A kind of identity identifying method
Technical field
The present invention relates to Ciphor safety technology field, more particularly to a kind of identity identifying method.
Background technology
With the development of computer technology, cryptosecurity problem is always an important research side in computer realm
To the today for especially being developed rapidly in internet, Ciphor safety technology also emerges in an endless stream.
At present, domestic some large-scale enterprise groups and government bodies are all built at oneself using internet and masses between
A fast and efficiently network channel is found, for people provide various network service.Information service system based on internet
Industry characteristic, network security is also just particularly important.
In a computer network, most common and simplest access control method is to use password, by password
Match to confirm the legitimacy of user.But current hacker is rampant, and personal and company information is stolen repeatedly, uses in the prior art
Static password is easy to by hack, or is found out by hack tools such as Trojan softwares, causes third party to falsely use legal identity,
It is illegal to obtain information.Therefore, use static password of the prior art carries out authentication and there are security breaches, it is impossible to ensure body
The security of part checking.
Thus occur in that dynamic password, at present, the dynamic password ID authentication technology of main flow mainly have based on time synchronized,
And based on event synchronization.
Based on time synchronized authentication techniques be using the time as change the factor, typically using 60 seconds as change unit.Every time
Before carrying out authentication, client ensures the time synchronized of client and both time servers by various means.It is based on
The token principle of event synchronization is to be used as input by a certain specific event order and identical seed, is transported in the algorithm
Calculate consistent password.During certification, User Token passes through cryptographic algorithm (DES+ with the number of times of default key and user key-press
Hash etc.) generate this needed for password, certificate server is simultaneously to calculate same password according to each User logs in event,
It is compared with the password for being transmitted through coming, to confirm the identity of login people.
However, above-mentioned existing method is all more complicated, it is highly inconvenient in actual application;Therefore need to develop and grind
Study carefully, to provide a kind of simple effective method.
The content of the invention
In view of this, it is necessary to provide a kind of identity identifying method, the authentication that it can simply and effectively carry out user.
The technical scheme is as follows:
A kind of identity identifying method, comprises the following steps:
Step 1, carry out user's registration
Client user is registered in the server of server end in advance, and one account number of registration and registration are set
A set of custom algorithm for computing;
Step 2, generate dynamic password for authentication
The server of server end issues random code to client, and client user will register in random code combination step 1
Custom algorithm to server generates a dynamic password for being used for authentication;
Step 3, carry out authentication
Server end receive client user submission dynamic password after, will in client step 1 register from
Define algorithm carries out computing with the random code for issuing, and is verified dynamic password, the dynamic password that server is submitted to according to user
Identity is authenticated, specific verification process is:The checking dynamic password that will be generated in dynamic password in step 2 and step 3
Compare, carry out authentication.
Further, in step 1, it is a formula for mathematical operation, the formula bag to register set custom algorithm
Include the code name and operator of the random code that the server of server end is issued.
Further, in step 2, the generation method of the dynamic password for authentication is as follows:
The random code that will be received is substituted into the custom algorithm formula registered in step 1 respectively, is carried out computing and is obtained a string
Numeral, string numeral is required dynamic password.
Further, in step 3, specific verification process is:The dynamic password that will be submitted in step 2 is generated with step 3 kind
Checking dynamic password be compared, if two passwords are identical, authentication passes through, otherwise, authentification failure.
The beneficial effect of technical scheme provided in an embodiment of the present invention is:
The dynamic password that identity identifying method of the present invention is based on custom algorithm is generated, and generation one is used for authentication
Dynamic password, then contrast verification dynamic password, so as to realize the certification of identity, it is not necessary to by extra media, easily disposes,
Extra cost is not produced, authentication method is simple, practicability and effectiveness.
It is that above and other objects, features and advantages of the invention can be become apparent, preferred embodiment cited below particularly,
And coordinate institute's accompanying drawings, it is described in detail below.
Brief description of the drawings
Technical scheme in order to illustrate more clearly the embodiments of the present invention, below will be to that will make needed for embodiment description
Accompanying drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the present invention, for
For those of ordinary skill in the art, on the premise of not paying creative work, other can also be obtained according to these accompanying drawings
Accompanying drawing.
Fig. 1 is the registration process schematic diagram of identity identifying method of the present invention.
Fig. 2 is the FB(flow block) of identity identifying method of the present invention.
Fig. 3 is the schematic flow sheet of identity identifying method of the present invention.
Specific embodiment
Further to illustrate the present invention to realize technological means and effect that predetermined goal of the invention is taken, below in conjunction with
Accompanying drawing and preferred embodiment, to according to specific embodiment of the invention, structure, feature and its effect, describing in detail as after.
The embodiment of the present invention provides a kind of identity identifying method, the dynamic password generation skill based on a kind of custom algorithm
Art, it is not necessary to by extra media, easily deployment does not produce extra cost, and authentication method is simple, practicability and effectiveness.
Refering to shown in Fig. 1, Fig. 2, Fig. 3, embodiment of the present invention identity identifying method is based on the dynamic password of custom algorithm
Generation, generates a dynamic password for being used for authentication, then contrast verification dynamic password, so as to realize the certification of identity,
Comprise the following steps:
Step 1, carry out user's registration
Specifically, user is (i.e.:Client) in advance at service provider (i.e.:Server end) to be registered, registration is stepped on
One account number of note and registration set a set of custom algorithm for computing.As shown in Figure 1, it is set wherein in registration process
Custom algorithm be a formula similar to mathematical operation, it is random that the server that the formula includes server end is issued
The code name and operator of code.In embodiments of the present invention with formula:Illustrated as a example by w*x+y/z+x*lgxy, wherein, w,
X, y, z issues the code name of random code for server, totally 4, is represented with w, x, y, z, and remaining symbol * ,+,/, lg be operator,
Operator of the invention covers conventional mathematical operator and some customized operators, including but not limited to:Plus (+), subtract
(-), multiply (*), except (/), logarithm (lg), power (^), bracket (()), it is reciprocal (!), percentage (%) etc..
Step 2, generate dynamic password for authentication
First, when the User logs in of client needs to carry out authentication, the server of server end can first issue with
Machine code arrives client, and client user needs that the custom algorithm generation one of server will be registered in random code combination step 1
The individual dynamic password for authentication.
By taking the formula in step 1 as an example, the server of server end can first issue I of a random code, i.e. 4 digits
Uncle's numeral, it is w, x, y, z that this 4 numerals are respectively defined as defined in formula;After client receives random code, user needs
Random code is generated into a dynamic password for being used for authentication with reference to the custom algorithm that server is registered in step 1.
Specifically, the generation method of the dynamic password for authentication is as follows:
The random code that will be received is substituted into the custom algorithm formula registered in step 1 respectively, then according to the rule of agreement
Computing is then carried out, string number is finally given, string numeral is required dynamic password, then client is close by the dynamic
Code is submitted to server and is verified.
Step 3, carry out authentication
Server service device is received after the dynamic password of client user's submission, according to identical dynamic in step 3
Method for generating cipher code, computing is carried out by the custom algorithm registered in client step 1 with the random code for issuing, and is tested
Card dynamic password.Server is authenticated according to the dynamic password that user submits to identity, and specific verification process is:By step 2
The dynamic password of middle submission is compared with the checking dynamic password of generation in step 3, if two passwords are identical, identity is recognized
Card passes through, otherwise, authentification failure.The verification process it is critical that user need to register custom algorithm maintain secrecy,
On the premise of not divulging a secret, if user can generate correct dynamic password by custom algorithm combination random code, service
Device thinks that the user, for custom algorithm legitimate holder, then judges to carry out user the certification of identity by this.
Through the above description of the embodiments, those skilled in the art can be understood that above-described embodiment side
Method can add the mode of required general hardware platform to realize by software, naturally it is also possible to by hardware, but in many cases
The former is more preferably implementation method.Based on such understanding, technical scheme is substantially done to prior art in other words
The part for going out contribution can be embodied in the form of software product, and the computer software product is stored in a storage medium
In (such as ROM/RAM, magnetic disc, CD), including some instructions are used to so that a station terminal equipment (can be mobile phone, computer, clothes
Business device, or the network equipment etc.) perform the method that each embodiment of the invention is somebody's turn to do.
It is somebody's turn to do above, is only presently preferred embodiments of the present invention, any formal limitation is not made to the present invention, although
The present invention is disclosed as above with preferred embodiment, but is not limited to the present invention, and any those skilled in the art are not taking off
In the range of technical solution of the present invention, when making a little change using the technology contents of the disclosure above or be modified to equivalent variations
Equivalent embodiments, as long as being without departing from technical solution of the present invention content, according to technical spirit of the invention to above example
Any brief introduction modification, equivalent variations and the modification made, still fall within the range of technical solution of the present invention.