CN105282738A - Security authentication method for mobile terminal - Google Patents
Security authentication method for mobile terminal Download PDFInfo
- Publication number
- CN105282738A CN105282738A CN201510823427.6A CN201510823427A CN105282738A CN 105282738 A CN105282738 A CN 105282738A CN 201510823427 A CN201510823427 A CN 201510823427A CN 105282738 A CN105282738 A CN 105282738A
- Authority
- CN
- China
- Prior art keywords
- mobile terminal
- user
- authentication
- private key
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Telephone Function (AREA)
Abstract
The invention discloses a security authentication method for a mobile terminal, comprising following steps: a mobile terminal uses encryption algorithms to perform signing for user information containing a user ID and generate an authentication request according to a private key preset by a user as a secret key; the mobile terminal sends the authentication request to a remote authentication center; after receiving the authentication request, the remote authentication center searches database based on the user ID and performs identity authentication of the user information using a corresponding user public key; after making a successful authentication, the remote authentication center encrypts an authentication reply with the user public key and sends the encrypted authentication reply to the mobile terminal; the mobile terminal uses the private key to call decryption algorithms to decrypt the authentication reply to obtain a user secret key and a verification code which can decode local information; the mobile terminal displays the verification code and prompts a user to enter an open-screen password; after the user enters the open-screen password and the mobile terminal verifies that the open-screen password is correct, the authentication is successful. The security authentication method has high security.
Description
Technical field
The present invention relates to authentication techniques field, particularly relate to a kind of mobile terminal safety authentication method.
Background technology
Along with the continuous fusion of wireless communication technology and computer technology, mobile device is towards intelligentized future development, its function supported gets more and more, the opening of mobile platform and flexibility also make the mobile devices such as mobile phone be popularized, but with calculating and the enriching constantly of storage resources, the appearance of Mobile operating system and various wireless application technology, the sensitivity storing information in mobile device constantly increases, the security threat of PC computing platform is just occurring on mobile terminals, as the appearance of mobile phone viruses, make loss of data or stolen situation day by day serious.When mobile phone is lost, private data reveals the insecurity also causing mobile terminal.
Safety certification can stop on source, and existing safety certification is bio-identification, account number cipher, gesture identification etc. mainly, and level of security is lower, and account number cipher, gesture identification etc. are easily peeped and obtained.
Summary of the invention
Technical problem to be solved by this invention is, provide a kind of mobile terminal safety authentication method, fail safe is high.
In order to solve the problems of the technologies described above, the invention provides mobile terminal safety authentication method, comprising:
The private key that mobile terminal presets according to user adopts cryptographic algorithm as key, signs to the user profile comprising user ID, generates authentication request;
Described authentication request is sent to remote authentication center by mobile terminal;
After described remote authentication center receives described authentication request, according to user ID search database, corresponding client public key is used to carry out authentication to described user profile;
When after described remote authentication center certification success, be sent to mobile terminal after adopting client public key authentication answer to be encrypted, in described authentication answer, include identifying code;
Mobile terminal adopts described private key to call decipherment algorithm and is decrypted described authentication answer, obtains user key and the identifying code of deciphering local information;
Mobile terminal display identifying code, and points out user to input password of spreading its tail, wherein, described in spread its tail password be after identifying code is added with the numeral of described private key in identical figure place and the password that forms of unit numbers;
User's input is spread its tail after password, and after mobile terminal checking accurately, certification is passed through.
Further, described cryptographic algorithm is specially RSA Algorithm.
Further, described decipherment algorithm is specially as RSA Algorithm.
Further, the private key preset according to user at described mobile terminal adopts cryptographic algorithm as key, signs to the user profile comprising user ID, generates authentication request, also comprises before:
After user sets private key, private key is stored to this locality by mobile terminal, and client public key and user ID are sent to remote authentication center.
Optionally, described private key is 6 bit digital sequences.
Optionally, described private key is 8 bit digital sequences.
Implement the present invention, there is following beneficial effect:
Combining encryption of the present invention, digital authenticating and dark text password authentification, fail safe is higher.
Embodiment
Be clearly and completely described to the technical scheme in the embodiment of the present invention below, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.
Embodiments provide an embodiment of mobile terminal safety authentication method, comprising:
After S101, user set private key, private key is stored to this locality by mobile terminal, and client public key and user ID are sent to remote authentication center.
Wherein, described private key is 6 bit digital sequences or 8 bit digital sequences.
S102, when mobile terminal shutdown again start after, the private key that mobile terminal presets according to user adopts cryptographic algorithm as key, signs to the user profile comprising user ID, generate authentication request.
Wherein, described cryptographic algorithm is specially RSA Algorithm.
Described authentication request is sent to remote authentication center by S103, mobile terminal.
After S104, described remote authentication center receive described authentication request, according to user ID search database, corresponding client public key is used to carry out authentication to described user profile.
S105, when after the success of described remote authentication center certification, be sent to mobile terminal after adopting client public key authentication answer to be encrypted, in described authentication answer, include identifying code.
S106, mobile terminal adopt described private key to call decipherment algorithm and are decrypted described authentication answer, obtain user key and the identifying code of deciphering local information.
Wherein, described decipherment algorithm is specially as RSA Algorithm
S107, mobile terminal display identifying code, and points out user to input password of spreading its tail, wherein, described in spread its tail password be after identifying code is added with the numeral of described private key in identical figure place and the password that forms of unit numbers.
Such as, private key is 790215, and identifying code is 851234, so first be added and be 7+8=15, first, password of spreading its tail is just 5, by that analogy, draws dark text password 541449.What user inputted is 541449, even if other people peep 541449, also cannot learn private key, fail safe is higher.
After S108, user input password of spreading its tail, after mobile terminal checking accurately, certification is passed through.
Implement the present invention, there is following beneficial effect:
Combining encryption of the present invention, digital authenticating and dark text password authentification, fail safe is higher.
It should be noted that, in this article, term " comprises ", " comprising " or its any other variant are intended to contain comprising of nonexcludability, thus make to comprise the process of a series of key element, method, article or device and not only comprise those key elements, but also comprise other key elements clearly do not listed, or also comprise by the intrinsic key element of this process, method, article or device.When not more restrictions, the key element limited by statement " comprising ... ", and be not precluded within process, method, article or the device comprising this key element and also there is other identical element.
To the above-mentioned explanation of the disclosed embodiments, professional and technical personnel in the field are realized or uses the present invention.To be apparent for those skilled in the art to the multiple amendment of these embodiments, General Principle as defined herein can without departing from the spirit or scope of the present invention, realize in other embodiments.Therefore, the present invention can not be restricted to these embodiments shown in this article, but will meet the widest scope consistent with principle disclosed herein and features of novelty.
Claims (6)
1. a mobile terminal safety authentication method, is characterized in that, comprising:
The private key that mobile terminal presets according to user adopts cryptographic algorithm as key, signs to the user profile comprising user ID, generates authentication request;
Described authentication request is sent to remote authentication center by mobile terminal;
After described remote authentication center receives described authentication request, according to user ID search database, corresponding client public key is used to carry out authentication to described user profile;
When after described remote authentication center certification success, be sent to mobile terminal after adopting client public key authentication answer to be encrypted, in described authentication answer, include identifying code;
Mobile terminal adopts described private key to call decipherment algorithm and is decrypted described authentication answer, obtains user key and the identifying code of deciphering local information;
Mobile terminal display identifying code, and points out user to input password of spreading its tail, wherein, described in spread its tail password be after identifying code is added with the numeral of described private key in identical figure place and the password that forms of unit numbers;
User's input is spread its tail after password, and after mobile terminal checking accurately, certification is passed through.
2. mobile terminal safety authentication method as claimed in claim 1, it is characterized in that, described cryptographic algorithm is specially RSA Algorithm.
3. mobile terminal safety authentication method as claimed in claim 1, it is characterized in that, described decipherment algorithm is specially as RSA Algorithm.
4. mobile terminal safety authentication method as claimed in claim 1, it is characterized in that, the private key preset according to user at described mobile terminal adopts cryptographic algorithm as key, signs to the user profile comprising user ID, generate authentication request, also comprise before:
After user sets private key, private key is stored to this locality by mobile terminal, and client public key and user ID are sent to remote authentication center.
5. mobile terminal safety authentication method as claimed in claim 1, it is characterized in that, described private key is 6 bit digital sequences.
6. mobile terminal safety authentication method as claimed in claim 1, it is characterized in that, described private key is 8 bit digital sequences.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510823427.6A CN105282738A (en) | 2015-11-24 | 2015-11-24 | Security authentication method for mobile terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510823427.6A CN105282738A (en) | 2015-11-24 | 2015-11-24 | Security authentication method for mobile terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105282738A true CN105282738A (en) | 2016-01-27 |
Family
ID=55150895
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510823427.6A Pending CN105282738A (en) | 2015-11-24 | 2015-11-24 | Security authentication method for mobile terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105282738A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106330862A (en) * | 2016-08-10 | 2017-01-11 | 武汉信安珞珈科技有限公司 | Secure transmission method and system for dynamic password |
| CN110798436A (en) * | 2018-08-03 | 2020-02-14 | 广州小鹏汽车科技有限公司 | Verification code verification method and device |
| CN114650143A (en) * | 2022-03-16 | 2022-06-21 | 福州汇思博信息技术有限公司 | Password input method and terminal |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1585936A (en) * | 2002-09-12 | 2005-02-23 | 三菱电机株式会社 | Authentication system, authentication device, terminal device, and authentication method |
| CN101304423A (en) * | 2008-07-08 | 2008-11-12 | 北京邮电大学 | Method and system for authenticating user identification |
| CN102368773A (en) * | 2011-10-31 | 2012-03-07 | 北京天地融科技有限公司 | Access control method of mobile memory, mobile memory and system |
| CN103220148A (en) * | 2013-04-03 | 2013-07-24 | 天地融科技股份有限公司 | Method and system for electronic signature token to respond operation request, and electronic signature token |
| CN103368918A (en) * | 2012-04-01 | 2013-10-23 | 西门子公司 | Method, device and system for dynamic password authentication |
-
2015
- 2015-11-24 CN CN201510823427.6A patent/CN105282738A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1585936A (en) * | 2002-09-12 | 2005-02-23 | 三菱电机株式会社 | Authentication system, authentication device, terminal device, and authentication method |
| CN101304423A (en) * | 2008-07-08 | 2008-11-12 | 北京邮电大学 | Method and system for authenticating user identification |
| CN102368773A (en) * | 2011-10-31 | 2012-03-07 | 北京天地融科技有限公司 | Access control method of mobile memory, mobile memory and system |
| CN103368918A (en) * | 2012-04-01 | 2013-10-23 | 西门子公司 | Method, device and system for dynamic password authentication |
| CN103220148A (en) * | 2013-04-03 | 2013-07-24 | 天地融科技股份有限公司 | Method and system for electronic signature token to respond operation request, and electronic signature token |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106330862A (en) * | 2016-08-10 | 2017-01-11 | 武汉信安珞珈科技有限公司 | Secure transmission method and system for dynamic password |
| CN110798436A (en) * | 2018-08-03 | 2020-02-14 | 广州小鹏汽车科技有限公司 | Verification code verification method and device |
| CN110798436B (en) * | 2018-08-03 | 2021-10-12 | 广州小鹏汽车科技有限公司 | Verification code verification method and device |
| CN114650143A (en) * | 2022-03-16 | 2022-06-21 | 福州汇思博信息技术有限公司 | Password input method and terminal |
| CN114650143B (en) * | 2022-03-16 | 2023-11-24 | 福建汇思博数字科技有限公司 | Password input method and terminal |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10595201B2 (en) | Secure short message service (SMS) communications | |
| CN109495274B (en) | Decentralized intelligent lock electronic key distribution method and system | |
| US10659220B2 (en) | Method and system for encrypting and decrypting two-dimensional code mask | |
| CN105812332A (en) | Data protection method | |
| US9716591B2 (en) | Method for setting up a secure connection between clients | |
| CN105450395A (en) | Information encryption and decryption processing method and system | |
| CN103763091B (en) | A kind of application program encryption and decryption method and encryption, decryption device | |
| US10089627B2 (en) | Cryptographic authentication and identification method using real-time encryption | |
| CN101789865A (en) | Dedicated server used for encryption and encryption method | |
| CN105553951A (en) | Data transmission method and data transmission device | |
| CN204360381U (en) | mobile device | |
| CN104331653A (en) | Fingerprint decryption method and fingerprint decryption device | |
| CN102664898A (en) | Fingerprint identification-based encrypted transmission method, fingerprint identification-based encrypted transmission device and fingerprint identification-based encrypted transmission system | |
| CN103297403A (en) | Method and system for achieving dynamic password authentication | |
| CN102946392A (en) | URL (Uniform Resource Locator) data encrypted transmission method and system | |
| RU2013140418A (en) | SAFE ACCESS TO PERSONAL HEALTH RECORDS IN EMERGENCIES | |
| CN101621794A (en) | Method for realizing safe authentication of wireless application service system | |
| JP2014508456A5 (en) | ||
| CN109284618B (en) | Data source data verification method and system | |
| CN102082790A (en) | Method and device for encryption/decryption of digital signature | |
| CN102404337A (en) | Data encryption method and device | |
| KR20170124953A (en) | Method and system for automating user authentication with decrypting encrypted OTP using fingerprint in mobile phone | |
| CN103338106A (en) | Methods and devices for ciphering and deciphering file | |
| KR101358375B1 (en) | Prevention security system and method for smishing | |
| CN103051459A (en) | Management method and device of traction secrete key of safety card |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160127 |