KR101039010B1 - Apparatus and method for user authentication using random keypad - Google Patents

Apparatus and method for user authentication using random keypad Download PDF

Info

Publication number
KR101039010B1
KR101039010B1 KR1020100048459A KR20100048459A KR101039010B1 KR 101039010 B1 KR101039010 B1 KR 101039010B1 KR 1020100048459 A KR1020100048459 A KR 1020100048459A KR 20100048459 A KR20100048459 A KR 20100048459A KR 101039010 B1 KR101039010 B1 KR 101039010B1
Authority
KR
South Korea
Prior art keywords
keypad
partial
control signal
arrangement
password
Prior art date
Application number
KR1020100048459A
Other languages
Korean (ko)
Inventor
김익수
Original Assignee
숭실대학교산학협력단
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 숭실대학교산학협력단 filed Critical 숭실대학교산학협력단
Priority to KR1020100048459A priority Critical patent/KR101039010B1/en
Application granted granted Critical
Publication of KR101039010B1 publication Critical patent/KR101039010B1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/83Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/03Arrangements for converting the position or the displacement of a member into a coded form
    • G06F3/041Digitisers, e.g. for touch screens or touch pads, characterised by the transducing means
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/048Interaction techniques based on graphical user interfaces [GUI]
    • G06F3/0487Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser
    • G06F3/0488Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser using a touch-screen or digitiser, e.g. input of commands through traced gestures
    • G06F3/04886Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser using a touch-screen or digitiser, e.g. input of commands through traced gestures by partitioning the display area of the touch-screen or the surface of the digitising tablet into independently controllable areas, e.g. virtual keyboards or menus
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/14Digital output to display device ; Cooperation and interconnection of the display device with other functional units

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Human Computer Interaction (AREA)
  • Software Systems (AREA)
  • User Interface Of Digital Computer (AREA)
  • Telephone Function (AREA)

Abstract

Disclosed are a user authentication apparatus and method using a random keypad. The keypad output unit outputs a keypad composed of a plurality of keys on the screen of the touch display device. The partial keypad output unit generates and outputs a partial keypad composed of a preset number of keys selected from the keys constituting the keypad by the input control signal. The authentication unit outputs a control signal to the partial keypad output unit when the input arrangement does not match the arrangement of the previously stored password according to the sequential touch operation on the point corresponding to each key of the keypad displayed on the screen. According to a sequential touch operation on a point corresponding to each key of the partial keypad output to the control panel, a control signal is repeatedly output in response to each touch operation until the input arrangement matches the arrangement of the password. According to the present invention, by using a partial keypad using only a partial configuration of the keypad for user authentication, it is possible to delay the time to find out the password with a brute force attack compared to the case of using a keypad or a modified keypad.

Description

Apparatus and method for user authentication using random keypad}

The present invention relates to an apparatus and method for authenticating a user by a random keypad, and more particularly, to an apparatus and method for authenticating a user by receiving a password from a user by randomly arranging numeric keys constituting the keypad.

A method of receiving a password by outputting an array of numeric keys on a screen implemented as a touch pad and touching each numeric key is applied to a smart phone, a door lock, and a financial automation device without a keypad or a mouse. At this time, an unjust user may find and steal the right user's password through a brute force attack. As a way to prevent such password theft, financial automation equipment monitors users in real time using its own CCTV, and stops providing services when an incorrect password is input for a predetermined number of times. In addition, in the case of the door lock, the length of the password to be set to long, and in recent years has been provided with the electronic key function.

However, in the case of a smartphone, a biometric method such as fingerprint recognition or iris recognition has been proposed as a method of supplementing a password for authenticating a legitimate user, but such a biometric method has a low recognition rate and a high frequency of use. This may cause inconvenience to the user. Further, when the biometric device is provided in the smart phone, the price of the smart phone becomes expensive, which makes it difficult to commercialize.

In order to make it difficult for an illegal user to find out a password by a brute force attack, a method of randomly arranging numeric keys and modifying the random arrangement of numeric keys whenever a number is input has been proposed. However, every time a new keypad is displayed on the screen, all numeric keys are included. Therefore, there is a limit to delaying indiscriminate attacks by unjust users.

The technical problem to be achieved by the present invention, by using a touch-type keypad to increase the time it takes an invalid user to find out the password through a brute force attack random keypad that can protect the privacy of legitimate users and minimize damage The present invention provides an apparatus and a method for authenticating a user.

Another technical problem to be achieved by the present invention is to increase the time required for an invalid user to find a password through a brute force attack using a touch-type keypad to protect the personal information of the legitimate user and to minimize the damage The present invention provides a computer-readable recording medium having recorded thereon a program for executing a user authentication method using a keypad.

In order to achieve the above technical problem, a user authentication device using a random keypad according to the present invention, the keypad output unit for outputting a keypad consisting of a plurality of keys on the screen of the touch display device; A partial keypad output unit configured to generate and output a partial keypad including a preset number of keys selected from the keys constituting the keypad according to an input control signal; And outputting the control signal to the partial keypad output unit if the input arrangement does not match the arrangement of the previously stored password according to a sequential touch operation on a point corresponding to each key of the keypad displayed on the screen. And the control signal repeatedly corresponding to each touch operation until the input arrangement matches the arrangement of the password according to a sequential touch operation on a point corresponding to each key of the partial keypad output on the screen. It is provided with an authentication unit for outputting.

According to an aspect of the present invention, there is provided a user authentication method using a random keypad, the method comprising: (a) outputting a keypad consisting of a plurality of keys on a screen of a touch display device; (b) outputting a control signal if the input arrangement does not match the arrangement of passwords stored in advance according to a sequential touch operation on a point corresponding to each key of the keypad displayed on the screen; (c) generating and outputting a partial keypad composed of a preset number of keys selected from the keys constituting the keypad according to the control signal; And (d) outputting the control signal if the inputted arrangement does not match the arrangement of the password according to a sequential touch operation on a point corresponding to each key constituting the partial keypad displayed on the screen. In addition, the step (c) is repeatedly performed in response to the touch operation for a point corresponding to each key of the partial keypad output on the screen.

According to an apparatus and method for authenticating a user by a random keypad according to the present invention, by using a partial keypad using only a partial configuration of a keypad for user authentication, a password is used as a brute force attack compared to a case where a general keypad or an array of modified keypads is used. It can delay the time to find out. In addition, by using the partial keypad when a wrong password is input more than a certain number of times through a common keypad, a legitimate user can quickly perform an authentication process even when a wrong password is input by mistake.

1 is a block diagram showing the configuration of a preferred embodiment of a user authentication device using a random keypad according to the present invention;
2 is a view showing an example of a keypad that is output on the screen by the keypad output unit;
3 is a view showing the configuration of a random keypad used in the past,
4 is a diagram illustrating an example of a partial keypad output by the partial keypad output unit;
5 is a diagram illustrating an example of a partial keypad newly output by a touch operation on a function key;
6 is a diagram illustrating an example of a newly generated partial keypad corresponding to a touch operation;
7 shows a partial keypad including only function keys;
8 illustrates a partial keypad generated to receive a third number of a password, and
9 is a flowchart illustrating a preferred embodiment of a method for authenticating a user by a random keypad according to the present invention.

Hereinafter, with reference to the accompanying drawings will be described in detail a preferred embodiment of the user authentication device and method by a random keypad according to the present invention.

1 is a block diagram showing the configuration of a preferred embodiment of a user authentication device using a random keypad according to the present invention.

Referring to FIG. 1, the apparatus for authenticating a user by a random keypad according to the present invention includes a keypad output unit 110, a partial keypad output unit 120, and an authentication unit 130. As a representative embodiment, the user authentication device according to the present invention is implemented in a smart phone with a touch display can be used to unlock the lock state by receiving a password from a legitimate user when the smart phone is set to the locked state .

The keypad output unit 110 outputs a keypad composed of a plurality of keys on the screen of the touch display device. The configuration of the keypad output on the screen is generally the same as the configuration of the keypad output on the screen in the touch type display. In addition, depending on the password setting method, a keypad consisting of only numeric keys or letter keys may be used, or a keypad having the same configuration as that of a computer keyboard may be used.

2 is a diagram illustrating an example of a keypad displayed on the screen by the keypad output unit 110. Referring to FIG. 2, a keypad initially displayed on a screen for user authentication consists of ten numeric keys each assigned a number from 0 to 9. In addition, the arrangement of each numeric key is the same as the arrangement of buttons used in ordinary telephones. Therefore, the user may sequentially touch each of the numeric keys assigned with numbers corresponding to the numeric array of passwords in the same manner as when entering a password in a general mobile phone in order to unlock the smartphone. On the other hand, if the password consists of only letters or a mixture of letters and numbers, the keypad output unit 110 outputs on the screen may have the same configuration as the key arrangement of the computer keyboard.

If an input array, for example, a numeric array, a character array, or a mixture of numbers and letters matches a previously stored password according to a sequential touch action on a point corresponding to each numeric key on the keypad displayed on the screen, The user authentication device according to the present invention ends the authentication process, the smartphone is released in the locked state. However, if the input arrangement does not match the password, the user authentication apparatus according to the present invention uses a keypad of a complicated configuration instead of a keypad of a simple configuration to switch to an authentication method that requires a lot of effort and time.

For the newly used authentication method, the partial keypad output unit 120 generates and outputs a partial keypad composed of a preset number of keys selected from the keys constituting the keypad by the input control signal.

When the correct password is not input through the keypad displayed on the screen by the keypad output unit 110, the authenticator 130 performs a function of generating the partial keypad and outputting the partial keypad to the screen. That is, the authenticator 130 outputs a control signal to the partial keypad output unit 120 by outputting a control signal to the partial keypad output unit 120 when the input sequence does not match the arrangement of the password according to the sequential touch operation on the keypad displayed on the screen. Allow 120 to operate.

In this case, since a legitimate user may accidentally input an incorrect password, the authentication unit 130 sets a reference number so that the partial keypad output unit 120 when the number of times the wrong password is input through the keypad exceeds the reference number. Can output a control signal. In addition, when the control signal is output from the authenticator 130 and the user authentication mode is switched to the method using the partial keypad, the partial keypad output unit 120 repeatedly generates and outputs the partial keypad until a correct password is input.

As previously mentioned, the random keypad used to make a brute-force attack difficult has the same configuration as a general keypad, but only the arrangement of keys is transformed from the general order. 3 illustrates a configuration of a random keypad that has been used in the past. However, as shown in FIG. 3, the keypad in which only the arrangement of the keys is modified includes virtually all the keys constituting the general keypad, thereby limiting an indiscriminate attack of an unjust user. However, the partial keypad generated by the partial keypad output unit 120 of the user authentication apparatus according to the present invention includes only a partial configuration of the keypad output by the keypad output unit 110, thereby significantly delaying an indiscriminate attack by an unjust user. Can be. Hereinafter, the operation and performance of the user authentication device according to the present invention will be described through specific embodiments.

The embodiment of the present invention described below describes a case in which the keypad and the partial keypad are composed only of numeric keys, and accordingly, the preset password is also composed of only numbers between 0 and 9. However, the keypad and the partial keypad output by the user authentication apparatus according to the present invention may have a configuration including both numeric keys and character keys as described above, without being limited thereto.

As described above, the authentication unit 130 outputs a control signal to the partial keypad output unit 120 when the number of times the wrong password is input through the keypad output by the keypad output unit 110 exceeds the reference number. The keypad output unit 120 generates and outputs a partial keypad composed of some numeric keys selected from the numeric keys constituting the keypad. 4 is a diagram illustrating an example of a partial keypad output by the partial keypad output unit 120.

Referring to FIG. 4, the partial keypad includes three numeric keys 3, 4, 5, 8, and 9 selected from among the numeric keys 0 through 9 constituting the keypad. In addition, the arrangement of each numeric key is assigned to any position of the keypad as shown in FIG. As such, the partial keypad output unit 120 randomly selects a predetermined number of keys from among the keys constituting the keypad to generate the partial keypad, and when keys are output to the screen, each key is arranged at an arbitrary position.

In addition, the partial keypad output unit 120 may use a random function to generate a partial keypad. That is, the numbers from 0 to 9 assigned to each key constituting the keypad by the random function are arranged in a random order, and the partial keypad output unit 120 is set in advance among the numbers arranged in this order. Configure the partial keypad by selecting a number of numbers. In the case shown in Fig. 4, the top five numbers are selected to form a partial keypad.

If there is a numeric key corresponding to the first digit of the previously stored password among the numeric keys constituting the partial keypad displayed on the screen as shown in FIG. 4, a legitimate user can continue the subsequent authentication process by touching the corresponding numeric key. Can be. However, if the numeric key corresponding to the first digit of the password is not included in the currently displayed partial keypad, the user cannot touch the corresponding numeric key for the right user, and the wrong number key for the invalid user. . For example, if the preset and stored password is '6549', since the partial keypad of FIG. 4 does not include a numeric key assigned with '6', even a legitimate user cannot touch a desired numeric key.

The partial keypad output unit 120 may further include a function key when generating the partial keypad so that a user can be authenticated by touching a desired numeric key. The function key is a key labeled 'Next' located at the lower left of the partial keypad illustrated in FIG. 4. On the other hand, the key labeled 'Del' located at the bottom right of the partial keypad is for deleting the number entered immediately before the user completes the password by entering a plurality of numbers sequentially.

When a touch operation for a function key occurs in the partial keypad displayed on the screen, the authentication unit 130 outputs a control signal to the partial keypad output unit 120, and the partial keypad output unit 120 receives a control signal and receives a new signal. Create a partial keypad and display it on the screen. At this time, the method of creating a new partial keypad is the same as described above. 5 is a diagram illustrating an example of a partial keypad newly output by a touch operation on a function key. Referring to FIG. 5, a new partial keypad having a configuration different from that of the partial keypad illustrated in FIG. 4 is generated, and it can be seen that a numeric key assigned with '6', which is the first number of the password, is included.

When a touch action occurs on a point corresponding to the number key corresponding to '6' on the screen, '6', which is the first number of the array input according to the touch action, is input, and the authentication unit 130 outputs the partial keypad again. The control unit 120 outputs a control signal. That is, the authentication unit 130 repeatedly outputs a control signal so that a new partial keypad is output whenever a touch operation on the partial keypad occurs. Therefore, when using the partial keypad compared to the case of entering the password using the keypad output by the keypad output unit 110 takes a lot of time to enter the password.

FIG. 6 is a diagram illustrating an example of a partial keypad newly generated in response to a touch operation, and a new partial keypad having a configuration different from that of the partial keypad of FIG. 5 is output. The second number of the preset password is '5', and the partial keypad of FIG. 6 includes a numeric key assigned with '5'. The legitimate user inputs the second number of the numeric array for user authentication by touching the numeric key corresponding to '5'. At this time, since the authentication method is switched to the method using the partial keypad, since two touch operations with respect to the partial keypad have occurred, the authenticator 130 outputs a new type of control signal to the partial keypad output unit 120.

Specifically, the authentication unit 130 outputs a control signal for generating a partial keypad including only function keys except for numeric keys after outputting a control signal for outputting the partial keypad a preset number of times. In the above-described embodiment, the authentication unit 130 outputs a control signal for outputting the partial keypad twice and then outputs a new control signal. The partial keypad output unit 120 generates and outputs a partial keypad including only 'Next' and 'Del' keys in the partial keypad previously output in response to the control signal. 7 is a diagram illustrating a partial keypad including only function keys.

In this way, when the user performs a preset number of touch operations using the partial keypad newly output each time, only the partial keypad which does not include the keys assigned with the numbers or letters constituting the password is output and the user must select 'Next'. 'Touching the key can delay the authentication process. This has the effect of prolonging the time it takes to find out a password if an invalid user accidentally enters the correct password in sequence.

When a touch operation on the 'Next' key occurs, the authentication unit 130 outputs a control signal, and the partial keypad output unit 120 generates and outputs a partial keypad including a numeric key. 8 illustrates a partial keypad generated to receive a third number of a password. However, the third number of the password is '4', and the partial keypad shown in FIG. 8 does not include a numeric key assigned with '4'. Therefore, the user repeats the same process as described above to proceed with the remaining authentication process.

If the legitimate user uses the same method as described above to sequentially input the numeric array matches the numeric array of the password, the authentication process is terminated and the smartphone is unlocked so that the user can use the smartphone. However, when an unjust user performs a brute force attack to find out a password, an incorrect numeric key is touched. The authentication unit 130 repeatedly outputs a control signal whenever a touch operation on the partial keypad occurs. The new partial keypad is outputted while the partial keypad is output by outputting a control signal for the partial keypad output even when the numeric sequence inputted by the touch operation on the newly outputted partial keypad does not match the numeric sequence of the password. Ensure that the authentication method using is not terminated until the correct password is entered. Therefore, the indiscriminate attack of the unjust user is significantly delayed due to the use of the partial keypad which includes only a part of the numeric keys.

Meanwhile, in order to further delay the time required for an indiscriminate attack of an unjust user, the authentication unit 130 imposes a penalty whenever the number array input in the authentication method using the partial keypad does not match the number array of the password. Can be used. That is, if the arrangement input according to the touch operation on the newly repeated partial keypad does not match the password, the authentication unit 130 does not immediately output the control signal, and after the time according to the penalty value elapses, the control signal is output. Output so that the partial keypad is displayed on the screen. Therefore, if the wrong password is entered in the authentication mode using the partial keypad, a new partial keypad is output for re-entering the password after a certain period of time, so that it takes time to find out the password in case of an illegal user using a brute force attack. This will increase significantly.

9 is a flowchart illustrating a preferred embodiment of a method for authenticating a user by a random keypad according to the present invention. In addition, the flowchart of FIG. 9 illustrates a case in which the keypad and the partial keypad consist only of numeric keys, and the password also includes only numerals.

9, the keypad output unit 110 outputs a keypad consisting of a plurality of numeric keys on the screen of the touch display device (S1010). The authentication process is terminated when the arrangement of the input numbers matches the arrangement of the numbers constituting the preset password according to the touch operation on each numeric key constituting the keypad displayed on the screen. However, if the input number arrangement does not match the arrangement of numbers constituting the password (S1020), the authentication unit 130 outputs a control signal to the partial keypad output unit 120 to switch the authentication scheme.

The partial keypad output unit 120 generates a partial keypad composed of a preset number of numeric keys selected from the numeric keys constituting the keypad and outputs the partial keypad on the screen (S1030). If the currently input number corresponds to the last number of the password (S1050), it is determined whether the number array input by the sequential touch operation on the partial keypad matches the number array of the preset password (S1060), If the numeric arrays match, the authentication process is terminated because the user is considered a legitimate user.

However, when the number of numbers input by the user's touch operation is smaller than the number of numbers constituting the password or when the number array finally input does not match the number array of the password, the authentication process cannot be completed. Therefore, the authentication unit 130 outputs a control signal so that the partial keypad output unit 120 generates and outputs a new partial keypad.

Experiments were conducted to evaluate the performance of the present invention. First, if a four-digit password is entered using a general keypad as shown in FIG. 2, an illegal user must repeatedly enter a number from 0000 to 9999 in order to find out the password through a brute force attack. Attempt is made. The time required for a total of 10,000 attack attempts depends on the touch response speed of the terminal and the input speed of the user. For example, assuming that the time required for four touch operations and the response time of the corresponding terminal are both 2 seconds, the time required for the password input attempt is 10000 × 2 seconds, that is, 5.56 hours.

As a result of performing 100 times of entering numbers from 0000 to 0099 through actual experiments, it took about 211 seconds and assuming that the same speed was maintained during 10,000 password inputs, it took about 5.86 hours. have. Therefore, it can be seen that the time taken by an invalid user who has acquired the terminal to find out the password is about 2.93 hours on average, which is not enough time for a legitimate user who has lost the terminal to recognize the loss.

On the other hand, as a result of measuring the time it takes to enter a password from 0000 to 0099 by using a random keypad as shown in Figure 3, it took about 648 seconds on average, if the speed is maintained, the time required to enter 10000 times Can be estimated to be about 18 hours. Therefore, it can be predicted that it takes an average of about 9 hours for an invalid user to find out the password, and the time required for obtaining the password is increased, but not enough time, compared to using a normal keypad.

On the other hand, as a result of experimenting with the user authentication apparatus according to the present invention, the average of 1037 seconds was required for 100 inputs, and thus, it is expected that approximately 28.81 hours are required for 10000 inputs. As a result, it takes an average of 14.4 hours for an invalid user to find out the password, and when using the user authentication apparatus according to the present invention, the time required for an invalid user to find out the password is significantly delayed. It can be seen that.

In addition, the experiment was conducted by imposing a penalty when a wrong password is input so that a partial keypad is output after a certain time has elapsed. In this case, the standard number of times of switching to the method of using the partial keypad after the wrong password was input using the general keypad was set to 5 times and the time according to the penalty was set to 25 seconds. As a result of the experiment, the time required for entering the password 5000 times is (2.11 × 5) + ((10.37 + 25) × 4995) seconds, that is, about 49 hours. This would be enough time for a legitimate user to recognize the loss of the smartphone and then take action on it.

The present invention can also be embodied as computer-readable codes on a computer-readable recording medium. The computer-readable recording medium includes all kinds of recording devices in which data that can be read by a computer system is stored. Examples of the computer-readable recording medium include a ROM, a RAM, a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like, and may be implemented in the form of a carrier wave (for example, transmission via the Internet) . The computer readable recording medium can also be distributed over network coupled computer systems so that the computer readable code is stored and executed in a distributed fashion.

Although the preferred embodiments of the present invention have been shown and described above, the present invention is not limited to the specific preferred embodiments described above, and the present invention belongs to the present invention without departing from the gist of the present invention as claimed in the claims. Various modifications can be made by those skilled in the art, and such changes are within the scope of the claims.

110-keypad output
120-partial keypad output
130-Certification

Claims (13)

A keypad output unit configured to output a keypad composed of a plurality of keys on a screen of the touch display device;
A partial keypad output unit configured to generate and output a partial keypad including a preset number of keys selected from the keys constituting the keypad according to an input control signal; And
Outputting the control signal to the partial keypad output unit if the input arrangement does not match the arrangement of the previously stored password according to a sequential touch operation on a point corresponding to each key of the keypad displayed on the screen; According to a sequential touch operation on a point corresponding to each key of the partial keypad output on the screen, the control signal is repeatedly applied in response to each touch operation until the input arrangement matches the arrangement of the password. User authentication apparatus by a random keypad comprising a; authentication unit for outputting. The method of claim 1,
The authentication unit outputs the control signal when the number of times that the input arrangement does not match the arrangement of the previously stored password exceeds a preset reference number according to a sequential touch operation on a point corresponding to each key of the keypad. User authentication device by a random keypad, characterized in that. 3. The method according to claim 1 or 2,
The partial keypad output unit randomly arranges the letters or numbers assigned to the keys constituting the keypad by a random function, and then selects a predetermined number of letters or numbers in order to generate the partial keypads. User authentication device by keypad. 3. The method according to claim 1 or 2,
The partial keypad further includes a function key,
And the control unit outputs the control signal to the partial keypad output unit when a touch operation on the function key occurs. The method of claim 4, wherein
And the authentication unit outputs a control signal for outputting the partial keypad a predetermined number of times, and then outputs a control signal for generating a partial keypad including only the function key to the partial keypad output unit. User authentication device by. 3. The method according to claim 1 or 2,
The authentication unit randomly outputs the control signal after a preset reference time elapses if the input sequence does not match the sequence of the password according to the sequential touch operation on the partial keypad repeatedly output. User authentication device by keypad. (a) outputting a keypad composed of a plurality of keys on a screen of the touch display device;
(b) outputting a control signal if the input arrangement does not match the arrangement of passwords stored in advance according to a sequential touch operation on a point corresponding to each key of the keypad displayed on the screen;
(c) generating and outputting a partial keypad composed of a preset number of keys selected from the keys constituting the keypad according to the control signal; And
(d) outputting the control signal if the inputted arrangement does not match the arrangement of the password according to a sequential touch operation on a point corresponding to each key constituting the partial keypad displayed on the screen; ,
Step (c) is a user authentication method using a random keypad, characterized in that it is repeatedly performed in response to the touch operation for the point corresponding to each key of the partial keypad output on the screen. The method of claim 7, wherein
In the step (b), if the number of times that the input arrangement does not match the arrangement of the previously stored password according to the sequential touch operation on the point corresponding to each key of the keypad exceeds the preset reference number User authentication method using a random keypad, characterized in that for outputting a control signal. The method according to claim 7 or 8,
In the step (c), after the letters or numbers assigned to the keys constituting the keypad are arranged by a random function, the partial keypad is generated by selecting a predetermined number of letters or numbers in order. User authentication method by using a random keypad. The method according to claim 7 or 8,
The partial keypad further includes a function key,
And (c) the step of performing a touch operation on the function key. The method of claim 10,
And generating and outputting a partial keypad including only the function key after step (c) is performed a predetermined number of times. The method according to claim 7 or 8,
In the step (d), if the inputted arrangement does not coincide with the arrangement of the password according to a sequential touch operation on the partial keypad repeatedly outputted, the control signal is output after a preset reference time elapses. User authentication method using a random keypad characterized in that. A computer-readable recording medium storing a program for executing a user authentication method using a random keypad according to claim 7 or 8 on a computer.
KR1020100048459A 2010-05-25 2010-05-25 Apparatus and method for user authentication using random keypad KR101039010B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020100048459A KR101039010B1 (en) 2010-05-25 2010-05-25 Apparatus and method for user authentication using random keypad

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020100048459A KR101039010B1 (en) 2010-05-25 2010-05-25 Apparatus and method for user authentication using random keypad

Publications (1)

Publication Number Publication Date
KR101039010B1 true KR101039010B1 (en) 2011-06-03

Family

ID=44405003

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020100048459A KR101039010B1 (en) 2010-05-25 2010-05-25 Apparatus and method for user authentication using random keypad

Country Status (1)

Country Link
KR (1) KR101039010B1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101544169B1 (en) 2013-12-09 2015-08-13 연세대학교 산학협력단 User information inputting method using an additional signal and apparatus thereof, and User Authentication Method thereof
KR20170030755A (en) 2015-09-10 2017-03-20 (주)한경아이넷 Authentication system, authentication device and authentication method

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003196006A (en) 2001-12-25 2003-07-11 Fujitsu Ltd Personal identification number input device and key layout displaying method
US20060037067A1 (en) * 2004-07-09 2006-02-16 Tricerion Ltd. Method of secure data communication
KR20080062604A (en) * 2006-12-29 2008-07-03 노틸러스효성 주식회사 Atm displaying movable buttons for inputting a password
JP2009199581A (en) 2008-01-21 2009-09-03 Nec Corp Personal identification number input device, method, and program, and cellular phone

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003196006A (en) 2001-12-25 2003-07-11 Fujitsu Ltd Personal identification number input device and key layout displaying method
US20060037067A1 (en) * 2004-07-09 2006-02-16 Tricerion Ltd. Method of secure data communication
KR20080062604A (en) * 2006-12-29 2008-07-03 노틸러스효성 주식회사 Atm displaying movable buttons for inputting a password
JP2009199581A (en) 2008-01-21 2009-09-03 Nec Corp Personal identification number input device, method, and program, and cellular phone

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101544169B1 (en) 2013-12-09 2015-08-13 연세대학교 산학협력단 User information inputting method using an additional signal and apparatus thereof, and User Authentication Method thereof
KR20170030755A (en) 2015-09-10 2017-03-20 (주)한경아이넷 Authentication system, authentication device and authentication method

Similar Documents

Publication Publication Date Title
KR101132368B1 (en) System for safely inputting password using shift value of password input and method thereof
US20050193208A1 (en) User authentication
KR101228088B1 (en) System and method for inputing password
JP4845057B2 (en) Portable electronic device and program
WO2017143816A1 (en) Privacy protection method and system for intelligent terminal
Kim Keypad against brute force attacks on smartphones
CN104317515A (en) Mobile terminal and unlocking method and unlocking device thereof
CN103793659A (en) Method and system for setting password and method and system for verifying password
CN103034417A (en) Unlocking method for touch screen and terminal equipment
CN103034798A (en) Random password generation method and device
TWI599914B (en) Password input system and method for inputting password
KR101228090B1 (en) System and method for inputing password
CN103297391A (en) Graphical dynamic password inputting and verifying method
CN104112096B (en) Multi-point touch method and device
KR101039010B1 (en) Apparatus and method for user authentication using random keypad
CN108229217A (en) A kind of anti-peeping key input system and method
CN111818376A (en) Password setting method, smart television, electronic equipment and readable storage medium
KR101378706B1 (en) A Melody Based Lock and Unlock Method In mobile Terminal
JP2012194648A (en) Authentication server, authentication system and authentication method of server
KR101063523B1 (en) User authentication method using a user authentication password consisting of two or more characters
Kovelamudi et al. Scramble or not, that is the question a study of the security and usability of scramble keypad for PIN unlock on smartphones
Gurary et al. Passgame: A shoulder-surfing resistant mobile authentication scheme
KR101459912B1 (en) Method and Apparatus for Secure User Authentication to 3D Display
JP2015001935A (en) Authentication device and authentication method
US20240095331A1 (en) Apparatus, system and method for secure data entry

Legal Events

Date Code Title Description
A201 Request for examination
E701 Decision to grant or registration of patent right
GRNT Written decision to grant
FPAY Annual fee payment

Payment date: 20140318

Year of fee payment: 4

LAPS Lapse due to unpaid annual fee