CN105071939B - A kind of user information authentication method and system - Google Patents
A kind of user information authentication method and system Download PDFInfo
- Publication number
- CN105071939B CN105071939B CN201510417209.2A CN201510417209A CN105071939B CN 105071939 B CN105071939 B CN 105071939B CN 201510417209 A CN201510417209 A CN 201510417209A CN 105071939 B CN105071939 B CN 105071939B
- Authority
- CN
- China
- Prior art keywords
- user
- terminal
- dynamic key
- information
- certification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Information Transfer Between Computers (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The present invention provides a kind of user information authentication method and system.Wherein, this method comprises: certification terminal obtains the user information of user terminal uploads, user information includes user identifier and informative abstract value;It authenticates terminal and obtains dynamic key, cryptographic calculation is carried out to user identifier and dynamic key by preset Encryption Algorithm, informative abstract value is authenticated according to cryptographic calculation result.During the present invention authenticates terminal to user information authentication, it does not need to carry out user information real-time network inquiry or certification terminal local inquiry, authentication result quickly can be fed back to user by certification terminal, improve authentication efficiency, while dynamic key also improves safety.
Description
Technical field
The present invention relates to the self-service control fields of industrial equipment, in particular to a kind of user information authentication method and are
System.
Background technique
Currently, being frequently necessary to authenticate user information in daily life, to determine user identity.For example, user exists
When obtaining the ticket of its cyber ordering by station terminal, station terminal needs authenticate the user information of the user, with
Confirm the passenger identity of the user.
Currently, a kind of method of user information authentication is provided in the related technology, comprising: each use is stored in server
The user information of user is handed down to user terminal in advance by the user information at family, server.When being authenticated to user information,
It authenticates terminal and obtains user information from user terminal, which is sent to server.Server to the user information into
Row certification, then returns to certification terminal for authentication result.It authenticates terminal and user identity is confirmed according to the authentication result.
In the implementation of the present invention, inventor find the relevant technologies the prior art has at least the following problems:
It authenticates terminal and user information is sent to server, authenticated by server, when certain network being needed to respond
Between, especially authenticating when network speed is very slow will take a significant amount of time, and cause authentication efficiency very low.
Summary of the invention
In view of this, the embodiment of the present invention is designed to provide a kind of user information authentication method and system, it to be used for work
Industry controls the information security of equipment, and can quickly user information be authenticated by realizing certification terminal, improves authentication efficiency.
In a first aspect, the embodiment of the invention provides a kind of user information authentication methods, which comprises
It authenticates terminal and obtains the user information that the terminal of user uploads, the user information includes that user identifier and information are plucked
It is worth;
The certification terminal obtains dynamic key, close to the user identifier and the dynamic by preset Encryption Algorithm
Key carries out cryptographic calculation, is authenticated according to cryptographic calculation result to the informative abstract value.
With reference to first aspect, the embodiment of the invention provides the first possible implementation of above-mentioned first aspect,
In, the certification terminal obtains the user information that the terminal of user uploads, comprising:
The two dimensional code that the terminal of the certification terminal scanning user is shown, extracts user's from the two dimensional code of scanning
User information;Alternatively,
The certification terminal establishes the communication connection between the terminal of the user, obtains institute by the communication connection
State the user information of user.
With reference to first aspect, the embodiment of the invention provides second of possible implementation of above-mentioned first aspect,
In, before the user information that the terminal that the certification terminal obtains user uploads, further includes:
It authenticates terminal and generates dynamic key every the first preset time period, store the dynamic key, and by the dynamic
Key is sent to server, so that the server according to the dynamic key is generated for user informative abstract value and by the letter
Breath digest value is sent to the terminal of the user.
The possible implementation of second with reference to first aspect, the embodiment of the invention provides the of above-mentioned first aspect
Three kinds of possible implementations, wherein described that the dynamic key is sent to before server, further includes:
The certification terminal obtains dynamic code from the server every the second preset time period, passes through the institute obtained recently
Dynamic code is stated to encrypt the dynamic key.
With reference to first aspect, the embodiment of the invention provides the 4th kind of possible implementation of above-mentioned first aspect,
In, the method also includes:
It authenticates terminal every preset time period and generates dynamic key, according to the user identifier of the dynamic key and user,
The user identifier of the user and the informative abstract value are sent to server by the informative abstract value for generating the user, with
Make the server that the informative abstract value of the user to be transmitted to the terminal of the user.
Second aspect, the embodiment of the invention provides a kind of methods of user information authentication, which comprises
Server receives the authentication-related information that certification terminal is sent;
When the authentication-related information includes the mark and dynamic key of the certification terminal, the server is according to institute
The mark of certification terminal is stated, it is described for inquiring the mark for authenticating the corresponding authorized user of terminal according to the dynamic key
Authorized user generates informative abstract value, the informative abstract value is sent to the terminal of the authorized user, so that the authorization
The terminal of user carries out user information authentication according to the informative abstract value to the certification terminal.
In conjunction with second aspect, the embodiment of the invention provides the first possible implementation of above-mentioned second aspect,
In, when the authentication-related information includes the corresponding relationship of user identifier and informative abstract value, the server is from described right
It should be related to middle acquisition user identifier and its corresponding informative abstract value, the informative abstract value is sent to the user identifier pair
The terminal of the user answered.
In conjunction with the possible implementation of the first of second aspect or second aspect, the embodiment of the invention provides above-mentioned
Second of possible implementation of two aspects, wherein the method also includes:
The server generates dynamic code every the second preset time period, and the dynamic code is sent to the certification terminal
With the terminal of the user so that the terminal letter to be sent by the dynamic code encryption of the certification terminal and the user
Breath and the information received by dynamic code decryption.
The third aspect, the embodiment of the invention provides a kind of user information authentication system, the system comprises:
Terminal is authenticated, for generating dynamic key every the first preset time period, stores the dynamic key, and will be described
Dynamic key is sent to the server;The user information that the terminal of user uploads is obtained, dynamic key is obtained, by preset
Encryption Algorithm carries out cryptographic calculation to the user identifier and the dynamic key, is plucked according to cryptographic calculation result to the information
It is worth and is authenticated, the user information includes user identifier and informative abstract value;
Server, the authentication-related information sent for receiving certification terminal;When the authentication-related information includes described
When authenticating the mark and dynamic key of terminal, according to the mark of the certification terminal, the corresponding authorization of the certification terminal is inquired
The mark of user generates informative abstract value for the authorized user, the informative abstract value is sent according to the dynamic key
To the terminal of the authorized user.
In conjunction with the third aspect, the embodiment of the invention provides a kind of possible implementations of the above-mentioned third aspect, wherein
The certification terminal is also used to every preset time period and generates dynamic key, according to the dynamic key and user
User identifier, generate the informative abstract value of the user, the user identifier of the user and the informative abstract value sent
To the server;
The server is also used to when the authentication-related information include the corresponding relationship of user identifier Yu informative abstract value
When, user identifier and corresponding informative abstract value are obtained from the corresponding relationship, the informative abstract value are sent to described
The terminal of the corresponding user of user identifier.
In method and system provided in an embodiment of the present invention, the user that the terminal that certification terminal obtains user uploads believes
Breath obtains dynamic key, carries out cryptographic calculation to user identifier and dynamic key by preset Encryption Algorithm, is transported according to encryption
Result is calculated to authenticate informative abstract value.Authenticate terminal to user information authentication during, do not need to user information into
Authentication result quickly can be fed back to user, improve authentication efficiency by the inquiry of row real-time network, certification terminal.
To enable the above objects, features and advantages of the present invention to be clearer and more comprehensible, preferred embodiment is cited below particularly, and cooperate
Appended attached drawing, is described in detail below.
Detailed description of the invention
In order to illustrate the technical solution of the embodiments of the present invention more clearly, below will be to needed in the embodiment attached
Figure is briefly described, it should be understood that the following drawings illustrates only certain embodiments of the present invention, therefore is not construed as pair
The restriction of range for those of ordinary skill in the art without creative efforts, can also be according to this
A little attached drawings obtain other relevant attached drawings.
Figure 1A shows a kind of signaling interaction diagram of user information authentication provided by the embodiment of the present invention 1;
Figure 1B shows a kind of first information interaction schematic diagram of user information authentication provided by the embodiment of the present invention 1;
Fig. 1 C shows a kind of second information exchange schematic diagram of user information authentication provided by the embodiment of the present invention 1;
Fig. 2 shows a kind of structural schematic diagrams of user information authentication system provided by the embodiment of the present invention 2.
Specific embodiment
Below in conjunction with attached drawing in the embodiment of the present invention, technical solution in the embodiment of the present invention carries out clear, complete
Ground description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.Usually exist
The component of the embodiment of the present invention described and illustrated in attached drawing can be arranged and be designed with a variety of different configurations herein.Cause
This, is not intended to limit claimed invention to the detailed description of the embodiment of the present invention provided in the accompanying drawings below
Range, but it is merely representative of selected embodiment of the invention.Based on the embodiment of the present invention, those skilled in the art are not doing
Every other embodiment obtained under the premise of creative work out, shall fall within the protection scope of the present invention.
User information is sent to server in view of in the related technology, authenticating terminal, is authenticated by server, especially
In the case where network speed is very slow, certification needs to take a long time, and causes authentication efficiency very low.Based on this, the embodiment of the present invention
Provide a kind of user information authentication method and system, the information security for industrial control equipment.Below by embodiment into
Row description.
Embodiment 1
Referring to Figure 1A, the embodiment of the invention provides a kind of user information authentication methods.Wherein, certification terminal generally has
Corresponding multiple authorized users.In embodiments of the present invention, the mark and authorization of certification terminal are stored in the server in advance
The mark of the corresponding relationship of the mark of user, authorized user can be the mark of the terminal of authorized user.When a user recognizes to this
When card terminal is authenticated, the method that certification terminal can provide through the embodiment of the present invention carries out the user information of the user
Rapid authentication, with verify the user identity whether be the certification terminal authorized user.Method includes the following steps:
Wherein, when the user information to user authenticates, it is necessary first to which the operation of 101-104 comes as follows
For user configuration user information.
Step 101: server generates dynamic code every the second preset time period, and dynamic code is sent to certification terminal and use
The terminal at family;
Above-mentioned second preset time period can be 10 minutes or 30 minutes etc..Above-mentioned dynamic code can give birth at random for server
At character string or key etc., server generate a dynamic code every the second preset time period, the dynamic code generated every time is equal
It is not identical.When server generates new dynamic code every time, according to the mark of the certification terminal stored in server by new dynamic
Code is sent to certification terminal, and the mark of the corresponding all authorized users of the certification terminal according to storage, by new dynamic
Code is sent to the terminal of the corresponding each authorized user of the certification terminal, so that certification terminal and the terminal of all authorized users exist
The information received all is decrypted by dynamic code encryption information to be sent and by dynamic code during subsequent communications.
When carrying out the transmission of information between such server, certification terminal and the terminal of user, the information of transmission is used
Dynamic code is encrypted, and the safety of information transmission is improved.In addition, due to generating new move every the second preset time period
State code, such dynamic code is frequently replaced, even if malefactor steals dynamic code, the dynamic code stolen can be also quickly invalidated,
To further ensure safety of the information in transmission process.
In embodiments of the present invention, server generates the dynamic code that dynamic code also stores generation later, deposits in order to use
The encryption information that the dynamic code decrypted authentication terminal of storage or the terminal of user are sent.Since dynamic code is periodic replacement, clothes
After business device can generate every time new dynamic code, deletes the old dynamic code of storage and store new dynamic code.
But it when dynamic code replacement is very frequent, it is possible that dynamic code has been updated, but still receives using old
Dynamic code encryption information the case where.In order to avoid such case generation, server can also be stored in the embodiment of the present invention
The dynamic code of the predetermined number nearest from current time, even if multiple old dynamic codes are all effective in certain time.
Step 102: certification terminal generates dynamic key every the first preset time period, every the second preset time period from clothes
Business device obtains dynamic code, is encrypted by the dynamic code obtained recently to dynamic key;
Above-mentioned first preset time period can be 5 minutes or 10 minutes etc..Above-mentioned dynamic key is that certification terminal is given birth at random
At, the dynamic key generated every time only in the first preset time period after its formation effectively, the length of dynamic key can be with
It sets according to actual needs.And it authenticates the dynamic key that terminal generates every time and is all different.
It authenticates terminal and obtains dynamic code from server every the second preset time period.Since server is every in a step 101
Dynamic code is generated every the second preset time period and dynamic code is sent to certification terminal, so certification terminal obtains in this step
The operation of dynamic code can be with are as follows: receives the dynamic code that server is sent every the second preset time period certification terminal.
In addition, certification terminal can also obtain dynamic code in the following way in addition to the mode of above-mentioned acquisition dynamic code:
Every the second preset time period, authenticates terminal and actively send the acquisition request for obtaining dynamic code to server, server connects
After receiving the acquisition request that certification terminal is sent, the dynamic code being newly generated is sent to the certification terminal.
It is dynamic to what is be newly generated by the dynamic code after certification terminal gets newest dynamic code by aforesaid operations
State key is encrypted.Wherein, when being encrypted to dynamic key used Encryption Algorithm can for symmetric encipherment algorithm or
Rivest, shamir, adelman etc..
In embodiments of the present invention, dynamic key is encrypted by dynamic code, improves dynamic key and is being transmitted across
Safety in journey.In addition, dynamic code and dynamic key are all frequently replaced, validity period is all very short, even if malefactor is stolen
It has taken dynamic code and successful decryption goes out dynamic key, the dynamic key decrypted can be also quickly invalidated, so dynamic by control
The validity period of state code and dynamic key can carry out multiple secrecy to the transimission and storage of dynamic key, further improve dynamic
The safety of state key.
In embodiments of the present invention, after certification terminal gets dynamic code and generates dynamic key, also by dynamic code and
Dynamic key is stored in terminal local.Since dynamic code and dynamic key are all periodic replacements, certification terminal can be each
After getting new dynamic code, deletes the old dynamic code being locally stored and store new dynamic code.Similarly, certification terminal can
After generating new dynamic key every time, deletes the old dynamic key being locally stored and store new dynamic key.
In addition, in dynamic code and very frequent dynamic key replacement, it is possible that dynamic code and dynamic key are
It updates, but there is the case where still leading to authentification failure using old dynamic code and dynamic key.In order to avoid such case hair
Raw, certification terminal can store the dynamic code and dynamic key of the predetermined number nearest from current time in the embodiment of the present invention,
Even if multiple old dynamic codes and multiple old dynamic key are all effective in certain time.
Step 103: the mark of encrypted dynamic key and certification terminal is formed authentication-related information by certification terminal, will
The authentication-related information is sent to server;
Step 104: server receives the authentication-related information that certification terminal is sent, and is recognized according to authentication-related information inquiry
The corresponding authorized user of terminal is demonstrate,proved, and configures user information for authorized user;
Server obtain itself storage dynamic code, by the dynamic code to the encryption for including in the authentication-related information after
Dynamic key be decrypted, obtain dynamic key.The mark for the certification terminal that server includes according to the authentication-related information,
The mark of corresponding authorized user is inquired from the mark of stored certification terminal and the corresponding relationship of the mark of authorized user
Know.For the mark of each authorized user inquired, server carries out encryption fortune to the mark of dynamic key and authorized user
It calculates, obtains the informative abstract value of the authorized user, which is sent to by authorization according to the mark of the authorized user and is used
The terminal at family, so that the terminal of the authorized user generates user information according to the informative abstract value.
The informative abstract value of above-mentioned authorized user is the unique identification of authorized user, for identifying the identity of authorized user,
Subsequent authentication terminal can determine the authorized user identities of user according to informative abstract value.In embodiments of the present invention, information
Digest value can indicate by the combining form of symbol, number or symbol and number, can also be by except listed above its
Its form indicates.
In embodiments of the present invention, as shown in Figure 1B, the mark for authenticating terminal and dynamic key are sent to by certification terminal
Server.Server inquires the corresponding authorized user of the certification terminal, and generates the informative abstract value of authorized user, and authorization is used
The digest value at family is sent to the terminal of user.Then user information is sent to certification terminal and authenticated by the terminal of user, should
User information includes user identifier and informative abstract value.Inquire the corresponding authorized user of certification terminal and by server to award
Weigh user and generate informative abstract value, and since dynamic key is periodic replacement, thus server periodically carry out it is above-mentioned
Inquiry operation and generate informative abstract value operation, avoid every time certification all by server complete it is all operation cause response speed
Spend slow situation.Rapid authentication only is carried out in certification terminal side when user authenticates, authentication response is fast, and authentication efficiency is high, together
When shorten period of reservation of number, improve user experience.
During above-mentioned steps 101-104 is user configuration user information, the corresponding authorized user of inquiry certification terminal
And it is completed for the operation that authorized user generates informative abstract value by server.But in embodiments of the present invention, above-mentioned
Inquiry operation and generate informative abstract value operation can also be realized by certification terminal, the specific implementation process is as follows:
The user identifier of the corresponding all authorized users of the certification terminal is stored in certification terminal in advance.It is every to authenticate terminal
Dynamic key is generated every preset time period, according to the user identifier of the dynamic key and each authorized user, is generated respectively each
The user identifier of each authorized user and informative abstract value are stored in user identifier and information by the informative abstract value of authorized user
In the corresponding relationship list of digest value, using user identifier letter related as certification to the corresponding relationship list of informative abstract value
Breath, is sent to server for the authentication-related information.After server receives the authentication-related information that certification terminal is sent, from
The user identifier and informative abstract value of each authorized user are obtained in the authentication-related information, are then used respectively according to each authorization
The informative abstract value of authorized user is sent to the terminal of authorized user by the user identifier at family, so that the terminal root of authorized user
It is believed that breath digest value generates user information.
As shown in Figure 1 C, after certification terminal generates the informative abstract value of authorized user, by the user identifier of authorized user and
Informative abstract value is sent to server, and the informative abstract value of authorized user is transmitted to the terminal of user by server.Then user
Terminal by user information be sent to certification terminal authenticate.It is above-mentioned to realize inquiry operation by certification terminal and generate information
When the operation of digest value, since dynamic key is periodic replacement, so carrying out above-mentioned inquiry behaviour with authenticating terminal periodic
The operation for making and generating informative abstract value, is then sent to service for the user identifier of all authorized users and informative abstract value
Device is transmitted to each authorized user by server.So also avoid every time authenticate all by server complete it is all operation cause
The slow situation of response speed.Rapid authentication is carried out in certification terminal side when user authenticates, authentication response is fast, authentication efficiency
Height, while period of reservation of number is shortened, improve user experience.
By aforesaid operations complete be user configuration user information after, can be with as follows 105 and 106 operation
To carry out user the certification of user information, to determine the identity of user.
Step 105: certification terminal obtain user terminal upload user information, the user information include user identifier and
Informative abstract value;
Above-mentioned user information can have many forms, such as two dimensional code or bar code graphic code and text envelope
The forms such as breath, fingerprint or inductive signal.Correspondingly, the user information authentication terminal for different expression form can be by a variety of
Mode obtains user information, and the acquisition modes provided in the embodiment of the present invention are as follows:
When the form of expression of user information is two dimensional code, the two dimensional code that the terminal of certification terminal scanning user is shown, from
The user information of user is extracted in the two dimensional code of scanning;
Similarly, certification can also be passed through when the form of expression of user information is other graphic codes such as bar code or fingerprint
Terminal is scanned acquisition;
When user information is text information or inductive signal etc., certification terminal establishes the communication between the terminal of user
Connection obtains the user information of user by the communication connection.
Above-mentioned communication connection can be wired connection or wireless connection.Wherein, wireless connection can be bluetooth connection, infrared
Connection, NFC (Near Field Communication, near-field communication) connection or WiFi (Wireless-Fidelity, wirelessly
Fidelity) connection etc..Wired connection can be for cable connection, optical fiber connection or (Universal Serial Bus leads to by USB
With universal serial bus) socket connection etc..
Certification terminal through the above steps 105 operation get user information after, as follows 106 operation come
The user information is authenticated, to confirm whether the identity of user is authorized user.
Step 106: certification terminal obtains dynamic key, by preset Encryption Algorithm to user identifier and dynamic key into
Row cryptographic calculation authenticates informative abstract value according to cryptographic calculation result.
Preset Encryption Algorithm can be hash Encryption Algorithm or other non-reversible algorithms etc., can set according to actual needs
Set preset Encryption Algorithm.
After certification terminal carries out cryptographic calculation to user identifier and dynamic key by preset Encryption Algorithm, it will encrypt
The result of operation is compared with the informative abstract value that user information includes, if both comparing identical, authenticates success, really
The identity of the fixed user is authorized user.If comparing not identical, the authentification failure of the two, determine that the identity of the user is not
Authorized user.
After the completion of authentication operation, authentication result is also fed back to user by certification terminal.When the authentication is successful, certification terminal hair
It send for prompting to authenticate successful prompt information to the terminal of user, to prompt user authentication success.When the authentication fails, it authenticates
Terminal is sent for prompting the prompt information of authentification failure to the terminal of user, to prompt the user as unauthorized user.
In method provided in an embodiment of the present invention, certification terminal obtains the user information that the terminal of user uploads, and obtains
Dynamic key carries out cryptographic calculation to user identifier and dynamic key by preset Encryption Algorithm, according to cryptographic calculation result
Informative abstract value is authenticated.During terminal is authenticated to user information authentication, do not need to carry out user information real-time
Authentication result quickly can be fed back to user, improve authentication efficiency by network inquiry, certification terminal.
Embodiment 2
Referring to fig. 2, the embodiment of the invention provides a kind of user information authentication system, the system is for realizing above-mentioned user
Information authentication method.The system includes certification terminal 1 and server 2.
Terminal 1 is authenticated, for generating dynamic key every the first preset time period, stores dynamic key, and dynamic is close
Key is sent to server 2;The user information that the terminal of user uploads is obtained, dynamic key is obtained, passes through preset Encryption Algorithm
Cryptographic calculation is carried out to user identifier and dynamic key, informative abstract value is authenticated according to cryptographic calculation result, Yong Huxin
Breath includes user identifier and informative abstract value;
Server 2, the authentication-related information sent for receiving certification terminal 1;When authentication-related information includes that certification is whole
When the mark and dynamic key at end 1, according to the mark of certification terminal 1, inquiry authenticates the mark of the corresponding authorized user of terminal 1,
According to dynamic key, informative abstract value is generated for authorized user, informative abstract value is sent to the terminal of authorized user.
In the present embodiment, a kind of system for realizing user information authentication method is provided, certification terminal 1 can be self-service
The information recognition devices such as terminal device.Such as certification terminal 1 can set for Industry Controls such as ticket machine, picking machine or electronic access
It is standby.
When user request information certification, certification terminal 1 can obtain user information from user terminal, if the user information
It is encrypted, then first the user information is decrypted, obtain the dynamic key of itself storage, then pass through preset cryptographic calculation
Cryptographic calculation is carried out to the user identifier for including in the dynamic key and user information, it will be in cryptographic calculation result and user information
Informative abstract value be compared, if the two unanimously if authenticate success, if the inconsistent authentification failure of the two.
Server 2 can store the mark of certification terminal and user's letter of the corresponding each authorized user of the certification terminal
Breath.Server 2 is used according to the dynamic key that certification terminal 1 is sent to configure for the corresponding each authorized user of the certification terminal 1
Family information.
Terminal 1, server 2 and user terminal are authenticated according to the method for user information authentication, in the case where network speed is very slow,
User information can rapidly be authenticated, verification process the time it takes is very short, improves authentication efficiency.
In embodiments of the present invention, certification terminal 1 is also used to every preset time period and generates dynamic key, close according to dynamic
The user identifier of key and user generates the informative abstract value of user, using the user identifier of user and informative abstract value as certification
The authentication-related information is sent to server 2 by relevant information, and the informative abstract value of user is transmitted to user by server 2
Terminal.
Certification terminal 1 can generate the informative abstract value of user by the computing module of itself, and pass through sending device
The user identifier of user and informative abstract value are sent to server 2.
Server 2 is also used to when authentication-related information includes the corresponding relationship of user identifier and informative abstract value, from right
It should be related to middle acquisition user identifier and corresponding informative abstract value, informative abstract value is sent to the corresponding user's of user identifier
Terminal.
In method provided in an embodiment of the present invention, certification terminal obtains the user information that the terminal of user uploads, and obtains
Dynamic key carries out cryptographic calculation to user identifier and dynamic key by preset Encryption Algorithm, according to cryptographic calculation result
Informative abstract value is authenticated.During terminal is authenticated to user information authentication, do not need to carry out user information real-time
Authentication result quickly can be fed back to user, improve authentication efficiency by network inquiry, certification terminal.
In several embodiments provided herein, it should be understood that disclosed system and method, it can be by other
Mode realize.System embodiment described above is only schematical.
The above description is merely a specific embodiment, but scope of protection of the present invention is not limited thereto, any
Those familiar with the art in the technical scope disclosed by the present invention, can easily think of the change or the replacement, and should all contain
Lid is within protection scope of the present invention.Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (7)
1. a kind of user information authentication method, which is characterized in that the described method includes:
It authenticates terminal and generates dynamic key every the first preset time period, store the dynamic key, and by the dynamic key
It is sent to server, so that the server is generated for user informative abstract value according to the dynamic key and plucks the information
It is worth the terminal for being sent to the user;
It authenticates terminal and obtains the user information that the terminal of user uploads, the user information includes user identifier and informative abstract
Value;
The certification terminal obtains dynamic key, by preset Encryption Algorithm to the user identifier and the dynamic key into
Row cryptographic calculation authenticates the informative abstract value according to cryptographic calculation result.
2. the method according to claim 1, wherein the certification terminal obtains the user that the terminal of user uploads
Information, comprising:
The two dimensional code that the terminal of the certification terminal scanning user is shown, extracts the user of user from the two dimensional code of scanning
Information;Alternatively,
The certification terminal establishes the communication connection between the terminal of the user, obtains the use by the communication connection
The user information at family.
3. the method according to claim 1, wherein it is described the dynamic key is sent to server before,
Further include:
The certification terminal obtains dynamic code from the server every the second preset time period, described dynamic by what is obtained recently
State code encrypts the dynamic key.
4. a kind of user information authentication method, which is characterized in that the described method includes:
Server receives the authentication-related information that certification terminal is sent;
When the authentication-related information includes the mark and dynamic key of the certification terminal, the server is recognized according to
The mark of terminal is demonstrate,proved, the mark of the corresponding authorized user of the certification terminal is inquired, is the authorization according to the dynamic key
User generates informative abstract value, the informative abstract value is sent to the terminal of the authorized user, so that the authorized user
Terminal according to the informative abstract value to the certification terminal carry out user information authentication.
5. according to the method described in claim 4, it is characterized in that, when the authentication-related information includes user identifier and information
When the corresponding relationship of digest value, the server obtains user identifier and its corresponding informative abstract from the corresponding relationship
The informative abstract value, is sent to the terminal of the corresponding user of the user identifier by value.
6. method according to claim 4 or 5, which is characterized in that the method also includes:
The server generates dynamic code every the second preset time period, and the dynamic code is sent to the certification terminal and institute
State the terminal of user so that it is described certification terminal and the user terminal by dynamic code encryption information to be sent with
And the information received is decrypted by the dynamic code.
7. a kind of user information authentication system, which is characterized in that the system comprises:
Terminal is authenticated, for generating dynamic key every the first preset time period, stores the dynamic key, and by the dynamic
Key is sent to the server;Obtain user terminal upload user information, the user information include user identifier and
Informative abstract value obtains dynamic key, is added by preset Encryption Algorithm to the user identifier and the dynamic key
Close operation authenticates the informative abstract value according to cryptographic calculation result;
Server, the authentication-related information sent for receiving certification terminal;When the authentication-related information includes the certification
When the mark and dynamic key of terminal, according to the mark of the certification terminal, the corresponding authorized user of the certification terminal is inquired
Mark generate informative abstract value for the authorized user, the informative abstract value be sent to institute according to the dynamic key
State the terminal of authorized user.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510417209.2A CN105071939B (en) | 2015-07-15 | 2015-07-15 | A kind of user information authentication method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510417209.2A CN105071939B (en) | 2015-07-15 | 2015-07-15 | A kind of user information authentication method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105071939A CN105071939A (en) | 2015-11-18 |
| CN105071939B true CN105071939B (en) | 2018-12-28 |
Family
ID=54501226
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510417209.2A Active CN105071939B (en) | 2015-07-15 | 2015-07-15 | A kind of user information authentication method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105071939B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107517179B (en) * | 2016-06-15 | 2021-03-30 | 阿里巴巴集团控股有限公司 | Authentication method, device and system |
| US10797879B2 (en) * | 2018-07-03 | 2020-10-06 | Lawrence Liu | Methods and systems to facilitate authentication of a user |
| CN112291774B (en) * | 2020-12-31 | 2021-03-16 | 飞天诚信科技股份有限公司 | Method and system for communicating with authenticator |
| CN114785845B (en) * | 2022-04-13 | 2023-08-29 | 浙江大华技术股份有限公司 | Session establishment method and device, storage medium and electronic device |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6076164A (en) * | 1996-09-03 | 2000-06-13 | Kokusai Denshin Denwa Co., Ltd. | Authentication method and system using IC card |
| CN101232372A (en) * | 2007-01-26 | 2008-07-30 | 华为技术有限公司 | Authentication method, authentication system and authentication device |
| CN102497354A (en) * | 2011-11-08 | 2012-06-13 | 陈嘉贤 | Method, system and device for identifying user's identity |
| CN102946384A (en) * | 2012-10-24 | 2013-02-27 | 北京奇虎科技有限公司 | User authentication method and device |
| CN104217478A (en) * | 2014-08-13 | 2014-12-17 | 王波 | Hotel Bluetooth access control intelligent management method |
-
2015
- 2015-07-15 CN CN201510417209.2A patent/CN105071939B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6076164A (en) * | 1996-09-03 | 2000-06-13 | Kokusai Denshin Denwa Co., Ltd. | Authentication method and system using IC card |
| CN101232372A (en) * | 2007-01-26 | 2008-07-30 | 华为技术有限公司 | Authentication method, authentication system and authentication device |
| CN102497354A (en) * | 2011-11-08 | 2012-06-13 | 陈嘉贤 | Method, system and device for identifying user's identity |
| CN102946384A (en) * | 2012-10-24 | 2013-02-27 | 北京奇虎科技有限公司 | User authentication method and device |
| CN104217478A (en) * | 2014-08-13 | 2014-12-17 | 王波 | Hotel Bluetooth access control intelligent management method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105071939A (en) | 2015-11-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9867042B2 (en) | Radio frequency identification technology incorporating cryptographics | |
| CN106656488B (en) | Key downloading method and device for POS terminal | |
| US8856528B2 (en) | Challenge-response system for maintenance operations via responder for telecommunications cabinet | |
| CN107358441B (en) | Payment verification method and system, mobile device and security authentication device | |
| CN105528695B (en) | Mobile payment method and mobile payment system based on marks | |
| CN108737323B (en) | Digital signature method, device and system | |
| CN105847247A (en) | Authentication system and working method thereof | |
| US20080258864A1 (en) | Communication Apparatus and Communication Method | |
| CN108650028B (en) | Multiple identity authentication system and method based on quantum communication network and true random number | |
| CN105071939B (en) | A kind of user information authentication method and system | |
| CN102036236A (en) | Method and device for authenticating mobile terminal | |
| KR20140134663A (en) | Method for verifying the identity of a user of a communicating terminal and associated system | |
| WO2015002271A1 (en) | Device and authentication system | |
| CN106789024A (en) | A kind of remote de-locking method, device and system | |
| CN109889669A (en) | A kind of unlocked by mobile telephone method and system based on secure cryptographic algorithm | |
| CN103152326A (en) | Distributed authentication method and authentication system | |
| CN106797381B (en) | Communication adapter for user authentication | |
| CN103957521A (en) | Community visitor authentication method and system based on NFC technology | |
| US11463251B2 (en) | Method for secure management of secrets in a hierarchical multi-tenant environment | |
| KR102053993B1 (en) | Method for Authenticating by using Certificate | |
| US8953804B2 (en) | Method for establishing a secure communication channel | |
| JP5553914B1 (en) | Authentication system, authentication device, and authentication method | |
| CN106487796A (en) | Identity card reads the safe ciphering unit in equipment and its application process | |
| KR101118424B1 (en) | System for Processing Automatic Renewal with Certificate of Attestation | |
| CN106027483B (en) | A kind of identity card read method and identity card card-reading terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |