CN103795531A - Secret key authentication method based on two-dimension code and system thereof - Google Patents
Secret key authentication method based on two-dimension code and system thereof Download PDFInfo
- Publication number
- CN103795531A CN103795531A CN201210435907.1A CN201210435907A CN103795531A CN 103795531 A CN103795531 A CN 103795531A CN 201210435907 A CN201210435907 A CN 201210435907A CN 103795531 A CN103795531 A CN 103795531A
- Authority
- CN
- China
- Prior art keywords
- equipment
- encrypted
- initial data
- authentication
- encrypted result
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention discloses a secret key authentication method based on a two-dimension code and a system thereof. The system comprises first equipment and second equipment. The second equipment is used for capturing a first two-dimension code image which comprises original data and is generated by the first equipment and analyzing the original data; the second equipment is used for carrying out encryption processing on the original data and secret key information, generating a second two-dimension code comprising a first encryption result and displaying. The first equipment is used for capturing the second two-dimension code image and analyzing the first encryption result, carrying out the encryption processing on the original data and the secret key information and generating a second encryption result; the first equipment is used for determining that the second equipment passes through the authentication when the first encryption result and the second encryption result are the same. By using the method and the system of the invention, a mobile terminal with an image capturing apparatus is used to execute an interaction authentication function through using the processing of the data two-dimension code.
Description
Technical field
The present invention relates to Quick Response Code encryption technology field, relate in particular to a kind of cipher key authentication method and system based on Quick Response Code.
Background technology
Along with the application of various technology on mobile terminal, except using basic voice-and-data service, can provide some other value-added services.For example Quick Response Code provides text-encoding of graphs information to use the image capture apparatus of mobile terminal to catch image information, decode subsequently and can be converted to plain text information, after being converted to plain text, carry out corresponding operating by mobile terminal with reference to described text message, as accessing database or webpage.But at present not for carrying out interactive authentication function.
Summary of the invention
The object of the invention is to propose a kind of cipher key authentication method and system based on Quick Response Code, use with the mobile terminal of image capture apparatus and utilize the processing of data Quick Response Code to carry out interactive authentication function.
For reaching this object, the present invention by the following technical solutions:
Based on a cipher key authentication method for Quick Response Code, the method comprises:
The first equipment generates the first Quick Response Code that comprises initial data and shows;
The second equipment is caught the image of described the first Quick Response Code and is parsed described initial data;
Described the second equipment is encrypted described initial data and key information, generates the second Quick Response Code that comprises the first encrypted result and shows;
Described the first equipment is caught described the second image in 2 D code and is parsed described the first encrypted result;
Described the first equipment is encrypted described initial data and key information, generates the second encrypted result;
Described the first equipment when identical, judges that described the second equipment is by authentication with described the second encrypted result in described the first encrypted result.
Described initial data is generated at random by described the first equipment, and after judging that described the second equipment is by authentication, described the first equipment is random generates new initial data for authentication next time.
Described key information is the public keys of described the first equipment while externally authenticating, or described the first devices allocation is given the private cipher key of described the second equipment.
In the information that described the second equipment is encrypted, also comprise the temporal information of described the second equipment.
In the information that described the first equipment is encrypted, also comprise according to described the first equipment current time and default time interval and definite multiple temporal informations; Each temporal information is encrypted with described initial data and key information respectively, generates multiple the second encrypted result, wherein any one identical with described the first encrypted result judge described the second equipment by authentication.
The encryption of described the first equipment and the second equipment all adopts irreversible encryption algorithm.
A key authentication system based on Quick Response Code, comprises the first equipment and the second equipment, wherein,
Described the second equipment is for catching first image in 2 D code that comprises initial data of described the first equipment generation and parsing described initial data; Described initial data and key information are encrypted, generate the second Quick Response Code that comprises the first encrypted result and show;
Described the first equipment is used for catching described the second image in 2 D code and parses described the first encrypted result, and described initial data and key information are encrypted, and generates the second encrypted result; When identical, judge that described the second equipment is by authentication with described the second encrypted result in described the first encrypted result.
Described the first equipment generates new initial data at random for authenticating next time after judging that described the second equipment is by authentication.
In the information that described the second equipment is encrypted, also comprise the temporal information of described the second equipment.
In the information that described the first equipment is encrypted, also comprise according to described the first equipment current time and default time interval and definite multiple temporal informations; Each temporal information is encrypted with described initial data and key information respectively, generates multiple the second encrypted result, wherein any one identical with described the first encrypted result judge described the second equipment by authentication.
Adopt technical scheme of the present invention, using with the mobile terminal of image capture apparatus utilizes the processing of data Quick Response Code to carry out interactive authentication function, each authentication information using can constantly change with authentication number of times or time, effectively prevents from leaking or the stolen potential safety hazard of bringing because of authentication information.
Accompanying drawing explanation
Fig. 1 is the flow chart of the cipher key authentication method based on Quick Response Code that provides of the embodiment of the present invention one.
Fig. 2 is the flow chart of the cipher key authentication method based on Quick Response Code that provides of the embodiment of the present invention two.
Fig. 3 is the structural representation of the key authentication system based on Quick Response Code that provides of the embodiment of the present invention.
Embodiment
Further illustrate technical scheme of the present invention below in conjunction with accompanying drawing and by embodiment.
Fig. 1 is the flow chart of the cipher key authentication method based on Quick Response Code that provides of the embodiment of the present invention one, and the method comprises the following steps:
S101, the first equipment generates the first Quick Response Code that comprises initial data and shows.Described initial data is a random string, and for example the first equipment generates 128 random strings, and generates a Quick Response Code with this character string, and this Quick Response Code is presented on screen.
S102, the second equipment is caught the image of described the first Quick Response Code and is parsed described initial data.Described the second equipment, by taking pictures or shooting mode is caught the image of described the first Quick Response Code, parses the random string in described initial data.
S103, described the second equipment is encrypted described initial data and key information, generates the second Quick Response Code that comprises the first encrypted result and shows.
Described key information is the public keys of described the first equipment while externally authenticating, or described the first devices allocation private cipher key of authenticating to described the second equipment.Described the second equipment is combined into the character string of random string length+key length with described initial data and key information.For example, GHIEeeg354hm ... (random string, totally 128)+aabbccEE11 (key length).This character string is encrypted and generates the first encrypted result, then generate the second Quick Response Code according to described the first encrypted result, and be presented on screen.
S104, described the first equipment is caught described the second image in 2 D code and is parsed described the first encrypted result.Described the first equipment, by taking pictures or shooting mode is caught the image of described the second Quick Response Code, parses described the first encrypted result.
S105, described the first equipment is encrypted described initial data and key information, generates the second encrypted result.Described the first equipment is combined into the character string of random string length+key length with described initial data and key information, after being encrypted, generate the second encrypted result.The encryption of described the first equipment and the second equipment adopts the irreversible cryptographic algorithm of same.
S106, described the first equipment when identical, judges that described the second equipment is by authentication with described the second encrypted result in described the first encrypted result.The second encrypted result that the first equipment is generated compares with the first encrypted result that described the second Quick Response Code of parsing obtains, and in the time that the two is identical, described the first equipment is judged this time authentication success of described the second equipment.
After authentication success, described the first equipment is random generates new initial data, generates the first new Quick Response Code and externally shows, for authenticate next time, to prevent that Quick Response Code that previous authentication is used from losing or stolen and bring potential safety hazard.
Fig. 2 is the flow chart of the cipher key authentication method based on Quick Response Code that provides of the embodiment of the present invention two, and the method comprises the following steps:
S201, the first equipment generates the first Quick Response Code that comprises initial data and shows.With identical described in S101.
S202, the second equipment is caught the image of described the first Quick Response Code and is parsed described initial data.With identical described in S102.
S203, the second equipment is encrypted initial data, key information and temporal information, generates the second Quick Response Code that comprises the first encrypted result and shows.
Described key information is the public keys of described the first equipment while externally authenticating, or described the first devices allocation private cipher key of authenticating to described the second equipment.Described temporal information is the current time information of described the second equipment.
Described for the second equipment described initial data, key information and current time information be combined into the character string of random character string length+key length+current time information length.For example, GHIEeeg354hm ... (random string, totally 128)+aabbccEE11 (key length)+2012-10-19-12:25 (temporal information length).This character string is encrypted and generates the first encrypted result, then generate the second Quick Response Code according to described the first encrypted result, and be presented on screen.
S204, described the first equipment is caught described the second image in 2 D code and is parsed described the first encrypted result.Described the first equipment, by taking pictures or shooting mode is caught the image of described the second Quick Response Code, parses described the first encrypted result.
S205, described the first equipment is encrypted to initial data, key information and according to multiple temporal informations that current time and default time interval are determined, generates multiple the second encrypted result.
Described default time interval refers to each default regular hour length before and after current time, for example each two minutes of current time front and back.In order to set valid expiration date to the random initial data of each checking use on the one hand, if during this period of time, for example described the second equipment was caught after the first image in 2 D code in two minutes, do not complete authentication, the random initial data that described the first equipment this time generates lost efficacy, and can not authenticate by the first Quick Response Code that comprises the random initial data this time generating; Can be used on the other hand preventing life period error effect authentication between the first equipment and the second equipment.
Described described initial data for the first equipment, key information and be combined into multiple (random character string length+key length+temporal information length) character string according to multiple temporal informations that current time and default time interval are determined.For example, the first equipment is combined into five (128+ Password Length+temporal information length) position character string according to 128 random strings, key information and described the first equipment current time that generate and each 2 minutes (totally 5 times) of front and back thereof, as form is: GHIEeeg354hm ... (random string, totally 128)+aabbccEE11 (Password Length)+2012-10-19-12:25 (temporal information length).
Character string 1:GHIEeeg354hm ... + aabbccEE11+2012-10-19-12:23;
Character string 2:GHIEeeg354hm ... + aabbccEE11+2012-10-19-12:24
Character string 3:GHIEeeg354hm ... + aabbccEE11+2012-10-19-12:25;
Character string 4:GHIEeeg354hm ... + aabbccEE11+2012-10-19-12:26;
Character string 5:GHIEeeg354hm ... + aabbccEE11+2012-10-19-12:27.
After above-mentioned character string is encrypted, can generate multiple the second encrypted result.The encryption of described the first equipment and the second equipment adopts same irreversible encryption algorithm.
S206, described the first equipment when identical, judges that the second equipment is by authentication with the first encrypted result in any one second encrypted result.Multiple the second encrypted result that the first equipment is generated compare with the first encrypted result that described the second Quick Response Code of parsing obtains, when any one second encrypted result is wherein with the first encrypted result when identical, described the first equipment is judged this time authentication success of described the second equipment.
After authentication success, described the first equipment is random generates new initial data, generates the first new Quick Response Code and externally shows, for authenticate next time, to prevent that Quick Response Code that previous authentication is used from losing or stolen and bring potential safety hazard.Authentification failure or long-time in during without authentication operation, described the first equipment is the new initial data of random generation regularly, the time cycle of the new initial data of random generation is identical with described default time interval, for example the time interval of pre-setting authentication is 5 minutes, the first equipment refreshes one time initial data for every five minutes, generate corresponding the first Quick Response Code and show, to guarantee the variable in real time of authentication information.
Fig. 3 is a kind of key authentication system based on Quick Response Code that the embodiment of the present invention provides, and comprising: the first equipment 31 and the second equipment 32, wherein,
Described the second equipment 32 is for first image in 2 D code that comprises initial data of catching described the first equipment 31 and generating and parse described initial data; Described initial data and key information are encrypted, generate the second Quick Response Code that comprises the first encrypted result and show; Described key information is the public keys of described the first equipment 31 while externally authenticating, or described the first equipment 31 is distributed to the private cipher key of described the second equipment 32.
Described the first equipment 31, for catching described the second image in 2 D code and parsing described the first encrypted result, is encrypted described initial data and key information, generates the second encrypted result; When identical, judge that described the second equipment 32 is by authentication with described the second encrypted result in described the first encrypted result.
Described the first equipment comprises that image capture apparatus 310 and the first Quick Response Code viewing area 311, the second equipment comprise image capture apparatus 320 and the second Quick Response Code viewing area 321, for the interactive authentication between the two.
Described the first equipment 31 generates new initial data at random for authenticating next time after judging that described the second equipment 32 is by authentication.
In the information that described the second equipment 32 is encrypted, can also comprise the temporal information of described the second equipment 32.Now, in the information that described the first equipment 31 is encrypted, also comprise according to described the first equipment current time and default time interval and definite multiple temporal informations; Each temporal information is encrypted with described initial data and key information respectively, generates multiple the second encrypted result, wherein any one identically with described the first encrypted result judges that described the second equipment 32 is by authentication.
After authentication success, described the first equipment 31 is random generates new initial data, generates the first new Quick Response Code and externally shows, for authenticate next time, to prevent that Quick Response Code that previous authentication is used from losing or stolen and bring potential safety hazard.Authentification failure or long-time in during without authentication operation, described the first equipment 31 is the new initial data of random generation regularly, the time cycle of the new initial data of random generation is identical with described default time interval, for example the time interval of pre-setting authentication is 5 minutes, the first equipment 31 refreshes one time initial data for every five minutes, generate corresponding the first Quick Response Code and show, to guarantee the variable in real time of authentication information.
Adopt technical scheme of the present invention, using with the mobile terminal of image capture apparatus utilizes the processing of data Quick Response Code to carry out interactive authentication function, each authentication information using can constantly change with authentication number of times or time, effectively prevents from leaking or the stolen potential safety hazard of bringing because of authentication information.
The above; be only preferably embodiment of the present invention, but protection scope of the present invention is not limited to this, any people who is familiar with this technology is in the disclosed technical scope of the present invention; the variation that can expect easily or replacement, within all should being encompassed in protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection range of claim.
Claims (10)
1. the cipher key authentication method based on Quick Response Code, is characterized in that, the method comprises:
The first equipment generates the first Quick Response Code that comprises initial data and shows;
The second equipment is caught the image of described the first Quick Response Code and is parsed described initial data;
Described the second equipment is encrypted described initial data and key information, generates the second Quick Response Code that comprises the first encrypted result and shows;
Described the first equipment is caught described the second image in 2 D code and is parsed described the first encrypted result;
Described the first equipment is encrypted described initial data and key information, generates the second encrypted result;
Described the first equipment when identical, judges that described the second equipment is by authentication with described the second encrypted result in described the first encrypted result.
2. the method for claim 1, is characterized in that, described initial data is generated at random by described the first equipment, and after judging that described the second equipment is by authentication, described the first equipment is random generates new initial data for authentication next time.
3. the method for claim 1, is characterized in that, described key information is the public keys of described the first equipment while externally authenticating, or described the first devices allocation is given the private cipher key of described the second equipment.
4. method as claimed in claim 1 or 2, is characterized in that, also comprises the temporal information of described the second equipment in the information that described the second equipment is encrypted.
5. method as claimed in claim 4, is characterized in that, also comprises according to described the first equipment current time and default time interval and definite multiple temporal informations in the information that described the first equipment is encrypted; Each temporal information is encrypted with described initial data and key information respectively, generates multiple the second encrypted result, wherein any one identical with described the first encrypted result judge described the second equipment by authentication.
6. the method for claim 1, is characterized in that, the encryption of described the first equipment and the second equipment all adopts irreversible encryption algorithm.
7. the key authentication system based on Quick Response Code, is characterized in that, comprises the first equipment and the second equipment, wherein,
Described the second equipment is for catching first image in 2 D code that comprises initial data of described the first equipment generation and parsing described initial data; Described initial data and key information are encrypted, generate the second Quick Response Code that comprises the first encrypted result and show;
Described the first equipment is used for catching described the second image in 2 D code and parses described the first encrypted result, and described initial data and key information are encrypted, and generates the second encrypted result; When identical, judge that described the second equipment is by authentication with described the second encrypted result in described the first encrypted result.
8. system as claimed in claim 7, is characterized in that, described the first equipment generates new initial data at random for authenticating next time after judging that described the second equipment is by authentication.
9. system as claimed in claim 7 or 8, is characterized in that, also comprises the temporal information of described the second equipment in the information that described the second equipment is encrypted.
10. system as claimed in claim 9, is characterized in that, also comprises according to described the first equipment current time and default time interval and definite multiple temporal informations in the information that described the first equipment is encrypted; Each temporal information is encrypted with described initial data and key information respectively, generates multiple the second encrypted result, wherein any one identical with described the first encrypted result judge described the second equipment by authentication.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210435907.1A CN103795531A (en) | 2012-11-02 | 2012-11-02 | Secret key authentication method based on two-dimension code and system thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210435907.1A CN103795531A (en) | 2012-11-02 | 2012-11-02 | Secret key authentication method based on two-dimension code and system thereof |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103795531A true CN103795531A (en) | 2014-05-14 |
Family
ID=50670864
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210435907.1A Pending CN103795531A (en) | 2012-11-02 | 2012-11-02 | Secret key authentication method based on two-dimension code and system thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103795531A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104796429A (en) * | 2015-04-30 | 2015-07-22 | 努比亚技术有限公司 | Communication service processing method, mobile terminal and server |
| CN104883679A (en) * | 2015-04-09 | 2015-09-02 | 努比亚技术有限公司 | Voice communication encryption testing method and apparatus |
| CN111630813A (en) * | 2018-01-29 | 2020-09-04 | 三星电子株式会社 | Electronic device, external electronic device, and system including electronic device and external electronic device |
| CN111917875A (en) * | 2020-07-31 | 2020-11-10 | 展讯通信(上海)有限公司 | Offline file transmission method and system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090034723A1 (en) * | 2007-08-02 | 2009-02-05 | Ricoh Company, Limited | Image processor, image processing method, and computer program product |
| CN102129589A (en) * | 2011-02-10 | 2011-07-20 | 谢仁康 | Asymmetric encryption two-dimension code anti-counterfeiting method |
| CN102546174A (en) * | 2011-12-20 | 2012-07-04 | 贾松仁 | Two-dimensional code encryption/decryption method and anti-counterfeiting method |
| CN102546175A (en) * | 2011-03-18 | 2012-07-04 | 贾松仁 | Anti-counterfeiting device and anti-counterfeiting method |
-
2012
- 2012-11-02 CN CN201210435907.1A patent/CN103795531A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090034723A1 (en) * | 2007-08-02 | 2009-02-05 | Ricoh Company, Limited | Image processor, image processing method, and computer program product |
| CN102129589A (en) * | 2011-02-10 | 2011-07-20 | 谢仁康 | Asymmetric encryption two-dimension code anti-counterfeiting method |
| CN102546175A (en) * | 2011-03-18 | 2012-07-04 | 贾松仁 | Anti-counterfeiting device and anti-counterfeiting method |
| CN102546174A (en) * | 2011-12-20 | 2012-07-04 | 贾松仁 | Two-dimensional code encryption/decryption method and anti-counterfeiting method |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104883679A (en) * | 2015-04-09 | 2015-09-02 | 努比亚技术有限公司 | Voice communication encryption testing method and apparatus |
| CN104796429A (en) * | 2015-04-30 | 2015-07-22 | 努比亚技术有限公司 | Communication service processing method, mobile terminal and server |
| CN111630813A (en) * | 2018-01-29 | 2020-09-04 | 三星电子株式会社 | Electronic device, external electronic device, and system including electronic device and external electronic device |
| CN111630813B (en) * | 2018-01-29 | 2023-11-17 | 三星电子株式会社 | Electronic device, external electronic device, and system including electronic device and external electronic device |
| CN111917875A (en) * | 2020-07-31 | 2020-11-10 | 展讯通信(上海)有限公司 | Offline file transmission method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107454441B (en) | A kind of method, live streaming Platform Server and the computer readable storage medium of detection direct broadcasting room brush popularity behavior | |
| CN101340279B (en) | Method, system and apparatus for data ciphering and deciphering | |
| CN112154638B (en) | System and method for distributed verification of online identity | |
| CN102752115B (en) | Challenge code generating method and device, dynamic password authentication method and system | |
| CN102123148B (en) | Authentication method, system and device based on dynamic password | |
| CN105007279A (en) | Authentication method and authentication system | |
| CN105812366B (en) | Server, anti-crawler system and anti-crawler verification method | |
| CN104794385A (en) | Information verification method and device | |
| Acharya et al. | Two factor authentication using smartphone generated one time password | |
| CN103095456A (en) | Method and system for processing transaction messages | |
| CN105447715A (en) | Method and apparatus for anti-theft electronic coupon sweeping by cooperating with third party | |
| CN104967597A (en) | Third-party application message authentication method and system based on secure channel | |
| CN105450413A (en) | Password-setting method, device, and system | |
| CN103108245B (en) | A kind of intelligent television pays cipher key system and method for payment based on intelligent television | |
| CN105337940B (en) | A kind of page verification method, client, server and system | |
| CN103795531A (en) | Secret key authentication method based on two-dimension code and system thereof | |
| KR20110028968A (en) | Method for verifying the integrity of a user's data in remote computing and system thereof | |
| CN109726578B (en) | Dynamic two-dimensional code anti-counterfeiting solution | |
| CN111245771A (en) | Instant message encryption and decryption method, device, equipment and storage medium | |
| CN102624892B (en) | A kind of method preventing plug-in client simulation HTTP request | |
| CN110071907A (en) | The generation method and device of two dimensional code | |
| CN109886011B (en) | Safety protection method and device | |
| CN115603907A (en) | Method, device, equipment and storage medium for encrypting storage data | |
| CN104917752A (en) | Abnormality detection method and abnormality detection system based on communication | |
| KR101329789B1 (en) | Encryption Method of Database of Mobile Communication Device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140514 |