CN103636180B - 反肩窥认证方法及设备 - Google Patents

反肩窥认证方法及设备 Download PDF

Info

Publication number
CN103636180B
CN103636180B CN201280032116.2A CN201280032116A CN103636180B CN 103636180 B CN103636180 B CN 103636180B CN 201280032116 A CN201280032116 A CN 201280032116A CN 103636180 B CN103636180 B CN 103636180B
Authority
CN
China
Prior art keywords
password
user
random number
server site
client device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201280032116.2A
Other languages
English (en)
Chinese (zh)
Other versions
CN103636180A (zh
Inventor
Q·李
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qualcomm Inc
Original Assignee
Qualcomm Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qualcomm Inc filed Critical Qualcomm Inc
Publication of CN103636180A publication Critical patent/CN103636180A/zh
Application granted granted Critical
Publication of CN103636180B publication Critical patent/CN103636180B/zh
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/081Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying self-generating credentials, e.g. instead of receiving credentials from an authority or from another peer, the credentials are generated at the entity itself
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
CN201280032116.2A 2011-06-30 2012-06-29 反肩窥认证方法及设备 Expired - Fee Related CN103636180B (zh)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US13/174,558 US8789154B2 (en) 2011-06-30 2011-06-30 Anti-shoulder surfing authentication method
US13/174,558 2011-06-30
PCT/US2012/045057 WO2013003782A1 (en) 2011-06-30 2012-06-29 Anti-shoulder surfing authentication method

Publications (2)

Publication Number Publication Date
CN103636180A CN103636180A (zh) 2014-03-12
CN103636180B true CN103636180B (zh) 2016-03-09

Family

ID=46516849

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201280032116.2A Expired - Fee Related CN103636180B (zh) 2011-06-30 2012-06-29 反肩窥认证方法及设备

Country Status (6)

Country Link
US (1) US8789154B2 (enExample)
EP (1) EP2727310B1 (enExample)
JP (1) JP5660652B2 (enExample)
KR (1) KR101554442B1 (enExample)
CN (1) CN103636180B (enExample)
WO (1) WO2013003782A1 (enExample)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2500720A (en) * 2012-03-30 2013-10-02 Nec Corp Providing security information to establish secure communications over a device-to-device (D2D) communication link
KR101451214B1 (ko) * 2012-09-14 2014-10-15 주식회사 엘지씨엔에스 결제 방법, 이를 실행하는 결제 서버, 이를 저장한 기록 매체 및 이를 실행하는 시스템
US9171140B2 (en) * 2013-03-14 2015-10-27 Blackberry Limited System and method for unified passcode processing
CN115018578A (zh) * 2015-02-09 2022-09-06 创新先进技术有限公司 业务实现方法及装置
CN106416337B (zh) * 2015-03-31 2020-01-31 华为技术有限公司 获取鉴权信息的方法、装置及终端
US10007780B1 (en) * 2016-12-12 2018-06-26 International Business Machines Corporation Authentication management
US10742408B2 (en) * 2017-02-27 2020-08-11 Cord3 Innovation Inc. Many-to-many symmetric cryptographic system and method
US10904003B2 (en) * 2018-04-21 2021-01-26 Microsoft Technology Licensing, Llc Validation of short authentication data with a zero knowledge proof
US10909225B2 (en) * 2018-09-17 2021-02-02 Motorola Mobility Llc Electronic devices and corresponding methods for precluding entry of authentication codes in multi-person environments

Family Cites Families (31)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3053527B2 (ja) * 1993-07-30 2000-06-19 インターナショナル・ビジネス・マシーンズ・コーポレイション パスワードを有効化する方法及び装置、パスワードを生成し且つ予備的に有効化する方法及び装置、認証コードを使用して資源のアクセスを制御する方法及び装置
US6826686B1 (en) * 2000-04-14 2004-11-30 International Business Machines Corporation Method and apparatus for secure password transmission and password changes
JP2001306513A (ja) * 2000-04-21 2001-11-02 Fujitsu Ltd 情報管理装置および記憶媒体
US6834112B1 (en) * 2000-04-21 2004-12-21 Intel Corporation Secure distribution of private keys to multiple clients
JP3642044B2 (ja) * 2001-11-06 2005-04-27 日本電気株式会社 パスワード管理装置、パスワード管理システム、パスワード管理方法、およびそのプログラム
US7171679B2 (en) * 2002-01-07 2007-01-30 International Business Machines Corporation Generating and maintaining encrypted passwords
US7529944B2 (en) * 2002-02-07 2009-05-05 Activcard Ireland Limited Support for multiple login method
US7228417B2 (en) * 2002-02-26 2007-06-05 America Online, Inc. Simple secure login with multiple-authentication providers
US7607009B2 (en) * 2003-02-10 2009-10-20 International Business Machines Corporation Method for distributing and authenticating public keys using time ordered exchanges
US7480384B2 (en) * 2003-02-10 2009-01-20 International Business Machines Corporation Method for distributing and authenticating public keys using random numbers and Diffie-Hellman public keys
US7581100B2 (en) 2003-09-02 2009-08-25 Authernative, Inc. Key generation method for communication session encryption and authentication system
JP4617763B2 (ja) * 2003-09-03 2011-01-26 ソニー株式会社 機器認証システム、機器認証サーバ、端末機器、機器認証方法、および機器認証プログラム
US7210166B2 (en) * 2004-10-16 2007-04-24 Lenovo (Singapore) Pte. Ltd. Method and system for secure, one-time password override during password-protected system boot
CN1905446A (zh) * 2005-07-26 2007-01-31 国际商业机器公司 管理多个验证的基于客户机的方法和系统
US7861078B2 (en) * 2005-10-14 2010-12-28 Juniper Networks, Inc. Password-authenticated asymmetric key exchange
KR100798651B1 (ko) * 2006-06-16 2008-01-28 삼성전자주식회사 동적 암호 변환 장치 및 방법
JP2008005371A (ja) * 2006-06-26 2008-01-10 Genden Information System Co Ltd 日本語パスワード変換装置及びその方法
CN1889432B (zh) * 2006-07-13 2010-09-22 上海交通大学 基于智能卡的口令远程认证方法、智能卡、服务器和系统
US20080178252A1 (en) * 2007-01-18 2008-07-24 General Instrument Corporation Password Installation in Home Networks
JP4258551B2 (ja) * 2007-01-25 2009-04-30 日本電気株式会社 認証システム、認証方法、及び認証プログラム
US8590024B2 (en) * 2007-02-01 2013-11-19 The Boeing Company Method for generating digital fingerprint using pseudo random number code
US20090220075A1 (en) * 2008-02-28 2009-09-03 Akros Techlabs, Llc Multifactor authentication system and methodology
WO2010005071A1 (ja) * 2008-07-10 2010-01-14 独立行政法人産業技術総合研究所 パスワード認証方法
WO2010010430A2 (en) 2008-07-25 2010-01-28 Lee Kok-Wah Methods and systems to create big memorizable secrets and their applications in information engineering
US8910256B2 (en) * 2008-08-08 2014-12-09 Microsoft Corporation Form filling with digital identities, and automatic password generation
US8245030B2 (en) * 2008-12-19 2012-08-14 Nai-Yu Pai Method for authenticating online transactions using a browser
WO2010086625A1 (en) * 2009-01-30 2010-08-05 British Telecommunications Public Limited Company Secure web-based service provision
CN101651546A (zh) 2009-09-11 2010-02-17 福建天晴在线互动科技有限公司 一种离线生成动态密码与服务器进行登陆认证和同步的方法
EP2598984A4 (en) * 2010-07-29 2017-04-19 Nirmal Juthani System and method for generating a strong multi factor personalized server key from a simple user password
US8855300B2 (en) * 2010-09-30 2014-10-07 Google Inc. Image-based key exchange
US20120294445A1 (en) * 2011-05-16 2012-11-22 Microsoft Corporation Credential storage structure with encrypted password

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
A Virtual Password Scheme to Protect Passwords;Ming Lei,等;《IEEE Communications Society,2008》;20081231;全文 *
Operation Code Authentication;Syed Shabih ul Hasan Naqvi,等;《ICCSIT 2010》;20100711;全文 *
Secret Little Functions and Codebooks for Protecting Users from Password Theft;Yang Xiao,等;《IEEE Communications Society》;20080523;全文 *

Also Published As

Publication number Publication date
KR20140043137A (ko) 2014-04-08
WO2013003782A1 (en) 2013-01-03
EP2727310A1 (en) 2014-05-07
US8789154B2 (en) 2014-07-22
JP2014521152A (ja) 2014-08-25
KR101554442B1 (ko) 2015-09-18
US20130007857A1 (en) 2013-01-03
EP2727310B1 (en) 2017-08-30
CN103636180A (zh) 2014-03-12
JP5660652B2 (ja) 2015-01-28

Similar Documents

Publication Publication Date Title
CN103636180B (zh) 反肩窥认证方法及设备
EP2949103B1 (en) Providing an encrypted account credential from a first device to a second device
CN105009682B (zh) 选择无线装置的网络
CN108353076B (zh) 针对因特网密钥交换(ike)的方法和设备
US9374360B2 (en) System and method for single-sign-on in virtual desktop infrastructure environment
CN102835136B (zh) 用于为会话加密和完整性密钥信令通知增强型安全性上下文的装置和方法
KR20160083128A (ko) 암호화된 통신을 위한 방법 및 시스템
CN103583060A (zh) 用于接入私有网络的系统和方法
KR20170043520A (ko) 비대칭 암호화를 이용하여 otp를 구현하기 위한 시스템 및 방법
CN112910843B (zh) 数据传输方法、电子设备、服务器、移动终端及存储介质
CN111935166A (zh) 通信认证方法、系统、电子设备、服务器及存储介质
WO2010023506A1 (en) Methods, apparatuses, computer program products, and systems for providing secure pairing and association for wireless devices
US20180035293A1 (en) Authenticating a device utilizing a secure display
JP2011238245A (ja) 単一処理で複数のpskベース認証を実行する方法及びこの方法を実行するシステム
WO2021109668A1 (zh) 一种安全认证方法、装置及电子设备
CN107950003A (zh) 双用户认证
US20070266247A1 (en) System and method for exchanging encryption keys between a mobile device and a peripheral output device
CN101383816B (zh) 无线网络认证系统及其方法
EP1855177A1 (en) System and method for exchanging encryption keys between a mobile device and a peripheral output device
US11601418B2 (en) System for increasing authentication complexity for access to online systems
TWM569453U (zh) Digital data processing system
KR20130009849A (ko) 강화된 보안 콘텍스트를 utran 기반 서빙 네트워크로부터 geran 기반 서빙 네트워크로 트랜지셔닝하기 위한 장치 및 방법
Ghotra et al. Secure display and secure transactions using a handset
CN115225374A (zh) 应用于云终端的密码输入方法、装置及计算机程序产品
Molla et al. 3LS-Authenticate: an e-Commerce Challenge-Response Mobile Application

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20160309

Termination date: 20190629