A kind of identity identifying technology adopting sound mixed cipher
(1) technical field:
The present invention relates to a kind of dynamic cipher generating method based on public time password table, particularly adopt the method between enterprise and client, the method for generating cipher code of a kind of economic security when adopting magnetic card and cipher to conclude the business.
(2) background technology:
Current, mostly the cash and the account trading mode that adopt bank card encrypted code between enterprise and client, because customer information in password and bank card is all changeless, easily be stolen and falsely use, therefore the trend password burglary-preventing method in the face of the surge of bank card clone robber brush case is a lot, magnetic stripe card is inserted IC chip and is made it to avoid being copied by lawless person, but its " bottleneck " to be the cost of IC chip card higher.Some places adopt except input password, and also need sign on sales slip, whether cashier can check sales slip and sign consistent with card back, but this most occasion can not avoid bank's card to be replicated.In addition, bank is in bank's card number coding rule that it uses and strip data format, add the identifying code of Custom Encryption algorithm and be stored in the magnetic track of magnetic stripe bank card, be encrypted by the self-defining special cryptographic algorithm of each bank, because each row cryptographic algorithm is different, therefore, the part vacation card utilizing the bank card information obtained illegally to make, can be identified when credit card issuer is deciphered and cannot use.
Dynamic password is current focus in enterprise's application; increasing enterprise adopts dynamic password protection; the method producing dynamic password is varied; to be banking system set up a fixing time password table for each client for one of them; client holds scratch card and concludes the business at every turn and strictly scrape the dynamic password positional information of time password table in card taking in order; obtain effective dynamic password, but scratch card can not be lost together with bank card, must take precautions against during transaction and be robbed.Have plenty of and generate a uncertain random digit combination according to special algorithm, each password can only use once, and it is widely used in the applications such as Net silver, network game, telecom operators, E-Government, enterprise.Dynamic password is a kind of account anti-theft technology of safe and convenient, can available protecting transaction and log in authentication security.Main flow produces form SMS, hardware token, handset token.Current most main flow be hardware password board based on time synchronized, its conversion in every 60 seconds dynamic password.Mobile phone dynamic password utilizes mobile phone to generate or receiving terminal as random cipher, user is when logging in application system, generation on input handset or the password received do not stop the random cipher changed, and greatly improve the safety of authenticating user identification or transaction.
(3) summary of the invention:
The password of current magnetic bank card uses all SCs, inputs password and another hand or health often must be adopted to block operating gesture, prevent other people or pinhole camera from peeping.The lawless person also had installs magnetic card data reader on ATM (automatic teller machine) side, steals remittee's bank card number information and makes pseudo-card, then blocks by puppet and steals gained password on other automatic teller machines, extract deposit in card.
Because user identity card often will use, user profile is easily revealed, and bank card can be imitated again, and therefore crux to hold this pass of password.A kind of identity identifying technology adopting sound mixed cipher of the present invention, for bank or adopt bank card and password to carry out the authenticating user identification of cash account process of exchange between enterprise and its client, its implementation method cost is low, can the identity authorization system of compatible current employing static password password.This password has M position, and each is formed by digital 0 – 9, and it is characterized in that having static password position and dynamic password position in the password of M position, the more generative processes of dynamic password figure place are more complicated, and dynamic password is exposed and also has both static password protections to coordinate increase fail safe.After user holds bank card insertion ATM, system just shows a time password table on ATM screen, this time password table independently can be generated separately by each ATM of bank, also can generate by the control centre of ATM (automatic teller machine) net is unified, the password of the time password table generated is not bound with user account, lost efficacy after the password authentification generated, time password table is made up of sequence number 0 to 99, wherein sequence number 0 to 9 has 2 groups or array, the all corresponding random digit of each sequence number in table, therefore this table password is a time password table be made up of random digit 0 to 9.N position is had to be dynamic password position in the password of user M position, all the other are static password position, the size of N is by user preset, N is less than or equal to M, N position, foremost or the backmost N position of M position password is positioned at for ease of operation dynamic password, also select one of them by user, a sequence number in each all corresponding time password table of this N position dynamic password, therefore N number of sequence number has N to 2N position.Each sequence number is preset and be tied in account corresponding to user by user.Each sequence number all occupies fixing position in overall password, effective dynamic password is found by the time password table that ATM screen shows by sequence number when it is just for concluding the business, thus the sequence number of relevant position in password is converted to dynamic password, dynamic password is time synchronized formula, user must complete the input of dynamic password at official hour, time password table is by random digit in predetermined time interval updating form, generally get 30 seconds to 90 seconds, near time password table, also establish a timer to input password as early as possible for reminding user, timing time to time password table by random digit in updating form, because valid password in time password table is random digit, therefore namely password becomes useless code after completing transaction, even if password is stolen or peeped, also be difficult to crack.For the ease of memory sequence number, only can select 0 to 9 sequence number in time password table, these sequence numbers only have one, therefore these sequence numbers establish 2 groups or array, peep and crack difficulty, remember because color is easier than numeral to increase transaction scene, can utilize each group of word and form different colours identification it, such as 2 groups is black and redness, and select the sequence number being greater than 9 to be also peep crack difficulty for strengthening transaction scene, making it can not from the password figure peeped and time password table determination sequence number.Random digit in time password table can as dynamic password, also can as the identifier of password generating mode, N number of sequence number random digit that wherein N-1 sequence number is corresponding can be placed in N-1 position, foremost or the backmost N-1 position of password as dynamic password, at this moment static password figure place is M – (N-1) position, random digit corresponding to another 1 sequence number is as the figure place of M position password ring shift left or ring shift right, ring shift left 1 is exactly that all positions are moved to the left 1, highest order moves on to lowest order place, ring shift right 1 all position 1 lowest order that moves right moves on to highest order, password after displacement is used for authentication.Due to this circulative shift operation can directly block by shift amount after once moved, therefore shifting function is also very simple.If the random digit being used as cyclic shift is greater than M, be equal to the figure place of the numeral after being subtracted M as displacement, in addition in the password of above-mentioned M position user according to can the preset dynamic password position from 0 to M position to the different requirements of password use safety, namely from being entirely predisposed to static password to being entirely predisposed to dynamic password.Be exactly dynamic password figure place by the figure place of static password figure place remainder preset in the password of M position.Be represent by its sequence number during preset dynamic password, as the difference with the preset number of static password, sequence number insertion of brackets or underline can be distinguished with it.When user is predisposed to 0 dynamic password position, namely this password is static password entirely.Above-mentioned password generating mode has multiple, by user's choice for use, greatly strengthens the fail safe of password.In order to distinguish, described password is except M position, and it is the identifier of above-mentioned password generating mode to also have extra order, is hidden not directly as the input of password position, and when it only operates for Password Input, the identification decision of computer and password holder preserve memory.
A kind of identity identifying technology adopting sound mixed cipher of the present invention, have user cipher input operation simple, password is easily remembered, and does not substantially increase the feature of cost.During each authentication, system and user utilize sequence number to determine the position of effective dynamic password in cipher table, the dynamic password verification success when the dynamic password of user's input is consistent with dynamic password effective in system, otherwise dynamic password verification failure.Cipher authentication is once rear just to lose efficacy.Dynamic password generating mode of the present invention is safe and reliable, and expense is low, easily realizes easy care, can be used for ATM carries out cash transaction, also can be used for the various cipher authentication systems such as E-Payment and system login.
(4) accompanying drawing illustrates:
Fig. 1 is a kind of System's composition schematic diagram adopting the identity identifying technology of sound mixed cipher.
(5) embodiment:
The present embodiment as shown in Figure 1, also hold in bank card insertion ATM, and ATM generates time password table by user's static password, user's method for generating cipher code according to a preconcerted arrangement, input sound mixed cipher, after ATM checking, realizes cash transaction.If described password is 6 and 2 extra orders, this password has 3 static password positions and is set to 938, dynamic password is positioned at after static password, totally 3 its sequence numbers are set to 5, 7, 18 these passwords are used for the monetary accounts access transaction between certain bank and client, client arrange fundamental cryptographic (for generating valid password) be: 938 (5) (7) (18) sequence number insertion of brackets identifications it, extra order is that in A0 extra order, the 2nd identification code A represents that dynamic password is placed in after static password in password, before then putting for B, in extra order, the 1st identification code is that 0 expression does not do shifting function, if be make ring shift right for representing during B when shifting function, as then made ring shift left for A, sequence number position 5, 7, sequence number in its expression time password table of 18 numerals, time password table must be looked into when concluding the business, dynamic password is obtained by sequence number, such as check in sequence number 5, 7, 18 corresponding dynamic passwords are 6, 3, 5 by fundamental cryptographic: in 938 (5) (7) (18), (5) (7) (18) are converted to dynamic password 6, 3, 5 generate sound mixed cipher: 938635 carry out authentication for input.
If above-mentioned extra order is AB, its digital B indicates that ring shift right operates, at this moment fundamental cryptographic increases a sequence number, if sequence number is still 3, dynamic password only has 2, static password is 4, another 1 sequence number is used for displacement, if fundamental cryptographic is: 9382 (5) (7) (18) wherein sequence number 18 look into time password table gained numeral, represent shift amount, as checked in sequence number 5, 7, 18 corresponding random digits are 6, 3, 8 by fundamental cryptographic: in 9382 (5) (7) (18), (5) (7) are converted to dynamic password 6, 3 generate sound mixed cipher: 938263 also must will generate sound mixed cipher: 938263 make ring shift right 8, at this moment cyclic shift 8 etc. are all: 8 – 6=2 cyclic shifts 2, by minimum 2 63 move on to the highest 2: 639382 it be for input carry out authentication sound mixed cipher.