CN103441852A - High-strength dynamic password authentication method - Google Patents
High-strength dynamic password authentication method Download PDFInfo
- Publication number
- CN103441852A CN103441852A CN2013103726773A CN201310372677A CN103441852A CN 103441852 A CN103441852 A CN 103441852A CN 2013103726773 A CN2013103726773 A CN 2013103726773A CN 201310372677 A CN201310372677 A CN 201310372677A CN 103441852 A CN103441852 A CN 103441852A
- Authority
- CN
- China
- Prior art keywords
- password
- rule
- user
- character
- cell
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention provides a high-strength dynamic password authentication method. Firstly, the method is characterized in that different passwords need to be input according to system prompts every time a user logs in a system, the passwords are only valid in a one-off mode in the current system environment, and that is, the passwords are invalid after being intercepted by a third party. Secondly, the method is characterized in that the third party can not deduce back an accurate password source according to the password rule even though the correct passwords of the user are intercepted by the third party many times. It can be seen from the two characteristics that the new password authentication technology has high-strength protection capacity and is applicable to various fields needing safety authentication.
Description
Technical field
The present invention relates to informationization technology and safety certification field, be specifically related to a kind of high strength dynamic cipher authentication method.
Background technology
Along with popularizing of informationization technology, people's life be unable to do without password everywhere, the computer login, the webpage login, software login and bank account all need password, so, the password quantity that the individual grasps is more and more, be inconvenient to remember and manage, and the upgrading along with development and the unlawful means of hacking technique, traditional cipher verification technique is relatively backward, password is easily stolen utilization by the lawless person, being blocked password when cash dispenser operates as the user causes account stolen, the card information that is stolen when hotel swipes the card and password cause a huge sum of money stolen, the theft means that these are upgraded day by day, really allow the people hard to guard against.
Although now have, use the method for mobile phone Receipt Validation code to guarantee login security, but this needs the user to have mobile phone, region that mobile phone signal is arranged, and at mobile phone signal, bad or people also there will be the identifying code forward delay interval when using the login platform more, delays user login operation.According to nearest science and technology news, had the lawless person and set up " pseudo-base station " and realize cellphone subscriber's password is tackled, that is to say, even if use mobile phone Receipt Validation code, also can be tackled by the lawless person, and the password of tackling can remain valid.
Therefore, we need a kind of new cipher authentication technique to protect our information security, reach safe and secret, be not afraid of interception, the purpose of handled easily, convenient memory.
Summary of the invention
In order to address the above problem, the invention provides a kind of high strength dynamic cipher authentication method, make people only need to remember a kind of password rule of oneself setting, system that just can all utilization this method of secure log.
In order to realize goal of the invention, the invention provides following method of operation:
Use computer technology that the random character of some is arranged, and use image processing techniques to draw Background to character, then form password figure and represent to the user; The user goes out the password rule according to arranging scheme and the character locating solution formulation of character Background in advance; The user reads password according to the password rule from password figure, then by system, according to user's password rule, the password of reading is authenticated.
The password that the user reads from different password figure is not identical, and the password of reading can only once not authenticate when current password figure changes, otherwise password lost efficacy.
Even correct password repeatedly learnt by other people, other people also can't be according to the anti-password rule accurately of releasing of the characteristics of password.
By foregoing, learnt, the different password figure of the each generation of system, read password figure by the password rule and also can produce different passwords, even and if use same password rule also may read different passwords in same password figure, therefore, even if password is stolen when login system, so also can only steal invalid code characters, rather than the password rule, make the thief can't use the code characters stolen to be logined.Thereby improved greatly fail safe.
If various websites, software, bank etc. all adopt the present invention to carry out login authentication, the user just needn't arrange independent password for each authentication item by traditional mode so.Only need same password authentification rule be set to each authentication item, when then logining, just only need just can login whole systems by this rule.Although people may arrange a plurality of password rules in reality, in general, memory capacitance has greatly reduced, and this password rule can image mean in password figure, very convenient memory.
In addition, if adopt the present invention to carry out login authentication, also do not need to re-use in addition identifying code and verify manual operation, because the present invention has used password figure, must be that manual operation just can be read password, be exactly the identifying code function that can replace various Verification Systems so the present invention also has a benefit.
In sum, the present invention has realized the password authentification of high-strength security performance, has operated and measured few memory requirement easily, is applicable to very much all trades and professions informatization security checking in modern society.
[accompanying drawing explanation]
The picture that the accompanying drawing explanation provides, for auxiliary a further understanding of the present invention, forms the application's a part, does not form inappropriate limitation of the present invention, in the accompanying drawings:
Fig. 1 is the password graph structure in the present invention
Fig. 2 is that system generates the password figure to the user
Fig. 3 is " one because of rule " flow chart
Fig. 4 is " two because of rule " flow chart
[embodiment]
Password figure
Fig. 1 is the structure (this case describes with the form of form arrangement) of password figure, by 1,2 two little form, formed, the numbering of the numeral form in the gauge outfit cell, nine grids cell in form is for depositing character, the numbering of numeral cell wherein, for the character of positioning unit lattice acquiring unit lattice.The part cell is drawn Background (this case describes for example with black and white two solid background figure), exactly for distinguishing the background of kinds of characters, for formulating the Background arranging scheme.
Fig. 2 is that system generates the password figure to the user.System is chosen 6 characters at random, and each character repeats 3 times, and random alignment, in each cell, and draws background to partial character at random.
The password rule
The password rule is combined by the locating rule of each code characters, and the locating rule of code characters has following three classes:
One, cell numbering locating rule as shown in fig. 1, " 11 " just mean to navigate to the first cell of nine grids in table 1, read character in its cell as code characters, if this rule is applied in Fig. 2, the code characters that " 11 " this rule is read so is exactly " 1 ", and the code characters that in like manner " 29 " this rule is read is exactly " b ".
Two, this class of scope Background locating rule locating rule has four, is respectively " black ", " black and white ", " white black ", " in vain ".What first character meaned is the gauge outfit cell Background of table 1 or table 2, and what second word table showed is Background of cell in the following nine grids of this corresponding table.The mode of this rule location is exactly first according to the gauge outfit cell background of table 1, table 2, to carry out the scope of navigation watch, and then show according to this scope that following nine grids cell background is screened cell.For example, in Fig. 2, take " black " as example, so legal cell just has " numbering: 22 values: a ", " numbering: 23 values: 3 ", " numbering: 24 values: 3 ", " numbering: 26 value: c ", " numbering: 28 values: 2 ", find out thus, with this rule-like location, a plurality of legal code characters can be obtained, only one of them character need to be got just passable as code characters in the symbol of multiword so.So, in the password rule, if used this rule-like, the password of reading so just has multiple.
Three, this class of Background collocation locating rule locating rule is the abundantest, the most complicated, is also to guarantee that the password rule can't be by the accurate anti-key point of releasing.Rule schemata is " because of rule 00 fruit rule ", and " 00 " means separator, and by " because of rule " and " fruit rule ", separately, " because of rule " is comprised of one or more " cell numbering locating rules ", and these rules are called the sub-rule of " because of rule ".Different types of for the ease of distinguishing " because of rule ", the sub-rule quantity that we comprise according to " because of rule ", add quantity in order to distinguish " because of rule " is front, such as: " one because of rule ", " two because of rule " etc." fruit rule " also is comprised of " cell numbering locating rule ", quantity wherein is the decision of cell Background collocation kind quantity in " because of rule ", and each cell in " fruit rule " is closely associated with cell collocation situation in " because of rule ".Below illustrate the utilization of this rule-like:
" one because of rule "
For example: " 19002129 "
" because of rule " is " 19 ", the Background of " 19 " number cell or black, otherwise white.If, when in password figure, " 19 " number cell Background is black, navigate to so " 21 " number cell reading character.If, when in password figure, " 19 " number cell Background is white, navigate to so " 29 " number cell reading character, flow process as shown in Figure 3.If the Fig. 2 of usining is read as password figure, the character of reading so is exactly " 3 ".
Counnter attack push away regular aspect, if knowledge of result " 3 " only, the password rule may be " 21 ", " 23 ", " 24 ", " black ", " black and white " so, but can't instead release " 19002129 ", thereby has realized instead releasing password rule accurately.
" two because of rule "
For example: " 111200151827 "
" because of rule " is comprised of " 11 ", " 12 ", the Background collocation just has three kinds of situations " two with black ", " two with white ", " one black one is white " so, in fact can also the collocation situation be " two with black ", " two with white ", " 11 black 12 is white ", " 11 white, 12 black ", but, for the angle from facilitating the user to remember, we get " the fruit rule " of three kinds of situations and sort by above-mentioned order.In like manner flow process as shown in Figure 4.If the Fig. 2 of usining is read as password figure, the character of reading so is exactly " b ".
In addition, " three because of rule ", " four because of rule " etc. can also be arranged, but consider reality, general only with " one because of rule " and " two because of rule ".
The length of this rule-like word expression is the longest a kind of in this three classes password rule, more difficult memory, but, because this password rule is based on password figure, so, the memory of password rule has been become to the memory to figure, the memory of figure is more vivider than the word memory, therefore, remember that the password rule has become again a nothing the matter.
If set same password rule on all application platform of the present invention, so just can a password rule realize current login.In order to allow the safer also more easily memory of password rule, advise that three class password rules all use, for example: 3 " cell numbering locating rule " adds 1 " scope Background locating rule " and adds 3 " Background collocation locating rules "
The password rule forms:
Password is comprised of the multidigit character, the rule of so a plurality of characters, and we distinguish each rule with " 99 " as separator, with " 77 " expression " black ", with " 78 " expression " black and white ", with " 87 " expression " white black ", with " 88 " expression " in vain ".
The text representation of password rule is given an example:
“1599219927998899120025289912270021232999152100181927”
This is the password rule text representation formula corresponding to dynamic password of 7 bit lengths, although length is very long, is difficult to memory, is attached in password figure and just is not difficult to have remembered, when reading password figure, as long as read just passable according to graph position at every turn later.As for why all by numeral, without some symbols, doing separator, in fact, this is in order to adapt to the mechanisms such as bank, because present bank cipher is comprised of pure digi-tal, only having numeral on the PIN PAD of sales counter, if go to open a bank account, the password rule is set, should that how to operate? so, if can not go out the password rule with numeral expression, will certainly the password rule be set to the user and cause obstruction.
This password regular expression be the dynamic password of 7 bit lengths, if read password with reference to password Fig. 2, separate so read procedure as follows:
The 1st: rule: " 15 ", No. 15 cell characters: " c "
The 2nd: rule: " 21 ", No. 21 cell characters: " 3 "
The 3rd: rule: " 27 ", No. 27 cell characters: " b "
The 4th: rule: " 88 ", the character met has: " 1,2, c "
The 5th: rule: " 12002528 ", No. 12 cell Backgrounds, for black, read the cell character No. 25: " 1 " so
The 6th: rule: " 122700212329 ", No. 12 cell Backgrounds are for black, and No. 27 the cell Background is white, and two lattice Background differences, read the cell character No. 29: " b "
The 7th: rule: " 152100181927 ", No. 15 the cell Background is white, and No. 21 the cell Background is white, and two lattice Backgrounds, with white, read the cell character No. 19: " a "
Three kinds of results are arranged due to the 4th, the password of reading so can be just three kinds: " c3b11ba ", " c3b21ba ", " c3bc1ba ".
Cipher authentication
The user reads character composition password according to password rule corresponding position from password figure and submits to system, system is found user's password rule according to user's account, then rule is resolved, the code characters that the user is submitted to and the information in password figure are contrasted, if contrast entirely true, the user by the authentication, if the contrast have one incorrect, the authentication do not pass through.
Above the present invention has been done to detailed introduction, below just the present invention real-life practicing for example, describe.
At first, a kind of new cryptography scheme has been proposed in the present invention, features such as " user go out the password rule according to arranging scheme and the character locating solution formulation of character Background in advance " wherein, with conventional cipher, larger difference is arranged, if to these, new password rule is not learnt, utilization that just can not fine grasp password rule.To this, we first will make network platform for the new password using method of user learning, and provide simulated environment to allow the user practise establishment and the use of password rule more, to reach the purpose of skilled utilization password rule.After people grasp new password using method, just can implement following case:
The application of banking system
The sales counter operation: when the user opens an account at bank counter, traditional password and password rule can be set, also traditional password can only be set, the password rule can be arranged by the Net silver platform from now on.The password rule is set just as above mentioned at sales counter, similar " 1599219927998899120025289912270021232999152100181927 " this password rule text representation formula is carried out to typing by PIN PAD.The user can generate out by the password of oneself rule text representation formula by other analog platforms in advance, is recorded on mobile phone or paper slip, after the bank counter setting completes, deletes record again or tears to pieces and record paper slip.
Cash dispenser operation: before entering the input cryptographic interface, the user can the choice for use conventional cipher login or the rule login that accesses to your password, if enter into password rule authentication interface, can represent password figure to the user at the cash dispenser screen, the user reads password according to the password rule of oneself and is authenticated.
The operation of swiping the card: this just need to do change to the password input device on machine for punching the card, increase a LCDs on the password input device, for display password figure, password figure in this case is illustrated with the black and white Background, and also positive coincidence lattice liquid crystal display screen of black and white Background, do not need to show other colors, only need two kinds of color relations of black and white can represent accurately the information in password figure.Lattice lcd screen low price, so the repacking cost of password input device is not high yet, is applicable to a large amount of the replacing.The password input device of swiping the card also retains the input of conventional cipher, and to facilitate groups of people's use, for the user of a huge sum of money is arranged in card, the rule of advising accessing to your password is authenticated.
Net silver operation: compare above several mode of operation, Net silver operation most convenient, but risk is also larger, wooden horse in computer accidentally, the password entry information will be stolen, so, in the authentication place suggestion of the Net silver rule that accesses to your password, authenticated.
More than four kinds of the most frequently used operations of people, except sales counter operates the password that is difficult to be stolen, other three kinds all can be snatched password by the undesirable, and after use the present invention, as mentioned before, password is dynamic password, has been stolen and also can't have used, and also can't instead release password rule accurately, realize high-intensity safety certification.
The application of network facet
Nowadays network technology is very flourishing, netizen's quantity is also very huge, and almost each netizen can have a plurality of accounts, for using the multiple different network platform, common are: website log, shopping at network, mailbox login, intercommunion platform login, online game login etc.The login great majority of these platforms are to use the traditional static password to be verified, the user need to remember a lot of passwords, and fail safe is general, if these platforms all adopt the method in the present invention, the user only need to be arranged on the password rule of oneself on the diverse network platform so, just can realize on various platforms with the login of a password rule, add the present invention exclusive can't instead release the characteristics of password rule accurately, realized convenience memory and high-intensity safety certification.
More than describe preferred embodiment of the present invention in detail, should be appreciated that the ordinary skill of this area just can design according to the present invention be made many modifications and variations without creative work.Therefore, all technical staff in the art according to the present invention design on the prior art basis by logic analysis, reasoning or according to the available technical scheme of limited experiment, all should be within the determined protection range of these claims be arranged.
Claims (3)
1. a high strength dynamic cipher authentication method, is characterized in that: use computer technology that the random character of some is arranged, and use image processing techniques to draw Background to character, then form password figure and represent to the user; The user goes out the password rule according to arranging scheme and the character locating solution formulation of character Background in advance; The user reads password according to the password rule from password figure, then by system, according to user's password rule, the password of reading is authenticated.
2. high strength dynamic cipher authentication method according to claim 1, it is characterized in that: the password that the user reads from different password figure is not identical, and the password of reading can only once not authenticate when current password figure changes, otherwise password lost efficacy.
3. high strength dynamic cipher authentication method according to claim 1 is characterized in that: though correct password by other people, repeatedly learnt, other people also can't be according to the anti-password rule accurately of releasing of the characteristics of password.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013103726773A CN103441852A (en) | 2013-08-23 | 2013-08-23 | High-strength dynamic password authentication method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013103726773A CN103441852A (en) | 2013-08-23 | 2013-08-23 | High-strength dynamic password authentication method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103441852A true CN103441852A (en) | 2013-12-11 |
Family
ID=49695521
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2013103726773A Pending CN103441852A (en) | 2013-08-23 | 2013-08-23 | High-strength dynamic password authentication method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103441852A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103475492A (en) * | 2013-10-15 | 2013-12-25 | 胡海峰 | Safe password authentication method |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060248344A1 (en) * | 2005-05-02 | 2006-11-02 | Vince Yang | Method for verifying authorized access |
| CN1992592A (en) * | 2005-12-30 | 2007-07-04 | 腾讯科技(深圳)有限公司 | System and method of dynamic password identification |
| US20070226784A1 (en) * | 2006-03-27 | 2007-09-27 | Yukiya Ueda | System and method for user authentication |
| EP2073139A1 (en) * | 2007-12-14 | 2009-06-24 | Vince Yang | Method of inputting password |
| CN102279910A (en) * | 2010-06-11 | 2011-12-14 | 鸿富锦精密工业(深圳)有限公司 | Device with encryption and decryption functions and encrypting and decrypting methods of device |
-
2013
- 2013-08-23 CN CN2013103726773A patent/CN103441852A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060248344A1 (en) * | 2005-05-02 | 2006-11-02 | Vince Yang | Method for verifying authorized access |
| CN1992592A (en) * | 2005-12-30 | 2007-07-04 | 腾讯科技(深圳)有限公司 | System and method of dynamic password identification |
| US20070226784A1 (en) * | 2006-03-27 | 2007-09-27 | Yukiya Ueda | System and method for user authentication |
| EP2073139A1 (en) * | 2007-12-14 | 2009-06-24 | Vince Yang | Method of inputting password |
| CN102279910A (en) * | 2010-06-11 | 2011-12-14 | 鸿富锦精密工业(深圳)有限公司 | Device with encryption and decryption functions and encrypting and decrypting methods of device |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103475492A (en) * | 2013-10-15 | 2013-12-25 | 胡海峰 | Safe password authentication method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8117458B2 (en) | Methods and systems for graphical image authentication | |
| US9426141B2 (en) | Verifiable tokenization | |
| AU2008218262B2 (en) | Methods and systems for graphical image authentication | |
| TWI509452B (en) | Method, system and computer program product for securing access to an unsecure network utilizing a transparent identification member | |
| US9104855B2 (en) | Dynamic secure login authentication | |
| US20140098141A1 (en) | Method and Apparatus for Securing Input of Information via Software Keyboards | |
| US20160127134A1 (en) | User authentication system and method | |
| KR20140043041A (en) | Method for integrating account management function in input method software | |
| CN107451819A (en) | A kind of auth method and device based on user's operation behavior feature | |
| CN100589382C (en) | System and method of dynamic password identification | |
| US10754814B1 (en) | Methods and systems for image-based authentication | |
| CN105978994A (en) | Web system oriented logging-in method | |
| US20180181742A1 (en) | Server system, communication system, communication terminal device, program, recording medium, and communication method | |
| US20150169882A1 (en) | System and method for providing graphical dynamic user authentication and device access | |
| CN103441852A (en) | High-strength dynamic password authentication method | |
| CN105007267A (en) | Privacy protection method and device | |
| US10491391B1 (en) | Feedback-based data security | |
| KR20120107610A (en) | The apparatus for verifying user in portable appliance and the method thereof | |
| Awasthi | Reducing identity theft using one-time passwords and SMS | |
| US11449597B2 (en) | Transposed passwords | |
| US20150339054A1 (en) | Method and system for inputting and uploading data | |
| Wodo et al. | Biometrics safety engineering in mobile devices | |
| Philomin et al. | A Contemporary Cloud-based Dynamic Authentication System for Mobile Applications | |
| Reddy et al. | Internal scrambled virtual keyboard for password protection | |
| CN103684799A (en) | Dynamic digital password authentication method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20131211 |