CN105281915B - A kind of method that code keyboard generates ciphertext - Google Patents
A kind of method that code keyboard generates ciphertext Download PDFInfo
- Publication number
- CN105281915B CN105281915B CN201510741367.3A CN201510741367A CN105281915B CN 105281915 B CN105281915 B CN 105281915B CN 201510741367 A CN201510741367 A CN 201510741367A CN 105281915 B CN105281915 B CN 105281915B
- Authority
- CN
- China
- Prior art keywords
- ciphertext
- code
- key
- code keyboard
- password
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
Abstract
The invention discloses a kind of methods that code keyboard generates ciphertext, it carries out splitting storage and transmission by ciphertext of the digit based on key value to generation, so that the safety of ciphertext further increases, simultaneously because splitting the ciphertext generated is split based on original key value, the cipher mode of original bank's key is not changed, so not will cause the situation of decryption logic confusion, high stability.
Description
Technical field
The present invention relates to a kind of methods that code keyboard generates ciphertext.
Background technique
It is usually directly to carry out encryption life according to bank's key that the code keyboard of the ATM VTM machine of bank, which generates ciphertext,
At ciphertext;If there is criminal to obtain bank's code key by illegally reading the modes such as bank's key of code keyboard storage,
The ciphertext of generation can be cracked easily to obtain the password of user, therefore this mode safety is not high.In order to prevent
The generation of such case, some manufacturers carry out entire code keyboard by increasing an encryption chip on hardware at present
Encryption, but since encryption chip is generally all more expensive, the production cost that will lead to complete machine rises, and is unfavorable for the operation of manufacturer.
Summary of the invention
It is easy to be cracked to solve code keyboard, the technical problem excessively high using encryption chip cost, the present invention provides
One kind can effectively prevent code keyboard input to be cracked, and the method that the lower code keyboard of cost of implementation generates ciphertext.
In order to achieve the above technical purposes, the technical scheme is that,
A kind of method that code keyboard generates ciphertext, includes the following steps:
Step 1:Examine code keyboard whether legal, non-rule terminates entire ciphertext generating process, and it is legal, continue to hold
Row;Then the Encryption Algorithm of code keyboard is set;Again into the storage region of code keyboard load is obtained from bank include lead
Bank's key of key and working key;
Step 2:The password of user's input, the first password of acquisition user input are handled, work is then decrypted by master key
Make key, and password is encrypted to obtain ciphertext and key value according to the Encryption Algorithm combination working key that step 1 is set;
Then ciphertext is split according to the digit of key value, by after fractionation ciphertext A and ciphertext B be respectively stored in code keyboard
In storage region;
Step 3:The password that banking system inputs user is verified, and first calculates the ciphertext after fractionation by Hash
Character string check code is calculated in method;Then banking system being sent by ciphertext and character string check code, certification is decrypted;
Banking system verifies the ciphertext and character string check code that receive, judges whether to be tampered;It, will if being not tampered with
Ciphertext A and ciphertext B synthesizes complete ciphertext, then verifies whether the password that user inputs is correct, and end is verified.
Whether the method that a kind of code keyboard generates ciphertext in the step one, examines code keyboard legal,
It is to be initialized to complete to code keyboard, can such as be initialized, then sentenced by setting and configuration parameter
Break to be legal, is otherwise illegal.
The method that a kind of code keyboard generates ciphertext, in the step one, the Encryption Algorithm of keyboard password is adopted
With one of the PIN encryption mode of ISO9564-0, IBM3624 or ASCII, Encryption Algorithm is DES or 3DES.
The method that a kind of code keyboard generates ciphertext in the step one, first loads master key, then pass through master
Key read work key is loaded, and selects the storage region on code keyboard, and key is loaded into wherein.
The method that a kind of code keyboard generates ciphertext, in the step two, acquisition user input is close first
Code, then decrypted to obtain work code key by master key, further according to the Encryption Algorithm combination working key set before to password into
Row encryption obtains ciphertext and key value, and wherein ciphertext is the character string of presetting digit capacity, and key value is the position of the password of user's input
Number.
The method that a kind of code keyboard generates ciphertext, in the step two, according to the digit of key value to close
Text is split, and ciphertext is divided into the ciphertext A comprising number of characters identical with key value digit, and include remaining number of characters
Ciphertext B.
The method that a kind of code keyboard generates ciphertext, in the step three, storage of the system in code keyboard
Region obtains ciphertext A, and character string check code A ' is calculated by hash algorithm in ciphertext A;Ciphertext B is obtained, ciphertext B is passed through
Character string check code B ' is calculated in hash algorithm;Then by ciphertext A, character string check code A ', ciphertext B, character string check code
B ', which is combined into a data packet and is sent to banking system, is decrypted certification.
The method that a kind of code keyboard generates ciphertext, in the step three, ciphertext A that banking system will obtain
And check code A ' is calculated by hash algorithm by ciphertext B and check code B ' is verified, and judges whether to be tampered, if not by
Distort, then ciphertext A and ciphertext B synthesized into complete ciphertext, then verify user's input password it is whether correct, otherwise do not close
At directly terminating to verify.
The technical effects of the invention are that carrying out splitting storage and hair by ciphertext of the digit based on key value to generation
It send, so that the safety of ciphertext further increases, simultaneously because splitting the ciphertext generated is torn open based on original key value
Point, do not change the cipher mode of original bank's key, so not will cause the situation of decryption logic confusion, high stability.
Detailed description of the invention
Fig. 1 is flow chart of the invention.
Specific embodiment
Referring to Fig. 1, in order to realize the encipherment protection to user by the inputted password of code keyboard, the present invention includes following
Step:
It is the reliability for confirming code keyboard itself first, before the password encryption storage for inputting user, system is first
Preliminary setting is first carried out to code keyboard:
(1) it sets and configuration parameter, code keyboard is initialized, is i.e. whether inspection code keyboard closes
Method, if code keyboard can be initialized, then it is assumed that be it is legal, otherwise it is assumed that illegal;
(2) Encryption Algorithm of code keyboard is set, can include and unlimited using selection PIN encryption mode, encryption mode
In ISO9564-0, IBM3624, ASCII etc., alternative Encryption Algorithm includes and is not limited to DES, 3DES;
(3) bank's key is loaded, key pair is obtained from bank, and key pair includes master key and work code key, first loads master
Key is reloading with working key, this is because wanting read work key that must carry out encryption reading, code keyboard by master key
On usually have the area 0-15 totally 16 storage regions, can randomly choose in actual use, key is loaded into wherein.
After carrying out preliminary setting to code keyboard:
(4) password of user's input is obtained, first reads master key and then the working key corresponding by its decryption, further according to
The Encryption Algorithm set before encrypts password with work code key, obtains character ciphertext, it is close to set character in the present embodiment
The length of text is 16, while obtaining key value, and key value is " * ", and the password that user's input is set in the present embodiment is 6, then
Key value is shown as 6 " * * * * * * ";
(5) ciphertext is split according to the digit of key value, if the digit of key value is 6, is then split into ciphertext
Ciphertext A comprising the preceding 6 characters and ciphertext B comprising rear 10 characters;
(6) ciphertext A and ciphertext B are respectively stored in optional 16 storage regions;
When whether the password that bank needs to verify user's input is correct,
(7) system obtains ciphertext A in storage region, and 16 character string verifications are calculated by hash algorithm in ciphertext A
Code A ';Ciphertext B is obtained, 16 character string check code B ' are calculated by hash algorithm in ciphertext B;
(8) ciphertext A, character string check code A ', ciphertext B, character string check code B ' are combined into 48 data packets hair
It is sent to banking system and certification is decrypted.
(9) check code A ' and check code B ' is calculated by hash algorithm in obtained ciphertext A and ciphertext B by banking system
It is verified, judges whether to be tampered.
(10) if being not tampered with, ciphertext A and ciphertext B is synthesized into complete ciphertext, then verify the password of user's input
It is whether correct, terminate verifying.
Claims (8)
1. a kind of method that code keyboard generates ciphertext, which is characterized in that include the following steps:
Step 1:Examine code keyboard whether legal, non-rule terminates entire ciphertext generating process, and it is legal, it continues to execute;So
The Encryption Algorithm of code keyboard is set afterwards;Again into the storage region of code keyboard load is obtained from bank include master key with
Bank's key of working key;
Step 2:The password of user's input, the first password of acquisition user input are handled, it is then close by master key decryption work
Key, and password is encrypted to obtain ciphertext and key value according to the Encryption Algorithm combination working key that step 1 is set;Then
Ciphertext is split according to the digit of key value, by after fractionation ciphertext A and ciphertext B be respectively stored in the storage of code keyboard
In region;
Step 3:The password that banking system inputs user is verified, and the ciphertext after fractionation is passed through hash algorithm meter first
Calculation obtains character string check code;Then banking system being sent by ciphertext and character string check code, certification is decrypted;Department of banking
System verifies the ciphertext and character string check code that receive, judges whether to be tampered;If being not tampered with, by ciphertext A
And ciphertext B synthesizes complete ciphertext, then verifies whether the password that user inputs is correct, and end is verified.
2. the method that a kind of code keyboard according to claim 1 generates ciphertext, which is characterized in that the step one
In, it examines code keyboard whether legal, is to be initialized to have come to code keyboard by setting and configuration parameter
At, it can such as be initialized, then be judged as legal, otherwise be illegal.
3. the method that a kind of code keyboard according to claim 1 generates ciphertext, which is characterized in that the step one
In, the Encryption Algorithm of code keyboard uses one of the PIN encryption mode of ISO9564-0, IBM3624 or ASCII, and encryption is calculated
Method is DES or 3DES.
4. the method that a kind of code keyboard according to claim 1 generates ciphertext, which is characterized in that the step one
In, master key is first loaded, then loaded by master key read work key, and select the storage region on code keyboard,
Key is loaded into wherein.
5. the method that a kind of code keyboard according to claim 1 generates ciphertext, which is characterized in that the step two
In, the password of user's input is obtained first, is then decrypted to obtain working key by master key, is calculated further according to the encryption set before
Method combination working key encrypts password to obtain ciphertext and key value, and wherein ciphertext is the character string of presetting digit capacity, key
Value is the digit of the password of user's input.
6. the method that a kind of code keyboard according to claim 1 generates ciphertext, which is characterized in that the step two
In, ciphertext is split according to the digit of key value, ciphertext is divided into comprising number of characters identical with key value digit
Ciphertext A, and the ciphertext B comprising remaining number of characters.
7. the method that a kind of code keyboard according to claim 1 generates ciphertext, which is characterized in that the step three
In, system obtains ciphertext A in the storage region of code keyboard, and character string check code is calculated by hash algorithm in ciphertext A
A';Ciphertext B is obtained, character string check code B ' is calculated by hash algorithm in ciphertext B;Then ciphertext A, character string are verified
Code A ', ciphertext B, character string check code B ', which are combined into a data packet and are sent to banking system, is decrypted certification.
8. the method that a kind of code keyboard according to claim 1 generates ciphertext, which is characterized in that the step three
In, check code A ' is calculated by hash algorithm in obtained ciphertext A and ciphertext B to banking system and check code B ' is tested
Card, judges whether to be tampered, if being not tampered with, ciphertext A and ciphertext B is synthesized complete ciphertext, then verify user's input
Password it is whether correct, otherwise do not synthesize, directly terminate to verify.
Priority Applications (4)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510741367.3A CN105281915B (en) | 2015-11-04 | 2015-11-04 | A kind of method that code keyboard generates ciphertext |
| PCT/SG2016/050542 WO2017078626A1 (en) | 2015-11-04 | 2016-11-04 | Method and system for generating ciphertext by pin entry device |
| SG11201803166RA SG11201803166RA (en) | 2015-11-04 | 2016-11-04 | Method and system for generating ciphertext by pin entry device |
| PH12018500929A PH12018500929A1 (en) | 2015-11-04 | 2018-04-30 | Method and system for generating ciphertext by pin entry device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510741367.3A CN105281915B (en) | 2015-11-04 | 2015-11-04 | A kind of method that code keyboard generates ciphertext |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105281915A CN105281915A (en) | 2016-01-27 |
| CN105281915B true CN105281915B (en) | 2018-11-20 |
Family
ID=55150309
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510741367.3A Active CN105281915B (en) | 2015-11-04 | 2015-11-04 | A kind of method that code keyboard generates ciphertext |
Country Status (4)
| Country | Link |
|---|---|
| CN (1) | CN105281915B (en) |
| PH (1) | PH12018500929A1 (en) |
| SG (1) | SG11201803166RA (en) |
| WO (1) | WO2017078626A1 (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108573581B (en) * | 2018-03-20 | 2020-08-18 | 中国工商银行股份有限公司 | ATM initial key setting method, device, system and computer readable storage medium |
| EP3909003B1 (en) | 2019-01-09 | 2023-05-03 | Visa International Service Association | Method, system, and computer program product for network bound proxy re-encryption and pin translation |
| CN111030819A (en) * | 2020-02-18 | 2020-04-17 | 深圳新融典科技有限公司 | Authentication method, system, terminal and storage medium based on encryption and decryption algorithm |
| CN113806730B (en) * | 2021-09-18 | 2024-03-08 | 北京安天网络安全技术有限公司 | Method, system, equipment and medium for inputting security password |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101206779A (en) * | 2006-12-18 | 2008-06-25 | 汉王科技股份有限公司 | Online banking system safety terminal and data safety processing method thereof |
| CN102737441A (en) * | 2011-08-19 | 2012-10-17 | 广州广电运通金融电子股份有限公司 | Self-service terminal password input device |
| CN103036681A (en) * | 2012-12-13 | 2013-04-10 | 中国工商银行股份有限公司 | Password safety keyboard device and system |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6715078B1 (en) * | 2000-03-28 | 2004-03-30 | Ncr Corporation | Methods and apparatus for secure personal identification number and data encryption |
| US7159114B1 (en) * | 2001-04-23 | 2007-01-02 | Diebold, Incorporated | System and method of securely installing a terminal master key on an automated banking machine |
| KR100516548B1 (en) * | 2003-02-05 | 2005-09-22 | 삼성전자주식회사 | Apparatus and method for efficient h/w structure for ciphering in mobile communication system |
| US20050149739A1 (en) * | 2003-12-31 | 2005-07-07 | Hewlett-Packard Development Company, L.P. | PIN verification using cipher block chaining |
| US8589698B2 (en) * | 2009-05-15 | 2013-11-19 | International Business Machines Corporation | Integrity service using regenerated trust integrity gather program |
| CN101930644B (en) * | 2009-06-25 | 2014-04-16 | 中国银联股份有限公司 | Method for safely downloading master key automatically in bank card payment system and system thereof |
-
2015
- 2015-11-04 CN CN201510741367.3A patent/CN105281915B/en active Active
-
2016
- 2016-11-04 SG SG11201803166RA patent/SG11201803166RA/en unknown
- 2016-11-04 WO PCT/SG2016/050542 patent/WO2017078626A1/en active Application Filing
-
2018
- 2018-04-30 PH PH12018500929A patent/PH12018500929A1/en unknown
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101206779A (en) * | 2006-12-18 | 2008-06-25 | 汉王科技股份有限公司 | Online banking system safety terminal and data safety processing method thereof |
| CN102737441A (en) * | 2011-08-19 | 2012-10-17 | 广州广电运通金融电子股份有限公司 | Self-service terminal password input device |
| CN103036681A (en) * | 2012-12-13 | 2013-04-10 | 中国工商银行股份有限公司 | Password safety keyboard device and system |
Also Published As
| Publication number | Publication date |
|---|---|
| PH12018500929A1 (en) | 2018-10-29 |
| WO2017078626A1 (en) | 2017-05-11 |
| SG11201803166RA (en) | 2018-05-30 |
| CN105281915A (en) | 2016-01-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101369889B (en) | Method for electronic endorsement of document | |
| US9729322B2 (en) | Method and system for smart card chip personalization | |
| EP3457310B1 (en) | Method for protecting the confidentiality and integrity of firmware for an internet of things device | |
| CN105281915B (en) | A kind of method that code keyboard generates ciphertext | |
| US8316235B2 (en) | Method and device for manipulation-proof transmission of data | |
| US8995653B2 (en) | Generating a secret key from an asymmetric private key | |
| CN106778205A (en) | Verified with the no data storehouse of physics unclonable function | |
| CN105447394B (en) | A kind of intelligent code key with local data encryption function | |
| CN103177223A (en) | System and method for temporary secure boot of an electronic device | |
| CN107528689B (en) | Password modification method based on Ukey | |
| CN103269271A (en) | Method and system for back-upping private key in electronic signature token | |
| CN109690543B (en) | Security authentication method, integrated circuit and system | |
| CN103914662A (en) | Access control method and device of file encrypting system on the basis of partitions | |
| CN111586076A (en) | Remote control and telemetry information tamper-proof encryption and decryption method and system based on mixed password | |
| US20100241865A1 (en) | One-Time Password System Capable of Defending Against Phishing Attacks | |
| EP2701101B1 (en) | Information processing devices and information processing methods | |
| CN112385175B (en) | Device for data encryption and integrity | |
| CN110046489B (en) | Trusted access verification system based on domestic Loongson processor, computer and readable storage medium | |
| CN107409046A (en) | Apparatus and method for generating key in programmable hardware module | |
| CN105227312A (en) | Intelligent code key password authentification extracting method | |
| JP6246516B2 (en) | Information processing system | |
| CN110610079A (en) | Safe starting method, device and system | |
| CN111935119B (en) | Data encryption authentication method and data encryption authentication system | |
| TWI499929B (en) | Programming system | |
| KR101677138B1 (en) | Method of on-line/off-line electronic signature system for security of off-line token |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20200927 Address after: 1, 2 and 3 / F, No. 28, Xinkang Road, shangmugu community, Pinghu street, Longgang District, Shenzhen City, Guangdong Province Patentee after: JINGKING WEIDA TECHNOLOGY (SHENZHEN) Co.,Ltd. Address before: 410000 5, China Software Park, No. 303, pointed hill, 39 hi tech Development Zone, Hunan, Changsha Patentee before: Bohong Information Technology Co.,Ltd. |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20201217 Address after: B162, 2 / F, Lihe Trade Center, No. 26, 27, 28, 29, Yuenan street, Huangsha Avenue, Liwan District, Guangzhou City, Guangdong Province 510000 Patentee after: Guangzhou Aixiang Technology Co., Ltd Address before: 1, 2 and 3 / F, No. 28, Xinkang Road, shangmugu community, Pinghu street, Longgang District, Shenzhen City, Guangdong Province Patentee before: JINGKING WEIDA TECHNOLOGY (SHENZHEN) Co.,Ltd. |