CN106921501B - intelligent password signature identity authentication method and system - Google Patents

intelligent password signature identity authentication method and system Download PDF

Info

Publication number
CN106921501B
CN106921501B CN201710308139.6A CN201710308139A CN106921501B CN 106921501 B CN106921501 B CN 106921501B CN 201710308139 A CN201710308139 A CN 201710308139A CN 106921501 B CN106921501 B CN 106921501B
Authority
CN
China
Prior art keywords
key
signature
rule
password
rule key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710308139.6A
Other languages
Chinese (zh)
Other versions
CN106921501A (en
Inventor
张师祝
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
BEIJING PASSWORD TECHNOLOGY Co Ltd
Original Assignee
BEIJING PASSWORD TECHNOLOGY Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by BEIJING PASSWORD TECHNOLOGY Co Ltd filed Critical BEIJING PASSWORD TECHNOLOGY Co Ltd
Priority to CN201710308139.6A priority Critical patent/CN106921501B/en
Publication of CN106921501A publication Critical patent/CN106921501A/en
Application granted granted Critical
Publication of CN106921501B publication Critical patent/CN106921501B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0846Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • H04L9/16Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms the keys or algorithms being changed during operation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention relates to intelligent password signature identity authentication methods and systems, which are methods and systems for preventing identity forgery and identity repudiation.

