CN106656992A - Information verification method - Google Patents
Information verification method Download PDFInfo
- Publication number
- CN106656992A CN106656992A CN201610971327.2A CN201610971327A CN106656992A CN 106656992 A CN106656992 A CN 106656992A CN 201610971327 A CN201610971327 A CN 201610971327A CN 106656992 A CN106656992 A CN 106656992A
- Authority
- CN
- China
- Prior art keywords
- client
- server
- key
- information
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
Abstract
The invention presents an information verification method including the following steps: (1) a client sends user registration information to a server to request for user identity verification, the server is used for verifying user identity, and the server generates a key container file corresponding to the client according to the user registration information after verification succeeds; (2) the client downloads the key container file from the server or gets the key container file by updating, wherein the key container file contains to-be-matched information and the public-private key pair of asymmetric keys or symmetric keys, and the information is bound to the key container file for client authentication; and (3) after actual information in the client is matched with the to-be-matched information, when the application service of the client requires user identity authentication, the client and the server conduct two-way authentication based on the asymmetric keys or one-way authentication based on the symmetric keys. The process of verification is simplified greatly and the cost of verification cost is lowered while the reliability and safety of verification are improved greatly.
Description
Technical field
The invention belongs to field of information security technology, is related to a kind of Information Authentication technology.
Background technology
With mobile communication and the high speed development of Internet technology, the certification of personal identification is in bank, security, commercial affairs, trade
Easily, the application demand of the industry-by-industry such as office, education is more and more, and the safety problem of personal identification also result in widely
Pay attention to.The technology being authenticated by modes such as dynamic token, U-shield, fingerprints in having of commonly using of internet arena at present.But,
These technologies generally require the hardware product that user carries with certification, very inconvenient.Short-message verification relative ease and user's body
Test, but every time checking is required for short message sending plain text authentication code to user, except verifying high cost, and has security risk.
The principle of verification note is to allow user to perceive this for its certain behavior, such as payment behavior occurs, to robber
The cheat of brush user account number improves threshold, because cheat may take payment cipher, may not but grasp the mobile phone of user.And
And user have received indescribable payment short message verification code, account number stolen may can be perceived, and then improve safety
Property.But short message verification code has the weakness that it is projected as the mainstay of safety, i.e., send in plain text again, the quilt in communication way
Intercept and forward so as to lose security, also all kinds of employing artificial means deception victims leak the fraud of identifying code, pin
To be all this weakness.
In addition in plain text, short-message verification uses the mode of monolateral checking, that is to say, that the people for sending out can ensure that reception
People is exactly this cell-phone number, and it is on earth note that who sends out that the people of receipts does not but verify.Such case is very easy to cause mobile phone wood
The fast propagation of horse, has on the market various modifications to show the hacker software of number, can send and be shown as the service numbers such as bank wire
The note of code, content is exactly the notice of various official's implications, lures that client removes clickthrough into.User's point has an APK after entering
Download prompting to install, mobile phone has just suffered wooden horse after installation.The propagation of wooden horse is very rapidly, to have suffered the mobile phone of wooden horse,
Stealthily fishing note can be sent to the people inside address list, also intelligently can be called according to the record inside address list, to youngster
The note of son may be exactly the pet name of son, and the note to lover may be exactly the diminutive that few people know, the content of note
A little photos that have been mostly what my most close-perspective recordings, clickthrough is it is seen that this kind of.This just greatly strengthen fishing note
Confidence level, promotes more people to infect.The mobile phone infected continues to be sent short messages diffusion wooden horse to address list, so spreads from mouth to mouth,
Wooden horse is rapidly with regard to spread out.
Wooden horse plantation will stash to after mobile phone the inside.It can specially monitor the short-message verification of each payment platform
Code and the notifying messages of withholing of bank, can be automatically forwarded on the equipment of cheat's control, for bank to short message verification code wooden horse
The notifying messages withholdd, wooden horse is deleted silently, so as at all user perceives the generation less than payment behavior.Cheat utilizes Fishing net
Stand and collect the customer information that comes and swindled, need payment cipher in checking, cheat just with wooden horse forwarding come note test
Card code is filled in just can be with.So, short message verification code is just thoroughly destroyed in protective action for security.
Although occurring in that speech verification in recent years, needs call report speech identifying code, user to user every time
Need to remember identifying code, it is not only inconvenient, but also there is a problem of high cost.
The content of the invention
It is an object of the invention to provide a kind of Information Authentication method, to greatly improve the reliability and security of checking,
Significantly simplify the flow process of checking simultaneously, reduce the cost of checking.
In order to achieve the above object, solution of the invention is:
A kind of Information Authentication method, comprises the following steps:
(1) user end to server sends user's registration information, requests verification user identity;
The server is used to verify user identity, and after checking user identity success, according to the user's registration
Information, produces the cryptographic key containers file of the correspondence client;
(2) client downloads institute after the successful message of expression checking user identity is received from server from server
It is the cryptographic key containers file to state cryptographic key containers file or update original cipher key container file, and the cryptographic key containers file is comprising treating
With information, and the public and private key pair or symmetric key of unsymmetrical key, the information to be matched, and unsymmetrical key
Public and private key pair or symmetric key are bound with the cryptographic key containers file, for Authentication Client;
(3) after actual information is with the information matches success to be matched in client, need in the applied business of client
When carrying out user identity authenticity verification, client to server carry out based on unsymmetrical key two-way authentication or
Unilateral authentication based on symmetric key.
The information to be matched is user name and client hardware system information;The cryptographic key containers file also includes key
The binary code of core algorithm.
Preferably, the cryptographic key containers file is formed in the following manner:According to different CPU and compiler, to compiling
The binary code of good executable software carries out quadratic transformation or partial information is replaced, by key or algorithm with binary system
Form obscure with the binary code and binary data of executable software and obtain.
Preferably, the logic of the cryptographic key containers file is stored in dynamic link library after being encrypted, corresponding encryption
Key is by user or back-stage management.
Preferably, the process only specified can just access the cryptographic key containers file.
Preferably, the cryptographic key containers file in use, will be placed on internal memory or slow after related information decryption
Used in depositing, corresponding use region is covered with junk data using rear, to reach quick and safe handling requirement.
User identity is verified in the step (1) by the way of voice caller number or voice caller number cut position;
Or, verify user identity by the way of voice broadcast checking information in the step (1);Or, adopt in the step (1)
User identity is verified with short message mode.
