CN104618112A - Method for verifying dynamic password of dynamic token - Google Patents
Method for verifying dynamic password of dynamic token Download PDFInfo
- Publication number
- CN104618112A CN104618112A CN201510026427.3A CN201510026427A CN104618112A CN 104618112 A CN104618112 A CN 104618112A CN 201510026427 A CN201510026427 A CN 201510026427A CN 104618112 A CN104618112 A CN 104618112A
- Authority
- CN
- China
- Prior art keywords
- time
- dynamic
- dynamic password
- token
- certification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
The invention discloses a method for verifying a dynamic password of a dynamic token. The method for verifying the dynamic password of the dynamic token is used for a dynamic password certification system to verify the dynamic password of the dynamic token. The method for verifying the dynamic password of the dynamic token includes that A, enabling the dynamic password certification system to read a stored time offset set therein corresponding to the dynamic token; B, generating each time in a time window in sequence according to the read time offset set; C, certificating the dynamic password of the dynamic token according to a password calculated at each time in the time window in sequence, when the use time certification is successful, adding 1 to the cumulative number of the corresponding time offset; D, re-ranking the time offset set according to the corresponding cumulative number of each time offset and storing. Through verifying for several times according to the steps, when verifying the dynamic password, the selected certification time is closer to the dynamic password generation time of the dynamic token, and accordingly the dynamic password judgment times of the certification system is reduced, and the certification efficiency is improved.
Description
Technical field
The present invention relates to field of information security technology, particularly a kind of method that verifies of dynamic password to dynamic token.
Background technology
Current based in the identity identifying technology of dynamic password, the generation of dynamic password is generally produced through crypto-operation by the following factor: seed key, challenge code and time.
Wherein seed key is kept in the dynamic token of front end and the dynamic password authentication system of rear end, would not change after dynamic token activates.
Challenge code is produced by the dynamic password authentication system of operation system or rear end, and is input in the dynamic token of front end and carries out computing.
Time is produce the dynamic password current time.
After the dynamic token generation dynamic password of front end, user is needed to be input to the operation system of dynamic token by hand, then described operation system is called dynamic password authentication system and is carried out certification, dynamic password authentication system can calculate dynamic password, and itself and the dynamic password passed over is compared.
Because front-end and back-end have the time difference when calculating dynamic password, and the time of dynamic token is along with the increase of service time, may occur inconsistent with the server time of dynamic password authentication system.Therefore dynamic password authentication system calculates dynamic password just the concept of time window, there is in this time window dynamic password authentication system current time, and according to the other times that time offset obtains successively, illustrate: such as adopt time offset unit to be 1 second, get time migration duration set for-2 ,-1,0,1,2} time, time set in then corresponding time window is then that { t-2, t-1, t, t+1, t+2}, t wherein represents the current time of dynamic password authentication system.Such as, current time t is 12:00, then the time set of this time window is { 11:58,11:59,12:00,12:01,12:02}.
If the password that dynamic password authentication system uses its current time t (corresponding time offset is 0) calculating dynamic password and dynamic token to calculate is inconsistent, the other times in time window then can be adopted successively to calculate dynamic password, then the dynamic password calculated with dynamic token compares, if all unsuccessful, then dynamic password authentication failure.
Based on this, in existing dynamic password authentication technology, due to the Time Inconsistency that dynamic token and Verification System calculating dynamic password adopt, Verification System can be caused to carry out dynamic password when carrying out certification, need the dynamic password carried out repeatedly to calculate, have a strong impact on the authentication efficiency problem of dynamic password.
Summary of the invention
In view of this, main purpose of the present invention is, provides a kind of method that dynamic password to dynamic token verifies, and verifies, comprise step for the dynamic password of dynamic password authentication system to the dynamic token received:
A, dynamic password authentication system read its time migration duration set corresponding with dynamic token stored;
B, according to read time migration duration set, each time successively in rise time window;
C, according to the password of each Time Calculation in time window, certification is carried out to the dynamic password of described dynamic token successively, and when deployed between certification by time, the cumulative number of the time offset of correspondence is added 1;
D, each cumulative number corresponding according to each time offset to time migration duration set re-start and sort and store.
By upper, after the checking procedure of repeatedly above-mentioned steps, make Verification System when the dynamic password verification to dynamic token, selected authenticated time more and more can generate the time of dynamic password close to dynamic token, thus reduce the number of times that Verification System judges dynamic password, improve authentication efficiency.
Optionally, each time in time window described in step B comprises: the current time of dynamic password authentication system respectively with each time offset in time migration duration set and.
By upper, after the checking procedure of repeatedly above-mentioned steps, make Verification System when the dynamic password verification to dynamic token, selected authenticated time more and more can generate the time of dynamic password close to dynamic token, thus reduce the number of times that Verification System judges dynamic password, improve authentication efficiency.
Optionally, each time in time window described in step B also comprises: the current time of dynamic password authentication system.
By upper, the authenticated time that Verification System adopts adopts current time at first, can reduce the password comparison process of certification.
Optionally, when step C is also included in each accumulation calculating, to the time offset joining day label that certification is passed through; And
Set one effective time section, retain the time offset in section described effective time.
By upper, the sequence in time migration duration set is made more to meet recent situation.
Accompanying drawing explanation
Fig. 1 is flow chart of the present invention.
Embodiment
Based on the defect of prior art, the invention provides a kind of method that dynamic password to dynamic token verifies.As shown in Figure 1, after dynamic password authentication system receives the dynamic password of dynamic token, the method for carrying out verifying comprises the following steps:
Step S10: dynamic password authentication system reads its time migration duration set corresponding with dynamic token stored.
Wherein, each time offset Δ T in this time migration duration set carries out descending sort according to the certified cumulative number NUM passed through of corresponding time T, and this sequencer procedure is specifically see the description in later step S30-S40.
Suppose the time migration duration set that reads in this step for Δ To, Δ Tp ..., Δ Ty}, corresponding each cumulative number NUMo>NUMp> ... >NUMy.
Step S20: dynamic password authentication system is according to each time in read time migration duration set successively rise time window.
Each time set expression in described time window be T1, T2 ..., Tn}, wherein T1=t+ Δ To, T2=t+ Δ Tp, Tn=t+ Δ Ty, t represents the current time of dynamic password authentication system.
Step S30: successively according in time window each time T1, T2 ..., Tn} carries out certification to the dynamic password of dynamic token, and when deployed between T certification by time, the cumulative number NUM of the time offset Δ T of correspondence is added 1, enters step S40.
Such as, when T2 certification is passed through when deployed, the cumulative number NUMp of time offset Δ Tp corresponding for T2 in this verification process is added 1.
Otherwise, when according to each time in time window to the dynamic password of dynamic token carry out certification all failure time, enter step S50, reporting authentication failure.
Step S40: to time migration duration set Δ To, Δ Tp ..., each cumulative number NUM that Δ Tn} is corresponding according to each time offset re-starts sequence, the time migration duration set used when upgrading dynamic password certification next time to described dynamic token.
Such as, suppose that this step judges NUMp>NUMo> ... >NUMy, then this step upgrade after time migration duration set be { Δ Tp, Δ To,, Δ Tn}, as the side-play amount set used during next certification.
Visible, after the checking procedure of repeatedly above-mentioned steps, make Verification System when the dynamic password verification to dynamic token, selected authenticated time more and more can generate the time of dynamic password close to dynamic token, thus reduce the number of times that Verification System judges dynamic password, improve authentication efficiency.
The foregoing is only preferred embodiment of the present invention, not in order to limit the present invention.In a word, within the spirit and principles in the present invention all, any amendment done, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.
In addition, in order to avoid the previous time is on the impact of cumulative number NUM, can also to NUM joining day label when each accumulation calculating, thus learn that each accumulation calculating is the calculating when carried out, and limit NUM only to setting-up time, as effective in the accumulation calculating in month, and by the cumulative removal before 1 month.Thus make time migration duration set Δ To, Δ Tp ..., the sequence in Δ Tn} more meets recent situation.
It should be noted that, in above-mentioned example, described time offset Δ T comprises the situation of Δ T=0, the i.e. situation of T=t, when therefore adopting the dynamic password of said method to dynamic token to verify, Verification System adopt authenticated time at first may be its current time t, the i.e. situation of T=t, this is in the maximum situation of the cumulative number NUM that t is corresponding, if the NUM of correspondence is not maximum, the authenticated time that then Verification System adopts not is its current time t, but the time that certification number of pass times is maximum, thus the password comparison process of certification can be reduced.
Also it should be noted that; in above-described embodiment, when describing step S20, be each time { T1 once generated in time window; T2;, Tn}, is understood that; also the current time that will use can only be generated in this step; when using the obstructed out-of-date regeneration of this time certification next time in step S30, the change of this technology belongs to apparent routine change, all belongs to the present invention and protects within category.
Claims (4)
1., to the method that the dynamic password of dynamic token verifies, verify for the dynamic password of dynamic password authentication system to the dynamic token received, comprise step:
A, dynamic password authentication system read its time migration duration set corresponding with dynamic token stored;
B, according to read time migration duration set, each time successively in rise time window;
C, according to the password of each Time Calculation in time window, certification is carried out to the dynamic password of described dynamic token successively, and when deployed between certification by time, the cumulative number of the time offset of correspondence is added 1;
D, each cumulative number corresponding according to each time offset to time migration duration set re-start and sort and store.
2. method according to claim 1, is characterized in that, each time in time window described in step B comprises: the current time of dynamic password authentication system respectively with each time offset in time migration duration set and.
3. method according to claim 2, is characterized in that, each time in time window described in step B also comprises: the current time of dynamic password authentication system.
4. method according to claim 1, is characterized in that, when step C is also included in each accumulation calculating, to the time offset joining day label that certification is passed through; And
Set one effective time section, retain the time offset in section described effective time.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510026427.3A CN104618112B (en) | 2015-01-19 | 2015-01-19 | Method for verifying dynamic password of dynamic token |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510026427.3A CN104618112B (en) | 2015-01-19 | 2015-01-19 | Method for verifying dynamic password of dynamic token |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104618112A true CN104618112A (en) | 2015-05-13 |
| CN104618112B CN104618112B (en) | 2017-02-22 |
Family
ID=53152406
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510026427.3A Active CN104618112B (en) | 2015-01-19 | 2015-01-19 | Method for verifying dynamic password of dynamic token |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104618112B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108027920A (en) * | 2015-06-14 | 2018-05-11 | 滕德尔阿莫尔有限责任公司 | For electronic transaction and the safety measure of user authentication |
| CN110224834A (en) * | 2019-05-24 | 2019-09-10 | 清华大学 | Identity identifying method, decryption and ciphering terminal based on dynamic token |
| CN111125137A (en) * | 2019-12-26 | 2020-05-08 | 航天壹进制(南京)数据科技有限公司 | Batch real-time protection data verification method |
| CN113095818A (en) * | 2019-12-23 | 2021-07-09 | 捷德(中国)信息科技有限公司 | License plate payment, license plate payment authentication method and license plate payment enhanced authentication system |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102307092A (en) * | 2011-04-27 | 2012-01-04 | 上海动联信息技术有限公司 | Intelligent time compensation method for dynamic token |
| CN102843236A (en) * | 2012-09-12 | 2012-12-26 | 飞天诚信科技股份有限公司 | Generation and authentication method and system for dynamic password |
| CN102868529A (en) * | 2012-08-31 | 2013-01-09 | 飞天诚信科技股份有限公司 | Method for identifying and calibrating time |
| CN103580856A (en) * | 2013-11-19 | 2014-02-12 | 上海众人网络安全技术有限公司 | Method for synchronizing token device according to sizes of certification windows |
| CN103647647A (en) * | 2013-12-06 | 2014-03-19 | 上海众人网络安全技术有限公司 | Automatic correction method for time migration of dynamic password at server side |
-
2015
- 2015-01-19 CN CN201510026427.3A patent/CN104618112B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102307092A (en) * | 2011-04-27 | 2012-01-04 | 上海动联信息技术有限公司 | Intelligent time compensation method for dynamic token |
| CN102868529A (en) * | 2012-08-31 | 2013-01-09 | 飞天诚信科技股份有限公司 | Method for identifying and calibrating time |
| CN102843236A (en) * | 2012-09-12 | 2012-12-26 | 飞天诚信科技股份有限公司 | Generation and authentication method and system for dynamic password |
| CN103580856A (en) * | 2013-11-19 | 2014-02-12 | 上海众人网络安全技术有限公司 | Method for synchronizing token device according to sizes of certification windows |
| CN103647647A (en) * | 2013-12-06 | 2014-03-19 | 上海众人网络安全技术有限公司 | Automatic correction method for time migration of dynamic password at server side |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108027920A (en) * | 2015-06-14 | 2018-05-11 | 滕德尔阿莫尔有限责任公司 | For electronic transaction and the safety measure of user authentication |
| CN110224834A (en) * | 2019-05-24 | 2019-09-10 | 清华大学 | Identity identifying method, decryption and ciphering terminal based on dynamic token |
| CN113095818A (en) * | 2019-12-23 | 2021-07-09 | 捷德(中国)信息科技有限公司 | License plate payment, license plate payment authentication method and license plate payment enhanced authentication system |
| CN111125137A (en) * | 2019-12-26 | 2020-05-08 | 航天壹进制(南京)数据科技有限公司 | Batch real-time protection data verification method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104618112B (en) | 2017-02-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105610938B (en) | Logging state synchronous method and system | |
| US20150207790A1 (en) | Method and system for generating and authorizing dynamic password | |
| EP3779760B1 (en) | Blockchain-based data processing method and apparatus, and electronic device | |
| CN109492382B (en) | Single input box login verification method | |
| CN106708687B (en) | Chip verification method and device based on executable file | |
| CN104618112A (en) | Method for verifying dynamic password of dynamic token | |
| CN106991326A (en) | The upgrade method and its equipment of a kind of equipment firmware | |
| CN105141605B (en) | Session method, Website server and browser | |
| CN105306423B (en) | Unified login method for distribution Web web station system | |
| CN104580104A (en) | Method, device and system for identity verification | |
| CN104301875A (en) | Short message processing method and device | |
| CN103841111A (en) | Method for preventing data from being submitted repeatedly and server | |
| CN106485140A (en) | A kind of upgrade method of electric energy meter and upgrade-system | |
| CN105656891A (en) | Weak password checking method and device | |
| CN103634328A (en) | Authentication method, device and system for network platform authentication server | |
| CN105915343A (en) | Registered user off line activation method and system | |
| CN110324344A (en) | The method and device of account information certification | |
| CN108234441B (en) | Method, apparatus, electronic device and storage medium for determining forged access request | |
| CN105187218A (en) | Digital record signature method for multicore infrastructure and verification method | |
| CN104935555B (en) | client certificate authentication method, server, client and system | |
| KR101077975B1 (en) | Method of generating fuzzy vault based on biometric information and verifying user's indentification using fuzzy vault | |
| CN103888470A (en) | Dynamic token synchronizing method and system | |
| US20080162355A1 (en) | System and method for helping and verifying a signer to sign electronic orders | |
| CN110399148A (en) | A kind of verification method, device and the computer readable storage medium of BMC upgrading | |
| CN104270753B (en) | The method and system of network access authentication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: 100094, Beijing, Haidian District, West Road, No. 8, Zhongguancun Software Park, building 9, international software building E, one floor, two layers Applicant after: BEIJING HAITAI FANGYUAN HIGH TECHNOLOGY CO., LTD. Address before: 100094, Beijing, Haidian District, West Road, No. 8, Zhongguancun Software Park, building 9, international software building E, one floor, two layers Applicant before: Beijing Haitai Fangyuan High Technology Co., Ltd. |
|
| COR | Change of bibliographic data | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |