CN102769624B - A kind of dynamic password generation, device and method - Google Patents
A kind of dynamic password generation, device and method Download PDFInfo
- Publication number
- CN102769624B CN102769624B CN201210258833.9A CN201210258833A CN102769624B CN 102769624 B CN102769624 B CN 102769624B CN 201210258833 A CN201210258833 A CN 201210258833A CN 102769624 B CN102769624 B CN 102769624B
- Authority
- CN
- China
- Prior art keywords
- dynamic password
- transaction
- key message
- user
- challenge code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Storage Device Security (AREA)
Abstract
The present invention proposes a kind of dynamic password generation, comprising: transaction terminal, for receiving the Transaction Information of user's input and generating corresponding transaction message, and the challenge code from certificate server of pointing out user to input to receive; Certificate server, for receiving the transaction message from transaction terminal, and extracts the key message in transaction message, key message is carried out Lossless Compression to generate challenge code; Dynamic password generating device, for receiving the challenge code of user's input, and carries out lossless decompression to reduce key message to challenge code, and key message is shown to user, and confirms the dynamic password of the correct after-cost of key message time transaction user.The invention allows for a kind of dynamic password generating device and method.The present invention carries out Lossless Compression to the key message in customer transaction, by the challenge code of the short figure place of key message boil down to of long figure place, facilitates input and the memory of user.
Description
Technical field
The present invention relates to information security field, particularly relate to a kind of dynamic password generation, device and method.
Background technology
In recent years, with the fast development of the Internet and finance informationalizing, Web bank obtains rapidly the generally high praise of user and bank's industry with its advantage such as convenient, efficient.Bank and various electronic business web site, in order to overcome the safety defect of the authentication mode based on static password, have employed the fail safe that dynamic password token or dynamic password card carry out Strengthens network authentication mostly.
Dynamic-password technique is also called one-time password (OneTimePassword, be called for short OTP) technology, be characterized in that the display numeral of the dynamic password token that user provides according to service provider inputs dynamic password, i.e. dynamic password, and dynamic-password technique is according to the difference of password generating mode, time-based dynamic-password technique and the dynamic-password technique based on challenge/response can be divided into.
Present most dynamic password token have employed the dynamic-password technique based on challenge/response.When adopting this technology, dynamic password generating device and server stores have identical key seed; When needing to carry out user authentication, server generates a challenge code for user, after user obtains challenge code, challenge code is inputted dynamic password generating device; Dynamic password generating device uses the challenge code of key seed and user's input to generate answer back code (i.e. dynamic password), after user knows current dynamic password by the display screen of dynamic password generating device, input this dynamic password at transaction terminal, this dynamic password and the information such as user name, static password send to server to carry out certification by transaction terminal.
But when adopting the dynamic-password technique based on challenge/response, dynamic password token needs to generate dynamic password according to challenge code, and need user to input in dynamic password token by challenge code, when but often the figure place of user's input is more, easy input error, therefore, existing dynamic password token is convenient not in user's use procedure.
Summary of the invention
The present invention one of is intended to solve the problems of the technologies described above at least to a certain extent or at least provides a kind of useful business to select.
For this reason, first object of the present invention is to propose a kind of dynamic password generation, by carrying out Lossless Compression to the key message in customer transaction information, by the challenge code of the short figure place of key message boil down in the customer transaction information of long figure place, facilitate input and the memory of user.Second object of the present invention is to propose a kind of dynamic password generating device.3rd object of the present invention is to propose a kind of dynamic password formation method.
For achieving the above object, the embodiment of first aspect present invention proposes a kind of dynamic password generation, comprising: transaction terminal, certificate server and dynamic password generating device.Wherein, described transaction terminal, for receiving the Transaction Information of user's input and generating corresponding transaction message, and the challenge code from described certificate server of pointing out user to input to receive; Described certificate server, for receiving the transaction message from described transaction terminal, and extracts the key message in described transaction message, and described key message is carried out Lossless Compression to generate described challenge code; Described dynamic password generating device, for receiving the described challenge code of described user input, and lossless decompression is carried out to reduce described key message to described challenge code, and described key message is shown to described user and after described user confirms that described key message is correct, confirmation of receipt instruction generates the dynamic password of this transaction.
According to the dynamic password generation of the embodiment of the present invention, by carrying out Lossless Compression to the key message in customer transaction information, by the challenge code of the short figure place of key message boil down in the customer transaction information of long figure place, facilitate input and the memory of user.
In one embodiment of the invention, described Transaction Information comprises the user name of described user, the other side's account, dealing money and transaction journal number.
In one embodiment of the invention, described certificate server adopts digital lossless compression algorithm to compress to generate described challenge code to described key message.
In one embodiment of the invention, described digital lossless compression algorithm comprises Huffman encoding algorithm or the encryption algorithm that counts.
In one embodiment of the invention, described dynamic password generating device also for storing the decompression algorithm corresponding with the digital lossless compression algorithm that described certificate server adopts, and utilizes described decompression algorithm to decompress to reduce described key message to described challenge code.
In one embodiment of the invention, described dynamic password generating device is used for the dynamic password generating this transaction described according to described challenge code or described key message.
In one embodiment of the invention, described dynamic password generating device is used for the dynamic password generating this transaction described according to the combination in any of described challenge code, described key message and current time parameter.
In one embodiment of the invention, described certificate server receives the dynamic password of this transaction described that described user is inputted by described transaction terminal, and the dynamic password of this transaction described is compared with the dynamic password generated in advance, wherein, the described dynamic password generated in advance of described certificate server is corresponding with this dynamic password of concluding the business that described dynamic password generating device generates.
In one embodiment of the invention, described dynamic password generating device is dynamic password token.
In one embodiment of the invention, described transaction terminal inputs described challenge code by user described in word, image or auditory tone cues.
The embodiment of second aspect present invention proposes a kind of dynamic password generating device, comprise: receiver module, for receiving the challenge code of user's input, and after described user confirms that key message is correct, the confirmation instruction of input, wherein, described challenge code is generate after the key message in transaction message is carried out Lossless Compression; Decompression module, for carrying out lossless decompression to reduce described key message to described challenge code; Reminding module, for pointing out described key message to confirm for described user, and the dynamic password of prompting password generated CMOS macro cell; Password generated module, after confirming that described user described key message is correct, generates this dynamic password of concluding the business according to the confirmation instruction that receiver module receives.
According to the dynamic password generating device of the embodiment of the present invention, by carrying out Lossless Compression to the key message in customer transaction information, by the challenge code of the short figure place of key message boil down in the customer transaction information of long figure place, facilitate input and the memory of user.
In one embodiment of the invention, described decompression module utilizes decompression algorithm to decompress to reduce described key message to described challenge code.
In one embodiment of the invention, described decompression algorithm comprises Hafman decoding algorithm or the encryption algorithm that counts.
In one embodiment of the invention, described password generated module is used for dynamic password that described key message that the challenge code that inputs according to described user or decompression obtain generates this transaction described.
In one embodiment of the invention, described password generated module also comprises clock module, for recording current time parameter.
In one embodiment of the invention, described password generated module is also for inquiring about the current time parameter that described clock module stores, and the challenge code inputted according to described user and current time parameter generate dynamic password of this transaction described.
In one embodiment of the invention, described dynamic password generating device also comprises: authentication module, startup password for inputting user verifies, and after being proved to be successful, described receiver module is indicated to receive described challenge code, if the errors number that described user inputs startup password exceedes preset times, then lock described dynamic password generating device.
In one embodiment of the invention, described dynamic password generating device is dynamic password token.
The embodiment of third aspect present invention proposes a kind of dynamic password formation method, comprises the steps: that transaction terminal receives the Transaction Information of user's input and generates corresponding transaction message; Certificate server receives the transaction message from described transaction terminal, and extracts the key message in described transaction message, and described key message is carried out Lossless Compression to generate challenge code, and described challenge code is sent to described transaction terminal; Described dynamic password generating device receives the described challenge code of described user input, and lossless decompression is carried out to reduce described key message to described challenge code, and described key message is shown to described user, after described user confirms that described key message is correct, generate the dynamic password of this transaction.
According to the dynamic password formation method of the embodiment of the present invention, by carrying out Lossless Compression to the key message in customer transaction information, by the challenge code of the short figure place of key message boil down in the customer transaction information of long figure place, facilitate input and the memory of user.
In one embodiment of the invention, described Transaction Information comprises the user name of described user, the other side's account, dealing money and transaction journal number.
In one embodiment of the invention, described key message comprises the other side's account and dealing money.
In one embodiment of the invention, described certificate server adopts digital lossless compression algorithm to compress to generate described challenge code to described key message.
In one embodiment of the invention, described digital lossless compression algorithm comprises Huffman encoding algorithm or the encryption algorithm that counts.
In one embodiment of the invention, described dynamic password formation method also comprises the steps: that described dynamic password generating device stores the decompression algorithm corresponding with the digital lossless compression algorithm that described authentication service adopts, and utilizes described decompression algorithm to decompress to reduce described key message to described challenge code.
In one embodiment of the invention, described dynamic password generating device one of in the following manner generates dynamic password:
(1) described dynamic password generating device generates the dynamic password of this transaction described according to described challenge code;
(2) described dynamic password generating device generates the dynamic password of this transaction described according to described key message;
(3) described dynamic password generating device generates the dynamic password of this transaction described according to described key message and current time parameter;
(4) described dynamic password generating device generates the dynamic password of this transaction described according to described challenge code and current time parameter.
In one embodiment of the invention, described dynamic password formation method also comprise the steps: described certificate server receive described user inputted by described transaction terminal described in this transaction dynamic password, and the dynamic password of this transaction described is compared with the dynamic password generated in advance, wherein, the described dynamic password generated in advance of described certificate server is corresponding with this dynamic password of concluding the business that described dynamic password generating device generates; If comparison is consistent, then allow described user to carry out this transaction, otherwise forbid that described user carries out this transaction.
The aspect that the present invention adds and advantage will part provide in the following description, and part will become obvious from the following description, or be recognized by practice of the present invention.
Accompanying drawing explanation
The present invention above-mentioned and/or additional aspect and advantage will become obvious and easy understand from the following description of the accompanying drawings of embodiments, wherein:
Fig. 1 is the schematic diagram of the dynamic password generation according to the embodiment of the present invention;
Fig. 2 is the schematic diagram of dynamic password generation according to another embodiment of the present invention;
Fig. 3 is the schematic diagram of the dynamic password generating device according to the embodiment of the present invention; And
Fig. 4 is the flow chart of the dynamic password formation method according to the embodiment of the present invention.
Embodiment
Be described below in detail embodiments of the invention, the example of described embodiment is shown in the drawings, and wherein same or similar label represents same or similar element or has element that is identical or similar functions from start to finish.Being exemplary below by the embodiment be described with reference to the drawings, only for explaining the present invention, and can not limitation of the present invention being interpreted as.
In describing the invention, it will be appreciated that, term " longitudinal direction ", " transverse direction ", " on ", D score, "front", "rear", "left", "right", " vertically ", " level ", " top ", " end " " interior ", the orientation of the instruction such as " outward " or position relationship be based on orientation shown in the drawings or position relationship, only the present invention for convenience of description and simplified characterization, instead of indicate or imply that the device of indication or element must have specific orientation, with specific azimuth configuration and operation, therefore can not be interpreted as limitation of the present invention.
In describing the invention, it should be noted that, unless otherwise prescribed and limit, term " installation ", " being connected ", " connection " should be interpreted broadly, such as, can be mechanical connection or electrical connection, also can be the connection of two element internals, can be directly be connected, also indirectly can be connected by intermediary, for the ordinary skill in the art, the concrete meaning of above-mentioned term can be understood as the case may be.
As shown in Figure 1, the dynamic password generation of embodiment according to a first aspect of the present invention, comprising: transaction terminal 101, certificate server 102 and dynamic password generating device 103.
Particularly, transaction terminal 101 receives the Transaction Information of user's input and generates corresponding transaction message, and the challenge code from certificate server 102 of pointing out user to input to receive.Wherein, Transaction Information including but not limited to: carry out the user name of the user concluded the business, the other side's account, dealing money and transaction journal number etc.Transaction terminal 101 can be the ATM(AutomatedTellerMachine of bank, ATM), also can be the equipment such as PC or mobile phone terminal.
Certificate server 102 is for certification dynamic password and realize customer transaction, is generally the server that bank provides.Certificate server 102 receives the transaction message from transaction terminal 101, and extracts the key message in this transaction message, and this key message is carried out Lossless Compression, to generate challenge code.Wherein, key message comprises: the information such as the other side's account and dealing money.In one embodiment of the invention, certificate server adopts digital lossless compression algorithm to compress to generate challenge code to key message.Wherein, digital lossless compression algorithm is including but not limited to Huffman (Huffman) encryption algorithm or the encryption algorithm that counts.
Certainly, when reality drops into application, as shown in Figure 2, transaction terminal 101 and certificate server 102 also can merge into a transaction system, use same entity device, such as ATM in bank etc.
Dynamic password generating device 103 is for receiving the described challenge code of described user input, and lossless decompression is carried out to reduce described key message to described challenge code, and described key message is shown to described user and after described user confirms that described key message is correct, confirmation of receipt instruction generates the dynamic password of this transaction.
In one embodiment of the invention, dynamic password generating device 103 also for the decompression algorithm that the digital lossless compression algorithm stored with certificate server 102 adopts is corresponding, and utilizes decompression algorithm to decompress to reduce key message to challenge code.When needing dynamic password, dynamic password generating device 103 is for generating the dynamic password of this transaction according to described challenge code or key message.
Transaction terminal 101 inputs challenge code by information prompting users such as word, image or sound.Then, certificate server 102 receives the dynamic password of this transaction that described user is inputted by transaction terminal 101, and the dynamic password inputted by this trade user is compared with the dynamic password generated in advance, wherein, this dynamic password of concluding the business of generating of the above-mentioned dynamic password generated in advance and dynamic password generating device 102 is corresponding.
In one embodiment of the invention, dynamic password generating device 102 adopts dynamic password token, it should be noted that, this example just for the ease of to explanation of the present invention, and should not be construed as limitation of the present invention.
According to the dynamic password generation of the embodiment of the present invention, by carrying out Lossless Compression to the key message in customer transaction information, by the challenge code of the short figure place of key message boil down in the customer transaction information of long figure place, facilitate input and the memory of user.
As shown in Figure 3, the dynamic password generating device of embodiment according to a second aspect of the present invention, comprising: receiver module 301, decompression module 302, reminding module 303 and password generated module 304.
Particularly, receiver module 301 is for receiving the challenge code of user's input, and after user confirms that key message is correct, the confirmation instruction of input, wherein, challenge code is generate after the key message in transaction message is carried out Lossless Compression.
Decompression module 302 utilizes decompression algorithm to carry out lossless decompression to reduce key message to challenge code.Described decompression algorithm, including but not limited to: Hafman decoding algorithm or the encryption algorithm that counts.
Reminding module 303 confirms for user for pointing out key message, and to the dynamic password that user points out password generated module 304 to generate.
Password generated module 304, after user confirms that key message is correct, generates this dynamic password of concluding the business according to the confirmation instruction that receiver module 301 receives.Wherein, the generating mode of the dynamic password of this transaction can have following several mode:
1) in one embodiment of the invention, password generated module 304 generates the dynamic password of this transaction according to the challenge code that user inputs.
2) key message that in one embodiment of the invention, password generated module 304 obtains according to decompressing generates the dynamic password of this transaction.
3) in one embodiment of the invention, password generated module 304 also comprises clock module, for recording current time parameter.Password generated module 304 inquire about clock module store current time parameter, and according to user input challenge code and current time parameter generate this transaction dynamic password.The present embodiment generates dynamic password according to challenge code and current time parameter, even if can ensure identical challenge code (such as to same account remittance same amount), also can generate different dynamic passwords, further ensure the fail safe of dynamic password.
In one embodiment of the invention, password generated device also comprises: authentication module.Authentication module verifies the startup password that user inputs, and after being proved to be successful, instruction receiver module 301 receives challenge code, if the errors number that user inputs startup password exceedes preset times (such as 3 times or 5 times), then and authentication module locking dynamic password generating device.Authentication module is set, even if can, when this dynamic password generating device is lost, also can prevent other people from carrying out malice repeated attempt to the password of user, ensures the account safety of user.
In one embodiment of the invention, dynamic password generating device can be dynamic password token, it should be noted that, this example just for the ease of to explanation of the present invention, and should not be construed as limitation of the present invention.
According to the dynamic password generating device of the embodiment of the present invention, by carrying out Lossless Compression to the key message in customer transaction information, by the challenge code of the short figure place of key message boil down in the customer transaction information of long figure place, facilitate input and the memory of user.
As shown in Figure 4, the dynamic password formation method of embodiment according to a third aspect of the present invention, comprises the steps:
S401: transaction terminal receives the Transaction Information of user's input and generates corresponding transaction message.
User is input/edit customer transaction information in transaction terminal; The transaction message of user's input/edit is sent to certificate server by transaction terminal one by one.Wherein, Transaction Information including but not limited to: carry out the user name of the user concluded the business, the other side's account, dealing money and transaction journal number etc.
S402: certificate server receives the transaction message from transaction terminal, and extracts the key message in transaction message, and this key message is carried out Lossless Compression to generate challenge code, and this challenge code is sent to transaction terminal.
The certificate server of transaction system obtains the customer transaction information of this transaction according to this transaction message of concluding the business that this transaction terminal sends, extract the key message in customer transaction information, generally, the key message in customer transaction information comprises: the information such as the other side's account and dealing money.
Then, the key message of extraction carries out being compressed by digital lossless compression algorithm by certificate server, is compressed into the challenge code of short figure place, and indicates transaction terminal to point out user to input challenge code.Wherein, lossless compression algorithm can adopt: Huffman encoding algorithm, count encryption algorithm etc., due to its invertibity, reduces after can ensureing decompress(ion) to original compression content.It should be noted that, above algorithm example should not be construed as limitation of the present invention, in actual applications, can select other harmless, reversible compression algorithms.
S403: dynamic password generating device receives the challenge code of user's input, and lossless decompression is carried out to reduce key message to this challenge code, and this key message is shown to user, after user confirms that this key message is correct, generate the dynamic password of this transaction.
The decompression algorithm corresponding with the digital lossless compression algorithm that certificate server adopts is stored in dynamic password generating device.Dynamic password generating device utilizes this decompression algorithm to decompress to reduce key message to the challenge code that user inputs after receiving the challenge code that user inputs according to the information of transaction terminal.After key message in dynamic password generating device reduction customer transaction information, also this key message is shown, based on displaying contents, user can examine whether this time transaction is the transaction that user needs, confirmation (in actual applications, by allowing user press, this step confirms that button realizes usually) is sent to dynamic password generating device after confirmation.After user confirms that this key message is correct, dynamic password generating device is by generating dynamic password with one of under type, the dynamic password as certificate server end:
(1) dynamic password generating device generates the dynamic password of this transaction according to challenge code;
(2) dynamic password generating device generates the dynamic password of this transaction according to key message;
(3) dynamic password generating device generates the dynamic password of this transaction according to key message and current time parameter;
(4) dynamic password generating device generates the dynamic password of this transaction according to challenge code and current time parameter.
After dynamic password generating device generates dynamic password, certificate server receives the dynamic password of this transaction that user is inputted by transaction terminal, and is compared by the dynamic password generated in advance of this dynamic password of concluding the business and certificate server end.If comparison is consistent, then user is allowed to carry out this transaction, otherwise, then forbid that user carries out this transaction.Wherein, the current time parameter that transaction system (certificate server) is held is identical (such as 2 minutes) with the current time parameter of dynamic password generating device in a period of time.The present embodiment generates dynamic password according to challenge code and current time parameter, even if can ensure identical challenge code (such as to same account remittance same amount), also can generate different dynamic passwords, further ensure the fail safe of dynamic password.
In one embodiment of the invention, dynamic password generating device can be dynamic password token, it should be noted that, this example just for the ease of to explanation of the present invention, and should not be construed as limitation of the present invention.
According to the dynamic password formation method of the embodiment of the present invention, by carrying out Lossless Compression to the key message in customer transaction information, by the challenge code of the short figure place of key message boil down in the customer transaction information of long figure place, facilitate input and the memory of user.
Describe and can be understood in flow chart or in this any process otherwise described or method, represent and comprise one or more for realizing the module of the code of the executable instruction of the step of specific logical function or process, fragment or part, and the scope of the preferred embodiment of the present invention comprises other realization, wherein can not according to order that is shown or that discuss, comprise according to involved function by the mode while of basic or by contrary order, carry out n-back test, this should understand by embodiments of the invention person of ordinary skill in the field.
In flow charts represent or in this logic otherwise described and/or step, such as, the sequencing list of the executable instruction for realizing logic function can be considered to, may be embodied in any computer-readable medium, for instruction execution system, device or equipment (as computer based system, comprise the system of processor or other can from instruction execution system, device or equipment instruction fetch and perform the system of instruction) use, or to use in conjunction with these instruction execution systems, device or equipment.With regard to this specification, " computer-readable medium " can be anyly can to comprise, store, communicate, propagate or transmission procedure for instruction execution system, device or equipment or the device that uses in conjunction with these instruction execution systems, device or equipment.The example more specifically (non-exhaustive list) of computer-readable medium comprises following: the electrical connection section (electronic installation) with one or more wiring, portable computer diskette box (magnetic device), random-access memory (ram), read-only memory (ROM), erasablely edit read-only memory (EPROM or flash memory), fiber device, and portable optic disk read-only memory (CDROM).In addition, computer-readable medium can be even paper or other suitable media that can print described program thereon, because can such as by carrying out optical scanner to paper or other media, then carry out editing, decipher or carry out process with other suitable methods if desired and electronically obtain described program, be then stored in computer storage.
Should be appreciated that each several part of the present invention can realize with hardware, software, firmware or their combination.In the above-described embodiment, multiple step or method can with to store in memory and the software performed by suitable instruction execution system or firmware realize.Such as, if realized with hardware, the same in another embodiment, can realize by any one in following technology well known in the art or their combination: the discrete logic with the logic gates for realizing logic function to data-signal, there is the application-specific integrated circuit (ASIC) of suitable combinational logic gate circuit, programmable gate array (PGA), field programmable gate array (FPGA) etc.
Those skilled in the art are appreciated that realizing all or part of step that above-described embodiment method carries is that the hardware that can carry out instruction relevant by program completes, described program can be stored in a kind of computer-readable recording medium, this program perform time, step comprising embodiment of the method one or a combination set of.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing module, also can be that the independent physics of unit exists, also can be integrated in a module by two or more unit.Above-mentioned integrated module both can adopt the form of hardware to realize, and the form of software function module also can be adopted to realize.If described integrated module using the form of software function module realize and as independently production marketing or use time, also can be stored in a computer read/write memory medium.
In the description of this specification, specific features, structure, material or feature that the description of reference term " embodiment ", " some embodiments ", " example ", " concrete example " or " some examples " etc. means to describe in conjunction with this embodiment or example are contained at least one embodiment of the present invention or example.In this manual, identical embodiment or example are not necessarily referred to the schematic representation of above-mentioned term.And the specific features of description, structure, material or feature can combine in an appropriate manner in any one or more embodiment or example.
Although illustrate and describe embodiments of the invention above, be understandable that, above-described embodiment is exemplary, can not be interpreted as limitation of the present invention, those of ordinary skill in the art can change above-described embodiment within the scope of the invention when not departing from principle of the present invention and aim, revising, replacing and modification.
Claims (27)
1. a dynamic password generation, is characterized in that, comprising: transaction terminal, certificate server and dynamic password generating device, wherein,
Described transaction terminal, for receiving the Transaction Information of user's input and generating corresponding transaction message, and the challenge code from described certificate server of pointing out user to input to receive;
Described certificate server, for receiving the transaction message from described transaction terminal, and extracts the key message in described transaction message, and described key message is carried out Lossless Compression to generate described challenge code;
Described dynamic password generating device, for receiving the described challenge code of described user input, and lossless decompression is carried out to reduce described key message to described challenge code, and described key message is shown to described user and after described user confirms that described key message is correct, confirmation of receipt instruction generates the dynamic password of this transaction, wherein, described dynamic password generating device is stored in decompression algorithm corresponding to lossless compression algorithm that described certificate server adopts.
2. dynamic password generation as claimed in claim 1, is characterized in that, described Transaction Information comprises the user name of described user, the other side's account, dealing money and transaction journal number.
3. dynamic password generation as claimed in claim 2, it is characterized in that, described key message comprises the other side's account and dealing money.
4. the dynamic password generation as described in claim 1 or 3, is characterized in that, described certificate server adopts digital lossless compression algorithm to compress to generate described challenge code to described key message.
5. dynamic password generation as claimed in claim 4, it is characterized in that, described digital lossless compression algorithm comprises Huffman encoding algorithm or the encryption algorithm that counts.
6. dynamic password generation as claimed in claim 4, it is characterized in that, described dynamic password generating device also for storing the decompression algorithm corresponding with the digital lossless compression algorithm that described certificate server adopts, and utilizes described decompression algorithm to decompress to reduce described key message to described challenge code.
7. dynamic password generation as claimed in claim 1, is characterized in that, described dynamic password generating device is used for the dynamic password generating this transaction described according to described challenge code or described key message.
8. dynamic password generation as claimed in claim 1, is characterized in that, described dynamic password generating device is used for the dynamic password generating this transaction described according to the combination in any of described challenge code, described key message and current time parameter.
9. dynamic password generation as claimed in claim 1, it is characterized in that, described certificate server receives the dynamic password of this transaction described that described user is inputted by described transaction terminal, and the dynamic password of this transaction described is compared with the dynamic password generated in advance, wherein, the described dynamic password generated in advance of described certificate server is corresponding with this dynamic password of concluding the business that described dynamic password generating device generates.
10. dynamic password generation as claimed in claim 1, it is characterized in that, described dynamic password generating device is dynamic password token.
11. dynamic password generation as claimed in claim 1, it is characterized in that, described transaction terminal inputs described challenge code by user described in word, image or auditory tone cues.
12. 1 kinds of dynamic password generating devices, is characterized in that, comprising:
Receiver module, for receiving the challenge code of user's input, and after described user confirms that key message is correct, the confirmation instruction of input, wherein, described challenge code is generate after the key message in transaction message is carried out Lossless Compression;
Decompression module, for carrying out lossless decompression to described challenge code to reduce described key message, wherein, described decompression module stores the decompression algorithm corresponding with the lossless compression algorithm that described certificate server adopts;
Reminding module, for pointing out described key message to confirm for described user, and the dynamic password of prompting password generated CMOS macro cell; And
Password generated module, after confirming that described user described key message is correct, generates this dynamic password of concluding the business according to the confirmation instruction that receiver module receives.
13. dynamic password generating devices as claimed in claim 12, is characterized in that, described decompression module utilizes decompression algorithm to decompress to reduce described key message to described challenge code.
14. dynamic password generating devices as claimed in claim 13, it is characterized in that, described decompression algorithm comprises Hafman decoding algorithm or the encryption algorithm that counts.
15. dynamic password generating devices as claimed in claim 12, is characterized in that, described password generated module is used for dynamic password that described key message that the challenge code that inputs according to described user or decompression obtain generates this transaction described.
16. dynamic password generating devices as claimed in claim 12, it is characterized in that, described password generated module also comprises clock module, for recording current time parameter.
17. dynamic password generating devices as claimed in claim 16, it is characterized in that, described password generated module is also for inquiring about the current time parameter that described clock module stores, and the challenge code inputted according to described user and current time parameter generate dynamic password of this transaction described.
18. dynamic password generating devices according to any one of claim 12-17, is characterized in that, also comprise:
Authentication module, startup password for inputting user verifies, and after being proved to be successful, indicates described receiver module to receive described challenge code, if the errors number that described user inputs startup password exceedes preset times, then lock described dynamic password generating device.
19. dynamic password generating devices as claimed in claim 12, it is characterized in that, described dynamic password generating device is dynamic password token.
20. 1 kinds of dynamic password formation methods, is characterized in that, comprise the steps:
Transaction terminal receives the Transaction Information of user's input and generates corresponding transaction message;
Certificate server receives the transaction message from described transaction terminal, and extracts the key message in described transaction message, and described key message is carried out Lossless Compression to generate challenge code, and described challenge code is sent to described transaction terminal; And
Described dynamic password generating device receives the described challenge code of described user input, and lossless decompression is carried out to reduce described key message to described challenge code, and described key message is shown to described user, after described user confirms that described key message is correct, generate the dynamic password of this transaction, wherein, described dynamic password generating device stores the decompression algorithm corresponding with the lossless compression algorithm that described certificate server adopts.
21. dynamic password formation methods as claimed in claim 20, is characterized in that, described Transaction Information comprises the user name of described user, the other side's account, dealing money and transaction journal number.
22. dynamic password formation methods as claimed in claim 21, it is characterized in that, described key message comprises the other side's account and dealing money.
23. dynamic password formation methods as described in any one of claim 20-22, it is characterized in that, described certificate server adopts digital lossless compression algorithm to compress to generate described challenge code to described key message.
24. dynamic password formation methods as claimed in claim 23, it is characterized in that, described digital lossless compression algorithm comprises Huffman encoding algorithm or the encryption algorithm that counts.
25. dynamic password formation methods as claimed in claim 23, is characterized in that, also comprise the steps:
Described dynamic password generating device stores the decompression algorithm corresponding with the digital lossless compression algorithm that described authentication service adopts, and utilizes described decompression algorithm to decompress to reduce described key message to described challenge code.
26. dynamic password formation methods as claimed in claim 20, is characterized in that, described dynamic password generating device one of in the following manner generates dynamic password:
(1) described dynamic password generating device generates the dynamic password of this transaction described according to described challenge code;
(2) described dynamic password generating device generates the dynamic password of this transaction described according to described key message;
(3) described dynamic password generating device generates the dynamic password of this transaction described according to described key message and current time parameter;
(4) described dynamic password generating device generates the dynamic password of this transaction described according to described challenge code and current time parameter.
27. dynamic password formation methods as claimed in claim 20, is characterized in that, also comprise the steps:
Described certificate server receives the dynamic password of this transaction described that described user is inputted by described transaction terminal, and the dynamic password of this transaction described is compared with the dynamic password generated in advance, wherein, the described dynamic password generated in advance of described certificate server is corresponding with this dynamic password of concluding the business that described dynamic password generating device generates;
If comparison is consistent, then allow described user to carry out this transaction, otherwise forbid that described user carries out this transaction.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210258833.9A CN102769624B (en) | 2012-07-24 | 2012-07-24 | A kind of dynamic password generation, device and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210258833.9A CN102769624B (en) | 2012-07-24 | 2012-07-24 | A kind of dynamic password generation, device and method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102769624A CN102769624A (en) | 2012-11-07 |
| CN102769624B true CN102769624B (en) | 2016-01-20 |
Family
ID=47096874
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210258833.9A Active CN102769624B (en) | 2012-07-24 | 2012-07-24 | A kind of dynamic password generation, device and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102769624B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103023643A (en) * | 2012-11-22 | 2013-04-03 | 天地融科技股份有限公司 | Dynamic password card and dynamic password generating method |
| CN103078738A (en) * | 2012-11-22 | 2013-05-01 | 天地融科技股份有限公司 | Dynamic password generation device and adapter |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101651675A (en) * | 2009-08-27 | 2010-02-17 | 北京飞天诚信科技有限公司 | Method and system for enhancing security of network transactions |
| CN102307180A (en) * | 2011-04-27 | 2012-01-04 | 上海动联信息技术有限公司 | Trade confirmation method for challenge response token |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101997849A (en) * | 2009-08-18 | 2011-03-30 | 阿里巴巴集团控股有限公司 | Method, device and system for authentication of internet user |
-
2012
- 2012-07-24 CN CN201210258833.9A patent/CN102769624B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101651675A (en) * | 2009-08-27 | 2010-02-17 | 北京飞天诚信科技有限公司 | Method and system for enhancing security of network transactions |
| CN102307180A (en) * | 2011-04-27 | 2012-01-04 | 上海动联信息技术有限公司 | Trade confirmation method for challenge response token |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102769624A (en) | 2012-11-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102868527B (en) | A kind of dynamic password generation and device | |
| CN102158488B (en) | Dynamic countersign generation method and device and authentication method and system | |
| CN101432980B (en) | Time sync-type otp generation device and method for mobile phones | |
| CN102752115B (en) | Challenge code generating method and device, dynamic password authentication method and system | |
| CN105141615A (en) | Method and system for opening account remotely, authentication method and system | |
| US11212084B2 (en) | System and a method for signing transactions using air-gapped private keys | |
| CN105303664A (en) | Intelligent access control system based on two dimensional code technology and control method thereof | |
| CN110930147B (en) | Offline payment method and device, electronic equipment and computer-readable storage medium | |
| CN101897165A (en) | Method of authentication of users in data processing systems | |
| CN108206803B (en) | Service agency processing method and device | |
| CN103595719A (en) | Authentication method and system based on fingerprints | |
| CN104618114B (en) | ID card information acquisition methods, apparatus and system | |
| CN106101159A (en) | Dynamic cipher generating method, dynamic cipher authentication method and device | |
| CN102891842A (en) | Security authentication method and system | |
| JP2009015712A (en) | Authentication device, authentication method, and authentication program | |
| CN111028392A (en) | Combined password verification method, hardware terminal and password system | |
| CN103942685A (en) | Data security interactive system | |
| CN103198401B (en) | There is smart card method of commerce and the system of electronic signature functionality | |
| CN110659899B (en) | Offline payment method, device and equipment | |
| CN102769624B (en) | A kind of dynamic password generation, device and method | |
| CN105138887B (en) | A kind of input method of log-on message, device and terminal device | |
| KR20180096887A (en) | Method for Generating Dynamic Code Which Varies Periodically and Method for Authenticating the Dynamic Code | |
| CN103813333A (en) | Data processing method based on negotiation keys | |
| CN103746802A (en) | Data processing method based on coordination secret keys and mobile phone | |
| CN103475479A (en) | Intelligent secret key equipment, mobile terminal, dynamic password output method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C53 | Correction of patent for invention or patent application | ||
| CB02 | Change of applicant information |
Address after: 100083, room 1810, block B, 38 clear road, Haidian District, Beijing Applicant after: Tendyron Technology Co., Ltd. Address before: 100083, room 1810, block B, golden building, No. 17, Qinghua East Road, Beijing, Haidian District Applicant before: Tendyron Technology Co., Ltd. |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |