CN102300182B - Short-message-based authentication method, system and device - Google Patents
Short-message-based authentication method, system and device Download PDFInfo
- Publication number
- CN102300182B CN102300182B CN 201110264451 CN201110264451A CN102300182B CN 102300182 B CN102300182 B CN 102300182B CN 201110264451 CN201110264451 CN 201110264451 CN 201110264451 A CN201110264451 A CN 201110264451A CN 102300182 B CN102300182 B CN 102300182B
- Authority
- CN
- China
- Prior art keywords
- time
- authentication
- identifying code
- current time
- current
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 49
- 238000003860 storage Methods 0.000 claims abstract description 17
- 238000004364 calculation method Methods 0.000 claims abstract description 14
- 230000005540 biological transmission Effects 0.000 claims description 35
- 239000000284 extract Substances 0.000 claims description 9
- 230000003247 decreasing effect Effects 0.000 claims description 4
- 238000000205 computational method Methods 0.000 claims description 3
- 238000000151 deposition Methods 0.000 claims 1
- 238000010200 validation analysis Methods 0.000 description 7
- 230000014759 maintenance of location Effects 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000009191 jumping Effects 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 244000144985 peep Species 0.000 description 1
Images
Landscapes
- Storage Device Security (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention discloses a short-message-based authentication method, a short-message-based authentication system and a short-message-based authentication device, which relate to the technical field of network security. The authentication system comprises a server, a client and a mobile phone. The authentication device which is the server comprises a transmitting and receiving module, a storage module, a counting module, a judgment module, a generation module, an authentication module, a control module and a calculation module. In the short-message authentication method, the server generates an authentication code, records authentication code generation time, and transmits the generated authentication code to the mobile phone of a user in an out-of-band way; the user inputs the authentication code into the client; and the client transmits the authentication code to the server for authentication, so man-in-the-middle attacks can be prevented to a certain extent; moreover, the authentication code generated by the server has timeliness and may become invalid upon expiration.
Description
Technical field
The present invention relates to the network security technology field, particularly a kind of auth method based on note, system and device.
Background technology
At present; the user is during by client having of using that server end the provides software that authority requires or application program; server requires the user to input corresponding password and account information by client usually; to prevent entering of disabled user; but be under the hacker software network environment in vogue; usually the phenomenon that user cipher is stolen can appear, therefore, and having of having encroached on seriously that validated user uses that server end the provides software that authority requires or the rights and interests of application program.
Identity validation technology commonly used in the prior art has: the static password authentication techniques, the legitimacy that it authenticated and identified the user with user's number of the account name and password, its main feature is with specific number of the account of a fixing password deexcitation, but because password and number of the account are as soft sign, static constant, and in network, transmit, there are many drawbacks and security breaches, at its technology that cracks in continuous development, the many tool and methods that can steal account number cipher have been produced, for example take to steal, decode, peep, defraud of etc., in addition the user is created, memory, having relatively high expectations of change password, password is set and is cracked simply easily very much, establishes too complicatedly, just passes into silence easily.
Summary of the invention
At above-mentioned the deficiencies in the prior art, the invention provides a kind of auth method based on note, system and device, authentication information transmits the secrecy height, also need not to be equipped with specific authentication equipment.
The technical scheme that the present invention takes is that a kind of authentication means based on note comprises:
First transceiver module be used for to receive user profile, logging request and the identifying code that client sends and is transferred to authentication module, is used for returning the respective acknowledgement result to client; Also be used for receiving the next identifying code of generation module transmission and send the note that comprises identifying code to the cell-phone number with current logging request binding;
Memory module is used for storing subscriber information, cell-phone number, initial reference time, check code rise time, authentication radix, timestamp, time to live, user key;
Counting module is used for the authentication radix is counted, and is that the current authentication radix is transferred to memory module with count results, is used for giving memory module to the timestamp zero clearing and with the zero clearing result transmission;
Judge module is used for judging whether the current time stabs is zero, is used for also judging whether the current time stamp exceeds time to live;
Generation module is used for obtaining the current authentication cardinal sum user key of memory module and generating identifying code or check code, and the identifying code that is used for generating is transferred to first transceiver module, and the check code that generates is transferred to authentication module;
Authentication module be used for to receive the check code that identifying code that the transmission of first transceiver module comes and generation module transmission come, and compares whether both consistent, and comparison result is transferred to control module; Whether with memory module stored user information consistent, and will verify that result transmission is to control module if also being used for the next user profile of checking first transceiver module transmission;
Control module, be used for comparison result and checking result that the transmission of Receipt Validation module comes, and send the return code of authentication success or failure according to comparison result to first transceiver module, control first transceiver module according to the checking result and whether send replying by interim checking to client;
Computing module is used for calculating the difference of current time and initial reference time, is used for calculating the pre-step-length that increases of authentication radix according to difference and time to live.
Described memory module also is used for the storage identifying code, then replaces the identifying code of current storage with the described identifying code that receives when memory module receives the identifying code that generation module sends; The identifying code that described generation module also is used for generating is transferred to memory module; Described authentication module also is used for directly obtaining identifying code from memory module, and whether compare the described identifying code that obtains consistent with the identifying code that first transceiver module transmission that receives comes, and comparison result is transferred to control module.
A kind of authentication system based on note comprises authentication means, client and mobile phone,
Described authentication means, be used for receiving user's logging request and the user profile that client transmissions is come, send to user mobile phone for generation of identifying code, also for receiving the identifying code that client transmissions is come, whether the identifying code that checking receives correctly also will verify that the result returns to client;
Described client, be used for receiving the logging request of user's input and user profile and described logging request are sent to described authentication means, be used for receiving the identifying code of user's input and sending to described authentication means and receive the checking result that described authentication means is returned;
Described mobile phone be used for to receive the identifying code that described authentication means sends and is shown to the user.
Described client comprises:
Second transceiver module be used for to receive identifying code and the logging request of user's input and sends to authentication means, is used for receiving checking result that described authentication means returns and replying by interim checking whether;
LCD MODULE: be used for to show checking result that described authentication means that described second transceiver module receives is returned and replying by interim checking whether.
Described mobile phone comprises:
The 3rd transceiver module be used for to receive the note that described authentication means sends and is transferred to the note memory module;
The note memory module is used for the note that described the 3rd transceiver module transmission of storage comes;
Display module is used for obtaining note and demonstration from described note memory module.
A kind of auth method based on note comprises that server generates the process of identifying code and the process of the identifying code that described server authentication receives;
The process that described server generates identifying code may further comprise the steps,
Step S1: server receives user's logging request;
Step S2: described server judges whether the current time stabs is invalid, is execution in step S3 then, otherwise execution in step S4;
Step S3: described server generates identifying code and upgrades the current time and stab, then execution in step S5;
Step S4: described server judges whether the current time exceed time to live, is then to generate identifying code to carry out next step then, otherwise generates identifying code and upgrade the current time and stab and carry out next step then; Be specially if the time value of current time adds the time value that time to live obtains greater than the current time stamp, then the current time exceeds time to live.
Step S5: described server sends described identifying code and arrives the cell-phone number of binding with described user's logging request;
The process of the identifying code that described server authentication receives may further comprise the steps,
Step S6: described server receives identifying code and second user profile, judges whether the current time exceed time to live, is authentification failure then, otherwise carries out next step;
Step S7: described server generates check code, described check code and the described identifying code that receives compared, if unanimity is then carried out next step, otherwise authentification failure;
Step S8: server will stab the current time be set to invalid;
Step S9: authentication success.
Described step S1 is specially: server receives user's logging request that client is sent, therefrom extract first user profile, whether retrieval exists the user profile that conforms to described first user profile in database, if exist then by interim checking, described server extracts the cell-phone number with described first user profile binding from database, if there is not then authentification failure.Described step S6 comprises that also described server receives described identifying code and described second user profile, and judge whether described second user profile is consistent with described first user profile of storage, if unanimity is then judged the current time and whether exceeded time to live, otherwise authentification failure.Comprise before the described step S2: described server obtains the current authentication cardinal sum current time and stabs from database; The described server of step S3 generates identifying code and upgrades the current time and stab and be specially described server and obtain key according to first user profile, adopt a password generating algorithm that described key and current authentication radix are calculated the generation identifying code, and will stab the time that is updated to the generation identifying code current time; If the current time does not exceed time to live then to be generated identifying code and be specially described server and obtain key according to first user profile, adopt a password generating algorithm that described key and current authentication radix are calculated the generation identifying code described in the step S4; Then generate identifying code and upgrade the current time and stab and to be specially if the current time exceeds time to live described in the step S4: described server calculates the current authentication radix and upgrades the current authentication radix with result of calculation by preset rules; Described server obtains key according to first user profile, and described server adopts a password generating algorithm that described key and current authentication radix are calculated the generation identifying code, will stab the current time to be updated to the time that generates described identifying code.The described server generation of step S7 check code is specially described server and obtains the current authentication radix, obtains key according to second user profile, adopts a password generating algorithm that described key and current authentication radix are calculated the generation check code;
Described step S3 or step S8 also comprise: server calculates and records result of calculation with the current authentication radix by preset rules, upgrades the current authentication radix with result of calculation.
The described current authentication radix is calculated by preset rules is specially the default step-length of current authentication radix increasing or decreasing.
Step S6 is described to judge whether the current time exceeds time to live and be specially the time value of judging the current time and whether stab greater than the current time and add the time value that time to live obtains.
The described current time stamp of step S8 is set to invalid preferably the setting current time is stabbed zero clearing.
Can comprise before the described step S2: described server obtains initial reference time, check code rise time, time to live, current authentication cardinal sum current time stamp from database, the current time is read in the clock source internally, and described server calculates first step-length according to initial reference time, current time, time to live; The described server of step S3 generates identifying code and upgrades the current time stamp and comprises:
Step 205: judging whether the current time exceed time to live, is execution in step 205-1 then, otherwise execution in step 205-1 '; Be specially and judge whether the current time exceeds the check code rise time and add the time value that time to live obtains.
Step 205-1 ': the current authentication radix is increased the current authentication radix of storing in the storehouse of replacement data as a result that obtains after second step-length, execution in step 205-1 then;
Step 205-1: calculate first count value according to current authentication cardinal sum first step-length, then execution in step 205-2;
Step 205-2: generate identifying code according to described first count value, will stab the time that is updated to the generation identifying code current time;
Then do not generate identifying code and be specially if the current time exceeds time to live described in the step S4:
Described server calculates second count value according to current authentication cardinal sum first step-length;
Described server obtains key according to first user profile, adopts a password generating algorithm that described key and described second count value are calculated the generation identifying code;
Then generate identifying code and upgrade the current time and stab and to be specially if the current time exceeds time to live described in the step S4:
Described server calculates second count value according to current authentication cardinal sum first step-length;
Described server obtains key according to first user profile, adopts a password generating algorithm that described key and described second count value are calculated the generation identifying code, and described server will stab and be updated to the time that generates identifying code the current time;
The described server of step S7 generates check code and is specially:
Calculate the 3rd step-length according to initial reference time, current time, time to live;
Server obtains the current authentication radix, obtains the 3rd count value according to current authentication cardinal sum the 3rd step size computation;
Described server obtains key according to second user profile, adopts a password generating algorithm that described key and described the 3rd count value are calculated the generation check code;
Comprise the record check code rise time before the step S8.
The computational methods of described first step-length and the 3rd step-length will be for will be converted to a relative value current time, and described relative value refers to the difference of current time and initial reference time, with described relative value divided by time to live and round numbers part.
Described step S3 available step S3 ' replaces, and described step S4 available step S4 ' replaces, and described step S7 available step S7 ' replaces, and
Described step S3 ' is, the identifying code that described server generates identifying code and more stores in the new database with the identifying code of described generation will stab the time that is updated to the generation identifying code current time;
Described step S4 ' is, described server judges whether the current time exceed time to live, carries out next step then;
If the current time does not exceed time to live and then obtains the identifying code of storing in the database, if the current time exceeds the then described server identifying code that generates identifying code and more store in the new database with the identifying code of described generation of time to live, will stab the time that is updated to the generation identifying code current time;
Described step S7 ' is, described server obtains the identifying code of storing in the database, and described server is compared the identifying code of storing in the identifying code that receives and the described database that obtains, if the comparison result unanimity is then carried out next step, otherwise authentification failure.
The present invention has following beneficial effect:
1. identifying code is produced by server, is sent to the user by the tyre mode, can stop man-in-the-middle attack to a certain extent;
2. identifying code possesses ageingly, becomes invalid after the specified date.
Description of drawings
Fig. 1 is a kind of authentication system schematic diagram based on note that embodiment 1 provides;
Fig. 2 is a kind of authentication means composition frame chart based on note that embodiment 2 provides;
Fig. 3 is a kind of auth method flow chart based on note that embodiment 3 provides;
Fig. 4 is that the another kind that provides of embodiment 4 is based on the auth method flow chart of note;
Fig. 5 is another auth method flow chart based on note that embodiment 4 provides.
Embodiment
The invention will be further described below in conjunction with the drawings and specific embodiments, but not as a limitation of the invention.
Embodiment 1
Present embodiment 1 provides a kind of authentication system based on note, comprises server 10, client 20, mobile phone 30, and described server 10 is equivalent to a kind of authentication means, wherein,
Described server 10 is used for receiving user's logging request and the user profile that client 20 transmission come, send to user mobile phone 30 for generation of identifying code, also the identifying code that comes for 20 transmission of reception client verifies whether the identifying code that receives correctly also will verify that the result returns to client 20;
Described client 20 is used for receiving the logging request of user's input and user profile and logging request is sent to server 10, is used for receiving the identifying code of user's input and sends to server 10 and checking result that reception server 10 returns;
Described mobile phone 30 is used for the identifying code that reception server 10 sends and is shown to the user.
Described server 10 comprises first transceiver module 101, memory module 102, counting module 103, judge module 104, generation module 105, authentication module 106, control module 107 and computing module 108;
In the present embodiment, first transceiver module 101 is concrete to be used for receiving user profile, logging request and the identifying code that client 20 sends and to be transferred to authentication module 106, is used for returning the respective acknowledgement result to client 20.
Described memory module 102 can also be used for the storage identifying code, when server receives logging request, if the current time stabs non-vanishing and the current time do not exceed time to live then described server directly obtain the cell-phone number that described identifying code sends to active user's binding from memory module 102; Correspondingly when server receives identifying code, directly obtain the identifying code of current storage and the described identifying code that receives from memory module 102 and compare and draw the checking result.
Counting module 103 is used for the authentication radix is counted, and is that the current authentication radix is transferred to memory module 102 with count results, is used for giving memory module 102 to the timestamp zero clearing and with the zero clearing result transmission;
The identifying code that described generation module 105 also is used for generating is transferred to memory module 102.
Whether described authentication module 106 can also be used for the next identifying code of comparison first transceiver module 101 transmission consistent with the identifying code that obtains from memory module 102, and comparison result is transferred to control module 107;
Computing module 108: be used for calculating the difference of current time and initial reference time, be used for calculating the pre-step-length that increases of authentication radix according to difference and time to live;
103 pairs of authentications of described counting module radix calls the step-length that computing module 108 calculates when counting.
Described client 20 comprises second transceiver module 201 and LCD MODULE 202, wherein,
Second transceiver module 201 be used for to receive identifying code and the logging request of user's input and sends to server 10, is used for checking result that reception server 10 returns and replying by interim checking whether;
LCD MODULE 202: be used for to show checking result that server 10 that second transceiver module 201 receives returns and replying by interim checking whether;
Described mobile phone 30 comprises the 3rd transceiver module 301, note memory module 302 and display module 303, wherein
The 3rd transceiver module 301 is used for the note that reception server 10 sends and is transferred to note memory module 302;
Note memory module 302 is used for the note that 301 transmission of storage the 3rd transceiver module come;
Display module 303 is used for obtaining note and demonstration from note memory module 302.
Embodiment 2
As shown in Figure 2, the present invention proposes a kind of authentication means based on note, described device comprises first transceiver module 1001, memory module 1002, counting module 1003, judge module 1004, generation module 1005, authentication module 1006, control module 1007 and computing module 1008;
In the present embodiment, first transceiver module 1001 is concrete to be used for receiving user profile, logging request and the identifying code that client sends and to be transferred to authentication module 1006, is used for returning the respective acknowledgement result to client.
Memory module 1002 is used for storing subscriber information, cell-phone number, initial reference time, check code rise time, authentication radix, timestamp, time to live, user key;
Described memory module 1002 can also be used for the storage identifying code, then replaces the identifying code of current storage with the identifying code that newly receives when memory module 1002 receives the identifying code that generation module 1005 sends.
Counting module 1003 is used for the authentication radix is counted, and is that the current authentication radix is transferred to memory module 1002 storages with count results, is used for giving memory module 1002 to the timestamp zero clearing and with the zero clearing result transmission;
In the present embodiment, be specially and whenever finish once authentication, the authentication radix is according to default step-length increasing or decreasing; For example, the initial value that preferably is set to authenticate radix is 0, finishes once authentication, and the authentication radix adds 1.Whenever finish once authentication, the current time stabs zero clearing and is recorded in the memory module 1002.
Generation module 1005 is used for obtaining the current authentication cardinal sum user key of memory module 1002 and generating identifying code or check code, and the identifying code that is used for generating is transferred to first transceiver module 1001, and the check code that generates is transferred to authentication module 1006;
The identifying code that described generation module 1005 also is used for generating is transferred to memory module 1002 storages.
Authentication module 1006 be used for to receive the check code that identifying code that 1001 transmission of first transceiver module come and generation module 1005 transmission come, and compares whether both consistent, and comparison result is transferred to control module 1007; Whether with memory module 1002 stored user information consistent, and will verify that result transmission is to control module 1007 if being used for the next user profile of checking first transceiver module 1001 transmission;
Described authentication module 1006 also is used for directly obtaining identifying code from memory module 1002, and whether compare the described identifying code that obtains consistent with the identifying code that first transceiver module, 1001 transmission that receive come, and comparison result is transferred to control module 1007.
Computing module 1008 is used for calculating the difference of current time and initial reference time, is used for calculating the pre-step-length that increases of authentication radix according to difference and time to live.1003 pairs of authentications of described counting module radix calls the step-length that computing module 1008 obtains when counting.
Embodiment 3
Present embodiment provides a kind of auth method based on note,
Wherein the process of server generation identifying code comprises the steps:
Step S1: server receives user's logging request;
Step S2: described server judges whether the current time stabs is invalid, is execution in step S3 then, otherwise execution in step S4;
Step S3: described server generates identifying code and upgrades the current time and stab, then execution in step S5;
Step S4: described server judges whether the current time exceed time to live, is then to generate identifying code to carry out next step then, otherwise generates identifying code and upgrade the current time and stab and carry out next step then;
Step S5: described server sends described identifying code and arrives the cell-phone number of binding with described user's logging request.
Wherein, the process of the identifying code that receives of server authentication may further comprise the steps:
Step S6: described server receives identifying code and second user profile, judges whether the current time exceed time to live, is authentification failure then, otherwise carries out next step;
Step S7: described server generates check code, described check code and the described identifying code that receives compared, if unanimity is then carried out next step, otherwise authentification failure;
Step S8: server will stab the current time be set to invalid;
Step S9: authentication success.Embodiment 4
Present embodiment is based on a kind of auth method based on note of embodiment 3, and the method for present embodiment proposition may further comprise the steps as shown in Figure 3:
Step 101: server receives logging request, therefrom extracts cell-phone number and first user profile with the logging request binding;
In the present embodiment, comprised before step 101: client receives login request of users, sends logging request to server;
Be specially, when login window appearred in client, the user sent logging request by the mode of importing first user profile at login window to client, and client sends to server with the logging request that receives.The user can be specially user account, password or both combinations etc. in first user profile of login window input.
First user profile that will receive when further, user end to server sends logging request sends to server.
Described step 101 is specially: server receives first user profile that client sends, in database, it is retrieved, if first user profile for example user account conforms to the information that server retrieves in database, then by interim checking, server extracts the cell-phone number of having bound with this user account.
Further, server can be stored the user profile of current login user until receiving the request of logging off that client sends after receiving logging request.
Step 102: server obtains current authentication radix, current time stamp;
The current authentication radix is recorded in the data in server storehouse, is a concrete numerical value, is used for generating identifying code;
The current time stamp is recorded in the data in server storehouse, is a concrete time value.
In the present embodiment, the preferred setting: if server receives logging request for the first time, then current authentication radix value is 0.
Step 103: server judges whether the current time stabs is invalid, if execution in step 106 then, otherwise execution in step 104;
In the present embodiment, the current time stabs and to be set to invalid preferably the setting current time is stabbed zero clearing, accordingly in this step, judges whether the current time stabs is invalid by judging that whether the current time stamp is zeroly to judge.
Step 104: server judges whether the current time exceed time to live, if exceed then execution in step 105, otherwise execution in step 107;
Time to live be one concrete be the numerical value of unit with time, be 600s such as the time to live value;
The determination methods whether current time exceeds time to live is specially: add the time value that time to live obtains if the time value of current time was stabbed greater than the current time, then the current time has exceeded time to live, for example, current time stabs and is 1:20, time to live is 600s, if then the current time exceeds 1:30 then is judged as the current time and exceeds time to live.
Step 105: the current authentication radix is upgraded the current authentication radix by preset rules calculating and with result of calculation;
Be specially the server by utilizing counter in the present embodiment the first authentication radix is carried out the calculating of increasing or decreasing, and upgrade the current authentication radix with result of calculation.Preferably, described the current authentication radix is calculated to be specially by preset rules the current authentication radix added 1 calculating.
Step 106: generate identifying code according to the current authentication radix, will stab the current time and be updated to the time that generates identifying code, execution in step 108;
Be specially in the present embodiment: server obtains the key of binding with the active user according to current stored user information, server adopts a password generating algorithm that described key and current authentication radix are calculated identifying code, and the rise time of record identifying code.Then the current time stabs effectively will to stab the time that is updated to the generation identifying code current time.
If stabbing the time equal to generate identifying code, the current time thinks that then the current time stabs effectively, then jumping to execution in step 106 from step 103 is that the current time is stabbed the effective process that is set to, carrying out step 106 from step 103 order is that an effective current time is stabbed the process of upgrading, and the timestamp after the renewal is still effective.
Step 107: generate identifying code according to the current authentication radix;
Be specially in the present embodiment: server obtains the key of binding with the active user according to current stored user information, and server adopts a password generating algorithm that described key and current authentication radix are calculated identifying code.
Step 108: server sends identifying code with short message mode to the cell-phone number with current logging request binding;
Step 109: client receives the identifying code of user's input, sends identifying code and second user profile to server;
Step 110: server Receipt Validation sign indicating number and second user profile, and first user profile with storage is consistent to judge second user profile, if unanimity execution in step 111 then, otherwise authentification failure;
Step 111: server judges whether the current time exceed time to live, if exceed then authentification failure, otherwise execution in step 112;
Be specially: server reads the current time in the clock source internally, from database, obtain the current time and stab, judge whether the current time exceed the current time and stab and add the time value that time to live obtains, if exceed then identifying code inefficacy, authentification failure does not then continue to carry out next step if exceed;
Step 112: server obtains the current authentication radix, calculates according to the current authentication radix and generates check code;
Be specially: server obtains key with second user binding according to second user profile, adopts a password generating algorithm that described key and current authentication radix are calculated check code.
Step 113: server is compared the identifying code that receives and the check code of generation, if comparison result unanimity execution in step 114 then, otherwise authentification failure;
Step 114: server calculates and records result of calculation with the current authentication radix by preset rules, the current authentication radix of more storing in the new database with result of calculation;
Described preset rules is identical with the described preset rules of step 105.
Further, step 114 can also be adjusted to step 103 back and carry out, be specially execution in step 114 when step 103 judges that it is invalid drawing the current time stamp, and then execution in step 106 will be stabbed the time that is updated to the generation identifying code current time according to current authentication radix generation identifying code.
Step 115: server will stab the current time be set to invalid, authentication success.
In the present embodiment, the every success identity of server once all can execution in step 114 and 115 operation, namely upgrades the current authentication radix, will stab the current time be set to invalid, for authentication is next time prepared.
Concrete, server can be to the checking result of the success of client return authentication or authentification failure after authentication was finished in the present embodiment.
Further, in the present embodiment above-mentioned steps 106, step 107, step 112 and step 113 also can use respectively step 106 ', step 107 ', step 112 ' and step 113 ' replacement, specific as follows:
Step 106 ': the identifying code according to the current authentication radix generates identifying code and more stores in the new database with the identifying code that generates, will stab the time that is updated to the generation identifying code current time, execution in step 108;
Concrete in the present embodiment, the renewal duration of the identifying code of storing in the server database equals time to live; Then the current time stabs effectively will to stab the time that is updated to the generation identifying code current time.
Step 107 ': obtain the identifying code of storing in the database;
Particularly, stab effectively and the current time is directly obtained identifying code when not exceeding time to live from database in the current time.
Step 112 ': server obtains the identifying code of storing in the current authentication cardinal sum current database;
Step 113 ': server is compared the identifying code of storing in the identifying code that receives and the database that obtains, if comparison result is then execution in step 114 of the two unanimity, otherwise authentification failure.
Embodiment 5
Present embodiment is based on a kind of auth method based on note of embodiment 3, and the method for present embodiment proposition may further comprise the steps as shown in Figure 4:
Step 201: server receives logging request, therefrom extracts cell-phone number and first user profile with the logging request binding;
Step 202: obtain initial reference time, check code rise time, time to live, current time, current authentication radix, current time stamp;
Step 203: calculate first step-length according to initial reference time, current time, time to live;
Be specially in the present embodiment: will be converted to a relative value current time, described relative value refers to the difference of current time and initial reference time, namely obtains first step-length with described relative value divided by time to live and round numbers part.
Step 204: judging whether the current time stabs is invalid, is execution in step 205 then, otherwise execution in step 206;
In the present embodiment, the current time stabs and to be set to invalid preferably the setting current time is stabbed zero clearing, accordingly in this step, judges whether the current time stabs is invalid by judging that whether the current time stamp is zeroly to judge.
Step 205: judging whether the current time exceed time to live, is execution in step 205-1 then, otherwise execution in step 205-1 ',
Be specially in the present embodiment: judge whether the current time exceeds the check code rise time and add the time value that time to live obtains.
Step 205-1 ': the current authentication radix of storing in the storehouse of replacement data as a result that utilizes the current authentication radix to increase to obtain after second step-length, return execution in step 205-1;
Described second step-length is a default value, and for example, it is 1 that the second step-length value can be set, and then the current authentication radix is updated to the current authentication radix and adds 1 result of calculation;
Step 205-1: calculate first count value according to current authentication cardinal sum first step-length, then execution in step 205-2;
Described first count value is that the current authentication radix adds first step-length and calculates.
Step 205-2: generate identifying code according to first count value, execution in step 207 then;
The process that generates identifying code in the present embodiment is specially: server obtains key with first user binding according to first user profile, adopts a password generating algorithm that described key and described first count value are calculated identifying code.
Step 206: calculate second count value according to current authentication cardinal sum first step-length, then execution in step 206-1;
Described second count value is that the current authentication radix adds first step-length and calculates.
Step 206-1: generate identifying code according to described second count value;
The process that generates identifying code in the present embodiment is identical with step 205-2, does not repeat them here.
Step 206-2: judging whether the current time exceed time to live, is execution in step 207 then, otherwise execution in step 208;
The determination methods whether described current time exceeds time to live is specially: add the time value that time to live obtains if the current time exceeds the current time stamp, then the current time has exceeded time to live, for example, current time stabs and is 1:20, time to live is 600s, if then the current time exceeds 1:30 then is judged as the current time and exceeds time to live.
Step 207: will stab the time that is updated to the generation identifying code current time, execution in step 208 then;
Particularly, then the current time stabbed effectively when the current time was stabbed the time that is updated to the generation identifying code in the present embodiment.
Step 208: server sends identifying code with short message mode to described cell-phone number;
Described cell-phone number be step 201 that obtain with cell-phone number logging request binding.
Step 209: client receives the identifying code of user's input, sends identifying code and second user profile to server;
Step 210: server Receipt Validation sign indicating number and second user profile, judge whether second user profile is consistent with first user profile, be execution in step 211 then, otherwise authentification failure;
Step 209 and step 210 are specially in the present embodiment: Client-Prompt user input validation sign indicating number and user profile, client sends to server with identifying code and the user profile that receives, whether the current user profile that receives of server authentication is consistent with the user profile obtained in the logging request, if unanimity is execution in step 211 then, if inconsistent then authentification failure.
Step 211: server obtains the current time, judges whether the current time exceed time to live, if authentification failure then, otherwise carry out next step;
Judge in the present embodiment whether the current time exceed time to live and be specially: judging current time that whether current time exceed step 207 record stabs adds the time value that time to live obtains, if exceed then authentification failure, otherwise execution in step 212.
Step 212: calculate the 3rd step-length according to initial reference time, current time, time to live;
Concrete computational methods are in the present embodiment: calculate the difference of current time and initial reference time, be the 3rd step-length with described difference divided by the result that time to live and round numbers partly obtain; For example: the initial reference time is T0, and the relative number of seconds of current time apart from initial reference time is S, and time to live is I, and then the 3rd step-length equals S/I and round numbers part.
The described current time is a variable, and initial reference time and time to live are constant.
Step 213: server obtains the current authentication radix, obtains the 3rd count value according to current authentication cardinal sum the 3rd step size computation;
Step 214: generate check code according to the 3rd count value;
Be specially in the present embodiment: server obtains active user's key, adopts a password generating algorithm that described key and current authentication radix are calculated check code.
Step 215: the identifying code that the check code that comparison step 214 generates and step 210 receive, if unanimity is then carried out next step, otherwise authentification failure;
Step 216: the rise time of recording step 214 described check codes;
Step 217: will stab the current time be set to invalid.
To stab the current time in the present embodiment and be set to invalid preferably the setting current time is stabbed zero clearing.
Order is carried out to step 217 authentication success, and server is to client return authentication prompt for successful, and client display reminding information gives the user in order to carry out other operations.
Further, above-mentioned steps 205-2 available step 205-2 ' replacement in the present embodiment, specific as follows:
Step 205-2 ': according to the identifying code that first count value generates identifying code and more stores in the new database with the identifying code of generation, execution in step 207;
The process that generates identifying code in the present embodiment is specially: server obtains key with first user binding according to first user profile, adopts a password generating algorithm that described key and described first count value are calculated identifying code.
Above-mentioned steps 206 to step 207 can be replaced with method shown in Figure 5, and is specific as follows:
Step 206 ': judging whether the current time exceed time to live, is execution in step 206-1 ' then, otherwise execution in step 206-3 ';
Step 206-1 ': calculate second count value according to the current authentication radix; Execution in step 206-2 ' then;
Described second count value is that the current authentication radix adds first step-length and calculates.
Step 206-2 ': according to the identifying code that described second count value generates identifying code and more stores in the new database with the identifying code of generation, execution in step 207 then;
The process that generates identifying code in the present embodiment is identical with step 205-2 ', does not repeat them here.
Step 206-3 ': obtain the identifying code of storing in the database;
Above-mentioned steps 214 available step 214 ' replacement, step 215 step 215 ' replacement, simultaneously, step 212 and 213 can be omitted, the direct execution in step 214 in execution of step 211 backs ', specific as follows:
Step 214 ': server obtains the identifying code of storing in the current database;
Step 215 ': server is compared the identifying code of storing in the identifying code that receives and the database that obtains, if comparison result is then execution in step 216 of the two unanimity, otherwise authentification failure.
The above; only for the preferable embodiment of the present invention, but protection scope of the present invention is not limited thereto, and anyly is familiar with those skilled in the art in technical scope disclosed by the invention; the variation that can expect easily or replacement all should be encompassed within protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection range of claim.
Claims (11)
1. the authentication system based on note comprises authentication means, client and mobile phone, it is characterized in that:
Described authentication means, be used for receiving user's logging request and the user profile that client transmissions is come, send to user mobile phone for generation of identifying code, also for receiving the identifying code that client transmissions is come, whether the described identifying code that checking receives correctly also will verify that the result returns to client;
Described authentication means, also be used for extracting first user profile from user's logging request that described client transmissions is come, be used for whether having the user profile that conforms to described first user profile in the database retrieval, if described authentication means is extracted the cell-phone number with described first user profile binding from database when existing, described authentication means is not failed to the client return authentication when not depositing; Being used for obtaining the current authentication cardinal sum current time from database stabs; Be used for judging whether the current time exceeds time to live, if the current time do not exceed time to live then described authentication means obtain key according to first user profile, adopt a password generating algorithm that described key and current authentication radix are calculated the generation identifying code; If the current time exceed time to live then described authentication means the current authentication radix is calculated by preset rules and upgrades the current authentication radix with result of calculation, obtain key according to first user profile, adopt a password generating algorithm that described key and current authentication radix are calculated the generation identifying code, will stab the time that is updated to the described identifying code of generation the current time;
Described authentication means, also be used for receiving second user profile that client transmissions is come, and judge whether described second user profile is consistent with described first user profile of storage, if unanimity then continues to judge the current time and whether exceeds time to live, if inconsistent then described authentication means is failed to the client return authentication; If the current time exceed time to live then described authentication means fail to the client return authentication; If the current time do not exceed time to live then described authentication means obtain the current authentication radix, obtain key according to second user profile, adopt a password generating algorithm that described key and current authentication radix are calculated the generation check code;
Whether whether the described identifying code that described checking receives correctly is specially the described identifying code that receives of comparison consistent with the described check code of generation; If unanimity then described authentication means also is used for the current authentication radix being calculated by preset rules and upgrading the current authentication radix with result of calculation, will stab the current time be set to invalid;
Described client, be used for receiving the logging request of user's input and user profile and described logging request are sent to described authentication means, be used for receiving the identifying code of user's input and sending to described authentication means and receive the checking result that described authentication means is returned;
Described mobile phone be used for to receive the identifying code that described authentication means sends and is shown to the user.
2. system according to claim 1, it is characterized in that: described client comprises
Second transceiver module be used for to receive identifying code and the logging request of user's input and sends to authentication means, is used for receiving checking result that described authentication means returns and replying by interim checking whether;
LCD MODULE: be used for to show checking result that described authentication means that described second transceiver module receives is returned and replying by interim checking whether.
3. system according to claim 1, it is characterized in that: described mobile phone comprises
The 3rd transceiver module be used for to receive the note that authentication means sends and is transferred to the note memory module;
The note memory module is used for the note that described the 3rd transceiver module transmission of storage comes;
Display module is used for obtaining note and demonstration from described note memory module.
4. the auth method based on note is characterized in that: comprise that server generates the process of identifying code and the process of the identifying code that described server authentication receives;
The process that described server generates identifying code may further comprise the steps,
Step S1: server receives user's logging request;
Step S2: described server judges whether the current time stabs is invalid, is execution in step S3 then, otherwise execution in step S4;
Step S3: described server generates identifying code and upgrades the current time and stab, then execution in step S5;
Step S4: described server judges whether the current time exceed time to live, carries out next step then otherwise generate identifying code, is then to generate identifying code and upgrade the current time and stab and carry out next step then;
Step S5: described server sends described identifying code and arrives the cell-phone number of binding with described user's logging request;
The process of the identifying code that described server authentication receives may further comprise the steps,
Step S6: described server receives identifying code and second user profile, judges whether the current time exceed time to live, is authentification failure then, otherwise carries out next step;
Step S7: described server generates check code, described check code and the described identifying code that receives compared, if unanimity is then carried out next step, otherwise authentification failure;
Step S8: server will stab the current time be set to invalid;
Step S9: authentication success;
Described step S1 is specially, server receives user's logging request that client is sent, therefrom extract first user profile, whether retrieval exists the user profile that conforms to described first user profile in database, if exist then by interim checking, described server extracts the cell-phone number with described first user profile binding from database, if there is not then authentification failure;
Described step S6 comprises that also described server receives described identifying code and described second user profile, and judge whether described second user profile is consistent with described first user profile of storage, if unanimity then continues to judge the current time and whether exceeds time to live, if inconsistent then authentification failure;
Comprise before the described step S2: described server obtains the current authentication cardinal sum current time and stabs from database;
The described server of step S3 generates identifying code and upgrades the current time and stab and be specially described server and obtain key according to first user profile, adopt a password generating algorithm that described key and current authentication radix are calculated the generation identifying code, and will stab the time that is updated to the generation identifying code current time;
If the current time does not exceed time to live then to be generated identifying code and be specially described server and obtain key according to first user profile, adopt a password generating algorithm that described key and current authentication radix are calculated the generation identifying code described in the step S4;
Then generate identifying code and upgrade the current time and stab and to be specially if the current time exceeds time to live described in the step S4:
Described server calculates the current authentication radix and upgrades the current authentication radix with result of calculation by preset rules;
Described server obtains key according to first user profile, and described server adopts a password generating algorithm that described key and current authentication radix are calculated the generation identifying code, will stab the current time to be updated to the time that generates described identifying code;
The described server generation of step S7 check code is specially described server and obtains the current authentication radix, obtains key according to second user profile, adopts a password generating algorithm that described key and current authentication radix are calculated the generation check code;
Described step S3 or step S8 also comprise: server calculates the current authentication radix and record result of calculation by preset rules, upgrade the current authentication radix with result of calculation.
5. auth method according to claim 4, it is characterized in that: whether the current time exceeds the determination methods of time to live and is among the described step S4, add the time value that time to live obtains if the time value of current time was stabbed greater than the current time, then the current time exceeds time to live.
6. auth method according to claim 4 is characterized in that: the described current authentication radix is calculated by preset rules is specially the default step-length of current authentication radix increasing or decreasing.
7. auth method according to claim 4 is characterized in that: step S6 is described to judge whether the current time exceeds time to live and be specially the time value of judging the current time and whether stab greater than the current time and add the time value that time to live obtains.
8. auth method according to claim 4 is characterized in that: the described current time of step S8 stabs and is set to invalid preferably the setting current time is stabbed zero clearing.
9. the auth method based on note is characterized in that: comprise that server generates the process of identifying code and the process of the identifying code that described server authentication receives;
The process that described server generates identifying code may further comprise the steps,
Step S1: server receives user's logging request;
Step S2: described server judges whether the current time stabs is invalid, is execution in step S3 then, otherwise execution in step S4;
Step S3: described server generates identifying code and upgrades the current time and stab, then execution in step S5;
Step S4: described server judges whether the current time exceed time to live, is then to generate identifying code to carry out next step then, otherwise generates identifying code and upgrade the current time and stab and carry out next step then;
Step S5: described server sends described identifying code and arrives the cell-phone number of binding with described user's logging request;
The process of the identifying code that described server authentication receives may further comprise the steps,
Step S6: described server receives identifying code and second user profile, judges whether the current time exceed time to live, is authentification failure then, otherwise carries out next step;
Step S7: described server generates check code, described check code and the described identifying code that receives compared, if unanimity is then carried out next step, otherwise authentification failure;
Step S8: server will stab the current time be set to invalid;
Step S9: authentication success;
Described step S1 is specially, server receives user's logging request that client is sent, therefrom extract first user profile, whether retrieval exists the user profile that conforms to described first user profile in database, if exist then by interim checking, described server extracts the cell-phone number with described first user profile binding from database, if there is not then authentification failure;
Described step S6 comprises that also described server receives described identifying code and described second user profile, and judge whether described second user profile is consistent with described first user profile of storage, if unanimity then continues to judge the current time and whether exceeds time to live, if inconsistent then authentification failure;
Comprise before the described step S2: described server obtains initial reference time, check code rise time, time to live, current authentication cardinal sum current time stamp from database, the current time is read in the clock source internally, and described server calculates first step-length according to initial reference time, current time, time to live;
The described server of step S3 generates identifying code and upgrades the current time stamp and comprises:
Step 205: judging whether the current time exceed time to live, is execution in step 205-1 then, otherwise execution in step 205-1';
Step 205-1': the current authentication radix is increased the current authentication radix of storing in the storehouse of replacement data as a result that obtains after second step-length, execution in step 205-1 then;
Step 205-1: calculate first count value according to current authentication cardinal sum first step-length, then execution in step 205-2;
Step 205-2: generate identifying code according to described first count value, will stab the time that is updated to the generation identifying code current time;
Then do not generate identifying code and be specially if the current time exceeds time to live described in the step S4:
Described server calculates second count value according to current authentication cardinal sum first step-length;
Described server obtains key according to first user profile, adopts a password generating algorithm that described key and described second count value are calculated the generation identifying code;
Then generate identifying code and upgrade the current time and stab and to be specially if the current time exceeds time to live described in the step S4:
Described server calculates second count value according to current authentication cardinal sum first step-length;
Described server obtains key according to first user profile, adopts a password generating algorithm that described key and described second count value are calculated the generation identifying code, and described server will stab and be updated to the time that generates identifying code the current time;
The described server of step S7 generates check code and is specially:
Calculate the 3rd step-length according to initial reference time, current time, time to live;
Server obtains the current authentication radix, obtains the 3rd count value according to current authentication cardinal sum the 3rd step size computation;
Described server obtains key according to second user profile, adopts a password generating algorithm that described key and described the 3rd count value are calculated the generation check code;
Comprise the record check code rise time before the step S8.
10. auth method according to claim 9, it is characterized in that: the computational methods of described first step-length and the 3rd step-length will be for will be converted to a relative value current time, described relative value refers to the difference of current time and initial reference time, with described relative value divided by time to live and round numbers part.
11. auth method according to claim 9 is characterized in that: step 205 is described judges whether the current time exceeds time to live and be specially and judge whether the current time exceeds the check code rise time and add the time value that time to live obtains.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN 201110264451 CN102300182B (en) | 2011-09-07 | 2011-09-07 | Short-message-based authentication method, system and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN 201110264451 CN102300182B (en) | 2011-09-07 | 2011-09-07 | Short-message-based authentication method, system and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN102300182A CN102300182A (en) | 2011-12-28 |
CN102300182B true CN102300182B (en) | 2013-08-14 |
Family
ID=45360283
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN 201110264451 Active CN102300182B (en) | 2011-09-07 | 2011-09-07 | Short-message-based authentication method, system and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102300182B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104639505A (en) * | 2013-11-11 | 2015-05-20 | 中国移动通信集团辽宁有限公司 | Short message-based bidirectional safety authentication method and system |
Families Citing this family (35)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103581897B (en) * | 2012-08-07 | 2016-08-31 | 苏州简拔林网络科技有限公司 | A kind of phone number identification system and recognition methods |
CN102984261B (en) * | 2012-12-04 | 2015-07-08 | 中国联合网络通信集团有限公司 | Network service login method, equipment and system based on mobile telephone terminal |
CN103812854B (en) * | 2013-08-19 | 2015-03-18 | 深圳光启创新技术有限公司 | Identity authentication system, device and method and identity authentication requesting device |
CN104468173A (en) * | 2013-09-25 | 2015-03-25 | 江苏智软信息科技有限公司 | Software system safety design method |
CN103607400A (en) * | 2013-11-26 | 2014-02-26 | 深圳市掌众信息技术有限公司 | Improved mobile phone identity verification method and system |
CN104767614B (en) * | 2014-01-03 | 2019-03-05 | 中国移动通信集团浙江有限公司 | A kind of information authentication method and device |
CN104917726B (en) * | 2014-03-12 | 2019-03-05 | 北京新媒传信科技有限公司 | The method and apparatus of authentication |
CN103840944B (en) * | 2014-03-18 | 2017-12-22 | 昆明理工大学 | A kind of short message authentication method, server and system |
CN104980393B (en) * | 2014-04-02 | 2018-11-13 | 阿里巴巴集团控股有限公司 | Method of calibration, system, server and terminal |
CN103916831A (en) * | 2014-04-21 | 2014-07-09 | 河南理工大学 | Virtual number mapping method and system |
CN104038346B (en) * | 2014-06-24 | 2018-06-26 | 五八同城信息技术有限公司 | A kind of verification method and system |
CN105450403B (en) * | 2014-07-02 | 2019-09-17 | 阿里巴巴集团控股有限公司 | Identity identifying method, device and server |
CN104391870B (en) * | 2014-10-27 | 2017-09-05 | 小米科技有限责任公司 | Logistics information acquisition methods and device |
CN104320767A (en) * | 2014-11-10 | 2015-01-28 | 吴东辉 | Short message verification system and method |
KR20160061526A (en) * | 2014-11-21 | 2016-06-01 | 주식회사 홍인터내셔날 | Dart game server, dart game device for supporting log in and computer program thereof |
CN105095727A (en) * | 2015-05-25 | 2015-11-25 | 深圳新创客电子科技有限公司 | Device administrator permission application method, server and system |
CN105046506A (en) * | 2015-07-14 | 2015-11-11 | 哈尔滨德邦鼎立生物科技有限公司 | Feed additive self-service querying and tracing system and method |
CN105099708B (en) * | 2015-08-28 | 2018-05-15 | 上海亿保健康管理有限公司 | A kind of auth method |
CN105263126B (en) * | 2015-08-31 | 2019-01-04 | 小米科技有限责任公司 | Short-message verification method, apparatus and system |
CN105246059A (en) * | 2015-10-21 | 2016-01-13 | 中国联合网络通信集团有限公司 | Time-efficient short message processing method, short message transmitting base station and time-efficient short message processing system |
CN106790199B (en) * | 2016-12-31 | 2020-03-06 | 中国移动通信集团江苏有限公司 | Verification code processing method and device |
CN107196977B (en) * | 2017-07-28 | 2020-11-03 | 杭州聪普智能科技有限公司 | Safety maintenance method for smart home |
CN107241363B (en) * | 2017-08-10 | 2020-12-18 | 青岛网信信息科技有限公司 | Method and apparatus for automatically distinguishing between computer program input and human input |
CN107579969B (en) * | 2017-08-31 | 2020-12-01 | 江西博瑞彤芸科技有限公司 | User information acquisition method |
CN107888656B (en) * | 2017-10-09 | 2020-11-20 | 北京京东尚科信息技术有限公司 | Calling method and calling device of server-side interface |
CN108200049A (en) * | 2017-12-29 | 2018-06-22 | 上海上讯信息技术股份有限公司 | A kind of method logged in based on character terminal short message certification |
CN108462687B (en) * | 2018-01-08 | 2020-02-14 | 平安科技(深圳)有限公司 | Anti-swipe login method and device, terminal device and storage medium |
CN110278176B (en) * | 2018-03-14 | 2021-09-14 | 腾讯科技(深圳)有限公司 | Login verification method and login server |
CN109388924A (en) * | 2018-09-30 | 2019-02-26 | 武汉斗鱼网络科技有限公司 | A kind of auth method, device, server and storage medium |
CN109818958A (en) * | 2019-01-28 | 2019-05-28 | 西安航空学院 | A kind of computer network intelligent monitor system |
CN110721926A (en) * | 2019-10-09 | 2020-01-24 | 安徽宏实光机电高科有限公司 | Background management method and system for remote communication and remote monitoring based on Ethernet |
CN110677431A (en) * | 2019-10-14 | 2020-01-10 | 云深互联(北京)科技有限公司 | Bidirectional verification method and device |
CN111881461A (en) * | 2020-06-12 | 2020-11-03 | 福建亿能达信息技术股份有限公司 | Equipment maintenance work division accounting method, system, equipment and medium |
CN114363034B (en) * | 2021-12-29 | 2024-02-02 | 上海众源网络有限公司 | Verification code generation and verification method and device, electronic equipment and storage medium |
CN114466357B (en) * | 2022-02-28 | 2024-04-19 | 重庆长安汽车股份有限公司 | Vehicle-mounted NFC card key binding system and method |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1832401A (en) * | 2006-04-06 | 2006-09-13 | 陈珂 | Method for protecting safety of account number cipher |
CN1852095A (en) * | 2005-12-23 | 2006-10-25 | 华为技术有限公司 | Method, apparatus and system for verifying internet user identity |
CN101166091A (en) * | 2006-10-19 | 2008-04-23 | 阿里巴巴公司 | A dynamic password authentication method and service end system |
CN101453322A (en) * | 2007-11-29 | 2009-06-10 | 王谦 | Method and system for dynamic cipher code distribution and verification |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7139917B2 (en) * | 2000-06-05 | 2006-11-21 | Phoenix Technologies Ltd. | Systems, methods and software for remote password authentication using multiple servers |
US7020645B2 (en) * | 2001-04-19 | 2006-03-28 | Eoriginal, Inc. | Systems and methods for state-less authentication |
AU2004252824B2 (en) * | 2003-06-04 | 2011-03-17 | Mastercard International Incorporated | Customer authentication in e-commerce transactions |
-
2011
- 2011-09-07 CN CN 201110264451 patent/CN102300182B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1852095A (en) * | 2005-12-23 | 2006-10-25 | 华为技术有限公司 | Method, apparatus and system for verifying internet user identity |
CN1832401A (en) * | 2006-04-06 | 2006-09-13 | 陈珂 | Method for protecting safety of account number cipher |
CN101166091A (en) * | 2006-10-19 | 2008-04-23 | 阿里巴巴公司 | A dynamic password authentication method and service end system |
CN101453322A (en) * | 2007-11-29 | 2009-06-10 | 王谦 | Method and system for dynamic cipher code distribution and verification |
Non-Patent Citations (2)
Title |
---|
基于短信的动态口令系统方案;毛光灿 等;《计算机工程与设计》;20070930;第28卷(第17期);第4122-4123页,第4314页 * |
毛光灿 等.基于短信的动态口令系统方案.《计算机工程与设计》.2007,第28卷(第17期),第4122-4123页,第4314页. |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104639505A (en) * | 2013-11-11 | 2015-05-20 | 中国移动通信集团辽宁有限公司 | Short message-based bidirectional safety authentication method and system |
CN104639505B (en) * | 2013-11-11 | 2018-06-26 | 中国移动通信集团辽宁有限公司 | A kind of short message bidirectional safe auth method and system |
Also Published As
Publication number | Publication date |
---|---|
CN102300182A (en) | 2011-12-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102300182B (en) | Short-message-based authentication method, system and device | |
CN102164141B (en) | Method for protecting security of account | |
RU2011153984A (en) | TRUSTED AUTHORITY ADMINISTRATOR (TIM) | |
EP3346660A1 (en) | Authentication information update method and device | |
KR20180048793A (en) | Identification method and apparatus | |
CN101699820B (en) | Method and device for authenticating dynamic passwords | |
CN102281138B (en) | Method and system for improving safety of verification code | |
CN101257489A (en) | Method for protecting account number safety | |
CN1832401A (en) | Method for protecting safety of account number cipher | |
CN101577917A (en) | Safe dynamic password authentication method based on mobile phone | |
CN103167491A (en) | Authentication method of mobile terminal uniqueness based on software digital certificate | |
CN103023638A (en) | Identity verification method and device based on mobile terminal | |
CN103297403A (en) | Method and system for achieving dynamic password authentication | |
CN106779705B (en) | Dynamic payment method and system | |
CN106161710B (en) | A kind of user account safety management system based on smart phone | |
CN102223237A (en) | Data signature authentication method and data signature authentication system | |
CN104717063A (en) | Software security protection method of mobile terminal | |
CN104125230B (en) | A kind of short message certification service system and authentication method | |
CN103684768A (en) | POS system and method for bidirectional authentication in POS system | |
CN103024706A (en) | Short message based device and short message based method for bidirectional multiple-factor dynamic identity authentication | |
CN102231716A (en) | Instant communication service login method | |
CN104219303A (en) | Access control verification method and access control verification system | |
KR101202245B1 (en) | System and Method For Transferring Money Using OTP Generated From Account Number | |
CN102868702A (en) | System login device and system login method | |
KR20070075715A (en) | System for certify one-time password and method for generating one-time password |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CP03 | Change of name, title or address |
Address after: 17th floor, building B, Huizhi building, No.9, Xueqing Road, Haidian District, Beijing 100085 Patentee after: Feitian Technologies Co.,Ltd. Country or region after: China Address before: 100085 17th floor, block B, Huizhi building, No.9 Xueqing Road, Haidian District, Beijing Patentee before: Feitian Technologies Co.,Ltd. Country or region before: China |
|
CP03 | Change of name, title or address |