CN104394532A - Anti-brute force safe log-in method for mobile terminal - Google Patents
Anti-brute force safe log-in method for mobile terminal Download PDFInfo
- Publication number
- CN104394532A CN104394532A CN201410673373.5A CN201410673373A CN104394532A CN 104394532 A CN104394532 A CN 104394532A CN 201410673373 A CN201410673373 A CN 201410673373A CN 104394532 A CN104394532 A CN 104394532A
- Authority
- CN
- China
- Prior art keywords
- mobile terminal
- verification code
- random verification
- message digest
- user name
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/02—Terminal devices
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses an anti-brute force safe log-in method for a mobile terminal. The anti-brute force safe log-in method for the mobile terminal includes that the mobile terminal sends a log-in verification request to a server; the mobile terminal encrypts a user name and clear-text passwords through a message digest algorithm to obtain a random verification code; the mobile terminal sends the user name and random verification code to the server to verify the random verification code.
Description
Technical field
The present invention relates to mobile terminal to log in, more specifically, the present invention relates to the safe login method that mobile terminal anti-violence cracks.
Background technology
Existing mobile terminal login mode generally adopts plaintext user name+md5 encryption pin mode checking, then takes user rs authentication frequency and ip request frequency restriction strategy in service end, logs in.As shown in Figure 1, which illustrates the block diagram of existing login mode.
Although existing login scheme, the Brute Force problem for unique user can be solved, such as when a user name or ip access services end login authentication interface, too frequent we directly can point out abnormal information, thus the checking that cracks of refusal magnanimity is asked.
But; often can there is unsafe situation in current internet information system; a lot of website goes out the user name even problem of password leakage all cruelly; several thousand user names up to a million are had in hacker's hand; the carrying out checking attack that this user name pond just can be utilized to circulate cracks, and a user has three chances, and so 1,000,000 users just have 3,000,000 chances to crack; crack the probability of success greatly to increase, the account safety of serious threat Internet user.
Therefore, a kind of safe login method that effectively can prevent Brute Force is needed.
Summary of the invention
Technical solution of the present invention, on existing login mode, has utilized the problem that cracks in user pond to carry out improved for hacker and strengthened, thoroughly avoided the problem that user cipher is easily cracked, for enterprise-class tools's information security provides the guarantee be perfectly safe.
According to one embodiment of present invention, provide the safe login method that a kind of mobile terminal anti-violence cracks, comprising: described mobile terminal sends login authentication request to service end; User name and clear-text passwords are encrypted through Message Digest 5 by described mobile terminal, to obtain random verification code; And described user name and described random verification code are sent to described service end to carry out random verification code checking by described mobile terminal.
Preferably, described Message Digest 5 comprise following in one or more: Secure Hash Algorithm SHA1, irreversiblely distributedly disperse cryptographic algorithm and Message Digest Algorithm 5 MD5, multiple SHA1, distributedly disperse cryptographic algorithm.
According to the detailed description below the disclosure and accompanying drawing, other object, feature and advantage will be apparent to those skilled in the art.
Accompanying drawing explanation
Accompanying drawing illustrates embodiments of the invention, and is used from specification one and explains principle of the present invention.In the accompanying drawings:
Fig. 1 illustrates the block diagram of existing login mode.
Fig. 2 illustrates the block diagram that anti-violence according to an embodiment of the invention cracks login mode.
Embodiment
A kind of safe login method cracked for mobile terminal anti-violence is disclosed according to embodiments of the invention.In the following description, for illustrative purposes, multiple detail has been set forth to provide the complete understanding to embodiments of the invention.But it is evident that for those skilled in the art, embodiments of the invention can realize when not having these details.
Password is that communicating pair carries out the important secret means of one of information special switch by the rule of agreement.According to these rules, by expressly becoming ciphertext, be called enciphering transformation; Ciphertext is become expressly, be called that DecryptDecryption converts.
Brute Force method is a kind of deciphering method for password, that is, calculated one by one by password, until find real password.Such as, one known is four and the password be all made up of numeral, and it can have 10000 kinds of combinations, therefore attempts at most just finding correct password 9999 times.In theory, profit can crack any one password in this way.
According to technical scheme of the present invention, can realize that there is the safe login method that lasting anti-violence cracks ability.Technical scheme of the present invention, by the mechanism of random verification code controlled safely, can be resisted the Brute Force of hacker lastingly, thus ensure the information security of the various types of communication system in intelligent terminal.
Fig. 2 illustrates the block diagram that anti-violence according to an embodiment of the invention cracks login mode.As shown in Figure 2, first, mobile terminal application sends login authentication request to service end, and then, user name and clear-text passwords are encrypted through Message Digest 5 by mobile terminal, to obtain random verification code.And then user name is sent to service end login interface by mobile terminal together with obtained random verification code, and then carry out random verification code checking.
The principal character of Message Digest 5 is that ciphering process does not need key, and cannot be decrypted through the data of encryption, only has the identical clear data of input just can obtain identical ciphertext through identical Message Digest 5.
In one embodiment, Message Digest 5 includes but not limited to Secure Hash Algorithm SHA1, irreversiblely distributedly disperses cryptographic algorithm and Message Digest Algorithm 5 MD5, multiple SHA1, distributedly disperses cryptographic algorithm, or its combination in any.It will be understood by those skilled in the art that and the invention is not restricted to these algorithms, other algorithms can also be adopted.
Secure Hash Algorithm (SHA1) is mainly applicable to the Digital Signature Algorithm defined inside DSS.Length is less than to the message of 2^64 position, SHA1 can produce the eap-message digest of 160.In time receiving message, this eap-message digest can be used for the integrality of verification msg.In the process of transmission, data change possibly, so at this time will produce different eap-message digests.
Message Digest Algorithm 5 (MD5) is the widely used a kind of hash function of computer safety field; in order to provide the integrity protection of message, thus Large Copacity information is made to be become a kind of secret form by " compression " before with digital signature software signature private key.The message of application MD5 algorithm summary has the output of 128.
As can be seen from Figure 2 provide a kind of new anti-violence and crack mode, this login mode only needs authentication of users and random verification code.Mobile terminal is except sending user name, also by user name and clear-text passwords after Secure Hash Algorithm (SHA1) and Message Digest Algorithm 5 (MD5) encryption to obtain random verification code, user name is sent to service end login interface together with obtained random verification code, and then carry out random verification code checking.
Because each user is when logging in, the random verification code produced through encrypting user and password is all different, so hacker cannot learn the algorithm agreement of mobile terminal application and service end, so hacker can crack never; And without the need to transmitting MD5 password separately again, effectively prevent MD5 password and being translated by counter.
The key point of technical scheme is random verification code, is insecure according to Traditional Thinking simple authentication of users name and password, must add the consideration on algorithm, namely random verification code when verifying.But the password that also contains user in random verification code makes the information of random verification code larger, password is not translated by counter.
Above-described embodiment is only the preferred embodiments of the present invention, is not limited to the present invention.It will be apparent for a person skilled in the art that without departing from the spirit and scope of the present invention, various amendment and change can be carried out to embodiments of the invention.Therefore, the invention is intended to contain all amendments within the scope of the present invention as defined by the appended claims of falling into or modification.
Claims (2)
1. the safe login method that cracks of mobile terminal anti-violence, comprising:
Described mobile terminal sends login authentication request to service end;
User name and clear-text passwords are encrypted through Message Digest 5 by described mobile terminal, to obtain random verification code; And
Described user name and described random verification code are sent to described service end to carry out random verification code checking by described mobile terminal.
2. method according to claim 1, wherein, described Message Digest 5 comprise following in one or more: Secure Hash Algorithm SHA1, irreversiblely distributedly disperse cryptographic algorithm and Message Digest Algorithm 5 MD5, multiple SHA1, distributedly disperse cryptographic algorithm.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410673373.5A CN104394532A (en) | 2014-11-21 | 2014-11-21 | Anti-brute force safe log-in method for mobile terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410673373.5A CN104394532A (en) | 2014-11-21 | 2014-11-21 | Anti-brute force safe log-in method for mobile terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104394532A true CN104394532A (en) | 2015-03-04 |
Family
ID=52612356
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410673373.5A Pending CN104394532A (en) | 2014-11-21 | 2014-11-21 | Anti-brute force safe log-in method for mobile terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104394532A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106302386A (en) * | 2016-07-25 | 2017-01-04 | 深圳信息职业技术学院 | A kind of method promoting IPv6 protocol data bag safety |
| CN106850505A (en) * | 2015-12-04 | 2017-06-13 | 阿里巴巴集团控股有限公司 | A kind of verification method and device of cross-border business |
| CN109842667A (en) * | 2017-11-29 | 2019-06-04 | 北京京东尚科信息技术有限公司 | Method and cloud platform system for cloud platform management smart machine |
| CN111988301A (en) * | 2020-08-14 | 2020-11-24 | 武汉气吞云梦科技有限公司 | Secure communication method for preventing client from hacker violence attack |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1773018A1 (en) * | 2005-10-05 | 2007-04-11 | Privasphere AG | Method and devices for user authentication |
| CN101291227A (en) * | 2008-06-06 | 2008-10-22 | 薛明 | Password inputting method, device and system |
| CN102316112A (en) * | 2011-09-16 | 2012-01-11 | 李建成 | Password authentication method in network application and system |
| CN102752285A (en) * | 2012-06-07 | 2012-10-24 | 广东电网公司茂名供电局 | Pre-authentification computer system login method based on high collision probability hash function |
| CN103326991A (en) * | 2012-03-20 | 2013-09-25 | 北京聚宝网络科技有限公司 | Method for password encrypted storage and password authentication |
-
2014
- 2014-11-21 CN CN201410673373.5A patent/CN104394532A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1773018A1 (en) * | 2005-10-05 | 2007-04-11 | Privasphere AG | Method and devices for user authentication |
| CN101291227A (en) * | 2008-06-06 | 2008-10-22 | 薛明 | Password inputting method, device and system |
| CN102316112A (en) * | 2011-09-16 | 2012-01-11 | 李建成 | Password authentication method in network application and system |
| CN103326991A (en) * | 2012-03-20 | 2013-09-25 | 北京聚宝网络科技有限公司 | Method for password encrypted storage and password authentication |
| CN102752285A (en) * | 2012-06-07 | 2012-10-24 | 广东电网公司茂名供电局 | Pre-authentification computer system login method based on high collision probability hash function |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106850505A (en) * | 2015-12-04 | 2017-06-13 | 阿里巴巴集团控股有限公司 | A kind of verification method and device of cross-border business |
| CN106302386A (en) * | 2016-07-25 | 2017-01-04 | 深圳信息职业技术学院 | A kind of method promoting IPv6 protocol data bag safety |
| CN109842667A (en) * | 2017-11-29 | 2019-06-04 | 北京京东尚科信息技术有限公司 | Method and cloud platform system for cloud platform management smart machine |
| CN109842667B (en) * | 2017-11-29 | 2021-10-01 | 北京京东尚科信息技术有限公司 | Method for managing intelligent equipment by cloud platform and cloud platform system |
| CN111988301A (en) * | 2020-08-14 | 2020-11-24 | 武汉气吞云梦科技有限公司 | Secure communication method for preventing client from hacker violence attack |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3197123B1 (en) | Method, terminal, and network server for information encryption and decryption and key management | |
| CN107294937B (en) | Data transmission method based on network communication, client and server | |
| WO2020087805A1 (en) | Trusted authentication method employing two cryptographic values and chaotic encryption in measurement and control network | |
| KR100811419B1 (en) | Countermeasure Against Denial-of-Service Attack in Authentication Protocols Using Public-Key Encryption | |
| CN103166958B (en) | A kind of guard method of file and system | |
| CN108768930A (en) | A kind of encrypted transmission method of data | |
| CN104243494B (en) | A kind of data processing method | |
| CN102780698A (en) | User terminal safety communication method in platform of Internet of Things | |
| CN107306181B (en) | Authentication system and encryption and verification method and device of authentication information thereof | |
| CN104158653A (en) | Method of secure communication based on commercial cipher algorithm | |
| CN104901935A (en) | Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem) | |
| SE539602C2 (en) | Generating a symmetric encryption key | |
| CN101286849A (en) | Authentication system and method of a third party based on engagement arithmetic | |
| CN101420298B (en) | Method and system for negotiating cipher | |
| CN110519300A (en) | Client key method for secure storing based on password bidirectional authentication | |
| CN103701787A (en) | User name password authentication method implemented on basis of public key algorithm | |
| JP2022521525A (en) | Cryptographic method for validating data | |
| CN113411187A (en) | Identity authentication method and system, storage medium and processor | |
| CN111010399A (en) | Data transmission method and device, electronic equipment and storage medium | |
| CN105141629A (en) | Method for improving network security of public Wi-Fi based on WPA/WPA2 PSK multiple passwords | |
| CZ2013373A3 (en) | Authentication method of safe data channel | |
| CN104394532A (en) | Anti-brute force safe log-in method for mobile terminal | |
| CN110519222B (en) | External network access identity authentication method and system based on disposable asymmetric key pair and key fob | |
| KR102219086B1 (en) | HMAC-based source authentication and secret key sharing method and system for Unnamed Aerial vehicle systems | |
| CN104811451A (en) | Link login method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20150304 |