CN103810413A - Check system and check method for avoiding USBKey password locking - Google Patents
Check system and check method for avoiding USBKey password locking Download PDFInfo
- Publication number
- CN103810413A CN103810413A CN201410078670.5A CN201410078670A CN103810413A CN 103810413 A CN103810413 A CN 103810413A CN 201410078670 A CN201410078670 A CN 201410078670A CN 103810413 A CN103810413 A CN 103810413A
- Authority
- CN
- China
- Prior art keywords
- usbkey
- password
- cos
- check
- verification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
Abstract
The invention discloses a check system and a check method for avoiding USBKey password locking. The check system comprises a USBKey managing tool, a USBKey COS and a USBKey external input component, wherein the USBKey managing tool is in safe communication with the USBKey COS, and executes a password check command; the USBKey COS is internally arranged in a USBKey, carries out the password check according to the password check command sent by the USBKey managing tool, activates the USBKey external input component after the check times reaches the maximum value, and completes the password check according to the coordination of the value inputted by the USBKey external input component and the USBKey managing tool; the USBKey external input component is arranged on the USBKey, and is in data connection with the USBKey COS internally arranged in the USBKey; the input function is activated or cancelled by the USBKey COS. In checking, at first, the USBKey managing tool coordinates with the USBKey COS to carry out the password check, the USBKey COS in the USBKey activates the USBKey external input component, and the USBKey external input component inputs the check password to the USBKey to carry out discontinuouskey password check; under the condition of ensuring the safety, the possibility of USBKey password locking is reduced greatly.
Description
Technical field
The present invention relates to a kind of intelligent code key technology, be specifically related to a kind of USBKey cryptographic check technology.
Background technology
The identification authentication mode of USB Key is that the one growing up is in recent years convenient, safe and reliable identity identifying technology.The double strong factor certification mode of its employing one-time pad, has solved the safe and reliable of authentication well, and provides USB interface and computer expert now to use.
In the time that USBKey uses, for the identity of authenticated, need user to carry out the verification of USBKey password.When password verification, user can hold USBKey management tool input password at PC, then be transferred to USBKey inside by usb communication, when careless manipulation in this process of user (double hit management tool verification button) or illegally kidnapped (assailant follows the tracks of usb communication, and attempts password cracking) by other people.
When errors number reaches in limited time, user password will be frequently by locked, and end user has to frequently go bank to handle release business, uses and bring great trouble to user.
Summary of the invention
The object of the present invention is to provide the locked check system of a kind of USBKey of avoiding password, follow to attack and cause the locked problem of password to solve in prior art USBKey cryptographic check.
Another object of the present invention is to provide a kind of USBKey of avoiding password locked method of calibration.
In order to achieve the above object, the present invention adopts following technical scheme:
Avoid the locked check system of USBKey password, described checking system comprises:
USBKey management tool, described USBKey management tool and USBKey COS(chip operating system) between secure communication, carry out password check command;
USBKey COS, described USBKey COS is built in USBKey, the password check command sending according to USBKey management tool carries out password verification, and after verification number of times reaches maximal value, activate the outside input block of USBKey, coordinated password check with USBKey management tool according to the value of the outside input block input of USBKey;
The outside input block of USBKey, is arranged on USBKey upper, joins, and activate or cancel input function by USBKey COS with the USBKey COS data that are built in USBKey.
In the preferred version of this system, the outside input block of described USBKey is button or touch-screen.
As the second object of the present invention, a kind of locked method of calibration of USBKey password of avoiding, first described method of calibration is coordinated with USBKey and is carried out password verification by USBKey management tool, when verification number of times reaches after predetermined value, USBKey COS in USBKey activates the outside input block of USBKey, to USBKey input validation password, carry out the verification of discontinuous button password by the outside input block of USBKey.
Further, in described method of calibration, by password checking procedure, add user key-press operation to carry out control checking process initiatively, realize the verification of discontinuous button password.
Scheme provided by the invention can be carried out conventional password verification at USBKey and be occurred when abnormal, as careless manipulation (double hit management tool verification button) or illegally kidnapped by other people that (assailant follows the tracks of usb communication, and attempt password cracking), activate the outside input block function of USBKey of USBKey, carry out the verification of button password, and each button password verification can not be continuous, like this can be in the situation that assurance be safe, greatly reduce the locked probability of USBKey password, thereby can guarantee under the prerequisite of user information safety, improve greatly the convenience that uses USBKey.
Accompanying drawing explanation
Further illustrate the present invention below in conjunction with the drawings and specific embodiments.
Fig. 1 is the system chart of check system in the present invention;
Fig. 2 is the operational flowchart of method of calibration in the present invention.
Embodiment
For technological means, creation characteristic that the present invention is realized, reach object and effect is easy to understand, below in conjunction with concrete diagram, further set forth the present invention.
Referring to Fig. 1, it is depicted as the system chart of avoiding the locked check system of USBKey password 100.As seen from the figure, native system mainly comprises USBKey management tool 101, USBKey COS(chip operating system) 102 and outside input block 103 3 parts of USBKey.
Wherein, USBKey management tool 101 carries out user's authentication for managing USBKEY.This USBKey management tool 101 runs on client's use side 200, as PC end, produce corresponding authentication information input request according to different USBKEY, and produce corresponding authentication order according to the data of input, the for example USBKey to password authentication, in the time carrying out authenticating user identification, produce and require user to input the request of user password, and produce password check command according to the password data of user's input.
USBKey management tool 101 can be sent to the authentication order (as password check command) producing in the USBKey joining by USB interface and client's use side and carry out authentication.
Follow the tracks of usb communication for fear of assailant, guarantee user's information security, between USBKey in USBKey management tool 101 and USB interface in client's use side 200, carry out secure communication, make them before communicating, first carry out proof of identity between the two, verification by after the secure communication that is encrypted again.
Concrete, between USBKey management tool 101 and USBKey, realize proof of identity between the two by timestamp, check code and unique registration match information, before guaranteeing each communication, USBKey carries out verification to the identity of information transmitter, guarantee that this information is to be sent by corresponding USBKey management tool 101, but not the usb communication data that victim is followed the tracks of and utilized.
USBKey COS(chip operating system) 102 be integrated in USBKEY, carry out the operating process of safety certification verification for completing whole USBKEY.Concrete, between the USBKey management tool 101 of this USBKey COS and the operation of PC end, carry out secure communication, confirming after identity, accept the order that USBKey management tool 101 sends, and respond this order and carry out authentication (as password verification), and response results is sent to USBKey management tool 101.
USBKey COS(chip operating system) 102 send at response USBKey management tool 101 order time, can count responding the number of times that same USBKey management tool 101 orders, in the time that this counting reaches predetermined value X, no longer respond the order that this USBKey management tool 101 sends, 0≤X≤USBKey verification higher limit.Avoid like this USBKey locked because of frequent faulty operation, equally also can avoid assailant to carry out password cracking.
Simultaneously, this USBKey COS can activate key-press input function, this concrete USBKey COS can reach after predetermined value at safety certification verification number of times, activate the outside input block 103 of USBKey on USBKey, and only accept the associated password that the outside input block 103 of USBKey is inputted, carry out the verification of button password, further complete the verification of password with this; And the check results of response button password is returned to USBKey management tool 101.
Complete after this safety certification verification, USBKey COS will dormancy key-press input function, no longer receives any information that the outside input block 103 of USBKey is inputted.
It is upper that the outside input block 103 of USBKey is arranged on USBKey, for the COS in USBKEY is inputted to relevant password or numerical value.It is specifically as follows button or the touch-screen etc. of hardware, and in the time that USBKEY carries out conventional safety certification verification, in idle dormant state, cannot input any password or data to USBKEY; Only, in the time that USBKey COS activates key-press input function, the outside input block 103 of USBKey is just activated and realizes input function.
After the outside input block 103 of USBKey is activated, while carrying out input key password, input that can not continuous several times, can guarantee that like this USBKey COS activates the outside input block function of USBKey of USBKey, while carrying out the verification of button password, each button password verification can not be continuous, thereby can, in the situation that assurance is safe, greatly reduce the locked probability of USBKey password.
It realizes principle is exactly in password checking procedure, adds user key-press operation to carry out control checking process initiatively, prevents that password checking process from, in the unwitting situation of user, carrying out invalid password operation.
When specific implementation, when entering when needing button to carry out password checking mode, password verification implementation is controlled processing by the manual button of user, if user is button not, password verification can not be carried out completely, i.e. this operation is not effectively, can not produce password check results and affects password residue check number of times, thereby can not reach lower limit number of times and cause USBKey equipment locked because of password verification number of times.Under the control of above mechanism, because password verification causes USBKey equipment, locked probability greatly reduces.
In the time that the outside input block 103 of USBKey is hardware button, a LCD display also can be set on this USBKEY, carry out the demonstration of dependent instruction.
What form thus avoids the locked check system of USBKey password 100 in the time carrying out work, first carry out password verifying function by USBKey management tool, whether USBKeyCOS arrives and need to start keypress function according to residue check number of times, if condition does not meet, directly carries out password verification; Otherwise start password verification keypress function, management tool prompting user key-press, USBKey starts keypress function, and returns to key-press status (if support LCD to show, user key-press information is waited in LCD demonstration).
Below illustrate the operating process of avoiding the locked check system of USBKey password 100 to carry out password verification.
Before concrete operations, first carry out the preliminary work that check system 100 arranges, operation USBKey management tool 101 in PC end, join being mounted with USBKey COS and the USBKEY of USBKey outside input block 103 and the USB interface of PC end simultaneously, set up usb communication with the USBKey management tool 101 in PC end.
Now, the USBKey COS dormancy key-press input function in USBKEY, makes the outside input block 103 of USBKey on USBKEY export dormant state, cannot input any information and data.
Complete after above-mentioned preliminary work, user can carry out password verification by this system, detailed process following (referring to Fig. 2):
1, user logins PC end, and operation USBKey management tool 101, inputs relevant password, starts password verifying function.
2, USBKey management tool 101 receives after the password of input, forms corresponding password check command, and is sent to the USBKEY that sets up usb communication with it.
3, USBKEY receives after this order, and the first sender's of this order of verification identity checks whether it is corresponding USBKey management tool 101, if not, do not carry out password verification, return to error result; If so, whether inquiry needs to start keypress function (specifically whether reaching predetermined value X by inquiry verification number of times determines whether to start keypress function); If desired start, return to wait key-press status, now the COS in USBKEY will activate key-press input function, return to wait key-press status to USBKey management tool 101, and no longer receive any information that USBKey management tool 101 sends; Start if do not need, the COS in USBKEY will directly carry out verification to password.
4, after the wait key-press status that USBKey management tool 101 returns at the COS receiving in USBKEY, produce operation push-button hint instructions, hold and show and point out by PC.
5, the COS in USBKEY, activating after key-press input function, produces button operation hint instructions, and shows by the display screen on USBKEY, also can point out by sound or vibration.
6, user carries out button operation by the outside input block 103 of USBKey being activated, to the relevant information that confirms password of COS input in USBKEY.
7, the COS in USBKEY, receiving after the key command that the outside input block 103 of USBKey inputs, carries out password verification, and check results is returned to USBKey management tool 101, completes this verification, and dormancy key-press input function again.
As from the foregoing, in the time carrying out password verification, in the time reaching verification number of times and reach predetermined value, need user to carry out physical operations to control flow process and the validity thereof of verification, thereby can guarantee safe in the situation that, greatly to reduce the locked probability of USBKey password.
More than show and described ultimate principle of the present invention, principal character and advantage of the present invention.The technician of the industry should understand; the present invention is not restricted to the described embodiments; that in above-described embodiment and instructions, describes just illustrates principle of the present invention; without departing from the spirit and scope of the present invention; the present invention also has various changes and modifications, and these changes and improvements all fall in the claimed scope of the invention.The claimed scope of the present invention is defined by appending claims and equivalent thereof.
Claims (4)
1. avoid the locked check system of USBKey password, it is characterized in that, described checking system comprises:
USBKey management tool, secure communication between described USBKey management tool and USBKey COS, carries out password check command;
USBKey COS, described USBKey COS is built in USBKey, the password check command sending according to USBKey management tool carries out password verification, and after verification number of times reaches maximal value, activate the outside input block of USBKey, coordinated password check with USBKey management tool according to the value of the outside input block input of USBKey;
The outside input block of USBKey, is arranged on USBKey upper, joins, and activate or cancel input function by USBKey COS with the USBKey COS data that are built in USBKey.
2. a kind of locked check system of USBKey password of avoiding according to claim 1, is characterized in that, the outside input block of described USBKey is button or touch-screen.
3. avoid the locked method of calibration of USBKey password for one kind, it is characterized in that, first described method of calibration is coordinated with USBKey and is carried out password verification by USBKey management tool, when verification number of times reaches after predetermined value, USBKey COS in USBKey activates the outside input block of USBKey, to USBKey input validation password, carry out the verification of discontinuous button password by the outside input block of USBKey.
4. a kind of locked method of calibration of USBKey password of avoiding according to claim 3, it is characterized in that, in described method of calibration, by password checking procedure, add user key-press operation to carry out control checking process initiatively, realize the verification of discontinuous button password.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410078670.5A CN103810413A (en) | 2014-03-05 | 2014-03-05 | Check system and check method for avoiding USBKey password locking |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410078670.5A CN103810413A (en) | 2014-03-05 | 2014-03-05 | Check system and check method for avoiding USBKey password locking |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103810413A true CN103810413A (en) | 2014-05-21 |
Family
ID=50707170
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410078670.5A Pending CN103810413A (en) | 2014-03-05 | 2014-03-05 | Check system and check method for avoiding USBKey password locking |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103810413A (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101246526A (en) * | 2007-04-06 | 2008-08-20 | 李东声 | Electric endorsement instrument and its cipher calibration method |
| CN101350723A (en) * | 2008-06-20 | 2009-01-21 | 北京天威诚信电子商务服务有限公司 | USB Key equipment and method for implementing verification thereof |
| CN102236755A (en) * | 2011-05-04 | 2011-11-09 | 山东超越数控电子有限公司 | One-machine multi-user security access control method |
| CN102592101A (en) * | 2011-12-30 | 2012-07-18 | 广东工业大学 | Method and system for protecting LED display management software safety |
| CN103595532A (en) * | 2013-10-21 | 2014-02-19 | 上海动联信息技术股份有限公司 | Multi-functional composite password key based on USBKEY and OTP technology |
-
2014
- 2014-03-05 CN CN201410078670.5A patent/CN103810413A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101246526A (en) * | 2007-04-06 | 2008-08-20 | 李东声 | Electric endorsement instrument and its cipher calibration method |
| CN101350723A (en) * | 2008-06-20 | 2009-01-21 | 北京天威诚信电子商务服务有限公司 | USB Key equipment and method for implementing verification thereof |
| CN102236755A (en) * | 2011-05-04 | 2011-11-09 | 山东超越数控电子有限公司 | One-machine multi-user security access control method |
| CN102592101A (en) * | 2011-12-30 | 2012-07-18 | 广东工业大学 | Method and system for protecting LED display management software safety |
| CN103595532A (en) * | 2013-10-21 | 2014-02-19 | 上海动联信息技术股份有限公司 | Multi-functional composite password key based on USBKEY and OTP technology |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112214745B (en) | Authenticated external biometric reader and verification device | |
| EP2660750B1 (en) | System and method for securing controllers | |
| WO2017177435A1 (en) | Identity authentication method, terminal and server | |
| US20140068744A1 (en) | Surrogate Secure Pairing of Devices | |
| KR20160129839A (en) | An authentication apparatus with a bluetooth interface | |
| US20110276807A1 (en) | Remote update method for firmware | |
| US10114938B2 (en) | Secure electronic lock | |
| US10474804B2 (en) | Login mechanism for operating system | |
| CN112528257A (en) | Security debugging method and device, electronic equipment and storage medium | |
| US20160127346A1 (en) | Multi-factor authentication | |
| US7882340B2 (en) | Fingerprint reader remotely resetting system and method | |
| TWI651458B (en) | Electronic lock and its control method | |
| CN104168111A (en) | Method for realizing unified identity authentication of mobile applications based on portable security module | |
| WO2012089121A1 (en) | Device and method for secure information login and keyboard | |
| US20230058482A1 (en) | Universal credential | |
| KR102248132B1 (en) | Method, apparatus and program of log-in using biometric information | |
| CN103810413A (en) | Check system and check method for avoiding USBKey password locking | |
| KR102376420B1 (en) | Method for Controlling Login by Using Smart Phone | |
| CN103297399A (en) | Method and system for improving safety of intelligent secret key equipment | |
| CN103297398A (en) | Method and system for improving safety of intelligent information equipment | |
| KR102077204B1 (en) | Biometric security apparatus for complex certification and system for authentication using the same | |
| JP2013161104A (en) | System, apparatus, and method for biometric authentication | |
| TWI673980B (en) | Device connection management system and management method thereof | |
| WO2017201696A1 (en) | Method and device for unlocking touch device | |
| WO2017031705A1 (en) | Method and mobile terminal for authenticating account login via gesture and fingerprint |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20140521 |