CN104322003B - 借助实时加密进行的密码认证和识别方法 - Google Patents

借助实时加密进行的密码认证和识别方法 Download PDF

Info

Publication number
CN104322003B
CN104322003B CN201380013078.0A CN201380013078A CN104322003B CN 104322003 B CN104322003 B CN 104322003B CN 201380013078 A CN201380013078 A CN 201380013078A CN 104322003 B CN104322003 B CN 104322003B
Authority
CN
China
Prior art keywords
key
client device
central server
customer
encrypted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201380013078.0A
Other languages
English (en)
Chinese (zh)
Other versions
CN104322003A (zh
Inventor
H·拜德尔
E·赫迪
J·绍尔胡贝尔
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
FINALOGIC BUSINESS TECHNOLOGIES GmbH
Original Assignee
FINALOGIC BUSINESS TECHNOLOGIES GmbH
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by FINALOGIC BUSINESS TECHNOLOGIES GmbH filed Critical FINALOGIC BUSINESS TECHNOLOGIES GmbH
Publication of CN104322003A publication Critical patent/CN104322003A/zh
Application granted granted Critical
Publication of CN104322003B publication Critical patent/CN104322003B/zh
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4012Verifying personal identification numbers [PIN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q2220/00Business processing using cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/24Key scheduling, i.e. generating round keys or sub-keys for block encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/062Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying encryption of the keys

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • Storage Device Security (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
CN201380013078.0A 2012-01-31 2013-01-28 借助实时加密进行的密码认证和识别方法 Expired - Fee Related CN104322003B (zh)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
ATA131/2012 2012-01-31
ATA131/2012A AT512289B1 (de) 2012-01-31 2012-01-31 Kryptographisches authentifizierungs- und identifikationsverfahren für mobile telefon- und kommunikationsgeräte mit realzeitverschlüsselung während der aktionsperiode
PCT/AT2013/000013 WO2013113050A1 (de) 2012-01-31 2013-01-28 Kryptographisches authentifizierungs - und identifikationsverfahren mit realzeitverschlüsselung

Publications (2)

Publication Number Publication Date
CN104322003A CN104322003A (zh) 2015-01-28
CN104322003B true CN104322003B (zh) 2017-04-19

Family

ID=47713742

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201380013078.0A Expired - Fee Related CN104322003B (zh) 2012-01-31 2013-01-28 借助实时加密进行的密码认证和识别方法

Country Status (8)

Country Link
US (1) US10089627B2 (https=)
EP (1) EP2810400B1 (https=)
CN (1) CN104322003B (https=)
AT (1) AT512289B1 (https=)
BR (1) BR112014018914A8 (https=)
RU (1) RU2584500C2 (https=)
WO (1) WO2013113050A1 (https=)
ZA (1) ZA201405980B (https=)

Families Citing this family (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016129863A1 (en) 2015-02-12 2016-08-18 Samsung Electronics Co., Ltd. Payment processing method and electronic device supporting the same
US10193700B2 (en) * 2015-02-27 2019-01-29 Samsung Electronics Co., Ltd. Trust-zone-based end-to-end security
WO2016137277A1 (en) 2015-02-27 2016-09-01 Samsung Electronics Co., Ltd. Electronic device providing electronic payment function and operating method thereof
KR102460459B1 (ko) 2015-02-27 2022-10-28 삼성전자주식회사 전자 장치를 이용한 카드 서비스 방법 및 장치
US10846696B2 (en) 2015-08-24 2020-11-24 Samsung Electronics Co., Ltd. Apparatus and method for trusted execution environment based secure payment transactions
US10699274B2 (en) 2015-08-24 2020-06-30 Samsung Electronics Co., Ltd. Apparatus and method for secure electronic payment
US9838379B1 (en) * 2015-12-01 2017-12-05 Sprint Communications Company L.P. Security tiering in a mobile communication device application framework
US10115092B1 (en) 2016-03-04 2018-10-30 Sprint Communications Company L.P. Service composition in a mobile communication device application framework
US10592685B2 (en) * 2017-04-27 2020-03-17 Google Llc Encrypted search cloud service with cryptographic sharing
CN109254734B (zh) * 2018-09-06 2021-12-03 郑州云海信息技术有限公司 一种数据存储方法、装置、设备及计算机可读存储介质
CN110958598B (zh) * 2018-09-26 2022-05-06 中国移动通信有限公司研究院 一种移动终端和sim卡的绑定认证方法和装置
KR102751889B1 (ko) * 2019-10-25 2025-01-09 삼성전자주식회사 권한 정보에 기초한 인증서를 사용하여 액세스 컨트롤하는 방법 및 장치
CN114189862B (zh) 2020-09-14 2026-04-07 Drnc控股公司 无线终端及无线终端在Uboot模式下的接口访问鉴权方法
CN112164220B (zh) * 2020-09-22 2022-08-02 江西锦路科技开发有限公司 一种高速公路服务区拥堵监测及自动导引系统

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002047356A2 (en) * 2000-12-07 2002-06-13 Thomson Licensing S.A. Method of secure transmission of digital data from a source to a receiver
US20040168055A1 (en) * 2003-02-20 2004-08-26 Lord Robert B. Secure instant messaging system
CN1565117A (zh) * 2001-08-10 2005-01-12 科里普托马迪克公司 数据验证方法和装置

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6795555B1 (en) * 1999-12-30 2004-09-21 Nortel Networks Limited Encryption key exchange protocol
US7392388B2 (en) 2000-09-07 2008-06-24 Swivel Secure Limited Systems and methods for identity verification for secure transactions
US7992007B2 (en) * 2002-02-05 2011-08-02 Cardinalcommerce Corporation Dynamic pin pad for credit/debit/ other electronic transactions
US6954793B2 (en) * 2002-05-13 2005-10-11 Thomson Licensing S.A. Pre-paid data card authentication in a public wireless LAN access system
GB2416058B (en) * 2004-07-09 2008-01-23 Tricerion Ltd A method of secure data communication
AT504634B1 (de) 2006-12-04 2008-11-15 Hofstaedter Gernot Dr Verfahren zum transferieren von verschlüsselten nachrichten
US20080148186A1 (en) * 2006-12-18 2008-06-19 Krishnamurthy Sandeep Raman Secure data entry device and method
US8640203B2 (en) * 2007-06-04 2014-01-28 Rajesh G. Shakkarwar Methods and systems for the authentication of a user
CA2621147C (en) * 2008-02-15 2013-10-08 Connotech Experts-Conseils Inc. Method of bootstrapping an authenticated data session configuration
DE102011051498A1 (de) * 2011-06-06 2012-12-06 Kobil Systems Gmbh Gesicherter Zugriff auf Daten in einem Gerät

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002047356A2 (en) * 2000-12-07 2002-06-13 Thomson Licensing S.A. Method of secure transmission of digital data from a source to a receiver
CN1565117A (zh) * 2001-08-10 2005-01-12 科里普托马迪克公司 数据验证方法和装置
US20040168055A1 (en) * 2003-02-20 2004-08-26 Lord Robert B. Secure instant messaging system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"A Reliable Architecture for the Advanced Encryption Standard";G.Di Natale,M.Doulcier,M.L.Flottes,B.Rouzeyre;《13th European Test Symposium,IEEE》;20080529;全文 *

Also Published As

Publication number Publication date
CN104322003A (zh) 2015-01-28
EP2810400B1 (de) 2015-12-02
BR112014018914A8 (pt) 2017-07-11
RU2014135325A (ru) 2016-03-20
AT512289A4 (de) 2013-07-15
BR112014018914A2 (https=) 2017-06-20
US10089627B2 (en) 2018-10-02
AT512289B1 (de) 2013-07-15
RU2584500C2 (ru) 2016-05-20
ZA201405980B (en) 2015-11-25
US20150006404A1 (en) 2015-01-01
WO2013113050A1 (de) 2013-08-08
EP2810400A1 (de) 2014-12-10

Similar Documents

Publication Publication Date Title
CN104322003B (zh) 借助实时加密进行的密码认证和识别方法
US10595201B2 (en) Secure short message service (SMS) communications
AU2015308608B2 (en) Methods for secure cryptogram generation
KR101389100B1 (ko) 저복잡도 장치들을 사용하여 인증 및 프라이버시를 제공하는 방법 및 장치
US9258296B2 (en) System and method for generating a strong multi factor personalized server key from a simple user password
CN103714634B (zh) 一种安全下载终端主密钥的方法及系统
TWI497336B (zh) 用於資料安全之裝置及電腦程式
CN1565117B (zh) 数据验证方法和装置
US20080240447A1 (en) System and method for user authentication with exposed and hidden keys
US10044684B2 (en) Server for authenticating smart chip and method thereof
US20120005474A1 (en) Information system and method of identifying a user by an application server
JP2012530996A (ja) 認証方法及びシステム
WO2000030292A1 (en) Method and system for authenticating and utilizing secure resources in a computer system
JP2000357156A (ja) 認証シード配布のためのシステムおよび方法
US10263782B2 (en) Soft-token authentication system
US20140258718A1 (en) Method and system for secure transmission of biometric data
CN105447715A (zh) 用于与第三方合作的防盗刷电子优惠券的方法和装置
CN106953732A (zh) 芯片卡的密钥管理系统及方法
JP2003152716A (ja) 可変認証情報を用いる資格認証方法
CN100431297C (zh) 采用双重认证协议来防止用户口令被盗用的方法
CN113922958B (zh) 基于生物识别和sm2协同密码算法的密码保护方法及装置
CN1980127A (zh) 口令认证系统及口令认证方法
KR101271464B1 (ko) 이중 인증 시스템의 비밀키 암호화 방법
JP4140617B2 (ja) 認証用記録媒体を用いた認証システムおよび認証用記録媒体の作成方法
Assora et al. A web transaction security scheme based on disposable credit card numbers

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20170419

Termination date: 20200128