CN105281915A - Ciphertext generating method of password keyboard - Google Patents
Ciphertext generating method of password keyboard Download PDFInfo
- Publication number
- CN105281915A CN105281915A CN201510741367.3A CN201510741367A CN105281915A CN 105281915 A CN105281915 A CN 105281915A CN 201510741367 A CN201510741367 A CN 201510741367A CN 105281915 A CN105281915 A CN 105281915A
- Authority
- CN
- China
- Prior art keywords
- ciphertext
- key
- code keypad
- password
- code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Storage Device Security (AREA)
- Input From Keyboards Or The Like (AREA)
Abstract
The invention discloses a ciphertext generating method of a password keyboard. According to the ciphertext generating method, a generated ciphertext is stored and transmitted in a split manner through digits based on key code values, thus the security of the ciphertext is further improved, the decryption logic chaos cannot be caused since the generated ciphertext is splited based on the original key code values without changing the encryption method of an original bank secret key, and the stability is high.
Description
Technical field
The present invention relates to a kind of method of code keypad generating ciphertext.
Background technology
The code keypad generating ciphertext of ATM or the VTM machine of bank is generally directly be encrypted generating ciphertext according to bank's key; If there is lawless person to pass through illegally to read, the modes such as bank's key that code keypad stores obtain the secret key of bank, then can crack the ciphertext of generation easily thus obtain the password of user, therefore this mode fail safe is not high.In order to prevent the generation of this situation, at present some manufacturer by increasing an encryption chip on hardware, is encrypted whole code keypad, but due to encryption chip general all costly, the production cost of complete machine can be caused to rise, be unfavorable for the operation of manufacturer.
Summary of the invention
Easily being cracked to solve code keypad, adopting the technical problem of encryption chip high cost, the invention provides one and can effectively prevent code keypad input to be cracked, and realize the method for lower-cost code keypad generating ciphertext.
In order to realize above-mentioned technical purpose, technical scheme of the present invention is,
A method for code keypad generating ciphertext, comprises the following steps:
Step one: whether inspection code keypad is legal, and non-rule terminates whole ciphertext generative process, legal, continues to perform; Then the cryptographic algorithm of code keypad is set; The bank's key comprising master key and working key obtained from bank is loaded again in the storage area of code keypad;
Step 2: the password of process user input, first obtains the password of user's input, then by master key decryption work key, and the cryptographic algorithm set according to step one to be encrypted password in conjunction with working key and to obtain ciphertext and key value; Then according to the figure place of key value, ciphertext is split, the ciphertext A after fractionation and ciphertext B is stored in the storage area of code keypad respectively;
Step 3: banking system is verified the password that user inputs, first calculates character string check code by the ciphertext after fractionation by hash algorithm; Then just ciphertext and character string check code are sent to banking system and are decrypted certification; Banking system is verified the ciphertext received and character string check code, judges whether to be tampered; If be not tampered, then ciphertext A and ciphertext B is synthesized complete ciphertext, more whether the password of authentication of users input is correct, terminates checking.
The method of described a kind of code keypad generating ciphertext, in described step one, whether inspection code keypad is legal, being by setting and configuration parameter, code keypad being carried out to initialization come, as carried out initialization, it is legal to be then judged as, otherwise is illegal.
The method of described a kind of code keypad generating ciphertext, in described step one, the cryptographic algorithm of keyboard password adopts the one in the PIN encryption mode of ISO9564-0, IBM3624 or ASCII, and cryptographic algorithm is DES or 3DES.
The method of described a kind of code keypad generating ciphertext, in described step one, first loads master key, then is loaded by master key read work key, and selects the storage area on code keypad, is loaded into wherein by key.
The method of described a kind of code keypad generating ciphertext, in described step 2, first the password of user's input is obtained, then deciphered by master key and obtain the secret key of work, in conjunction with working key password to be encrypted according to the cryptographic algorithm that sets before again and to obtain ciphertext and key value, wherein ciphertext is the character string of default figure place, and key value is the figure place of the password that user inputs.
The method of described a kind of code keypad generating ciphertext, in described step 2, the figure place according to key value splits ciphertext, ciphertext is divided into the ciphertext A comprising the number of characters identical with key value figure place, and comprises the ciphertext B of remaining number of characters.
The method of described a kind of code keypad generating ciphertext, in described step 3, system obtains ciphertext A at the storage area of code keypad, and ciphertext A is calculated character string check code A ' by hash algorithm; Obtain ciphertext B, ciphertext B is calculated character string check code B ' by hash algorithm; Then ciphertext A, character string check code A ', ciphertext B, character string check code B ' are combined into a packet to be sent to banking system and to be decrypted certification.
The method of described a kind of code keypad generating ciphertext, in described step 3, the ciphertext A obtained and ciphertext B is calculated check code A ' by hash algorithm to banking system and check code B ' verifies, judge whether to be tampered, if be not tampered, then ciphertext A and ciphertext B is synthesized complete ciphertext, more whether the password of authentication of users input is correct, otherwise do not do to synthesize, directly terminate checking.
Technique effect of the present invention is, store by carrying out fractionation based on the figure place of key value to the ciphertext generated and send, the fail safe of ciphertext is improved further, simultaneously because the ciphertext splitting generation splits based on original key value, do not change the cipher mode of original bank key, so can not cause the situation of decryption logic confusion, stability is higher.
Accompanying drawing explanation
Fig. 1 is flow chart of the present invention.
Embodiment
See Fig. 1, in order to realize to user by code keypad input the encipherment protection of password, the present invention includes following steps:
First be the reliability confirming code keypad itself, before password encryption user inputted stores, first system will carry out preliminary setting to code keypad:
(1) whether to set and configuration parameter, carry out initialization to code keypad, namely check code keypad legal, if code keypad can carry out initialization, then it is legal to think, otherwise thinks illegal;
(2) arrange the cryptographic algorithm of code keypad, can adopt and select PIN encryption mode, encryption mode comprises and is not limited to ISO9564-0, IBM3624, ASCII etc., and alternative cryptographic algorithm comprises and is not limited to DES, 3DES;
(3) bank's key is loaded, double secret key obtains from bank, double secret key comprises master key and the secret key of work, first load master key and refill a year working key, this is because want read work key must be encrypted reading by master key, code keypad has usually 0-15 district totally 16 storage areas, actual can Stochastic choice when using, key is loaded into wherein.
After preliminary setting is carried out to code keypad:
(4) password of user's input is obtained, first read master key and then the working key corresponding to its deciphering, according to the cryptographic algorithm set before and work secret key, password is encrypted again, obtain character ciphertext, set the length of character ciphertext as 16 in the present embodiment, obtain key value simultaneously, key value i.e. " * ", the password establishing user to input in the present embodiment is 6, then key value is shown as 6 " * * * * * * ";
(5) split ciphertext according to the figure place of key value, the figure place as key value is 6, then ciphertext is split into the ciphertext A comprising front 6 characters and comprise the ciphertext B of rear 10 characters;
(6) ciphertext A and ciphertext B is stored in respectively in optional 16 storage areas;
When whether the password that bank needs authentication of users to input is correct,
(7) system obtains ciphertext A at storage area, and ciphertext A is calculated 16 character string check code A ' by hash algorithm; Obtain ciphertext B, ciphertext B is calculated 16 character string check code B ' by hash algorithm;
(8) ciphertext A, character string check code A ', ciphertext B, character string check code B ' are combined into 48 bit data bags to be sent to banking system and to be decrypted certification.
(9) the ciphertext A obtained and ciphertext B is calculated check code A ' by hash algorithm and check code B ' verifies by banking system, judges whether to be tampered.
(10) if be not tampered, then ciphertext A and ciphertext B is synthesized complete ciphertext, more whether the password of authentication of users input is correct, terminates checking.
Claims (8)
1. a method for code keypad generating ciphertext, is characterized in that, comprises the following steps:
Step one: whether inspection code keypad is legal, and non-rule terminates whole ciphertext generative process, legal, continues to perform; Then the cryptographic algorithm of code keypad is set; The bank's key comprising master key and working key obtained from bank is loaded again in the storage area of code keypad;
Step 2: the password of process user input, first obtains the password of user's input, then by master key decryption work key, and the cryptographic algorithm set according to step one to be encrypted password in conjunction with working key and to obtain ciphertext and key value; Then according to the figure place of key value, ciphertext is split, the ciphertext A after fractionation and ciphertext B is stored in the storage area of code keypad respectively;
Step 3: banking system is verified the password that user inputs, first calculates character string check code by the ciphertext after fractionation by hash algorithm; Then just ciphertext and character string check code are sent to banking system and are decrypted certification; Banking system is verified the ciphertext received and character string check code, judges whether to be tampered; If be not tampered, then ciphertext A and ciphertext B is synthesized complete ciphertext, more whether the password of authentication of users input is correct, terminates checking.
2. the method for a kind of code keypad generating ciphertext according to claim 1, it is characterized in that, in described step one, whether inspection code keypad is legal, being by setting and configuration parameter, code keypad being carried out to initialization come, as carried out initialization, it is legal to be then judged as, otherwise is illegal.
3. the method for a kind of code keypad generating ciphertext according to claim 1, it is characterized in that, in described step one, the cryptographic algorithm of keyboard password adopts the one in the PIN encryption mode of ISO9564-0, IBM3624 or ASCII, and cryptographic algorithm is DES or 3DES.
4. the method for a kind of code keypad generating ciphertext according to claim 1, is characterized in that, in described step one, first load master key, loaded by master key read work key again, and select the storage area on code keypad, key is loaded into wherein.
5. the method for a kind of code keypad generating ciphertext according to claim 1, it is characterized in that, in described step 2, first the password of user's input is obtained, then deciphered by master key and obtain the secret key of work, to be encrypted password in conjunction with working key according to the cryptographic algorithm that sets before and to obtain ciphertext and key value, wherein ciphertext is the character string of default figure place, and key value is the figure place of the password that user inputs.
6. the method for a kind of code keypad generating ciphertext according to claim 1, it is characterized in that, in described step 2, figure place according to key value splits ciphertext, ciphertext is divided into the ciphertext A comprising the number of characters identical with key value figure place, and comprises the ciphertext B of remaining number of characters.
7. the method for a kind of code keypad generating ciphertext according to claim 1, is characterized in that, in described step 3, system obtains ciphertext A at the storage area of code keypad, and ciphertext A is calculated character string check code A ' by hash algorithm; Obtain ciphertext B, ciphertext B is calculated character string check code B ' by hash algorithm; Then ciphertext A, character string check code A ', ciphertext B, character string check code B ' are combined into a packet to be sent to banking system and to be decrypted certification.
8. the method for a kind of code keypad generating ciphertext according to claim 1, it is characterized in that, in described step 3, the ciphertext A obtained and ciphertext B is calculated check code A ' by hash algorithm to banking system and check code B ' verifies, judges whether to be tampered, if be not tampered, then ciphertext A and ciphertext B is synthesized complete ciphertext, whether the password of authentication of users input is correct again, otherwise do not do to synthesize, and directly terminates checking.
Priority Applications (4)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510741367.3A CN105281915B (en) | 2015-11-04 | 2015-11-04 | A kind of method that code keyboard generates ciphertext |
| PCT/SG2016/050542 WO2017078626A1 (en) | 2015-11-04 | 2016-11-04 | Method and system for generating ciphertext by pin entry device |
| SG11201803166RA SG11201803166RA (en) | 2015-11-04 | 2016-11-04 | Method and system for generating ciphertext by pin entry device |
| PH12018500929A PH12018500929A1 (en) | 2015-11-04 | 2018-04-30 | Method and system for generating ciphertext by pin entry device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510741367.3A CN105281915B (en) | 2015-11-04 | 2015-11-04 | A kind of method that code keyboard generates ciphertext |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105281915A true CN105281915A (en) | 2016-01-27 |
| CN105281915B CN105281915B (en) | 2018-11-20 |
Family
ID=55150309
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510741367.3A Active CN105281915B (en) | 2015-11-04 | 2015-11-04 | A kind of method that code keyboard generates ciphertext |
Country Status (4)
| Country | Link |
|---|---|
| CN (1) | CN105281915B (en) |
| PH (1) | PH12018500929A1 (en) |
| SG (1) | SG11201803166RA (en) |
| WO (1) | WO2017078626A1 (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108573581A (en) * | 2018-03-20 | 2018-09-25 | 中国工商银行股份有限公司 | ATM initial keys setting method, device, system and storage medium |
| CN113806730A (en) * | 2021-09-18 | 2021-12-17 | 北京安天网络安全技术有限公司 | Safe password input method, system, equipment and medium |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| SG11202107299VA (en) * | 2019-01-09 | 2021-08-30 | Visa Int Service Ass | Method, system, and computer program product for network bound proxy re-encryption and pin translation |
| CN111030819A (en) * | 2020-02-18 | 2020-04-17 | 深圳新融典科技有限公司 | Authentication method, system, terminal and storage medium based on encryption and decryption algorithm |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101206779A (en) * | 2006-12-18 | 2008-06-25 | 汉王科技股份有限公司 | Online banking system safety terminal and data safety processing method thereof |
| US20100293373A1 (en) * | 2009-05-15 | 2010-11-18 | International Business Machines Corporation | Integrity service using regenerated trust integrity gather program |
| CN102737441A (en) * | 2011-08-19 | 2012-10-17 | 广州广电运通金融电子股份有限公司 | Self-service terminal password input device |
| CN103036681A (en) * | 2012-12-13 | 2013-04-10 | 中国工商银行股份有限公司 | Password safety keyboard device and system |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6715078B1 (en) * | 2000-03-28 | 2004-03-30 | Ncr Corporation | Methods and apparatus for secure personal identification number and data encryption |
| US7159114B1 (en) * | 2001-04-23 | 2007-01-02 | Diebold, Incorporated | System and method of securely installing a terminal master key on an automated banking machine |
| KR100516548B1 (en) * | 2003-02-05 | 2005-09-22 | 삼성전자주식회사 | Apparatus and method for efficient h/w structure for ciphering in mobile communication system |
| US20050149739A1 (en) * | 2003-12-31 | 2005-07-07 | Hewlett-Packard Development Company, L.P. | PIN verification using cipher block chaining |
| CN101930644B (en) * | 2009-06-25 | 2014-04-16 | 中国银联股份有限公司 | Method for safely downloading master key automatically in bank card payment system and system thereof |
-
2015
- 2015-11-04 CN CN201510741367.3A patent/CN105281915B/en active Active
-
2016
- 2016-11-04 SG SG11201803166RA patent/SG11201803166RA/en unknown
- 2016-11-04 WO PCT/SG2016/050542 patent/WO2017078626A1/en active Application Filing
-
2018
- 2018-04-30 PH PH12018500929A patent/PH12018500929A1/en unknown
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101206779A (en) * | 2006-12-18 | 2008-06-25 | 汉王科技股份有限公司 | Online banking system safety terminal and data safety processing method thereof |
| US20100293373A1 (en) * | 2009-05-15 | 2010-11-18 | International Business Machines Corporation | Integrity service using regenerated trust integrity gather program |
| CN102737441A (en) * | 2011-08-19 | 2012-10-17 | 广州广电运通金融电子股份有限公司 | Self-service terminal password input device |
| CN103036681A (en) * | 2012-12-13 | 2013-04-10 | 中国工商银行股份有限公司 | Password safety keyboard device and system |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108573581A (en) * | 2018-03-20 | 2018-09-25 | 中国工商银行股份有限公司 | ATM initial keys setting method, device, system and storage medium |
| CN108573581B (en) * | 2018-03-20 | 2020-08-18 | 中国工商银行股份有限公司 | ATM initial key setting method, device, system and computer readable storage medium |
| CN113806730A (en) * | 2021-09-18 | 2021-12-17 | 北京安天网络安全技术有限公司 | Safe password input method, system, equipment and medium |
| CN113806730B (en) * | 2021-09-18 | 2024-03-08 | 北京安天网络安全技术有限公司 | Method, system, equipment and medium for inputting security password |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2017078626A1 (en) | 2017-05-11 |
| SG11201803166RA (en) | 2018-05-30 |
| CN105281915B (en) | 2018-11-20 |
| PH12018500929A1 (en) | 2018-10-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10142107B2 (en) | Token binding using trust module protected keys | |
| CN110401615B (en) | Identity authentication method, device, equipment, system and readable storage medium | |
| US8995653B2 (en) | Generating a secret key from an asymmetric private key | |
| CN101369889A (en) | System and method for electronic endorsement of document | |
| CN107528689B (en) | Password modification method based on Ukey | |
| CN106533663B (en) | Data ciphering method, encryption method, apparatus and data decryption method, decryption method, apparatus | |
| CN103914662A (en) | Access control method and device of file encrypting system on the basis of partitions | |
| CN103269271A (en) | Method and system for back-upping private key in electronic signature token | |
| CN105281915A (en) | Ciphertext generating method of password keyboard | |
| CN104268447A (en) | Encryption method of embedded software | |
| CN104866784A (en) | BIOS encryption-based safety hard disk, and data encryption and decryption method | |
| CN103544453A (en) | USB (universal serial bus) KEY based virtual desktop file protection method and device | |
| CN106452797A (en) | Consumable and equipment pairing method, consumable use method, consumable and equipment | |
| CN101859351A (en) | System and method for ensuring safe read of data stored in storage | |
| CN101826961A (en) | Method, device and system for data transmission encryption and decryption | |
| CN101770559A (en) | Data protecting device and data protecting method | |
| EP2701101B1 (en) | Information processing devices and information processing methods | |
| CN112385175B (en) | Device for data encryption and integrity | |
| CN107409046A (en) | Apparatus and method for generating key in programmable hardware module | |
| CN101651538A (en) | Method for safe transmission of data based on creditable password module | |
| CN109088729B (en) | Key storage method and device | |
| CN103117850A (en) | Cryptosystem based on random sequence database | |
| CN101916344A (en) | Method and system for verifying legality of software protection device | |
| CN105404470A (en) | Data storage method, data security apparatus and data storage system | |
| CN102332978B (en) | Lottery ticket off-line verification system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20200927 Address after: 1, 2 and 3 / F, No. 28, Xinkang Road, shangmugu community, Pinghu street, Longgang District, Shenzhen City, Guangdong Province Patentee after: JINGKING WEIDA TECHNOLOGY (SHENZHEN) Co.,Ltd. Address before: 410000 5, China Software Park, No. 303, pointed hill, 39 hi tech Development Zone, Hunan, Changsha Patentee before: Bohong Information Technology Co.,Ltd. |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20201217 Address after: B162, 2 / F, Lihe Trade Center, No. 26, 27, 28, 29, Yuenan street, Huangsha Avenue, Liwan District, Guangzhou City, Guangdong Province 510000 Patentee after: Guangzhou Aixiang Technology Co., Ltd Address before: 1, 2 and 3 / F, No. 28, Xinkang Road, shangmugu community, Pinghu street, Longgang District, Shenzhen City, Guangdong Province Patentee before: JINGKING WEIDA TECHNOLOGY (SHENZHEN) Co.,Ltd. |
|
| TR01 | Transfer of patent right |