CN101471770A - Method for determining inquiry answer type bidirectional identification and business, and encipher device applying the method - Google Patents

Method for determining inquiry answer type bidirectional identification and business, and encipher device applying the method Download PDF

Info

Publication number
CN101471770A
CN101471770A CNA2008100883729A CN200810088372A CN101471770A CN 101471770 A CN101471770 A CN 101471770A CN A2008100883729 A CNA2008100883729 A CN A2008100883729A CN 200810088372 A CN200810088372 A CN 200810088372A CN 101471770 A CN101471770 A CN 101471770A
Authority
CN
China
Prior art keywords
server
encryption device
encryption
password
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CNA2008100883729A
Other languages
Chinese (zh)
Other versions
CN101471770B (en
Inventor
毛华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN2008100883729A priority Critical patent/CN101471770B/en
Publication of CN101471770A publication Critical patent/CN101471770A/en
Application granted granted Critical
Publication of CN101471770B publication Critical patent/CN101471770B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention relates to a secure communication device and a method, in particular to a device and a method for sending and receiving a code by adopting a special manner. In the question answering mutual identity and transaction confirmation method and the device adopting the method, the confirmation method comprises identity verification and transaction content confirmation, and has the characteristic of mutual authentication. An encryption device is separated from the outside completely, and has no electronic connecting interface, so that the hacker attack can be avoided, and the device can also be used in the environment of no personal computer. In the device and the method, not only does a server identify a client in a unilateralism manner, but the client also discriminates the validity of the server through checking the validity of a quenstion and answers the quenstion after confirming the validity of the quenstion only, thereby effectively resisting fishing trap. By adopting the method and the encryption device, identity verification and electronic transaction can be performed safely in unsafe environments such as an Internet bar, etc.

Description

The encryption device of inquiry answer type bidirectional identification, transaction confirmation method and this method of employing
Technical field
The present invention relates to a kind of secure communication apparatus and method, relate in particular to a kind of equipment and method that adopts particular form to send and receive password.
Background technology
At present, each service organization adopts three kinds of methods to carry out identity and trade confirmation usually: hardware encipher modes such as static password, dynamic password, USB coded lock and smart card.These three kinds of methods cut both ways: static password uses simple and easy but is absolutely unsafe, and is easily monitored by the people and loses efficacy.Adopt at present the method for dynamic password note is arranged the usually dynamic password that sends, the modes such as two-dimentional password index card that are printed on paper.The note dynamic password has improved fail safe, but also exists the transmission note to depend on carrier network, can't use, need to problems such as telecom operators' payings in the smooth area of note, and note itself also can be monitored.The password index card has wield characteristics with low cost, but also has the problem that available number of times is few, the password capacity is low, and the risk of being taken pictures, plagiarizing or being extracted password by fishing website is arranged.The solution of USB coded lock, smart card its essence is hardware based encipherment scheme because encryption vector has the connecting interface with computer, exist must rely on computer, port information may the quilt monitoring, repeatedly soundd out and by problem such as counterfeit.Simultaneously, owing to encryption, decipherment algorithm exist with ... computer, just there is the possibility of being attacked in its algorithm itself, and the method for hardware encipher can not guarantee safety fully.Once be a kind of popular employing hardware encipher and be operated in encryption method on the printer parallel port as " dongle ", but the software that much adopts this method all is cracked because of on computers procedure subject is modified.There are following two hidden danger at least in used USB Key:
1. there is leak in interactive operation.The hacker can Long-distance Control, and the USB Key that falsely uses the client carries out authentication, and the client can't know.(this is the reason that all requires to pull out USB Key when why at every turn withdrawing from Net silver)
2. can't prevent that data from being distorted.Client's a transaction may be tackled and distort and be an other transaction before being sent into USB Key and encrypting by the hacker, can distort transaction like this and authentication is passed through under the unwitting situation of user.
Electronic transaction presses for and more is simple and easy to use and safer method.
Use e-bank to be example at present in the Internet bar with us, almost few people use e-bank in the Internet bar now, and topmost problem is a safety problem.Because the computer in the Internet bar is public use, may lie prostrate various wooden horses, hacker software in advance on the computer, our keyboard might be monitored, and dealing information might be monitored even be distorted.Though fire compartment wall, antivirus software are arranged at present, and digital certificate, USB Key, anti-keyboard monitor counterchecks such as plug-in unit, yet the high chi in road, evil spirit are high one zhang, defend often to clap than attack slow half in the antagonism of computer realm.Fire compartment wall still may be penetrated, and antivirus software may be killed, and encryption software might be modified, and certificate information may be stolen, and attacks with the struggle of defending never to stop.This disappears, and that is long, though finally be that evil can never prevail over good, development, particularly domestic consumer that virus killing and defence often always lag behind virus and wooden horse can not guarantee being perfectly safe of current computer usually.For the personal user, if leaky existence, even in short-term, just might be robbed everything.
The main reason that produces safety problem is to connect, because our computer need be with exchange messages such as bank and online trade companies, computer just must be set up network and connect.The passage of invasion though having solved, the problem of communication also is provided to the hacker.Because computer is also born the task of encryption and authentication simultaneously, the relative program of its operation just might be made amendment after the hacker attacks or be monitored.
The dynamic password device that adopts the stand-alone card form is also arranged in the prior art, as disclosed Chinese patent application on January 2nd, 2008, publication number is CN101098223A, disclose a kind of method and device thereof of encrypting network user password, its method step is: 1) the customer service merchant allots the user storage card and the user cipher of the private key of retaining in server database to the client; When 2) client logined, server provided the accidental enciphering sign indicating number when requiring the client to input password; 3) user is inserted into encryption device with storage card, and input user cipher and accidental enciphering sign indicating number behind encryption device operation encrypted private key, obtain new Crypted password input computer; 4) server receives that the client private key that Crypted password is retained with database deciphers data.Though it has the advantage of dynamic password, it is a unilateral authentication, does not have the function of anti-fishing website, and can't confirm that to the content of transaction security performance is not high, can not guarantee to use on unsafe computer.
Summary of the invention
In order to solve the safety problem of identity validation, network trading and phone speculation in stocks etc., be not afraid of the security solution method that virus, wooden horse and hacker invade thereby the present invention can provide a kind of not to be feared by monitoring, can not be distorted and cheat, not rely on computer, and for realizing the encryption device of the method.
A kind of inquiry answer type bidirectional identification, transaction confirmation method, authentication method comprises identity validation, identity validation may further comprise the steps:
(a) the customer service merchant allots independently encryption device to special-purpose client;
(b) user is connected to server and imports customer accounting code K by network or phone;
(c) server retrieves server password Mo and the encryption algorithm F o that shows server identity according to customer accounting code K;
(d) server produces a random number N, calculates encrypted result Q, and (K, Mo N), and are shown to user's (N and Q can be described as enquirement) with N and Q to Q=Fo;
(e) user imports number of the account K, random number N and the encrypted result Q of oneself on encryption device;
(f) encryption device calls the cryptographic algorithm fo of the authentication server that carries, and with the server password mo that self stores on the device, calculates encrypted result q, and q=fo (K, mo, N);
(g) encryption device compares q and Q, if equate, mo=Mo and fo=Fo are described, this server is not a trap, continues; If do not wait, then display alarm information and interrupt run;
(h) as if q=Q, encryption device calls the cryptographic algorithm f1 that shows own identity that carries, and with the encryption device password m1 that stores on the encryption device, calculates encrypted result a1, a1=f1 (K, m1, N) (wherein a1 can be described as answer);
(i) user imports server by network or phone with a1;
(j) encryption algorithm F 1 of server calls server, and find M1 by the number of the account of user input, also calculate encrypted result A1 then, A1=F1 (K, M1, N);
(k) server compares A1 and a1, if equate, m1=M1 is described, and f1=F1, and authentication is finished.
Authentication method also comprises the affirmation of transaction content, and transaction content is confirmed may further comprise the steps:
(A) user imports the other side's number of the account T on the net;
(B) server produces a random number Y, and (T, Mo Y), and are shown to the user with Y and Q ' to calculate Q '=Fo;
(C) user imports T on encryption device, Y and Q ';
(D) encryption device calls cryptographic algorithm fo, and with the mo that stores on the encryption device, calculates encrypted result q ', and q '=fo (T, mo, Y);
(E) relatively q ' and Q ' of encryption device if equate, illustrates mo=Mo, fo=Fo, and the T value do not distorted, and this server is not a trap, continuation; If do not wait, then display alarm information and interrupt run;
(F) as if q '=Q ', encryption device calls cryptographic algorithm f1, and with the m1 that stores on the device, calculates encrypted result a1 ', and a1 '=f1 (T, m1, Y);
(G) user by network or phone with a1 ' input server;
(H) the server calls encryption algorithm F 1, and finds M by the number of the account of user's input, also calculates encrypted result A1 ' then, and A1 '=F1 (T, M1, Y);
(I) relatively A1 ' and a1 ' of server if equate, illustrates m1=M1, f1=F1, and the T value examines once more, and the other side's number of the account affirmation of transaction is errorless;
(J) after the affirmation of finishing the other side's number of the account, also adopt identical affirmation step for payment.
Above-mentioned cryptographic algorithm fo, f1, Fo, F1 all adopt the One-Way Encryption function, as One-way encryption algorithm such as MD5, SHA-256.Long for the position of reducing input, also can on these Standard Encryption methods, carry out the long variation in position or select other One-Way Encryption method.
Basic ideas of the present invention are to chop connection off, isolate.With own computer is had unique control since can not guarantee being perfectly safe of computer, just simply abandon vying with each other in computer, and the password of core and cryptographic algorithm are isolated, make independent encryption device.Powerful again, the viral wooden horse of hacker is severe again, and can't invade one does not have the system of physical connection with computer and network yet.
Be different from popular USB Key and IC smart card at present, the encryption device among the present invention can not connect computer without any electronic connecting interface, can not connect any card reader or other electronic equipment.Encryption device comprises keyboard, display screen, microcontroller MCU, power supply, and keyboard, display screen, power supply are connected with microcontroller MCU respectively, and microcontroller MCU comprises memory and arithmetic element.Encryption device among the present invention is isolated from the outside fully.The function class of this encryption device is similar to a calculator, can pass through keyboard input digit and letter, also can read result calculated by display screen.Different with calculator is that this card is not to calculate addition subtraction multiplication and division, but calculates encryption algorithm F and display result.
This encryption device is finished following basic function:
1, there is server password mo.
2, there is the cryptographic algorithm fo that is used for authentication server.
3, there is electronic cipher clip pin m1.
4, there is the cryptographic algorithm f1 that shows own identity.
5, can receive information by keyboard input, and with the information of input and built-in password as parameter, move cryptographic algorithm fo, f1, result of calculation can output to display screen.
Electronic cipher calorie requirement and server co-operation.Server is finished following function:
1, storage server password Mo.
2, there is the encryption algorithm F o that shows server identity.
3, storage customer accounting code Ko
4, storage is corresponding to the password M1 of client's card number K.
5, the encryption algorithm F 1 that has checking electronic cipher card.
6, can pass through network, phone etc. and receive client input information I.
7, can produce a random number N.
8, can send random number N and put question to confirmation Q to client, and Q=F1 (I, Mo, N).
Native system has following several characteristics:
1, core encryption function and password are deposited in independently in the encryption device.This device is isolated fully, can not be read internal information by computer and any other equipment, and the information input of encryption device can only adopt its keypad that carries by the staff typing, and output only can be read with human eye by display screen.Cryptographic algorithm and password that encryption device stores all can't be read, and also can't repeatedly sound out by computer or instrument.Key message is deposited in the mode of independent encryption device, make core encryption function and password thoroughly break away from and deposit easily attacked or spy on computers passive, broken away from the attacking and defending of hacker, virus and wooden horse and tangled.
2, the core authentication occurs between server and the encryption device, does not need to depend on computer and carries out the core computations.This method can not used when having computer and the Internet, as being used for telephone bank.This method and computer encipher technology be not conflict also, can be used with encryption methods such as digital certificate, USB Key, dynamic keyboards.
3, Deng Lu process no longer is traditional number of the account, pin mode, and changes to the mode of number of the account, enquirement, answer.Login process is two-way confirmation and non-traditional unilateral authentication.The affirmation of identity and transaction has two-way characteristics, and encryption device also will be confirmed the validity of server.Therefore the hacker can't adopt duplicity means such as fishing website to extract password.
4, the characteristic that has dynamic password, each question and answer that propose of using all may be different, have randomness.Puing question to the problem asked is random number (or sequence number) N and cryptographic calculation Q as a result, because N is a parameter, so problem is all becoming at every turn; And answer the function be based on number of the account, password and N, because N is a parameter, so cryptographic calculation results has uncertain variation, thereby answers and also have uncertain variation.As long as the random number that produces does not repeat, the process of problem can constantly change, and has randomness.Therefore, under the situation that phone, computer are monitored, also can guarantee safety.
5, the operation result that is confirmed to be comparison encryption algorithm F o and N of identity and transaction, do not need to find the solution password Mo and M1, therefore, the present invention has very wide adaptability for cryptographic algorithm, can use multiple encryption algorithms and need not depend on certain specific algorithm, can accomplish a kind of algorithm of a collection of user, even algorithm that can each user all changes, and can adopt irreversible algorithm, make that extrapolating password according to ciphertext hardly may.Simultaneously, password mo that stores on the encryption device and m1 do not have the long restriction in position yet, and needing only computational speed can tolerate, just can use very long password.Because only need among the present invention few information such as number of the account, the amount of money are done computations, amount of calculation is less, thereby adopts the password of overlength just to become possibility.The algorithm that changes all the time adds the password of possibility overlength, makes the present invention have high fail safe.
6, the characteristics that have two-way authentication.The present invention is not only the unilateral authentication of server to the client, and the validity that client also can be screened server by the validity that check is putd question to is only just answered after the validity of puing question to having confirmed, thereby can effectively be resisted " fishing " trap.
7, not only can finish the affirmation of identity, also can confirm, can effectively resist distorting transaction content to the other side's number of the account and dealing money in the electronic transaction.
On basic functions, encryption device among the present invention and confirmation method also can be done following function expansion:
One, simplify input and application extension:
The present invention is owing to needing input information on encryption device by hand, and is comparatively loaded down with trivial details.Therefore, be necessary to make input to become succinct.
Can have following a few place to improve:
If a. an encryption device has only a number of the account using, then can when identity validation, omit the step of input customer accounting code.Customer accounting code can be solidificated in the encryption device, maybe can adopt the particular algorithm of default number of the account, also can establish " login " key on card and come this algorithm of quick calling.
B. when confirming payment, the other side's number of the account and payment can be merged affirmation, be about to the quaternary function that encryption function changes F (T, J, M, N) into.Can on card, establish one " payment " key and come this merge algorithm of quick calling.
C. this method and device also can be used for ATM or bank counter.In this applied environment, we can think that server side is safe and reliable, at this moment can omit the validity check to server side.Server can directly be putd question to random number or sequence number in application, and needn't calculate Q.Client can be omitted the input of Q and skip validity check to puing question to, can improve operating speed effectively like this.
D. except identity and transaction were confirmed, the present invention also can be applicable to other operations such as Web bank, securities trading, online game.By giving the code of various operating and settings reservations, just can bring these codes into encryption function and calculate, thereby guarantee the fail safe operated.To be limited to 999 yuan in online payment every day be example to be provided with in bank, and the code that can arrange " the online payment every day upper limit is set " this operation is 501, and encryption function is brought in the calculating 501 and 999, thereby can guarantee that 501 and 999 are not distorted.
Two, improve the use of random number N:
In when login, the encryption function of server has been used random number N, function be Q=F (K, M, N).For a client, F, K, M fix, so the Q value depends on the variation of N.Though N is a random number, is repeatedly being attacked or continued for a long time might repeat under the situation of tracking.Because Q and N are exposed in the transport process, the answer of electronic cipher card simultaneously also is the function about N, and it also exposes, if repetition has taken place in N, and the risk falsely used of existence just.Therefore, be necessary to guarantee that random number N can not repeat.Selectable improving one's methods is:
A, usefulness sequence number S replace random number N.Sequence number S is the trial login of unidirectional growth one by one or the number of times of account transfer.
B, come to substitute N jointly with number of attempt S and number of success C.Oneself attempts having logined 76 times altogether as a number of the account, has wherein successfully logined 75 times, can count 00760075.Adopt this mode at first can guarantee can not repeat, simultaneously also can allow the user know whether its account was attacked, thus can the early warning user, to take appropriate measures in advance.
Adopt the method for sequence number need set a upper limit, overturn to prevent counter.
Three, add startup password and time-delay shutdown automatically:
In order to prevent to be usurped by the people after card from losing, encryption device also can add startup password P, and startup password can have two kinds of occupation modes:
A. startup password only is used to activate encryption device, has only and has imported correct startup password, and encryption device could be worked.Startup password and be not used in and server between authentication.
B. startup password participates in authenticate-acknowledge as the monobasic of encryption function.Promptly add the record of startup password at server, encryption device and server change encryption function into and comprise startup password P at five interior meta-functions.
In order to prevent that startup password from being abused, encryption device should have the automatic timing shut-off function.Usually should be set at the shutdown automatically after idle a few minutes of start back or keyboard, to economize on electricity and to prevent that encryption device is stolen.
Four, add the warning startup password, realize concealed the warning:
Under the situation that adopts startup password, the function that can add alarm code to encryption device.Server and encryption device can have the alarm code m2 of a special agreement in advance, in case this sign indicating number is used, just report to the police automatically.When the owner of card is waited by kidnapping in particular cases being coerced to reveal startup password, alarm code can be revealed to the bandit.The bandit uses the alarm code can normal boot-strap, but when login account, the result of discovering server encryption function computing can not with normal password m1 coupling, but can with result's coupling of alarm code m2, can conclude that alarm code is activated.The automatic also special flow process of secret start-up system of reporting to the police of server; as show transfer accounts success and Frozen Account when transferring accounts; notify police and bank of opposite side to follow the trail of withdrawer etc. simultaneously; under the unwitting situation of bandit; realize secret the warning; thereby can at utmost protect client's personal safety and property safety, and clue to solve the case can be provided as early as possible.
Description of drawings
Fig. 1 is the schematic diagram of encryption device of the present invention;
Fig. 2 is an encryption device internal module schematic diagram of the present invention.
Embodiment
Encryption device 1 comprises keyboard 3, display screen 2, microcontroller MCU, power supply, and keyboard 3, display screen 2, power supply are connected with microcontroller MCU respectively, microcontroller MCU internal memory and arithmetic element.
Embodiment 1
Adopt both parties' mutual authentication method of above-mentioned encryption device 1, authentication method comprises identity validation, and identity validation may further comprise the steps:
(a) the customer service merchant allots independently encryption device to special-purpose client;
(b) user is connected to server and imports customer accounting code K by network or phone;
(c) server retrieves server password Mo and the encryption algorithm F o that shows server identity according to customer accounting code K;
(d) server produces a random number N, calculates encrypted result Q, and (K, Mo N), and are shown to the user with N and Q to Q=Fo;
(e) user imports number of the account K, random number N and the encrypted result Q of oneself on encryption device;
(f) encryption device calls the cryptographic algorithm fo of the authentication server that carries, and with the server password mo that self stores on the device, calculates encrypted result q, and q=fo (K, mo, N);
(g) encryption device compares q and Q, if equate, mo=Mo and fo=Fo are described, this server is not a trap, continues; If do not wait, then display alarm information and interrupt run;
(h) as if q=Q, encryption device calls the cryptographic algorithm f1 that shows own identity that carries, and with the encryption device password m1 that stores on the encryption device, calculates encrypted result a1, and a1=f1 (K, m1, N);
(i) user imports server by network or phone with a1;
(j) encryption algorithm F 1 of server calls server, and find M1 by the number of the account of user input, also calculate encrypted result A1 then, A1=F1 (K, M1, N);
(k) server compares A1 and a1, if equate, m1=M1 is described, and f1=F1, and authentication is finished.
Embodiment 2
Adopt both parties' mutual authentication method of above-mentioned encryption device 1, authentication method comprises identity validation and transaction content affirmation, and identity validation is identical with embodiment 1 step, and transaction content is confirmed may further comprise the steps:
(A) user imports the other side's number of the account T on the net;
(B) server produces a random number Y, and (T, Mo Y), and are shown to the user with Y and Q ' to calculate Q '=Fo;
(C) user imports T on encryption device, Y and Q ';
(D) encryption device calls cryptographic algorithm fo, and with the mo that stores on the encryption device, calculates encrypted result q ', and q '=fo (T, mo, Y);
(E) relatively q ' and Q ' of encryption device if equate, illustrates mo=Mo, fo=Fo, and the T value do not distorted, and this server is not a trap, continuation; If do not wait, then display alarm information and interrupt run;
(F) as if q '=Q ', encryption device calls cryptographic algorithm f1, and with the m1 that stores on the device, calculates encrypted result a1 ', and a1 '=f1 (T, m1, Y);
(G) user by network or phone with a1 ' input server;
(H) the server calls encryption algorithm F 1, and finds M by the number of the account of user's input, also calculates encrypted result A1 ' then, and A1 '=F1 (T, M1, Y);
(I) relatively A1 ' and a1 ' of server if equate, illustrates m1=M1, f1=F1, and the T value examines once more, and the other side's number of the account affirmation of transaction is errorless;
(J) after the affirmation of finishing the other side's number of the account, also adopt identical affirmation step for payment.

Claims (9)

1. an inquiry answer type bidirectional identification, transaction confirmation method, confirmation method comprises identity validation, it is characterized in that: identity validation may further comprise the steps:
(a) the customer service merchant allots independently encryption device to special-purpose client;
(b) user is connected to server and imports customer accounting code K by network or phone;
(c) server retrieves server password Mo and the encryption algorithm F o that shows server identity according to customer accounting code K;
(d) server produces a random number N, calculates encrypted result Q, and (K, Mo N), and are shown to the user with N and Q to Q=Fo;
(e) user imports number of the account K, random number N and the encrypted result Q of oneself on encryption device;
(f) encryption device calls the cryptographic algorithm fo of the authentication server that carries, and with the server password mo that self stores on the device, calculates encrypted result q, and q=fo (K, mo, N);
(g) encryption device compares q and Q, if equate, mo=Mo and fo=Fo are described, this server is not a trap, continues; If do not wait, then display alarm information and interrupt run;
(h) as if q=Q, encryption device calls the cryptographic algorithm f1 that shows own identity that carries, and with the encryption device password m1 that stores on the encryption device, calculates encrypted result a1, and a1=f1 (K, m1, N);
(i) user imports server by network or phone with a1;
(j) encryption algorithm F 1 of server calls server, and find M1 by the number of the account of user input, also calculate encrypted result A1 then, A1=F1 (K, M1, N);
(k) server compares A1 and a1, if equate, m1=M1 is described, and f1=F1, and authentication is finished.
2. method according to claim 1 is characterized in that authentication method also comprises the affirmation of transaction content,
Transaction content is confirmed may further comprise the steps:
(A) user imports the other side's number of the account T on the net;
(B) server produces a random number Y, and (T, Mo Y), and are shown to the user with Y and Q ' to calculate Q '=Fo;
(C) user imports T on encryption device, Y and Q ';
(D) encryption device calls cryptographic algorithm fo, and with the mo that stores on the encryption device, calculates encrypted result q ', and q '=fo (T, mo, Y);
(E) relatively q ' and Q ' of encryption device if equate, illustrates mo=Mo, fo=Fo, and the T value do not distorted, and this server is not a trap, continuation; If do not wait, then display alarm information and interrupt run;
(F) as if q '=Q ', encryption device calls cryptographic algorithm f1, and with the m1 that stores on the device, calculates encrypted result a1 ', and a1 '=f1 (T, m1, Y);
(G) user by network or phone with a1 ' input server;
(H) the server calls encryption algorithm F 1, and finds M by the number of the account of user's input, also calculates encrypted result A1 ' then, and A1 '=F1 (T, M1, Y);
(I) relatively A1 ' and a1 ' of server if equate, illustrates m1=M1, f1=F1, and the T value examines once more, and the other side's number of the account affirmation of transaction is errorless;
(J) after the affirmation of finishing the other side's number of the account, also adopt identical affirmation step for payment.
3. method according to claim 1 is characterized in that default alarm cipher m2 on server and the encryption device, and when alarm cipher m2 default in login password and the server was complementary, server sent alarm signal, realizes concealed warning function.
4. method according to claim 1 is characterized in that cryptographic algorithm fo, f1, Fo, F1 all adopt the One-Way Encryption function.
5. method according to claim 4 is characterized in that cryptographic algorithm is unfixing, and promptly different users adopts different cryptographic algorithm, and same user can adopt different cryptographic algorithm.
6. encryption device that adopts the described method of claim 1, it is characterized in that encryption device comprises keyboard, display screen, microcontroller MCU, power supply, keyboard, display screen, power supply are connected with microcontroller MCU respectively, and microcontroller MCU comprises memory and arithmetic element.
7. according to the described encryption device of claim 6, it is characterized in that the cryptographic algorithm fo of storage server password mo, authentication server on the memory, the cryptographic algorithm f1 that shows the own identity of encryption device, encryption device password m1.
8. according to the described encryption device of claim 6, it is characterized in that the startup password of storage encryption device on the memory.
9. according to the described encryption device of claim 6, it is characterized in that the concealed alarm cipher of storage on the memory, can realize concealed the warning.
CN2008100883729A 2007-12-24 2008-04-03 Method for determining inquiry answer type bidirectional identification and business Expired - Fee Related CN101471770B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2008100883729A CN101471770B (en) 2007-12-24 2008-04-03 Method for determining inquiry answer type bidirectional identification and business

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
CN200710305375.9 2007-12-24
CN200710305375 2007-12-24
CN2008100883729A CN101471770B (en) 2007-12-24 2008-04-03 Method for determining inquiry answer type bidirectional identification and business

Publications (2)

Publication Number Publication Date
CN101471770A true CN101471770A (en) 2009-07-01
CN101471770B CN101471770B (en) 2011-08-03

Family

ID=40828912

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2008100883729A Expired - Fee Related CN101471770B (en) 2007-12-24 2008-04-03 Method for determining inquiry answer type bidirectional identification and business

Country Status (1)

Country Link
CN (1) CN101471770B (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102255728A (en) * 2011-06-27 2011-11-23 成都天钥科技有限公司 Identity recognition method for computer system
CN102868688A (en) * 2012-09-05 2013-01-09 天地融科技股份有限公司 Certification system and method and electronic signature tool
CN103516524A (en) * 2013-10-21 2014-01-15 北京旋极信息技术股份有限公司 Security authentication method and system
WO2014187118A1 (en) * 2013-05-23 2014-11-27 Tencent Technology (Shenzhen) Company Limited Verification method, apparatus, server and system
CN105530229A (en) * 2014-10-21 2016-04-27 西安诺瓦电子科技有限公司 Terminal and server end authentication method and automatic authentication system
CN106789051A (en) * 2017-03-24 2017-05-31 北京奇虎科技有限公司 A kind of method for protecting file, device and computing device
CN107615704A (en) * 2015-05-25 2018-01-19 邵通 A kind of device, method and system of the anti-fishing of network
CN110378759A (en) * 2019-06-12 2019-10-25 上海同鑫信息技术咨询有限公司 Two-way confirmation method of commerce, device, computer system and readable storage medium storing program for executing

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1787515A (en) * 2004-12-10 2006-06-14 虞淑瑶 Strong command bidirectional identification protocol based on safety hash function
CN1668136A (en) * 2005-01-18 2005-09-14 中国电子科技集团公司第三十研究所 A method for implementing security communication between mobile self-organized network nodes

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102255728A (en) * 2011-06-27 2011-11-23 成都天钥科技有限公司 Identity recognition method for computer system
CN102255728B (en) * 2011-06-27 2014-07-09 成都天钥科技有限公司 Identity recognition method for computer system
CN102868688A (en) * 2012-09-05 2013-01-09 天地融科技股份有限公司 Certification system and method and electronic signature tool
CN102868688B (en) * 2012-09-05 2015-05-06 天地融科技股份有限公司 Certification system and method and electronic signature tool
WO2014187118A1 (en) * 2013-05-23 2014-11-27 Tencent Technology (Shenzhen) Company Limited Verification method, apparatus, server and system
CN103516524A (en) * 2013-10-21 2014-01-15 北京旋极信息技术股份有限公司 Security authentication method and system
CN105530229A (en) * 2014-10-21 2016-04-27 西安诺瓦电子科技有限公司 Terminal and server end authentication method and automatic authentication system
CN107615704A (en) * 2015-05-25 2018-01-19 邵通 A kind of device, method and system of the anti-fishing of network
CN106789051A (en) * 2017-03-24 2017-05-31 北京奇虎科技有限公司 A kind of method for protecting file, device and computing device
CN106789051B (en) * 2017-03-24 2020-01-31 北京奇虎科技有限公司 method, device and computing equipment for protecting files
CN110378759A (en) * 2019-06-12 2019-10-25 上海同鑫信息技术咨询有限公司 Two-way confirmation method of commerce, device, computer system and readable storage medium storing program for executing
CN110378759B (en) * 2019-06-12 2024-03-12 上海同鑫信息技术咨询有限公司 Bidirectional confirmation transaction method, device, computer system and readable storage medium

Also Published As

Publication number Publication date
CN101471770B (en) 2011-08-03

Similar Documents

Publication Publication Date Title
CN101471770B (en) Method for determining inquiry answer type bidirectional identification and business
EP3073670B1 (en) A system and a method for personal identification and verification
US9519764B2 (en) Method and system for abstracted and randomized one-time use passwords for transactional authentication
US5193114A (en) Consumer oriented smart card system and authentication techniques
JP2000516734A (en) Certainty certification system
US20070074273A1 (en) Method and device for increasing security during data transfer
WO1999024895A1 (en) Tamper resistant method and apparatus
CN101897165A (en) Method of authentication of users in data processing systems
CN101216923A (en) A system and method to enhance the data security of e-bank dealings
US20130024377A1 (en) Methods And Systems For Securing Transactions And Authenticating The Granting Of Permission To Perform Various Functions Over A Network
Faisal et al. The evolution of embedding metadata in blockchain transactions
EP3639501A1 (en) Systems and methods for differentiated identification for configuration and operation
Ahmed et al. A self-sovereign identity architecture based on blockchain and the utilization of customer’s banking cards: The case of bank scam calls prevention
Wong et al. An enhanced user authentication solution for mobile payment systems using wearables
Nowroozi et al. Cryptocurrency wallets: assessment and security
CA2611549C (en) Method and system for providing a secure login solution using one-time passwords
JP2002358418A (en) Transaction system
Smith Trajectories of cybercrime
Agoyi et al. The use of SMS encrypted message to secure automatic teller machine
JPH0368582B2 (en)
Muslimin et al. Islamic Law Perspective on Cybercrime in The Financial Services Industry
Madhusudhan et al. An enhanced biometrics-based remote user authentication scheme using mobile devices
WO2005057510A1 (en) Authentication method and system
Das et al. Towards a formal verification of an authentication protocol using non-monotonic logic
Simmons Secure communications in the presence of pervasive deceit

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
DD01 Delivery of document by public notice

Addressee: Mao Hua

Document name: Notification to Pay the Fees

CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20110803

Termination date: 20150403

EXPY Termination of patent right or utility model