CN105306206A

CN105306206A - Verification interactive method and related device and communication system

Info

Publication number: CN105306206A
Application number: CN201410347824.6A
Authority: CN
Inventors: 张东蕊; 陈远斌; 唐艳平; 宋梁山; 付晓强
Original assignee: Tencent Technology Shenzhen Co Ltd
Current assignee: Tencent Technology Shenzhen Co Ltd
Priority date: 2014-07-21
Filing date: 2014-07-21
Publication date: 2016-02-03
Anticipated expiration: 2034-07-21
Also published as: CN105306206B

Abstract

The embodiment of the invention discloses a verification interactive method and related device and communication system. The verification interactive method comprises the following steps of receiving a verification request message from a client; transmitting a first verification interactive message containing N1 sub-pictures, wherein the N1 sub-pictures are obtained through cutting a verification picture, the N1 sub-pictures include a base picture and N1-1 option pictures, shape of N2 option pictures of the N1-1 option pictures has at least m axes of symmetry, N1 and N2 both are positive integers and N1 is greater than 1, and m is an integer greater than 4; if a second verification interactive message containing a spliced picture formed by splicing N1 sub-pictures is received from the client, comparing the spliced picture with the verification picture to determine a verification result. The embodiment scheme of the invention is beneficial to improvement of capability in the aspect of preventing brute force attacks of malicious clients during the verification process.

Description

Checking exchange method and relevant apparatus and communication system

Technical field

The present invention relates to interconnected forming table security technology area, be specifically related to checking exchange method and relevant apparatus and communication system.

Background technology

Identifying code generally uses in Internet service, adds verification means for the one resisting batch malicious client, and identifying code is mainly used in account registration, account number logs in, forum posts, microblogging speech etc. scene.

Picture mosaic identifying code is a kind of novel identifying code, and these multiple sub-pictures are sent to client after a checking picture is cut into multiple sub-pictures by server.Multiple sub-pictures carry out, after splicing obtains splicing picture, this splicing picture is sent to server by client, according to the comparison result of splicing picture and origin authentication picture, server determines that whether checking is successful.

The present inventor finds in research and practice process, following technical problem is at least there is: some malicious client utilize automaton to carry out Brute Force to picture mosaic identifying code in prior art, because some sub-pictures in prior art are cut in order to quadrangle, this makes the automaton of malicious client can obtain correct picture splicing result by carrying out a small amount of test, and the ability of visible prior art in preventing malice client Brute Force is more weak.

Summary of the invention

Embodiment of the present invention checking exchange method and relevant apparatus and communication system, to improving the ability of preventing malice client Brute Force aspect in proof procedure.

First aspect present invention provides a kind of and verifies mutual method, comprising:

Receive the checking request message from client;

The the first checking interaction message comprising N1 sub-pictures is sent to described client; Wherein, a described N1 sub-pictures is obtained by cutting checking picture, a described N1 sub-pictures comprises negative film and N1-1 option picture, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, described N1 and described N2 is positive integer and described N1 is greater than 1, described m be greater than 4 integer;

If receive the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains from described client, by described splicing picture and described checking picture being compared to determine the result.

Second aspect present invention provides a kind of and verifies mutual method, comprising:

Checking request message is sent to server;

Receive the first checking interaction message from described server, wherein, first checking interaction message comprises N1 the sub-pictures obtained by cutting checking picture, wherein, a described N1 sub-pictures comprises negative film and N1-1 option picture, wherein, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, wherein, described N1 and described N2 is positive integer and described N1 is greater than 1, described m be greater than 4 integer;

The the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains is sent to described server.

Third aspect present invention provides a kind of checking interactive device, comprising:

Receiving element, for receiving the checking request message from client;

Transmitting element, for sending the first checking interaction message comprising N1 sub-pictures to described client;

Wherein, a described N1 sub-pictures is obtained by cutting checking picture, a described N1 sub-pictures comprises negative film and N1-1 option picture, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, described N1 and described N2 is positive integer and described N1 is greater than 1, described m be greater than 4 integer;

Authentication unit, if for receiving the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains from described client, by comparing to determine the result by described splicing picture and described checking picture.

Fourth aspect present invention provides a kind of checking interactive device, comprising:

Transmitting element, for sending checking request message to server;

Receiving element, for receiving the first checking interaction message from described server, wherein, the first checking interaction message comprises N1 the sub-pictures obtained by cutting checking picture, wherein, a described N1 sub-pictures comprises negative film and N1-1 option picture, wherein, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, wherein, described N1 and described N2 is positive integer and described N1 is greater than 1, described m be greater than 4 integer;

Checking interactive unit, for sending the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains to described server.

Fifth aspect present invention provides a kind of communication system, comprising:

Client, for sending checking request message to server;

Described server, for receiving the checking request message from client; The the first checking interaction message comprising N1 sub-pictures is sent to described client, wherein, a described N1 sub-pictures is obtained by cutting checking picture, a described N1 sub-pictures comprises negative film and N1-1 option picture, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, described N1 and described N2 is positive integer and described N1 is greater than 1, described m be greater than 4 integer; If receive the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains from described client, by described splicing picture and described checking picture being compared to determine the result.

Can find out, in the scheme that the embodiment of the present invention provides, after server receives the checking request message from client, server sends the first checking interaction message comprising N1 sub-pictures to client, wherein, a described N1 sub-pictures is obtained by cutting checking picture, a described N1 sub-pictures comprises negative film and N1-1 option picture, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, described N1 and N2 is positive integer and described N1 is greater than 1, described m be greater than 4 integer.Shape due to the N2 option picture in N1-1 option picture has the m bar symmetry axis being at least greater than 4, and research find sub-pictures symmetry axis more at most malicious client to carry out the number of times of sub-pictures rotary test more, and increase along with option picture number, the symmetry axis increasing number of option picture, needed for Malicious clients port Brute Force, testing time also will become the growth close to geometric progression, this just adds Brute Force difficulty to a certain extent, and visible such scheme is conducive to the ability improving preventing malice client Brute Force aspect in proof procedure.

Accompanying drawing explanation

In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.

Fig. 1 is a kind of schematic flow sheet verifying exchange method that the embodiment of the present invention provides;

Fig. 2 is the schematic flow sheet of the another kind checking exchange method that the embodiment of the present invention provides;

Fig. 3-a is the configuration diagram of a kind of communication system that the embodiment of the present invention provides;

Fig. 3-b is the schematic flow sheet of the another kind checking exchange method that the embodiment of the present invention provides;

Fig. 3-c is a kind of schematic diagram cutting checking picture that the embodiment of the present invention provides;

Fig. 3-d is a kind of schematic diagram splicing checking picture that the embodiment of the present invention provides;

Fig. 3-e is the configuration diagram of the another kind of communication system that the embodiment of the present invention provides;

Fig. 4-a is the configuration diagram of the another kind of communication system that the embodiment of the present invention provides;

Fig. 4-b is the schematic flow sheet of the another kind checking exchange method that the embodiment of the present invention provides;

Fig. 5-a is the configuration diagram of the another kind of communication system that the embodiment of the present invention provides;

Fig. 5-b is the schematic flow sheet of the another kind checking exchange method that the embodiment of the present invention provides;

Fig. 6 is the schematic flow sheet of the another kind checking exchange method that the embodiment of the present invention provides;

Fig. 7-a is the configuration diagram of the another kind of communication system that the embodiment of the present invention provides;

Fig. 7-b is the schematic flow sheet of the another kind checking exchange method that the embodiment of the present invention provides;

Fig. 8 is a kind of schematic diagram verifying interactive device that the embodiment of the present invention provides;

Fig. 9 is the schematic diagram of a kind of server that the embodiment of the present invention provides;

Figure 10 is the schematic diagram of the another kind of server that the embodiment of the present invention provides;

Figure 11 is the schematic diagram of the another kind checking interactive device that the embodiment of the present invention provides;

Figure 12 is the schematic diagram of a kind of client that the embodiment of the present invention provides;

Figure 13 is the schematic diagram of the another kind of client that the embodiment of the present invention provides;

Figure 14 is the schematic diagram of a kind of communication system that the embodiment of the present invention provides.

Embodiment

The present invention program is understood better in order to make those skilled in the art person, below in conjunction with the accompanying drawing in the embodiment of the present invention, technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is only the embodiment of a part of the present invention, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, should belong to the scope of protection of the invention.

Below be described in detail respectively.

Term " first ", " second ", " the 3rd " and " the 4th " etc. in specification of the present invention and claims and above-mentioned accompanying drawing are for distinguishing different object, instead of for describing particular order.In addition, term " comprises " and " having " and their any distortion, and intention is to cover not exclusive comprising.Such as contain the process of series of steps or unit, method, system, product or equipment and be not defined in the step or unit listed, but also comprise the step or unit do not listed alternatively, or also comprise alternatively for other intrinsic step of these processes, method, product or equipment or unit.

First scheme description is carried out from the angle of server below.

The present invention verifies an embodiment of exchange method.A kind of checking exchange method can comprise: receive the checking request message from client; The the first checking interaction message comprising N1 sub-pictures is sent to described client, a described N1 sub-pictures is obtained by cutting checking picture, a described N1 sub-pictures comprises negative film and N1-1 option picture, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, described N1 and described N2 is positive integer and described N1 is greater than 1, described m be greater than 4 integer; If receive the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains from described client, by described splicing picture and described checking picture being compared to determine the result.

See a kind of schematic flow sheet verifying exchange method that Fig. 1, Fig. 1 provide for one embodiment of the present of invention.Wherein, as shown in Figure 1, the one checking exchange method that one embodiment of the present of invention provide can comprise:

101, server receives the checking request message from client.

Such as in account registration, the scene such as account number logs in, forum posts, microblogging speech, server may receive the checking request message from client.Wherein, checking request message may be specifically the message being exclusively used in requests verification, also may be such as be mainly used in asking the account registration request of account registration, be mainly used in asking account number to log in account number logging request, be mainly used in asking the request of posting of the forum that posts of forum or being mainly used in asking microblogging speaking request of microblogging speech etc. to be not exclusively used in the message of requests verification.That is, in some scenarios, the checking request message from client may be the message being exclusively used in requests verification that client sends.Under other scenes, the checking request message from client may be that being mainly used in of sending of client asks other service messages, and this is mainly used in asking other service messages will trigger authentication, therefore also can be referred to as to verify request message.In other words, the checking request message in the embodiment of the present invention is can the message of trigger authentication.

102, described server can send to described client the first checking interaction message including N1 sub-pictures.

Wherein, a described N1 sub-pictures is obtained by cutting checking picture, a described N1 sub-pictures comprises negative film and N1-1 option picture, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, described N1 and described N2 is positive integer and described N1 is greater than 1, wherein, described m be greater than 4 integer.Wherein, described N2 is less than or equal to described N1-1.

Such as, checking picture can be cut into N1 sub-pictures by described server.Or described server can indicate identifying code server that checking picture is cut into N1 sub-pictures, and obtain by cutting N1 the sub-pictures that described checking picture obtains from described identifying code server.

Wherein, the concrete value of described N1, described N2 and described m can the concrete determination according to the specific requirement of checking complexity.Such as described N1 can equal 2,3,4,5,6,8,10,20,30 or other values.Such as described N2 can equal 1,2,3,4,5,7,9,19,29 or other values.Such as described m can equal 5,6,7,10,30,50,100,300,1000 or other values.

If 103, described server receives the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains from described client, by described splicing picture and described checking picture being compared to determine the result.

Wherein, described server can voluntarily by comparing to determine the result by described splicing picture and described checking picture, and described server also can indicate authentication server by described splicing picture and described checking picture being compared to determine the result.

Wherein, the server that the server in the present embodiment can be server in station, game server, application shop server etc. can provide service to client, certainly, server also can be the authentication server for verifying.

Can find out, in the scheme that the present embodiment provides, after server receives the checking request message from client, the the first checking interaction message comprising N1 sub-pictures is sent to client, a described N1 sub-pictures is obtained by cutting checking picture, a described N1 sub-pictures comprises negative film and N1-1 option picture, wherein, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, described N1 and N2 is positive integer and described N1 is greater than 1, wherein, described m be greater than 4 integer.Shape due to the N2 option picture in N1-1 option picture has the m bar symmetry axis being at least greater than 4, and research find sub-pictures symmetry axis more at most malicious client to carry out the number of times of sub-pictures rotary test more, and increase along with option picture number, the symmetry axis increasing number of option picture, needed for Malicious clients port Brute Force, testing time also will become the growth close to geometric progression, this just adds Brute Force difficulty to a certain extent, and visible such scheme is conducive to the ability improving preventing malice client Brute Force aspect in proof procedure.

If be appreciated that, the shape of sub-pictures is for circular, then this sub-pictures has without several symmetry axis.Alternatively the symmetry axis of the sub-pictures of picture is more, then to carry out the number of times of this sub-pictures rotary test more for malicious client, circular sub-pictures has without several symmetry axis, therefore malicious client carries out the number of times of this seed picture rotary test is at most many times in theory, this just can increase Brute Force difficulty to a large extent, and then greatly can improve the ability of preventing malice client Brute Force aspect in proof procedure, and then the ineffective occupation of malicious client to Internet resources can be reduced.

Optionally, in possible execution modes more of the present invention, if described client is marked as doubtful malicious client, described m be greater than or equal to 20,30,53,87,100,200 or 500 or be greater than 4 other values.If described client is labeled in order to doubtful malicious client, described N2 is more than or equal to Second Threshold (Second Threshold such as can equal 0.8,0.9,0.95 or 1) divided by the value that described N1-1 obtains.If described client is labeled in order to doubtful malicious client, described N2 can be greater than 5,6,8,10,15 or be greater than 1 other values.Such as, server can send frequent degree or other performance characteristics of checking request according to a certain client, whether what setting judgment condition judged the client sending checking request message is likely malicious client, and specific strategy embodiment of the present invention client being marked as doubtful malicious client does not limit.Such as a certain internetworking protocol (IP of discovery, InternetProtocol) client of address repeatedly sends checking request message in same login page within several seconds or several minutes, can assert that this client has larger probability to be malicious client, doubtful malicious client can be labeled as, follow-up transmission is cracked the higher identifying code of difficulty (sub-pictures quantity is more to this client, sub-pictures symmetry axis is more, crack difficulty also higher), strengthen the interference effect to malicious client.If server judges that the larger possibility of certain client is normal client, follow-up transmission cracks the lower identifying code of difficulty, to reduce interpreting blueprints difficulty and the comfort level of user.

Be appreciated that the mechanism introduced based on doubtful malicious client mark adjustment checking complexity, be conducive to taking into account Consumer's Experience preferably and crack ability with anti-.

Optionally, in possible execution modes more of the present invention, described by described splicing picture and described checking picture are compared to determine the result, can comprise: described splicing picture and described checking picture are compared; If the similarity that comparison goes out described splicing picture and described checking picture is more than or equal to first threshold (first threshold such as can be 90%, 95%, 98%, 99% or 100% other values that maybe can satisfy the demands), then determine that the result is for being proved to be successful; If the similarity that comparison goes out described splicing picture and described checking picture is less than described first threshold, then determine that the result is authentication failed.

Optionally, in possible execution modes more of the present invention, the shape of the first option picture in described N2 option picture is circular.Such as the first option picture is any one sub-pictures in N2 option picture.The shape of such as, part or all of sub-pictures in described N2 option picture can be circle.

Optionally, in possible execution modes more of the present invention, the shape of the second option picture in described N2 option picture is positive k limit shape, described k be greater than 4 integer, such as described k equals 5,6,7 or 10,35,57,108,390,1500 or other values.Such as, the second option picture can be any one sub-pictures in N2 option picture.Such as, the shape of the some or all of sub-pictures in described N2 option picture can be positive k limit shape.

Optionally, in possible execution modes more of the present invention, the shape of the 3rd option picture in described N2 option picture is irregular figure.Although the shape of the 3rd option picture is irregular figure, the 3rd option picture in shape symmetry axis still more than 4 articles.Such as, the 3rd option picture can be any one sub-pictures in N2 option picture.Such as, the shape of the some or all of sub-pictures in described N2 option picture can be the irregular figure of symmetry axis more than 4.

Scheme description is carried out below from the angle of client.

The present invention verifies another embodiment of exchange method.Another kind of checking exchange method can comprise: send checking request message to server; Receive the first checking interaction message from described server, wherein, first checking interaction message comprises N1 the sub-pictures obtained by cutting checking picture, a described N1 sub-pictures comprises negative film and N1-1 option picture, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, wherein, described N1 and described N2 is positive integer and described N1 is greater than 1, described m be greater than 4 integer; The the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains is sent to described server.

See the schematic flow sheet of the another kind checking exchange method that Fig. 2, Fig. 2 provide for an alternative embodiment of the invention.As shown in Figure 2, the another kind checking exchange method that an alternative embodiment of the invention provides can comprise:

201, user end to server sends checking request message.

Server can receive the checking request message from client.

202, described client receives the first checking interaction message from described server.

Wherein, the first checking interaction message comprises N1 the sub-pictures obtained by cutting checking picture.

Wherein, a described N1 sub-pictures comprises negative film and N1-1 option picture, and the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, wherein, described N1 and described N2 is positive integer and described N1 is greater than 1, described m be greater than 4 integer.

203, described client sends the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains to described server.So that authentication server or described server are by comparing to determine the result by described splicing picture and described checking picture.

Wherein, because N1-1 option picture is embedded in negative film, therefore, N1-1 option picture can be mounted in the cavity that negative film is formed due to cutting option picture by described client, and then obtains splicing picture.

Optionally, in possible execution modes more of the present invention, if described client is marked as doubtful malicious client, described m be greater than or equal to 20,30,53,87,100,200 or 500 or be greater than 4 other values.If described client is labeled in order to doubtful malicious client, described N2 is more than or equal to Second Threshold (Second Threshold such as can equal 0.8,0.9,0.95 or 1) divided by the value that described N1-1 obtains.If described client is labeled in order to doubtful malicious client, described N2 can be greater than 5,6,8,10,15 or be greater than 1 other values.Such as, server can send frequent degree or other performance characteristics of checking request according to a certain client, whether what setting judgment condition judged the client sending checking request message is likely malicious client, and specific strategy embodiment of the present invention client being marked as doubtful malicious client does not limit.Such as when finding that the client of a certain IP address repeatedly sends checking request message in same login page within several seconds or several minutes, can assert that this client has larger probability to be malicious client, doubtful malicious client can be labeled as, follow-up transmission is cracked the higher identifying code of difficulty (sub-pictures quantity is more to this client, sub-pictures symmetry axis is more, crack difficulty also higher), strengthen the interference effect to malicious client.If server judges that the larger possibility of certain client is normal client, follow-up transmission cracks the lower identifying code of difficulty, to reduce interpreting blueprints difficulty and the comfort level of user.

Optionally, in possible execution modes more of the present invention, described by described splicing picture and described checking picture are compared to determine the result, can comprise: described splicing picture and described checking picture are compared.If the similarity that comparison goes out described splicing picture and described checking picture is more than or equal to first threshold (first threshold such as can be 90%, 95%, 98%, 99% or 100% other values that maybe can satisfy the demands), then determine that the result is for being proved to be successful.If the similarity that comparison goes out described splicing picture and described checking picture is less than described first threshold, then determine that the result is authentication failed.

Optionally, server also can send to described client further and carry the authentication response information being used in reference to the indication information that the result is shown, and then by the mode of display instruction, the result is notified described client.Certainly, described server also can adopt and hiddenly show that the result is informed to described client by the mode of instruction.

Optionally, in possible execution modes more of the present invention, the shape of the second option picture in described N2 option picture is positive k limit shape, described k be greater than 4 integer, such as described k equals 5,6,7,10 or 35,57,108,390,1500 or other values.Such as, the second option picture can be any one sub-pictures in N2 option picture.Such as, the shape of the some or all of sub-pictures in described N2 option picture can be positive k limit shape.

For ease of better understanding the such scheme of the embodiment of the present invention, be illustrated below by some embody rule scenes.

See the configuration diagram of a kind of communication system that Fig. 3-a, Fig. 3-a provides for the embodiment of the present invention.

See the schematic flow sheet of the another kind checking exchange method that Fig. 3-b, Fig. 3-b provides for an alternative embodiment of the invention.The exchange method of checking shown in Fig. 3-b can be implemented based on the communication system of the communication system of framework shown in Fig. 3-a or distortion framework.

As shown in Fig. 3-b, the another kind checking exchange method that an alternative embodiment of the invention provides specifically can comprise:

301, client sends business request information to service server.

Wherein, the service server that the service server in the present embodiment can be server in station, game server, application shop server etc. can provide service to client.

Wherein, business request information such as can be account login request message, account log on request message or forum and to post request message, microblogging speaking request message etc.

302, service server receives the business request information from client, and described service server obtains N1 sub-pictures from identifying code server.

Wherein, a described N1 sub-pictures is obtained by cutting checking picture by identifying code server, a described N1 sub-pictures comprises negative film and N1-1 option picture, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, described N1 and described N2 is positive integer and described N1 is greater than 1, described m be greater than 4 integer.

303, service server sends the first checking interaction message comprising a described N1 sub-pictures to described client.

304, described client receives the first checking interaction message from described service server.Described client sends the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains to described service server.

305, service server sends described second to authentication server and verifies the described splicing picture that interaction message comprises.

306, described authentication server is by comparing to determine the result by described splicing picture and described checking picture, and wherein, described authentication server can send to described service server and carry the notification message being used in reference to the indication information that the result is shown.

Wherein, described splicing picture and described checking picture can be compared by described authentication server; If the similarity that comparison goes out described splicing picture and described checking picture is more than or equal to first threshold (first threshold such as can be 90%, 95%, 98%, 99% or 100% other values that maybe can satisfy the demands), then determine that the result is for being proved to be successful; If the similarity that comparison goes out described splicing picture and described checking picture is less than described first threshold, then determine that the result is authentication failed.

Wherein, described authentication server directly can obtain described checking picture from identifying code server, or obtains described checking picture by service server from from identifying code server.

If 307 described the results are for being proved to be successful, service server performs the business corresponding to described business request information.In addition, if described the result is authentication failed, service server can send authentication failed message to described client.

Illustrate that cutting is a kind of see Fig. 3-c, Fig. 3-c citing and verify 5 sub-pictures that picture obtains, 5 sub-pictures comprise negative film P01 and 4 option picture P02 (4 option pictures are circular sub-pictures).

Wherein, circular sub-pictures can strengthen the detection difficulty of edge similar degree, and traditional square sub-pictures only has 4 limits, and choose arbitrarily a limit and carry out edge similar degree coupling, success rate is higher, utilizes circular sub-pictures then to add unlimited possibility in theory.

The schematic diagram being carried out by sub-pictures splicing is shown see Fig. 3-d, Fig. 3-d citing.

Such as, circular sub-pictures strengthens the regulation and control of the anglec of rotation, square each only can 90-degree rotation, least ideally also only need rotation 4 times.If circular sub-pictures rotates 60 degree at every turn, then least ideally need rotation 6 times, rotate 30 degree if each, least ideally need rotation 12 times, rotate 10 degree if each, least ideally need rotation 36 times, by that analogy.And the minimum anglec of rotation can according to antagonism situation dynamic regulation.Visible, circular sub-pictures strengthens the regulation and control flexibility strengthening the anglec of rotation, can greatly improve Brute Force difficulty.

The present embodiment scheme is simple mutual by adding, the position circular frame of picture mosaic is needed by picture mosaic identifying code to identify, antagonism edge similar degree coupling, the direction of rotation that dynamic regulation and control are simultaneously circular and angle, make the discrimination of current automaton to a picture mosaic picture reduce more than at least one the order of magnitude, effectively can resist and crack.

Be appreciated that described identifying code server can integrate described authentication server, described identifying code server and described authentication server also can integrate described service server.

Further, see Fig. 3-e, in framework shown in Fig. 3-e, identifying code server has integrated described authentication server.Also carry out adding regular master control server and material storage server in framework shown in Fig. 3-e.Wherein, regular master control server can be used for configuring picture mosaic rule (such as by clockwise/counterclockwise, each number of degrees etc. rotated), and picture mosaic rule can be supplied to identifying code server by regular master control server carries out pulling use.Material storage server generates the data such as desired position, direction and angle for preserving picture mosaic identifying code, and is supplied to identifying code server and pulls use.Certainly, regular master control server and/or material storage server also can integrate authentication server or identifying code server.

Optionally, in possible execution modes more of the present invention, if described client is marked as doubtful malicious client, described m be greater than or equal to 20,30,53,87,100,200 or 500 or be greater than 4 other values.If described client is labeled in order to doubtful malicious client, described N2 is more than or equal to Second Threshold (Second Threshold such as can equal 0.8,0.9,0.95 or 1) divided by the value that described N1-1 obtains.If described client is labeled in order to doubtful malicious client, described N2 can be greater than 5,6,8,10,15 or be greater than 1 other values.Such as, service server or authentication server can send frequent degree or other performance characteristics of checking request according to a certain client, whether what setting judgment condition judged the client sending checking request message is likely malicious client, and specific strategy embodiment of the present invention client being marked as doubtful malicious client does not limit.Such as when finding that the client of a certain IP address repeatedly sends checking request message in same login page within several seconds or several minutes, can assert that this client has larger probability to be malicious client, doubtful malicious client can be labeled as, follow-up transmission is cracked the higher identifying code of difficulty (sub-pictures quantity is more to this client, sub-pictures symmetry axis is more, crack difficulty also higher), strengthen the interference effect to malicious client.If service server or authentication server judge that the larger possibility of certain client is normal client, follow-up transmission cracks the lower identifying code of difficulty, to reduce interpreting blueprints difficulty and the comfort level of user.

Can find out, in the scheme that the present embodiment provides, after client sends checking request message to service server, receive the first checking interaction message from described service server, first checking interaction message comprises N1 the sub-pictures obtained by cutting checking picture, and wherein, a described N1 sub-pictures comprises negative film and N1-1 option picture, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, described m be greater than 4 integer; Client sends the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains to service server, service server or authentication server are by comparing to determine the result by described splicing picture and described checking picture.Shape due to the N2 option picture in N1-1 option picture has the m bar symmetry axis being at least greater than 4, and research find sub-pictures symmetry axis more at most malicious client to carry out the number of times of sub-pictures rotary test more, along with option picture number increases, the symmetry axis increasing number of option picture, needed for Malicious clients port Brute Force, testing time also will become the growth close to geometric progression, this just adds Brute Force difficulty to a certain extent, and visible such scheme is conducive to the ability improving preventing malice client Brute Force aspect in proof procedure.

See the configuration diagram of a kind of communication system that Fig. 4-a, Fig. 4-a provides for the embodiment of the present invention.

See the schematic flow sheet of the another kind checking exchange method that Fig. 4-b, Fig. 4-b provides for an alternative embodiment of the invention.The exchange method of checking shown in Fig. 4-b can be implemented based on the communication system of the communication system of framework shown in Fig. 4-a or distortion framework.

As shown in Fig. 4-b, the another kind checking exchange method that an alternative embodiment of the invention provides can comprise:

401, client sends business request information to service server.

402, service server receives the account login request message from client, and described service server obtains N1 sub-pictures from testing yard server.

Wherein, a described N1 sub-pictures is obtained by cutting checking picture by authentication server, a described N1 sub-pictures comprises negative film and N1-1 option picture, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, described N1 and described N2 is positive integer and described N1 is greater than 1, described m be greater than 4 integer.

Optionally, in some possible execution modes of the present invention, the shape of the 3rd option picture in described N2 option picture is irregular figure.Although the shape of the 3rd option picture is irregular figure, the 3rd option picture in shape symmetry axis still more than 4 articles.Such as, the 3rd option picture can be any one sub-pictures in N2 option picture.Such as, the shape of the some or all of sub-pictures in described N2 option picture can be the irregular figure of symmetry axis more than 4.

403, service server sends the first checking interaction message comprising a described N1 sub-pictures to described client.

404, described client receives the first checking interaction message from described service server.Described client sends the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains to described service server.

405, service server sends described second to authentication server and verifies the described splicing picture that interaction message comprises.

406, described authentication server is by comparing to determine the result by described splicing picture and described checking picture, and wherein, described authentication server can send to described service server and carry the notification message being used in reference to the indication information that the result is shown.

If 407 described the results are for being proved to be successful, service server performs the business corresponding to described business request information.In addition, if described the result is authentication failed, service server can send authentication failed message to described client.

See the configuration diagram of a kind of communication system that Fig. 5-a, Fig. 5-a provides for the embodiment of the present invention.

See the schematic flow sheet of the another kind checking exchange method that Fig. 5-b, Fig. 5-b provides for an alternative embodiment of the invention.The exchange method of checking shown in Fig. 5-b can be implemented based on the communication system of the communication system of framework shown in Fig. 5-a or distortion framework.

As shown in Fig. 5-b, the another kind checking exchange method that an alternative embodiment of the invention provides specifically can comprise:

501, client sends business request information to service server.

502, service server receives the account login request message from client, and described service server cutting checking picture obtains N1 sub-pictures.

Wherein, a described N1 sub-pictures comprises negative film and N1-1 option picture, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, and described N1 and described N2 is positive integer and described N1 is greater than 1, described m be greater than 4 integer.

503, service server sends the first checking interaction message comprising a described N1 sub-pictures to described client.

504, described client receives the first checking interaction message from described service server.Described client sends the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains to described service server.

505, service server is by comparing to determine the result by described splicing picture and described checking picture.

Wherein, described splicing picture and described checking picture can be compared by described service server; If the similarity that comparison goes out described splicing picture and described checking picture is more than or equal to first threshold (first threshold such as can be 90%, 95%, 98%, 99% or 100% other values that maybe can satisfy the demands), then determine that the result is for being proved to be successful; If the similarity that comparison goes out described splicing picture and described checking picture is less than described first threshold, then determine that the result is authentication failed.

If 506 described the results are for being proved to be successful, service server performs the business corresponding to described business request information.In addition, if described the result is authentication failed, service server can send authentication failed message to described client.

Optionally, in possible execution modes more of the present invention, if described client is marked as doubtful malicious client, described m be greater than or equal to 20,30,53,87,100,200 or 500 or be greater than 4 other values.If described client is labeled in order to doubtful malicious client, described N2 is more than or equal to Second Threshold (Second Threshold such as can equal 0.8,0.9,0.95 or 1) divided by the value that described N1-1 obtains.If described client is labeled in order to doubtful malicious client, described N2 can be greater than 5,6,8,10,15 or be greater than 1 other values.Such as, service server can send frequent degree or other performance characteristics of checking request according to a certain client, whether what setting judgment condition judged the client sending checking request message is likely malicious client, and specific strategy embodiment of the present invention client being marked as doubtful malicious client does not limit.Such as when finding that the client of a certain IP address repeatedly sends checking request message in same login page within several seconds or several minutes, can assert that this client has larger probability to be malicious client, doubtful malicious client can be labeled as, follow-up transmission is cracked the higher identifying code of difficulty (sub-pictures quantity is more to this client, sub-pictures symmetry axis is more, crack difficulty also higher), strengthen the interference effect to malicious client.If the larger possibility of service server judging client is normal client, follow-up transmission cracks the lower identifying code of difficulty, to reduce interpreting blueprints difficulty and the comfort level of user.

Can find out, in the scheme that the present embodiment provides, after client sends checking request message to service server, receive the first checking interaction message from described service server, first checking interaction message comprises N1 the sub-pictures obtained by cutting checking picture, and a described N1 sub-pictures comprises negative film and N1-1 option picture, wherein, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, described m be greater than 4 integer; Client sends the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains to service server, service server or authentication server are by comparing to determine the result by described splicing picture and described checking picture.Shape due to the N2 option picture in N1-1 option picture has the m bar symmetry axis being at least greater than 4, and research find sub-pictures symmetry axis more at most malicious client to carry out the number of times of sub-pictures rotary test more, along with option picture number increases, the symmetry axis increasing number of option picture, needed for Malicious clients port Brute Force, testing time also will become the growth close to geometric progression, this just adds Brute Force difficulty to a certain extent, and visible such scheme is conducive to the ability improving preventing malice client Brute Force aspect in proof procedure.

See the schematic flow sheet of the another kind checking exchange method that Fig. 6, Fig. 6 provide for an alternative embodiment of the invention.The exchange method of checking shown in Fig. 6 can be implemented based on the communication system of the communication system of framework shown in Fig. 4-a or distortion framework.

As shown in Figure 6, the another kind checking exchange method that an alternative embodiment of the invention provides specifically can comprise:

601, client sends business request information to service server.

602, service server receives the account login request message from client, and described service server cutting checking picture obtains N1 sub-pictures.

603, service server sends the first checking interaction message comprising a described N1 sub-pictures to described client.

604, described client receives the first checking interaction message from described service server.Described client sends the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains to described service server.

605, service server sends described second to authentication server and verifies the described splicing picture that interaction message comprises.

606, described authentication server is by comparing to determine the result by described splicing picture and described checking picture, and wherein, described authentication server can send to described service server and carry the notification message being used in reference to the indication information that the result is shown.

If 607 described the results are for being proved to be successful, service server performs the business corresponding to described business request information.In addition, if described the result is authentication failed, service server can send authentication failed message to described client.

See the configuration diagram of a kind of communication system that Fig. 7-a, Fig. 7-a provides for the embodiment of the present invention.

See the schematic flow sheet of the another kind checking exchange method that Fig. 7-b, Fig. 7-b provides for an alternative embodiment of the invention.The exchange method of checking shown in Fig. 7-b can be implemented based on the communication system of the communication system of framework shown in Fig. 7-a or distortion framework.

As shown in Fig. 7-b, the another kind checking exchange method that an alternative embodiment of the invention provides specifically can comprise:

701, client sends business request information to service server.

702, service server receives the account login request message from client, and described service server obtains N1 sub-pictures from identifying code server.。

Wherein, by the cutting of identifying code server, a described N1 sub-pictures verifies that picture obtains.A described N1 sub-pictures comprises negative film and N1-1 option picture, and the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, and described N1 and described N2 is positive integer and described N1 is greater than 1, described m be greater than 4 integer.

703, service server sends the first checking interaction message comprising a described N1 sub-pictures to described client.

704, described client receives the first checking interaction message from described service server.Described client sends the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains to described service server.

705, service server is by comparing to determine the result by described splicing picture and described checking picture.

If 706 described the results are for being proved to be successful, service server performs the business corresponding to described business request information.In addition, if described the result is authentication failed, service server can send authentication failed message to described client.

Can find out, in the scheme that the present embodiment provides, after client sends checking request message to service server, receive the first checking interaction message from described service server, first checking interaction message comprises N1 the sub-pictures obtained by cutting checking picture, a described N1 sub-pictures comprises negative film and N1-1 option picture, and the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, described m be greater than 4 integer; Client sends the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains to service server, service server or authentication server are by comparing to determine the result by described splicing picture and described checking picture.Shape due to the N2 option picture in N1-1 option picture has the m bar symmetry axis being at least greater than 4, and research find sub-pictures symmetry axis more at most malicious client to carry out the number of times of sub-pictures rotary test more, along with option picture number increases, the symmetry axis increasing number of option picture, needed for Malicious clients port Brute Force, testing time also will become the growth close to geometric progression, this just adds Brute Force difficulty to a certain extent, and visible such scheme is conducive to the ability improving preventing malice client Brute Force aspect in proof procedure.

Also be provided for the relevant apparatus implementing such scheme below.

See Fig. 8, the embodiment of the present invention provides a kind of checking interactive device 800, can comprise:

Receiving element 810, authentication unit 830 and transmitting element 820.

Receiving element 810, for receiving the checking request message from client.

Transmitting element 820, for sending the first checking interaction message comprising N1 sub-pictures to described client.

Wherein, a described N1 sub-pictures is obtained by cutting checking picture, a described N1 sub-pictures comprises negative film and N1-1 option picture, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, described N1 and described N2 is positive integer and described N1 is greater than 1, described m be greater than 4 integer.Wherein, described N2 is less than or equal to described N1-1.

Authentication unit 830, if for receiving the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains from described client, by comparing to determine the result by described splicing picture and described checking picture.

Wherein, the checking interactive device 800 in the present embodiment is for server or be deployed in server, the server that this server can be server in station, game server, application shop server etc. can provide service to client.Certainly, server also can be the authentication server for verifying.

Optionally, authentication unit 830 specifically for, if interaction message verified by second of the splicing picture that a splicing described N1 sub-pictures obtains that comprises received from described client, described splicing picture and described checking picture are compared; If the similarity that comparison goes out described splicing picture and described checking picture is more than or equal to first threshold, then determine that the result is for being proved to be successful; If the similarity that comparison goes out described splicing picture and described checking picture is less than described first threshold, then determine that the result is authentication failed.

Optionally, in possible execution modes more of the present invention, if described client is marked as doubtful malicious client, described m be greater than or equal to 20,30,53,87,100,200 or 500 or be greater than 4 other values.If described client is labeled in order to doubtful malicious client, described N2 is more than or equal to Second Threshold (Second Threshold such as can equal 0.8,0.9,0.95 or 1) divided by the value that described N1-1 obtains.If described client is labeled in order to doubtful malicious client, described N2 can be greater than 5,6,8,10,15 or be greater than 1 other values.Such as, checking interactive device 800 can send frequent degree or other performance characteristics of checking request according to a certain client, whether what setting judgment condition judged the client sending checking request message is likely malicious client, and specific strategy embodiment of the present invention client being marked as doubtful malicious client does not limit.Such as when finding that the client of a certain IP address repeatedly sends checking request message in same login page within several seconds or several minutes, can assert that this client has larger probability to be malicious client, doubtful malicious client can be labeled as, follow-up transmission is cracked the higher identifying code of difficulty (sub-pictures quantity is more to this client, sub-pictures symmetry axis is more, crack difficulty higher), strengthen the interference effect to malicious client.If checking interactive device 800 judges that the larger possibility of certain client is normal client, follow-up transmission cracks the lower identifying code of difficulty, to reduce interpreting blueprints difficulty and the comfort level of user.

Some possibility schemes of the present embodiment are simple mutual by adding, the position circular frame of picture mosaic is needed by picture mosaic identifying code to identify, antagonism edge similar degree coupling, simultaneously, direction of rotation and the angle of circular sub-pictures can be regulated and controled dynamically, make the discrimination of current automaton to a picture mosaic picture reduce more than at least one the order of magnitude, effectively can resist and crack.

Be understandable that, the function of each functional module of the checking interactive device 800 of the present embodiment can according to the method specific implementation in said method embodiment, and its specific implementation process with reference to the associated description of said method embodiment, can repeat no more herein.Wherein, checking interactive device 800 can be server, or is deployed among server.

Can find out, in the scheme of the present embodiment, after checking interactive device 800 receives the checking request message from client, the the first checking interaction message comprising N1 sub-pictures is sent to client, a described N1 sub-pictures is obtained by cutting checking picture, a described N1 sub-pictures comprises negative film and N1-1 option picture, wherein, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, described N1 and N2 is positive integer and described N1 is greater than 1, wherein, described m be greater than 4 integer.Shape due to the N2 option picture in N1-1 option picture has the m bar symmetry axis being at least greater than 4, and research find sub-pictures symmetry axis more at most malicious client to carry out the number of times of sub-pictures rotary test more, and increase along with option picture number, the symmetry axis increasing number of option picture, needed for Malicious clients port Brute Force, testing time also will become the growth close to geometric progression, this just adds Brute Force difficulty to a certain extent, and visible such scheme is conducive to the ability improving preventing malice client Brute Force aspect in proof procedure.

See the schematic diagram of the server 900 that Fig. 9, Fig. 9 provide for the embodiment of the present invention, at least one memory 903 that server 900 can comprise at least one bus 901, at least one processor 902 be connected with bus 901 and be connected with bus 901.

Wherein, processor 902, by bus 901, calls the code of storage in memory 903 for the checking request message received from client; The the first checking interaction message comprising N1 sub-pictures is sent to described client, a described N1 sub-pictures is obtained by cutting checking picture, a described N1 sub-pictures comprises negative film and N1-1 option picture, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, described N1 and described N2 is positive integer and described N1 is greater than 1, described m be greater than 4 integer; If receive the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains from described client, by described splicing picture and described checking picture being compared to determine the result.

Wherein, described N2 is less than or equal to described N1-1.

Such as, checking picture can be cut into N1 sub-pictures by described processor 902.Or described server can indicate identifying code server that checking picture is cut into N1 sub-pictures, and obtain by cutting N1 the sub-pictures that described checking picture obtains from described identifying code server.

Wherein, the server that the server 900 in the present embodiment can be server in station, game server, application shop server etc. can provide service to client.

Be understandable that, the function of each functional module of the server 900 of the present embodiment can according to the method specific implementation in said method embodiment, and its specific implementation process with reference to the associated description of said method embodiment, can repeat no more herein.

Wherein, the server that the server 900 in the present embodiment can be server in station, game server, application shop server etc. can provide service to client, certainly, server also can be the authentication server for verifying.

Can find out, in the scheme that the present embodiment provides, after server 900 receives the checking request message from client, the the first checking interaction message comprising N1 sub-pictures is sent to client, a described N1 sub-pictures is obtained by cutting checking picture, wherein, a described N1 sub-pictures comprises negative film and N1-1 option picture, wherein, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, described N1 and N2 is positive integer and described N1 is greater than 1, wherein, described m be greater than 4 integer.Wherein, shape due to the N2 option picture in N1-1 option picture has the m bar symmetry axis being at least greater than 4, and research find sub-pictures symmetry axis more at most malicious client to carry out the number of times of sub-pictures rotary test more, and increase along with option picture number, the symmetry axis increasing number of option picture, needed for Malicious clients port Brute Force, testing time also will become the growth close to geometric progression, this just adds Brute Force difficulty to a certain extent, visible such scheme is conducive to the ability improving preventing malice client Brute Force aspect in proof procedure.

See the structured flowchart that Figure 10, Figure 10 are the servers 1000 that another embodiment of the present invention provides.Server 1000 can comprise: at least 1 processor 1001, at least 1 network interface 1004, memory 1005, at least 1 communication bus 1002.Communication bus 1002 is for realizing the connection communication between these assemblies.Wherein this server 1000 optionally comprises user interface 1003, comprise display (such as touch-screen, liquid crystal display, holographic imaging (English: Holographic) or projection (English: Projector) etc.), pointing device (such as mouse, trace ball (English: trackball) touch-sensitive plate or touch-screen etc.), camera and/or sound pick up equipment etc.

Wherein, memory 1005 can comprise read-only memory and random access memory, and provides instruction and data to processor 1001.Wherein, the part in memory 1005 can also comprise nonvolatile RAM.

In some embodiments, memory 1005 stores following element, executable module or data structure, or their subset, or their superset:

Operating system 10051, comprises various system program, for realizing various basic business and processing hardware based task.

Application program module 10052, comprises various application program, for realizing various applied business.

Receiving element 810, authentication unit 830 and transmitting element 820 etc. are included but not limited in application program module 10052.

In embodiments of the present invention, by calling program or the instruction of memory 1005 storage, processor 1001 receives the checking request message from client; The the first checking interaction message comprising N1 sub-pictures is sent to described client, a described N1 sub-pictures is obtained by cutting checking picture, a described N1 sub-pictures comprises negative film and N1-1 option picture, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, described N1 and described N2 is positive integer and described N1 is greater than 1, described m be greater than 4 integer; If receive the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains from described client, by described splicing picture and described checking picture being compared to determine the result.

Wherein, described N2 is less than or equal to described N1-1.

Such as, checking picture can be cut into N1 sub-pictures by described processor 1001.Or described server can indicate identifying code server that checking picture is cut into N1 sub-pictures, and obtain by cutting N1 the sub-pictures that described checking picture obtains from described identifying code server.

Wherein, the server that the server 1000 in the present embodiment can be server in station, game server, application shop server etc. can provide service to client.

Be understandable that, the function of each functional module of the server 1000 of the present embodiment can according to the method specific implementation in said method embodiment, and its specific implementation process with reference to the associated description of said method embodiment, can repeat no more herein.

Wherein, the server that the server 1000 in the present embodiment can be server in station, game server, application shop server etc. can provide service to client, certainly, server server 1000 also can be the authentication server for verifying.

Can find out, in the scheme that the present embodiment provides, after server 1000 receives the checking request message from client, the the first checking interaction message comprising N1 sub-pictures is sent to client, a described N1 sub-pictures is obtained by cutting checking picture, wherein, a described N1 sub-pictures comprises negative film and N1-1 option picture, wherein, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, described N1 and N2 is positive integer and described N1 is greater than 1, wherein, described m be greater than 4 integer.Wherein, shape due to the N2 option picture in N1-1 option picture has the m bar symmetry axis being at least greater than 4, and research find sub-pictures symmetry axis more at most malicious client to carry out the number of times of sub-pictures rotary test more, and increase along with option picture number, the symmetry axis increasing number of option picture, needed for Malicious clients port Brute Force, testing time also will become the growth close to geometric progression, this just adds Brute Force difficulty to a certain extent, visible such scheme is conducive to the ability improving preventing malice client Brute Force aspect in proof procedure.

See Figure 11, the embodiment of the present invention also provides a kind of checking interactive device 1100, can comprise:

Transmitting element 1110, receiving element 1120 and checking interactive unit 1130.

Transmitting element 1110, for sending checking request message to server.

Receiving element 1120, for receiving the first checking interaction message from described server, described first checking interaction message comprises N1 the sub-pictures obtained by cutting checking picture, wherein, a described N1 sub-pictures comprises negative film and N1-1 option picture, wherein, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, wherein, described N1 and described N2 is positive integer and described N1 is greater than 1, described m be greater than 4 integer.

Checking interactive unit 1130, for sending the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains to described server.

Server can receive the checking request message from client.

Because N1-1 option picture is embedded in negative film, therefore, N1-1 option picture can be mounted in the cavity that negative film is formed due to cutting option picture by checking interactive device 1100, and then obtains splicing picture.

Wherein, the service server that the server in the present embodiment can be server in station, game server, application shop server etc. can provide service to client.

Optionally, the present invention some may in execution modes, the shape of the second option picture in described N2 option picture is positive k limit shape, described k be greater than 4 integer, such as described k equals 5,6,7,10 or 35,57,108,390,1500 or other values.Such as, the second option picture can be any one sub-pictures in N2 option picture.Such as, the shape of the some or all of sub-pictures in described N2 option picture can be positive k limit shape.

Be understandable that, the function of each functional module of the checking interactive device 1100 of the present embodiment can according to the method specific implementation in said method embodiment, and its specific implementation process with reference to the associated description of said method embodiment, can repeat no more herein.Wherein, checking interactive device 1100 can be client, or is deployed among client.

Can find out, after verifying in the technical scheme of the present embodiment that interactive device 1100 sends checking request message to server, receive the first checking interaction message from described server, first checking interaction message comprises N1 the sub-pictures obtained by cutting checking picture, N1 sub-pictures comprises negative film and N1-1 option picture, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, described m be greater than 4 integer; Checking interactive device 1100 sends the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains to server, so that server is by comparing to determine the result by described splicing picture and described checking picture.Shape due to the N2 option picture in N1-1 option picture has the m bar symmetry axis being at least greater than 4, and research find sub-pictures symmetry axis more at most malice checking interactive device 1100 to carry out the number of times of sub-pictures rotary test more, along with option picture number increases, the symmetry axis increasing number of option picture, testing time needed for malice checking interactive device 1100 mouthfuls of Brute Forces also will become the flood tide close to geometric progression to increase, this just adds Brute Force difficulty to a certain extent, visible such scheme is conducive to improving the ability of preventing malice checking interactive device 1100 Brute Force aspect in proof procedure.

See Figure 12, the schematic diagram of the client 1200 that Figure 12 provides for the embodiment of the present invention, at least one memory 1203 that client 1200 can comprise at least one bus 1201, at least one processor 1202 be connected with bus 1201 and be connected with bus 1201.

Wherein, processor 1202, by bus 1201, calls the code stored in memory 1203 and sends checking request message for server; Receive the first checking interaction message from described server, first checking interaction message comprises N1 the sub-pictures obtained by cutting checking picture, a described N1 sub-pictures comprises negative film and N1-1 option picture, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, wherein, described N1 and described N2 is positive integer and described N1 is greater than 1, described m be greater than 4 integer; The the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains is sent to described server.

Server can receive the checking request message from client.

Be understandable that, the function of each functional module of the client 1200 of the present embodiment can according to the method specific implementation in said method embodiment, and its specific implementation process with reference to the associated description of said method embodiment, can repeat no more herein.

Can find out, after the present embodiment client 1200 sends checking request message to server, receive the first checking interaction message from described server, first checking interaction message comprises N1 the sub-pictures obtained by cutting checking picture, N1 sub-pictures comprises negative film and N1-1 option picture, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, described m be greater than 4 integer; Client 1200 sends the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains to server, so that server is by comparing to determine the result by described splicing picture and described checking picture.Shape due to the N2 option picture in N1-1 option picture has the m bar symmetry axis being at least greater than 4, and research find sub-pictures symmetry axis more at most malicious client to carry out the number of times of sub-pictures rotary test more, along with option picture number increases, the symmetry axis increasing number of option picture, testing time needed for Malicious clients port Brute Force also will become the flood tide close to geometric progression to increase, this just adds Brute Force difficulty to a certain extent, visible such scheme is conducive to the ability improving preventing malice client Brute Force aspect in proof procedure.

See the structured flowchart that Figure 13, Figure 13 are the clients 1300 that another embodiment of the present invention provides.Client 1300 can comprise: at least 1 processor 1301, at least 1 network interface 1304, memory 1305, at least 1 communication bus 1302.Communication bus 1302 is for realizing the connection communication between these assemblies.Wherein this client 1300 optionally comprises user interface 1303, comprise display (such as touch-screen, liquid crystal display, holographic imaging (English: Holographic) or projection (English: Projector) etc.), pointing device (such as mouse, trace ball (English: trackball) touch-sensitive plate or touch-screen etc.), camera and/or sound pick up equipment etc.

Wherein, memory 1305 can comprise read-only memory and random access memory, and provides instruction and data to processor 1301.Wherein, the part in memory 1305 can also comprise nonvolatile RAM.

In some embodiments, memory 1305 stores following element, executable module or data structure, or their subset, or their superset:

Operating system 13051, comprises various system program, for realizing various basic business and processing hardware based task.

Application program module 13052, comprises various application program, for realizing various applied business.

Transmitting element 1110, receiving element 1120 and checking interactive unit 1130 etc. are included but not limited in application program module 13052.

In embodiments of the present invention, by calling program or the instruction of memory 1305 storage, processor 1301 sends checking request message to server; Receive the first checking interaction message from described server, first checking interaction message comprises N1 the sub-pictures obtained by cutting checking picture, a described N1 sub-pictures comprises negative film and N1-1 option picture, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, wherein, described N1 and described N2 is positive integer and described N1 is greater than 1, described m be greater than 4 integer; The the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains is sent to described server.

Server can receive the checking request message from client.

Be understandable that, the function of each functional module of the client 1300 of the present embodiment can according to the method specific implementation in said method embodiment, and its specific implementation process with reference to the associated description of said method embodiment, can repeat no more herein.

Can find out, after the present embodiment client 1300 sends checking request message to server, receive the first checking interaction message from described server, first checking interaction message comprises N1 the sub-pictures obtained by cutting checking picture, N1 sub-pictures comprises negative film and N1-1 option picture, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, described m be greater than 4 integer; Client 1300 sends the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains to server, so that server is by comparing to determine the result by described splicing picture and described checking picture.Shape due to the N2 option picture in N1-1 option picture has the m bar symmetry axis being at least greater than 4, and research find sub-pictures symmetry axis more at most malicious client to carry out the number of times of sub-pictures rotary test more, along with option picture number increases, the symmetry axis increasing number of option picture, testing time needed for Malicious clients port Brute Force also will become the flood tide close to geometric progression to increase, this just adds Brute Force difficulty to a certain extent, visible such scheme is conducive to the ability improving preventing malice client Brute Force aspect in proof procedure.

See Figure 14, the embodiment of the present invention also provides a kind of communication system, can comprise:

Client 1410 and server 1420.

Client 1410, for sending checking request message to server 1420.

Server 1420, for receiving the checking request message from client; The the first checking interaction message comprising N1 sub-pictures is sent to described client, wherein, a described N1 sub-pictures is obtained by cutting checking picture, a described N1 sub-pictures comprises negative film and N1-1 option picture, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, described N1 and described N2 is positive integer and described N1 is greater than 1, described m be greater than 4 integer; If receive the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains from described client, by described splicing picture and described checking picture being compared to determine the result.

Wherein, because N1-1 option picture is embedded in negative film, therefore, N1-1 option picture can be mounted in the cavity that negative film is formed due to cutting option picture by described client 1410, and then obtains splicing picture.

Wherein, the service server that the server 1420 in the present embodiment can be server in station, game server, application shop server etc. can provide service to client.Server 1420 also can be the authentication server for verifying.

Optionally, in possible execution modes more of the present invention, if described client 1410 is marked as doubtful malicious client, described m be greater than or equal to 20,30,53,87,100,200 or 500 or be greater than 4 other values.If described client 1410 is labeled in order to doubtful malicious client, described N2 is more than or equal to Second Threshold (wherein, Second Threshold such as can equal 0.8,0.9 or 0.95,1) divided by the value that described N1-1 obtains.If described client 1410 is labeled in order to doubtful malicious client, described N2 can be greater than 5,6 or 8,10,15 or be greater than 1 other values.Such as, server 1420 can send frequent degree or other performance characteristics of checking request according to a certain client 1410, whether what setting judgment condition judged the client 1410 sending checking request message is likely malicious client, and specific strategy embodiment of the present invention client 1410 being marked as doubtful malicious client does not limit.Such as when finding that the client of a certain IP address repeatedly sends checking request message in same login page within several seconds or several minutes, can assert that this client has larger probability to be malicious client, doubtful malicious client can be labeled as, follow-up transmission is cracked the higher identifying code of difficulty (sub-pictures quantity is more to this client, sub-pictures symmetry axis is more, crack difficulty also higher), strengthen the interference effect to malicious client.If server 1420 judges that the larger possibility of certain client is normal client, follow-up transmission cracks the lower identifying code of difficulty, to reduce interpreting blueprints difficulty and the comfort level of user.

Optionally, server 1420 also can send to described client 1410 further and carry the authentication response information being used in reference to the indication information that the result is shown, and then by the mode of display instruction, the result is notified described client 1410.Certainly, described server 1420 also can adopt and hiddenly show that the result is informed to described client 1410 by the mode of instruction.

Wherein, the server that the server 1420 in the present embodiment can be server in station, game server, application shop server etc. can provide service to client, certainly, server 1420 also can be the authentication server for verifying.

Can find out, after the present embodiment client 1410 sends checking request message to server 1420, receive the first checking interaction message from described server 1420, first checking interaction message comprises N1 the sub-pictures obtained by cutting checking picture, N1 sub-pictures comprises negative film and N1-1 option picture, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, described m be greater than 4 integer; Client 1410 sends the second checking interaction message comprising the splicing picture that the described N1 of a splicing sub-pictures obtains to server 1420, so that server 1420 is by comparing to determine the result by described splicing picture and described checking picture.Shape due to the N2 option picture in N1-1 option picture has the m bar symmetry axis being at least greater than 4, and research find sub-pictures symmetry axis more at most malicious client to carry out the number of times of sub-pictures rotary test more, along with option picture number increases, the symmetry axis increasing number of option picture, testing time needed for Malicious clients port Brute Force also will become the flood tide close to geometric progression to increase, this just adds Brute Force difficulty to a certain extent, visible such scheme is conducive to the ability improving preventing malice client Brute Force aspect in proof procedure.

The embodiment of the present invention also provides a kind of computer-readable storage medium, and wherein, this computer-readable storage medium can have program stored therein, and comprises the part or all of step of any one checking exchange method recorded in said method embodiment when this program performs.

It should be noted that, for aforesaid each embodiment of the method, in order to simple description, therefore it is all expressed as a series of combination of actions, but those skilled in the art should know, the present invention is not by the restriction of described sequence of movement, because according to the present invention, some step can adopt other orders or carry out simultaneously.Secondly, those skilled in the art also should know, the embodiment described in specification all belongs to preferred embodiment, and involved action and module might not be that the present invention is necessary.

In the above-described embodiments, the description of each embodiment is all emphasized particularly on different fields, in certain embodiment, there is no the part described in detail, can see the associated description of other embodiments.

In several embodiments that the application provides, should be understood that, disclosed device, the mode by other realizes.Such as, device embodiment described above is only schematic, the such as division of described unit, be only a kind of logic function to divide, actual can have other dividing mode when realizing, such as multiple unit or assembly can in conjunction with or another system can be integrated into, or some features can be ignored, or do not perform.Another point, shown or discussed coupling each other or direct-coupling or communication connection can be by some interfaces, and the indirect coupling of device or unit or communication connection can be electrical or other form.

The described unit illustrated as separating component or can may not be and physically separates, and the parts as unit display can be or may not be physical location, namely can be positioned at a place, or also can be distributed in multiple network element.Some or all of unit wherein can be selected according to the actual needs to realize the object of the present embodiment scheme.

In addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, also can be that the independent physics of unit exists, also can two or more unit in a unit integrated.Above-mentioned integrated unit both can adopt the form of hardware to realize, and the form of SFU software functional unit also can be adopted to realize.

If described integrated unit using the form of SFU software functional unit realize and as independently production marketing or use time, can be stored in a computer read/write memory medium.Based on such understanding, the part that technical scheme of the present invention contributes to prior art in essence in other words or all or part of of this technical scheme can embody with the form of software product, this computer software product is stored in a storage medium, comprises all or part of step of some instructions in order to make a computer equipment (can be personal computer, server or the network equipment etc.) perform method described in each embodiment of the present invention.And aforesaid storage medium comprises: USB flash disk, read-only memory (ROM, Read-OnlyMemory), random access memory (RAM, RandomAccessMemory), portable hard drive, magnetic disc or CD etc. various can be program code stored medium.

The above, above embodiment only in order to technical scheme of the present invention to be described, is not intended to limit; Although with reference to previous embodiment to invention has been detailed description, those of ordinary skill in the art is to be understood that: it still can be modified to the technical scheme described in foregoing embodiments, or carries out equivalent replacement to wherein portion of techniques feature; And these amendments or replacement, do not make the essence of appropriate technical solution depart from the spirit and scope of various embodiments of the present invention technical scheme.

Claims

1. the method that checking is mutual, is characterized in that, comprising:

Receive the checking request message from client;

The the first checking interaction message comprising N1 sub-pictures is sent to described client;

2. method according to claim 1, is characterized in that, if described client is marked as doubtful malicious client, described m is more than or equal to 20, and/or the value that described N2 obtains divided by described N1-1 is more than or equal to Second Threshold, and/or described N2 is greater than 5.

3. method according to claim 1, is characterized in that, described by described splicing picture and described checking picture being compared to determine the result, comprising:

Described splicing picture and described checking picture are compared; If the similarity that comparison goes out described splicing picture and described checking picture is more than or equal to first threshold, then determine that the result is for being proved to be successful; If the similarity that comparison goes out described splicing picture and described checking picture is less than described first threshold, then determine that the result is authentication failed.

4. the method according to any one of claims 1 to 3, is characterized in that, the shape of the first option picture in described N2 option picture is circular; And/or the shape of the second option picture in described N2 option picture is positive k limit shape, described k be greater than 4 integer; And/or the shape of the 3rd option picture in described N2 option picture is irregular figure.

5. the method that checking is mutual, is characterized in that, comprising:

Checking request message is sent to server;

Receive the first checking interaction message from described server, wherein, described first checking interaction message comprises N1 the sub-pictures obtained by cutting checking picture, wherein, a described N1 sub-pictures comprises negative film and N1-1 option picture, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, and described N1 and described N2 is positive integer and described N1 is greater than 1, described m be greater than 4 integer;

6. method according to claim 5, is characterized in that,

The shape of the first option picture in described N2 option picture is circular; And/or the shape of the second option picture in described N2 option picture is positive k limit shape, described k be greater than 4 integer; And/or the shape of the 3rd option picture in described N2 option picture is irregular figure.

7. verify an interactive device, it is characterized in that, comprising:

Receiving element, for receiving the checking request message from client;

8. device according to claim 7, is characterized in that,

Described authentication unit specifically for, if interaction message verified by second of the splicing picture that a splicing described N1 sub-pictures obtains that comprises received from described client, described splicing picture and described checking picture are compared; If the similarity that comparison goes out described splicing picture and described checking picture is more than or equal to first threshold, then determine that the result is for being proved to be successful; If the similarity that comparison goes out described splicing picture and described checking picture is less than described first threshold, then determine that the result is authentication failed.

9. device according to claim 7, is characterized in that, if described client is marked as doubtful malicious client, described m is more than or equal to 20, and/or the value that described N2 obtains divided by described N1-1 is more than or equal to Second Threshold, and/or described N2 is greater than 5.

10. the device according to any one of claim 7 to 9, is characterized in that, the shape of the first option picture in described N2 option picture is circular; And/or the shape of the second option picture in described N2 option picture is positive k limit shape, described k be greater than 4 integer; And/or the shape of the 3rd option picture in described N2 option picture is irregular figure.

11. 1 kinds of checking interactive devices, is characterized in that, comprising:

Transmitting element, for sending checking request message to server;

Receiving element, for receiving the first checking interaction message from described server, wherein, described first checking interaction message comprises N1 the sub-pictures obtained by cutting checking picture, wherein, a described N1 sub-pictures comprises negative film and N1-1 option picture, wherein, the shape of N2 option picture in described N1-1 option picture has at least m bar symmetry axis, wherein, described N1 and described N2 is positive integer and described N1 is greater than 1, described m be greater than 4 integer;

12. devices according to claim 11, is characterized in that,

13. 1 kinds of communication systems, is characterized in that, comprising:

Client, for sending checking request message to server;

14. communication systems according to claim 13, is characterized in that,