CN101695107B - Method of soft keyboard for safely inputting code of set top box of digital television - Google Patents
Method of soft keyboard for safely inputting code of set top box of digital television Download PDFInfo
- Publication number
- CN101695107B CN101695107B CN2009102358049A CN200910235804A CN101695107B CN 101695107 B CN101695107 B CN 101695107B CN 2009102358049 A CN2009102358049 A CN 2009102358049A CN 200910235804 A CN200910235804 A CN 200910235804A CN 101695107 B CN101695107 B CN 101695107B
- Authority
- CN
- China
- Prior art keywords
- password
- soft keyboard
- stb
- character
- picture
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- User Interface Of Digital Computer (AREA)
- Input From Keyboards Or The Like (AREA)
Abstract
The invention provides a method of a soft keyboard for safely inputting code of a set box of a digital television. The method comprises steps as follows: generating a code image via a front end system, storing ID of the code image and corresponding relationship of words in the code image and position coordinates thereof, selecting words of the code image via the soft keyboard of the set top box, acquiring position coordinates of words selected by users and encrypting the acquired code coordinate cipher text via the soft keyboard of the set top box, transmitting the ID of the code image and the code coordinate cipher text to a browser of the set top box which then sends the same to the front end system, decoding the code coordinate cipher text by the front end system, and finally acquiring user code according to the ID of the code image and the corresponding relationship of the words in the code image and the position coordinates thereof. The method overcomes the shortage that user code is disclosed from the browser because the user code can be acquired by the browser in the prior art.
Description
Technical field
The present invention relates to digital TV field, in particular to a kind of method of soft keyboard that is used for the cryptosecurity input of DTV STB.
Background technology
Along with the quick translation of digital television bidirectionalization, be that the two-way services system of client platform will be used widely with the DTV STB.The digital television bidirectional business system will run on open network environment, must consider to ensure that the user imports the safety input of password this moment on STB, such as the password code of authenticated identity, and the password of user's Bank Account Number etc.
In WEB application and development based on STB; Owing to be different from the development environment and the applied environment of PC; The cryptosecurity input control program that common PC goes up based on browser no longer is applicable in the STB WEB application, so need exploitation again to be applicable to the cryptosecurity Input Software of set-top box environment.
In the prior art, the safeguard protection scheme of password input only is in order to prevent that the assailant from obtaining user cipher through the wireless key information of stealing remote controller of intercepting on the STB.When the user inputed password, STB is local to generate a digital picture, and the user only needs to select the numerical character that shows on the digital picture through the button of remote controller, as the user cipher of input.
The inventor finds the problem that STB password input scheme exists user cipher possibly revealed by the set box browser acquisition in the prior art.
Summary of the invention
The present invention aims to provide a kind of method of soft keyboard that is used for the cryptosecurity input of DTV STB, can solve the problem that user cipher can possibly be revealed by the set box browser acquisition in the existing STB password input scheme.
In an embodiment of the present invention, a kind of method of soft keyboard that is used for the cryptosecurity input of DTV STB is provided, has may further comprise the steps:
Front end system generates the password picture, and the corresponding relation of the character in preservation password Image ID and the password picture and its position coordinates;
Through the STB soft keyboard character of password picture is selected;
The STB soft keyboard obtains the position coordinates of user-selected character and encrypts and obtains password coordinate ciphertext, is sent to set box browser to password Image ID and password coordinate ciphertext, and browser is sent to front end system with password Image ID and password coordinate ciphertext; And
Front end system is deciphered password coordinate ciphertext, and obtains user cipher according to the corresponding relation of character in password Image ID and the password picture and its position coordinates.
In the above-described embodiments, the password picture generates at front end system, and the STB soft keyboard obtains the password picture, and shows the user, and set box browser is not participated in; And the user utilizes the button of set-top box remote controller to select the character in the password picture, and the STB soft keyboard only obtains the coordinate information of character; Send to set box browser behind the STB soft keyboard Crypted password coordinate; And browser only can obtain password coordinate ciphertext, the password plaintext that can not directly obtain or decode from start to finish and obtain the user; And,, obtain user cipher according to the character of password Image ID and password picture and the corresponding relation of its position coordinates again through password coordinate ciphertext is deciphered at front end system.User cipher possibly obtained to exist the problem of user cipher from the browser leakage by browser in the prior art thereby the cipher-code input method of the embodiment of the invention has overcome.
Description of drawings
Accompanying drawing described herein is used to provide further understanding of the present invention, constitutes the application's a part, and illustrative examples of the present invention and explanation thereof are used to explain the present invention, do not constitute improper qualification of the present invention.In the accompanying drawings:
Fig. 1 shows the soft keyboard scheme system block diagram of the cryptosecurity input that is used for DTV STB according to a preferred embodiment of the present invention;
Fig. 2 shows the flow chart of the method for soft keyboard of the cryptosecurity input that is used for DTV STB according to an embodiment of the invention.
Embodiment
Below with reference to accompanying drawing and combine embodiment, specify the present invention.
When the consumer carries out on-line payment through DTV; Need password through browser input bank account; And possibly there are security breaches in browser, receives the attack of security threats such as virus, wooden horse easily, has the risk of user's bank cipher from the browser leakage.Embodiments of the invention provide a kind of soft keyboard scheme that is used for the cryptosecurity input of DTV STB.
Fig. 1 shows soft keyboard scheme system block diagram according to a preferred embodiment of the present invention.As shown in Figure 1, client set top box mainly comprises: browser: the webpage client that is applicable to STB; Soft keyboard: show by " password picture " control input focus and safety input password; Bank certificate: be preset among the STB FLASH, with bank certificate (PKI) sensitive information encrypted, the ciphertext after the encryption has only the private key of bank to decipher.
Fig. 2 shows the flow chart that is used for the soft keyboard input method of DTV STB according to an embodiment of the invention, may further comprise the steps:
S102, front end system generates the password picture, and the corresponding relation of the character in preservation password Image ID and the password picture and its position coordinates;
S104 selects the character of password picture through the STB soft keyboard;
S106, STB soft keyboard obtain the position coordinates of user-selected character and encrypt and obtain password coordinate ciphertext, are sent to set box browser to password Image ID and password coordinate ciphertext, and browser is sent to front end system with password Image ID and password coordinate ciphertext; And
S108, front end system is deciphered password coordinate ciphertext, and obtains user cipher according to the corresponding relation of character in password Image ID and the password picture and its position coordinates.
In the present embodiment; Generate the password picture through being employed in front end system, and preserve the character of password picture and the corresponding relation of visual character coordinates, and through the STB soft keyboard character in the password picture is selected in client; Obtain the corresponding position coordinates of selected character; And browser only can obtain password Image ID and password coordinate ciphertext and can not obtain the corresponding relation of character and its position coordinates, can't obtain user cipher, and at front end system; Through password coordinate ciphertext is deciphered; Corresponding relation according to the character of password Image ID and password picture and its position coordinates obtains user cipher, has overcome that the user cipher of the soft keyboard scheme of STB can be obtained by browser in the prior art, has the problem of the possibility that encrypted message reveals from browser.
Preferably, in the above-mentioned soft keyboard input method that is used for DTV STB, front end system generates the password picture, and the corresponding relation of the character in preservation password Image ID and the password picture and its position coordinates comprises:
When input focus gets into the password input frame of set box browser, trigger the STB soft keyboard, STB soft keyboard forward end system obtains the password picture;
Front end system generates the password picture and preserves corresponding password Image ID and the corresponding relation of the character in the password picture and its position coordinates according to the request of STB soft keyboard.
Preferably, the character of password picture is selected to comprise through the STB soft keyboard in the above-mentioned soft keyboard input method that is used for DTV STB:
The STB soft keyboard is showed the password picture and is selected the character in the password picture through the button of remote controller.
Preferably; In the above-mentioned soft keyboard input method that is used for DTV STB, further comprising the steps of: STB soft keyboard notice set box browser shows corresponding " * " star key when selecting the character in the password picture through the button of remote controller in the password input frame;
After the user cipher input is complete, the demonstration of cancellation password picture.
Preferably; In the above-mentioned soft keyboard input method that is used for DTV STB; The STB soft keyboard obtains the position coordinates of user-selected character and encrypts and obtains password coordinate ciphertext; Be sent to set box browser to password Image ID and password coordinate ciphertext, browser is sent to front end system with password Image ID and password coordinate ciphertext and comprises:
The STB soft keyboard adopts the location coordinate information of selected character the key of front end system to encrypt, and forms password coordinate ciphertext;
The STB soft keyboard sends to set box browser to password Image ID and password coordinate ciphertext, and browser sends the password Image ID and password coordinate ciphertext arrives front end system.
For example, in the above-described embodiments, the STB soft keyboard can send enciphering request the position coordinates of selected numerical character is encrypted through calling special terminal security module; The terminal security module is encrypted the position coordinates of selected numerical character according to enciphering request, forms password coordinate ciphertext, and returns to the STB soft keyboard.
Preferably, in the above-mentioned soft keyboard input method that is used for DTV STB, the STB soft keyboard adopts symmetry algorithm or rivest, shamir, adelman that selected position coordinates is encrypted.
The key of asymmetric arithmetic is made up of PKI and private key two parts; For example, use public-key in client visual character coordinates is encrypted, form password coordinate ciphertext; Have only and use corresponding private key to decipher it; And have only front end system to have private key, can this password coordinate ciphertext be deciphered, and then ensured communication security.
Preferably, in the above-described embodiments, front end system can comprise two unit: password picture generation unit and decryption unit; Password picture generation unit is used to generate the password picture, and the corresponding relation of the character in preservation password Image ID and the password picture and its position coordinates; Password Image ID and password coordinate ciphertext that decryption unit transmits according to client are obtained the corresponding relation of character and its position coordinates from password picture generation unit, and then decipher and obtain user cipher.
In an embodiment of the present invention, the password picture generates at front end system, and client is to be obtained by the application of STB soft keyboard program forward end system, and browser can not obtain the password picture; The password picture presentation is to be realized by STB soft keyboard program to the user, and browser is not participated in; The user utilizes remote controller to select code characters, and what reality was imported is the coordinate information of code characters, is obtained by the STB soft keyboard, sends to browser after encrypting; When the user utilized remote controller to select code characters, the STB soft keyboard needed the synchronization notice browser to show corresponding " * (asterisk) " at the password input frame.
The method of soft keyboard that is used for the cryptosecurity input of DTV STB according to an embodiment of the invention relates generally to following entity: front end system comprises bank and operation system; Client comprises browser, soft keyboard and bank certificate.
Implementation step is following: push away the payment page under the operation system to set box browser, browser display bank cipher input frame; When input focus got into the password input frame, browser called soft keyboard, and waited for and return " password coordinate " ciphertext; Soft keyboard is to operation system acquisition request " password picture "; Operation system generates the password picture, and " corresponding relation " of the character in preservation password Image ID and the password picture and its position coordinates; Operation system is returned soft keyboard password picture and password Image ID; Soft keyboard shows " password picture "; The user utilizes the button of set-top box remote controller to select the character (bank cipher) in the password picture, and soft keyboard obtains the position coordinates of user-selected code characters; Soft keyboard notice browser is in corresponding demonstration of password input frame or deletion " * (star-like character) " simultaneously; After the user imports whole bank cipher, the picture presentation of soft keyboard cancellation password; Simultaneously, soft keyboard uses corresponding " the password coordinate " of the selected code characters of bank certificate (PKI) encrypting user; Soft keyboard returns " password coordinate " ciphertext and the password Image ID is given browser; " password coordinate " ciphertext uploaded by browser and the password Image ID arrives operation system; Operation system finds " corresponding relation " of code characters and its position coordinates in its password picture through the password Image ID, and will the character in " password coordinate " ciphertext and the password picture and " corresponding relation " of its position coordinates pass to bank; Bank obtains " password coordinate " information with the deciphering of its private key, and according to " corresponding relation " of the character in the password picture and its position coordinates, decoding obtains user's bank cipher.
In the present embodiment, the password picture refers to that each position presents a code characters at random by a picture with fixed position coordinate of operation system generation; Corresponding relation refers in the password picture relation of concrete certain position coordinates and its pairing code characters; When the password coordinate referred to that the user selects the character (bank cipher) on the password picture, the coordinate position at input focus place also was the coordinate position at corresponding character place.
For a soft keyboard scheme, need to guarantee the correctness and the validity of its fail safe and bank certificate.From the implementation step of the soft keyboard scheme of present embodiment, the information that each module obtains is as shown in table 1:
Table 1
Because " password picture " has the characteristics of " computer can't be discerned character on it ".Therefore, " corresponding relation " has only password picture generation person to know.Have only simultaneously and obtain the bank cipher that " corresponding relation " and " password coordinate " can calculate user's input.Certainly, obtain " password picture " and rely on human eye and can decode " corresponding relation ".According to table 1, have to draw a conclusion: browser can't obtain any information; Soft keyboard can't obtain user cipher, only if malicious act is arranged, promptly preserve by " password picture " and " password coordinate ", through human eye decoding " corresponding relation " thus obtain user's bank cipher.Therefore, soft keyboard must be a trusted entity; Operation system can't be obtained user's bank cipher owing to can't obtain " password coordinate "; Bank is easy to utilize the bank certificate corresponding private key to calculate user's password.
Obviously; It is apparent to those skilled in the art that above-mentioned each module of the present invention or each step can realize that they can concentrate on the single calculation element with the general calculation device; Perhaps be distributed on the network that a plurality of calculation element forms; Alternatively, they can be realized with the executable program code of calculation element, carried out by calculation element thereby can they be stored in the storage device; Perhaps they are made into each integrated circuit modules respectively, perhaps a plurality of modules in them or step are made into the single integrated circuit module and realize.Like this, the present invention is not restricted to any specific hardware and software combination.
The above is merely the preferred embodiments of the present invention, is not limited to the present invention, and for a person skilled in the art, the present invention can have various changes and variation.All within spirit of the present invention and principle, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (5)
1. a method of soft keyboard that is used for the cryptosecurity input of DTV STB is characterized in that, may further comprise the steps:
Front end system generates the password picture, and preserves the corresponding relation of the position coordinates of character and said character in said password Image ID and the said password picture;
Through the STB soft keyboard character of said password picture is selected, being comprised: said STB soft keyboard is showed said password picture and is selected the character in the said password picture through the button of remote controller;
Said STB soft keyboard obtains the position coordinates of user-selected character and encrypts and obtains password coordinate ciphertext; Be sent to set box browser to said password Image ID and said password coordinate ciphertext, said browser is sent to said front end system with said password Image ID and said password coordinate ciphertext; And
Said front end system is deciphered said password coordinate ciphertext, and obtains user cipher according to the corresponding relation of the position coordinates of character and said character in said password Image ID and the said password picture.
2. the method for soft keyboard that is used for the cryptosecurity input of DTV STB according to claim 1; It is characterized in that; Front end system generates the password picture, and the corresponding relation of preserving the position coordinates of character and said character in said password Image ID and the said password picture comprises:
When input focus gets into the password input frame of set box browser, trigger the STB soft keyboard, said STB soft keyboard forward end system obtains the password picture;
Said front end system generates the corresponding relation that the password picture is also preserved the position coordinates of corresponding password Image ID and character in the said password picture and said character according to the request of said STB soft keyboard.
3. the method for soft keyboard that is used for the cryptosecurity input of DTV STB according to claim 1 is characterized in that, and is further comprising the steps of:
Said STB soft keyboard notifies said set box browser in the password input frame, to show corresponding " * " star key when selecting the character in the said password picture through the button of remote controller;
After the user cipher input is complete, cancel the demonstration of said password picture.
4. the method for soft keyboard that is used for the cryptosecurity input of DTV STB according to claim 1; It is characterized in that; Said STB soft keyboard obtains the position coordinates of user-selected character and encrypts and obtains password coordinate ciphertext; Be sent to set box browser to said password Image ID and said password coordinate ciphertext, said browser is sent to said front end system with said password Image ID and said password coordinate ciphertext and comprises:
Said STB soft keyboard adopts the location coordinate information of selected character the key of front end system to encrypt, and forms password coordinate ciphertext;
Said STB soft keyboard sends to said set box browser to said password Image ID and said password coordinate ciphertext, and browser sends said password Image ID and password coordinate ciphertext arrives said front end system.
5. the method for soft keyboard that is used for the cryptosecurity input of DTV STB according to claim 4 is characterized in that said STB soft keyboard adopts symmetry algorithm or rivest, shamir, adelman that selected said position coordinates is encrypted.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009102358049A CN101695107B (en) | 2009-10-09 | 2009-10-09 | Method of soft keyboard for safely inputting code of set top box of digital television |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009102358049A CN101695107B (en) | 2009-10-09 | 2009-10-09 | Method of soft keyboard for safely inputting code of set top box of digital television |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101695107A CN101695107A (en) | 2010-04-14 |
| CN101695107B true CN101695107B (en) | 2012-07-25 |
Family
ID=42094047
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2009102358049A Expired - Fee Related CN101695107B (en) | 2009-10-09 | 2009-10-09 | Method of soft keyboard for safely inputting code of set top box of digital television |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101695107B (en) |
Families Citing this family (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102752751B (en) * | 2012-06-29 | 2015-08-12 | 宇龙计算机通信科技(深圳)有限公司 | The guard method of application and device |
| US10108796B2 (en) | 2012-12-12 | 2018-10-23 | BBPOS Limited | System and method for PIN entry on mobile devices |
| CN104102872A (en) * | 2013-04-12 | 2014-10-15 | 中国移动通信集团安徽有限公司 | Password protection method and system |
| TW201539247A (en) * | 2014-04-09 | 2015-10-16 | hong-jian Zhou | Password input and verification method and system thereof |
| CN105227518A (en) * | 2014-05-29 | 2016-01-06 | 北京数码视讯科技股份有限公司 | Server, client, interactive system and information method of sending and receiving |
| CN104618359A (en) * | 2015-01-22 | 2015-05-13 | 成都西山居世游科技有限公司 | Method and system for reinforcing user login process security |
| CN104820800B (en) * | 2015-05-04 | 2018-03-09 | 南京理工大学 | A kind of communication terminal graphical passwords method to set up |
| CN105898585A (en) * | 2015-10-22 | 2016-08-24 | 乐视网信息技术(北京)股份有限公司 | Data inputting method, device and server |
| CN106982117A (en) * | 2016-01-19 | 2017-07-25 | 阿里巴巴集团控股有限公司 | The implementation method and device of safety input |
| CN108399327B (en) * | 2018-03-21 | 2021-10-22 | 平安科技(深圳)有限公司 | Electronic device, user authentication method based on dynamic picture and storage medium |
| IT201800006911A1 (en) * | 2018-07-04 | 2020-01-04 | METHOD OF ENCODING AND DECODING DIGITAL INFORMATION | |
| CN111064743B (en) * | 2019-12-28 | 2021-09-28 | 飞天诚信科技股份有限公司 | Method and system for safely inputting password |
| CN112000964B (en) * | 2020-08-03 | 2024-01-30 | 天翼电子商务有限公司 | Data encryption method, system, medium and device based on dynamic coordinates and algorithm |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101183412A (en) * | 2006-11-13 | 2008-05-21 | 思科技术公司 | Method for secure data entry in an application |
| CN101247228A (en) * | 2007-08-13 | 2008-08-20 | 李东声 | Soft keyboard electric endorsement method and tool thereof |
| CN101309260A (en) * | 2008-06-05 | 2008-11-19 | 周红伟 | Network authentication method on the basis of cryptoguard |
-
2009
- 2009-10-09 CN CN2009102358049A patent/CN101695107B/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101183412A (en) * | 2006-11-13 | 2008-05-21 | 思科技术公司 | Method for secure data entry in an application |
| CN101247228A (en) * | 2007-08-13 | 2008-08-20 | 李东声 | Soft keyboard electric endorsement method and tool thereof |
| CN101309260A (en) * | 2008-06-05 | 2008-11-19 | 周红伟 | Network authentication method on the basis of cryptoguard |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101695107A (en) | 2010-04-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101695107B (en) | Method of soft keyboard for safely inputting code of set top box of digital television | |
| CN103281193B (en) | Identity identifying method, system and data transmission method based on it, device | |
| CN103248479A (en) | Cloud storage safety system, data protection method and data sharing method | |
| EP3300328B1 (en) | Network monitoring device and method, apparatus and system for resetting password thereof, and server | |
| JPH07245605A (en) | Ciphering information repeater, subscriber terminal equipment connecting thereto and ciphering communication method | |
| CN104917759A (en) | Third-party-based safety file storage and sharing system and method | |
| CN105007155A (en) | Two-dimension code mask encrypting and decrypting method and system | |
| CN106464488A (en) | Information transmission method and mobile device | |
| KR20170096164A (en) | Method and system for controlling encryption of information and analyzing information as well as terminal | |
| CN107579903B (en) | Picture message secure transmission method and system based on mobile device | |
| CN106506479B (en) | Method, system and the client of cipher authentication, server and smart machine | |
| CN103179128B (en) | Communication security enhancement agent system between Android platform browser and Website server | |
| CN102833244A (en) | Communication method for authentication by fingerprint information | |
| CN103401834A (en) | File security method in limited area based on position information | |
| CN103973713A (en) | Transfer method, extraction method and processing system for electronic mail information | |
| CN106605419A (en) | Method and system for secure SMS communications | |
| CN106452752B (en) | Method, system and the client of Modify password, server and smart machine | |
| KR102140356B1 (en) | Method and device to embed watermark in uncompressed video data | |
| CN102118311B (en) | Data transmission method | |
| CN108848503B (en) | A kind of smart home dynamic encryption means of communication and system transmitted using merogenesis | |
| CN104601451B (en) | Instant information communication method and system | |
| CN105282239A (en) | Encryption method and system based on Web Service | |
| CN105471849A (en) | Security control method for data exchange service and transmission process | |
| CN106972928B (en) | Bastion machine private key management method, device and system | |
| CN104243291A (en) | Instant messaging method and system thereof capable of guaranteeing safety of user communication content |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20120725 Termination date: 20211009 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |