TW201616381A - Identification barcode generating and login method - Google Patents

Identification barcode generating and login method Download PDF

Info

Publication number
TW201616381A
TW201616381A TW103137492A TW103137492A TW201616381A TW 201616381 A TW201616381 A TW 201616381A TW 103137492 A TW103137492 A TW 103137492A TW 103137492 A TW103137492 A TW 103137492A TW 201616381 A TW201616381 A TW 201616381A
Authority
TW
Taiwan
Prior art keywords
barcode
account
password
server
generating
Prior art date
Application number
TW103137492A
Other languages
Chinese (zh)
Inventor
林珮瑜
葉亞婷
Original Assignee
元智大學
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 元智大學 filed Critical 元智大學
Priority to TW103137492A priority Critical patent/TW201616381A/en
Publication of TW201616381A publication Critical patent/TW201616381A/en

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

A identification barcode generating method is adapted for operating in a server, and for a client. The barcode generating method includes: generating an original barcode, hiding the account into the original barcode for generating an account barcode, and generating a verification datum at least according to a password and the account barcode. A login method using barcode includes: sending an account barcode and at lease one user key to a server, the server obtaining an account from the account barcode by using a server key, the server obtaining a password from the verification datum by using the account barcode and the at least one user key, and logging the server by the obtained account and password.

Description

識別條碼產生與登入方法 Identification barcode generation and login method

本發明係關於一種身份識別條碼產生與登入方法,特別係關於一種隱藏資訊於QR(Quick Response)碼的條碼產生與登入方法。 The invention relates to an identification barcode generation and login method, in particular to a barcode generation and login method for hiding information from a QR (Quick Response) code.

由於網路時代的發達,越來越多的網路服務出現,為現代人提供了更便利的生活。然而也因為如此,一般使用者常因不同的網路服務,擁有多組網站帳號與密碼,產生了管理帳號與密碼的記憶與安全困擾。一般使用者為了方便,經常將多個網站的帳號與密碼都設為同一組或容易記憶的個人資訊,如此一來,容易被其他人得知或盜用,非法者也可能會使用同一組帳號密碼登入個人相關網站。此外,若將帳號密碼記錄在筆記本或是裝置的備忘錄中,也可能因遺失或遭竊而產生安全性風險。 Due to the development of the Internet age, more and more Internet services have emerged, providing a more convenient life for modern people. However, because of this, the average user often has multiple sets of website accounts and passwords due to different network services, which causes memory and security problems of managing accounts and passwords. For the convenience of the average user, the account and password of multiple websites are often set to the same group or personal information that is easy to remember. As a result, it is easy for others to know or steal. Others may use the same group of account passwords. Log in to a personal related website. In addition, if the account password is recorded in the memo of the notebook or device, it may also pose a security risk due to loss or theft.

有鑒於上述的問題,本發明揭露一種識別條碼產生方法,係運用於一用戶端與一服務端,所述識別條碼產生方法包含:產生一原始條碼,並將用戶端的一帳號隱藏至原始條碼中以產生一帳號條碼,以及至少依據帳號條碼與用戶端的一密碼產生 一驗證資訊。 In view of the above problems, the present invention discloses a method for generating a barcode, which is applied to a client and a server. The method for generating a barcode includes: generating an original barcode and hiding an account of the client into the original barcode. To generate an account barcode, and at least generate a password according to the account barcode and the client. A verification message.

對應上述身份識別條碼產生方法,本發明亦揭露一種使用識別條碼的登入方法,所述登入方法包含:自一用戶端傳送一帳號條碼與至少一使用者密鑰至一服務端。服務端藉自帳號條碼中得到一帳號。服務端藉由帳號條碼、一驗證資訊與至少一使用者密鑰得到一密碼。以及藉由得到的帳號與密碼登入服務端。 Corresponding to the foregoing method for generating an identification barcode, the present invention also discloses a login method using an identification barcode. The login method includes: transmitting an account barcode and at least one user key from a client to a server. The server obtains an account by using the account barcode. The server obtains a password by using an account barcode, a verification information, and at least one user key. And log in to the server by using the obtained account and password.

以上之關於本發明內容之說明及以下之實施方式之說明係用以示範與解釋本發明之精神與原理,並且提供本發明之專利申請範圍更進一步之解釋。 The above description of the present invention and the following description of the embodiments of the present invention are intended to illustrate and explain the spirit and principles of the invention.

1‧‧‧用戶端 1‧‧‧Client

2‧‧‧服務端 2‧‧‧ server

11‧‧‧帳號條碼 11‧‧‧ Account barcode

12‧‧‧使用者密鑰 12‧‧‧User Key

21‧‧‧驗證資訊 21‧‧‧Verification information

S201-S205‧‧‧步驟 S201-S205‧‧‧Steps

31‧‧‧原始條碼 31‧‧‧ original barcode

32‧‧‧帳號條碼 32‧‧‧ account barcode

33‧‧‧密碼資訊 33‧‧‧ Password Information

34‧‧‧驗證資訊 34‧‧‧Verification information

S401-S407‧‧‧步驟 S401-S407‧‧‧Steps

第1圖係依據本發明一實施例之架構圖。 1 is an architectural diagram in accordance with an embodiment of the present invention.

第2圖係依據本發明一實施例之條碼產生方法流程圖。 2 is a flow chart of a bar code generation method according to an embodiment of the present invention.

第3圖係依據本發明一實施例之驗證資訊產生示意圖。 Figure 3 is a schematic diagram showing the generation of verification information in accordance with an embodiment of the present invention.

第4圖係依據本發明一實施例之登入方法流程圖。 Figure 4 is a flow chart of a login method in accordance with an embodiment of the present invention.

第5圖係依據本發明一實施例之登入方法示意圖。 Figure 5 is a schematic diagram of a login method in accordance with an embodiment of the present invention.

以下在實施方式中詳細敘述本發明之詳細特徵以及優點,其內容足以使任何熟習相關技藝者了解本發明之技術內容並據以實施,且根據本說明書所揭露之內容、申請專利範圍及圖式,任何熟習相關技藝者可輕易地理解本發明相關之目的及優點。以下之實施例係進一步詳細說明本發明之觀點,但非以任何 觀點限制本發明之範疇。 The detailed features and advantages of the present invention are set forth in the Detailed Description of the Detailed Description of the <RTIgt; </ RTI> <RTIgt; </ RTI> </ RTI> </ RTI> <RTIgt; The objects and advantages associated with the present invention can be readily understood by those skilled in the art. The following examples are intended to further illustrate the aspects of the invention, but not any The views limit the scope of the invention.

請參見第1圖。第1圖係依據本發明一實施例之架構圖。如第1圖所示,本發明之架構包含用戶端1與服務端2,用戶端1具有帳號條碼11與使用者密鑰12,服務端2則具有驗證資訊21。傳統登入方法為用戶端1欲登入服務端2使用其所提供的服務時,通常透過服務端2的登入系統介面輸入使用者帳號與密碼,服務端2再藉由資料庫內的用戶端資訊驗證接收到的帳號密碼是否正確,正確則允許用戶端1登入,不正確則拒絕用戶端1登入。然而傳統使用者識別之登入系統因使用者需記憶多組帳號與密碼而減少其便利性。因此,在本發明的架構中,當用戶端1欲登入服務端2時,只需將用戶端1的帳號條碼11與密鑰12傳送給服務端2,不需記憶任何帳號與密碼。服務端2再利用已儲存的驗證資訊21,搭配接受到的帳號條碼11與使用者密鑰12,即可得到用戶端1對應的帳號與密碼並完成身份識別登入,以下將詳細說明上述架構的內容。 See Figure 1. 1 is an architectural diagram in accordance with an embodiment of the present invention. As shown in FIG. 1, the architecture of the present invention includes a client 1 and a server 2, the client 1 has an account barcode 11 and a user key 12, and the server 2 has authentication information 21. The traditional login method is that when the client 1 wants to log in to the server 2 to use the service provided by the client 2, the user account and password are usually input through the login system interface of the server 2, and the server 2 is verified by the client information in the database. The password of the received account is correct. If it is correct, the client 1 is allowed to log in. If it is incorrect, the client 1 is denied login. However, the traditional user identification login system reduces the convenience of the user because the user needs to memorize multiple sets of accounts and passwords. Therefore, in the architecture of the present invention, when the client 1 wants to log in to the server 2, the account barcode 11 and the key 12 of the client 1 need to be transmitted to the server 2 without any account and password. The server 2 reuses the stored verification information 21, and with the received account barcode 11 and the user key 12, the account and password corresponding to the client 1 are obtained and the identification login is completed. The following details will be described in detail. content.

請參見第2圖。第2圖係依據本發明一實施例之身份識別條碼產生方法流程圖。如第2圖所示,本發明的帳號條碼與驗證資訊係下列三步驟產生:步驟S201係產生原始條碼,步驟S203係將將用戶端的帳號隱藏至原始條碼中以產生帳號條碼,步驟S205係至少依據帳號條碼與密碼產生一驗證資訊。 See Figure 2. 2 is a flow chart of a method for generating an identification barcode according to an embodiment of the present invention. As shown in FIG. 2, the account barcode and the verification information of the present invention are generated in the following three steps: step S201 is to generate an original barcode, and step S203 is to hide the account of the client into the original barcode to generate an account barcode, and step S205 is at least Generate a verification message based on the account barcode and password.

在步驟S201中,產生原始條碼,其可由任一條碼產生器產生,其條碼內容可為服務端的任何資訊。用戶端只要透過 裝置掃描,即可連結到服務端。舉例來說,用戶端可以使用任一掃描裝置或應用程式,掃描此原始條碼,即可連結到該服務網站或服務應用程式。因此,服務端資訊可以是服務端的網站或其它服務端的資訊,本發明並不以此限制。 In step S201, an original barcode is generated, which may be generated by any barcode generator, and the barcode content may be any information of the server. The client only needs to The device scans and can be connected to the server. For example, the client can scan the original barcode using any scanning device or application to connect to the service website or service application. Therefore, the server information may be information of a website of the server or other server, and the present invention is not limited thereto.

在步驟S203中,當原始條碼已由步驟S201產生後,服務端進一步將用戶端的帳號隱藏至原始條碼中,以產生帳號條碼,並將帳號條碼提供給用戶端作為往後登入使用。舉例來說,當原始QR碼由步驟S201產生後,服務端將用戶端的帳號隱藏至原始服務端QR碼中,以產生帳號QR碼,再將帳號QR碼傳送給用戶端。用戶端接收並儲存此帳號QR碼,往後即可用帳號QR碼登入服務端,省去記憶此服務端帳號的麻煩。 In step S203, after the original barcode has been generated by step S201, the server further hides the account of the client into the original barcode to generate an account barcode, and provides the account barcode to the client for later login. For example, when the original QR code is generated by the step S201, the server hides the account of the user terminal into the original server QR code to generate the account QR code, and then transmits the account QR code to the client. The client receives and stores the QR code of the account, and then can log in to the server with the account QR code, eliminating the trouble of memorizing the server account.

其中上述隱藏帳號至條碼的技術係以將至少一待隱藏資訊寫入原始服務端條碼。以二維條碼為例,所述的條碼可符合快速響應碼(Quick Response code)、資料矩陣(Data Matrix)或可攜資料檔417(Portable Data File 417,簡稱PDF417)等規範。其中二維條碼可包含多個模組位置,模組位置係指條碼中可填入任意條碼資料或錯誤更正碼(error correction code)的空間,可為方形、條狀或圓形等。在取得條碼時,這些模組位置上已一一記錄了位元。以黑白條碼為例,依所填入位元的不同,模組位置可處於被填滿(黑)或空白的狀態。其中條碼所具有的容錯區間提供了容錯機制,在即使沒有辨識到全部的條碼、或是說條碼有汙損時,也可以正確地還原條碼上的資訊。此外,容錯區間亦 可被用來隱藏資訊於其中。因此,隱藏帳號至條碼的技術係利用條碼本身的容錯區間,使條碼被修改後仍完整承載產生時所編碼的條碼資料。待隱藏的資訊的長度一般而言不能超過條碼的錯誤更正容量,或甚至小於某自定義上限。 The above technique for hiding an account to a barcode is to write at least one information to be hidden into the original server barcode. Taking a two-dimensional barcode as an example, the barcode can conform to specifications such as a Quick Response code, a Data Matrix, or a Portable Data File 417 (PDF417). The two-dimensional barcode can include multiple module positions, and the module position refers to a space in the barcode that can be filled with any bar code data or error correction code, and can be square, strip or circle. When the barcode is obtained, the bits are recorded one by one at these module locations. Taking black and white bar codes as an example, the module position can be filled (black) or blank depending on the filled bits. The fault-tolerant interval of the bar code provides a fault-tolerant mechanism, and the information on the bar code can be correctly restored even if the bar code is not recognized or the bar code is defaced. In addition, the fault tolerance interval is also Can be used to hide information from it. Therefore, the technology of hiding the account to the barcode uses the fault tolerance interval of the barcode itself, so that the barcode is modified to still completely carry the barcode data encoded at the time of generation. The length of the information to be hidden cannot generally exceed the error correction capacity of the barcode, or even less than a custom upper limit.

舉例來說,在一實施例中,本發明係利用QR碼中的錯誤更正容量,在黑白條碼上的某些像素中,修該其原始內容(例如將原像素值從0變更為1,或是從1變更為0)。由於加密過的帳號與密碼在數位上亦可由一連串的0或1表示,因此可隱藏至原始QR碼的錯誤更正容量中。修改後所產生新的帳號QR碼與密碼QR碼與原始QR碼的差異僅在於某些像素點上的不同,但其原始服務端資訊並無變更。也就是說,同樣以裝置掃描原始QR碼、帳號QR碼以及密碼QR碼,都可以連結到服務端,不因隱藏資訊後而影響用戶端或服務端使用該QR碼。 For example, in one embodiment, the present invention utilizes the error correction capacity in the QR code to modify its original content in certain pixels on the black and white bar code (eg, changing the original pixel value from 0 to 1, or It is changed from 1 to 0). Since the encrypted account number and password can also be represented by a series of 0s or 1s in the digits, they can be hidden into the error correction capacity of the original QR code. The new account QR code and password QR code generated after the modification differs from the original QR code only in the difference of some pixels, but the original server information has not changed. That is to say, the original QR code, the account QR code and the password QR code can also be scanned by the device, and can be connected to the server without affecting the use of the QR code by the client or the server.

此外,當帳號欲隱藏至條碼時,在實務上隱寫術(steganography)常配搭密鑰進行加密,使被隱藏的資訊即使被攔截也不易被解析出原始內容,其過程更為安全。因此該帳號可藉由密鑰加密後,再隱藏至原始QR碼中。帳號是否加密,可依系統需求而定,本發明並不以此限制。此外,該密鑰的數量亦可依據需求而有至少一把以上,例如說透過兩把密鑰加密兩次,使安全性更為提升。 In addition, when the account is to be hidden to the bar code, the steganography is often associated with the encryption of the key, so that the hidden information is not easily parsed out of the original content even if it is intercepted, and the process is more secure. Therefore, the account can be encrypted by the key and then hidden in the original QR code. Whether the account is encrypted or not can be determined according to system requirements, and the present invention is not limited thereto. In addition, the number of keys may be at least one or more according to requirements, for example, two encryptions are used to encrypt the two keys, thereby improving security.

在步驟S205中,服務端依據步驟S203中產生的帳號條碼與用戶端的密碼進行運算處理,以產生驗證資訊。其中產 生驗證資訊的方法,請參見第3圖。第3圖係依據本發明一實施例之驗證資訊產生示意圖。如第3圖所示,首先,將帳號隱藏至原始條碼31中,以產生帳號條碼32(即步驟S203)。接著,使用者密碼可經運算以產生密碼資訊33,其中密碼資訊33可以是一條碼,也可以是其他能夠包含密碼的資訊,本發明並不以此為限。隨後,帳號條碼32與密碼資訊33經運算處理後可得到驗證資訊34。運算處理目的在於將帳號條碼與密碼資訊整合成一驗證資訊,儲存在服務端,運算處理可為任一運算,如使用異或(exclusive or operation,XOR)運算的運算特性,本發明並不以此限制。 In step S205, the server performs an operation process according to the account barcode generated in step S203 and the password of the client to generate verification information. Among them For the method of verifying information, please refer to Figure 3. Figure 3 is a schematic diagram showing the generation of verification information in accordance with an embodiment of the present invention. As shown in FIG. 3, first, the account number is hidden into the original barcode 31 to generate the account barcode 32 (ie, step S203). Then, the user password can be operated to generate the password information 33, wherein the password information 33 can be a single code, or other information that can include the password, and the invention is not limited thereto. Subsequently, the account barcode 32 and the password information 33 are processed to obtain the verification information 34. The purpose of the arithmetic processing is to integrate the account barcode and the password information into a verification information, which is stored in the server, and the operation processing can be any operation, such as an operation characteristic using an exclusive or operation (XOR) operation, and the present invention does not limit.

如上所述,異或運算為假設XOR(A,B)=C成立,則XOR(B,C)=A與XOR(A,C)=B均成立。其中A、B及C係三個運算元,XOR係異或運算子。換句話說,以上三個運算元中任意兩者互相做異或運算可得第三者。舉例來說,若A代表帳號條碼,B代表密碼資訊,C則代表驗證資訊。其中如步驟S205所述,帳號條碼與密碼資訊經異或運算後可得驗證資訊(XOR(A,B)=C),而帳號條碼儲存於用戶端,驗證資訊儲存於服務端。接著,當後續用戶端需登入時傳送帳號條碼給服務端,雖然服務端並沒有儲存密碼資訊,但此時可藉由帳號條碼與驗證資訊做異或運算而得到密碼資訊(XOR(A,C)=B)。如此一來,用戶端與服務端只需要分別儲存帳號條碼與驗證資訊,即可透過異或運算得到相關的密碼資訊。 As described above, the exclusive OR operation assumes that XOR(A, B) = C holds, and XOR(B, C) = A and XOR(A, C) = B both hold. Among them, A, B and C are three operands, and XOR is an XOR operator. In other words, any two of the above three operands are XORed to obtain a third party. For example, if A represents an account barcode, B represents password information, and C represents verification information. As described in step S205, the account bar code and the password information are subjected to XOR operation to obtain verification information (XOR(A, B)=C), and the account bar code is stored in the user end, and the verification information is stored in the server. Then, when the subsequent user needs to log in, the account barcode is transmitted to the server. Although the server does not store the password information, the password information can be obtained by XOR the account barcode and the verification information (XOR(A, C). ) = B). In this way, the client and the server only need to store the account barcode and the verification information separately, and the related password information can be obtained through the exclusive OR operation.

在一實施例中,此異或運算係針對QR碼的二值化 圖形(黑白條碼),執行在圖上的每一個像素點。舉例來說,假設上述產生的帳號QR碼與密碼QR碼的圖形長寬皆為64像素,即兩張64x64的正方圖形。當欲產生驗證QR碼時,則逐一檢視帳號QR碼與密碼QR碼中錯誤更正容量內一一對應的像素點,根據異或運算的真值表(XOR(0,0)=0,XOR(0,1)=1,XOR(1,0)=1,XOR(1,1)=0)將兩對應像素做運算。例如,假設帳號QR碼中座標(10,10)的像素屬於錯誤更正容量內且像素值為0,而密碼QR碼中座標(10,10)的像素值為1,則驗證QR碼的像素值為1(XOR(0,1)=1),如此一來即可得到最終的驗證QR碼。 In an embodiment, the XOR operation is for the binarization of the QR code. Graphics (black and white bar code), executed at each pixel on the graph. For example, assume that the generated QR code and password QR code have a graphic length and width of 64 pixels, that is, two 64x64 square graphics. When the QR code is to be generated, the pixel corresponding to the error correction capacity in the account QR code and the password QR code is checked one by one, and the truth value table according to the exclusive OR operation (XOR(0,0)=0, XOR( 0,1)=1, XOR(1,0)=1, XOR(1,1)=0) The two corresponding pixels are operated. For example, assuming that the pixel of the coordinate (10, 10) in the account QR code belongs to the error correction capacity and the pixel value is 0, and the pixel value of the coordinate (10, 10) in the password QR code is 1, the pixel value of the QR code is verified. It is 1 (XOR(0,1)=1), so that the final verified QR code can be obtained.

如同前述,密碼資訊33之產生,可為原始使用者密碼,或使用至少一密碼方法進行加密處理。其中密碼方法可以是直接使用原始的密碼、將密碼以密鑰加密或將密碼以密鑰加密後隱藏至條碼中,本發明不以此為限。舉例來說,在將密碼以密鑰加密後隱藏至條碼的方法中,實務上隱寫術(steganography)常配搭密鑰進行加密,使被隱藏的資訊即使被攔截也不易被解析出原始內容,其過程更為安全。因此該密碼會先藉由密鑰加密後,隱藏至原始QR碼中,再進一步與帳號QR碼做異或運算產生驗證QR碼。密碼是否加密處理,可依系統需求而定,本發明並不以此限制。 As described above, the generation of the password information 33 may be the original user password or encrypted using at least one cryptographic method. The password method may be that the original password is used directly, the password is encrypted by a key, or the password is encrypted by the key and then hidden in the barcode. The invention is not limited thereto. For example, in the method of concealing a password into a barcode after encrypting the password, the steganography is often associated with the encryption of the key, so that the hidden information is not easily parsed out of the original content even if intercepted. The process is safer. Therefore, the password is first encrypted by the key, hidden in the original QR code, and further XORed with the account QR code to generate the verification QR code. Whether the password is encrypted or not can be determined according to system requirements, and the present invention is not limited thereto.

請參見第4圖。第4圖係依據本發明一實施例之登入方法流程圖。如第4圖所示,本發明的登入方法係依據下列步驟:步驟S401係自用戶端傳送帳號條碼與至少一個使用者密鑰至 服務端。步驟S403係服務端藉由帳號條碼中得到帳號。步驟S405係服務端藉由帳號條碼、驗證資訊與至少一個使用者密鑰得到密碼。步驟S407係藉由得到的帳號與密碼登入服務端。 See Figure 4. Figure 4 is a flow chart of a login method in accordance with an embodiment of the present invention. As shown in FIG. 4, the login method of the present invention is based on the following steps: Step S401 is to transfer an account barcode and at least one user key from the client to Server. In step S403, the server obtains an account by using an account barcode. In step S405, the server obtains the password by using the account barcode, the verification information, and the at least one user key. Step S407 is to log in to the server by using the obtained account and password.

在步驟S401中,用戶端傳送帳號條碼與至少一使用者密鑰以登入服務端。舉例來說,當用戶端欲使用該服務端所提供的服務時,只需將儲存在行動裝置上的帳號QR碼和使用者密鑰傳送給服務端,即可登入服務端。值得一提的是,在一實施例中,使用者密鑰可以是使用者自行設定的字串,或是綁在行動裝置上的用戶身份模塊(Subscriber Identity Module,SIM)碼,或是其他任何可以具有獨特身分識別功能的識別碼,本發明並不以此限制。 In step S401, the client transmits an account barcode and at least one user key to log in to the server. For example, when the user wants to use the service provided by the server, the account QR code and the user key stored on the mobile device can be transmitted to the server to log in to the server. It is worth mentioning that, in an embodiment, the user key may be a string set by the user, or a Subscriber Identity Module (SIM) code attached to the mobile device, or any other The identification code may have a unique identity recognition function, and the present invention is not limited thereto.

其中使用者密鑰的功能主要有二,一是傳送至服務端後供後續解密使用。二為保障用戶端的安全性。若帳號條碼遺失或被盜用散播時,即使不法使用者擁有此帳號條碼並傳送至服務端,在沒有搭配使用者密鑰的情況下,無法登入服務端。因此在帳號條碼和使用者密鑰的組合下,除了可提升用戶端的便利性外,亦仍然能確保其使用上的安全。舉例來說,假設使用者密鑰為用戶端的手機用戶身份模塊碼,若用戶端的帳號QR碼因外洩而散佈,但手機卻沒有遺失,此時不法使用者雖擁有用戶端的帳號QR碼,但其登入服務端時依舊會因使用者密鑰(用戶身份模塊碼)不正確而被拒絕登入。如此一來,即可大大確保用戶端的安全性。 There are two main functions of the user key, one is to be transmitted to the server for subsequent decryption. Second, to ensure the security of the client. If the account barcode is lost or stolen, even if the illegal user owns the account barcode and transmits it to the server, the server cannot be logged in without the user key. Therefore, in addition to improving the convenience of the client, the combination of the account barcode and the user key can still ensure the security of its use. For example, suppose the user key is the mobile phone user identity module code of the user end. If the QR code of the client's account is spread due to leakage, but the mobile phone is not lost, the illegal user has the QR code of the client's account, but When logging in to the server, it will still be denied login due to incorrect user key (user identity module code). In this way, the security of the client can be greatly ensured.

在步驟S403中,服務端在接收到用戶端傳送的帳號條碼後即可自帳號條碼中得到帳號。舉例來說,當用戶端傳送帳號QR碼至服務端,服務端即可從帳號QR碼中取得帳號。在步驟S405中,服務端接收到用戶端傳送的帳號條碼及至少一個使用者密鑰後,藉由儲存在服務端的驗證資訊解密得到密碼資訊,其中密碼資訊可以是一條碼,也可以是其他能夠包含密碼的資訊,本發明並不以此為限。舉例來說,當用戶端欲登入服務端時,服務端將所儲存的驗證QR碼,以及使用者傳送的帳號條碼及使用者密鑰,解密出用戶端的密碼。在另一實施例中,本發明的帳號、密碼及密鑰係一廣義定義,用戶端亦可傳送密碼資訊至服務端取得帳號,本發明並不以此為限。 In step S403, after receiving the account barcode transmitted by the client, the server can obtain the account from the account barcode. For example, when the client transmits the account QR code to the server, the server can obtain the account from the account QR code. In step S405, after receiving the account barcode transmitted by the client and the at least one user key, the server decrypts the verification information stored in the server to obtain the password information, wherein the password information may be a code, or other The information including the password is not limited to the present invention. For example, when the user wants to log in to the server, the server decrypts the stored verification QR code, the user's transmitted account barcode and the user key, and decrypts the password of the user. In another embodiment, the account number, password, and key of the present invention are defined in a broad sense, and the user terminal can also transmit the password information to the server to obtain an account. The present invention is not limited thereto.

在步驟S407中,服務端藉由上述步驟,將可得到用戶端的帳號與密碼,若服務端驗證資料庫內用戶端的帳號密碼無誤,用戶端即可登入服務端系統。其中步驟S403與步驟S405取得用戶端帳號密碼的方法,請一併參見第5圖。第5圖係依據本發明一實施例之登入方法示意圖。如第5圖所示,當用戶端欲登入服務端使用其系統時,用戶端將帳號QR碼11與使用者密鑰12傳送至服務端2。服務端2接收後即分成兩步驟分別解出用戶端的帳號與密碼。 In step S407, the server can obtain the account number and password of the client by the above steps. If the account password of the client in the server verification database is correct, the client can log in to the server system. For the method of obtaining the password of the user account in step S403 and step S405, please refer to FIG. 5 together. Figure 5 is a schematic diagram of a login method in accordance with an embodiment of the present invention. As shown in FIG. 5, when the user wants to log in to the server to use the system, the client transmits the account QR code 11 and the user key 12 to the server 2. After receiving the server 2, the server 2 is divided into two steps to solve the account and password of the client.

如同前述,服務端取得帳號QR碼11後,以帳號QR碼11取出用戶端的帳號(如步驟S403)。隨後,將帳號QR碼11與儲存在服務端的驗證QR碼21做異或運算而得到密碼QR碼 33(如步驟S405),並將密碼QR碼33以使用者密鑰12解碼後得到密碼。如此一來,服務端2即可得到用戶端的帳號與密碼,進一步驗證其正確性而決定該用戶是否可合法登入。 As described above, after the server obtains the account QR code 11, the server receives the account number of the client with the account QR code 11 (step S403). Subsequently, the account QR code 11 is XORed with the verification QR code 21 stored at the server to obtain a password QR code. 33 (step S405), and the password QR code 33 is decoded by the user key 12 to obtain a password. In this way, the server 2 can obtain the account number and password of the client, further verifying the correctness and determining whether the user can legally log in.

綜上所述,本發明利用條碼的特殊加密特性與解碼便利的優點,將複雜且麻煩的帳號與密碼以條碼的方式進行儲存,以供用戶端能更簡便的登入服務端。因此本發明除提升便利性外,亦能廣泛運用於身分驗證之用途。 In summary, the present invention utilizes the special encryption feature of the barcode and the advantage of decoding convenience, and stores the complicated and troublesome account and password in a barcode manner, so that the user can log in to the server more conveniently. Therefore, the present invention can be widely used for identity verification purposes in addition to improving convenience.

雖然本發明以前述之實施例揭露如上,然其並非用以限定本發明。在不脫離本發明之精神和範圍內,所為之更動與潤飾,均屬本發明之專利保護範圍。關於本發明所界定之保護範圍請參考所附之申請專利範圍。 Although the present invention has been disclosed above in the foregoing embodiments, it is not intended to limit the invention. It is within the scope of the invention to be modified and modified without departing from the spirit and scope of the invention. Please refer to the attached patent application for the scope of protection defined by the present invention.

31‧‧‧原始條碼 31‧‧‧ original barcode

32‧‧‧帳號條碼 32‧‧‧ account barcode

33‧‧‧密碼資訊 33‧‧‧ Password Information

34‧‧‧驗證資訊 34‧‧‧Verification information

Claims (11)

一種識別條碼產生方法,係運用於一用戶端與一服務端,所述識別條碼產生方法包含:產生一原始條碼;將該用戶端的一帳號隱藏至該原始條碼中以產生一帳號條碼;以及至少依據該帳號條碼與該用戶端的一密碼產生一驗證資訊。 A method for generating a barcode is applied to a client and a server. The method for generating a barcode includes: generating an original barcode; hiding an account of the client into the original barcode to generate an account barcode; and at least A verification message is generated according to the account barcode and a password of the client. 如請求項1所述的識別條碼產生方法,其中於產生該帳號條碼的步驟中,係將該帳號寫入至該原始條碼的至少一容錯區間中,以得到該帳號條碼。 The method for generating an identification barcode according to claim 1, wherein in the step of generating the account barcode, the account is written into at least one fault tolerance interval of the original barcode to obtain the account barcode. 如請求項1所述的識別條碼產生方法,其中於產生該帳號條碼的步驟中,該帳號條碼被產生後儲存於該用戶端。 The method for generating an identification barcode according to claim 1, wherein in the step of generating the account barcode, the account barcode is generated and stored in the client. 如請求項1所述的識別條碼產生方法,其中於產生該驗證資訊的步驟中,該驗證資訊被產生後儲存於該服務端。 The method for generating an identification barcode according to claim 1, wherein in the step of generating the verification information, the verification information is generated and stored in the server. 如請求項1所述的識別條碼產生方法,其中於產生該驗證資訊的步驟中包含:依據該密碼產生一密碼資訊;以及依據該密碼資訊與該帳號條碼及至少一使用者密鑰運算處理產生該驗證資訊。 The method for generating an identification barcode according to claim 1, wherein the step of generating the verification information comprises: generating a password information according to the password; and generating, according to the password information, the account barcode and the at least one user key processing The verification information. 如請求項5所述的識別條碼產生方法,其中於產生該密碼資訊的步驟中,係將該用戶端的該密碼利用加密處理,以產生該密碼資訊。 The method for generating an identification barcode according to claim 5, wherein in the step of generating the password information, the password of the client is encrypted by using the password to generate the password information. 一種使用識別條碼的登入方法,所述登入方法包含:自一用戶端傳送一帳號條碼與至少一使用者密鑰至一服務端;該服務端藉由該帳號條碼中得到一帳號;該服務端藉由該帳號條碼、一驗證資訊與該至少一使用者密鑰得到一密碼;以及藉由得到的該帳號與該密碼登入該服務端。 A login method using an identification barcode, the login method includes: transmitting an account barcode and at least one user key from a client to a server; the server obtains an account by using the account barcode; the server Obtaining a password by using the account barcode, a verification information, and the at least one user key; and logging in to the server by using the obtained account and the password. 如請求項7所述的登入方法,其中該帳號條碼係由將該帳號隱藏至一原始條碼的至少一容錯區間中而產生,該原始條碼的內容係該服務端的連結資訊。 The login method of claim 7, wherein the account barcode is generated by hiding the account in at least one fault tolerance interval of the original barcode, and the content of the original barcode is the connection information of the server. 如請求項7所述的登入方法,其中該驗證資訊係至少依據該密碼與該帳號條碼而產生。 The login method of claim 7, wherein the verification information is generated based at least on the password and the account barcode. 如請求項7所述的登入方法,其中該至少一使用者密鑰係用以供登入過程加密或解密使用。 The login method of claim 7, wherein the at least one user key is used for encryption or decryption of the login process. 如請求項7所述的登入方法,其中於藉由該帳號條碼、該驗證資訊與該至少一使用者密鑰得到該用戶端的該密碼的步驟中,該密碼係經由該帳號條碼與該驗證資訊經運算後而得到一密碼資訊,再運用該至少一使用者密鑰對該密碼資訊解密後而得出該用戶端的該密碼。 The login method of claim 7, wherein in the step of obtaining the password of the user terminal by using the account barcode, the verification information, and the at least one user key, the password is via the account barcode and the verification information. After the operation, a password information is obtained, and the password information is decrypted by using the at least one user key to obtain the password of the user end.
TW103137492A 2014-10-29 2014-10-29 Identification barcode generating and login method TW201616381A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW103137492A TW201616381A (en) 2014-10-29 2014-10-29 Identification barcode generating and login method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW103137492A TW201616381A (en) 2014-10-29 2014-10-29 Identification barcode generating and login method

Publications (1)

Publication Number Publication Date
TW201616381A true TW201616381A (en) 2016-05-01

Family

ID=56508589

Family Applications (1)

Application Number Title Priority Date Filing Date
TW103137492A TW201616381A (en) 2014-10-29 2014-10-29 Identification barcode generating and login method

Country Status (1)

Country Link
TW (1) TW201616381A (en)

Similar Documents

Publication Publication Date Title
US11323272B2 (en) Electronic identification verification methods and systems with storage of certification records to a side chain
US10798081B2 (en) Method, apparatus, and system for providing a security check
US8661254B1 (en) Authentication of a client using a mobile device and an optical link
US20180308098A1 (en) Identity Management Service Using A Block Chain Providing Identity Transactions Between Devices
US10530582B2 (en) Method and device for information system access authentication
US7770018B2 (en) Setting up a security access system
Nyang et al. Keylogging-resistant visual authentication protocols
CN102685110B (en) Universal method and system for user registration authentication based on fingerprint characteristics
CN101334884B (en) Improve the method and system of account transfer safety
WO2018145127A1 (en) Electronic identification verification methods and systems with storage of certification records to a side chain
CN103067390A (en) User registration authentication method and system based on facial features
CN104125064B (en) A kind of dynamic cipher authentication method, client and Verification System
CN103532960A (en) Text encryption interaction method, encryption method and device, decryption method and device
WO2015179640A1 (en) Method, apparatus, and system for providing a security check
CN102255728B (en) Identity recognition method for computer system
CN113826096A (en) User authentication and signature apparatus and method using user biometric identification data
CN103514540A (en) USBKEY business realization method and system
TW201616381A (en) Identification barcode generating and login method
CN112202794A (en) Transaction data protection method and device, electronic equipment and medium
TWI640928B (en) System for generating and decrypting two-dimensional codes and method thereof
US11343078B2 (en) System and method for secure input at a remote service
US20240005820A1 (en) Content encryption and in-place decryption using visually encoded ciphertext
TWI615735B (en) Application of the method of hiding network services
KR101427733B1 (en) Device and method for authenticating server
KR101170822B1 (en) Confirmation method using variable secret puzzle