Description

intelligent password signature identity authentication method and system
Technical Field
The invention relates to intelligent password signature identity authentication and verification methods and systems, in particular to methods and systems for preventing identity forgery and identity repudiation, and true and reliable identity authentication methods and systems.
Background
The security authentication method comprises , what you know is about to prove your identity according to the information that you know, such as passwords, passwords and the like, and if the information is known by others, others can forge your identity, which you have, according to things that you own, such as IC smart cards, USBKEY and the like, the identity is confirmed by verifying the information of the IC smart cards or the USBKEY, and if the information is lost, the identity is possibly authenticated by others, and thus the identity is forged, so that the identity is not verified according to the intelligent identity certified by using unique , such as the identity of a person who is stolen, and the identity authentication is not verified by using a security system, a security authentication system is not verified by using a security factor, a security authentication method is developed by a security system, a security authentication method is developed by using a security system, a security factor of a network, a security authentication system, a security system, a network, a security system, a network.
Disclosure of Invention
The invention provides kinds of intelligent cipher signature identity authentication method and system, which uses rule key trust algorithm with dynamic password as parameter, the user uses rule key and mobile phone intelligent cipher signature device dynamic password, and uses rule key operation key and rule key operation module to calculate signature transformation intelligent cipher login system to verify signature identity authentication, the authentication server uses the intelligent cipher of user login to decrypt and recover dynamic password through rule key operation module rule key to verify whether the signature authentication is the user or others, to ensure nature and non-repudiation of user identity, to realize true and reliable identity authentication safety and system safety.
The invention aims to realize intelligent password signature identity authentication and authentication methods and systems, wherein the method system comprises a mobile phone intelligent password signature device, a communication network, an authentication server, an authentication client, the Internet and an application server, and the method and the system have the following operation steps:
the mobile phone intelligent password signer is a mobile phone intelligent password signer which is used for calculating a signature transformation intelligent password by a user through a rule key operation key and a rule key operation module by using a rule key and a dynamic password, and is a mobile phone intelligent password signer which is used for directly downloading mobile phone intelligent password signer software in a system and is installed on a mobile phone interface;
and (4) a step of regular key operation. The rule key is an operation rule key for a user to calculate a signature by using a dynamic password of the mobile phone intelligent password signer through a rule key operation key and a rule key operation module; the rule key operation module of the authentication server decrypts the intelligent password by the rule key to recover the dynamic password to verify the signature. The user uses the dynamic password of the mobile phone intelligent password signature device to calculate the operation rule key of the signature through the rule key operation key and the rule key operation module; the operation rule key is used for decrypting the intelligent password by the authentication server rule key operation module through the rule key to recover the dynamic password verification signature, and is an added sequence arrangement rule key consisting of each bit of the dynamic passwords 1-6 and the operation numbers 1-9, and a subtracted sequence arrangement rule key; the rule key is arranged in the order of dislocation composed of 1-6 bits of dynamic password, the rule key is arranged in the order of carry, and the rule key is arranged in the order of retreat; the method comprises the steps that each bit of a dynamic password 1-6 and an operand 1-9 form an added order arrangement rule key and a subtracted order arrangement rule key; the order arrangement rule key is composed of 1-6 bits of dynamic password, the order arrangement rule key of carry, and the order arrangement rule key of back bit;
and calculating a signature algorithm operation by the rule key. The rule key calculation signature algorithm adds about 53 ten thousand kinds of sequence arrangement rule keys, subtracts about 53 ten thousand kinds of sequence arrangement rule keys, the dislocation sequence arrangement rule keys are 22 kinds, the carry sequence arrangement rule keys are 35 kinds, and the setback sequence arrangement rule keys are 35 kinds; about 1000 ten thousand of the sequentially arranged regular keys including the added sequentially arranged regular keys and the subtracted sequentially arranged regular keys, about 9.8 ten thousand of the sequentially arranged regular keys including the added sequentially arranged regular keys and the staggered sequentially arranged regular keys, about 9.8 ten thousand of the sequentially arranged regular keys including the subtracted sequentially arranged regular keys and the staggered sequentially arranged regular keys, about 9.8 ten thousand of the sequentially arranged regular keys including the added sequentially arranged regular keys and the carry sequentially arranged regular keys, about 9.8 ten thousand of the sequentially arranged regular keys including the subtracted sequentially arranged regular keys and the carry sequentially arranged regular keys, about 9.8 ten thousand of the sequentially arranged regular keys including the added sequentially arranged regular keys and the carry-out sequentially arranged regular keys, and about 9.8 ten thousand of the sequentially arranged regular keys including the subtracted sequentially arranged regular keys About 9.8 ten thousand keys, about 88 ten thousand keys which are combined by the added sequence arrangement rule key, the subtracted sequence arrangement rule key and the misplaced sequence arrangement rule key, about 88 ten thousand keys which are combined by the added sequence arrangement rule key, the subtracted sequence arrangement rule key and the carried sequence arrangement rule key, about 88 ten thousand keys which are combined by the added sequence arrangement rule key, the subtracted sequence arrangement rule key and the receded sequence arrangement rule key, about 1400 thousand keys which are combined by the rule key calculation signature algorithm rule key. The rule key calculation signature algorithm 6-bit dynamic password is 100 ten thousand in total. The rule key calculation signature algorithm is an asymmetric algorithm, a signature rule key plus algorithm is calculated, and a signature rule key is a minus algorithm if verification is carried out; calculating a signature rule key subtraction algorithm, and verifying that the signature rule key is an addition algorithm; calculating the algorithm of the dislocation of the signature rule key, and verifying the signature rule key to be the algorithm of the dislocation; calculating an algorithm of signature rule key carry, wherein the verification of the signature rule key is an algorithm of backspace, wherein the dynamic password digit of the backspace of the rule key is corrected, and the dynamic password digit of the regular key carry minus the carry is equal to the dynamic password digit of the backspace of the rule key; and calculating the algorithm of the backspace of the signature rule key, wherein the signature rule key is verified to be a carry algorithm, wherein the dynamic password digit number of the regular key carry is corrected, and the dynamic password digit number of the backspace of the regular key plus the backspace number are equal to the dynamic password digit number of the regular key carry. The rule key calculation signature algorithm is a calculation non-carry digit of a dynamic password digit or an intelligent password digit and an operand, only a digit is recorded, and when the dynamic password digit or the intelligent password digit and the operand are not sufficiently calculated, the dynamic password digit or the intelligent password digit is added with 10 to calculate a result with the operand;
and calculating a signature transformation intelligent password through the rule key and the mobile phone intelligent password signer to perform identity authentication.
The invention has the advantages that the authentication method and the authentication system are authenticated by the intelligent password signature identity authentication method and system, can only be operated by a user himself, and anyone other than the user himself cannot operate, if others imitate a forged identity, the user mobile phone intelligent password signer can be obtained by attacking, and the intelligent password including rule key calculation signature transformation is sent to the authentication server to verify the signature identity authentication, and the intelligent password login system calculating the signature transformation verifies the signature identity authentication, and the others cannot attack the user mobile phone intelligent password signer, and the intelligent password comprising rule key calculation signature transformation is sent to the authentication server to verify the signature identity authentication, and the intelligent password login system calculating the signature transformation verifies the signature identity authentication at the same time, so that others cannot forge the identity, and ensure the uniqueness and reliability of the user identity, secondly, the user can verify the fact that the intelligent password is transformed by the self-calculation signature transformation of the rule key and the dynamic password of the mobile phone intelligent password signer by the rule key calculation and the rule key calculation operation module, and the authentication of the intelligent password encryption algorithm encryption and the rule key calculation, and the authentication module can not verify the validity of the user, thereby ensuring that the user is verified by the user, the user is verified by the public key calculation, the public key, the authentication, the public key, the private key.
Drawings
The invention is further illustrated in the following description with reference to the figures and examples.
FIG. 1 is a schematic illustration of a system for carrying out the method of embodiment of the present invention;
FIG. 2 is a schematic diagram of the operation of the method and system of embodiment of the present invention;
fig. 3 is a schematic operation diagram of the method and system according to the second embodiment of the present invention.
Detailed Description
Example :
the present embodiment describes kinds of intelligent cryptographic signature identity authentication method and system, the method system includes a mobile phone intelligent cryptographic signer, a communication network, an authentication server, an authentication client, an internet, and an application server, as shown in fig. 1. the mobile phone intelligent cryptographic signer includes a dynamic password with time seed changing for 60 seconds, a user uses a regular key and the dynamic password to calculate a signature transformation intelligent password into body through a regular key operation key and a regular key operation module, the communication network includes a mobile communication network, the internet, a wired telephone network, a local area network, a wireless communication network, and communication networks which are applied in the public domain and can be communicated with each other are included, the authentication server controls the access of all remote users to the network, and provides comprehensive authentication, authorization, and auditing service functions, the authentication client is an application system terminal which needs to perform intelligent cryptographic signature identity authentication before the user operates, the internet includes a mobile communication network, a local area network, a wired telephone network, a wireless communication network, and networks which are applied in the public domain and can be communicated with each other include the application server has key functions of data storage, forwarding, issuing, verifying, and the authentication server is shown in the seamless operation steps of the method of the present embodiment 632:
the method comprises the steps of operating a mobile phone intelligent password signer, wherein the mobile phone intelligent password signer is a mobile phone intelligent password signer which is used by a user to calculate a signature transformation intelligent password by using a regular secret key and a dynamic password through a regular secret key operation key and a regular secret key operation module, and mobile phone intelligent password signer software which is directly downloaded by the user in a system is installed on a mobile phone interface.
The mobile phone intelligent password signer is a mobile phone intelligent password signer which is used by a user to calculate a signature transformation intelligent password through a rule key operation key and a rule key operation module, the user directly downloads mobile phone intelligent password signer software in the system and installs the mobile phone intelligent password signer software on a mobile phone interface for permanent use without hardware, a system administrator binds the mobile phone intelligent password signer with a user account for operation, the mobile phone intelligent password signer dynamic password generation module time seeds change for 60 seconds and synchronizes the dynamic password with an authentication server dynamic password, the length of the dynamic password is 6 bits, the dynamic password does not change every time, the dynamic password is displayed on the mobile phone intelligent password signer interface, the signature transformation intelligent password is calculated by using the rule key and the mobile phone intelligent password signer dynamic password through the rule key operation keys including an additional key, a subtractive key, a staggered key, a carry-over key, a refund key, a 1-9 numeric key, a calculation key, a continuation key, a signature transformation key and the rule key operation module to calculate a signature transformation intelligent password transformation rule, a signature transformation intelligent password, a secret signature transformation rule, a signature transformation intelligent signature verification system which is capable of verifying the identity of a secret signature by using the rule and a secret signature transformation intelligent password, a secret signature transformation intelligent signature verification service, a secret signature verification secret authentication service which is not capable of verifying the user, and a secret authentication key, a secret authentication secret.
And (4) a step of regular key operation. The rule key is an operation rule key for a user to calculate a signature by using a dynamic password of the mobile phone intelligent password signer through a rule key operation key and a rule key operation module; the rule key operation module of the authentication server decrypts the intelligent password by the rule key to recover the dynamic password to verify the signature. The user uses the dynamic password of the mobile phone intelligent password signature device to calculate the operation rule key of the signature through the rule key operation key and the rule key operation module; the operation rule key is used for decrypting the intelligent password by the authentication server rule key operation module through the rule key to recover the dynamic password verification signature, and is an added sequence arrangement rule key consisting of each bit of the dynamic passwords 1-6 and the operation numbers 1-9, and a subtracted sequence arrangement rule key; the rule key is arranged in the order of dislocation composed of 1-6 bits of dynamic password, the rule key is arranged in the order of carry, and the rule key is arranged in the order of retreat; the method comprises the steps that each bit of a dynamic password 1-6 and an operand 1-9 form an added order arrangement rule key and a subtracted order arrangement rule key; the dynamic password comprises a staggered orderly arranged regular key consisting of 1-6 bits, a carry orderly arranged regular key and a back orderly arranged regular key which are mutually combined.
The rule key is an operation rule key for a user to use a dynamic password of the mobile phone intelligent password signer to calculate a signature through a rule key operation key and a rule key operation module, the operation rule key is an operation rule key for an authentication server rule key operation module to decrypt an intelligent password to restore the dynamic password to verify the signature through the rule key, the user uses the dynamic password of the mobile phone intelligent password signer to calculate an operation rule key of the signature through the rule key operation key and the rule key operation module, the operation rule key comprises an operation rule key for the authentication server rule key operation module to decrypt the intelligent password to restore the dynamic password to verify the signature through the rule key, the operation rule key comprises a sequential arrangement rule key formed by combining 1-6 bits of the dynamic password with 1-9 bits of the dynamic password (for example, the sequential arrangement key is described by adding 3 plus 5 bits of the dynamic password with 3, the 3 is the 3 rd bit of the dynamic password, the addition is an addition, 5 is described by subtracting 5 bits from 4 bits of the dynamic password with 5 bits of the dynamic password), the password with the 3 th bit and the password with the 5 th bit, the same order of the password, the password is described by adding 5 bits of the dynamic password, the same order of the dynamic password, the password is described by adding the password, the operation rule key, the password is described by adding 5 bits of the order of the 3-6, the dynamic password rule key, the order of the dynamic password, the order of the order.
And calculating a signature algorithm operation by the rule key. The rule key calculation signature algorithm adds about 53 ten thousand kinds of sequence arrangement rule keys, subtracts about 53 ten thousand kinds of sequence arrangement rule keys, the dislocation sequence arrangement rule keys are 22 kinds, the carry sequence arrangement rule keys are 35 kinds, and the setback sequence arrangement rule keys are 35 kinds; about 1000 ten thousand of the sequentially arranged regular keys including the added sequentially arranged regular keys and the subtracted sequentially arranged regular keys, about 9.8 ten thousand of the sequentially arranged regular keys including the added sequentially arranged regular keys and the staggered sequentially arranged regular keys, about 9.8 ten thousand of the sequentially arranged regular keys including the subtracted sequentially arranged regular keys and the staggered sequentially arranged regular keys, about 9.8 ten thousand of the sequentially arranged regular keys including the added sequentially arranged regular keys and the carry sequentially arranged regular keys, about 9.8 ten thousand of the sequentially arranged regular keys including the subtracted sequentially arranged regular keys and the carry sequentially arranged regular keys, about 9.8 ten thousand of the sequentially arranged regular keys including the added sequentially arranged regular keys and the carry-out sequentially arranged regular keys, and about 9.8 ten thousand of the sequentially arranged regular keys including the subtracted sequentially arranged regular keys About 9.8 ten thousand keys, about 88 ten thousand keys which are combined by the added sequence arrangement rule key, the subtracted sequence arrangement rule key and the misplaced sequence arrangement rule key, about 88 ten thousand keys which are combined by the added sequence arrangement rule key, the subtracted sequence arrangement rule key and the carried sequence arrangement rule key, about 88 ten thousand keys which are combined by the added sequence arrangement rule key, the subtracted sequence arrangement rule key and the receded sequence arrangement rule key, about 1400 thousand keys which are combined by the rule key calculation signature algorithm rule key. The rule key calculation signature algorithm 6-bit dynamic password is 100 ten thousand in total. The rule key calculation signature algorithm is an asymmetric algorithm, a signature rule key plus algorithm is calculated, and a signature rule key is a minus algorithm if verification is carried out; calculating a signature rule key subtraction algorithm, and verifying that the signature rule key is an addition algorithm; calculating the algorithm of the dislocation of the signature rule key, and verifying the signature rule key to be the algorithm of the dislocation; calculating an algorithm of signature rule key carry, wherein the verification of the signature rule key is an algorithm of backspace, wherein the dynamic password digit of the backspace of the rule key is corrected, and the dynamic password digit of the regular key carry minus the carry is equal to the dynamic password digit of the backspace of the rule key; and calculating the algorithm of the backspace of the signature rule key, wherein the signature rule key is verified to be a carry algorithm, wherein the dynamic password digit number of the regular key carry is corrected, and the dynamic password digit number of the backspace of the regular key plus the backspace number are equal to the dynamic password digit number of the regular key carry. The regular key calculation signature algorithm is a calculation non-carry digit of a dynamic password digit or an intelligent password digit and an operand, only a digit is recorded, and when the dynamic password digit or the intelligent password digit and the operand are not sufficiently calculated, a result obtained by adding 10 to the dynamic password digit or the intelligent password digit is calculated.
The rule key calculation signature algorithm plus the order-arranged rule key is 96Equal to 53 ten thousand, minus order rule key 96Approximately equals 53 ten thousand, the staggered orderly arranged rule keys are 15 plus 6 plus 1 equals 22, the carry orderly arranged rule keys are 15 plus 10 plus 6 plus 3 plus 1 equals 35, the setback orderly arranged rule keys are 15 plus 10 plus 6 plus 3 plus 1 equals 35, the orderly arranged rule key comprising the added orderly arranged rule key and the substracted orderly arranged rule key are mutually combined to be 96Multiplying 20 by 1000 ten thousand, adding a sequential key and a staggered sequential key to combine the sequential key and the staggered sequential key to form a sequential key of 94Multiply by 15 and equal to about 9.8 ten thousand, and the sequence rule key obtained by combining the subtracted sequence rule key and the dislocated sequence rule key is 94Multiplying 15 by 9.8 ten thousand, and combining the added sequential arrangement rule key and the carried sequential arrangement rule key to obtain 9 sequential arrangement rule keys4Multiplying 15 by about 9.8 ten thousand, and combining the reduced ordered keys with the carry ordered keys to obtain 9 ordered keys4Multiplying 15 by about 9.8 ten thousand, and combining the added sequential arrangement rule key and the reversed sequential arrangement rule key to obtain a sequential arrangement rule key of 94Multiplying 15 by about 9.8 ten thousand, and combining the reduced and reversed collation keys to form a collation key of 94Multiplying 15 by about 9.8 ten thousand, adding the order rule key, subtracting the order rule keyThe key, the staggered ordered-arrangement rule key, and the combined ordered-arrangement rule key 94Multiplying 9 by 15 is approximately equal to 88 ten thousand, and the sequence rule key obtained by combining the added sequence rule key, the subtracted sequence rule key and the carried sequence rule key is 94Multiplying 9 by 15 is approximately equal to 88 ten thousand, and the sequence arrangement rule key obtained by mutually combining the added sequence arrangement rule key, the subtracted sequence arrangement rule key and the reversed sequence arrangement rule key is 94Multiplying 9 by 15 equals to about 88 ten thousand, and the rule key calculation signature algorithm has about 1400 ten thousand rule keys. Regular key computation signature algorithm 6-bit dynamic password 106The total number is 100 ten thousand. The rule key calculation signature algorithm is an asymmetric algorithm, the signature rule key plus algorithm is calculated, and the signature rule key is a minus algorithm when the signature rule key is verified (for example, the signature rule key 3 plus 5 and the dynamic password 201916 are calculated to calculate the signature transformation 206916 intelligent password algorithm, and the signature rule key is a 3 minus 5 pair intelligent password 206916 decryption recovery 201916 dynamic password algorithm when the signature rule key is verified); an algorithm for calculating a subtraction of a signature rule key, wherein an algorithm for verifying the signature rule key is an algorithm for adding (for example, an algorithm for calculating a subtraction of 4 from 5 for a signature rule key and a dynamic password 902833 for calculating a signature transformation 902333 smart cryptographic algorithm, and an algorithm for decrypting and recovering 902833 a 902333 smart password by adding 4 to 5 for verifying the signature rule key); an algorithm for calculating the dislocation of the signature rule key, wherein the algorithm for verifying the signature rule key is a dislocated algorithm (for example, an algorithm for calculating the dislocation 6 of the signature rule key 3 and a dynamic password 658060 to calculate signature transformation 650068 intelligent password algorithm, and an algorithm for verifying the signature rule key is a 6-dislocation 3 to 650068 intelligent password decryption restoration 658060 dynamic password algorithm); an algorithm for calculating the carry of the signature rule key, wherein the dynamic password digit correction of the rule key back is carried out in the algorithm for verifying the signature rule key back, the dynamic password digit subtraction of the carry of the rule key is equal to the dynamic password digit of the rule key back (for example, the algorithm for calculating the signature rule key 6 carry 5 and the dynamic password 285046 to calculate the signature transformation 628504 intelligent cryptographic algorithm; the dynamic password digit subtraction of the rule key 6 carry 5 for verifying the signature rule key is carried is equal to 1 back 5 for decrypting and recovering the 628504 intelligent cryptographic 285046 dynamic password algorithm); the signature rule key is verified to be a carry algorithm, wherein the dynamic password digit number of the rule key carry is corrected, the dynamic password digit number of the rule key carry plus the back digit number of the rule key back digit are equal to the dynamic password digit number of the rule key carry (for example, the signature rule key 2 back digit 3 and the dynamic password 604529 are calculated to calculate a signature transformation intelligent password 645209 algorithm, and the signature rule key verified to be the back rule key dynamic password digit number 2 plus the back digit number 3 is equal to 5 carry 3 to decrypt and recover the 645209 intelligent password 604529 dynamic password algorithm). The regular key calculation signature algorithm is a calculation non-carry digit of a dynamic password digit or an intelligent password digit and an operand, only a digit is recorded, and when the dynamic password digit or the intelligent password digit and the operand are not sufficiently calculated, a result obtained by adding 10 to the dynamic password digit or the intelligent password digit is calculated. (e.g., rule Key 3 plus 5 and dynamic password 508239 compute signatures, dynamic password 3 bit 8 plus 5 operands equal 13, counts no more than 1 carry bits, computes a signature transformation 503239 smart password for dynamic password 508239; verifying a signature rule Key is 3 minus 5 to 503239 smart password 3 bit 3 minus 5 operands insufficient, smart password 3 bit 3 plus 10 equal 13 minus 5 operands equal 8 operands decrypt 503239 smart password to recover 508239 a dynamic password; e.g., rule Key 4 minus 7 and dynamic password 301682 compute signatures; dynamic password 4 bit 6 minus 7 operands are insufficient, dynamic password 4 bit 6 plus 10 equal 16 minus 7 operands equal 9 operands equal 301682 compute a signature transformation 301982 a dynamic password; verifying a signature rule Key is 4 plus 7 to 301982 smart password 4 bit 9 plus 7 operands equal 16, not counting the carry number 1, only recording the single digit 6, and decrypting the intelligent password 301982 to recover 301682 dynamic passwords. ).
The method and the system of the embodiment are basically the same as the process of obtaining system service by using the traditional password authentication system authentication, only change a little in the login and authentication processes, for example, the method and the system calculate a signature transformation intelligent password by a rule key 1 minus 5 and a mobile phone intelligent password signer dynamic password 932305 to perform an identity authentication process, a login authentication client inputs a user account and uses a 1 minus 5 rule key and a mobile phone intelligent password signer dynamic password 932305 to calculate a signature transformation 432305 intelligent password by a rule key operation key, a number key 1, a minus key, a number key 5, a signature key and a rule key operation module to send to an authentication server to verify the identity authentication server to verify the signature, meanwhile, a 432305 intelligent login password authentication client for calculating the signature transformation is sent to the authentication server to verify the identity authentication, the authentication server calls out the user account information from a database to verify the correctness, a 432305 intelligent password logged in the authentication client is compared with a certificate application password applied by a mobile phone intelligent password signer to verify that the identity is correct, and the certificate application password is a certificate application certificate, the certificate, the certificate application password is an evidence, and the certificate application certificate is an electronic certificate, and the certificate application certificate is returned to verify that the user is an evidence.
Example two:
this embodiment is an improvement of the step of performing identity authentication by calculating a signature transformation smart password through a rule key and a mobile phone smart password signer in the smart password signature identity authentication method and system described in embodiment , as shown in fig. 3.
The substep in the step of calculating a signature transformation intelligent password by a rule key and a mobile phone intelligent password signer to carry out identity authentication comprises the following steps:
the login authentication client inputs a user account number and uses a rule key and a dynamic password of the mobile phone intelligent password signer to calculate a signature transformation intelligent password through a rule key operation key and a rule key operation module and send the signature transformation intelligent password to an authentication server to verify the signature identity authentication, and simultaneously, the login authentication client of the intelligent password for calculating the signature transformation is sent to the authentication server to verify the substep of the signature identity authentication.
The authentication server calls out the user account information from the database to verify that the user account information is correct, compares the intelligent password logged in by the authentication client with the intelligent password sent by the mobile phone intelligent password signer, and terminates the operation if the comparison is incorrect. And the substep of decrypting the intelligent password by the rule key operation module and recovering the dynamic password verification signature through the rule key to identify the user or others if the comparison is correct.
The authentication server records the signature fact electronic evidence for the user in detail, and the mobile phone intelligent password signer records the substep of calculating the signature fact electronic evidence for the user in detail.
And returning the authentication result to the application server, and returning the user and giving corresponding authority to the application server, thereby completing substeps of the intelligent password signature identity authentication process.

Claims (1)

  1. The intelligent cipher signature identity authentication method includes the following steps:
    the mobile phone intelligent password signer is a mobile phone intelligent password signer which is used for a user to calculate a signature transformation intelligent password by using a regular secret key and a dynamic password through a regular secret key operation key and a regular secret key operation module, is used for installing mobile phone intelligent password signer software directly downloaded by the user on a mobile phone interface, synchronizes a time seed 60-second-change dynamic password of the mobile phone intelligent password signer with a dynamic password of an authentication server, uses the regular secret key and the mobile phone intelligent password of the mobile phone intelligent password signer as parameters through a regular secret key trust algorithm, calculates the signature through the regular secret key operation key and the regular secret key operation module, transforms the intelligent password to log in and verify the identity authentication of the signature, cannot predict and track the 60-second-change dynamic password of the mobile phone intelligent password signer, and the regular secret key is permanently secret to other people of the user, so that the intelligent password for calculating the signature transformation cannot imitate and forge and cannot be forged, and simultaneously the secret intelligent password for calculating the signature transformation by the user is not denied, thereby ensuring the uniqueness and the identity of the user;
    a step of rule key operation; the rule key is an operation rule key for a user to use a dynamic password of the mobile phone intelligent password signer to calculate a signature through a rule key operation key and a rule key operation module, the operation rule key is an operation rule key for an authentication server rule key operation module to decrypt an intelligent password through the rule key to restore the dynamic password to verify the signature, the operation rule key for the user to use the dynamic password of the mobile phone intelligent password signer to calculate the signature through the rule key operation key and the rule key operation module, and the operation rule key comprises an operation rule key for the authentication server rule key operation module to decrypt the intelligent password through the rule key to restore the dynamic password to verify the signature; is an added order arrangement rule key and a subtracted order arrangement rule key which are formed by each bit of a dynamic password 1-6 and an operand 1-9; the rule key is arranged in the order of dislocation composed of 1-6 bits of dynamic password, the rule key is arranged in the order of carry, and the rule key is arranged in the order of retreat; the method comprises the steps that each bit of a dynamic password 1-6 and an operand 1-9 form an added order arrangement rule key and a subtracted order arrangement rule key; the order arrangement rule key is composed of 1-6 bits of dynamic password, the order arrangement rule key of carry, and the order arrangement rule key of back bit;
    calculating a signature algorithm operation by a rule key; the rule key calculation signature algorithm adds about 53 ten thousand kinds of sequence arrangement rule keys, subtracts about 53 ten thousand kinds of sequence arrangement rule keys, the dislocation sequence arrangement rule keys are 22 kinds, the carry sequence arrangement rule keys are 35 kinds, and the setback sequence arrangement rule keys are 35 kinds; about 1000 ten thousand of the sequentially arranged regular keys including the added sequentially arranged regular keys and the subtracted sequentially arranged regular keys, about 9.8 ten thousand of the sequentially arranged regular keys including the added sequentially arranged regular keys and the staggered sequentially arranged regular keys, about 9.8 ten thousand of the sequentially arranged regular keys including the subtracted sequentially arranged regular keys and the staggered sequentially arranged regular keys, about 9.8 ten thousand of the sequentially arranged regular keys including the added sequentially arranged regular keys and the carry sequentially arranged regular keys, about 9.8 ten thousand of the sequentially arranged regular keys including the subtracted sequentially arranged regular keys and the carry sequentially arranged regular keys, about 9.8 ten thousand of the sequentially arranged regular keys including the added sequentially arranged regular keys and the carry-out sequentially arranged regular keys, and about 9.8 ten thousand of the sequentially arranged regular keys including the subtracted sequentially arranged regular keys About 9.8 ten thousand keys, about 88 ten thousand added sequential arrangement rule keys, about 88 ten thousand subtracted sequential arrangement rule keys and about 88 ten thousand carry out mutual combination, about 88 ten thousand added sequential arrangement rule keys, about 1400 ten thousand added sequential arrangement rule keys and about 100 ten thousand rule keys for a rule key calculation signature algorithm 6-bit dynamic password; the rule key calculation signature algorithm is an asymmetric algorithm, a signature rule key plus algorithm is calculated, and a signature rule key is a minus algorithm if verification is carried out; calculating a signature rule key subtraction algorithm, and verifying that the signature rule key is an addition algorithm; calculating the algorithm of the dislocation of the signature rule key, and verifying the signature rule key to be the algorithm of the dislocation; calculating an algorithm of signature rule key carry, wherein the verification of the signature rule key is an algorithm of backspace, wherein the dynamic password digit of the backspace of the rule key is corrected, and the dynamic password digit of the regular key carry minus the carry is equal to the dynamic password digit of the backspace of the rule key; calculating an algorithm of the backspace of the signature rule key, and verifying that the signature rule key is a carry algorithm, wherein the dynamic password digit of the carry of the rule key is corrected, and the dynamic password digit of the backspace of the rule key plus the backspace digit is equal to the dynamic password digit of the carry of the rule key; the rule key calculation signature algorithm is a calculation non-carry digit of a dynamic password digit or an intelligent password digit and an operand, only a digit is recorded, and when the dynamic password digit or the intelligent password digit and the operand are not sufficiently calculated, the dynamic password digit or the intelligent password digit is added with 10 to calculate a result with the operand;
    the identity authentication method comprises the following steps of calculating a signature transformation intelligent password through a rule key and a mobile phone intelligent password signer to perform identity authentication:
    the login authentication client inputs a user account number and uses a rule key and a dynamic password of the mobile phone intelligent password signer to calculate a signature transformation intelligent password through a rule key operation key and a rule key operation module and send the signature transformation intelligent password to an authentication server to verify the signature identity authentication, and simultaneously, the login authentication client of the intelligent password for calculating the signature transformation is sent to the authentication server to verify the substep of the signature identity authentication;
    the authentication server calls out the information of the user account from the database to verify the correctness, compares the intelligent password logged in by the authentication client with the intelligent password sent by the intelligent password signer of the mobile phone, terminates the operation if the comparison is incorrect, and identifies the user or others by decrypting and recovering the dynamic password verification signature by the rule key of the rule key operation module if the comparison is correct;
    the authentication server records the verification signature fact electronic evidence for the user in detail, and the mobile phone intelligent password signer records the substep of calculating the signature fact electronic evidence for the user in detail;
    and returning the authentication result to the application server, and returning the user and giving corresponding authority to the application server, thereby completing substeps of the intelligent password signature identity authentication process.
CN201710308139.6A 2017-05-04 2017-05-04 intelligent password signature identity authentication method and system Active CN106921501B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710308139.6A CN106921501B (en) 2017-05-04 2017-05-04 intelligent password signature identity authentication method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710308139.6A CN106921501B (en) 2017-05-04 2017-05-04 intelligent password signature identity authentication method and system

Publications (2)

Publication Number Publication Date
CN106921501A CN106921501A (en) 2017-07-04
CN106921501B true CN106921501B (en) 2020-01-31

Family

ID=59567886

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710308139.6A Active CN106921501B (en) 2017-05-04 2017-05-04 intelligent password signature identity authentication method and system

Country Status (1)

Country Link
CN (1) CN106921501B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110557407A (en) * 2019-10-11 2019-12-10 北京帕斯沃得科技有限公司 Authentication terminal for compiling password based on identity authentication digital signature
CN110650021A (en) * 2019-10-15 2020-01-03 北京帕斯沃得科技有限公司 Authentication terminal network real-name authentication method and system
CN111245865A (en) * 2020-02-29 2020-06-05 北京帕斯沃得科技有限公司 Network real-name authentication method and system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101500011A (en) * 2009-03-13 2009-08-05 北京华大智宝电子系统有限公司 Method and system for implementing dynamic password security protection
CN101667917A (en) * 2009-09-28 2010-03-10 张师祝 Dynamic password input rule
CN102075522A (en) * 2010-12-22 2011-05-25 北京航空航天大学 Secure certification and transaction method with combination of digital certificate and one-time password
CN105262588A (en) * 2015-11-03 2016-01-20 网易(杭州)网络有限公司 Log-in method based on dynamic password, account number management server and mobile terminal

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8869303B2 (en) * 2013-02-16 2014-10-21 Mikhail Fleysher Method and system for generation of dynamic password

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101500011A (en) * 2009-03-13 2009-08-05 北京华大智宝电子系统有限公司 Method and system for implementing dynamic password security protection
CN101667917A (en) * 2009-09-28 2010-03-10 张师祝 Dynamic password input rule
CN102075522A (en) * 2010-12-22 2011-05-25 北京航空航天大学 Secure certification and transaction method with combination of digital certificate and one-time password
CN105262588A (en) * 2015-11-03 2016-01-20 网易(杭州)网络有限公司 Log-in method based on dynamic password, account number management server and mobile terminal

Also Published As

Publication number Publication date
CN106921501A (en) 2017-07-04

Similar Documents

Publication Publication Date Title
US11252136B2 (en) System and method for identity verification across mobile applications
CN106789047B (en) A kind of block chain identification system
CN108270571B (en) Internet of Things identity authorization system and its method based on block chain
CN100432889C (en) System and method providing disconnected authentication
CN106612180B (en) Method and device for realizing session identification synchronization
CN102664885B (en) Identity authentication method based on biological feature encryption and homomorphic algorithm
EP2259540B1 (en) Method and system for generating digital fingerprint
US9467293B1 (en) Generating authentication codes associated with devices
CN107302438B (en) Private key protection method, system and device based on key updating
US20180034810A1 (en) A system and methods for protecting keys in computerized devices operating versus a server
CN108737326B (en) Method, system, device and electronic equipment for token verification
US20060036857A1 (en) User authentication by linking randomly-generated authentication secret with personalized secret
CN111756533A (en) System, method and storage medium for secure password generation
CN111159684B (en) Safety protection system and method based on browser
CN106911722B (en) Intelligent password signature identity authentication bidirectional authentication method and system
EP1886204B1 (en) Transaction method and verification method
CN101163009A (en) System, server, terminal and tamper resistant device for authenticating a user
CN109075965B (en) Method, system and apparatus for forward secure cryptography using passcode authentication
CN110659467A (en) Remote user identity authentication method, device, system, terminal and server
US10091189B2 (en) Secured data channel authentication implying a shared secret
WO2008031301A1 (en) A method for the point to point online identity authenticaiton
CN106921501B (en) intelligent password signature identity authentication method and system
CN111355591A (en) Block chain account safety management method based on real-name authentication technology
Hassan et al. A secure multi factor user authentication framework for electronic payment system
US20130166911A1 (en) Implementation process for the use of cryptographic data of a user stored in a data base

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant