CN103763105A - Encryption method and device for login of Exchange corporate E-mails - Google Patents

Encryption method and device for login of Exchange corporate E-mails Download PDF

Info

Publication number
CN103763105A
CN103763105A CN201410005724.5A CN201410005724A CN103763105A CN 103763105 A CN103763105 A CN 103763105A CN 201410005724 A CN201410005724 A CN 201410005724A CN 103763105 A CN103763105 A CN 103763105A
Authority
CN
China
Prior art keywords
character
dynamic password
exchange
server
user name
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201410005724.5A
Other languages
Chinese (zh)
Inventor
谈剑锋
段钢
王智磊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Peoplenet Security Technology Co Ltd
Original Assignee
Shanghai Peoplenet Security Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Peoplenet Security Technology Co Ltd filed Critical Shanghai Peoplenet Security Technology Co Ltd
Priority to CN201410005724.5A priority Critical patent/CN103763105A/en
Publication of CN103763105A publication Critical patent/CN103763105A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Information Transfer Between Computers (AREA)

Abstract

The invention discloses an encryption method for login of Exchange corporate E-mails. The encryption method comprises the steps that dynamic password equipment generates dynamic password characters according to time parameters, a user adds the dynamic password characters to a static password character which is preset by the user and is used for verifying an Exchange E-mail server to generate a combined password character, and a dynamic password server and the Exchange E-mail server carry out Exchange corporate E-mail login verification on the user based on a user name and the combined password characters. The invention further discloses an encryption device for login of the Exchange corporate E-mails. A dynamic password generated by the dynamic password equipment is added to an original login password, so that the safety of the Exchange E-mails is greatly improved.

Description

A kind of Exchange enterprise E-mail logs in encryption method and device
Technical field
The present invention relates to E-mail enciphered field, relate in particular to a kind of Exchange enterprise E-mail and log in encryption method and device.
Background technology
Exchange Server is a message and cooperative system.Briefly, Exchange server can be used to mailing system that framework is applied to enterprise, the school free mail system as catenet company even.Exchange server or a cooperation platform, people are development stream, Knowledge Management System, Web system or other message systems on its basis.Numerous improvement characteristics that Exchange comprises, become Exchange to have height productivity and towards desirable message and the collaboration services applicator platform of mobile access.
Along with popularizing of the Internet, use the more and more of Exchange enterprise E-mail, in actual application, some subscriber mailbox passwords are weak passwurd, be pure lowercase, pure digi-tal password, as 123456, password etc., to subscriber mailbox, caused potential safety hazard.Assault person or spammer can ceaselessly guess the password of subscriber mailbox, because the password of certain customers' mailbox is fairly simple, very easily by hacker or spammer, are guessed right, cause Mail Contents to divulge a secret or are utilized to send spam.Mail server is sent out a large amount of spams, thereby causes corporate mail server IP address to pipe off, and user sends unsuccessful when posting a letter.
Therefore, log in proof procedure carrying out Exchange enterprise E-mail, need to have a kind of safer authentication mode to solve weak passwurd problem, to guarantee the safety of mailbox.
Summary of the invention
For existing Exchange enterprise E-mail, logging in checking institute accesses to your password and has merely the technical problem of potential safety hazard, the invention provides a kind of Exchange enterprise E-mail and log in encryption method and device, based on dynamic password equipment, generate dynamic password, after the dynamic password of generation is appended to original mail password, so that dynamic password and original mail password are carried out to double code checking, thereby strengthen the checking to user's legal identity, the fail safe that logs in that has improved exchange mailbox.
To achieve these goals, the invention provides a kind of Exchange enterprise E-mail and log in encryption method, described encryption method comprises, dynamic password equipment produces dynamic password character according to time parameter; User inputs user name and combinatioin code character to log in Exchange mail server, combinatioin code character is that static password character appends dynamic password character, and static password character is user rs authentication Exchange mail server code characters used, corresponding with user name; The encrypting module of Exchange mail server is by kidnapping the verification function LogonUser function of Exchange mail server, obtain user name and combinatioin code character, if combinatioin code character is less than or equal to 6, return to 2 and also determine the failure of Exchange mail debarkation authentication, if combinatioin code character is greater than 6, intercept the dynamic password character of combinatioin code character afterbody, and the dynamic password character of user name and intercepting is submitted to dynamic password server place authenticates; Dynamic password server carries out dynamic cipher verification according to the dynamic password character of user name and intercepting, if the dynamic password character of authentication intercepting is correct, returns to 1, if authentication is not bound dynamic password equipment for user, returns to 3; Exchange mail server receives the data that dynamic password server returns, when returning to 1, according to static password character in user name and combinatioin code character, carry out Exchange mail debarkation authentication, when returning to 3, according to user name and combinatioin code character, carry out Exchange mail debarkation authentication.
Alternatively, described user inputs user name and combinatioin code character comprises to log in Exchange mail server, and user logs in Exchange mail server by the 3rd version POP3 agreement of Simple Mail Transfer protocol smtp protocol or post office protocol.
Alternatively, describedly according to static password character in user name and combinatioin code character, carry out Exchange mail debarkation authentication and comprise, in user name and combinatioin code character during static password character match, determine the success of Exchange mail debarkation authentication, otherwise determine the failure of Exchange mail debarkation authentication.
Alternatively, describedly according to user name and combinatioin code character, carry out Exchange mail debarkation authentication and comprise, when user name and combinatioin code character match, determine the success of Exchange mail debarkation authentication, otherwise determine the failure of Exchange mail debarkation authentication.
To achieve these goals, the present invention also provides a kind of Exchange enterprise E-mail to log in encryption device, and described encryption device comprises, dynamic password equipment, for producing dynamic password character according to time parameter, Exchange mail server, for inputting user name and combinatioin code character user when logging in Exchange mail server, by built-in encrypting module, kidnap the verification function LogonUser function of Exchange mail server, obtain user name and combinatioin code character, and be less than or equal at 6 o'clock at combinatioin code character, return to 2 and also determine the failure of Exchange mail debarkation authentication, at combinatioin code character, be greater than at 6 o'clock, the dynamic password character of intercepting combinatioin code character afterbody, and the dynamic password character of user name and intercepting is submitted to dynamic password server place authenticates, dynamic password server, carries out dynamic cipher verification for the dynamic password character according to user name and intercepting, if the dynamic password character of authentication intercepting is correct, returns to 1, if authentication is not bound dynamic password equipment for user, returns to 3, wherein, Exchange mail server also receives the data that dynamic password server returns, when returning to 1, according to static password character in user name and combinatioin code character, carry out Exchange mail debarkation authentication, when returning to 3, according to user name and combinatioin code character, carry out Exchange mail debarkation authentication, wherein, combinatioin code character is that static password character appends dynamic password character, and static password character is user rs authentication Exchange mail server code characters used, corresponding with user name, wherein, Exchange mail server is connected with dynamic password server by network.
Alternatively, Exchange mail server and dynamic password server are all Cloud Server.
Alternatively, Exchange mail server is connected with dynamic password server by the Internet.
Alternatively, dynamic password equipment is mobile phone, notebook or personal digital assistant PDA, and dynamic password equipment has display screen to show dynamic password character.
The present invention is owing to having adopted technique scheme, thereby have the following advantages: Exchange enterprise E-mail of the present invention logs in encryption method and device, transform Exchange enterprise E-mail of the prior art and logged in encryption technology, quoted and generated the dynamic password equipment of dynamic password and for verifying the dynamic password server of dynamic password, the double verification of realization to the static password of mail access, dynamic password, make hacker or spammer be difficult to guess right the password of subscriber mailbox, improved the fail safe that exchange mailbox is used.
Accompanying drawing explanation
Fig. 1 is the method flow diagram that a kind of Exchange enterprise E-mail of the present invention logs in encryption method;
Fig. 2 is the block diagram that a kind of Exchange enterprise E-mail of the present invention logs in encryption device.
Embodiment
Below in conjunction with accompanying drawing, the specific embodiment of the present invention is described in detail.
First, please refer to Fig. 1, Fig. 1 is the method flow diagram that a kind of Exchange enterprise E-mail of the present invention logs in encryption method, and described encryption method comprises the following steps:
Step 101: dynamic password equipment produces dynamic password character according to time parameter;
Step 102: user inputs user name and combinatioin code character to log in Exchange mail server, combinatioin code character is that static password character appends dynamic password character, and static password character is user rs authentication Exchange mail server code characters used, corresponding with user name;
The encrypting module of step 103:Exchange mail server is by kidnapping the verification function LogonUser function of Exchange mail server, obtain user name and combinatioin code character, if combinatioin code character is less than or equal to 6, return to 2 and also determine the failure of Exchange mail debarkation authentication, if combinatioin code character is greater than 6, intercept the dynamic password character of combinatioin code character afterbody, and the dynamic password character of user name and intercepting is submitted to dynamic password server place authenticates;
Step 104: dynamic password server carries out dynamic cipher verification according to the dynamic password character of user name and intercepting, if the dynamic password character of authentication intercepting is correct, returns to 1, if authentication is not bound dynamic password equipment for user, returns to 3;
Step 105:Exchange mail server receives the data that dynamic password server returns, when returning to 1, according to static password character in user name and combinatioin code character, carry out Exchange mail debarkation authentication, when returning to 3, according to user name and combinatioin code character, carry out Exchange mail debarkation authentication;
Wherein, described user inputs user name and combinatioin code character comprises to log in Exchange mail server, and user logs in Exchange mail server by the 3rd version POP3 agreement of Simple Mail Transfer protocol smtp protocol or post office protocol; Describedly according to static password character in user name and combinatioin code character, carry out Exchange mail debarkation authentication and comprise, in user name and combinatioin code character during static password character match, determine the success of Exchange mail debarkation authentication, otherwise determine the failure of Exchange mail debarkation authentication; Describedly according to user name and combinatioin code character, carry out Exchange mail debarkation authentication and comprise, when user name and combinatioin code character match, determine the success of Exchange mail debarkation authentication, otherwise determine the failure of Exchange mail debarkation authentication.
In addition, SMTP(Simple Mail Transfer Protocol) be Simple Mail Transfer protocol, he be one group for transmitted the rule of mail to destination address by source address, by him, controlled the transfer mode of mail.Smtp protocol belongs to TCP/IP protocol suite, and he helps every computer when transmission or transfer mail, to find next destination.By the specified server of smtp protocol, just Email can have been sent it on receiver's server, whole process only needs a few minutes.Smtp server is the sender mail server of following smtp protocol, is used for the Email that sends or transfer is sent.
In addition, POP3(Post Office Protocol3) be the 3rd version of post office protocol, he is how regulation personal computer is connected to the agreement that mail server on the Internet carries out receiving and dispatching mail.He is first off-line consensus standard of internet E-mail, POP3 agreement allow user from server email storage to local host (i.e. the computer of oneself), according to the operation of client, delete or be kept at the mail on mail server simultaneously, POP3 server is the receipt mail server of following POP3 agreement, is used for receiving Email.POP3 agreement is a member in TCP/IP protocol suite, by RFC1939, is defined.This agreement is mainly used in supporting to use the Email of client telemanagement on server.
In addition, dynamic password, as one of safest identity identifying technology, is applied by increasing industry at present.Because he is easy to use, and platform-independent, development along with mobile Internet, dynamic password technology has become the main flow of identity identifying technology, be widely used in the fields such as enterprise, network game, finance, the enterprise that is engaged in the relevant research and development of dynamic password both at home and abroad and produces is also more and more, it is advantageous that and the quick seamless interoperability of miscellaneous service system, the command dynamic password ID authentication software systems of its complete independent research are stable, efficient, support multiple certification mode, and its solution can be served different scales enterprise.Dynamic password technology is mainly divided two kinds: synchronous password technology, asynchronous password technology (challenge-response mode), synchronous password technology is wherein divided into again time synchronized password and event synchronization password.Time synchronized based on token and server, generates consistent dynamic password by computing, the token based on time synchronized, and general turnover rate is 60 seconds, within every 60 seconds, produces a new password.Token based on event synchronization, its principle is as input by a certain specific event order and identical seed, in algorithm, calculate consistent password, its computing mechanism has determined that its whole workflow is irrelevant with clock, be not subject to the impact of clock, life period pulse crystal oscillator not in token, but due to the consistency of its algorithm, its password is known in advance.For asynchronous token, owing to there is no to carry out synchronous condition except identical algorithm between token and server, therefore can effectively solve the problem of token step-out, reduce the impact on application, increased greatly the reliability of system simultaneously.The shortcoming that asynchronous password is used is mainly in use, user needs the step of many input challenging values, by challenging value, generate the dynamic password of challenge type, the dynamic password that generates challenge type according to challenging value equally at certificate server end is to carry out the checking of dynamic password, for operating personnel, increased complexity, therefore in when application, by according to the sensitivity of user's application with the degree that requires of safety is selected to the generating mode of password.
Then, with reference to figure 2, the present invention will be described in continuation, Fig. 2 is the block diagram that a kind of Exchange enterprise E-mail of the present invention logs in encryption device, described encryption device comprises dynamic password equipment 1, Exchange mail server 2 and dynamic password server 3, Exchange mail server 2 can be connected by the Internet with dynamic password server 3, the dynamic password that dynamic password equipment 1 generates according to time parameter is input by a user in Exchange mail server 2, therefore, what in Fig. 2, represent is the relation of signal circulation, but not annexation between equipment.
Wherein, dynamic password equipment 1, for producing dynamic password character according to time parameter, Exchange mail server 2, for inputting user name and combinatioin code character user when logging in Exchange mail server 2, by built-in encrypting module, kidnap the verification function LogonUser function of Exchange mail server, obtain user name and combinatioin code character, and be less than or equal at 6 o'clock at combinatioin code character, return to 2 and also determine the failure of Exchange mail debarkation authentication, at combinatioin code character, be greater than at 6 o'clock, the dynamic password character of intercepting combinatioin code character afterbody, and the dynamic password character of user name and intercepting is submitted to dynamic password server place authenticates, dynamic password server 3, carries out dynamic cipher verification for the dynamic password character according to user name and intercepting, if the dynamic password character of authentication intercepting is correct, returns to 1, if authentication is not bound dynamic password equipment 1 for user, returns to 3, wherein, Exchange mail server 2 also receives the data that dynamic password server 3 returns, when returning to 1, according to static password character in user name and combinatioin code character, carry out Exchange mail debarkation authentication, when returning to 3, according to user name and combinatioin code character, carry out Exchange mail debarkation authentication, combinatioin code character is that static password character appends dynamic password character, and static password character is user rs authentication Exchange mail server code characters used, corresponding with user name, Exchange mail server 2 is connected with dynamic password server 3 by network.
Wherein, Exchange mail server 2 and dynamic password server 3 can be all Cloud Server, Exchange mail server 2 can be connected with dynamic password server 3 by the Internet, dynamic password equipment 1 is mobile phone, notebook or personal digital assistant PDA, and dynamic password equipment 1 has display screen to show dynamic password character.
Those skilled in the art will recognize that; above-mentioned embodiment is exemplary; in order to make those skilled in the art can better understand this patent content; should not be understood as the restriction to this patent protection range; so long as disclose spiritual do any according to this patent, be equal to change or modify, all falling into this patent protection range.

Claims (8)

1. Exchange enterprise E-mail logs in an encryption method, it is characterized in that, described encryption method comprises:
Dynamic password equipment produces dynamic password character according to time parameter;
User inputs user name and combinatioin code character to log in Exchange mail server, combinatioin code character is that static password character appends dynamic password character, and static password character is user rs authentication Exchange mail server code characters used, corresponding with user name;
The encrypting module of Exchange mail server is by kidnapping the verification function LogonUser function of Exchange mail server, obtain user name and combinatioin code character, if combinatioin code character is less than or equal to 6, return to 2 and also determine the failure of Exchange mail debarkation authentication, if combinatioin code character is greater than 6, intercept the dynamic password character of combinatioin code character afterbody, and the dynamic password character of user name and intercepting is submitted to dynamic password server place authenticates;
Dynamic password server carries out dynamic cipher verification according to the dynamic password character of user name and intercepting, if the dynamic password character of authentication intercepting is correct, returns to 1, if authentication is not bound dynamic password equipment for user, returns to 3;
Exchange mail server receives the data that dynamic password server returns, when returning to 1, according to static password character in user name and combinatioin code character, carry out Exchange mail debarkation authentication, when returning to 3, according to user name and combinatioin code character, carry out Exchange mail debarkation authentication.
2. encryption method according to claim 1, is characterized in that:
Described user inputs user name and combinatioin code character comprises to log in Exchange mail server, and user logs in Exchange mail server by the 3rd version POP3 agreement of Simple Mail Transfer protocol smtp protocol or post office protocol.
3. encryption method according to claim 1, is characterized in that:
Describedly according to static password character in user name and combinatioin code character, carry out Exchange mail debarkation authentication and comprise, in user name and combinatioin code character during static password character match, determine the success of Exchange mail debarkation authentication, otherwise determine the failure of Exchange mail debarkation authentication.
4. encryption method according to claim 1, is characterized in that:
Describedly according to user name and combinatioin code character, carry out Exchange mail debarkation authentication and comprise, when user name and combinatioin code character match, determine the success of Exchange mail debarkation authentication, otherwise determine the failure of Exchange mail debarkation authentication.
5. Exchange enterprise E-mail logs in an encryption device, it is characterized in that, described encryption device comprises:
Dynamic password equipment, for producing dynamic password character according to time parameter;
Exchange mail server, for inputting user name and combinatioin code character user when logging in Exchange mail server, by built-in encrypting module, kidnap the verification function LogonUser function of Exchange mail server, obtain user name and combinatioin code character, and be less than or equal at 6 o'clock at combinatioin code character, return to 2 and also determine the failure of Exchange mail debarkation authentication, at combinatioin code character, be greater than at 6 o'clock, the dynamic password character of intercepting combinatioin code character afterbody, and the dynamic password character of user name and intercepting is submitted to dynamic password server place authenticates,
Dynamic password server, carries out dynamic cipher verification for the dynamic password character according to user name and intercepting, if the dynamic password character of authentication intercepting is correct, returns to 1, if authentication is not bound dynamic password equipment for user, returns to 3;
Wherein, Exchange mail server also receives the data that dynamic password server returns, when returning to 1, according to static password character in user name and combinatioin code character, carry out Exchange mail debarkation authentication, when returning to 3, according to user name and combinatioin code character, carry out Exchange mail debarkation authentication;
Wherein, combinatioin code character is that static password character appends dynamic password character, and static password character is user rs authentication Exchange mail server code characters used, corresponding with user name;
Wherein, Exchange mail server is connected with dynamic password server by network.
6. encryption device according to claim 5, is characterized in that:
Exchange mail server and dynamic password server are all Cloud Server.
7. encryption device according to claim 5, is characterized in that:
Exchange mail server is connected with dynamic password server by the Internet.
8. encryption device according to claim 5, is characterized in that:
Dynamic password equipment is mobile phone, notebook or personal digital assistant PDA, and dynamic password equipment has display screen to show dynamic password character.
CN201410005724.5A 2014-01-07 2014-01-07 Encryption method and device for login of Exchange corporate E-mails Pending CN103763105A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410005724.5A CN103763105A (en) 2014-01-07 2014-01-07 Encryption method and device for login of Exchange corporate E-mails

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410005724.5A CN103763105A (en) 2014-01-07 2014-01-07 Encryption method and device for login of Exchange corporate E-mails

Publications (1)

Publication Number Publication Date
CN103763105A true CN103763105A (en) 2014-04-30

Family

ID=50530270

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410005724.5A Pending CN103763105A (en) 2014-01-07 2014-01-07 Encryption method and device for login of Exchange corporate E-mails

Country Status (1)

Country Link
CN (1) CN103763105A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108881220A (en) * 2018-06-15 2018-11-23 郑州云海信息技术有限公司 A kind of data encryption authenticity verification methods and system based on Exchange server
CN111953664A (en) * 2020-07-27 2020-11-17 新浪网技术(中国)有限公司 User request verification method and system based on variable security level
CN112333154A (en) * 2020-10-16 2021-02-05 四川九八村信息科技有限公司 Method for controlling authority based on dynamic password and plasma collector thereof

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1481109A (en) * 2002-09-03 2004-03-10 网泰金安信息技术有限公司 Identity authentication system with dynamic cipher based on wireless transmission platform
CN101060403A (en) * 2006-04-18 2007-10-24 钟曦辰 Wireless communication terminal-based interactive dynamic password safety service system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1481109A (en) * 2002-09-03 2004-03-10 网泰金安信息技术有限公司 Identity authentication system with dynamic cipher based on wireless transmission platform
CN101060403A (en) * 2006-04-18 2007-10-24 钟曦辰 Wireless communication terminal-based interactive dynamic password safety service system

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108881220A (en) * 2018-06-15 2018-11-23 郑州云海信息技术有限公司 A kind of data encryption authenticity verification methods and system based on Exchange server
CN108881220B (en) * 2018-06-15 2021-09-17 郑州云海信息技术有限公司 Exchange server-based data encryption authenticity verification method and system
CN111953664A (en) * 2020-07-27 2020-11-17 新浪网技术(中国)有限公司 User request verification method and system based on variable security level
CN112333154A (en) * 2020-10-16 2021-02-05 四川九八村信息科技有限公司 Method for controlling authority based on dynamic password and plasma collector thereof

Similar Documents

Publication Publication Date Title
US10025940B2 (en) Method and system for secure use of services by untrusted storage providers
CN109831374B (en) Mail receiving and sending system based on block chain
US9602473B2 (en) Secure message forwarding with sender controlled decryption
CN106209606B (en) A kind of method, terminal and system for using WEB mail safely
CN110169033A (en) Enhanced E-mail service
CN103428077B (en) A kind of method and system being safely receiving and sending mails
CN107026824A (en) A kind of message encryption, decryption method and device
CN111052685B (en) Method and apparatus for multi-agent messaging
US20150312239A1 (en) Methods, devices, and computer readable storage devices for sharing sensitive content securely
US20060053202A1 (en) Method and system implementing secure email
Sediyono et al. Secure login by using One-time Password authentication based on MD5 Hash encrypted SMS
CN102055685B (en) Method for encrypting webmail information
CN106878327A (en) Towards the login method of auto service platform
CN103078743A (en) E-mail IBE (Internet Booking Engine) encryption realizing method
CN103763105A (en) Encryption method and device for login of Exchange corporate E-mails
CN112785240A (en) Method and device for processing e-mail, computer readable medium and electronic equipment
Muftic et al. Business information exchange system with security, privacy, and anonymity
US20210158301A1 (en) Systems and methods for message transmission and retrieval using blockchain
WO2017033167A1 (en) Systems and methods for generating and transmitting an email message including an active content
CN109309613A (en) A kind of method, apparatus and system of mail delivery
CN112039754A (en) Message processing system, method, sending method, device and electronic equipment
US10382211B1 (en) Apparatus and method for automating secure email for multiple personas
Vinh et al. Constructing a Model Combining Zalo and End-to-End Encryption for Application in Digital Transformation
APRIANSYAH Implementation of One Time Password (OTP) for Login Security on Web-Based Systems
Raut et al. SECURE TRANSACTION SYSTEM

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20140430

RJ01 Rejection of invention patent application after publication