CN101359987A - Algorithm cipher - Google Patents
Algorithm cipher Download PDFInfo
- Publication number
- CN101359987A CN101359987A CNA2007101412259A CN200710141225A CN101359987A CN 101359987 A CN101359987 A CN 101359987A CN A2007101412259 A CNA2007101412259 A CN A2007101412259A CN 200710141225 A CN200710141225 A CN 200710141225A CN 101359987 A CN101359987 A CN 101359987A
- Authority
- CN
- China
- Prior art keywords
- user
- password
- random number
- input
- abc
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention is used in the occasions such as web banks, online games, and the like, which solves the problem that Trojan horses steal accounts and passwords, so that a user is not afraid of peep by someone else. A password is replaced by calculation, and the method for approving the true identity of the user is a calculation method in stead of a group of fixed numbers or symbols. The preset account of the user is abc, the password is a number which is obtained by adding 2 to a random number generated by a system. In a login interface, the server (system) generates a random number 3, and the user carries out the calculation that 3 plus 2 is 5; and the user inputs the account abc, and inputs password 5. The server receives the account abc and the password 5, then searches a preset password of adding 2 to a random number, and finally determines that the user inputting the password 5 is the true user according to the account abc. Thus, as for the random number 3, the user who has the account abc and password 5 is the true user. When the random number 3 changes, the password to be input is changed accordingly.
Description
Affiliated technical field
Be mainly used in Web bank, online game etc. and need use the place of account number and password authentification user real identification.Can solve wooden horse and steal the problem of account number and password, accomplish that the account number of input and password be not afraid of others and see.
Background technology
At present, virus overflowing on the Internet, especially trojan horse cause various types of account numbers and password to be stolen, and cause very big loss, in order to address this problem a lot of methods, roughly can be divided into two classes:
The one, prevent that account number and password are stolen, think that exactly the whole bag of tricks allows you can't obtain my account number and password.For example antivirus software, anti-Trojan software etc.What he guaranteed is: give the environment of a safety of client, this is the method for the strick precaution of main flow.
The 2nd, when confirming user identity, except common account number and password, also need to import disposable additional identification sign indicating number, this additional identification sign indicating number was used once and had just been lost efficacy, and it is by generations such as SMS, cryptoguard card, phone checkings.The purpose of this method is that you obtain account number and password is also otiose, and just become next time.Even under unsafe environment, also can avoid loss.
These two kinds of methods have his own strong points, and one is that I make great efforts not allow you obtain, and one is to try every possible means to allow you obtain also there is not what usefulness.It is also otiose that this method belongs to account number and password that you obtain to input.
Summary of the invention
Replace password with algorithm, what prove user real identification is a kind of computational methods, and no longer is one group of fixing numeral or symbol.Server (system) and user utilize with a kind of computational methods, identical random number are calculated the same legitimacy that just proves the user of result.
The account number that the user stays the own identity of proof is abc, and password is: the random number that system is produced adds 2, and at login interface, server (system) generates a random number 3, and the user adds 2 computings to this random number, obtains result 5.The user imports abc in account number, import 5 in password.After server (system) receives user's account number abc and password 5, search for its reserving cipher according to account number abc and be: the random number that system is produced adds 2.Calculate the real user that is of cryptopart input 5.Like this for random number 3, account number abc, the user of password 5 is only real user.When random number 3 has changed, password also changes.The password that wooden horse is stolen account number and importation is without any being worth.
User's password no longer is a series of fixed character, but a kind of algorithm carries out computing to the random number that system gives exactly, and algorithm is freely selected by the user.The numeral that can verify own identity of user's input is that wooden horse has obtained also useless because of random number changes.
Description of drawings
Figure one is a matrix diagram.
Figure two is log-in interface figure.
Figure three initial passwords are provided with surface chart.
Specific embodiments
How the main interpreting user of this paper is provided with " algorithm cipher ", and the work that this method is applied in Web bank, the online game is finished according to this paper by the programmer." algorithm cipher " of proof user real identification is an expression formula and a selectable drop-down menu.
One, expression formula part
(A5+3) * (B7+5) this is the expression formula of a standard, and his implication is as follows:
A5, B7 are used for peeking, and on user's log-in interface, system produces one 10 * 10 matrix, produce numeral between the 10-1000 at random by system in each grid of matrix, have 100 random numbers.See Figure of description figure one:
In the expression formula implication of A5 be exactly in the matrix abscissa be A, ordinate is several 456 in the 5 corresponding grid, the implication of B7 be exactly in the matrix abscissa be B, ordinate is several 786 in the 7 corresponding grid.After having got numeral, perform mathematical calculations according to expression formula.
(456+3) * (786+5)=363069 obtain operation result 363069
To different users, the variation of expression formula part is embodied in the password:
1, selects in to the choosing of random number in the matrix, abscissa is at A---select among the J, ordinate is 1---10.Can select two, also can select one.
2, a back number of add operation is to change, and is freely chosen by the user.
3, the form of expression formula also can become.The version of expression formula is as follows:
(C6)×5、(D7)×(B9+12)
Two, selectable drop-down menu part
Operation result to expression formula suitably intercepts, and promptly casts out some numeral, makes computing irreversible.Mode with drop-down menu is expressed, and the user only needs to select, and remembers the selection of oneself.
The selection of supposing the user is: remove preceding 1.The A in the option in the following table just removes first bit digital of the operation result 363096 of expression formula part and obtains 63096, and input 63069 is exactly a legal users.Be that menu option is partly tabulated below:
A removes preceding 1 (the gained numeral from the front number, is removed first digit, imported remaining)
That B removes is preceding 2 (with the gained numeral from the front, second is removed, import remaining)
C removes preceding 1 and preceding 2 (with the gained numeral from the front, first and second are removed simultaneously, import remaining)
D removes back 1 (the gained numeral is seen from behind, first digit is removed, import remaining)
E removes back 2 (the gained numeral is seen from behind, second digit is removed, import remaining)
F removes back 1 and back 2 (the gained numeral is seen, first is removed simultaneously with second, import remaining) backmost
G removes preceding 1 and afterwards 1 (the gained numeral from the front, is removed first, seen from behind simultaneously, remove first, import remaining)
H removes preceding 1 and afterwards 2 (the gained numeral from the front, is removed first, seen from behind simultaneously, remove second, import remaining)
I removes preceding 2 and back 1 (with the gained numeral from the front, second is removed, see from behind simultaneously, remove first, import remaining)
J removes preceding 2 and back 2 (with the gained numeral from the front, second is removed, see from behind simultaneously, remove second, import remaining)
User's password by the option of an expression formula and a menu form.The password that previous example is complete is: (A5+3) * (B7+5) remove preceding 1.The user remembers account number and the password of oneself, carries out computing according to the matrix of giving when landing, and result's input is just passable.
The algorithm cipher that common fixed password and variation can be set in specific implementation process as required exists simultaneously.Account number abc, fixed password 123, algorithm cipher is: (A5+3) * (B7+5) removes preceding 1.Log-in interface is referring to figure two, and initial password is provided with the interface referring to figure three.Need a cutline literal equally to numerous users of service and client.Can be with reference to hereinafter:
On user's log-in interface, system produces one 10 * 10 matrix, as figure one, produces 100 random numbers at random by system in each grid of matrix.(A5+3) * (B7+5) is the expression formula of a standard, and A5, B7 are the numbers that is used for getting in the matrix, and the implication of A5 is A with abscissa in the matrix exactly, and ordinate is that the number in the 5 corresponding grid is chosen, and is 456.What B7 chose is 786.After having got numeral, perform mathematical calculations according to expression formula.
(456+3) * (786+5)=363069 obtains operation result 363069
The variation of expression formula part is embodied in the algorithm cipher:
1, selects in to the choosing of random number in the matrix, abscissa is at A---select among the J, ordinate is 1---10.Can select two, also can select one.
2, a back numeral of add operation is to change, and is freely chosen by the user.
3, the form of expression formula also can become.The version of expression formula is as follows:
(C6)*5、(D7)*(B9+12)
The drop-down menu of selection algorithm password is exactly that operation result to expression formula suitably intercepts, and promptly casts out some numeral, makes computing irreversible.User's selection is: remove preceding 1.First bit digital of the operation result 363096 of expression formula removed obtain 63096, just import 63069 and prove it oneself is validated user.
Some explanation:
One, wanting to crack this algorithm cipher in theory needs repeatedly to obtain the numeral of input and intercept the random number battle array simultaneously.In fact really can prevent password be stolen still to lean on the country law.
Two, for the understanding of novelty.
1, do not need other physical hardwares.Additive method all needs physical hardware.
2, this method is that user's heart is remembered which numeral in the random number that input system gives.Additive method is which numeral that needs on the system prompt input physical hardware.
3, there is calculation process in algorithm cipher.
Claims (1)
- Under the prerequisite that does not need other physical hardwares, need the user to input account number, password, additional identification sign indicating number, be used for proving or confirm own true identity that all different each time method all is tied.Method is embodied in following 2 points:1,, comprises selection to random number series to the selection of random number.System or server provide a series of numerals, it is incomplete the same that the part of user input and system produce, but select according to certain rule, what are regardless of this rule, all are a kind of embodiments of the different passwords of different user correspondence.2, to the computing of random number, exactly the random number that system gives is performed mathematical calculations, no matter random number is carried out other still more complicated computings of simple add operation, all regard as the thought of this paper is extended.Judge that by input additional identification sign indicating number manually input still is that the Automatic Program operation does not then belong to this paper content.Because the effect of this additional identification sign indicating number is not used for identifying user identity, and he is that system shows that what what user imports, and do not make any change.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2007101412259A CN101359987A (en) | 2007-08-02 | 2007-08-02 | Algorithm cipher |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2007101412259A CN101359987A (en) | 2007-08-02 | 2007-08-02 | Algorithm cipher |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101359987A true CN101359987A (en) | 2009-02-04 |
Family
ID=40332337
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2007101412259A Pending CN101359987A (en) | 2007-08-02 | 2007-08-02 | Algorithm cipher |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101359987A (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2011044784A1 (en) * | 2009-10-12 | 2011-04-21 | 中兴通讯股份有限公司 | Terminal and method for password change |
| CN102571356A (en) * | 2012-02-23 | 2012-07-11 | 深圳市乐讯科技有限公司 | Method and device for authenticating user identity |
| CN102694766A (en) * | 2011-03-21 | 2012-09-26 | 刘冠双 | Multi-party interactive password check |
| CN104320767A (en) * | 2014-11-10 | 2015-01-28 | 吴东辉 | Short message verification system and method |
| CN105406965A (en) * | 2015-11-21 | 2016-03-16 | 徐江锋 | Clear-text password encryption method |
| CN105656844A (en) * | 2014-11-12 | 2016-06-08 | 江苏威盾网络科技有限公司 | Method for preventing network hacker from stealing password |
| CN106209732A (en) * | 2015-04-30 | 2016-12-07 | 阿里巴巴集团控股有限公司 | A kind of offer method and device of identifying code |
| CN107085788A (en) * | 2017-04-20 | 2017-08-22 | 中国电子技术标准化研究院 | A kind of new safe payment method |
-
2007
- 2007-08-02 CN CNA2007101412259A patent/CN101359987A/en active Pending
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2011044784A1 (en) * | 2009-10-12 | 2011-04-21 | 中兴通讯股份有限公司 | Terminal and method for password change |
| CN102694766A (en) * | 2011-03-21 | 2012-09-26 | 刘冠双 | Multi-party interactive password check |
| CN102571356A (en) * | 2012-02-23 | 2012-07-11 | 深圳市乐讯科技有限公司 | Method and device for authenticating user identity |
| CN104320767A (en) * | 2014-11-10 | 2015-01-28 | 吴东辉 | Short message verification system and method |
| CN105656844A (en) * | 2014-11-12 | 2016-06-08 | 江苏威盾网络科技有限公司 | Method for preventing network hacker from stealing password |
| CN106209732A (en) * | 2015-04-30 | 2016-12-07 | 阿里巴巴集团控股有限公司 | A kind of offer method and device of identifying code |
| CN105406965A (en) * | 2015-11-21 | 2016-03-16 | 徐江锋 | Clear-text password encryption method |
| CN107085788A (en) * | 2017-04-20 | 2017-08-22 | 中国电子技术标准化研究院 | A kind of new safe payment method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101359987A (en) | Algorithm cipher | |
| US9077710B1 (en) | Distributed storage of password data | |
| JP6498358B2 (en) | Integrated authentication system that authenticates using disposable random numbers | |
| Park et al. | A TOTP-based two factor authentication scheme for hyperledger fabric blockchain | |
| AU2011200413B1 (en) | Methods and Systems to Detect Attacks on Internet Transactions | |
| CN102202067A (en) | Dynamic random cipher registration method | |
| CN105187382B (en) | Prevent from hitting the multiple-factor identity identifying method of storehouse attack | |
| CN101702729A (en) | Method for verifying generated identity based on coordinate technology | |
| TW201325175A (en) | Confirmation mechanism for random and dynamic passwords | |
| Sonewar et al. | Detection of SQL injection and XSS attacks in three tier web applications | |
| WO2022107591A1 (en) | Password authentication system | |
| CN107181589A (en) | A kind of fort machine private key management method and device | |
| LeJeune et al. | An algorithmic approach to improving cloud security: The MIST and Malachi algorithms | |
| Singh et al. | Authentication and encryption in cloud computing | |
| Jingzhe et al. | Web service applying moving target defense | |
| Sonwalkar | Captcha: Novel approach to secure user | |
| CN1835435A (en) | Method and system for preventing network user's secrete code from stolen | |
| KR101420160B1 (en) | Variable password generation method and internet authentication system using the same | |
| US10277584B2 (en) | Verification request | |
| Akif et al. | Protecting a sensitive dataset using a time based password in big data | |
| CN107733650A (en) | The dynamic setting method of account password | |
| Balilo Jr et al. | A comparative analysis and review of OTP Grid Authentication Scheme: Development of new scheme | |
| CN103873226A (en) | Random confusion method for user password | |
| US20220179937A1 (en) | Secure user authentication system and methods | |
| Gaur et al. | Authentication using a Combination of Color Scheme and Musical Notes |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20090204 |