CN102387161A - Authentication method - Google Patents
Authentication method Download PDFInfo
- Publication number
- CN102387161A CN102387161A CN2011104173754A CN201110417375A CN102387161A CN 102387161 A CN102387161 A CN 102387161A CN 2011104173754 A CN2011104173754 A CN 2011104173754A CN 201110417375 A CN201110417375 A CN 201110417375A CN 102387161 A CN102387161 A CN 102387161A
- Authority
- CN
- China
- Prior art keywords
- random number
- login
- user
- main frame
- login password
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention provides an authentication method. In the method, a random number serves as an original text, and a logging password serves as a secret key for encryption. By adopting the authentication method provided by the invention, the cracking difficulty is greatly increased, and the logging security of a user is improved.
Description
Technical field
The present invention relates to network security technology, particularly relate to a kind of auth method.
Background technology
In the present network system, when the user is remotely logged into the main frame of network side through the login layer, must input user name and login password with the proof identity.Being illegally accessed for fear of login password, is original text with the login password, and constant is a key, adopts the triple des algorithm that password is encrypted the formation ciphertext, and sends to main frame.But along with improving constantly of computer system processor ability, obtain above-mentioned ciphertext, and, like this,, will cause the leakage of login password, thereby reduced the fail safe that the user logins in case ciphertext is cracked to the corresponding increase of its possibility that cracks.
Summary of the invention
In view of this, main purpose of the present invention is to provide a kind of auth method, can improve the fail safe of user's login.
In order to achieve the above object, the technical scheme of the present invention's proposition is:
A kind of auth method, this method may further comprise the steps:
A, login layer generate first random number at random for the user of current login; Encrypt the DES method according to three-fold symmetry; Login password with said user's input is a key; Said first random number is encrypted, the user totem information of first random number after encrypting and said user input is sent to main frame;
B, said main frame are according to the said user totem information that receives; Obtain the local corresponding login password of preserving; And according to the triple des method, first random number after utilizing this login password to the said encryption that receives is deciphered first random number after obtaining deciphering;
C, said main frame generate second random number at random, according to the triple des method, are key with said login password, and said second random number is encrypted, and second random number after encrypting and first random number after the said deciphering are sent to said login layer;
Said first random number that first random number after the said deciphering that d, said login layer will receive and self are preserved relatively, if identical, execution in step e then, otherwise, judge said login password mistake, finish said auth method;
Second random number of the local said login password of preserving of e, said login layer utilization after to the said encryption that receives deciphered, and second random number after the deciphering is sent to said main frame;
If said second random number that second random number after the said deciphering that f, said main frame will receive and self are preserved relatively identical, judges that then said user is legal, otherwise, judge that said user is illegal.
In sum, the auth method that the present invention proposes is an original text with the random number, is key with the login password, encrypts to increase greatly and cracks difficulty, improves the fail safe of user's login.
Description of drawings
Fig. 1 is the schematic flow sheet of the embodiment of the invention one.
Embodiment
For making the object of the invention, technical scheme and advantage clearer, will combine accompanying drawing and specific embodiment that the present invention is done to describe in detail further below.
Core concept of the present invention is: with the random number is original text, is key with the login password, encrypts; So, transmission is the ciphertext of random number between main frame and login layer, like this; Even this ciphertext is is illegally intercepted and captured and is cracked, also can only obtain the information of random number, but not login password; Therefore can increase greatly and crack difficulty, improve the fail safe of user's login.
Fig. 1 is the schematic flow sheet of the embodiment of the invention one, and this method as shown in Figure 1 may further comprise the steps:
First random number that generates in this step is used to login the legitimacy that layer is judged the user.
In practical application, the generation of random number can be carried out behind login input user login information in this step, but is not limited thereto, concrete grammar can for:
The user of a1, current login is at login interface input user totem information and login password;
A2, said login layer are that said user generates said first random number at random, according to the triple des method, are key with said login password, and said first random number is encrypted;
The user totem information of first random number after a3, said login layer will be encrypted and said user input is sent to main frame.
Here; If the login password that uses when logining layer to first random number encryption is consistent with the local login password of preserving of main frame; Then first random number after the deciphering will be identical with first random number that login layer adnation becomes; Therefore, whether the login layer can come the login password of judges input correct through carrying out above-mentioned comparison in subsequent step.
Second random number that main frame generates in this step is used for main frame and comes the legal of judges and illegal property.
First random number after the said deciphering that step 104, said login layer will receive and said first random number of self preserving compare, if identical, then execution in step 105, otherwise, judge said login password mistake, finish said auth method.
Here; When said first random number of first random number after the said deciphering that the login layer will receive and self preservation is unlikely; The login password that user input is described is inequality with the login password that the main frame place preserves, and the legal login password that the login password that the main frame place preserves writes down when to be the user register, therefore; The login password that can judge user's input this moment is wrong, i.e. the illegal property of login user.
Second random number after step 105, said login layer utilize the local said login password of preserving to the said encryption that receives is deciphered, and second random number after the deciphering is sent to said main frame.
If said second random number that second random number after the said deciphering that step 106, said main frame will receive and self are preserved relatively identical, judges that then said user is legal, otherwise, judge that said user is illegal.
In the above-described embodiments, because the ciphertext of between login layer and main frame, transmitting that is random number but not therefore login password, can guarantee the fail safe that the user logins, and the fail safe of main frame.
In sum, more than being merely preferred embodiment of the present invention, is not to be used to limit protection scope of the present invention.All within spirit of the present invention and principle, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (2)
1. an auth method is characterized in that, this method may further comprise the steps:
A, login layer generate first random number at random for the user of current login; According to the triple des method; Login password with said user input is a key, and said first random number is encrypted, and the user totem information of first random number after encrypting and said user input is sent to main frame;
B, said main frame are according to the said user totem information that receives; Obtain the local corresponding login password of preserving; And according to the triple des method, first random number after utilizing this login password to the said encryption that receives is deciphered first random number after obtaining deciphering;
C, said main frame generate second random number at random, according to the triple des method, are key with said login password, and said second random number is encrypted, and second random number after encrypting and first random number after the said deciphering are sent to said login layer;
Said first random number that first random number after the said deciphering that d, said login layer will receive and self are preserved relatively, if identical, execution in step e then, otherwise, judge said login password mistake, finish said auth method;
Second random number of the local said login password of preserving of e, said login layer utilization after to the said encryption that receives deciphered, and second random number after the deciphering is sent to said main frame;
If said second random number that second random number after the said deciphering that f, said main frame will receive and self are preserved relatively identical, judges that then said user is legal, otherwise, judge that said user is illegal.
2. method according to claim 1 is characterized in that, said step a is:
The user of a1, current login is at login interface input user totem information and login password;
A2, said login layer are that said user generates said first random number at random, according to the triple des method, are key with said login password, and said first random number is encrypted;
The user totem information of first random number after a3, said login layer will be encrypted and said user input is sent to main frame.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011104173754A CN102387161A (en) | 2011-12-14 | 2011-12-14 | Authentication method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011104173754A CN102387161A (en) | 2011-12-14 | 2011-12-14 | Authentication method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102387161A true CN102387161A (en) | 2012-03-21 |
Family
ID=45826135
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2011104173754A Pending CN102387161A (en) | 2011-12-14 | 2011-12-14 | Authentication method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102387161A (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103491094A (en) * | 2013-09-26 | 2014-01-01 | 成都三零瑞通移动通信有限公司 | Rapid identity authentication method based on C/S mode |
| CN103581121A (en) * | 2012-07-25 | 2014-02-12 | 深圳中兴网信科技有限公司 | Log-in authentication method and system on web application |
| CN104915584A (en) * | 2015-06-03 | 2015-09-16 | 深圳市沃特沃德科技有限公司 | Intelligent mobile terminal random encryption and decryption system based on fingerprint characteristics |
| CN106101064A (en) * | 2016-05-27 | 2016-11-09 | 深圳市永兴元科技有限公司 | Account login method and device |
| CN106355088A (en) * | 2015-07-15 | 2017-01-25 | 纬创资通股份有限公司 | Account management application strengthening method and device using same |
| CN106533677A (en) * | 2016-12-30 | 2017-03-22 | 四川九洲电器集团有限责任公司 | User login method, user terminal and server |
| CN107733658A (en) * | 2017-10-26 | 2018-02-23 | 湖南国科微电子股份有限公司 | A kind of PIN code method to set up, authentication method and storage device |
| WO2018045802A1 (en) * | 2016-09-12 | 2018-03-15 | 中兴通讯股份有限公司 | Login authentication and login password modification authentication methods, terminal, and server |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1828623A (en) * | 2006-04-11 | 2006-09-06 | 北京飞天诚信科技有限公司 | Method for protecting computer login using disposable password |
| EP1898370A2 (en) * | 2006-09-11 | 2008-03-12 | Matsushita Electric Industrial Co., Ltd. | IC card, and access control method |
| CN101420302A (en) * | 2008-12-01 | 2009-04-29 | 成都市华为赛门铁克科技有限公司 | Safe identification method and device |
| CN101453329A (en) * | 2007-12-07 | 2009-06-10 | 北京闻言科技有限公司 | Method for enhancing system security by pre-login |
| CN101465735A (en) * | 2008-12-19 | 2009-06-24 | 北京大学 | Network user identification verification method, server and client terminal |
| CN101677269A (en) * | 2008-09-17 | 2010-03-24 | 比亚迪股份有限公司 | Method and system for transmitting keys |
-
2011
- 2011-12-14 CN CN2011104173754A patent/CN102387161A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1828623A (en) * | 2006-04-11 | 2006-09-06 | 北京飞天诚信科技有限公司 | Method for protecting computer login using disposable password |
| EP1898370A2 (en) * | 2006-09-11 | 2008-03-12 | Matsushita Electric Industrial Co., Ltd. | IC card, and access control method |
| CN101453329A (en) * | 2007-12-07 | 2009-06-10 | 北京闻言科技有限公司 | Method for enhancing system security by pre-login |
| CN101677269A (en) * | 2008-09-17 | 2010-03-24 | 比亚迪股份有限公司 | Method and system for transmitting keys |
| CN101420302A (en) * | 2008-12-01 | 2009-04-29 | 成都市华为赛门铁克科技有限公司 | Safe identification method and device |
| CN101465735A (en) * | 2008-12-19 | 2009-06-24 | 北京大学 | Network user identification verification method, server and client terminal |
Non-Patent Citations (2)
| Title |
|---|
| STEVEN M.BELLOVIN等: "Encrypted Key Exchange:Password-Based Protocols Secure Against Dictionary Attacks", 《PROCEEDINGS OF THE IEEE COMPUTER SOCIETY SYMPOSIUM ON RESEARCH IN SECURITY AND PRIVACY》, 6 May 1992 (1992-05-06), pages 72 - 84 * |
| 董清潭: "三重DES加密算法原理与实现", 《电脑知识与技术》, vol. 7, no. 12, 30 April 2011 (2011-04-30) * |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103581121A (en) * | 2012-07-25 | 2014-02-12 | 深圳中兴网信科技有限公司 | Log-in authentication method and system on web application |
| CN103581121B (en) * | 2012-07-25 | 2019-04-16 | 深圳中兴网信科技有限公司 | A kind of login authentication method and system of web application |
| CN103491094A (en) * | 2013-09-26 | 2014-01-01 | 成都三零瑞通移动通信有限公司 | Rapid identity authentication method based on C/S mode |
| CN104915584A (en) * | 2015-06-03 | 2015-09-16 | 深圳市沃特沃德科技有限公司 | Intelligent mobile terminal random encryption and decryption system based on fingerprint characteristics |
| CN104915584B (en) * | 2015-06-03 | 2018-01-05 | 深圳市沃特沃德股份有限公司 | The random encrypting and deciphering system of intelligent mobile terminal based on fingerprint characteristic |
| CN106355088A (en) * | 2015-07-15 | 2017-01-25 | 纬创资通股份有限公司 | Account management application strengthening method and device using same |
| CN106355088B (en) * | 2015-07-15 | 2019-10-18 | 纬创资通股份有限公司 | Account management application strengthening method and device using same |
| CN106101064A (en) * | 2016-05-27 | 2016-11-09 | 深圳市永兴元科技有限公司 | Account login method and device |
| WO2018045802A1 (en) * | 2016-09-12 | 2018-03-15 | 中兴通讯股份有限公司 | Login authentication and login password modification authentication methods, terminal, and server |
| CN106533677A (en) * | 2016-12-30 | 2017-03-22 | 四川九洲电器集团有限责任公司 | User login method, user terminal and server |
| CN106533677B (en) * | 2016-12-30 | 2019-09-17 | 四川九洲电器集团有限责任公司 | A kind of user login method, user terminal and server |
| CN107733658A (en) * | 2017-10-26 | 2018-02-23 | 湖南国科微电子股份有限公司 | A kind of PIN code method to set up, authentication method and storage device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102387161A (en) | Authentication method | |
| CN102664885B (en) | Identity authentication method based on biological feature encryption and homomorphic algorithm | |
| CN102946314B (en) | A kind of client-side user identity authentication method based on browser plug-in | |
| CN102377788B (en) | Single sign-on (SSO) system and single sign-on (SSO) method | |
| CN102006306B (en) | Security authentication method for WEB service | |
| CN103491094A (en) | Rapid identity authentication method based on C/S mode | |
| CN103428221B (en) | Safe login method, system and device to Mobile solution | |
| CN104796265A (en) | Internet-of-things identity authentication method based on Bluetooth communication access | |
| CN101115060B (en) | Method for protecting user encryption key in asymmetric cipher key transmitting process of user key management system | |
| CN105162808B (en) | A kind of safe login method based on national secret algorithm | |
| CN105207782A (en) | Identity verification method based on restful framework | |
| CN103685282A (en) | Identity authentication method based on single sign on | |
| CN102025503B (en) | Data security implementation method in cluster environment and high-security cluster | |
| CN104243494B (en) | A kind of data processing method | |
| CN101192926A (en) | Account protection method and system | |
| CN104253694A (en) | Encrypting method for network data transmission | |
| CN103560892A (en) | Secret key generation method and secret key generation device | |
| CN103546421A (en) | Network work communication security and secrecy system on basis of PKI (public key infrastructure) technology and method for implementing network work communication security and secrecy system | |
| CN106452764A (en) | Method for automatically updating identification private key and password system | |
| US20210157939A1 (en) | Secure storage of passwords | |
| CN103701787A (en) | User name password authentication method implemented on basis of public key algorithm | |
| CN104125239B (en) | A kind of method for network authorization transmitted based on data link encryption and system | |
| CN104821883A (en) | Privacy protection credit reporting method based on asymmetric cryptographic algorithm | |
| CN110944327A (en) | Information security method and device for rail transit zone controller | |
| CN107493283B (en) | Method and system for realizing message security encryption based on live broadcast platform |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20120321 |