CN108737346A - A kind of method of password authentication and its device, server, communication system - Google Patents

A kind of method of password authentication and its device, server, communication system Download PDF

Info

Publication number
CN108737346A
CN108737346A CN201710265319.0A CN201710265319A CN108737346A CN 108737346 A CN108737346 A CN 108737346A CN 201710265319 A CN201710265319 A CN 201710265319A CN 108737346 A CN108737346 A CN 108737346A
Authority
CN
China
Prior art keywords
password
digit
random
reckoning
random order
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710265319.0A
Other languages
Chinese (zh)
Other versions
CN108737346B (en
Inventor
司徒铨标
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Gree Electric Appliances Inc of Zhuhai
Original Assignee
Gree Electric Appliances Inc of Zhuhai
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gree Electric Appliances Inc of Zhuhai filed Critical Gree Electric Appliances Inc of Zhuhai
Priority to CN201710265319.0A priority Critical patent/CN108737346B/en
Publication of CN108737346A publication Critical patent/CN108737346A/en
Application granted granted Critical
Publication of CN108737346B publication Critical patent/CN108737346B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The present invention relates to fields of communication technology, more particularly to a kind of method of password authentication and its device, server, communication system.Wherein, this method includes obtaining password to be verified;Determine that the reckoning digit of each random order and each random order of random number on default number axis, each random order and reckoning digit are all used to indicate user and calculate password to be verified;According to each random order and calculate that digit calculates standard cipher;Verification result is determined according to password to be verified and standard cipher.Since corresponding reckoning digit can be identical or differs each random digit on default number axis, and the random digit of each of random number can be identical or differs, therefore, each password or standard cipher to be verified is dynamic change, and the process calculated is based on default number axis, however default number axis includes multiple and different default value, to make unauthorized person relatively be difficult to decrypt therefore, which can improve the safety of information.

Description

A kind of method of password authentication and its device, server, communication system
Technical field
The present invention relates to fields of communication technology, more particularly to a kind of method of password authentication and its device, server, communication System.
Background technology
Information security is always the topic that society discusses warmly.Rivest, shamir, adelman at present can substantially meet adding for information Close safety, but due to the awareness of safety of user weakness, the very simple that password is arranged, or it is inadvertently (such as defeated During entering password, password is not blocked), cause password to reveal, the information security of extreme influence to user.
Traditional technology provides a kind of dynamic password authentication method, and user calculates to be verified according to random number and preset value Code, and the code to be verified is sent to server by terminal, server is by pre-set correct verification code and code to be verified It is compared, to determine verification result.
Inventor in the implementation of the present invention, it is found that related conventional technology at least has following difference:Since this is pre- If value is changeless, some unauthorized persons obtain different random number by other illegal means and the random number is corresponding tests Demonstrate,prove code, easily push over out the encryption logic that login module calculates identifying code, for example, preset value is 12, for the first time with Machine number is 6, then first time identifying code is 18;Second of random number is 51, then second of identifying code is 63.Unauthorized person passes through it Its illegal means obtains the random number and identifying code twice, and it is 12 that can push over out preset value, therefore, in third time random number When being 23, it is 35 that unauthorized person can calculate identifying code easily.
Invention content
One purpose of the embodiment of the present invention is intended to provide a kind of method of password authentication and its device, server, communication system System, which solve the technical problems that the safety of prior art password authentification is poor.
In order to solve the above technical problems, the embodiment of the present invention provides following technical scheme:
In a first aspect, the embodiment of the present invention discloses a kind of method of password authentication, the method includes:It obtains to be verified close Code;Determine the reckoning digit of each random order and each random order of random number on default number axis, it is described each random Position and reckoning digit are all used to indicate user and calculate the password to be verified;According to each random order and reckoning digit meter Calculate standard cipher;Verification result is determined according to the password to be verified and standard cipher.
Optionally, each random order and reckoning digit are all used to indicate user and calculate the password to be verified, wrap It includes:Each random order is used to indicate user and determines a present count equal with each random order on default number axis Value;The reckoning digit is used to indicate user using the default value as starting point, and cycle is calculated to described on default number axis The correspondence password position of password to be verified, bit value of the corresponding password position on default number axis, which postpones, described calculates pushing away for digit Direction is calculated, the digit after natural number one is subtracted with reckoning digit described in the default value interval.
Optionally, the default number axis includes the number axis being made of natural number N, wherein natural number N be 0-9 in it is any from So number, and natural number N is default value.
Optionally, the computation direction for calculating digit includes at least the positive computation direction on the default number axis and bears Computation direction.
Optionally, reckoning digit of the determination each random order on default number axis, including:Judge described each Computation direction of the random order on default number axis;If computation direction of each random order on default number axis is positive reckoning side To determining that reckoning digit of each random order on default number axis is positive to calculate digit;If each random order is pre- If the computation direction on number axis is negative computation direction, determine that reckoning digit of each random order on default number axis is negative push away Calculate digit.
Optionally, described that standard cipher is calculated according to each random order and reckoning digit, including:It is public according to verification Formula calculates each password position of standard cipher;Each password hyte is synthesized into the standard cipher;Wherein, the verification is public Formula is:
A (n)={ RANDOM (n)+RULE (n)+10 } %10
A (n) indicates that n-th of password position of standard cipher, RANDOM (n) indicate n-th of random order of random number, RULE (n) the corresponding reckoning digit of computation direction is indicated, it is positive to calculate that the corresponding reckoning range of digit includes 0,1,2,3,4,5, it bears and calculates The corresponding reckoning range of digit indicates modulo operation including -5, -4, -3, -2, -1, %.
Optionally, the reckoning digit in each random order and each random order for determining random number on default number axis Before, the method further includes:When detecting that the random number is more than preset time, random number is regenerated;It is detecting When the random number is less than preset time, determine that the random number is effective.
Optionally, described that verification result is determined according to the password to be verified and standard cipher, including:Judge described to be tested It demonstrate,proves password and whether the standard cipher is identical;If identical, determination is proved to be successful;If differing, authentication failed is determined.
In second aspect, the embodiment of the present invention provides a kind of password authentication device, and described device includes:Acquisition module is used In acquisition password to be verified;First determining module, each random order and each random order for determining random number are pre- If the reckoning digit on number axis, each random order and reckoning digit are used to indicate user and calculate the password to be verified; Computing module, for calculating standard cipher according to each random order and reckoning digit;Second determining module is used for basis The password to be verified and standard cipher determine verification result.
Optionally, each random order and reckoning digit are all used to indicate user and calculate the password to be verified, wrap It includes:Each random order is used to indicate user and determines a present count equal with each random order on default number axis Value;The reckoning digit is used to indicate user using the default value as starting point, and cycle is calculated to described on default number axis The correspondence password position of password to be verified, bit value of the corresponding password position on default number axis, which postpones, described calculates pushing away for digit Direction is calculated, the digit after natural number one is subtracted with reckoning digit described in the default value interval.
Optionally, the default number axis includes the number axis being made of natural number N, wherein natural number N be 0-9 in it is any from So number, and natural number N is default value.
Optionally, the computation direction for calculating digit includes at least the positive computation direction on the default number axis and bears Computation direction.
Optionally, first determining module includes:First judging unit, for judging each random order default Computation direction on number axis;First determination unit, if being just for computation direction of each random order on default number axis Computation direction determines that reckoning digit of each random order on default number axis is positive reckoning digit;Second determination unit is used If being negative computation direction in computation direction of each random order on default number axis, determine each random order default Reckoning digit on number axis is negative reckoning digit.
Optionally, the computing module includes:Computing unit, for according to verification formula, calculating the every of standard cipher A password position;Assembled unit, for each password hyte to be synthesized the standard cipher;
Wherein, the verification formula is:
A (n)={ RANDOM (n)+RULE (n)+10 } %10
A (n) indicates that n-th of password position of standard cipher, RANDOM (n) indicate the corresponding random order in n-th of password position, RULE (n) indicates the corresponding reckoning digit of computation direction of n-th of password position, it is positive calculate corresponding the reckonings range of digit including 0, 1,2,3,4,5, it bears and calculates that the corresponding reckoning range of digit indicates modulo operation including -5, -4, -3, -2, -1, %.
Optionally, described device further includes:Generation module, for detect the random number be more than preset time when, Regenerate random number;Third determining module, it is described random for when detecting that the random number is less than preset time, determining Number is effective.
Optionally, second determining module includes:Second judgment unit, for judge the password to be verified with it is described Whether standard cipher is identical;Third determination unit, if for identical, determination is proved to be successful;4th determination unit, if for not phase Together, authentication failed is determined.
In the third aspect, the embodiment of the present invention provides a kind of server, and the server includes:At least one processor; And the memory at least one processing communication connection;Wherein, be stored with can be by described at least one for the memory The instruction that processor executes, described instruction is executed by least one processor, so that at least one processor can Method of password authentication for executing any of the above-described.
In fourth aspect, the embodiment of the present invention provides a kind of communication system, and the communication system includes terminal and at least one A server, at least one server and terminal called;The server includes:At least one processor;And with institute State the memory of at least one processing communication connection;Wherein, the memory, which is stored with, to be held by least one processor Capable instruction, described instruction is executed by least one processor, so that at least one processor can be used in executing The method of password authentication of any of the above-described.
In each embodiment of the present invention, when carrying out password authentification, by obtaining password to be verified, random number is determined The reckoning digit of each random order and each random order on default number axis, wherein each random order and reckoning digit are all used for Instruction user calculates password to be verified, according to each random order and calculates that digit calculates standard cipher, according to be verified close Code and standard cipher determine verification result.Since corresponding reckoning digit can be identical on default number axis for each random digit, Can not also be identical, and the random digit of each of random number can be identical, can not also be identical, it is therefore, to be verified calculating When password or standard cipher, each password or standard cipher to be verified are dynamic changes, and the process calculated is to be based on Default number axis, however default number axis includes multiple and different default value, to make unauthorized person relatively be difficult to decrypt, even if non- Method personnel obtain different random number and password to be verified by other illegal means, not yet can simply infer encryption and patrol Volume, therefore, which can improve the safety of information.
Description of the drawings
One or more embodiments are illustrated by the picture in corresponding attached drawing, these exemplary theorys The bright restriction not constituted to embodiment, the element with same reference numbers label is expressed as similar element in attached drawing, removes Non- to have special statement, composition does not limit the figure in attached drawing.
Fig. 1 is that the embodiment of the present invention provides a kind of application scenarios schematic diagram of dynamic password;
Fig. 2 is the application scenarios schematic diagram that the embodiment of the present invention provides another dynamic password;
Fig. 3 is that the embodiment of the present invention provides a kind of structural schematic diagram of communication system;
Fig. 4 is that the embodiment of the present invention provides a kind of structural schematic diagram of server;
Fig. 5 is that the embodiment of the present invention provides a kind of structural schematic diagram of password authentication device;
Fig. 6 is the structural schematic diagram of the first determining module in Fig. 5;
Fig. 7 is the structural schematic diagram of computing module in Fig. 5;
Fig. 8 is the structural schematic diagram of the second determining module in Fig. 5;
Fig. 9 is that another embodiment of the present invention provides a kind of structural schematic diagram of password authentication device;
Figure 10 is that the embodiment of the present invention provides a kind of flow diagram of method of password authentication;
Figure 11 is the flow diagram of step 62 in Figure 10;
Figure 12 is the structural schematic diagram that the embodiment of the present invention provides a kind of electronic equipment.
Specific implementation mode
In order to make the purpose , technical scheme and advantage of the present invention be clearer, with reference to the accompanying drawings and embodiments, right The present invention is further elaborated.It should be appreciated that described herein, specific examples are only used to explain the present invention, not For limiting the present invention.
User's login application program or when carrying out some important services, needs the verification for carrying out password.The present invention is implemented Example provides a kind of application scenarios of dynamic password.As shown in Figure 1, the application scenarios 100 include following element:User's first 11, from Dynamic automatic teller machine 12 and server 13, ATM 12 are connect by wirelessly or non-wirelessly mode with server 13.
In some embodiments, ATM 12 can also be the various electronic equipments with logical operation function, example Such as, mobile communication equipment, super mobile personal computer equipment, portable entertainment device, other with video playback capability and on The electronic equipment of net function and etc..
Mobile communication equipment be have mobile communication function, and with provide speech, data communication for main target.It is this kind of Terminal includes:Smart mobile phone (such as iPhone), multimedia handset, functional mobile phone and low-end mobile phone etc..
Super mobile personal computer equipment belongs to the scope of personal computer, has calculating and processing function, generally also has Mobile Internet access characteristic.This Terminal Type includes:PDA, MID and UMPC equipment etc., such as iPad.
Portable entertainment device can show and play video content, generally also have mobile Internet access characteristic.Such equipment Including:Video player, handheld device and intelligent toy and portable car-mounted navigation equipment.
Server 13 can be a physical server or multiple physical servers it is virtual made of a logical services Device.Server 13 can also be it is multiple can interconnected communication server composition server zone, and provide dynamic password verification dress The each function module set can be respectively distributed on each server in server zone.
As shown in Figure 1, user's first 11 is inserted into bank card in ATM 12, ATM 12 is applied to server 13 A random number with N random orders is generated, therefore, server 13 sends this at random to the ATM 12 of corresponding ports Number, and the random number is presented from the display interface of ATM 12 to user's first 11, user can be according to pre-set Computation rule to calculate password to be verified, and inputs this in the user interface of ATM 12 and waits in conjunction with random number Verify password.The password to be verified is sent to server 13 by ATM 12, and server 13 is again according to the computation rule Standard cipher is calculated, which is correct.13 standard ciphers of server are compared with password to be verified, if Comparison result meets default desired value, then server 13 thinks that user's first is validated user, can open relevant operating rights It limits and gives user's first.If comparison result not yet meets default desired value, server 13 is thought that user's first is disabled user, is forbidden Open associated rights give user's first.In some embodiments, so-called default desired value can be diversified, for example, its It can be " password to be verified is identical as standard cipher ", can also be that " difference of password and standard cipher to be verified is all fixed The numerical value set, such as 5 ", it might even be possible to be " meeting certain functional relation between password and standard cipher to be verified " and Etc..
In application scenes, ATM 12 is realized and the relevant function mould of cryptographic authorization functions with server 13 Block can be integrated, that is,:13 part of server can be integrated in automatic cabinet with the relevant function module of cryptographic authorization functions Therefore member's machine 12 in application scenes, as shown in Fig. 2, server 13 is can be ignored, can only retain automatic Automatic teller machine 12.
For the method for password authentication that the present invention is further explained embodiment provides, as shown in figure 3, the embodiment of the present invention carries For a kind of communication system, which includes terminal 31 and multiple servers 32, terminal 31 respectively wirelessly with Multiple servers 32 are communicated.
User operates in terminal 31, for example, executing the operation of activating pin in terminal 31.Terminal 31 is to server 32 Application generates a random number with N random orders, and (for example, random number is 12, therefore the random number 12 is random with two Position 1 and 2).In some embodiments, which can be that server 32 dynamically generates, and can also make the day of reference time Issue, hourage and etc..For example, 2017-03-28 11:03:01, then it can extract a position of the units and hour in month Number is used as radix, for example, " 3 " in March, " 1 " in 11 hours.
The random number is issued to the terminal 31 of corresponding ports by server 32.User calculates according to random number and computation rule Go out password to be verified, and the password to be verified is inputted by the user interface of terminal 31, terminal 31 sends out the password to be verified It send to server 32.
Wherein, each password value (the also known as value of password position) in standard cipher determined by the computation rule is corresponding Rule need user to preset.For example, first password value of standard cipher be set as the third position of random number with Machine value corresponding default value in default number axis calculates forward two identified numerical value, wherein the default number axis include by The number axis of natural number N compositions, wherein natural number N is any natural number in 0,1,2,3,4,5,6,7,8,9, and natural number N is Default value, for example, random number is 4582, then the reckoning process of the first of standard cipher password value is as follows:The of random number Three random values are 8, random order " 8 " corresponding default value in default number axis 0-9 be " 8 " (if random order is " 6 ", Corresponding default value is " 6 "), then, default value " 8 " calculates forward 2 (calculating that digit is 2) on default number axis, pushes away Numerical value after calculation is fallen on " 6 ", and therefore, first password value of standard cipher is " 6 ".Therefore, each random order is all used to refer to Show that user determines a default value equal with each random order on default number axis.Calculate that digit is used to indicate user with pre- If numerical value is starting point, cycle is calculated to the correspondence password position of password to be verified on default number axis, and corresponding password position is default Bit value on number axis, which postpones, calculates the computation direction of digit, and the position after natural number one is subtracted with default value interval reckoning digit Number.(example as above, first password position " 6 " and 1, default value " 8 " interval, this 1 is equal to reckoning digit 2 and subtracts natural number 1)。
In the present embodiment, the computation rule is as described below:
1) the password digit of user's established standards password;For example, the embodiment of the present invention selects 4 standard ciphers.
2) it is arranged first of standard cipher;For example, which position of selection random number calculates forward or calculates backward several, Wherein, calculate forward to bear (-) calculate to be positive (+) backward.In some embodiments, user can be with self-defined fixed number First as mark password.
3) second of standard cipher is set;For example, which position of selection random number calculates forward or calculates backward several, Wherein, calculate forward to bear (-) calculate to be positive (+) backward.
4) the third position of standard cipher is set;For example, which position of selection random number calculates forward or calculates backward several, Wherein, calculate forward to bear (-) calculate to be positive (+) backward.
……
……
5) it is arranged N of standard cipher;For example, which position of selection random number calculates forward or calculates backward several, Wherein, calculate forward to bear (-) calculate to be positive (+) backward.
6) it is provided with.
When each password position of user setting, can there are many selection.The setting of the random digit of random number, is limited to Built in system or the random digit of random number is voluntarily arranged in user.And, it should be noted that:The random digit of random number is not Certain password digit for being equal to standard cipher.
In some embodiments, user needs definitely permission, only when above-mentioned computation rule is arranged in terminal 31 The permission of open setting computation rule, user side can customize computation rule.For example, in banking system, end side is set Computation rule should be grasped by the governor of bank or other bank clerks for possessing highest permission.Whenever the meter of setting end side When calculating rule, terminal 31 all needs to detect whether the user possesses corresponding permission.
Based on above-mentioned computation rule, an example is provided again herein, which is understood with auxiliary.
Server 32 issues a random number 1369 to terminal 31, wherein first password position of standard cipher is set as: The 2nd of random number calculates forward 5 (calculating that digit is 5);The second password position of standard cipher is set as:The of random number 1 calculates 3 backward;The third position password position of standard cipher is set as:The 3rd of random number calculates forward 3;Standard cipher The 4th password position be set as:The 4th of random number calculates 8 backward.
So, it is based on above-mentioned computation rule, calculated standard cipher is:First is 8;Second is:4;Third position For:3;4th is:7.Therefore, standard cipher 8437.
After terminal 31 receives user in the password to be verified that user interface inputs, server 32 is in response to terminal 31 Request and get the password to be verified from terminal 31.Then, server 32 transfer it is corresponding with the password to be verified with Machine number, and determine the reckoning digit of each random order and each random order of random number on default number axis.In some implementations In example, calculate that the computation direction of digit includes at least positive computation direction and negative computation direction on default number axis, therefore, service Device 32 judges reckoning of each random order on default number axis when each random order of determination is in the reckoning digit on default number axis Direction;If computation direction of each random order on default number axis is positive computation direction, determine each random order in default number axis On reckoning digit be positive to calculate digit;If computation direction of each random order on default number axis is negative computation direction, determine Reckoning digit of each random order on default number axis is negative reckoning digit.For example, standard cipher position 8437 as described above First password position of corresponding example, standard cipher is set as:The 2nd of random number calculates forward 5, can determine at this time Reckoning digit of second random order on default number axis is negative reckoning digit, is also " -2 ".In another example the second of standard cipher Position password position is set as:The 1st of random number calculates 3 backward, can determine the first random order on default number axis at this time It calculates that digit is positive reckoning digit, is also "+3 ".
In another example 8437 corresponding example of standard cipher position as described above, when server 32 receive it is to be verified close After code, server 32 can lock random number " 1369 ", and further, server 32 can also lock in random number " 1369 " "+3 (because it is that just, calculating forward is to calculate backward for first random order " 1 " and the corresponding reckoning digit of first random order " 1 " It is negative) ", " -5 (because it is just, forward to calculate backward for second random order " 3 " and the corresponding reckoning digit of second random order " 3 " Reckoning is negative) ", and so on, reckoning digit and the random order corresponding to each random order can be obtained.
And then, terminal 31 calculates each password position of standard cipher according to verification formula, and by each password position It is combined into the standard cipher.Wherein, which is:
A (n)={ RANDOM (n)+RULE (n)+10 } %10
A (n) indicates that n-th of password position of standard cipher, RANDOM (n) indicate the corresponding random order in n-th of password position, RULE (n) indicates the corresponding reckoning digit of computation direction of n-th of password position, it is positive calculate corresponding the reckonings range of digit including 0, 1,2,3,4,5, it bears and calculates that the corresponding reckoning range of digit indicates modulo operation including -5, -4, -3, -2, -1, %.
8437 corresponding example of standard cipher position as described above, the process that server 32 calculates standard cipher are as follows:
First password position of standard cipher:
A (1)={ RANDOM (1)+RULE (1)+10 } %10
Wherein, since first password position of standard cipher is set as:The 2nd of random number calculates forward 5 (to being pushed forward Bear at last), however, the second random order of random number " 1369 " be " 3 ", therefore RANDOM (1) be " 3 ", RULE (1) be "- 5 ", therefore:
A (1)=(3-5+10) %10;
Pass through modulo operation, A (1)=8;
It can similarly obtain, A (2)=4, A (3)=3, A (4)=7.
Finally, server 32 determines verification result according to password to be verified and standard cipher, if password to be verified and standard Password is identical, and determination is proved to be successful;If password to be verified is differed with standard cipher, authentication failed is determined.
If server 32 detect that random number is more than preset time, regenerates random number in verification process;If inspection When measuring random number less than preset time, determine that random number is effective.Effective random number can be used to verify password, because This, this measure can ensure the cipher safety of verification process.
In some embodiments, as shown in figure 4, server 32 includes at least one processor 321;And with it is described at least The memory 322 of one processor 321 communication connection;Wherein, be stored with can be by least one processing for the memory 322 The instruction that device 321 executes, described instruction is executed by least one processor 321, so that at least one processor 321 It can be used in executing such as above-mentioned method of password authentication.
, can not also be identical since corresponding reckoning digit can be identical on default number axis for each random digit, and The random digit of each of random number can be identical, can not also be identical, therefore, when calculating password or standard cipher to be verified, Each password or standard cipher to be verified is dynamic change, and the process calculated is to be based on default number axis, however preset Number axis includes multiple and different default value, to make unauthorized person relatively be difficult to decrypt, even if unauthorized person pass through it is other non- Method means obtain different random number and password to be verified, not yet can simply infer encryption logic, therefore, which tests Card method can improve the safety of information.
As the another aspect of the embodiment of the present invention, the embodiment of the present invention provides a kind of password authentication device, such as Fig. 5 institutes Show, which includes acquisition module 51, the first determining module 52, computing module 53 and the second determining module 54.
Acquisition module 51 obtains password to be verified, and sends and ask to the first determining module 52, the first determining module 52 In response to the request of acquisition module 51, the reckoning position of each random order and each random order of random number on default number axis is determined Number, each random order and reckoning digit are all used to indicate user and calculate password to be verified.Specifically, each random order and reckoning Digit, which is all used to indicate user and calculates the password to be verified, includes:Each random order is used to indicate user on default number axis Determine a default value equal with each random order;It is starting to calculate that digit is used to indicate user with the default value Point, cycle is calculated to the correspondence password position of password to be verified on default number axis, digit of the corresponding password position on default number axis Value, which postpones, calculates the computation direction of digit, and the digit after natural number one is subtracted with default value interval reckoning digit.
In some embodiments, default number axis includes the number axis being made of natural number N, wherein natural number N is to appoint in 0-9 One natural number, and natural number N is default value.
In some embodiments, calculate that the computation direction of digit includes at least the positive computation direction on default number axis and bears Computation direction.Further, as shown in fig. 6, the first determining module 52 includes the first judging unit 521, the first determination unit 522 And second determination unit 523, the first judging unit 521 are used to judge computation direction of each random order on default number axis;The If a determination unit 522 is used for each random order, the computation direction on default number axis is positive computation direction, is determined each random Reckoning digit of the position on default number axis is positive reckoning digit;If the second determination unit 523 is used for each random order in present count Computation direction on axis is negative computation direction, determines that reckoning digit of each random order on default number axis is to bear to calculate digit. For example, 8437 corresponding example of standard cipher position as described above, first password position of standard cipher is set as:Random number The 2nd calculate 5 forward, can determine at this time reckoning digit of second random order on default number axis be it is negative calculate digit, Also it is " -2 ".In another example the second password position of standard cipher is set as:The 1st of random number calculates 3 backward, at this time It can determine that reckoning digit of first random order on default number axis is positive reckoning digit, also be "+3 ".
Computing module 53 is according to each random order and calculates that digit calculates standard cipher.Specifically, as shown in fig. 7, meter It includes computing unit 531 and assembled unit 532 to calculate module 53, and computing unit 531 calculates standard cipher according to verification formula Each password hyte is synthesized the standard cipher by each password position, assembled unit 532.Wherein, which is:
A (n)={ RANDOM (n)+RULE (n)+10 } %10
A (n) indicates that n-th of password position of standard cipher, RANDOM (n) indicate the corresponding random order in n-th of password position, RULE (n) indicates the corresponding reckoning digit of computation direction of n-th of password position, it is positive calculate corresponding the reckonings range of digit including 0, 1,2,3,4,5, it bears and calculates that the corresponding reckoning range of digit indicates modulo operation including -5, -4, -3, -2, -1, %.
8437 corresponding example of standard cipher position as described above, computing module 53 calculate the process of standard cipher such as Under:
First password position of standard cipher:
A (1)={ RANDOM (1)+RULE (1)+10 } %10
Wherein, since first password position of standard cipher is set as:The 2nd of random number calculates forward 5 (to being pushed forward Bear at last), however, the second random order of random number " 1369 " be " 3 ", therefore RANDOM (1) be " 3 ", RULE (1) be "- 5 ", therefore:
A (1)=(3-5+10) %10;
Pass through modulo operation, A (1)=8;
It can similarly obtain, A (2)=4, A (3)=3, A (4)=7.
Second determining module 54 determines verification result according to password to be verified and standard cipher.Specifically, as shown in figure 8, Second determining module 54 includes second judgment unit 541, third determination unit 542 and the 4th determination unit 543.Second judges list Member 541 is for judging whether password to be verified is identical as standard cipher;If third determination unit 542 is for identical, determining verification Success;If the 4th determination unit 543 determines authentication failed for differing.
In some embodiments, as shown in figure 9, the password authentication device 500 further includes generation module 55 and third determination Module 56, generation module 55 are used to, when detecting that random number is more than preset time, regenerate random number.Third determining module 56 for when detecting that random number is less than preset time, determining that random number is effective.Effective random number can be used to test Password is demonstrate,proved, therefore, this measure can ensure the cipher safety of verification process.
, can not also be identical since corresponding reckoning digit can be identical on default number axis for each random digit, and The random digit of each of random number can be identical, can not also be identical, therefore, when calculating password or standard cipher to be verified, Each password or standard cipher to be verified is dynamic change, and the process calculated is to be based on default number axis, however preset Number axis includes multiple and different default value, to make unauthorized person relatively be difficult to decrypt, even if unauthorized person pass through it is other non- Method means obtain different random number and password to be verified, not yet can simply infer encryption logic, therefore, which tests Card method can improve the safety of information.
Through the above description of the embodiments, those skilled in the art can be understood that each embodiment can Password authentication device 500 is realized by the mode of software plus general hardware platform, naturally it is also possible to pass through hardware realization.And And due to the design one of the design of password authentication device 500 and the server realization password authentification described in above-mentioned each embodiment Sample, in the case where content does not conflict mutually, the embodiment of password authentication device 500 can quote the content of above-mentioned each embodiment, This is not repeated.
As the another aspect of the embodiment of the present invention, the embodiment of the present invention provides a kind of method of password authentication, such as Figure 10 Shown, which includes:
Step 61 obtains password to be verified;
The reckoning digit of step 62, each random order for determining random number and each random order on default number axis;
Each random order and reckoning digit are all used to indicate user and calculate password to be verified;Specifically, each random order And it calculates that digit is all used to indicate user and calculates the password to be verified and includes:Each random order is used to indicate user default A default value equal with each random order is determined on number axis;Calculate that digit is used to indicate user and is with the default value Starting point, cycle is calculated to the correspondence password position of password to be verified on default number axis, and corresponding password position is on default number axis Bit value, which postpones, calculates the computation direction of digit, and the digit after natural number one is subtracted with default value interval reckoning digit.
In some embodiments, default number axis includes the number axis being made of natural number N, wherein natural number N is to appoint in 0-9 One natural number, and natural number N is default value.
In some embodiments, calculate that the computation direction of digit includes at least the positive computation direction on default number axis and bears Computation direction.Then, as shown in figure 11, step 62 includes:
Step 621 judges computation direction of each random order on default number axis;
If the computation direction of step 622, each random order on default number axis is positive computation direction, each random order is determined Reckoning digit on default number axis is positive reckoning digit;
If the computation direction of step 623, each random order on default number axis is negative computation direction, each random order is determined Reckoning digit on default number axis is negative reckoning digit.
8437 corresponding example of standard cipher position as described above, first password position of standard cipher is set as:With The 2nd of machine number calculates forward 5, can determine that reckoning digit of second random order on default number axis is negative reckoning position at this time It counts, is also " -2 ".In another example the second password position of standard cipher is set as:The 1st of random number calculates 3 backward, this When can determine reckoning digit of first random order on default number axis be it is positive calculate digit, be also "+3 ".
Step 63 calculates standard cipher according to each random order and reckoning digit;
Specifically, it calculates each password position of standard cipher according to verification formula, and by each password bit combination At standard cipher;
Wherein, the verification formula is:
A (n)={ RANDOM (n)+RULE (n)+10 } %10
A (n) indicates that n-th of password position of standard cipher, RANDOM (n) indicate the corresponding random order in n-th of password position, RULE (n) indicates the corresponding reckoning digit of computation direction of n-th of password position, it is positive calculate corresponding the reckonings range of digit including 0, 1,2,3,4,5, it bears and calculates that the corresponding reckoning range of digit indicates modulo operation including -5, -4, -3, -2, -1, %.
8437 corresponding example of standard cipher position as described above, computing module 53 calculate the process of standard cipher such as Under:
First password position of standard cipher:
A (1)={ RANDOM (1)+RULE (1)+10 } %10
Wherein, since first password position of standard cipher is set as:The 2nd of random number calculates forward 5 (to being pushed forward Bear at last), however, the second random order of random number " 1369 " be " 3 ", therefore RANDOM (1) be " 3 ", RULE (1) be "- 5 ", therefore:
A (1)=(3-5+10) %10;
Pass through modulo operation, A (1)=8;
It can similarly obtain, A (2)=4, A (3)=3, A (4)=7.
Step 64 determines verification result according to password to be verified and standard cipher.
Specifically, judging whether password to be verified is identical as the standard cipher, if identical, determination is proved to be successful;If no It is identical, determine authentication failed.
, can not also be identical since corresponding reckoning digit can be identical on default number axis for each random digit, and The random digit of each of random number can be identical, can not also be identical, therefore, when calculating password or standard cipher to be verified, Each password or standard cipher to be verified is dynamic change, and the process calculated is to be based on default number axis, however preset Number axis includes multiple and different default value, to make unauthorized person relatively be difficult to decrypt, even if unauthorized person pass through it is other non- Method means obtain different random number and password to be verified, not yet can simply infer encryption logic, therefore, which tests Card method can improve the safety of information.
Through the above description of the embodiments, those skilled in the art can be understood that each embodiment can Method of password authentication is realized by the mode of software plus general hardware platform, naturally it is also possible to pass through hardware realization.Also, by Password authentification is realized in the design of method of password authentication and the server described in above-mentioned each embodiment or password authentication device Design is the same, and in the case where content does not conflict mutually, the embodiment of method of password authentication can quote the content of above-mentioned each embodiment, This will not be repeated here.
In some embodiments, before executing step 62, which further includes:It is described detecting When random number is more than preset time, random number is regenerated;When detecting that the random number is less than preset time, determine random Number is effective.Effective random number can be used to verify password, and therefore, this measure can ensure the cryptosecurity of verification process Property.
As the another aspect of the embodiment of the present invention, the embodiment of the present invention provides a kind of electronic equipment, as shown in figure 12, should Electronic equipment 700 includes storage medium 71 and processor 72, processor 72 and storage medium 71 can by bus or other Mode connects, in Figure 12 for being connected by bus.The storage medium is as a kind of non-volatile computer readable storage medium Matter can be used for storing non-volatile software program, non-volatile computer executable program and module, such as embodiment of the present invention In the corresponding program instruction/module of method of password authentication.Processor 72 is stored in non-volatile in memory 71 by operation Property software program, instruction and module are realized to execute various function application and the data processing of method of password authentication The function of the modules of the method for password authentication of above method embodiment.
Storage medium 71 may include high-speed random access memory, can also include nonvolatile memory, such as extremely A few disk memory, flush memory device or other non-volatile solid state memory parts.In some embodiments, storage is situated between It includes the memory remotely located relative to processor 72 that matter 71 is optional, these remote memories can pass through network connection to locating Manage device 72.The example of above-mentioned network includes but not limited to internet, intranet, LAN, mobile radio communication and combinations thereof.
Described program instruction/module is stored in the memory 71, is held when by one or more of processors 72 When row, the method for password authentication in above-mentioned any means embodiment is executed, for example, executing the work(of each step described above Energy.
The embodiment of the present invention additionally provides a kind of nonvolatile computer storage media, the computer storage media storage There are computer executable instructions, which is executed by one or more processors, such as one in Figure 12 Processor 72 may make said one or multiple processors to can perform the method for password authentication in above-mentioned any means embodiment, For example, executing the method for password authentication in above-mentioned any means embodiment.
Device or apparatus embodiments described above be only schematical, illustrates as separating component wherein described Unit module may or may not be physically separated, and the component shown as modular unit can be or also may be used Not to be physical unit, you can be located at a place, or may be distributed on multiple network module units.It can basis It is actual to need that some or all of module therein is selected to achieve the purpose of the solution of this embodiment.
Through the above description of the embodiments, those skilled in the art can be understood that each embodiment can It is realized by the mode of software plus general hardware platform, naturally it is also possible to pass through hardware.Based on this understanding, above-mentioned technology Scheme substantially in other words can be expressed in the form of software products the part that the relevant technologies contribute, the computer Software product can store in a computer-readable storage medium, such as ROM/RAM, magnetic disc, CD, including some instructions to So that computer equipment (can be personal computer, server either network equipment etc.) execute each embodiment or Method described in certain parts of embodiment.
Finally it should be noted that:The above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;At this It under the thinking of invention, can also be combined between the technical characteristic in above example or different embodiment, step can be with It is realized with random order, and there are many other variations of different aspect present invention as described above, for simplicity, they do not have Have and is provided in details;Although the present invention is described in detail referring to the foregoing embodiments, the ordinary skill people of this field Member should understand that:It still can be with technical scheme described in the above embodiments is modified, or to which part skill Art feature carries out equivalent replacement;And these modifications or replacements, each reality of the application that it does not separate the essence of the corresponding technical solution Apply the range of a technical solution.

Claims (11)

1. a kind of method of password authentication, which is characterized in that including:
Obtain password to be verified;Determine the reckoning position of each random order and each random order of random number on default number axis Number, each random order and reckoning digit are used to indicate user and calculate the password to be verified;
According to each random order and calculate that digit calculates standard cipher;
Verification result is determined according to the password to be verified and standard cipher.
2. according to the method described in claim 1, it is characterized in that, each random order and reckoning digit are used to indicate user The password to be verified is calculated, including:
Each random order is used to indicate user and determines that one equal with each random order is preset on default number axis Numerical value;
The reckoning digit is used to indicate user using the default value as starting point, and cycle is calculated to described on default number axis The correspondence password position of password to be verified, bit value of the corresponding password position on default number axis, which postpones, described calculates pushing away for digit Direction is calculated, the digit after natural number one is subtracted with reckoning digit described in the default value interval.
3. according to the method described in claim 2, it is characterized in that, the default number axis includes the number axis being made of natural number N, Wherein, natural number N is any natural number in 0-9, and natural number N is default value.
4. according to the method described in claim 3, it is characterized in that, described calculate that the computation direction of digit is included in described preset Positive computation direction on number axis and negative computation direction.
5. according to the method described in claim 4, it is characterized in that, the determination each random order is on default number axis Calculate digit, including:
Judge computation direction of each random order on default number axis;
If computation direction of each random order on default number axis is positive computation direction, determine each random order pre- If the reckoning digit on number axis is positive reckoning digit;
If computation direction of each random order on default number axis is negative computation direction, determine each random order pre- If the reckoning digit on number axis is negative reckoning digit.
6. according to the method described in claim 5, it is characterized in that, described calculate according to each random order and reckoning digit Go out standard cipher, including:
According to verification formula, each password position of standard cipher is calculated;
Each password hyte is synthesized into the standard cipher;
Wherein, the verification formula is:
A (n)={ RANDOM (n)+RULE (n)+10 } %10
A (n) indicates that n-th of password position of standard cipher, RANDOM (n) indicate the corresponding random order in n-th of password position, RULE (n) indicate the corresponding reckoning digit of computation direction of n-th of password position, it is positive calculate corresponding the reckonings range of digit including 0,1,2, 3,4,5, it bears and calculates that the corresponding reckoning range of digit indicates modulo operation including -5, -4, -3, -2, -1, %.
7. method according to any one of claims 1 to 6, which is characterized in that in each random order for determining random number and Before reckoning digit of each random order on default number axis, the method further includes:
When detecting that the random number is more than preset time, random number is regenerated;
When detecting that the random number is less than preset time, determine that the random number is effective.
8. method according to any one of claims 1 to 6, which is characterized in that described according to the password to be verified and mark Quasi- password determines verification result, including:
Judge whether the password to be verified and the standard cipher are identical;
If identical, determination is proved to be successful;
If differing, authentication failed is determined.
9. a kind of password authentication device, which is characterized in that including:
Acquisition module, for obtaining password to be verified;
First determining module, the reckoning of each random order and each random order on default number axis for determining random number Digit, each random order and reckoning digit are used to indicate user and calculate the password to be verified;
Computing module, for calculating standard cipher according to each random order and reckoning digit;
Second determining module, for determining verification result according to the password to be verified and standard cipher.
10. a kind of server, which is characterized in that including:
At least one processor;And
The memory being connect at least one processor communication;Wherein, be stored with can be by described at least one for the memory The instruction that a processor executes, described instruction is executed by least one processor, so that at least one processor energy It is enough in execution such as claim 1 to 8 any one of them method of password authentication.
11. a kind of communication system, which is characterized in that including terminal and at least one server, at least one server with Terminal called;
The server includes:
At least one processor;And
The memory being connect at least one processor communication;Wherein, be stored with can be by described at least one for the memory The instruction that a processor executes, described instruction is executed by least one processor, so that at least one processor energy It is enough in execution such as claim 1 to 8 any one of them method of password authentication.
CN201710265319.0A 2017-04-21 2017-04-21 Password verification method and device, server and communication system Active CN108737346B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710265319.0A CN108737346B (en) 2017-04-21 2017-04-21 Password verification method and device, server and communication system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710265319.0A CN108737346B (en) 2017-04-21 2017-04-21 Password verification method and device, server and communication system

Publications (2)

Publication Number Publication Date
CN108737346A true CN108737346A (en) 2018-11-02
CN108737346B CN108737346B (en) 2020-06-19

Family

ID=63933881

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710265319.0A Active CN108737346B (en) 2017-04-21 2017-04-21 Password verification method and device, server and communication system

Country Status (1)

Country Link
CN (1) CN108737346B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111030819A (en) * 2020-02-18 2020-04-17 深圳新融典科技有限公司 Authentication method, system, terminal and storage medium based on encryption and decryption algorithm

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH11225140A (en) * 1998-02-05 1999-08-17 Nippon Telegr & Teleph Corp <Ntt> Data encryption device, decoder and its program recoding medium
CN1585936A (en) * 2002-09-12 2005-02-23 三菱电机株式会社 Authentication system, authentication device, terminal device, and authentication method
CN102202067A (en) * 2011-07-15 2011-09-28 席勇良 Dynamic random cipher registration method
CN104158665A (en) * 2014-08-25 2014-11-19 小米科技有限责任公司 Method and device of verification
CN106060027A (en) * 2016-05-25 2016-10-26 北京小米移动软件有限公司 Methods, devices, equipment and systems for verification based on verification codes

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH11225140A (en) * 1998-02-05 1999-08-17 Nippon Telegr & Teleph Corp <Ntt> Data encryption device, decoder and its program recoding medium
CN1585936A (en) * 2002-09-12 2005-02-23 三菱电机株式会社 Authentication system, authentication device, terminal device, and authentication method
CN102202067A (en) * 2011-07-15 2011-09-28 席勇良 Dynamic random cipher registration method
CN104158665A (en) * 2014-08-25 2014-11-19 小米科技有限责任公司 Method and device of verification
CN106060027A (en) * 2016-05-25 2016-10-26 北京小米移动软件有限公司 Methods, devices, equipment and systems for verification based on verification codes

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111030819A (en) * 2020-02-18 2020-04-17 深圳新融典科技有限公司 Authentication method, system, terminal and storage medium based on encryption and decryption algorithm

Also Published As

Publication number Publication date
CN108737346B (en) 2020-06-19

Similar Documents

Publication Publication Date Title
CN102158488B (en) Dynamic countersign generation method and device and authentication method and system
CN109598598A (en) Transaction processing method and device, electronic equipment based on block chain
CN107683489A (en) For performing the systems, devices and methods of cryptographic operation in trust performing environment
CN110086617A (en) For method and apparatus derived from the key based on image
JP7332087B2 (en) Systems and methods for signing transactions using air-gapped private keys
CN105868970B (en) authentication method and electronic equipment
CN103929425B (en) A kind of identity registration, identity authentication method, equipment and system
CN108241979A (en) More account book transfer account methods, electronic device and readable storage medium storing program for executing based on block chain
CN109688186A (en) Data interactive method, device, equipment and readable storage medium storing program for executing
CN110084604A (en) Transaction processing method and device, electronic equipment based on block chain
CN110378695A (en) Bank card payment method, device, equipment and computer storage medium
CN107358763A (en) A kind of method, apparatus and system of ATM checking identity
CN104935548B (en) Auth method, apparatus and system based on intelligent equipment of tatooing
CN109002733A (en) A kind of pair of equipment carries out the method and device of reliability evaluation
CN105844469A (en) Authority trusted secure system component
CN104486306B (en) Identity authentication method is carried out based on finger hand vein recognition and cloud service
CN111582935A (en) Block chain-based integral mutual identification method and system
US20130138571A1 (en) Systems and Protocols for Anonymous Mobile Payments with Personal Secure Devices
CN102685121B (en) A kind of digital signature method and device
CN104518871B (en) A kind of network platform and method of self-service certification movable storage device
CN111159685A (en) User account management method and device, intelligent device and storage medium
CN108737346A (en) A kind of method of password authentication and its device, server, communication system
CN107948177A (en) Verify the generation method and device of questionnaire
Scheir et al. Anonymous split e-cash—Toward mobile anonymous payments
CN108122108A (en) Mobile device authentication system and mobile equipment authentication method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant