CN106656992A - Information verification method - Google Patents

Information verification method Download PDF

Info

Publication number
CN106656992A
CN106656992A CN201610971327.2A CN201610971327A CN106656992A CN 106656992 A CN106656992 A CN 106656992A CN 201610971327 A CN201610971327 A CN 201610971327A CN 106656992 A CN106656992 A CN 106656992A
Authority
CN
China
Prior art keywords
client
server
key
information
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610971327.2A
Other languages
Chinese (zh)
Other versions
CN106656992B (en
Inventor
林锦吾
董宇
刘虎
喻斌
李振洪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN201610971327.2A priority Critical patent/CN106656992B/en
Publication of CN106656992A publication Critical patent/CN106656992A/en
Application granted granted Critical
Publication of CN106656992B publication Critical patent/CN106656992B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication

Abstract

The invention presents an information verification method including the following steps: (1) a client sends user registration information to a server to request for user identity verification, the server is used for verifying user identity, and the server generates a key container file corresponding to the client according to the user registration information after verification succeeds; (2) the client downloads the key container file from the server or gets the key container file by updating, wherein the key container file contains to-be-matched information and the public-private key pair of asymmetric keys or symmetric keys, and the information is bound to the key container file for client authentication; and (3) after actual information in the client is matched with the to-be-matched information, when the application service of the client requires user identity authentication, the client and the server conduct two-way authentication based on the asymmetric keys or one-way authentication based on the symmetric keys. The process of verification is simplified greatly and the cost of verification cost is lowered while the reliability and safety of verification are improved greatly.

Description

A kind of Information Authentication method
Technical field
The invention belongs to field of information security technology, is related to a kind of Information Authentication technology.
Background technology
With mobile communication and the high speed development of Internet technology, the certification of personal identification is in bank, security, commercial affairs, trade Easily, the application demand of the industry-by-industry such as office, education is more and more, and the safety problem of personal identification also result in widely Pay attention to.The technology being authenticated by modes such as dynamic token, U-shield, fingerprints in having of commonly using of internet arena at present.But, These technologies generally require the hardware product that user carries with certification, very inconvenient.Short-message verification relative ease and user's body Test, but every time checking is required for short message sending plain text authentication code to user, except verifying high cost, and has security risk.
The principle of verification note is to allow user to perceive this for its certain behavior, such as payment behavior occurs, to robber The cheat of brush user account number improves threshold, because cheat may take payment cipher, may not but grasp the mobile phone of user.And And user have received indescribable payment short message verification code, account number stolen may can be perceived, and then improve safety Property.But short message verification code has the weakness that it is projected as the mainstay of safety, i.e., send in plain text again, the quilt in communication way Intercept and forward so as to lose security, also all kinds of employing artificial means deception victims leak the fraud of identifying code, pin To be all this weakness.
In addition in plain text, short-message verification uses the mode of monolateral checking, that is to say, that the people for sending out can ensure that reception People is exactly this cell-phone number, and it is on earth note that who sends out that the people of receipts does not but verify.Such case is very easy to cause mobile phone wood The fast propagation of horse, has on the market various modifications to show the hacker software of number, can send and be shown as the service numbers such as bank wire The note of code, content is exactly the notice of various official's implications, lures that client removes clickthrough into.User's point has an APK after entering Download prompting to install, mobile phone has just suffered wooden horse after installation.The propagation of wooden horse is very rapidly, to have suffered the mobile phone of wooden horse, Stealthily fishing note can be sent to the people inside address list, also intelligently can be called according to the record inside address list, to youngster The note of son may be exactly the pet name of son, and the note to lover may be exactly the diminutive that few people know, the content of note A little photos that have been mostly what my most close-perspective recordings, clickthrough is it is seen that this kind of.This just greatly strengthen fishing note Confidence level, promotes more people to infect.The mobile phone infected continues to be sent short messages diffusion wooden horse to address list, so spreads from mouth to mouth, Wooden horse is rapidly with regard to spread out.
Wooden horse plantation will stash to after mobile phone the inside.It can specially monitor the short-message verification of each payment platform Code and the notifying messages of withholing of bank, can be automatically forwarded on the equipment of cheat's control, for bank to short message verification code wooden horse The notifying messages withholdd, wooden horse is deleted silently, so as at all user perceives the generation less than payment behavior.Cheat utilizes Fishing net Stand and collect the customer information that comes and swindled, need payment cipher in checking, cheat just with wooden horse forwarding come note test Card code is filled in just can be with.So, short message verification code is just thoroughly destroyed in protective action for security.
Although occurring in that speech verification in recent years, needs call report speech identifying code, user to user every time Need to remember identifying code, it is not only inconvenient, but also there is a problem of high cost.
The content of the invention
It is an object of the invention to provide a kind of Information Authentication method, to greatly improve the reliability and security of checking, Significantly simplify the flow process of checking simultaneously, reduce the cost of checking.
In order to achieve the above object, solution of the invention is:
A kind of Information Authentication method, comprises the following steps:
(1) user end to server sends user's registration information, requests verification user identity;
The server is used to verify user identity, and after checking user identity success, according to the user's registration Information, produces the cryptographic key containers file of the correspondence client;
(2) client downloads institute after the successful message of expression checking user identity is received from server from server It is the cryptographic key containers file to state cryptographic key containers file or update original cipher key container file, and the cryptographic key containers file is comprising treating With information, and the public and private key pair or symmetric key of unsymmetrical key, the information to be matched, and unsymmetrical key Public and private key pair or symmetric key are bound with the cryptographic key containers file, for Authentication Client;
(3) after actual information is with the information matches success to be matched in client, need in the applied business of client When carrying out user identity authenticity verification, client to server carry out based on unsymmetrical key two-way authentication or Unilateral authentication based on symmetric key.
The information to be matched is user name and client hardware system information;The cryptographic key containers file also includes key The binary code of core algorithm.
Preferably, the cryptographic key containers file is formed in the following manner:According to different CPU and compiler, to compiling The binary code of good executable software carries out quadratic transformation or partial information is replaced, by key or algorithm with binary system Form obscure with the binary code and binary data of executable software and obtain.
Preferably, the logic of the cryptographic key containers file is stored in dynamic link library after being encrypted, corresponding encryption Key is by user or back-stage management.
Preferably, the process only specified can just access the cryptographic key containers file.
Preferably, the cryptographic key containers file in use, will be placed on internal memory or slow after related information decryption Used in depositing, corresponding use region is covered with junk data using rear, to reach quick and safe handling requirement.
User identity is verified in the step (1) by the way of voice caller number or voice caller number cut position; Or, verify user identity by the way of voice broadcast checking information in the step (1);Or, adopt in the step (1) User identity is verified with short message mode.
In the step (1) when user identity is verified by the way of voice caller number or voice caller number cut position, The step (1) includes:
(11) user end to server initiates voice caller number or voice caller number cut position checking request, submits user to Log-on message;The server is used for according to the user's registration information, and to client calling number is sent, then by corresponding master It is the telephone number in user's registration information described in telephone call;
(12) calling number that client the reception server is sent;If client is band public network Speech Communication function terminal To step (13), otherwise to step (14);
(13) client detection service device incoming call, if in time TintervalCaller ID is inside detected with the caller number Code is consistent, then client of stopping ring, and the calling number is sent into server, to step (15);If in the time TintervalIncoming call is inside not detected by, user end to server initiates inquiry, and whether inquiry Subscriber Number is put through, if put through To step (14), if not putting through continuation in next TintervalDetection incoming call in time, when total detection time more than n × TintervalWhen, show time time-out authentication failed;Wherein, TintervalIt is setting value with n;
(14) client shows dialog box, it is desirable to the part cut position of the complete calling number of user input or calling number, The part cut position of calling number or calling number is sent to server by client, to step (15);
(15) if client issues the calling number of server or the part cut position of calling number issues client with server The calling number at end is consistent, then client receives the successful message of subscriber authentication that server is sent;If do not corresponded, Client receives the subscriber authentication failure that server is sent;If the caller incoming call that client is sent is in a timing Interior not serviced device is received, then client shows time time-out authentication failed;The certain hour is setting value.
Preferably, the telephone number is phone number.
Preferably, the telephone number dialed in user's registration information in the step (11) passes through general telephone network.
The original of the cryptographic key containers file or renewal cipher key system is downloaded in the step (2) by internet encrypted passage Cryptographic key containers file is the cryptographic key containers file.
When client carries out the two-way authentication based on unsymmetrical key to server, the step (3) includes:
(31) user end to server initiates up checking request a, generates the digital signature pair of up checking request a As being sent to server;Server is used to generate the digital signature of up checking request a and descending using the private key of oneself The digital signature object of checking request b, replys client;
(32) client carries out sign test using the public key of server to the digital signature of the up sign test request a, passes through To step (33), not by step (35);
(33) according to the private key of itself, the digital signature for generating descending checking request b is sent to server to client; Server is used to carry out sign test to the digital signature of the descending sign test request b using the public key of client, by then arriving step (34), not by step (36);
(34) client receives the check results for representing that two-way authentication passes through from server;
(35) authentication of the client to server fails;
(36) the authentication failure of client.
Preferably, the digital signature object is a string of random numbers;The digital signature includes signed codevector and check code.
A kind of Information Authentication method, comprises the following steps:
(1) server verifies the user identity of client from client receive user log-on message;
(2) after the success of server authentication user identity, according to the user's registration information of client, the correspondence client is produced The cryptographic key containers file at end;
Client is used for after the successful message of expression checking user identity is received from server, and from server institute is downloaded It is the cryptographic key containers file to state cryptographic key containers file or update original cipher key container file, and with the cryptographic key containers file After with success, to server the two-way authentication based on unsymmetrical key or the unilateral authentication based on symmetric key are initiated;It is described Cryptographic key containers file includes information to be matched, and the public and private key pair or symmetric key of unsymmetrical key, described to be matched Information, and the public and private key pair or symmetric key of unsymmetrical key bind with the cryptographic key containers, for certification client End;
(3) after actual information is with the information matches success to be matched in client, need in the applied business of client When carrying out user identity authenticity verification, server to client carry out based on unsymmetrical key two-way authentication or Unilateral authentication based on symmetric key.
The information to be matched is user name and client hardware system information;The cryptographic key containers file also includes key The binary code of core algorithm.
Preferably, the cryptographic key containers file is formed in the following manner:According to different CPU and compiler, to compiling The binary code of good executable software carries out quadratic transformation or partial information is replaced, by key or algorithm with binary system Form obscure with the binary code and binary data of executable software and obtain.
Preferably, the logic of the cryptographic key containers file is stored in dynamic link library after being encrypted, corresponding encryption Key is by user or back-stage management.
Preferably, the process only specified can just access the cryptographic key containers file.
Preferably, the cryptographic key containers file in use, will be placed on internal memory or slow after related information decryption Used in depositing, corresponding use region is covered with junk data using rear, to reach quick and safe handling requirement.
The user identity of client is verified in the step (1) based on the mode of voice broadcast checking information;Or, it is described The user identity of client is verified in step (1) based on short message mode;Or, voice caller number is based in the step (1) Or the mode of voice caller number cut position verifies the user identity of client, the step (1) comprises the following steps:
(11) server receive from client voice caller number or voice caller number cut position checking request and User's registration information;
(12) calling number is first sent to client by server, then dials user's registration information by corresponding caller phone In telephone number;
During the client band public network Speech Communication function, for detecting incoming call, and:If in time TintervalInterior inspection Measure caller ID consistent with the calling number, then client of stopping ring, and the calling number is sent into server; If in time TintervalIncoming call is inside not detected by, initiates to inquire about to server, whether inquiry Subscriber Number is put through, if Put through, then show dialog box, it is desirable to the part cut position of the complete calling number of user input or calling number, by the calling number Or the part cut position of calling number is sent to server;If not putting through continuation in next TintervalDetection in time comes Electricity, when total detection time is more than n × TintervalWhen, then show time time-out authentication failed;
Wherein, TintervalIt is setting value with n;
If client is not the terminal with public network Speech Communication function, client is used to show dialog box, it is desirable to use The part cut position of the complete calling number of family input or calling number, the part cut position of the calling number or calling number is sent out Give server;
(13) server sends client calling number or the part cut position of calling number and the actual caller transferred to Number compares, if be consistent, replys client, subscriber authentication success;If do not corresponded, client, user are replied Authentication fails;The caller incoming call that client is sent is not received within a certain period of time, then client is used to show that the time surpasses When authentication failed;The certain hour is setting value.
Preferably, the telephone number is phone number.
Preferably, the telephone number dialed in user's registration information by general telephone network in the step (12).
When server carries out the two-way authentication based on unsymmetrical key to client, the step (3) includes:
(31) server receives the digital signature object of up checking request a from client, is generated using the private key of oneself The digital signature of up checking request a and the digital signature object of descending checking request b, reply client;
The client is used to carry out sign test to the digital signature of the up sign test request a with the public key of server, and And:When passing through, according to the private key of client, the digital signature for generating descending checking request b is sent to server;
In obstructed out-of-date, expression server authentication failure;
(32) server is when the digital signature of descending checking request b is received from client, with the public key of client Sign test is carried out to the digital signature of descending checking request b;
If passed through, the check results for representing that two-way authentication passes through are sent to client;
If do not passed through, the check results for representing client identity authentication failed are sent to client.
Preferably, the digital signature object is a string of random numbers;The digital signature includes signed codevector and check code.
Due to adopting such scheme, the invention has the beneficial effects as follows:Information Authentication method of the present invention is by only in registration rank Section using the two-way authentication based on unsymmetrical key or is based between a client and a server using voice or short-message verification The unilateral authentication of symmetric key, while checking reliability and security is greatly improved, significantly simplifies the flow process of checking, reduces The cost of checking.Wherein to the use of cryptographic key containers file, the reliability and security of checking further greatly improved with And the terseness of flow process, equally promote reduction checking cost.
Description of the drawings
Fig. 1 is the schematic diagram in each stage in the embodiment of the present invention;
Fig. 2 is the schematic diagram in the two-way authentication stage that the phase III is based on unsymmetrical key in the embodiment of the present invention;
Fig. 3 is the overall flow figure of the embodiment of the present invention;
Fig. 4 is the flow chart of voice caller number cut position verification mode in the embodiment.
Specific embodiment
Below in conjunction with accompanying drawing illustrated embodiment, the present invention is further illustrated.
The present invention proposes a kind of Information Authentication method, and the method is comprised the following steps:
(1) user end to server sends user's registration information, requests verification user identity;
Above-mentioned server is used to verify user identity, and after checking user identity success, according to user's registration information, Produce the cryptographic key containers file of correspondence client.
(2) client is downloaded after the successful message of expression checking user identity is received from server from server It is above-mentioned cryptographic key containers file to state cryptographic key containers file or update original cipher key container file.The cryptographic key containers file is comprising to be matched Information, and the public and private key pair or symmetric key of unsymmetrical key, above-mentioned information to be matched, and the public affairs of unsymmetrical key Private key pair or symmetric key are bound with cryptographic key containers file, for Authentication Client.
(3) after actual information is with above-mentioned information matches success to be matched in client, need in the applied business of client When carrying out user identity authenticity verification, client to server carry out based on unsymmetrical key two-way authentication or Unilateral authentication based on symmetric key.
Fig. 1 show the schematic diagram in the Information Authentication each stage of method, each stage in above steps correspondence Fig. 1.Fig. 2 The schematic diagram in this stage when for the phase III being the two-way authentication stage based on unsymmetrical key.
In the present embodiment, above-mentioned information to be matched is user name and client hardware system information.Above-mentioned cryptographic key containers text The part also binary code comprising key core algorithm.In the present embodiment, cryptographic key containers file is formed in the following manner:According to Different CPU and compiler, carry out quadratic transformation or partial information are replaced to the binary code of compiled executable software Change, key or algorithm are obscured in binary form with the binary code and binary data of executable software Arrive.
The logic of the cryptographic key containers file is stored in dynamic link library after being encrypted, and corresponding encryption key is by user Or back-stage management;Additionally, the process only specified can just access cryptographic key containers file.The cryptographic key containers file was being used Cheng Zhong, used in internal memory or caching is placed on after related information decryption, corresponding use is covered using rear with junk data Region, to reach quick and safe handling requirement.
In above-mentioned steps (1) can by the way of voice caller number or voice caller number cut position, voice broadcast tests The mode of card information or short message mode checking user identity.
When user identity is verified by the way of voice caller number or voice caller number cut position, above-mentioned steps (1) following steps are specifically included:
(11) user end to server initiates the checking request of voice caller number or voice caller number cut position mode, carries Hand over user's registration information;The server is used for according to above-mentioned user's registration information, and to client calling number is sent, then by correspondence The telephone number dialed in the user's registration information of caller phone.
(12) calling number that client the reception server is sent;If client is band public network Speech Communication function terminal To step (13), otherwise to step (14).
(13) client detection service device incoming call, if in time TintervalCaller ID is inside detected with above-mentioned caller number Code is consistent, then client of stopping ring, and the calling number is sent into server, to step (15);If in the time TintervalIncoming call is inside not detected by, user end to server initiates inquiry, and whether the telephone number for inquiring about user is put through, if Step (14) has been put through, if not putting through continuation in next TintervalDetection incoming call in time, when total detection time it is big In n × TintervalWhen, show time time-out authentification failure;Wherein, TintervalIt is setting value with n.
(14) client shows dialog box, it is desirable to the part cut position of the complete calling number of user input or calling number, The part cut position of complete calling number or calling number is sent to server by client, to step (15).
(15) if client issues the calling number of server or the part cut position of calling number issues client with server The calling number at end is consistent, then client receives the successful message of subscriber authentication that server is sent;If do not corresponded, Client receives the subscriber authentication failure that server is sent;If calling number or caller number that client is sent Within a certain period of time not serviced device is received the part cut position of code, then client shows time time-out authentication failed;One timing Between be setting value.
Above-mentioned user's registration information includes the telephone number of client user, such as phone number;Lead in above-mentioned steps (11) Cross the telephone number that general telephone network is dialed in user's registration information.
The original of above-mentioned cryptographic key containers file or renewal cipher key system is downloaded in above-mentioned steps (2) by internet encrypted passage Cryptographic key containers file is above-mentioned cryptographic key containers file.
In the present embodiment, when two-way authentication is carried out based on unsymmetrical key, above-mentioned steps (3) specifically include following step Suddenly:
(31) user end to server initiates up checking request a, generates the digital signature object of up checking request a It is sent to server;Server is used to generate the digital signature of up checking request a and descending checking using the private key of oneself The digital signature object of request b, replys client;
(32) client asks the digital signature of a to carry out sign test up sign test using the public key of server, by step Suddenly (33), not by step (35);
(33) according to the private key of itself, the digital signature for generating above-mentioned descending checking request b is sent to server to client; Server is used to carry out sign test to the digital signature of the descending sign test request b using the public key of client, by then arriving step (34), not by step (36);
(34) client receives the check results for representing that two-way authentication passes through from server;
(35) authentication of the client to server fails;
(36) the authentication failure of client.
In said process, two kinds of digital signature objects can be a string of random numbers;Two kinds of digital signature may each comprise Signed codevector and check code.
The invention allows for a kind of Information Authentication method, comprises the following steps:
(1) server verifies the user identity of client from client receive user log-on message.
(2) after the success of server authentication user identity, according to the user's registration information of client, produce to should client Cryptographic key containers file.Wherein, client is used for after the successful message of expression checking user identity is received from server, from It is above-mentioned cryptographic key containers file that server downloads above-mentioned cryptographic key containers file or updates original cipher key container file, and close with above-mentioned Key container file is after the match is successful, and two-way authentication based on unsymmetrical key is initiated or based on the unidirectional of symmetric key to server Certification.The cryptographic key containers file includes information to be matched, and the public and private key pair or symmetric key of unsymmetrical key, described Information to be matched, and the public and private key pair or symmetric key of unsymmetrical key bind with the cryptographic key containers, for recognizing Card client.
(3) after actual information is with the information matches success to be matched in client, need in the applied business of client When carrying out user identity authenticity verification, server carries out the two-way authentication based on unsymmetrical key or base to client In the unilateral authentication of symmetric key.
In the present embodiment, above-mentioned information to be matched is user name and client hardware system information;The cryptographic key containers file Also include the binary code of key core algorithm.In the present embodiment, the cryptographic key containers file is formed in the following manner:According to Different CPU and compiler, carry out quadratic transformation or partial information are replaced to the binary code of compiled executable software Change, key or algorithm are obscured in binary form with the binary code and binary data of executable software Arrive.
The logic of the cryptographic key containers file is stored in dynamic link library after being encrypted, and corresponding encryption key is by user Or back-stage management;The process only specified can just access cryptographic key containers.Cryptographic key containers file in use, by correlation Information decryption after be placed on used in internal memory or caching, corresponding use region is covered with junk data using rear, to reach Quick and safe handling requirement.
In the present invention, in step (1) based on the mode of voice caller number or voice caller number cut position, based on voice Report the mode of checking information or the user identity of client is verified based on short message mode.
When the use for verifying client in above-mentioned steps (1) based on the mode of voice caller number or voice caller number cut position Family identity, step (1) is including step in detail below:
(11) server is received and asked from the voice caller number of client or the checking of voice caller number cut position mode Summation user's registration information.
(12) calling number is first sent to client by server, then dials user's registration information by corresponding caller phone In telephone number.
In the client band public network Speech Communication function, it is used to detect incoming call, and:If in time TintervalIt is interior Detect caller ID consistent with above-mentioned calling number, then client of stopping ring, and the calling number is sent into server; If in time TintervalIncoming call is inside not detected by, initiates to inquire about to server, whether inquiry Subscriber Number is put through, if Put through, then show dialog box, it is desirable to the part cut position of the complete calling number of user input or calling number, by calling number or The part cut position of calling number is sent to server;Continue if not putting through in next TintervalDetection in time comes Electricity, when total detection time is more than n × TintervalWhen, show time time-out authentication failed;Wherein, TintervalIt is setting value with n.
If client is not the terminal with public network Speech Communication function, client is used to show dialog box, it is desirable to use The part cut position of the complete calling number of family input or calling number, the part cut position of the calling number or calling number is sent To server.
(13) server sends client calling number or the part cut position of calling number and the actual caller transferred to Number compares, if be consistent, replys client, subscriber authentication success;Client, Yong Hushen are replied if not corresponding Part authentication failed;The part cut position of calling number that client sends or calling number is not received within a certain period of time, then visitor Family end is used to show time time-out authentication failed;The certain hour is setting value.
Above-mentioned user's registration information includes the telephone number of client user, such as phone number;By public affairs in step (12) The telephone number that many telephone networks are dialed in user's registration information.
In the present embodiment, when two-way authentication is carried out based on unsymmetrical key, above-mentioned steps (3) specifically include following step Suddenly:
(31) server receives the digital signature object of up checking request a from client, is generated using the private key of oneself The digital signature object of the digital signature of up checking request a and descending checking request b, replys client.
The client is used to carry out sign test to the digital signature of above-mentioned up sign test request a with the public key of server, and: When passing through, according to the private key of client, the digital signature for generating descending checking request b is sent to server;And do not passing through When, then display server authentication failure.
(32) server is when the digital signature of descending checking request b is received from client, with the public key of client to this The digital signature of descending checking request b carries out sign test;If passed through, the verification for representing that two-way authentication passes through is sent to client As a result;If do not passed through, the check results for representing client identity authentication failed are sent to client.
In said process, digital signature object can be a string of random numbers;Digital signature can include signed codevector and verification Code.
When in the system being made up of server and client side, realizing above- mentioned information by specific computer program and test Core technology thinking during card method, based on above- mentioned information verification method, it is contemplated that the situation in actual motion, can be with following Concrete step is implemented, and Fig. 3 show its flow chart:
(1) client self-inspection, is held by the key of the authentication Application inspection asymmetric key system of client Device file, including:
(11) cryptographic key containers file whether there is;
(12) whether the CRC of cryptographic key containers file content or hash transformation verification are correct;
(13) protect in the system information of reading client hardware system information and cryptographic key containers file and cryptographic key containers file More whether the hardware information deposited and the system information of cryptographic key containers file match;
(14) need whether the user name for carrying out authentication matches with the user name preserved in cryptographic key containers file;
The purpose for checking (11) is to confirm whether client downloads cryptographic key containers file;
The purpose for checking (12) is whether inspection cryptographic key containers file damages or be tampered, if checked by can confirm that Cryptographic key containers file completely can use;
The purpose for checking (13) is whether inspection cryptographic key containers file is illegally duplicated, if checked close by can confirm that Key container file is downloaded from legitimate channels, rather than illegally copies duplication;
The purpose for checking (14) is confirmed in cryptographic key containers file with the presence or absence of the user name.
Check (11)-(14) any one not by if to step (2) if the above;If (11)-(14) all pass through, Then arrive step (5).
(2) there is no cryptographic key containers file in client, or cryptographic key containers file is destroyed, or have new user name Cryptographic key containers file is added, then client is initiated again to authentication server:Note, call voice are reported and tested or telephone number section The verification modes such as position, verify the authenticity of user identity, if authentication failed is to step (9), if the verification passes then:
(21) if checking that (11)-(13) any one does not pass through in step (1), to step (3);
(22) if checking that (11)-(13) pass through in step (11), only check that (14) do not pass through, to step (4);
(3) there is no cryptographic key containers file in client, or cryptographic key containers file is destroyed, and needs to apply for key again Container file.Checking client registers customers as information and user terminal hardware information is sent to by internet encrypted passage and is tested Card server, authentication server record user's registration information, and distribute asymmetric key system mark and public, private key pair, generate The cryptographic key containers file of the asymmetric key system bound with username and user terminal hardware information, is sent to client End.Client receives cryptographic key containers file, and is stored in locally stored system, then adds current file into cryptographic key containers file The system information of storage, for the cryptographic key containers file checking in step (1), to step (9).
(4) there is cryptographic key containers file in client, and cryptographic key containers file is intact, simply needs to increase new user name. Checking client registers customers as information and is sent to authentication server, authentication server record user by internet encrypted passage Log-on message.New username is added cryptographic key containers file by client, to step (9).
(5) client verified is needed to initiate up checking request a (from client to server) of unsymmetrical key, Client generates the digital signature object (can be a string of random numbers) of up checking request a and is sent to authentication server, tests Card server generates the digital signature (signed codevector and check code) of up checking request a and descending checking using the private key of oneself The digital signature object (can be a string of random numbers) of request b (from server to client), replys checking client, checking visitor Family end asks the digital signature of a to carry out sign test sign test using authentication server public key, by step (6), not by step Suddenly (8).
(6) verify that client receives the signature object of descending checking request b, respond the unsymmetrical key and verify that this descending is tested Card request b, the digital signature object of descending checking request b that client is provided using authentication server, and the private of client Key, the digital signature (signed codevector and check code) for generating descending checking request b is sent to authentication server, and authentication server makes Sign test is carried out to the digital signature of the descending sign test request b with checking client public key, by step (7), not by step Suddenly (9).
(7) two-way authentication passes through, and check results are replied into checking client.
(8) authentication server authentication failure.
(9) client identity authentication failed is verified.
In program operation process, step (1) is entered after step (9), carry out new circulation.Step (3) and step (4) Though it is not intact or intact however it is necessary that be to circulate in the case of the new user name of increase next time to be directed at cryptographic key containers file It is ready.
The hardware information of the cryptographic key containers file binding in the present invention can be MAC Address, the IMSI number of SIM cards of mobile phones, IMEI number of mobile phone etc., the filesystem information of cryptographic key containers file binding can be file creation time stamp etc..
When using number verification mode, i.e., during the mode of aforesaid voice number cut position, above-mentioned steps (2) are specifically wrapped Include following steps:
(2.1) client validation software initiates telephone number cut position checking request to authentication server, submits user's registration to Information.
(2.2) telephone number that authentication server is dialed in user's registration information by general telephone network, and dialing Before client numbers, first calling number is sent to client validation software, if client is band public network Speech Communication function Terminal to step (2.3), otherwise to step (2.4).
(2.3) client validation software detection incoming call, if in time TintervalInside detect caller ID and server Calling number is consistent, then calling number is sent into authentication server, to step (2.5);If in time TintervalInside do not have Detect, whether client validation software to server lookup Subscriber Number is put through, if having put through step (2.4), if Continuation is not put through in next TintervalDetection incoming call in time, when total detection time is more than n × TintervalWhen, to step (2.8);
(2.4) client validation software shows dialog box, it is desirable to the complete calling number of user input or calling number The part cut position of complete calling number or calling number is sent to server by part cut position, client validation software, to step Suddenly (2.5);
(2.5) calling number or the part cut position of calling number that server sends client validation software is dialled with actual The calling number for going out compares, if be consistent, to step (2.6);If not corresponding step (2.7);Do not have within a certain period of time The part cut position of calling number that client validation software sends or calling number is received to step (2.8);The certain hour is Setting value;
(2.6) client software, subscriber authentication success are replied.
(2.7) client software, subscriber authentication failure are replied.
(2.8) time time-out authentication failed.
Fig. 4 show above-mentioned number verification mode, the i.e. flow chart of the mode of voice caller number cut position.
When using short message verification code mode, above-mentioned steps (2) specifically include following steps:
(2.1) user end to server initiates short message verification code checking request, submits user's registration information, including terminal number to Code.
(2.2) server produces identifying code, and short-message verification is sent to client by short message server or short message channel Code, if client be the terminal with note automatic identification to step (2.3), otherwise to step (2.4).
(2.3) short message verification code in client detection note, if in time TintervalInside detect short message sending number Code is consistent with short message server or short message channel server no, then the short message verification code of acquisition is sent into server, arrives Step (2.5);If in time TintervalInside it is not detected by, the corresponding note of user end to server inquiry Subscriber Number is tested Whether card code sends, and to step (2.4) if sending, continues if not sending in next TintervalInspection in time The note for receiving is surveyed, when total detection time is more than n × TintervalWhen, to step (2.8);
(2.4) client shows dialog box, it is desirable to which the complete short message verification code of user input or part of short message identifying code cut Position, short message verification code or short message verification code cut position number are sent to server by client validation software, to step (2.5);
(2.5) server sends client short message verification code or short message verification code cut position number be actually sent out Short message verification code compares, if be consistent, to step (2.6);If not corresponding step (2.7);Do not receive within a certain period of time The short message verification code sent to client validation software is to step (2.8);The certain hour is setting value;
(2.6) client software, subscriber authentication success are replied.
(2.7) client software, subscriber authentication failure are replied.
(2.8) time time-out authentication failed.
When being reported by the way of checking information using call voice, above-mentioned steps (2) specifically include following steps:
(2.1) user end to server is initiated call voice and reports checking request, submits user's registration information, including terminal to Number.
(2.2) server produces identifying code, is called to terminal by voice server or voice service passage, After telephone call is logical, speech verification information is reported to user by voice, speech verification information can be one section of identifying code.
(2.3) client shows dialog box, it is desirable to which the complete speech identifying code or part of speech that user input is heard is tested Card code cut position, speech identifying code or speech identifying code cut position number are sent to server by client validation software, to step (2.4);
(2.4) server sends client speech identifying code or speech identifying code cut position number and actual report Speech identifying code compares, if be consistent, to step (2.5);If not corresponding step (2.6);Do not receive within a certain period of time The speech identifying code sent to client validation software is to step (2.7);The certain hour is setting value;
(2.5) client, subscriber authentication success are replied.
(2.6) client, subscriber authentication failure are replied.
(2.7) time time-out authentication failed.
A kind of Information Authentication method of the present invention by only in registration phase using voice or short-message verification, and client with Using the two-way authentication based on unsymmetrical key or the unilateral authentication based on symmetric key between server, checking is being greatly improved While reliability and security, significantly simplify the flow process of checking, reduce the cost of checking.Wherein to cryptographic key containers file Use, the reliability and security of checking and the terseness of flow process further greatly improved, equally promote reduction checking Cost.
The above-mentioned description to embodiment is understood that for ease of those skilled in the art and using this It is bright.Person skilled in the art obviously easily can make various modifications to these embodiments, and described herein General Principle is applied in other embodiment without through performing creative labour.Therefore, the invention is not restricted to enforcement here Example, those skilled in the art's announcement of the invention, the improvement made without departing from scope and modification all should be Within protection scope of the present invention.

Claims (10)

1. a kind of Information Authentication method, it is characterised in that:Comprise the following steps:
(1) user end to server sends user's registration information, requests verification user identity;
The server is used to verify user identity, and after checking user identity success, according to the user's registration information, Produce the cryptographic key containers file of the correspondence client;
(2) client is downloaded described close after the successful message of expression checking user identity is received from server from server Key container file updates original cipher key container file for the cryptographic key containers file, and the cryptographic key containers file includes letter to be matched Breath, and the public and private key pair or symmetric key of unsymmetrical key, the information to be matched, and unsymmetrical key is public and private Key pair or symmetric key are bound with the cryptographic key containers file, for Authentication Client;
(3) after actual information is with the information matches success to be matched in client, the applied business of client need into When row user identity authenticity verification, client carries out the two-way authentication based on unsymmetrical key to server or is based on The unilateral authentication of symmetric key.
2. Information Authentication method according to claim 1, it is characterised in that:The information to be matched is user name and client End hardware system information;The cryptographic key containers file also binary code comprising key core algorithm;
Preferably, the cryptographic key containers file is formed in the following manner:According to different CPU and compiler, to compiled The binary code of executable software carries out quadratic transformation or partial information is replaced, by key or algorithm with binary shape Formula is obscured with the binary code and binary data of executable software and is obtained;
Preferably, the logic of the cryptographic key containers file is stored in dynamic link library after being encrypted, corresponding encryption key By user or back-stage management;
Preferably, the process only specified can just access the cryptographic key containers file;
Preferably, the cryptographic key containers file in use, in internal memory or caching is placed on after related information decryption Use, corresponding use region is covered with junk data using rear, to reach quick and safe handling requirement.
3. Information Authentication method according to claim 1, it is characterised in that:Voice caller number is adopted in the step (1) The mode of code or voice caller number cut position verifies user identity;
Or, verify user identity by the way of voice broadcast checking information in the step (1);
Or, user identity is verified using short message mode in the step (1).
4. Information Authentication method according to claim 1, it is characterised in that:Voice caller number is adopted in the step (1) When the mode of code or voice caller number cut position verifies user identity, the step (1) includes:
(11) user end to server initiates voice caller number or voice caller number cut position checking request, submits user's registration to Information;The server is used for according to the user's registration information, and to client calling number is sent, then by corresponding caller electricity The telephone number that words are dialed in the user's registration information;
(12) calling number that client the reception server is sent;If client is band public network Speech Communication function terminal to step Suddenly (13), otherwise to step (14);
(13) client detection service device incoming call, if in time TintervalCaller ID is inside detected with the calling number one Cause, then client of stopping ring, and the calling number is sent into server, to step (15);If in time Tinterval Incoming call is inside not detected by, user end to server initiates inquiry, and whether inquiry Subscriber Number is put through, if having put through step (14), if not putting through continuation in next TintervalDetection incoming call in time, when total detection time is more than n × Tinterval When, show time time-out authentication failed;Wherein, TintervalIt is setting value with n;
(14) client shows dialog box, it is desirable to the part cut position of the complete calling number of user input or calling number, client The part cut position of calling number or calling number is sent to server by end, to step (15);
(15) if client issues the calling number of server or the part cut position of calling number issues client with server Calling number is consistent, then client receives the successful message of subscriber authentication that server is sent;If do not corresponded, client End receives the subscriber authentication failure that server is sent;If the caller that client is sent is sent a telegram here within a certain period of time Not serviced device is received, then client shows time time-out authentication failed;The certain hour is setting value;
Preferably, the telephone number is phone number;
Preferably, the telephone number dialed in user's registration information in the step (11) passes through general telephone network.
5. Information Authentication method according to claim 1, it is characterised in that:By internet encrypted in the step (2) It is the cryptographic key containers file that passage downloads the cryptographic key containers file or the original cipher key container file of renewal cipher key system.
6. Information Authentication method according to claim 1, it is characterised in that:When client is carried out based on non-right to server When claiming the two-way authentication of key, the step (3) includes:
(31) user end to server initiates up checking request a, and the digital signature object for generating up checking request a is sent out Give server;Server is used to generate the digital signature of up checking request a and descending checking using the private key of oneself The digital signature object of request b, replys client;
(32) client carries out sign test using the public key of server to the digital signature of the up sign test request a, by step Suddenly (33), not by step (35);
(33) according to the private key of itself, the digital signature for generating descending checking request b is sent to server to client;Service Device is used to carry out sign test to the digital signature of the descending sign test request b using the public key of client, by then arriving step (34), Not by step (36);
(34) client receives the check results for representing that two-way authentication passes through from server;
(35) authentication of the client to server fails;
(36) the authentication failure of client;
Preferably, the digital signature object is a string of random numbers;The digital signature includes signed codevector and check code.
7. a kind of Information Authentication method, it is characterised in that:Comprise the following steps:
(1) server verifies the user identity of client from client receive user log-on message;
(2) after the success of server authentication user identity, according to the user's registration information of client, the correspondence client is produced Cryptographic key containers file;
Client is used for after the successful message of expression checking user identity is received from server, downloads from server described close Key container file updates original cipher key container file for the cryptographic key containers file, and is matching into the cryptographic key containers file After work(, to server the two-way authentication based on unsymmetrical key or the unilateral authentication based on symmetric key are initiated;The key Container file includes information to be matched, and the public and private key pair or symmetric key of unsymmetrical key, the information to be matched, And the public and private key pair or symmetric key of unsymmetrical key is bound with the cryptographic key containers, for Authentication Client;
(3) after actual information is with the information matches success to be matched in client, the applied business of client need into When row user identity authenticity verification, server carries out the two-way authentication based on unsymmetrical key to client or is based on The unilateral authentication of symmetric key.
8. Information Authentication method according to claim 7, it is characterised in that:The information to be matched is user name and client End hardware system information;The cryptographic key containers file also binary code comprising key core algorithm;
Preferably, the cryptographic key containers file is formed in the following manner:According to different CPU and compiler, to compiled The binary code of executable software carries out quadratic transformation or partial information is replaced, by key or algorithm with binary shape Formula is obscured with the binary code and binary data of executable software and is obtained;
Preferably, the logic of the cryptographic key containers file is stored in dynamic link library after being encrypted, corresponding encryption key By user or back-stage management;
Preferably, the process only specified can just access the cryptographic key containers file;
Preferably, the cryptographic key containers file in use, in internal memory or caching is placed on after related information decryption Use, corresponding use region is covered with junk data using rear, to reach quick and safe handling requirement.
9. Information Authentication method according to claim 7, it is characterised in that:Tested based on voice broadcast in the step (1) The mode of card information verifies the user identity of client;
Or, the user identity of client is verified in the step (1) based on short message mode;
Or, client is verified based on the mode of voice caller number or voice caller number cut position in the step (1) User identity, the step (1) comprises the following steps:
(11) server receives the voice caller number from client or checking request and the user of voice caller number cut position Log-on message;
(12) calling number is first sent to client by server, then is dialed in user's registration information by corresponding caller phone Telephone number;
During the client band public network Speech Communication function, for detecting incoming call, and:If in time TintervalInside detect Caller ID is consistent with the calling number, then client of stopping ring, and the calling number is sent into server;If In time TintervalIncoming call is inside not detected by, initiates to inquire about to server, whether inquiry Subscriber Number is put through, if dialled It is logical, then show dialog box, it is desirable to the part cut position of the complete calling number of user input or calling number, by the calling number or The part cut position of calling number is sent to server;If not putting through continuation in next TintervalDetection incoming call in time, When total detection time is more than n × TintervalWhen, then show time time-out authentication failed;
Wherein, TintervalIt is setting value with n;
If client is not the terminal with public network Speech Communication function, client is used to show dialog box, it is desirable to which user is defeated Enter the part cut position of complete calling number or calling number, the part cut position of the calling number or calling number is sent to Server;
(13) server sends client calling number or the part cut position of calling number and the actual calling number transferred to Relatively, if be consistent, client, subscriber authentication success are replied;If do not corresponded, client, user identity are replied Authentication failed;The caller incoming call that client is sent is not received within a certain period of time, then client is used to show that time time-out is tested Card failure;The certain hour is setting value;
Preferably, the telephone number is phone number;
Preferably, the telephone number dialed in user's registration information by general telephone network in the step (12).
10. Information Authentication method according to claim 7, it is characterised in that:When server is carried out based on non-to client During the two-way authentication of symmetric key, the step (3) includes:
(31) server receives the digital signature object of up checking request a from client, is generated using the private key of oneself described The digital signature object of the digital signature of up checking request a and descending checking request b, replys client;
The client is used to carry out sign test to the digital signature of the up sign test request a with the public key of server, and: By when, according to the private key of client, the digital signature for generating descending checking request b is sent to server;
In obstructed out-of-date, expression server authentication failure;
(32) server is when the digital signature of descending checking request b is received from client, with the public key of client to institute Stating the digital signature of descending checking request b carries out sign test;
If passed through, the check results for representing that two-way authentication passes through are sent to client;
If do not passed through, the check results for representing client identity authentication failed are sent to client;
Preferably, the digital signature object is a string of random numbers;The digital signature includes signed codevector and check code.
CN201610971327.2A 2016-11-03 2016-11-03 Information verification method Expired - Fee Related CN106656992B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610971327.2A CN106656992B (en) 2016-11-03 2016-11-03 Information verification method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610971327.2A CN106656992B (en) 2016-11-03 2016-11-03 Information verification method

Publications (2)

Publication Number Publication Date
CN106656992A true CN106656992A (en) 2017-05-10
CN106656992B CN106656992B (en) 2020-06-19

Family

ID=58821957

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610971327.2A Expired - Fee Related CN106656992B (en) 2016-11-03 2016-11-03 Information verification method

Country Status (1)

Country Link
CN (1) CN106656992B (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107547570A (en) * 2017-09-30 2018-01-05 国信优易数据有限公司 A kind of data safety service platform and data safe transmission method
CN110058967A (en) * 2019-03-14 2019-07-26 郑州轻工业学院 A kind of multicomputer cooperative system and collaboration method based on stelliform connection topology configuration
CN110365664A (en) * 2019-06-27 2019-10-22 上海淇馥信息技术有限公司 A kind of phone number register method, device and electronic equipment based on intelligent sound outgoing call
CN112954693A (en) * 2021-02-10 2021-06-11 中国工商银行股份有限公司 Identity authentication method, identity authentication server and terminal
CN113965323A (en) * 2021-10-26 2022-01-21 云南大学 Certificateless body measurement data tamper-proof method and certificateless body measurement data tamper-proof system

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020166048A1 (en) * 2001-05-01 2002-11-07 Frank Coulier Use and generation of a session key in a secure socket layer connection
US20030221126A1 (en) * 2002-05-24 2003-11-27 International Business Machines Corporation Mutual authentication with secure transport and client authentication
CN101043337A (en) * 2007-03-22 2007-09-26 中兴通讯股份有限公司 Interactive process for content class service
CN101431415A (en) * 2008-12-12 2009-05-13 天柏宽带网络科技(北京)有限公司 Bidirectional authentication method
CN102413132A (en) * 2011-11-16 2012-04-11 北京数码视讯软件技术发展有限公司 Two-way-security-authentication-based data downloading method and system
CN103124269A (en) * 2013-03-05 2013-05-29 桂林电子科技大学 Bidirectional identity authentication method based on dynamic password and biologic features under cloud environment
CN104253806A (en) * 2013-06-29 2014-12-31 华为终端有限公司 Authentication method, client and server
CN104901935A (en) * 2014-09-26 2015-09-09 易兴旺 Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem)
CN104901803A (en) * 2014-08-20 2015-09-09 易兴旺 Data interaction safety protection method based on CPK identity authentication technology
CN105872848A (en) * 2016-06-13 2016-08-17 北京可信华泰信息技术有限公司 Credible two-way authentication method applicable to asymmetric resource environment

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020166048A1 (en) * 2001-05-01 2002-11-07 Frank Coulier Use and generation of a session key in a secure socket layer connection
US20030221126A1 (en) * 2002-05-24 2003-11-27 International Business Machines Corporation Mutual authentication with secure transport and client authentication
CN101043337A (en) * 2007-03-22 2007-09-26 中兴通讯股份有限公司 Interactive process for content class service
CN101431415A (en) * 2008-12-12 2009-05-13 天柏宽带网络科技(北京)有限公司 Bidirectional authentication method
CN102413132A (en) * 2011-11-16 2012-04-11 北京数码视讯软件技术发展有限公司 Two-way-security-authentication-based data downloading method and system
CN103124269A (en) * 2013-03-05 2013-05-29 桂林电子科技大学 Bidirectional identity authentication method based on dynamic password and biologic features under cloud environment
CN104253806A (en) * 2013-06-29 2014-12-31 华为终端有限公司 Authentication method, client and server
CN104901803A (en) * 2014-08-20 2015-09-09 易兴旺 Data interaction safety protection method based on CPK identity authentication technology
CN104901935A (en) * 2014-09-26 2015-09-09 易兴旺 Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem)
CN105872848A (en) * 2016-06-13 2016-08-17 北京可信华泰信息技术有限公司 Credible two-way authentication method applicable to asymmetric resource environment

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107547570A (en) * 2017-09-30 2018-01-05 国信优易数据有限公司 A kind of data safety service platform and data safe transmission method
CN107547570B (en) * 2017-09-30 2023-12-05 国信优易数据股份有限公司 Data security service platform and data security transmission method
CN110058967A (en) * 2019-03-14 2019-07-26 郑州轻工业学院 A kind of multicomputer cooperative system and collaboration method based on stelliform connection topology configuration
CN110058967B (en) * 2019-03-14 2021-03-26 郑州轻工业学院 Multi-computer cooperation system and cooperation method based on star topology structure
CN110365664A (en) * 2019-06-27 2019-10-22 上海淇馥信息技术有限公司 A kind of phone number register method, device and electronic equipment based on intelligent sound outgoing call
CN110365664B (en) * 2019-06-27 2022-04-05 上海淇馥信息技术有限公司 Mobile phone number registration method and device based on intelligent voice outbound call and electronic equipment
CN112954693A (en) * 2021-02-10 2021-06-11 中国工商银行股份有限公司 Identity authentication method, identity authentication server and terminal
CN112954693B (en) * 2021-02-10 2023-02-24 中国工商银行股份有限公司 Identity authentication method, identity authentication server and terminal
CN113965323A (en) * 2021-10-26 2022-01-21 云南大学 Certificateless body measurement data tamper-proof method and certificateless body measurement data tamper-proof system

Also Published As

Publication number Publication date
CN106656992B (en) 2020-06-19

Similar Documents

Publication Publication Date Title
CN106656992A (en) Information verification method
CN101183932B (en) Security identification system of wireless application service and login and entry method thereof
CN106304074B (en) Auth method and system towards mobile subscriber
CN105591744B (en) A kind of genuine cyber identification authentication method and system
CN106027501B (en) A kind of system and method for being traded safety certification in a mobile device
US8184811B1 (en) Mobile telephony content protection
US7000117B2 (en) Method and device for authenticating locally-stored program code
CN103795724B (en) Method for protecting account security based on asynchronous dynamic password technology
CN109345245B (en) Short message verification method, device, network and storage medium based on block chain
US20080184029A1 (en) Method and system for generating digital fingerprint
US11403633B2 (en) Method for sending digital information
KR20090031672A (en) Authentication method for wireless transactions
CN104125230B (en) A kind of short message certification service system and authentication method
CN103560883A (en) Safety identification method, between android application programs, based on user right
CN107113613A (en) Server, mobile terminal, real-name network authentication system and method
CN106686585A (en) Binding method and system
CN106921633A (en) Calling number Verification System and method
CN106127441A (en) A kind of network system preventing personal information from leaking and implementation method
CN109934317A (en) A kind of lost article recovering system and method based on two-dimensional barcode information storing technology
CN103401686B (en) A kind of user's OTP WEB Authentication System and application process thereof
CN109587683B (en) Method and system for preventing short message from being monitored, application program and terminal information database
CN108599944A (en) A kind of identifying code short message transparent encryption method based on handset identities
CN110944300B (en) Short message service system, forwarding interface device and defense server
CN105610570B (en) Translation and compiling environment installs register method and system
CN117220904A (en) Service protection method, device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20200619

Termination date: 20201103

CF01 Termination of patent right due to non-payment of annual fee