In the step (1) when user identity is verified by the way of voice caller number or voice caller number cut position,
The step (1) includes:
(11) user end to server initiates voice caller number or voice caller number cut position checking request, submits user to
Log-on message;The server is used for according to the user's registration information, and to client calling number is sent, then by corresponding master
It is the telephone number in user's registration information described in telephone call;
(12) calling number that client the reception server is sent;If client is band public network Speech Communication function terminal
To step (13), otherwise to step (14);
(13) client detection service device incoming call, if in time TintervalCaller ID is inside detected with the caller number
Code is consistent, then client of stopping ring, and the calling number is sent into server, to step (15);If in the time
TintervalIncoming call is inside not detected by, user end to server initiates inquiry, and whether inquiry Subscriber Number is put through, if put through
To step (14), if not putting through continuation in next TintervalDetection incoming call in time, when total detection time more than n ×
TintervalWhen, show time time-out authentication failed;Wherein, TintervalIt is setting value with n;
(14) client shows dialog box, it is desirable to the part cut position of the complete calling number of user input or calling number,
The part cut position of calling number or calling number is sent to server by client, to step (15);
(15) if client issues the calling number of server or the part cut position of calling number issues client with server
The calling number at end is consistent, then client receives the successful message of subscriber authentication that server is sent;If do not corresponded,
Client receives the subscriber authentication failure that server is sent;If the caller incoming call that client is sent is in a timing
Interior not serviced device is received, then client shows time time-out authentication failed;The certain hour is setting value.
Preferably, the telephone number is phone number.
Preferably, the telephone number dialed in user's registration information in the step (11) passes through general telephone network.
The original of the cryptographic key containers file or renewal cipher key system is downloaded in the step (2) by internet encrypted passage
Cryptographic key containers file is the cryptographic key containers file.
When client carries out the two-way authentication based on unsymmetrical key to server, the step (3) includes:
(31) user end to server initiates up checking request a, generates the digital signature pair of up checking request a
As being sent to server;Server is used to generate the digital signature of up checking request a and descending using the private key of oneself
The digital signature object of checking request b, replys client;
(32) client carries out sign test using the public key of server to the digital signature of the up sign test request a, passes through
To step (33), not by step (35);
(33) according to the private key of itself, the digital signature for generating descending checking request b is sent to server to client;
Server is used to carry out sign test to the digital signature of the descending sign test request b using the public key of client, by then arriving step
(34), not by step (36);
(34) client receives the check results for representing that two-way authentication passes through from server;
(35) authentication of the client to server fails;
(36) the authentication failure of client.
Preferably, the digital signature object is a string of random numbers;The digital signature includes signed codevector and check code.
A kind of Information Authentication method, comprises the following steps:
(1) server verifies the user identity of client from client receive user log-on message;
(2) after the success of server authentication user identity, according to the user's registration information of client, the correspondence client is produced
The cryptographic key containers file at end;
Client is used for after the successful message of expression checking user identity is received from server, and from server institute is downloaded
It is the cryptographic key containers file to state cryptographic key containers file or update original cipher key container file, and with the cryptographic key containers file
After with success, to server the two-way authentication based on unsymmetrical key or the unilateral authentication based on symmetric key are initiated;It is described
Cryptographic key containers file includes information to be matched, and the public and private key pair or symmetric key of unsymmetrical key, described to be matched
Information, and the public and private key pair or symmetric key of unsymmetrical key bind with the cryptographic key containers, for certification client
End;
(3) after actual information is with the information matches success to be matched in client, need in the applied business of client
When carrying out user identity authenticity verification, server to client carry out based on unsymmetrical key two-way authentication or
Unilateral authentication based on symmetric key.
The information to be matched is user name and client hardware system information;The cryptographic key containers file also includes key
The binary code of core algorithm.
Preferably, the cryptographic key containers file is formed in the following manner:According to different CPU and compiler, to compiling
The binary code of good executable software carries out quadratic transformation or partial information is replaced, by key or algorithm with binary system
Form obscure with the binary code and binary data of executable software and obtain.
Preferably, the logic of the cryptographic key containers file is stored in dynamic link library after being encrypted, corresponding encryption
Key is by user or back-stage management.
Preferably, the process only specified can just access the cryptographic key containers file.
Preferably, the cryptographic key containers file in use, will be placed on internal memory or slow after related information decryption
Used in depositing, corresponding use region is covered with junk data using rear, to reach quick and safe handling requirement.
The user identity of client is verified in the step (1) based on the mode of voice broadcast checking information;Or, it is described
The user identity of client is verified in step (1) based on short message mode;Or, voice caller number is based in the step (1)
Or the mode of voice caller number cut position verifies the user identity of client, the step (1) comprises the following steps:
(11) server receive from client voice caller number or voice caller number cut position checking request and
User's registration information;
(12) calling number is first sent to client by server, then dials user's registration information by corresponding caller phone
In telephone number;
During the client band public network Speech Communication function, for detecting incoming call, and:If in time TintervalInterior inspection
Measure caller ID consistent with the calling number, then client of stopping ring, and the calling number is sent into server;
If in time TintervalIncoming call is inside not detected by, initiates to inquire about to server, whether inquiry Subscriber Number is put through, if
Put through, then show dialog box, it is desirable to the part cut position of the complete calling number of user input or calling number, by the calling number
Or the part cut position of calling number is sent to server;If not putting through continuation in next TintervalDetection in time comes
Electricity, when total detection time is more than n × TintervalWhen, then show time time-out authentication failed;
Wherein, TintervalIt is setting value with n;
If client is not the terminal with public network Speech Communication function, client is used to show dialog box, it is desirable to use
The part cut position of the complete calling number of family input or calling number, the part cut position of the calling number or calling number is sent out
Give server;
(13) server sends client calling number or the part cut position of calling number and the actual caller transferred to
Number compares, if be consistent, replys client, subscriber authentication success;If do not corresponded, client, user are replied
Authentication fails;The caller incoming call that client is sent is not received within a certain period of time, then client is used to show that the time surpasses
When authentication failed;The certain hour is setting value.
Preferably, the telephone number is phone number.
Preferably, the telephone number dialed in user's registration information by general telephone network in the step (12).
When server carries out the two-way authentication based on unsymmetrical key to client, the step (3) includes:
(31) server receives the digital signature object of up checking request a from client, is generated using the private key of oneself
The digital signature of up checking request a and the digital signature object of descending checking request b, reply client;
The client is used to carry out sign test to the digital signature of the up sign test request a with the public key of server, and
And:When passing through, according to the private key of client, the digital signature for generating descending checking request b is sent to server;
In obstructed out-of-date, expression server authentication failure;
(32) server is when the digital signature of descending checking request b is received from client, with the public key of client
Sign test is carried out to the digital signature of descending checking request b;
If passed through, the check results for representing that two-way authentication passes through are sent to client;
If do not passed through, the check results for representing client identity authentication failed are sent to client.
Preferably, the digital signature object is a string of random numbers;The digital signature includes signed codevector and check code.
Due to adopting such scheme, the invention has the beneficial effects as follows:Information Authentication method of the present invention is by only in registration rank
Section using the two-way authentication based on unsymmetrical key or is based between a client and a server using voice or short-message verification
The unilateral authentication of symmetric key, while checking reliability and security is greatly improved, significantly simplifies the flow process of checking, reduces
The cost of checking.Wherein to the use of cryptographic key containers file, the reliability and security of checking further greatly improved with
And the terseness of flow process, equally promote reduction checking cost.
Description of the drawings
Fig. 1 is the schematic diagram in each stage in the embodiment of the present invention;
Fig. 2 is the schematic diagram in the two-way authentication stage that the phase III is based on unsymmetrical key in the embodiment of the present invention;
Fig. 3 is the overall flow figure of the embodiment of the present invention;
Fig. 4 is the flow chart of voice caller number cut position verification mode in the embodiment.
Specific embodiment
Below in conjunction with accompanying drawing illustrated embodiment, the present invention is further illustrated.
The present invention proposes a kind of Information Authentication method, and the method is comprised the following steps:
(1) user end to server sends user's registration information, requests verification user identity;
Above-mentioned server is used to verify user identity, and after checking user identity success, according to user's registration information,
Produce the cryptographic key containers file of correspondence client.
(2) client is downloaded after the successful message of expression checking user identity is received from server from server
It is above-mentioned cryptographic key containers file to state cryptographic key containers file or update original cipher key container file.The cryptographic key containers file is comprising to be matched
Information, and the public and private key pair or symmetric key of unsymmetrical key, above-mentioned information to be matched, and the public affairs of unsymmetrical key
Private key pair or symmetric key are bound with cryptographic key containers file, for Authentication Client.
(3) after actual information is with above-mentioned information matches success to be matched in client, need in the applied business of client
When carrying out user identity authenticity verification, client to server carry out based on unsymmetrical key two-way authentication or
Unilateral authentication based on symmetric key.
Fig. 1 show the schematic diagram in the Information Authentication each stage of method, each stage in above steps correspondence Fig. 1.Fig. 2
The schematic diagram in this stage when for the phase III being the two-way authentication stage based on unsymmetrical key.
In the present embodiment, above-mentioned information to be matched is user name and client hardware system information.Above-mentioned cryptographic key containers text
The part also binary code comprising key core algorithm.In the present embodiment, cryptographic key containers file is formed in the following manner:According to
Different CPU and compiler, carry out quadratic transformation or partial information are replaced to the binary code of compiled executable software
Change, key or algorithm are obscured in binary form with the binary code and binary data of executable software
Arrive.
The logic of the cryptographic key containers file is stored in dynamic link library after being encrypted, and corresponding encryption key is by user
Or back-stage management;Additionally, the process only specified can just access cryptographic key containers file.The cryptographic key containers file was being used
Cheng Zhong, used in internal memory or caching is placed on after related information decryption, corresponding use is covered using rear with junk data
Region, to reach quick and safe handling requirement.
In above-mentioned steps (1) can by the way of voice caller number or voice caller number cut position, voice broadcast tests
The mode of card information or short message mode checking user identity.
When user identity is verified by the way of voice caller number or voice caller number cut position, above-mentioned steps
(1) following steps are specifically included:
(11) user end to server initiates the checking request of voice caller number or voice caller number cut position mode, carries
Hand over user's registration information;The server is used for according to above-mentioned user's registration information, and to client calling number is sent, then by correspondence
The telephone number dialed in the user's registration information of caller phone.
(12) calling number that client the reception server is sent;If client is band public network Speech Communication function terminal
To step (13), otherwise to step (14).
(13) client detection service device incoming call, if in time TintervalCaller ID is inside detected with above-mentioned caller number
Code is consistent, then client of stopping ring, and the calling number is sent into server, to step (15);If in the time
TintervalIncoming call is inside not detected by, user end to server initiates inquiry, and whether the telephone number for inquiring about user is put through, if
Step (14) has been put through, if not putting through continuation in next TintervalDetection incoming call in time, when total detection time it is big
In n × TintervalWhen, show time time-out authentification failure;Wherein, TintervalIt is setting value with n.
(14) client shows dialog box, it is desirable to the part cut position of the complete calling number of user input or calling number,
The part cut position of complete calling number or calling number is sent to server by client, to step (15).
(15) if client issues the calling number of server or the part cut position of calling number issues client with server
The calling number at end is consistent, then client receives the successful message of subscriber authentication that server is sent;If do not corresponded,
Client receives the subscriber authentication failure that server is sent;If calling number or caller number that client is sent
Within a certain period of time not serviced device is received the part cut position of code, then client shows time time-out authentication failed;One timing
Between be setting value.
Above-mentioned user's registration information includes the telephone number of client user, such as phone number;Lead in above-mentioned steps (11)
Cross the telephone number that general telephone network is dialed in user's registration information.
The original of above-mentioned cryptographic key containers file or renewal cipher key system is downloaded in above-mentioned steps (2) by internet encrypted passage
Cryptographic key containers file is above-mentioned cryptographic key containers file.
In the present embodiment, when two-way authentication is carried out based on unsymmetrical key, above-mentioned steps (3) specifically include following step
Suddenly:
(31) user end to server initiates up checking request a, generates the digital signature object of up checking request a
It is sent to server;Server is used to generate the digital signature of up checking request a and descending checking using the private key of oneself
The digital signature object of request b, replys client;
(32) client asks the digital signature of a to carry out sign test up sign test using the public key of server, by step
Suddenly (33), not by step (35);
(33) according to the private key of itself, the digital signature for generating above-mentioned descending checking request b is sent to server to client;
Server is used to carry out sign test to the digital signature of the descending sign test request b using the public key of client, by then arriving step
(34), not by step (36);
(34) client receives the check results for representing that two-way authentication passes through from server;
(35) authentication of the client to server fails;
(36) the authentication failure of client.
In said process, two kinds of digital signature objects can be a string of random numbers;Two kinds of digital signature may each comprise
Signed codevector and check code.
The invention allows for a kind of Information Authentication method, comprises the following steps:
(1) server verifies the user identity of client from client receive user log-on message.
(2) after the success of server authentication user identity, according to the user's registration information of client, produce to should client
Cryptographic key containers file.Wherein, client is used for after the successful message of expression checking user identity is received from server, from
It is above-mentioned cryptographic key containers file that server downloads above-mentioned cryptographic key containers file or updates original cipher key container file, and close with above-mentioned
Key container file is after the match is successful, and two-way authentication based on unsymmetrical key is initiated or based on the unidirectional of symmetric key to server
Certification.The cryptographic key containers file includes information to be matched, and the public and private key pair or symmetric key of unsymmetrical key, described
Information to be matched, and the public and private key pair or symmetric key of unsymmetrical key bind with the cryptographic key containers, for recognizing
Card client.
(3) after actual information is with the information matches success to be matched in client, need in the applied business of client
When carrying out user identity authenticity verification, server carries out the two-way authentication based on unsymmetrical key or base to client
In the unilateral authentication of symmetric key.
In the present embodiment, above-mentioned information to be matched is user name and client hardware system information;The cryptographic key containers file
Also include the binary code of key core algorithm.In the present embodiment, the cryptographic key containers file is formed in the following manner:According to
Different CPU and compiler, carry out quadratic transformation or partial information are replaced to the binary code of compiled executable software
Change, key or algorithm are obscured in binary form with the binary code and binary data of executable software
Arrive.
The logic of the cryptographic key containers file is stored in dynamic link library after being encrypted, and corresponding encryption key is by user
Or back-stage management;The process only specified can just access cryptographic key containers.Cryptographic key containers file in use, by correlation
Information decryption after be placed on used in internal memory or caching, corresponding use region is covered with junk data using rear, to reach
Quick and safe handling requirement.
In the present invention, in step (1) based on the mode of voice caller number or voice caller number cut position, based on voice
Report the mode of checking information or the user identity of client is verified based on short message mode.
When the use for verifying client in above-mentioned steps (1) based on the mode of voice caller number or voice caller number cut position
Family identity, step (1) is including step in detail below:
(11) server is received and asked from the voice caller number of client or the checking of voice caller number cut position mode
Summation user's registration information.
(12) calling number is first sent to client by server, then dials user's registration information by corresponding caller phone
In telephone number.
In the client band public network Speech Communication function, it is used to detect incoming call, and:If in time TintervalIt is interior
Detect caller ID consistent with above-mentioned calling number, then client of stopping ring, and the calling number is sent into server;
If in time TintervalIncoming call is inside not detected by, initiates to inquire about to server, whether inquiry Subscriber Number is put through, if
Put through, then show dialog box, it is desirable to the part cut position of the complete calling number of user input or calling number, by calling number or
The part cut position of calling number is sent to server;Continue if not putting through in next TintervalDetection in time comes
Electricity, when total detection time is more than n × TintervalWhen, show time time-out authentication failed;Wherein, TintervalIt is setting value with n.
If client is not the terminal with public network Speech Communication function, client is used to show dialog box, it is desirable to use
The part cut position of the complete calling number of family input or calling number, the part cut position of the calling number or calling number is sent
To server.
(13) server sends client calling number or the part cut position of calling number and the actual caller transferred to
Number compares, if be consistent, replys client, subscriber authentication success;Client, Yong Hushen are replied if not corresponding
Part authentication failed;The part cut position of calling number that client sends or calling number is not received within a certain period of time, then visitor
Family end is used to show time time-out authentication failed;The certain hour is setting value.
Above-mentioned user's registration information includes the telephone number of client user, such as phone number;By public affairs in step (12)
The telephone number that many telephone networks are dialed in user's registration information.
In the present embodiment, when two-way authentication is carried out based on unsymmetrical key, above-mentioned steps (3) specifically include following step
Suddenly:
(31) server receives the digital signature object of up checking request a from client, is generated using the private key of oneself
The digital signature object of the digital signature of up checking request a and descending checking request b, replys client.
The client is used to carry out sign test to the digital signature of above-mentioned up sign test request a with the public key of server, and:
When passing through, according to the private key of client, the digital signature for generating descending checking request b is sent to server;And do not passing through
When, then display server authentication failure.
(32) server is when the digital signature of descending checking request b is received from client, with the public key of client to this
The digital signature of descending checking request b carries out sign test;If passed through, the verification for representing that two-way authentication passes through is sent to client
As a result;If do not passed through, the check results for representing client identity authentication failed are sent to client.
In said process, digital signature object can be a string of random numbers;Digital signature can include signed codevector and verification
Code.
When in the system being made up of server and client side, realizing above- mentioned information by specific computer program and test
Core technology thinking during card method, based on above- mentioned information verification method, it is contemplated that the situation in actual motion, can be with following
Concrete step is implemented, and Fig. 3 show its flow chart:
(1) client self-inspection, is held by the key of the authentication Application inspection asymmetric key system of client
Device file, including:
(11) cryptographic key containers file whether there is;
(12) whether the CRC of cryptographic key containers file content or hash transformation verification are correct;
(13) protect in the system information of reading client hardware system information and cryptographic key containers file and cryptographic key containers file
More whether the hardware information deposited and the system information of cryptographic key containers file match;
(14) need whether the user name for carrying out authentication matches with the user name preserved in cryptographic key containers file;
The purpose for checking (11) is to confirm whether client downloads cryptographic key containers file;
The purpose for checking (12) is whether inspection cryptographic key containers file damages or be tampered, if checked by can confirm that
Cryptographic key containers file completely can use;
The purpose for checking (13) is whether inspection cryptographic key containers file is illegally duplicated, if checked close by can confirm that
Key container file is downloaded from legitimate channels, rather than illegally copies duplication;
The purpose for checking (14) is confirmed in cryptographic key containers file with the presence or absence of the user name.
Check (11)-(14) any one not by if to step (2) if the above;If (11)-(14) all pass through,
Then arrive step (5).
(2) there is no cryptographic key containers file in client, or cryptographic key containers file is destroyed, or have new user name
Cryptographic key containers file is added, then client is initiated again to authentication server:Note, call voice are reported and tested or telephone number section
The verification modes such as position, verify the authenticity of user identity, if authentication failed is to step (9), if the verification passes then:
(21) if checking that (11)-(13) any one does not pass through in step (1), to step (3);
(22) if checking that (11)-(13) pass through in step (11), only check that (14) do not pass through, to step (4);
(3) there is no cryptographic key containers file in client, or cryptographic key containers file is destroyed, and needs to apply for key again
Container file.Checking client registers customers as information and user terminal hardware information is sent to by internet encrypted passage and is tested
Card server, authentication server record user's registration information, and distribute asymmetric key system mark and public, private key pair, generate
The cryptographic key containers file of the asymmetric key system bound with username and user terminal hardware information, is sent to client
End.Client receives cryptographic key containers file, and is stored in locally stored system, then adds current file into cryptographic key containers file
The system information of storage, for the cryptographic key containers file checking in step (1), to step (9).
(4) there is cryptographic key containers file in client, and cryptographic key containers file is intact, simply needs to increase new user name.
Checking client registers customers as information and is sent to authentication server, authentication server record user by internet encrypted passage
Log-on message.New username is added cryptographic key containers file by client, to step (9).
(5) client verified is needed to initiate up checking request a (from client to server) of unsymmetrical key,
Client generates the digital signature object (can be a string of random numbers) of up checking request a and is sent to authentication server, tests
Card server generates the digital signature (signed codevector and check code) of up checking request a and descending checking using the private key of oneself
The digital signature object (can be a string of random numbers) of request b (from server to client), replys checking client, checking visitor
Family end asks the digital signature of a to carry out sign test sign test using authentication server public key, by step (6), not by step
Suddenly (8).
(6) verify that client receives the signature object of descending checking request b, respond the unsymmetrical key and verify that this descending is tested
Card request b, the digital signature object of descending checking request b that client is provided using authentication server, and the private of client
Key, the digital signature (signed codevector and check code) for generating descending checking request b is sent to authentication server, and authentication server makes
Sign test is carried out to the digital signature of the descending sign test request b with checking client public key, by step (7), not by step
Suddenly (9).
(7) two-way authentication passes through, and check results are replied into checking client.
(8) authentication server authentication failure.
(9) client identity authentication failed is verified.
In program operation process, step (1) is entered after step (9), carry out new circulation.Step (3) and step (4)
Though it is not intact or intact however it is necessary that be to circulate in the case of the new user name of increase next time to be directed at cryptographic key containers file
It is ready.
The hardware information of the cryptographic key containers file binding in the present invention can be MAC Address, the IMSI number of SIM cards of mobile phones,
IMEI number of mobile phone etc., the filesystem information of cryptographic key containers file binding can be file creation time stamp etc..
When using number verification mode, i.e., during the mode of aforesaid voice number cut position, above-mentioned steps (2) are specifically wrapped
Include following steps:
(2.1) client validation software initiates telephone number cut position checking request to authentication server, submits user's registration to
Information.
(2.2) telephone number that authentication server is dialed in user's registration information by general telephone network, and dialing
Before client numbers, first calling number is sent to client validation software, if client is band public network Speech Communication function
Terminal to step (2.3), otherwise to step (2.4).
(2.3) client validation software detection incoming call, if in time TintervalInside detect caller ID and server
Calling number is consistent, then calling number is sent into authentication server, to step (2.5);If in time TintervalInside do not have
Detect, whether client validation software to server lookup Subscriber Number is put through, if having put through step (2.4), if
Continuation is not put through in next TintervalDetection incoming call in time, when total detection time is more than n × TintervalWhen, to step
(2.8);
(2.4) client validation software shows dialog box, it is desirable to the complete calling number of user input or calling number
The part cut position of complete calling number or calling number is sent to server by part cut position, client validation software, to step
Suddenly (2.5);
(2.5) calling number or the part cut position of calling number that server sends client validation software is dialled with actual
The calling number for going out compares, if be consistent, to step (2.6);If not corresponding step (2.7);Do not have within a certain period of time
The part cut position of calling number that client validation software sends or calling number is received to step (2.8);The certain hour is
Setting value;
(2.6) client software, subscriber authentication success are replied.
(2.7) client software, subscriber authentication failure are replied.
(2.8) time time-out authentication failed.
Fig. 4 show above-mentioned number verification mode, the i.e. flow chart of the mode of voice caller number cut position.
When using short message verification code mode, above-mentioned steps (2) specifically include following steps:
(2.1) user end to server initiates short message verification code checking request, submits user's registration information, including terminal number to
Code.
(2.2) server produces identifying code, and short-message verification is sent to client by short message server or short message channel
Code, if client be the terminal with note automatic identification to step (2.3), otherwise to step (2.4).
(2.3) short message verification code in client detection note, if in time TintervalInside detect short message sending number
Code is consistent with short message server or short message channel server no, then the short message verification code of acquisition is sent into server, arrives
Step (2.5);If in time TintervalInside it is not detected by, the corresponding note of user end to server inquiry Subscriber Number is tested
Whether card code sends, and to step (2.4) if sending, continues if not sending in next TintervalInspection in time
The note for receiving is surveyed, when total detection time is more than n × TintervalWhen, to step (2.8);
(2.4) client shows dialog box, it is desirable to which the complete short message verification code of user input or part of short message identifying code cut
Position, short message verification code or short message verification code cut position number are sent to server by client validation software, to step (2.5);
(2.5) server sends client short message verification code or short message verification code cut position number be actually sent out
Short message verification code compares, if be consistent, to step (2.6);If not corresponding step (2.7);Do not receive within a certain period of time
The short message verification code sent to client validation software is to step (2.8);The certain hour is setting value;
(2.6) client software, subscriber authentication success are replied.
(2.7) client software, subscriber authentication failure are replied.
(2.8) time time-out authentication failed.
When being reported by the way of checking information using call voice, above-mentioned steps (2) specifically include following steps:
(2.1) user end to server is initiated call voice and reports checking request, submits user's registration information, including terminal to
Number.
(2.2) server produces identifying code, is called to terminal by voice server or voice service passage,
After telephone call is logical, speech verification information is reported to user by voice, speech verification information can be one section of identifying code.
(2.3) client shows dialog box, it is desirable to which the complete speech identifying code or part of speech that user input is heard is tested
Card code cut position, speech identifying code or speech identifying code cut position number are sent to server by client validation software, to step
(2.4);
(2.4) server sends client speech identifying code or speech identifying code cut position number and actual report
Speech identifying code compares, if be consistent, to step (2.5);If not corresponding step (2.6);Do not receive within a certain period of time
The speech identifying code sent to client validation software is to step (2.7);The certain hour is setting value;
(2.5) client, subscriber authentication success are replied.
(2.6) client, subscriber authentication failure are replied.
(2.7) time time-out authentication failed.
A kind of Information Authentication method of the present invention by only in registration phase using voice or short-message verification, and client with
Using the two-way authentication based on unsymmetrical key or the unilateral authentication based on symmetric key between server, checking is being greatly improved
While reliability and security, significantly simplify the flow process of checking, reduce the cost of checking.Wherein to cryptographic key containers file
Use, the reliability and security of checking and the terseness of flow process further greatly improved, equally promote reduction checking
Cost.
The above-mentioned description to embodiment is understood that for ease of those skilled in the art and using this
It is bright.Person skilled in the art obviously easily can make various modifications to these embodiments, and described herein
General Principle is applied in other embodiment without through performing creative labour.Therefore, the invention is not restricted to enforcement here
Example, those skilled in the art's announcement of the invention, the improvement made without departing from scope and modification all should be
Within protection scope of the present invention.
Claims (10)
1. a kind of Information Authentication method, it is characterised in that:Comprise the following steps:
(1) user end to server sends user's registration information, requests verification user identity;
The server is used to verify user identity, and after checking user identity success, according to the user's registration information,
Produce the cryptographic key containers file of the correspondence client;
(2) client is downloaded described close after the successful message of expression checking user identity is received from server from server
Key container file updates original cipher key container file for the cryptographic key containers file, and the cryptographic key containers file includes letter to be matched
Breath, and the public and private key pair or symmetric key of unsymmetrical key, the information to be matched, and unsymmetrical key is public and private
Key pair or symmetric key are bound with the cryptographic key containers file, for Authentication Client;
(3) after actual information is with the information matches success to be matched in client, the applied business of client need into
When row user identity authenticity verification, client carries out the two-way authentication based on unsymmetrical key to server or is based on
The unilateral authentication of symmetric key.
2. Information Authentication method according to claim 1, it is characterised in that:The information to be matched is user name and client
End hardware system information;The cryptographic key containers file also binary code comprising key core algorithm;
Preferably, the cryptographic key containers file is formed in the following manner:According to different CPU and compiler, to compiled
The binary code of executable software carries out quadratic transformation or partial information is replaced, by key or algorithm with binary shape
Formula is obscured with the binary code and binary data of executable software and is obtained;
Preferably, the logic of the cryptographic key containers file is stored in dynamic link library after being encrypted, corresponding encryption key
By user or back-stage management;
Preferably, the process only specified can just access the cryptographic key containers file;
Preferably, the cryptographic key containers file in use, in internal memory or caching is placed on after related information decryption
Use, corresponding use region is covered with junk data using rear, to reach quick and safe handling requirement.
3. Information Authentication method according to claim 1, it is characterised in that:Voice caller number is adopted in the step (1)
The mode of code or voice caller number cut position verifies user identity;
Or, verify user identity by the way of voice broadcast checking information in the step (1);
Or, user identity is verified using short message mode in the step (1).
4. Information Authentication method according to claim 1, it is characterised in that:Voice caller number is adopted in the step (1)
When the mode of code or voice caller number cut position verifies user identity, the step (1) includes:
(11) user end to server initiates voice caller number or voice caller number cut position checking request, submits user's registration to
Information;The server is used for according to the user's registration information, and to client calling number is sent, then by corresponding caller electricity
The telephone number that words are dialed in the user's registration information;
(12) calling number that client the reception server is sent;If client is band public network Speech Communication function terminal to step
Suddenly (13), otherwise to step (14);
(13) client detection service device incoming call, if in time TintervalCaller ID is inside detected with the calling number one
Cause, then client of stopping ring, and the calling number is sent into server, to step (15);If in time Tinterval
Incoming call is inside not detected by, user end to server initiates inquiry, and whether inquiry Subscriber Number is put through, if having put through step
(14), if not putting through continuation in next TintervalDetection incoming call in time, when total detection time is more than n × Tinterval
When, show time time-out authentication failed;Wherein, TintervalIt is setting value with n;
(14) client shows dialog box, it is desirable to the part cut position of the complete calling number of user input or calling number, client
The part cut position of calling number or calling number is sent to server by end, to step (15);
(15) if client issues the calling number of server or the part cut position of calling number issues client with server
Calling number is consistent, then client receives the successful message of subscriber authentication that server is sent;If do not corresponded, client
End receives the subscriber authentication failure that server is sent;If the caller that client is sent is sent a telegram here within a certain period of time
Not serviced device is received, then client shows time time-out authentication failed;The certain hour is setting value;
Preferably, the telephone number is phone number;
Preferably, the telephone number dialed in user's registration information in the step (11) passes through general telephone network.
5. Information Authentication method according to claim 1, it is characterised in that:By internet encrypted in the step (2)
It is the cryptographic key containers file that passage downloads the cryptographic key containers file or the original cipher key container file of renewal cipher key system.
6. Information Authentication method according to claim 1, it is characterised in that:When client is carried out based on non-right to server
When claiming the two-way authentication of key, the step (3) includes:
(31) user end to server initiates up checking request a, and the digital signature object for generating up checking request a is sent out
Give server;Server is used to generate the digital signature of up checking request a and descending checking using the private key of oneself
The digital signature object of request b, replys client;
(32) client carries out sign test using the public key of server to the digital signature of the up sign test request a, by step
Suddenly (33), not by step (35);
(33) according to the private key of itself, the digital signature for generating descending checking request b is sent to server to client;Service
Device is used to carry out sign test to the digital signature of the descending sign test request b using the public key of client, by then arriving step (34),
Not by step (36);
(34) client receives the check results for representing that two-way authentication passes through from server;
(35) authentication of the client to server fails;
(36) the authentication failure of client;
Preferably, the digital signature object is a string of random numbers;The digital signature includes signed codevector and check code.
7. a kind of Information Authentication method, it is characterised in that:Comprise the following steps:
(1) server verifies the user identity of client from client receive user log-on message;
(2) after the success of server authentication user identity, according to the user's registration information of client, the correspondence client is produced
Cryptographic key containers file;
Client is used for after the successful message of expression checking user identity is received from server, downloads from server described close
Key container file updates original cipher key container file for the cryptographic key containers file, and is matching into the cryptographic key containers file
After work(, to server the two-way authentication based on unsymmetrical key or the unilateral authentication based on symmetric key are initiated;The key
Container file includes information to be matched, and the public and private key pair or symmetric key of unsymmetrical key, the information to be matched,
And the public and private key pair or symmetric key of unsymmetrical key is bound with the cryptographic key containers, for Authentication Client;
(3) after actual information is with the information matches success to be matched in client, the applied business of client need into
When row user identity authenticity verification, server carries out the two-way authentication based on unsymmetrical key to client or is based on
The unilateral authentication of symmetric key.
8. Information Authentication method according to claim 7, it is characterised in that:The information to be matched is user name and client
End hardware system information;The cryptographic key containers file also binary code comprising key core algorithm;
Preferably, the cryptographic key containers file is formed in the following manner:According to different CPU and compiler, to compiled
The binary code of executable software carries out quadratic transformation or partial information is replaced, by key or algorithm with binary shape
Formula is obscured with the binary code and binary data of executable software and is obtained;
Preferably, the logic of the cryptographic key containers file is stored in dynamic link library after being encrypted, corresponding encryption key
By user or back-stage management;
Preferably, the process only specified can just access the cryptographic key containers file;
Preferably, the cryptographic key containers file in use, in internal memory or caching is placed on after related information decryption
Use, corresponding use region is covered with junk data using rear, to reach quick and safe handling requirement.
9. Information Authentication method according to claim 7, it is characterised in that:Tested based on voice broadcast in the step (1)
The mode of card information verifies the user identity of client;
Or, the user identity of client is verified in the step (1) based on short message mode;
Or, client is verified based on the mode of voice caller number or voice caller number cut position in the step (1)
User identity, the step (1) comprises the following steps:
(11) server receives the voice caller number from client or checking request and the user of voice caller number cut position
Log-on message;
(12) calling number is first sent to client by server, then is dialed in user's registration information by corresponding caller phone
Telephone number;
During the client band public network Speech Communication function, for detecting incoming call, and:If in time TintervalInside detect
Caller ID is consistent with the calling number, then client of stopping ring, and the calling number is sent into server;If
In time TintervalIncoming call is inside not detected by, initiates to inquire about to server, whether inquiry Subscriber Number is put through, if dialled
It is logical, then show dialog box, it is desirable to the part cut position of the complete calling number of user input or calling number, by the calling number or
The part cut position of calling number is sent to server;If not putting through continuation in next TintervalDetection incoming call in time,
When total detection time is more than n × TintervalWhen, then show time time-out authentication failed;
Wherein, TintervalIt is setting value with n;
If client is not the terminal with public network Speech Communication function, client is used to show dialog box, it is desirable to which user is defeated
Enter the part cut position of complete calling number or calling number, the part cut position of the calling number or calling number is sent to
Server;
(13) server sends client calling number or the part cut position of calling number and the actual calling number transferred to
Relatively, if be consistent, client, subscriber authentication success are replied;If do not corresponded, client, user identity are replied
Authentication failed;The caller incoming call that client is sent is not received within a certain period of time, then client is used to show that time time-out is tested
Card failure;The certain hour is setting value;
Preferably, the telephone number is phone number;
Preferably, the telephone number dialed in user's registration information by general telephone network in the step (12).
10. Information Authentication method according to claim 7, it is characterised in that:When server is carried out based on non-to client
During the two-way authentication of symmetric key, the step (3) includes:
(31) server receives the digital signature object of up checking request a from client, is generated using the private key of oneself described
The digital signature object of the digital signature of up checking request a and descending checking request b, replys client;
The client is used to carry out sign test to the digital signature of the up sign test request a with the public key of server, and:
By when, according to the private key of client, the digital signature for generating descending checking request b is sent to server;
In obstructed out-of-date, expression server authentication failure;
(32) server is when the digital signature of descending checking request b is received from client, with the public key of client to institute
Stating the digital signature of descending checking request b carries out sign test;
If passed through, the check results for representing that two-way authentication passes through are sent to client;
If do not passed through, the check results for representing client identity authentication failed are sent to client;
Preferably, the digital signature object is a string of random numbers;The digital signature includes signed codevector and check code.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610971327.2A CN106656992B (en) | 2016-11-03 | 2016-11-03 | Information verification method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610971327.2A CN106656992B (en) | 2016-11-03 | 2016-11-03 | Information verification method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106656992A true CN106656992A (en) | 2017-05-10 |
CN106656992B CN106656992B (en) | 2020-06-19 |
Family
ID=58821957
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610971327.2A Expired - Fee Related CN106656992B (en) | 2016-11-03 | 2016-11-03 | Information verification method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106656992B (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107547570A (en) * | 2017-09-30 | 2018-01-05 | 国信优易数据有限公司 | A kind of data safety service platform and data safe transmission method |
CN110058967A (en) * | 2019-03-14 | 2019-07-26 | 郑州轻工业学院 | A kind of multicomputer cooperative system and collaboration method based on stelliform connection topology configuration |
CN110365664A (en) * | 2019-06-27 | 2019-10-22 | 上海淇馥信息技术有限公司 | A kind of phone number register method, device and electronic equipment based on intelligent sound outgoing call |
CN112954693A (en) * | 2021-02-10 | 2021-06-11 | 中国工商银行股份有限公司 | Identity authentication method, identity authentication server and terminal |
CN113965323A (en) * | 2021-10-26 | 2022-01-21 | 云南大学 | Certificateless body measurement data tamper-proof method and certificateless body measurement data tamper-proof system |
Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020166048A1 (en) * | 2001-05-01 | 2002-11-07 | Frank Coulier | Use and generation of a session key in a secure socket layer connection |
US20030221126A1 (en) * | 2002-05-24 | 2003-11-27 | International Business Machines Corporation | Mutual authentication with secure transport and client authentication |
CN101043337A (en) * | 2007-03-22 | 2007-09-26 | 中兴通讯股份有限公司 | Interactive process for content class service |
CN101431415A (en) * | 2008-12-12 | 2009-05-13 | 天柏宽带网络科技(北京)有限公司 | Bidirectional authentication method |
CN102413132A (en) * | 2011-11-16 | 2012-04-11 | 北京数码视讯软件技术发展有限公司 | Two-way-security-authentication-based data downloading method and system |
CN103124269A (en) * | 2013-03-05 | 2013-05-29 | 桂林电子科技大学 | Bidirectional identity authentication method based on dynamic password and biologic features under cloud environment |
CN104253806A (en) * | 2013-06-29 | 2014-12-31 | 华为终端有限公司 | Authentication method, client and server |
CN104901935A (en) * | 2014-09-26 | 2015-09-09 | 易兴旺 | Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem) |
CN104901803A (en) * | 2014-08-20 | 2015-09-09 | 易兴旺 | Data interaction safety protection method based on CPK identity authentication technology |
CN105872848A (en) * | 2016-06-13 | 2016-08-17 | 北京可信华泰信息技术有限公司 | Credible two-way authentication method applicable to asymmetric resource environment |
-
2016
- 2016-11-03 CN CN201610971327.2A patent/CN106656992B/en not_active Expired - Fee Related
Patent Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020166048A1 (en) * | 2001-05-01 | 2002-11-07 | Frank Coulier | Use and generation of a session key in a secure socket layer connection |
US20030221126A1 (en) * | 2002-05-24 | 2003-11-27 | International Business Machines Corporation | Mutual authentication with secure transport and client authentication |
CN101043337A (en) * | 2007-03-22 | 2007-09-26 | 中兴通讯股份有限公司 | Interactive process for content class service |
CN101431415A (en) * | 2008-12-12 | 2009-05-13 | 天柏宽带网络科技(北京)有限公司 | Bidirectional authentication method |
CN102413132A (en) * | 2011-11-16 | 2012-04-11 | 北京数码视讯软件技术发展有限公司 | Two-way-security-authentication-based data downloading method and system |
CN103124269A (en) * | 2013-03-05 | 2013-05-29 | 桂林电子科技大学 | Bidirectional identity authentication method based on dynamic password and biologic features under cloud environment |
CN104253806A (en) * | 2013-06-29 | 2014-12-31 | 华为终端有限公司 | Authentication method, client and server |
CN104901803A (en) * | 2014-08-20 | 2015-09-09 | 易兴旺 | Data interaction safety protection method based on CPK identity authentication technology |
CN104901935A (en) * | 2014-09-26 | 2015-09-09 | 易兴旺 | Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem) |
CN105872848A (en) * | 2016-06-13 | 2016-08-17 | 北京可信华泰信息技术有限公司 | Credible two-way authentication method applicable to asymmetric resource environment |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107547570A (en) * | 2017-09-30 | 2018-01-05 | 国信优易数据有限公司 | A kind of data safety service platform and data safe transmission method |
CN107547570B (en) * | 2017-09-30 | 2023-12-05 | 国信优易数据股份有限公司 | Data security service platform and data security transmission method |
CN110058967A (en) * | 2019-03-14 | 2019-07-26 | 郑州轻工业学院 | A kind of multicomputer cooperative system and collaboration method based on stelliform connection topology configuration |
CN110058967B (en) * | 2019-03-14 | 2021-03-26 | 郑州轻工业学院 | Multi-computer cooperation system and cooperation method based on star topology structure |
CN110365664A (en) * | 2019-06-27 | 2019-10-22 | 上海淇馥信息技术有限公司 | A kind of phone number register method, device and electronic equipment based on intelligent sound outgoing call |
CN110365664B (en) * | 2019-06-27 | 2022-04-05 | 上海淇馥信息技术有限公司 | Mobile phone number registration method and device based on intelligent voice outbound call and electronic equipment |
CN112954693A (en) * | 2021-02-10 | 2021-06-11 | 中国工商银行股份有限公司 | Identity authentication method, identity authentication server and terminal |
CN112954693B (en) * | 2021-02-10 | 2023-02-24 | 中国工商银行股份有限公司 | Identity authentication method, identity authentication server and terminal |
CN113965323A (en) * | 2021-10-26 | 2022-01-21 | 云南大学 | Certificateless body measurement data tamper-proof method and certificateless body measurement data tamper-proof system |
Also Published As
Publication number | Publication date |
---|---|
CN106656992B (en) | 2020-06-19 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106656992A (en) | Information verification method | |
CN101183932B (en) | Security identification system of wireless application service and login and entry method thereof | |
CN106304074B (en) | Auth method and system towards mobile subscriber | |
CN105591744B (en) | A kind of genuine cyber identification authentication method and system | |
CN106027501B (en) | A kind of system and method for being traded safety certification in a mobile device | |
US8184811B1 (en) | Mobile telephony content protection | |
US7000117B2 (en) | Method and device for authenticating locally-stored program code | |
CN103795724B (en) | Method for protecting account security based on asynchronous dynamic password technology | |
CN109345245B (en) | Short message verification method, device, network and storage medium based on block chain | |
US20080184029A1 (en) | Method and system for generating digital fingerprint | |
US11403633B2 (en) | Method for sending digital information | |
KR20090031672A (en) | Authentication method for wireless transactions | |
CN104125230B (en) | A kind of short message certification service system and authentication method | |
CN103560883A (en) | Safety identification method, between android application programs, based on user right | |
CN107113613A (en) | Server, mobile terminal, real-name network authentication system and method | |
CN106686585A (en) | Binding method and system | |
CN106921633A (en) | Calling number Verification System and method | |
CN106127441A (en) | A kind of network system preventing personal information from leaking and implementation method | |
CN109934317A (en) | A kind of lost article recovering system and method based on two-dimensional barcode information storing technology | |
CN103401686B (en) | A kind of user's OTP WEB Authentication System and application process thereof | |
CN109587683B (en) | Method and system for preventing short message from being monitored, application program and terminal information database | |
CN108599944A (en) | A kind of identifying code short message transparent encryption method based on handset identities | |
CN110944300B (en) | Short message service system, forwarding interface device and defense server | |
CN105610570B (en) | Translation and compiling environment installs register method and system | |
CN117220904A (en) | Service protection method, device, electronic equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20200619 Termination date: 20201103 |
|
CF01 | Termination of patent right due to non-payment of annual fee |