	5	6	7	8	9	2. memory cipher	0	3		1	9		1	4
3. random number	2	9	3	7	3	6	8	7	3	1	2. memory cipher	0	3		1	9		1	4
3. random number	2	9	3	7	3	6	8	7	3	1	4.yxsj1	6	1	5	3	0	9
5.yxsj2	7	4	6	0	5	3					4.yxsj1	6	1	5	3	0	9
5.yxsj2	7	4	6	0	5	3					6. import 1	8	2		7	6		3	5
7. import 2	7	6		9	1				7	1	6. import 1	8	2		7	6		3	5
7. import 2	7	6		9	1				7	1	8. import 3	5	5		6	8		9	3

1. operator

Definition be that step-by-step mould 10 adds, be concrete numerical example below, character type add table 3 conversion again.

What 2. effectively random number yxsj1 (615309) and yxsj2 (746053) represented is coordinate in the random number.The number of the coordinate 6 of 6 corresponding random numbers among the yxsj1, content are that 8,1 corresponding contents are 9, and the rest may be inferred, are respectively 896721 and 738267 corresponding to the content of random number 2937368731

3. memory cipher is assumed to 031914

4. import 1:

With yxsj1 (615309) and memory Mix and write and to get

Afterwards, the number of no frame is looked into Coordinate Conversion, and directly mental arithmetic gets jy=827635

Input 2:

Input 3:

5. the cell-phone number that utilizes the present inventor is stipulated per 2 coordinates, is with 1 content as jy=13803111914, and such 3 figure place computings produce an input results, presses Practical Calculation, the same example of operator in the time of not enough.For example preceding 3 138 the conversion after be, 1-9,3---7,

The rest may be inferred by analogy for it, can get:

The applicating example of example 3. guidance codes, check code, implicit prompting and response code

The method of guidance code and implicit prompting is two main points of the present invention.They all are according to the design of people's memory regulation, overcome the method for forgeing.Different is that the guidance code person of being to use initiatively imports, and implicit prompting is initiatively exported by definition position and/or definition content by service end.The interior perhaps verification content that the user will use shifts to an earlier date in the input system by significant position or shape, as yxsj1=67176152 among the routine 2-3 (by (2 of table 2,5) form of Kai Shi numeral 1) yxsj2=58099778 (by the form of the numeral 2 of (2,0) of table 2 beginning).

Guidance code is the password of its number of the account A on traditional sense, also is the number of the account of original password simultaneously.The people that can steal guidance code also just can steal the password of traditional sense.Therefore, the stolen great attention that should cause the owner and safety manager of guidance code.But owing to can follow a cipher code set behind the guidance code of the present invention, and each password wherein can have different mapping modes again, it is selected at random by system should inputing which password, the talent who knows implicit prompting might import correctly, so guidance code is stolen the owner is incurred loss immediately.In addition, also advise a bit for greater safety providing password YDMM for guidance code.

The owner and safety manager are finding that guidance code also has certain safety time after stolen, for making is controlled during this period of time, can set this class situation appears and after, system reports to the police to the safety manager, and in the set time section, stop response to this account number, for preventing possessory wrong input, can give 1-3 times tolerance, but should be recorded in the archives.

The present invention also has very positive effect with the way that the check code of expert data communication field is generalized to common user.Particularly check code and implicit combining of pointing out also are under user of service's the supervision service end and safety manager's work.The fishing website, on the pretext of, safety manager's violation operation, wooden horse, supervision, even film recording or the like means are all no longer valid under comprehensive precaution of the present invention, possessory privacy and lawful right will obtain unprecedented guarantee.

Check part among the present invention has three contents to need definition when relating to system's input, the scope (optional whole or y position, x position to the) that promptly needs verification, the input mode of check results (the optional check number of afterbody or every x position that is placed on), the verification computational methods are (optional ).

Except that top three contents need define, also need to define the checking data source when relating to system's output.This screen data can be selected in the checking data source, or other Data Source, and for example the content of partly mentioning in real time at password can be selected for use.Above existing three contents also can be more complicated.For example, can select for use by the algorithm that deviation chart is finished.The output that relatively is applicable to audit work points out check code preferably to be associated with the audit main points, can remind the user like this--and-auditor operates at this moment note for which key project.

Implicit prompting is the content by the owner and system's agreement, is in order to point out end user's system mode, following step to import information such as related data, content and position.For example, position, quantity, the content of effective random number, service end reserved information, check information, the information of other information that password encryption needs and service end notice.Implicit prompting is finished by loading related data in definition before using and the use.

Response code is meant the response coding of system to user's operation, can show with the mode of literal or image, also can be with sound or/and the expression of parts such as luminous component.Wherein can comprise effective information above-mentioned, also have the noise information that floods effective information, for example insignificant random character.These noise informations are hidden and have been played effective random number and implicit prompting just.

Describe guidance code below in detail

(1) functional definition of guidance code

Personal sign indicating number is the guidance code that everyone uses oneself, has whole functions of use.Alarm code is the guidance code that everyone uses under involuntary situation, removes and carries out outside the alarm operation, and other functions are with personal sign indicating number.The guidance code that authorization code is used by the personnel that everyone authorizes can only authorized the function that execution is authorized in the time limit.Usually its behavior will be subjected to possessory monitoring.Inquiry code is that everyone is used for query guidance sign indicating number definition and/or the time of other important operations and/or the guidance code of check code.The check code here can be the individual event functions such as md5 sign indicating number that defined guidance code or cipher code set structure at that time, does not advocate the open check code that only contains guidance code or cipher code set content.The user can recall what the change of being done at that time is from modification time, and this service is by who safety manager to be responsible for.Old check code that also can be by check code and original record relatively, thereby learn it is which part changed, when change, where the job site during modification is, at that time should be by should who safety manager managing contents such as this part.

(2) safety management of guidance code

The format and content of personal sign indicating number and authorization code can be responsible for replacement respectively by two different safety managers.Inquiry code can be by any responsible replacement among two safety managers.And the replacement of alarm code just should be reset simultaneously by the safety manager more than two.A kind of management method of safe warning guidance code is to have only for the first time that the owner can be provided with alarm code voluntarily, to revise or reset afterwards security password must through one or think above safety manager's approval after, the alarm code behind one section safety time is revised just permission modifications or replacement alarm code of phase.Cai Neng guarantee alarm cipher can not lost meaning by malicious modification under involuntary situation like this.Not only be adapted to the to report to the police modification of guidance code of this method also is used under the ordinary password number of the account environment the directly situation of permission definition alarm cipher.The content of various guidance codes can leave in respectively on the different physical mediums after encrypting with form.

(3) corresponding with it password ydmm and the cipher code set mmz of guidance code

For balance between the fail safe of system and ease of use, the method for multiple use guidance code can be arranged.

Usage 1: as shown in Figure 1, in same screen, import number of the account A, figure Chinese character and guidance code (101) simultaneously, declare figure Chinese character correct (103) and can prevent the situation of attack automatically, declare number of the account A and have back (105) carry out to declare guidance code whether have (107), quite differentiate number of the account and password in the existing application.

Under the correct situation of number of the account A and guidance code, carry out and show pairing response code of number of the account A and check code (109), differentiate the correctness (111) of this service end for the user.Can increase (113) and (123) step for further improving fail safe, the basic data of the demonstration input password that foundation (113) provides is imported the corresponding password ydmm of guidance code in (123) step, and further shows corresponding response code of guidance code and check code (153) therewith.The method is consistent with current custom, is easy to promote.

Usage 2 is peeped for preventing better, and it is relevant with a cipher code set to define some guidance codes.Service end selects one of them to do current password randomly during operation, and which password what tell that the user selects by implicit prompting is.As long as the person of peeping does not understand concrete prompting position and suggestion content,, and expose the local fact that is stolen of cipher code set like this even peeped whole cipher code set and the password formation rule can not guarantee not input error." quiet night think " with li po be example below, and a relation between guidance code, ydmm and the cipher code set be described, and the user also can be extended to own familiar song, prose, classics and talk with etc.

" think quiet night " ... the silvery moonlight, cascading to the ground in front of the bed, is just like white frost for li po.Raising my head, I see the moon so bright.

Top poem is abridged with the Chinese phonetic alphabet, and different sentences so just has a lot of encoding schemes with different sign-offs.If with the Five-stroke Method abbreviation, with French, German abbreviation scheme will be more.Be one of phonetic alphabet scheme below, 7 and 1 among first password C7M1G$ is the partials of q and y, changes letter into numeral, makes the complicated component in the password so that distinguish the people that other use this poem.Other users also should have the personalized scheme of oneself.

jysi LBAI

1 c7mlg$ F 9

2 1sdss# G 8

3 jt5ml( H 7

4 DTSGX[ I 6

We can define jysi is guidance code, and LBAI is corresponding password ydmm; 1st, 1-4, F-I, the 4-7 of 3,4 row are distinct methods of the implicit prompting of expression selection password. the 2nd row provide the service end content of selected cipher code set at random, and the password in that cipher code set after selecting is called for short random cipher in the present invention, is designated as SJMM.SJMM is called specific cryptosystem after instrument that the user provides according to password create-rule, system and basic data conversion, be designated as TDMM.TDMM is the input form of valid password, relevant with the guidance code of user's input, relevant with the SJMM of service end appointment, relevant with predefined password create-rule (as administrator password or security password), the basic data of the generation password that produced at that time with service end is relevant.Occur 8 such as having selected the 7th of prompting, expression should be imported 1SDSS#, if the 7th occurs 6, then will import DTSGX[.Another safer method is the secondary indication position, and just defining the 7th, what deposit is the position of express selecting, and the content 3 that the 8th of 8 expression occur is contents of truly importing, promptly should import JT5M1 (.Definition is more difficult is guessd out by the internal staff in order to make, and can generate a prompting mode automatically by machine, and the user writes down to use and skillfully gets final product.

Another preferred scheme is prompting input equipment position of definition in prompt table, imports with keyboard when this position display is even number, uses the handwriting pad input just effective during for odd number.

Another preferred scheme is a prompting of definition input operation action (right button of for example clicking the mouse) position in prompt table, for example with after having imported the 5th password, it is just effective to continue other password inputs behind the right button of clicking the mouse again when this position display is 5 in definition.

The reminding method of the 3rd row is applicable to the situation that a large amount of letters are arranged in the prompt table, and this example is starting point with F, increases progressively by increment 1.Can certainly be defined as character inequality and express user's personalized design as the phonetic alphabet order (JING) of " quiet " etc.The reminding method of the 4th row is meant with 9 starting points of numeral, produces with increment-1.If certainly selecting increment is-2 can obtain 9,7,5,3 suggestion content, selecting increment is 6, may just need utilize deviation chart.From seeing also that here the discrete space that the present invention stays to use is very big.The password input that the user utilizes the present invention can produce wide of the mark is even if their usefulness is to use with the stich mnemonic(al).

Usage 3: consider that fishing website may angle number of the account A and guidance code under the flow process of Fig. 1, can use the flow process of Fig. 2.When (205) judged that number of the account A exists, (209) showed the response code and the check code of number of the account correspondence.Because the video data of (209) is personalized, so fishing website can only angle number of the account A, and the inner people who establishes fishing website is easy to be caught.Judge that (211) step user service end is correct, can be at (213) step input guidance code.Safer method was (209) step, shows simultaneously guidance code is carried out the conversion desired data, selected mapping algorithm and conversion desired data prompting position when the definition guidance code.(215) step can confirm further that service end showed response code and the check code corresponding with guidance code after judging the guidance code existence.As seen this response code makes the user recall the relevant password ydmm of guidance code therewith, and behind the input ydmm (254), the correctness (255) of ydmm is judged by system, and renewal figure Chinese character is gone in incorrect then return (239).

If correct, system selects a password as sjmm from cipher code set at random, and which bar password prompting has chosen, and provides conversion tdmm input required basic data prompting (256).The user becomes tdmm input (257) according to top these indication information conversion sjmm.

In this process, service end goes out tdmm according to the conversion internally of the predefined information of the owner, and its data structure as shown in Figure 4.Find user's number of the account from (401) number of the account A table, function (411) to the guidance code of judging input, the content and the position of prompting user's information response code, from cipher code set random extraction sjmm (421), produce tdmm (interior) by (431) create-rule, with the user according to prompting and memory, the tdmm (outward) that derives by the instrument table compare (225).If the consistent function that just can carry out this guiding password.

(4) guidance code is the situation of alarm code

What should emphatically point out is the position that (224) declare alarm code, also can be placed between (255) and (256).That is to say as long as the input of decision directed sign indicating number correctly just should judge whether it is alarm code earlier, is with regard to priority treatment warning work.Here because the owner can not import alarm code under the normal condition; steal sign indicating number person and just be difficult to steal alarm code; and there are number of the account A and figure Chinese character (201) in (256) front, and guidance code (213) and the protection of ydmm (254) quadruple are even conjecture and heavy attack also are difficult to here.Therefore, judge it is that alarm code just can be carried out alarm operation afterwards in (255).Could utilize the chance of this and extraneous transmission information to pass out the rescue clue like this, and the control loss.After for example the money of account can being kept the formulation amount of money, all the other all forward on other destiny accounts.Also can spread out of kidnapper's mobile phone or other information, importantly set apart and clue to rescue.

(244) are though changing of position illustrates that also the best-of-breed functionality position is arranged in addition, but most of operation is not very responsive to the variation of the unknown in the computer program, so can produce infinite many variation schemes by means such as displacement, increase and decrease, equivalences by thinking of the present invention.The inventor will keep the power to prosecute to these changes.

After the decision directed sign indicating number is alarm code (244), carry out basic alert program (245), for example predetermined customizing messages is sent to the relevant personnel, the CDXX that receives is passed to the relevant personnel, the deposit outside the reserved amount is transferred to secured account.

The user can judge whether according to the situation at scene and can stall for time, if can stall for time when input tdmm (257) just create qualified tdmm (outside), being that check part is incorrect when for example defining just stalls for time.Tdmm (outward) just meets this condition entry so, judges when carrying out Rule of judgment (246) in system so to satisfy condition (y), will carry out the alarm cipher operation (248) of stalling for time.For example send information " system is busy, please wait for ", and interrupt system responds all times.

If (257) check code of Shu Ru tdmm (outward) correctly will be carried out (227) (229) and carries out the operation of common alarm code, but as the query note of cleaning transfer fund just now, in order to avoid find to report to the police.

Certainly, be over if this type of is all done in (245), perhaps All Alerts work does not all stay visible vestige.Step (229) can be cancelled the personal code operations (231) of direct execution so.

For the stranger, the operation of alarm code is transparent like this, and inquire about true operation needs me to file an application face to face, and preferably delaying provides.

Exemplified fairly perfect example among the present invention, a simple example is in existing number of the account commonly used, the pin mode, as long as increase definitional part at cryptopart, distinguishes out the function that ordinary password and alarm code can be carried out alarm code shown in Figure 3.More general without guidance code, only personal password (as 201 beginning or A1) is distinguished in definition, alarm cipher (as 110 beginning or A2), licencing key (as with 112 beginning or A3), the mode of password for inquiry (as with 114 beginning or A4) just can be used function shown in Figure 3.

(5) three kinds of typical alarm code usings method

One of method:

(1) definition step:

1. defining own alarm cipher, is the password of beginning with 110 for example

Issue the specific of specific crowd when 2. definition occur to be reported to the police, for example: give 13803111914 send short messages " these are the warnings of 5566 numbers of the account ".

3. set and for example wherein report to the police work: secured account is set, sets retention money.

(2) operating procedure

1. judge that the password of receiving is the alarm password, for example: 110,112.

2. the customizing messages of reserving is issued specific crowd, for example: finish the note work that sends.

3. money is converged to destiny account, and keep the setting amount of money.

Two of method:

(1) definition step

1. define the guidance code of warning usefulness.

2. definition is used to judge whether Fabian password field and content.Can the initialization system distribution portion be 56 for example, or the memory transform portion is 2468, or check part be incorrect just stalls for time.

3. set secured account.

4. reserved amount is set.

5. the specific crowd contact method is set.

6. the customizing messages that will send is set.

7. the whole bag of tricks and the information that is provided with for stall for time as far as possible.For example send information interrupting informations such as " communication line faults ", cut off then and write to each other a period of time.

8. default " random number during the input password " (yxsj1) and operator

Inverse operation, operator

Algorithm, like this by the dummy letter of mental arithmetic

After the input, system transmits information

(2) operating procedure

1. determine when occurring the warning guidance code in the guidance code, the whole funds except that reserved amount all converge in the secured account of having set.

2. predetermined customizing messages is issued the appointment crowd.

3. the CDXX that receives is sent to all relevant personnel.

4. cooperate the Fabian work of finishing.

5. the last local meeting demonstration record different of removing with normal running.

Three (being mainly used in unattended terminal operating mode) of method

(1) definition step

1. define the guidance code and the corresponding password of warning usefulness.

3. set secured account.

4. reserved amount is set.

5. the specific crowd contact method is set.

6. the customizing messages that will send is set.

8. default " random number during the input password " (yxsj1) and operator

Inverse operation, operator

Algorithm, like this by the dummy letter of mental arithmetic

After the input, system transmits information

For example For mould 10 adds,

Be its inverse operator.Yxsj1 is 13579, and the information of transmission is telephone number CDXX=13803111914, mental arithmetic

Scene (256) input jmm that seeks pretext when Fig. 2 imports tdmm, system uses inverse operation so

Calculate

(2) operating procedure

2. predetermined customizing messages is issued the appointment crowd

3. the CDXX that receives is sent to all relevant personnel.

4. cooperate the Fabian work of finishing

5. the last local meeting demonstration record different of removing with normal running

(3) the safety guarantee step of definition information:

Method has only and holds place of business inquiry and/or the change definition information of certificate to service end of closing in person, could be set to the permission modifications state by the permission modifications definition sign of this user in the database of staff's service end.Passed through the test of simulation define program on the terminal of operation as the user after, just can upload definition information at least once.Upload correct back and delete the information of preserving on user's terminal automatically.If surpassing the time limit and/or the time number limiting of regulation just no longer accepts to upload.

The setting of example 4. administrator passwords for example

Because administrator password is to use under safer environment, and access times are less.For convenience of explanation, this example is back three parts of explanation earlier, retell the system assignment part in example 5.The beginner begins and can integral body do conversion, and skilled back increases and decodes difficulty in partial transformation repeatedly.Can be after the content of various piece and the position in password are defined by the user by two security officials' management.The data that for example relate to real-time part employing are disclosed in the named web page announcement and check for the user.The user can define on named web page, also can use to specify and download define program generation definition file on the network address and upload, and also can define the back upload file by hand.

1. choose the position (meaning is the 2nd row 5 row, the numeral 1 of 0 row beginning and 2 form) of effective random number YXSJ1, YXSJ2 in the definition prompt table, safety officer a manages this part.：

The coordinate of YXSJ1 is (2,5), (3,5), (4,5), (5,5), (6,4), (7,4), (8,4), (9,4)

The coordinate of YXSJ1 be (2,0), (2, a), (3, a), (4,0), (5,0), (6,9), (7,9), (7,0)

2. definition guidance code and YDMM are: WZH and DHQL, select mapping mode to be not conversion.Safety officer b manages this part.

. step on Stork .... the king melts the daytime near the mountain to the greatest extent, and ocean current is gone in the Yellow River.Ascend another storey to see a thousand miles further.

The?white?sun?sets?behind?mountains，The?Yellow?River?flows?into?the?sea.Go?further?up?one?flight?of?starirs，And?you’ll?widen?your?view?a?thousandkilometer.

3. definition cipher code set: THE replaces with 7, and punctuate replaces with the custom character of oneself.

7wssbm#?1，7yrfi7s％?2，Gfuofos\?3，Aywyvatk#?4

4. define real-time part: select 2 current system time the number of minutes, 2 amount depositeds (individual and ten), not conversion.Safety officer a manages this part.

5.SJMM the prompting position be the represented direct number of content of (2,3).

6. definition memory section: select cipher code set, mapping mode is

7. definition check part: select the whole of real-time part and memory section, per 31 bit check positions that accompany.Safety officer c manages this part.

8.TDMM mapping mode is whole

For example: prompt table 2 occurs during system's operation now, the time is 12: 20: 19, and amount deposited is 24556.88 yuan. and number of the account is XIEDAN, and the figure Chinese character is " 6f5r ". and this example selects for use deviation chart 3 to carry out computing.Flow process by Fig. 2 is operated, and this moment, the TDMM conversion process of correspondence was as follows:

Processes such as number of the account are omitted, and (256) step is got effective random number yxsj1=67176152, and the real-time part of password is that 2056.SJMM (256) should choose second password 7yrfi7s%.Memory section:

YXSJ1=C*SMO8X uses checking algorithm calculation check part: 205G6C*MSMO8X* again.Calculating TDMM result is 8V6NBD20YTP@DY2.

Safety officer a, b, c be the different piece of administrator password definition respectively, and having only resets simultaneously just can enter system with new password.

The setting of example 5. security passwords and licencing key for example

The difference of security password and administrator password is: on the effective time of password, security password is shorter than administrator password, and is only effective in a working stage.On the complexity of password, security password increases the cipher code set (if can not find when implying the define method of pointing out, the chance of being caught is more) of system assignment part (having broken through user's thinking set) and employing greater number password than administrator password height.On the management function, administrator password enters and can generate security password, licencing key.

The difference of security password and licencing key: on the effective time of password, security password is longer than licencing key.Licencing key should be effective in a shorter working stage, or even once effective.On the complexity of password, licencing key is higher, and the password of the one-time pad that should generate with system is preferably only used the system assignment part, increases check part at most.On the management function, security password enters and can generate licencing key.

The system assignment part: be by the automated randomized rule definition according to oneself of system (user only with participate in selecting with or need not, can not intervene how to produce), so the user only needs remember between the lifetime at password.The thinking set that the method that machine distributes has automatically broken through the user makes the internal staff be difficult for guessing, and can certainly make conversion to The above results.

Though the system assignment part also can be used in administrator password, because administrator password may need not (for example be often travelled on business trips) for a long time, can forget the system assignment part, causes whole password to be forgotten.So advocate and in security password and licencing key, use this part.Suppose that safety officer a division of labor management deposits and reset this part.Normal time and place are forgotten this yard owner and can be generated a new security password once more.

Guidance code should be distinguished with all kinds of different passwords of YDMM, and best system software is judged automatically.

Example 6. is used software giving an example to user's training

■ manually registers initial password

■ lands the website

■ revises initial password

■ downloads the training program of off-line operation

The ■ off-line

■ checks whether the training program of off-line operation is modified

■ is changed, and looks for the safety manager

■ is errorless, the training program of off-line operation

The fail safe of ■ training program self check running environment

■ is errorless, the beginning training course

■ runs into the line environment to be withdrawed from automatically

The every stepping performing check of ■ is by entering the step down

The ■ training is by setting up own cryptosystem

The ■ test is passed through, and encrypts, and deletes no enciphered message

■ permission line is uploaded the defined file of encrypting

The formal use of ■ had cryptosystem by oneself.

Because whole process encrypted transmission password has ensured its fail safe.

Example 6, the present invention is further described below in conjunction with drawings and Examples.

In order to solve the problems in the aforementioned existing security certification system, the present invention proposes a kind of novel security certification system.This system carries out classification with password on the safety certification pattern basis of existing account number and password, be divided into level password and secondary password, and introducing is filled in relevant information part with password.

Knowing this paper for narration is the example narration with 2 grades of cryptosystems only, and the reader can push away the password level easily Extensively to 3 grades or more multistage, to reach user's demand for security.

Level password is a kind of functional password, and it is the authentication password corresponding with account number, also is the account number of secondary password simultaneously.Account number can corresponding a plurality of level passwords, and the pairing final function privilege of each level password has nothing in common with each other.And each level password is all corresponding to one or more different secondary passwords.The user has only level password and corresponding with it secondary password is all filled in correctly, just can obtain with the corresponding authentication authority of the level password of filling out.

The secondary password is a kind of disposal password that need fill in according to information.Information is the random information that is sent by server end, and it can be at random numerical table or pattern etc.The user carries out certain well-regulated conversion according to the random information of information and obtains corresponding secondary password.Because the content difference of each information, the secondary password that institute's correspondent transform obtains are also different, therefore realized the disposal password of one-time pad, make that expressly inputing password becomes possibility.

Owing to, the present invention has adopted the Design Pattern of classification password, and has adopted the disposal password of one-time pad to design in secondary password link, has also created condition for the realization early warning mechanism when having strengthened the password cracking difficulty.Among the present invention, specialized designs has early warning mechanism, and unusual logon information is carried out record.The user can inquire about the relevant record that lands unusually after having landed the pattern with corresponding authority.There is the people to fill in the level password of right certain authority as finding, but the place lands failure at the secondary password, illustrate that then this level password is stolen, should in time take to remedy accordingly measure, and landing time that can be by this record and land logon information such as IP address, trace whom and just attempting to steal authentication information.

Though the present invention is divided into level password and secondary password two parts with cryptopart, in use can be designed to input pattern or secondary input pattern according to actual needs.Provide the process step that lands of these two kinds of input pattern correspondences below.

Input pattern is about to level password and the secondary password is integrated into a complete password, and disposable input is finished.Server end separates level password according to preset rule and authenticates with the secondary password.Concrete steps are as follows:

1, the user sends authentication request to server;

2, server response user asks, and sends information to the user;

Because under this pattern, information sent to the user before server response level password, therefore should use a kind of information of consolidation form.

3, the user fills in account number, and at the corresponding level password and the secondary password filled in of predetermined bits section of password;

Here should be noted that because the level password figure place of various authorities is not necessarily identical, should be in password or preceding or open up one section sufficiently long position section thereafter in order to fill in level password, and unnecessary part can fill in arbitrarily fill full, so further increase level password crack difficulty.Though information that server is given is identical here because the transformation rule difference of the corresponding secondary password of the level password of different rights institute, therefore through conversion and must the secondary password also have nothing in common with each other, still can satisfy the needs of safety certification.

4, server receives user's authentication information, isolate the level password and the secondary password of account according to account number, and successively user identity is authenticated, as information correctly then the authentication pass through, as information incorrect then record logon information and other corresponding informations in the early warning record, and return and land failure information.

The secondary input pattern is about to level password and secondary password and is divided into two parts and successively carries out input authentication.Concrete steps are as follows:

1, the user sends authentication request to server;

2, server response user asks, and sends login prompt to the user;

3, the user sends to server with account number and level password information;

Owing to adopted and filled out the pattern of filling out the secondary password behind the level password earlier, made that the secondary password prompt information of being returned can be the individual character information according to the specific setting of this level password.

Therefore one of its characteristics of security certification system of the present invention are the level password in the password classification is given certain functional, make this Verification System can realize some special functions.

The user can be provided with the only level password of open browse right.Often need carry out browsed content for some like this, only need land at ordinary times and get final product, and need not to use level password to land with modification authority by this level password.Can reduce utilization rate like this, reduce the possibility that this password is cracked, probability thereby the reduction user suffers a loss because of authentication information is stolen with level password of revising authority.In addition, the level password of such authority also is convenient to lend other people and is used, and need not to worry to suffer a loss because of authentication information is for public use may.Such design is particularly suitable for the needs of enterprises information interchange.

The user can be the effectively level password that only is provided with within a certain period of time easy to use, saves multistage password and has reduced Cipher Strength but made things convenient for the user.The design of this level password is suitable for some and need uses content and the interim personnel that obtain load right of some needs that the special time period opening is landed.

The user can design a plurality of at the open level password of revising authority of different piece, and the secondary password create-rule of each level password has nothing in common with each other.Such design is particularly suitable for team and carries out collaborative development or revise a certain common content.The user can also be provided with the level password that has inquiry early warning record specially, reports to the police and carry out the emergency processing authority.This custom-designed early warning level password can carry out emergency processing timely, and can provide favourable information for tracing account's appropriator when find that account number is unusual.As seen, certain functional by level password is given, enriched the effect that security certification system can play, realized many conventional authentication system the function that can't realize.

In addition, another characteristics of safety Verification System are the design of multistage password.Secondary password and above rank password are as the authentication foundation of core in the native system, and the height of its fail safe is the key of the security performance of whole system.Secondary password in the native system and above rank password have adopted the design philosophy of disposal password as native system, and promptly the password of each input only lands effectively this time, thereby avoids repeatedly repeating to import the danger that same password causes.But the property password is different next time with ordinary meaning again for the generation method of the disposal password that the secondary password is adopted among the present invention.Mostly disposal password under the ordinary meaning is to adopt random sequence generator, generates an identical string at random simultaneously with server end landing end respectively before landing at every turn, by to this at random the comparison of string authenticate.Though such method can realize the password of one-time pad and generate, this immediately sequence generator in a single day be stolen or this create-rule is cracked, this safe mode does not also just exist safety not say.

The disposal password generation method characteristics of secondary password are among the present invention, it has made full use of people's itself memory capability and creativity, require user's autonomous Design and remember a kind of disposal password transformation rule, and this transformation rule is pre-set in server end.When the user needed to fill in the secondary password in verification process, the user can generate required disposal password by information at random and the disposal password transformation rule of remembering own that system provides, and authenticates at server end.Certainly, disposal password transformation rule described here can be tired of according to actual security needs and user's itself memory capability can letter.But this its essence of disposal password generation method is to utilize the fixing transformation rule of human brain memory, utilizes machine to generate the auxiliary information at random that produces disposal password, makes full use of both strong points, strengthens the difficulty that password is cracked or is stolen.

As can be seen, its key of the realization of this disposal password generation method is all determining of exercisable transformation rule of a kind of people and machine.In the present invention, this transformation rule f1 (x ₁, x ₂, x ₃... x _n) represent x wherein ₁, x ₂, x ₃... x _nExpression generates the selected random parameter of disposal password in order to conversion, input Ri (f1, f2, f3 ...).Here in order further to increase the complexity of secondary password, in order to carrying out the information at random that parameter that conversion generates disposal password not only can be provided from the said server in front, can also be from many other aspects.Below just can also give an example as the source of transformation parameter to other:

1, human brain memory part: the fix information that this part mainly is meant by human brain memory is equivalent to the password in the conventional security Verification System.

2, real-time part: this part mainly is meant some environmental informations when user fills in password.Such as, the time and date when filling in password; Certain exchange rate or interest rate when filling in password; Principal amount in the finance account; Fill in IP address of password device therefor or the like.These information all be in time or the place change and the information that changes, be introduced into as generating the required transformation parameter of secondary password, can further increase the complexity of the password that generates.

3, memory conversion portion: the character string of memory (can be original password), or its conversion form.

4, check part: the part of first three part or full content are handled the result that obtains (when the residue figure place is not enough, can select to get remain character carry out computing or mode such as cast out) with selected algorithm.Because it almost is at every turn all in variation that variation of first three part can cause check part, what the user can Differentiated Services person like this is true and false, and the server also can distinguish the true and false of user.Its content comprises that a. algorithm b. checking data c. result's position puts.

The information at random that is provided by server among the present invention is the table of random numbers normally, also the form formed of the character that can be made up of random character and numeral.So, how from these informations, extract a kind of means that required parameter also can be used as increases the password complexity.

Wherein, fundamental method is that the user chooses the numeral of some coordinate positions in the table of random numbers successively as the parameter of carrying out conversion.But this method is found rule by stealer easily.

In order to solve the constant problem that is found easily and remembers inconvenience of the coordinate position of directly choosing.Can in the table of random numbers, be provided with background patterns, by the tendency of some specific lines in the background patterns, with these lines the numeral of process successively as the parameter of conversion.As in the table 2, " 1 ", " 2 " two lines are arranged in the background of the table of random numbers.The parameter that we can identify according to " 1 " lines is " 67176152 ", and the parameter of complying with " 2 " lines is " 58099778 ".

The front is mentioned, and it is corresponding with it to have designed a plurality of secondary passwords at the next level password of secondary input pattern, and said here secondary password is construed as different disposal password transformation rules.In this case, the user can define the transformation rule that adopts which secondary password by the shape differentiation server requirement user of the table of random numbers.Therefore, the profile of the table of random numbers also can be used as a reference parameter of transformation rule.

In addition, the present invention also provides the multiple required transformation operator of conversion between parameter that carries out for the disposal password transformation rule.These transformation operators should be able to satisfy carry out between the parameter position with calculating.For example, we can define operator For mould 10 addition without carries (promptly

); Operator

For mould 10 by the absolute value of potential difference (promptly

); Operator For mould 10 by the automatic borrow value of potential difference (promptly

).These operators recycle when not enough the shortlyest calculating median, till the longest calculation is intact, can satisfies like this between the parameter of different length and calculate.In addition, we can also define a+b, for the b parameter is linked in sequence after a parameter.

Below how we can carry out the secondary cryptographic transformation to the safety Verification System and safety certification describes by an example.

Account number is called under the account number of zhanghao (account), is provided with two level passwords and is respectively 111111,222222.The secondary cryptographic transformation rule f of level password 111111 correspondences ₁(x ₁, x ₃, x ₅) be:

Wherein, x ₁Be level password 111111; x ₃For in the information along the string of background word " 1 "; x ₅The number of minutes of system time when landing.The secondary cryptographic transformation rule f of level password 222222 correspondences ₂(x ₃, x ₄, x ₅) be:

Wherein, x ₂Be level password 222222; x ₄For in the information along the string of background word " 2 "; x ₅The number of minutes of system time when landing.The information of replying when server end is a table three, and system time is 12: 20: 19 during login.At this moment, parameter x ₃Be 67176152, parameter x ₄Be 58099778, parameter x ₅Be 20.Then the secondary password of level password 111111 correspondences should be

The secondary password of level password 222222 correspondences should be

Above-described various parameters source and transformation operator are just enumerated some possible implementation, and the definition of the selection of transformation parameter and transformation operator should only not be confined to above-mentioned cited form in actual use.The essence that should be understood that secondary password design among the present invention is the transformation rule that utilizes human brain memory fixing, by the method for utilizing random parameter to carry out conversion, realizes the generation of disposal password.As seen, under the situation of above-mentioned design spirit, adopt any conspicuous parametric form or transformation operator algorithm all should be considered as within protection scope of the present invention.

Can sum up in sum The input of safety Verification System is handled to be divided into and flow process is set and carries out authentication stream 2 flow process (see figure 5)s of journey.

Flow process is setAs follows:

1,1. 6. the user send application for registration to certificate server;

2,1. server responds the user and 6. applies for, requires the user to fill in the registration account number;

3,1. 6. the user send the registration account number to server;

4, whether server 1. to confirm to register account number available, as the unavailable step 3 of then returning, requires the user to rewrite; As available then to user's level password log-on message;

5, the user fills in the level password that will register 6. according to the level password log-on message, and selects the open authority of this level password;

6, after server receives the level password log-on message, 6. send secondary identification number register information to the user;

7, the user selects the form of secondary password prompt information, and edits required secondary cryptographic transformation rule 6. according to secondary identification number register information;

8, after server is received secondary identification number register information, 6. send corresponding prompt information, require the user to try to fill out the secondary password to the user;

9, the user fills in the secondary password 6. according to the transformation rule of information and defined;

11,6. the user selects renewal of registration level password, then returns the new level password of step 5 registration; If do not need to register again level password, then finish registration.

1,6. the user sends authentication request to server;

2, server response user asks, and 6. sends login prompt to the user;

3, the user sends to server with account number and level password information;

4, server authenticates account number and level password information, correctly then returns this level password corresponding prompt information as information; Then in the early warning record, write down logon information as information is incorrect, and return and land failure information; Owing to adopted and filled in the pattern of filling out the secondary password behind the level password earlier, made that the secondary password prompt information of being returned can be the individual character information according to the specific setting of this level password.

5,6. the user confirms information, and fills in the secondary password according to information;

6. the user can confirm the identity of server according to information that server returns, and can realize the bidirectional identification identification between user and the server like this, can prevent that malice such as fishing website from stealing the user profile behavior.In addition, it is corresponding with it that the next level password of this pattern can design a plurality of secondary passwords, and the corresponding information of each secondary password has nothing in common with each other, 6. the user can require to fill in which secondary password and authenticate by the information identified server of individual character, this has further increased the complexity of secondary password, reduces the possibility that is cracked.

8. for the system that does not need function code,

A kind of input method of optimization is: the input equipment that defines passwords at different levels 5. or input forms or be defined in import to carry out behind some passwords and arranges to operate, finish by appointment during input.

A kind of input method of optimization is: the input equipment that defines passwords at different levels 5. or input forms and this input fully or import the implicit prompting of forms, show in the input prompt information implicit prompting the display device of appointment 4. in or in the forms of appointment, finish by appointment during input.

A kind of input method of optimization is: prompting input equipment position of definition in prompt table, and just effective with appointed equipment input password when this position display is certain number.

A kind of input method of optimization is: one of definition produces prompting incoming event (for example click the mouse right button or the left button) position in step in prompt table, when this position display is certain number, be input to and continue other password of input just effectively (for example definition with after having imported the 5th password, continues other passwords again and imports just effectively behind the right button of clicking the mouse) after this need produce this incident with appointed equipment when counting when this position display is 5.

Summary

1. prevent the system manager behind replacement user password, enter system with the user of service's of system identity.The method that this purpose realizes is as follows: password is divided into two or more parts, and/or (once more) be divided into content and form two parts, divide the work managing of different piece by two or more safety officers.See example 3 and example 4 for details.

2. prevent that the internal staff from stealing important input information in the mode outside the replacement password.Because identity recognition device ratio in kind is easier to be stolen by the internal staff,, but also can use identity recognition device in kind simultaneously so emphasis of the present invention is to adopt the method for non-material object to increase the decoding difficulty of password.Taked password to divide a plurality of parts to form; Can partial transformation, integral transformation; Each cipher code set can be specified with guidance code, and system's password of this input below wherein choosing a conduct randomly, and implicit prompting is come out, if password does not pass through, and guidance code is correct, illustrates that guidance code divulges a secret, and notifies the owner password and the guidance code that use of user at that time rapidly; By the division of password kind, reduced the access times of important password, reduced the significance level of stolen input information.Etc. multiple means.See example 1 for details to example 5.

3. there is being the people to attempt to steal or carrying out just being realized when a part is stolen work, and using evidence and clue to find out the internal staff who does this thing, rather than now like this, tracing again after causing consequence.After each use password of the present invention entered system, system can tell that all the user entered the information of system in the past, as place, time, main operation information, checked to make things convenient for the user whether operation in the past is the operation of oneself.The foundation that the present invention is also complete the password work system, what make password uses and manages science more comprehensively.

The present invention has also created inquiry code, use this password to enter system at every turn after, system all can tell the user to enter system in the past and revise the information of password such as place, time, this password by who safety manager are responsible for etc.In addition, because a guidance code correspondence a plurality of associated cryptographics, if guidance code is correct, and the explanation of input password bad has the people attacking this number of the account, and the user can judge whether it has stolen the correct password of part according to the password of invador's input.A guidance code correspondence the safe precaution ability that a YDMM has also strengthened system.See example 3 for details to example 5.

4. solve authorized person's supervision and limit its scope of application, and forget problem when solving a great selection of password.Concrete grammar is to adopt guidance code and implicit prompting.Adopt the guidance code difference owner oneself to use and license, distinguish the use of normally using and report to the police, system gives the user different rights of using.Because guidance code is initiatively input, the password that both can be used as number of the account A is treated, and the number of the account that can be used as following password is again treated, introduce guidance code made password many protective layer.The response of system can be extracted safely by number of the account A and guidance code system, and user's legal identity can be guaranteed by guidance code and cryptographic system at number of the account A.System can also by it finish discriminating whether the someone stolen part valid password in user's the password set, method is that each cipher code set can be specified with guidance code, and system's password of this input below wherein choosing a conduct randomly, and implicit prompting is come out, as showing which bar this uses responding the window assigned address, or its abbreviation; If password does not pass through, and guidance code is correct, illustrates that guidance code divulges a secret; Notify the owner password and the guidance code of user's use at that time, this may be exactly the omen of having divulged a secret.The content of implicit prompting can also be position, quantity, the content of effective random number in addition, service end reserved information, check information, the information of other information that password encryption needs and service end notice.See example 3 for details to example 5.

5. it is involuntary allowing the following thing of being done of operator's reporting system oneself, require system to carry out by predetermined scheme, rather than operation is routinely carried out.Operate for like this operator so that press the wish of oneself with time and chance.The enforcement of this scheme will make them dare not go to implement crime to the people who attempts a crime with deterrence.Because the present invention needs the user to operate at the scene or guiding operation at the scene, this is just for using user of the present invention to break away from Be Controlled unwilled the time or warning provides more opportunity and time.The implementation method of this purpose sees example 3 for details.

6. reduce operator's operand and memory capacitance, reduce and use difficulty, but adhere to just can using system by training.Method is also to have designed deviation chart, operator and inverse operator for conversion and verification except adopting implicit prompting and guidance code, the people of primary school's culture also can be on top of through training, service routine training user, pass through training and just can upload definition of data, thus can using system work.See example 1 for details to example 5.

7. promote user's ability, make it can resist possible injury.Method is to use software that it is trained, by just uploading the result after the check, normal using system.See example 3 for details to example 6.

8. prevent to palm off service end, method is a service end for each user provides personalized response code and check code, and the user inputs and can differentiate afterwards earlier before the own password and import.See example 3 for details to example 5.

Claims

1. one kind " multiple choices cipher safety authentication system " is characterized in that, the operator can link to each other with certificate server by certain communication mode, make certificate server can only the identifying operation person on selected equipment, the password of importing by appointed method.

2. one kind of multiple selectivity cipher safety authentication methods is characterized in that, recognize correction method and are realized by the following step

● 6. the user sends authentication request to server;

● server response user asks, and 6. sends login prompt to the user;

● the user sends to server with account number and level password information;

● server authenticates account number and level password information, correctly then returns this level password corresponding prompt information as information; Then in the early warning record, write down logon information as information is incorrect, and return and land failure information; Owing to adopted and filled in the pattern of filling out the secondary password behind the level password earlier, made that the secondary password prompt information of being returned can be the individual character information according to the specific setting of this level password.

● 6. the user confirms information, and fills in the secondary password according to information;

● 6. the user can confirm the identity of server according to information that server returns, and can realize the bidirectional identification identification between user and the server like this, can prevent that malice such as fishing website from stealing the user profile behavior.In addition, it is corresponding with it that the next level password of this pattern can design a plurality of secondary passwords, and the corresponding information of each secondary password has nothing in common with each other, 6. the user can require to fill in which secondary password and authenticate by the information identified server of individual character, this has further increased the complexity of secondary password, reduces the possibility that is cracked.

● server receives the secondary password user identity is authenticated, and correctly then authenticates as information and passes through, and then writes down logon information in the early warning record as information is incorrect, and returns and land failure information.

● after the user who has the early warning checked to write down authority normally lands, can write down the log-on message of checking login failure, in time take counter-measure by early warning.

● the processing procedure of similar secondary password above repeating, handle remaining multistage password.

3, one kind of multiple selectivity cipher safety authentication methods is characterized in that, for the system that does not need function code, a kind of input method of optimization is: the input equipment that defines passwords at different levels 5. or input forms or be defined in import to carry out behind some passwords and arranges to operate, finish by appointment during input.

4, one kind of multiple selectivity cipher safety authentication methods is characterized in that, a kind of input method of optimization is: the input equipment that defines passwords at different levels 5. or input forms and this input fully or import the implicit prompting of forms, show in the input prompt information implicit prompting the display device of appointment 4. in or in the forms of appointment, finish by appointment during input.

5, one kind of multiple selectivity cipher safety authentication methods is characterized in that a kind of input method of optimization is: prompting input equipment position of definition in prompt table, and just effective with appointed equipment input password when this position display is certain number.

6. one kind of multiple selectivity cipher safety authentication methods is characterized in that, a kind of input method of optimization is: one of definition produces prompting incoming event (for example click the mouse right button or the left button) position in step in prompt table, when this position display is certain number, be input to and continue other password of input just effectively (for example definition with after having imported the 5th password, continues other passwords again and imports just effectively behind the right button of clicking the mouse) after this need produce this incident with appointed equipment when counting when this position display is 5.

7, one kind of multiple selectivity cipher safety authentication methods is characterized in that, compound repeatedly input pattern judges and carry out identifying procedure, after being about to some grades of passwords and meeting, are divided into a plurality of parts again and successively carry out input authentication.Specifically Flow process is setThe step difference is to need which grade password of definition to be compound to input together, and is how compound.Finish by appointment when the difference of carrying out identifying procedure is the client input, service end is taken combinatioin code apart by agreement and is the classification password, can judge by input pattern repeatedly afterwards and carry out identifying procedure.