CN1281025C - Password variable identification verification technique - Google Patents
Password variable identification verification technique Download PDFInfo
- Publication number
- CN1281025C CN1281025C CN 03156541 CN03156541A CN1281025C CN 1281025 C CN1281025 C CN 1281025C CN 03156541 CN03156541 CN 03156541 CN 03156541 A CN03156541 A CN 03156541A CN 1281025 C CN1281025 C CN 1281025C
- Authority
- CN
- China
- Prior art keywords
- user
- cryptographic algorithm
- password
- account
- keying
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The present invention relates to a user identity authentication technology with variable ciphers, which is applied to an information system and is different from a user identity authentication technology with traditional ciphers. In the technology, the ciphers for verifying user identities are variable; a cryptographic algorithm is defined by users and stored in a system server. When authenticating a user's identity, the user calculates and input the cipher for the time according to a cryptographic algorithm defined by the user. Each cipher can only be used for one time, and a new cipher which anyone can not foresee beforehand is used for every time. The formal definition and the memorization of the cryptographic algorithm as a secrecy core are very simple and are more easily memorized than the traditional ciphers. A memorized cryptographic algorithm can be applied to a plurality of secrecy accounts; the generated ciphers have various contents and very high confidentiality. When the cryptographic algorithm is in use, the cryptographic algorithm does not be transmitted on networks or exposed on sites where a user inputs the ciphers; thus, the defects that the user ciphers are forgotten, illegally stolen and deciphered are thoroughly overcome.
Description
[invention field]
The present invention relates to a kind of variable cipher encryption method that is used for subscriber authentication, be applicable to the password encryption of user profile account in the electronic information data handling system.
[technical background]
Along with popularizing rapidly of whole society's scope internal informationization, user cipher has become the important means of authentication, but traditional password does not have the function of variation automatically, when the user accesses to your password, always stay on-the-spot vestige, divulge a secret easily, as note the user and input the overall process of password or hold back down user's password information, just can decode user cipher, thereby pretend to be the user to login, user information safety is constituted grave danger.Present all kinds of fiscard, telecommunications card, service consumption card, software, instrumentation etc. and online all kinds of services all access to your password in a large number as the only resource of subscriber authentication, user cipher is revealed and is just meaned that the offender can invade user's various rights wantonly, uses the user to sustain a great loss.Reveal the case that causes because of password at present and significantly rise year by year, become a serious social concern.
In modern society, the shielded service item of nearly all needs is all removed identifying user identity by password, has caused the modern need remember a large amount of passwords.Password forgets or is stolen all be unfortunate concerning the user, often will suffer huge spirit and material damage, remember a large amount of passwords and prevent password revealed into the modern one greatly the burden.In order to remember password, it is simple more good more to make every effort to password, reveals in order to prevent password, will establish password more complicated, and often change.This is a pair of contradiction.
[summary of the invention]
Because there is great defective in existing cryptographic methods, the present invention is exactly the brand-new cryptographic methods of a cover that produces for addressing the above problem, password be at random, variable, can't predict in advance, also need not remember specially.Thereby thoroughly solved the memory difficult problem difficult and that easily reveal in the existing cryptosystem.
To achieve these goals, the variable cipher auth method that the present invention proposes is a kind of variable cipher encryption method that is applicable to user profile account in the electronic information data handling system, and its feature comprises the steps:
User account for oneself in system is provided with, stores a cryptographic algorithm Y=F (X) who is used for login account; The user can change the cryptographic algorithm rule F () that oneself is provided with at any time;
System provided a keying X when user asked login account;
The user is provided with, is stored in the cryptographic algorithm Y=F (X) in the system according to oneself, and the keying X that coupling system provides calculates the password Y of user when time login account, is input to this system then;
The cryptographic algorithm Y=F (X) that system is provided with, stores according to above-mentioned user, the keying X that coupling system provides calculates the user as time password Y1 of login this account;
The user is calculated the account password Y of back input in system and the account password Y1 of system oneself calculating compares, and passes through as the two identical then checking, allows user's login account, otherwise, the refusing user's login account.
In above-mentioned information account's variable cipher encryption method, described cryptographic algorithm Y=F (X) is an operational formula, it to keying X through variously describe, exercisable computing just obtains the required password Y of login account.
The described keying X of said method can be numeral, letter or other displayable any characters; It can be the plaintext random number that system provides; Can be a regular character string collection of user's appointment, as the date on the same day; Also can be that the user is pre-stored in an irregular character string collection in the system, the set of number of liking as oneself in advance; They can show or hide when the user logined.
The described cryptographic algorithm Y=F of said method (X) can be a kind of ordering rule that character contained among the described keying X is carried out, it can be the rule that character contained among the described keying X is carried out character replacement or insertion, can be the rule that contained numerical character among the described keying X is performed mathematical calculations, also can be the comprehensive use of above-mentioned rule.
As seen encryption method of the present invention makes the key of subscriber authentication change cryptographic algorithm into from password itself, and cryptographic algorithm is hidden in the system server of high safety guarantee, can't illegally obtain by all kinds of means, thereby has improved fail safe.
Adopt encryption method of the present invention can produce following useful effect.Because what be provided with in system, store is a kind of user-defined cryptographic algorithm clocklike, be simple and easy to note and be difficult for forgetting, as long as the user has remembered this algorithm, unnecessaryly remove to remember picture conventional cipher those complicated concrete numeral or other characters; Because the keying that system provides can be at random, although cryptographic algorithm is identical, the password of calculating in different time, different place is different, variable, can't obtain entering account's password with traditional password method of stealing; Because the cryptographic algorithm that is provided with in the system, stores even individual user's cryptographic algorithm is revealed, also can not cause revealing other users' cryptographic algorithm because of the user is different; User's cryptographic algorithm can notify relevant administrative staff to lock the account after revealing immediately, resets cryptographic algorithm then; Owing to setting, stored password algorithm in system, relatively simple simultaneously for system, do not need the electronic information data handling system is increased in addition the support of hardware device and large amount of complex software, do not increase the operating cost of system.Therefore, use variable cipher auth method of the present invention, not only technology is simple, and is safe and reliable, and cost is low.
[description of drawings]
The present invention will be described in detail below in conjunction with accompanying drawing and example.
Accompanying drawing 1 is the flow chart of variable cipher encryption method of the present invention.
[embodiment]
In Fig. 1, the user at first enters data handling system according to oneself user account number, for oneself account is provided with, stores a cryptographic algorithm Y=F (X) in system; When the user asked login account, system can provide a keying X for the user; The user, calculates a password Y and is input to system in conjunction with keying X according to the cryptographic algorithm Y=F (X) that is provided with in system; Simultaneously, system at the cryptographic algorithm Y=F (X) that system is provided with, in conjunction with keying X, also calculates a password Y1 according to the user; System compares these two passwords; As identical, then allow user's login account, otherwise the refusing user's login account.
Open an account with the bank with the user below and on information terminal, log on as example, illustrate of the present invention
Execution mode.
After the user opens an account with the bank, obtain a bank card account number, and for oneself bank card account number is provided with a cryptographic algorithm Y=F (X), rather than concrete, a constant password.In this course, bank can provide a cryptographic algorithm table to select the cryptographic algorithm of oneself likeing for use for the user, the user also can an own newly-built cryptographic algorithm, or in the cryptographic algorithm table of selecting bank to provide a certain cryptographic algorithm is made amendment as the account password algorithm of oneself, with its input computer system checking, just finished the setting that the account encrypts after the affirmation again.
For example, the user is own cryptographic algorithm of bank card setting: each bit digital of password=keying adds 1 (meet 10 get 0).When the user certain when market shopping is consumed, brushed card after, system provides a keying 349012, the user is according to the cryptographic algorithm of setting, the password that calculates should be 450123.If the user correctly inputs this password, then checking is passed through, and allows user's login account, otherwise the refusing user's login account.
Introduce the multiple example application of one group of cryptographic algorithm below.
1, to sort criteria rearrangement of contained character setting in the plaintext keying.
Cryptographic algorithm is defined as the part or all of character that password equals in the keying and decomposes, and rearranges the position then.If specifically be set to " inverted order arrangement ", if the keying that the user provided when asking to login is 123456, then the user ought the inferior password of logining be 654321.
2, mathematical operation condition of contained character setting in the plaintext keying is performed mathematical calculations.
Cryptographic algorithm is defined as the part or all of character that password equals in the keying and decomposes, and performs mathematical calculations then.If specifically be set to " the bits per inch word adds 5, and the result is more than or equal to getting units at 10 o'clock ", if the keying that the user provided when asking to login is 123456, then the user when time password of login be 678901.
3, contained character in the plaintext keying is replaced by certain condition.
Cryptographic algorithm is defined as each letter that password equals in the keying and gets back one (if last just gets first) in its alphabet, and capital and small letter exchanges (when promptly meeting with lowercase it is become capitalization, when running into capitalization it is become small letter).If the keying that the user provided when asking to login is aDjkDz, then the user ought the inferior password of logining be BeKLeA.
4, compound rule.
Also above-mentioned a plurality of cryptographic algorithms stacks can be used, be defined as the part or all of character that password equals in the keying as cryptographic algorithm and decompose, head and the tail two numerals are exchanged then, and other numeral adds 1, and the result is more than or equal to getting units at 10 o'clock.If the keying that the user provided when asking to login is 123456, then the user ought the inferior password of logining be 634561.
Because the plaintext keying that provides of terminal is at random, under the constant situation of cryptographic algorithm, password changes equally, so the user needn't worry the problem that password is stolen.
Above example all is system's plaintext keying providing with the machine situations, and keying can be numeral, letter or other displayable any characters, is presented at when the user asks login account and points out the user on the screen.The example that to introduce one group of keying more below be the ciphertext non-random numbers.
The user is defined as one group of set of digits clocklike with keying, the time on date as the same day, cryptographic algorithm is defined as: the head and the tail of form " MMDDHH " numerals is exchanged during the day moon on the same day, and the bits per inch word adds 3 respectively then, and the result is more than or equal to getting units at 10 o'clock.If it is " 16 o'clock on the 25th December " that the user asks time date on the same day of login account, then the password of calculating according to above-mentioned cryptographic algorithm should be " 955844 ".Like this, that the present invention can be applied to will be many not with the password input environment of screen, as digital keypad for the input mode of not display reminding sign indicating number provided by the invention.
Certainly; for the convenience of managing and using; system can make regulation to character kind, the character string length of the plaintext keying that provides; also can make some kind restriction and regulation simultaneously to the cryptographic algorithm that the user is provided with; even system only provides several cryptographic algorithms for user's selection, as long as this all protection that does not all influence the inventive method.
The variable cipher method is compared with the conventional cipher method, has increased the process of variable cipher computing, This wants occupying system resources to come the computing password. Expressly keying can be by the terminal of user's login account The local generation, then by communication software with user account number, keying, user's variable cipher together Send to the system centre server authentication, work as so a large amount of users and ask simultaneously login and ask close During the code checking, the terminal of user's login account has just been shared the pressure of server.
Claims (3)
1, a kind of variable cipher auth method is a kind of variable cipher encryption method that is applicable to user profile account in the electronic information data handling system, and its feature comprises the steps:
User account for oneself in system is provided with, stores a cryptographic algorithm Y=F (X) who is used for login account; The user can change the cryptographic algorithm rule F () that oneself is provided with at any time;
System provided a keying X when user asked login account;
The user is provided with, is stored in the cryptographic algorithm Y=F (X) in the system according to oneself, and the keying X that coupling system provides calculates the password Y of user when time login account, is input to this system then;
The cryptographic algorithm Y=F (X) that system is provided with, stores according to above-mentioned user, the keying X that coupling system provides calculates the user as time password Y1 of login this account;
The user is calculated the account password Y of back input in system and the account password Y1 of system oneself calculating compares, and passes through as the two identical then checking, allows user's login account; Otherwise, the refusing user's login account.
2, variable cipher auth method according to claim 1 is characterized in that: described keying X is the plaintext random number that system provides.
3, variable cipher auth method according to claim 1 is characterized in that: described keying X can be numeral, letter or other the displayable any characters that maybe can read.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 03156541 CN1281025C (en) | 2003-09-08 | 2003-09-08 | Password variable identification verification technique |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 03156541 CN1281025C (en) | 2003-09-08 | 2003-09-08 | Password variable identification verification technique |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1523809A CN1523809A (en) | 2004-08-25 |
| CN1281025C true CN1281025C (en) | 2006-10-18 |
Family
ID=34287109
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 03156541 Expired - Fee Related CN1281025C (en) | 2003-09-08 | 2003-09-08 | Password variable identification verification technique |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1281025C (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102291238A (en) * | 2011-07-29 | 2011-12-21 | 朱新泉 | Network user identity authentication method |
| CN104410494A (en) * | 2014-11-15 | 2015-03-11 | 韩素平 | A customizing pre-generating multi-password authentication system |
| CN105787318A (en) * | 2016-03-28 | 2016-07-20 | 宇龙计算机通信科技(深圳)有限公司 | User domain access method and device as well as mobile terminal |
Families Citing this family (20)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| GB2434472A (en) * | 2005-12-01 | 2007-07-25 | Jonathan Geoffrey Milt Craymer | Verification using one-time transaction codes |
| CN102024289A (en) * | 2009-09-11 | 2011-04-20 | 中国银联股份有限公司 | Method for acquiring passwords of intelligent card safely |
| CN102194278B (en) * | 2010-03-11 | 2015-11-25 | 张友利 | Based on the login validation method of information loaded on hardware |
| CN101944914A (en) * | 2010-09-19 | 2011-01-12 | 刘继峰 | Method for dynamic combination of account numbers and passwords |
| CN102469068A (en) * | 2010-11-05 | 2012-05-23 | 王昭东 | Intelligent code management system |
| CN102202067B (en) * | 2011-07-15 | 2016-06-08 | 席勇良 | Dynamic random cipher registration method |
| CN102594561A (en) * | 2012-02-10 | 2012-07-18 | 济南二机床集团有限公司 | Password changing type encryption method of numerical control system access rights |
| CN102881079B (en) * | 2012-08-28 | 2015-04-22 | 汪风珍 | Trampled multi-password early-warning type different card controllable bank card |
| CN103685164A (en) * | 2012-09-05 | 2014-03-26 | 国际商业机器公司 | Method for dynamically providing algorithm password for cross-examination authentication as well as computer device |
| CN103679935A (en) * | 2013-05-01 | 2014-03-26 | 汪风珍 | Keyword formed by synthesis through terminal |
| CN103714626B (en) * | 2013-05-01 | 2017-09-08 | 汪风珍 | Many password early warning types can different card control bank card |
| CN105100035A (en) * | 2014-05-23 | 2015-11-25 | 国网山西省电力公司电力科学研究院 | Method and system for setting password |
| CN105450415B (en) * | 2014-08-28 | 2019-06-14 | 阿里巴巴集团控股有限公司 | Safe checking method and equipment |
| CN105812135A (en) * | 2014-12-30 | 2016-07-27 | 中国移动通信集团公司 | Dynamic password authentication method and system |
| CN105516126B (en) * | 2015-12-04 | 2019-07-23 | 上海斐讯数据通信技术有限公司 | A kind of page end generates the system and method for simple password |
| CN107733650A (en) * | 2016-08-11 | 2018-02-23 | 中国二十冶集团有限公司 | The dynamic setting method of account password |
| CN106254068A (en) * | 2016-08-18 | 2016-12-21 | 张晓辉 | The generation of pure software dynamic password and verification method thereof |
| CN109886048B (en) * | 2019-02-12 | 2023-01-13 | 苏州超块链信息科技有限公司 | Data consistency protection method based on cryptology difficulty accumulation |
| CN110321680B (en) * | 2019-06-26 | 2021-06-04 | 维沃移动通信有限公司 | Identity verification method and terminal equipment |
| CN112966238B (en) * | 2021-03-09 | 2023-06-06 | 西安邮电大学 | Identity authentication method based on Chinese characters |
-
2003
- 2003-09-08 CN CN 03156541 patent/CN1281025C/en not_active Expired - Fee Related
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102291238A (en) * | 2011-07-29 | 2011-12-21 | 朱新泉 | Network user identity authentication method |
| CN104410494A (en) * | 2014-11-15 | 2015-03-11 | 韩素平 | A customizing pre-generating multi-password authentication system |
| CN105787318A (en) * | 2016-03-28 | 2016-07-20 | 宇龙计算机通信科技(深圳)有限公司 | User domain access method and device as well as mobile terminal |
| CN105787318B (en) * | 2016-03-28 | 2018-09-14 | 宇龙计算机通信科技(深圳)有限公司 | Access method, access mechanism and the mobile terminal of user domain |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1523809A (en) | 2004-08-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1281025C (en) | Password variable identification verification technique | |
| US9514330B2 (en) | Meta-complete data storage | |
| US9208491B2 (en) | Format-preserving cryptographic systems | |
| EP2301185B1 (en) | Format-preserving cryptographic systems | |
| CN100432889C (en) | System and method providing disconnected authentication | |
| US20170149565A9 (en) | Format-preserving cryptographic systems | |
| CN113472774B (en) | Account login-free method, system, device and computer readable storage medium | |
| EP2037389A1 (en) | An electronic file protection system having one or more removeable memory devices | |
| CN107040520A (en) | A kind of cloud computing data-sharing systems and method | |
| CN101877636A (en) | Equation password encryption method | |
| EP2037392A1 (en) | A system and method of protecting content of an electronic file using a computer | |
| Lamba | A Detailed Analysis of Data Security in a cloud Environment | |
| GB2479074A (en) | A key server selects policy rules to apply to a key request based on an identifier included in the request | |
| WO2009023421A2 (en) | System and method of generating and providing a set of randomly selected substitute characters in place of a user entered key phrase | |
| US11502840B2 (en) | Password management system and method | |
| EP2037390A1 (en) | System and method of protecting content of an electronic file for sending and receiving | |
| EP2037391A1 (en) | A portable electronic file protection system | |
| CN111859423A (en) | Information security encryption method and device | |
| Schroeder | Pad and Chaff: secure approximate string matching in private record linkage | |
| CN114978620B (en) | Encryption method and decryption method for identity identification number | |
| Surbakti et al. | Rivest Shamir Adleman (RSA) Hybrid Algorithm System and the deep Blum Blum Shub (BBS) Algorithm Securing E-Absence Database Files | |
| Pawar et al. | Enhancement of Data Leakage Detection Using Encryption Technique | |
| Majumder et al. | A New Advanced User Authentication and Confidentiality Security Service | |
| CN115694800A (en) | Data processing method, device, server and storage medium | |
| CN117333976A (en) | Cartoon-free running method and management system based on dynamic password |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| ASS | Succession or assignment of patent right |
Owner name: SHENZHEN JINGDU TIANXIA TECHNOLOGY CO., LTD. Free format text: FORMER OWNER: ZHAO ZHONGHUA Effective date: 20101130 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 518112 13C, BUILDING 2, LONGZHU GARDEN, BUJI, LONGGANG DISTRICT, SHENZHEN CITY, GUANGDONG PROVINCE TO: 518040 25D, SHIJI HAOTING, SOUTH OF SHENNAN AVENUE, CHE KUNG TEMPLE, FUTIAN DISTRICT, SHENZHEN CITY, GUANGDONG PROVINCE |
|
| TR01 | Transfer of patent right |
Effective date of registration: 20101130 Address after: 518040 Guangdong city of Shenzhen province Futian District Che Kung Temple Shennan Avenue South century villa 25D Patentee after: Shenzhen precision world science and Technology Co., Ltd. Address before: 2 13C, 518112 dragon pearl garden, Longgang District, Guangdong, Shenzhen, Buji Patentee before: Zhao Zhonghua |
|
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20061018 Termination date: 20120908 |