CN101442410B - Method and apparatus for generating dynamic cipher, and application system containing the apparatus - Google Patents
Method and apparatus for generating dynamic cipher, and application system containing the apparatus Download PDFInfo
- Publication number
- CN101442410B CN101442410B CN2008102182808A CN200810218280A CN101442410B CN 101442410 B CN101442410 B CN 101442410B CN 2008102182808 A CN2008102182808 A CN 2008102182808A CN 200810218280 A CN200810218280 A CN 200810218280A CN 101442410 B CN101442410 B CN 101442410B
- Authority
- CN
- China
- Prior art keywords
- character
- combination disk
- password
- dynamic password
- dynamic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a method and a device for generating a dynamic cipher, and an application system containing the device. The method for generating the dynamic cipher comprises the following steps: setting a cipher disk containing at least one character position and a static cipher containing at least one character, wherein the cipher disk has position information of a group of original characters on the cipher disk correspondingly, and each character of the static cipher is contained in the original characters of the cipher disk; determining that each character of the static cipher corresponds to the position information on the cipher disk; transforming the original characters corresponding to each character position on the cipher disk according to a preset transformation rule so as to generate a new character; and determining that each character position of the static cipher on the cipher disk before transforming is relative to the corresponding new character on the cipher disk after transforming, according to the position information on the cipher disk corresponding to each character of the static cipher, so as to generate the dynamic cipher. The invention ensures that a user can use the dynamic cipher simply and conveniently.
Description
Technical field
The present invention relates to the cryptosecurity field, relate to specifically a kind of dynamic password the generation method, install and contain the application system of this device.
Background technology
At present,, adopt password to protect the mode of user information safety to be widely used, in these are used, normally input account name and corresponding password, thereby obtain application permission by the user at numerous areas such as finance, internet, applications.Yet in actual applications, aforesaid way still has some situations can not obtain well satisfying:
1. a lot of people often need login and visit different systems, and have many cover visit (or verification) passwords.Memory for convenience, more user likes using identical or close password in different systems.Login often, the danger that password is revealed has just increased.
2. the user wishes can fully hide real password in the process of accessing to your password, and is just expired immediately after preferably password uses up, and can not be used in considerable time again, also useless even if this allows others spy upon password.
3. the user wishes that the memory burden of password is minimum, can remember just better.
For above-mentioned situation, a kind of comparatively wise solution just is to use " dynamic password ", need input different passwords by each login and improve the fail safe that password uses, yet this just needs the user to obtain when time dynamic password easily before the password input.
Summary of the invention
In view of this, the invention provides a kind of dynamic password the generation method, install and contain the application system of this device, make the user obtain dynamic password, thereby can enjoy the password safety in utilization that dynamic password brings expediently in easy mode.
In order to solve the problems of the technologies described above, the present invention has adopted following technical scheme:
A kind of generation method of dynamic password comprises following steps:
A, setting contain the combination disk of at least one character position and contain the static password of at least one character, described combination disk is to should there being the positional information of one group of original character on this combination disk, and each character of static password is included in the original character of described combination disk;
B, determine that each character of static password is corresponding to the positional information on the combination disk;
C, the default transformation rule of basis carry out conversion to the original character of each character position correspondence on the combination disk, generate fresh character;
D, according to each character of described static password corresponding to the positional information on the combination disk, determine corresponding fresh character on the combination disk after each character position on the combination disk of static password before conversion is with respect to conversion, generate dynamic password.
Described dynamic cipher generating method, described character are numeral, letter, functor or above three's all or part of combination.
Described dynamic cipher generating method, described default transformation rule is: the stochastic transformation in the character set of a regulation of the character in each character position on the combination disk.
Described dynamic cipher generating method, the character set of described regulation comprises the character outside the combination disk original character.
The generating apparatus of a kind of dynamic password of the present invention, comprise combination disk module, transformation library module and dynamic password generation modules, described combination disk module is used to be provided with combination disk that contains at least one character position and the static password that contains at least one character, described combination disk is to should there being the positional information of one group of original character on this combination disk, and each character of static password is included in the original character of described combination disk; Described transformation library module is used for carrying out conversion according to presetting the original character of transformation rule to each character position correspondence on the combination disk, generates fresh character; Described dynamic password generation modules is used for determining that each character of static password is corresponding to the positional information on the combination disk, and positional information is determined corresponding fresh character on the combination disk after each character position on the combination disk of static password before conversion is with respect to conversion in view of the above, to generate dynamic password.
Described dynamic password generating apparatus, described character are numeral, letter, functor or above three's all or part of combination.
The present invention also discloses a kind of dynamic password application system that contains above-mentioned any dynamic password generating apparatus, comprise dynamic password request respond module and use the verification interface module, described dynamic password request respond module is used to verify whether the dynamic password of input is correct, described application verification interface module is used to receive the static password that dynamic password request respond module transmits, and initiates the static password check request to using.
Described dynamic password application system, described dynamic password application system is a portable terminal.
Described dynamic password application system, described combination disk are the dummy keyboard in the portable terminal display interface.
Described dynamic password application system, described portable terminal comprises physical keyboard, is used to carry out password setting or verification operation.
The present invention is by being provided with combination disk and static password, the character information of static password is converted to character location information on the combination disk, then combination disk is carried out character transformation, thereby hidden static password, the user only need remember that static password is in original password dish corresponding characters position, and need not to be concerned about how conversion of character on the combination disk, the user is able to when carrying out password authentification each time, input is when time dynamic password easily, make the user to use dynamic password, thereby improve the fail safe that password uses in mode simply and easily.
Description of drawings
Fig. 1 is that the dynamic password and the static password of the specific embodiment of the invention concerns schematic diagram;
Fig. 2 is the structural representation of application system of the dynamic password of the specific embodiment of the invention;
Fig. 3 is a kind of combination disk conversion example of the specific embodiment of the invention;
Fig. 4 is the another kind of combination disk conversion example of the specific embodiment of the invention;
Fig. 5 is the dynamic password request responding process of the specific embodiment of the invention.
Embodiment
Contrast accompanying drawing and the present invention is further elaborated below in conjunction with embodiment.
As shown in Figure 1, dynamic password is a kind of password form of expression that is different from conventional cipher, with respect to the stability of conventional cipher, and dynamic password all differences to some extent when the user accesses to your password each time usually.The dynamic password of the specific embodiment of the invention is to be the center with the static password, takes into full account the residing environment of user, for the user each time login system the password of differentiation is provided, thereby can effectively protect user's true password (being original static password).
The generation method of the dynamic password of the specific embodiment of the invention comprises following steps:
1, the static password contain the combination disk of at least one character position and to contain at least one character is set, combination disk is to should there being the positional information of one group of original character on this combination disk, and each character of static password is included in the original character of combination disk; Have several character positions on the combination disk of the specific embodiment of the invention, each character position is provided with a character, and the original character of so-called combination disk refers to static password when being provided with, each character position corresponding characters on the combination disk.
2, determine that each character of static password is corresponding to the positional information on the combination disk;
3, carry out conversion according to presetting the original character of transformation rule, generate fresh character each character position correspondence on the combination disk;
4, according to each character of static password corresponding to the positional information on the combination disk, determine corresponding fresh character on the combination disk after each character position on the combination disk of static password before conversion is with respect to conversion, generate dynamic password.
Above-mentioned character can be numeral, letter, functor or above three's all or part of combination.Default transformation rule is: the stochastic transformation in the character set of a regulation of the character in each character position on the combination disk.The character set of this regulation not only comprises the original character on the combination disk, also comprises the character outside the combination disk original character.
As shown in Figure 2, the application system of a kind of dynamic password that provides for the specific embodiment of the invention, it comprises dynamic password generating apparatus, dynamic password request respond module and uses the verification interface module, wherein, the dynamic password generating apparatus comprises combination disk module, transformation library module and dynamic password generation modules, respectively above-mentioned each module is described below.
1) combination disk module:
The combination disk module is the unit that the dynamic change of user environment is simulated, character generator by series of rules is formed, cooperate the transformation library module hereinafter will introduce, can generate different time (user input password before) does not at every turn have the character string that repeats.Fig. 3 is a kind of example of combination disk, and it has realized being transformed into " 564231897 " from " 789456123 ", and this conversion only is that conversion has taken place each character position corresponding characters on the combination disk, and itself does not change character; This does not represent to occur other possible sequence, for example in the another kind of combination disk example shown in Fig. 4, then generates the sequence that includes the repetition numeral, and the repetition of character " 2 " has appearred in the combination disk after the conversion.
2) transformation library module
This module mainly is that each character position corresponding characters on the combination disk is carried out conversion.Before carrying out conversion, at first a character set using when conversion is arranged of regulation can comprise numeral, letter, functor in the character set, i.e. # for example, the spcial character of * and so on.The original character of combination disk is a subclass of conversion character set, and the conversion character set can comprise the character beyond the original character.By the transformation library module combination disk is carried out conversion, can hide true password.
3) dynamic password generation modules
This module is the nucleus module of dynamic password generating apparatus, the mainly generation of finishing dynamic password based on the character string generation situation and the transformation library situation of combination disk, promptly pass through each character of static password corresponding to the positional information on the combination disk, determine corresponding fresh character on the combination disk after each character position on the combination disk of static password before conversion is with respect to conversion, generate dynamic password.
With example dynamic password generating mode of the present invention is described below: as shown in Figure 3, Fig. 3 left side is the combination disk of (when static password is provided with) before the conversion, in this embodiment, combination disk is a 3*3 square formation structure, wherein used character is 9 numerical characters such as " 123456789 ", and then above-mentioned 9 numerical characters are the original character of combination disk.Should be noted that combination disk except being that (in this example, square formation formula structure n=3) can also be other structure to n*n, and the content of combination disk card also can be that numeral, letter or numeral are mixed and other character existence form with alphabetical.Here claim the character position that each character position is a combination disk on the combination disk, wherein, line position is " upper, middle and lower ", column position is " left, center, right ", then the corresponding character of character position " a upward left side " is " 7 ", the corresponding character of character position " go up in " is " 8 ", and the like, be " 3 " until the correspondence position of character position " bottom right ".
If the static password that is provided be " 79135 ", then each character of determining by static password corresponding to the positional information on the combination disk be " go up left, upward the right side, bottom left, bottom right, in ".This positional information all remains unchanged in whole conversion process.Fig. 3 right side is the combination disk after the conversion, although after conversion, variation has taken place in each character position corresponding characters on the combination disk, for example, the corresponding character that this moment, character position " was gone up a left side " is " 5 ", but,, then can determine dynamic password and be " 54873 " according to the character location information of above-mentioned static password owing to determine that the positional information of dynamic password is constant; Same, in Fig. 4, can determine that dynamic password is " 54229 ".That is to say, true password (static password) by the user, corresponding character position in the time of only need remembeing this true password setting on combination disk, no matter after how conversion of character on the combination disk, can represent by the dynamic password of unique definite combination disk when being used for the password input each time.
4) dynamic password request respond module
This module is the dynamic password request responding of finishing the user, specifically comprises: one, start combination disk; Two, whether the dynamic password of checking user input is effective, and checking is passed through, and then true password transmitted to application verification interface module, finishes the subsequent check processing logic.
5) use the verification interface module
This module is mainly to finish to receive the true password that dynamic password request respond module is transmitted, and finishes to concrete application and send true cryptographic check request.Concrete application examples is logined financial services system, login the Internet in this way, opens application program or the like.
As can be seen from the above, dynamic password application system of the present invention by combination disk module, transformation library module, dynamic password generation modules, dynamic password request respond module, use the password response processing system of the telotism that five modules of verification interface module form, its dynamic password request responding process mainly comprises following five steps, in conjunction with shown in Figure 5:
(1) the transformation library rule is set.
(2) system start-up combination disk generates character string according to the transformation library rule.
(3) dynamic password generation modules generates when time dynamic password according to the character string of static password and combination disk.
(4) whether the dynamic password of dynamic password request respond module checking user input is correct.
(5) use the verification interface module and receive the true password that dynamic password request respond module transmits, send true cryptographic check request to concrete application.
The invention provides and a kind ofly realize the protection of the true password of user and hiding device and mechanism based on " dynamic password "; thereby guaranteed the cryptosecurity of processes such as relevant login of user or verification; and this kind dynamic password generating mode is simple, convenient; the user only needs when the true password of initial setting up; remember the positional information of true password on combination disk; no matter how dynamic password changes afterwards, and the user can import corresponding character according to the positional information of true password on combination disk and get final product.
Dynamic password generating apparatus of the present invention, be applicable to the various systems that need the password input, for example, the application system of described dynamic password is a portable terminal, combination disk can be used as a kind of virtual unit and is presented in the display interface (display interface when normally portable terminal carries out password setting or checking) of portable terminal, can directly carry out the input of static password setting and dynamic password on combination disk in the mode of touch-screen; But a kind of safer occupation mode is: static password setting and dynamic password input are at the enterprising line operate of entity (physics) keyboard of portable terminal, combination disk can show on the interface of portable terminal in the virtual unit mode, make the setting of combination disk character position be provided with different with physical keyboard, relevant this key message with the combination disk character position of so easier hiding dynamic password generating mode further improves the safety in utilization of dynamic password.Because combination disk is obtained the important tool of current dynamic password as the user, if undertake the task of static password setting and dynamic password input simultaneously, this key message of corresponding character position of easy identified true password, and it is only learnt the instrument of current dynamic password as the user, static password setting and dynamic password input are finished on the portable terminal physical keyboard, because physical keyboard is constant, and combination disk is as a virtual unit on the interface of mobile terminal, change, make character position between the two not have correlation, so just can't go to infer relevant information on the combination disk in the operation on the physical keyboard, thereby also just avoid leaking out true password corresponding characters positional information from the user.
Above content be in conjunction with concrete preferred implementation to further describing that the present invention did, can not assert that concrete enforcement of the present invention is confined to these explanations.For the general technical staff of the technical field of the invention, without departing from the inventive concept of the premise, can also make some simple deduction or replace, all should be considered as belonging to protection scope of the present invention.
Claims (10)
1. the generation method of a dynamic password is characterized in that, comprises following steps:
A, setting contain the combination disk of at least one character position and contain the static password of at least one character, described combination disk is to should there being the positional information of one group of original character on this combination disk, and each character of static password is included in the original character of described combination disk;
B, determine that each character of static password is corresponding to the positional information on the combination disk;
C, the default transformation rule of basis carry out conversion to the original character of each character position correspondence on the combination disk, generate fresh character;
D, according to each character of described static password corresponding to the positional information on the combination disk, determine corresponding fresh character on the combination disk after each character position on the combination disk of static password before conversion is with respect to conversion, to generate dynamic password.
2. dynamic cipher generating method as claimed in claim 1 is characterized in that, described character is one of numeral, letter, functor, perhaps three's all or part of combination.
3. dynamic cipher generating method as claimed in claim 1 is characterized in that, described default transformation rule is: the stochastic transformation in the character set of a regulation of the character in each character position on the combination disk.
4. dynamic cipher generating method as claimed in claim 3 is characterized in that the character set of described regulation comprises the character outside the combination disk original character.
5. the generating apparatus of a dynamic password, it is characterized in that, comprise combination disk module, transformation library module and dynamic password generation modules, described combination disk module is used to be provided with combination disk that contains at least one character position and the static password that contains at least one character, described combination disk is to should there being the positional information of one group of original character on this combination disk, and each character of static password is included in the original character of described combination disk; Described transformation library module is used for carrying out conversion according to presetting the original character of transformation rule to each character position correspondence on the combination disk, generates fresh character; Described dynamic password generation modules is used for determining that each character of static password is corresponding to the positional information on the combination disk, and positional information is determined corresponding fresh character on the combination disk after each character position on the combination disk of static password before conversion is with respect to conversion in view of the above, to generate dynamic password.
6. dynamic password generating apparatus as claimed in claim 5 is characterized in that, described character is numeral, letter, functor thrin, perhaps three's all or part of combination.
7. dynamic password application system that contains just like claim 5 or 6 described dynamic password generating apparatus, it is characterized in that, described dynamic password application system also comprises dynamic password request respond module and uses the verification interface module, described dynamic password request respond module is used to verify whether the dynamic password of input is correct, described application verification interface module is used to receive the static password that dynamic password request respond module transmits, and initiates the static password check request to using.
8. dynamic password application system as claimed in claim 7 is characterized in that, described dynamic password application system is a portable terminal.
9. dynamic password application system as claimed in claim 8 is characterized in that, described combination disk is the dummy keyboard in the portable terminal display interface.
10. dynamic password application system as claimed in claim 9 is characterized in that described portable terminal comprises physical keyboard, is used to carry out password setting or verification operation.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008102182808A CN101442410B (en) | 2008-12-09 | 2008-12-09 | Method and apparatus for generating dynamic cipher, and application system containing the apparatus |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008102182808A CN101442410B (en) | 2008-12-09 | 2008-12-09 | Method and apparatus for generating dynamic cipher, and application system containing the apparatus |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101442410A CN101442410A (en) | 2009-05-27 |
| CN101442410B true CN101442410B (en) | 2011-09-14 |
Family
ID=40726671
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2008102182808A Expired - Fee Related CN101442410B (en) | 2008-12-09 | 2008-12-09 | Method and apparatus for generating dynamic cipher, and application system containing the apparatus |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101442410B (en) |
Families Citing this family (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102045710A (en) * | 2009-10-12 | 2011-05-04 | 中兴通讯股份有限公司 | Terminal and method for automatically changing password |
| CN102866842A (en) * | 2011-07-08 | 2013-01-09 | 宏碁股份有限公司 | Unlocking method and electronic device |
| CN103297391A (en) * | 2012-02-27 | 2013-09-11 | 成都谛听科技有限公司 | Graphical dynamic password inputting and verifying method |
| CN103873442B (en) * | 2012-12-13 | 2017-12-12 | 腾讯科技(深圳)有限公司 | The treating method and apparatus of log-on message |
| CN103632075B (en) | 2013-10-17 | 2016-03-30 | 东莞盛世科技电子实业有限公司 | Authentication device and method for authenticating |
| CN103607274B (en) * | 2013-10-22 | 2016-08-17 | 周灿旭 | A kind of method generating dynamic password with static password for source |
| DE102014002207A1 (en) * | 2014-02-20 | 2015-08-20 | Friedrich Kisters | Method and device for identifying or authenticating a person and / or an object by dynamic acoustic security information |
| EP3189642A1 (en) * | 2014-09-05 | 2017-07-12 | Telefonaktiebolaget LM Ericsson (publ) | Device and method for authenticating a user |
| CN105337729B (en) * | 2015-11-19 | 2019-04-16 | Oppo广东移动通信有限公司 | A kind of encryption method of mobile terminal, device and mobile terminal |
| CN106023787B (en) * | 2016-07-06 | 2023-12-19 | 常州小为光电科技有限公司 | Movable type cipher device |
| CN108710810B (en) * | 2018-05-22 | 2022-03-08 | 中国银联股份有限公司 | Password obtaining method, transaction equipment and terminal |
| CN108868367B (en) * | 2018-06-07 | 2020-06-30 | 安钥(北京)科技股份有限公司 | Intelligent lock device |
| CN113268780B (en) * | 2021-06-08 | 2022-02-11 | 天津赢达信科技有限公司 | Identity authentication method and device, computer equipment and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1431575A (en) * | 2003-01-22 | 2003-07-23 | 王洋 | Intelligent secret keyboard with key values being changed randomly |
| CN1547688A (en) * | 2001-07-27 | 2004-11-17 | ����л����Үά�桤ŬŬ���� | Method and device for entering computer database password |
| CN1588280A (en) * | 2004-07-08 | 2005-03-02 | 上海交通大学 | Dynamic cipher input method and its keyboard |
| CN101316166A (en) * | 2008-07-07 | 2008-12-03 | 张寄望 | Dynamic password identity authentication method based on accidental character set |
-
2008
- 2008-12-09 CN CN2008102182808A patent/CN101442410B/en not_active Expired - Fee Related
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1547688A (en) * | 2001-07-27 | 2004-11-17 | ����л����Үά�桤ŬŬ���� | Method and device for entering computer database password |
| CN1431575A (en) * | 2003-01-22 | 2003-07-23 | 王洋 | Intelligent secret keyboard with key values being changed randomly |
| CN1588280A (en) * | 2004-07-08 | 2005-03-02 | 上海交通大学 | Dynamic cipher input method and its keyboard |
| CN101316166A (en) * | 2008-07-07 | 2008-12-03 | 张寄望 | Dynamic password identity authentication method based on accidental character set |
Non-Patent Citations (1)
| Title |
|---|
| JP特开平11-88703A 1999.03.30 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101442410A (en) | 2009-05-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101442410B (en) | Method and apparatus for generating dynamic cipher, and application system containing the apparatus | |
| CA2990803C (en) | Picture gesture authentication | |
| KR101572111B1 (en) | Electronic device and method for generating random and unique code | |
| CN111585964B (en) | Login information input method, login information storage method and related device | |
| US8752147B2 (en) | System and method for two-factor user authentication | |
| US11334656B2 (en) | 3D virtual interactive digital user authentication security | |
| JPH1188324A (en) | Electronic information management device by picture instruction, secret key management device and method for the same and recording medium for recording a secret key management program | |
| US20140101752A1 (en) | Secure gesture | |
| JP2000315231A (en) | Password authentication system using credit card number | |
| US8984599B2 (en) | Real time password generation apparatus and method | |
| US20150172254A1 (en) | System and Method For Operating a Social Networking Site on the Internet | |
| CN106778342A (en) | Credible performing environment safety certifying method and device and equipment | |
| CN103297237A (en) | Identity registration method, identity authentication method, identity registration system, identity authentication system, personal authentication equipment and authentication server | |
| KR101459283B1 (en) | 2 Channel authentication device and method | |
| KR20120107610A (en) | The apparatus for verifying user in portable appliance and the method thereof | |
| KR20060013949A (en) | Certification system of using the picture file and method thereof | |
| US9607139B1 (en) | Map-based authentication | |
| US20200265125A1 (en) | Method for managing access to a device, and access system | |
| CN105323752A (en) | Mobile device, and method of authenticating user | |
| KR20130060249A (en) | Password management system and method thereof | |
| KR20100005936A (en) | System and method for identifying own wireless terminal usage permission jointly and wireless terminal, recording medium | |
| CN103929406A (en) | Fake web page detection method and system | |
| Makwana et al. | Gesture based Hybrid Authentication for Smart Device | |
| JP2005085107A (en) | Access control system, access control system, and access control method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20110914 Termination date: 20211209 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |