CN106101058A - A kind of hot information processing method based on Quick Response Code - Google Patents

A kind of hot information processing method based on Quick Response Code Download PDF

Info

Publication number
CN106101058A
CN106101058A CN201610339017.9A CN201610339017A CN106101058A CN 106101058 A CN106101058 A CN 106101058A CN 201610339017 A CN201610339017 A CN 201610339017A CN 106101058 A CN106101058 A CN 106101058A
Authority
CN
China
Prior art keywords
focus
client
information
certificate server
authentication result
Prior art date
Application number
CN201610339017.9A
Other languages
Chinese (zh)
Inventor
郑建钦
Original Assignee
郑建钦
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 郑建钦 filed Critical 郑建钦
Priority to CN201610339017.9A priority Critical patent/CN106101058A/en
Publication of CN106101058A publication Critical patent/CN106101058A/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
    • H04L63/083Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using passwords
    • H04L63/0846Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using passwords using time-dependent-passwords, e.g. periodically changing passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1483Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity ; Protecting confidentiality; Key management; Integrity; Mobile application security; Using identity modules; Secure pairing of devices; Context aware security; Lawful interception
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity ; Protecting confidentiality; Key management; Integrity; Mobile application security; Using identity modules; Secure pairing of devices; Context aware security; Lawful interception
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • H04W76/18Management of setup rejection or failure

Abstract

The present invention discloses a kind of hot information processing method based on Quick Response Code, comprises the steps: that the deciphering of client scan Quick Response Code obtains ssid and the password of focus, and client forbids that other application programs communicate by being attached thereto wifi module;Client sets up connection by the wifi module being attached thereto to focus;Client sends and counts to focus at random;Focus uses the first encryption method to be verified information after random number is encrypted computing;The technical program passes through certificate server, it is possible to achieve the uniqueness certification of focus, it is to avoid the situation that AP is gone fishing occur.

Description

A kind of hot information processing method based on Quick Response Code

Technical field

The present invention relates to hot spot technology field, particularly relate to a kind of hot information processing method based on Quick Response Code.

Background technology

AP (wireless access points (WirelessAccessPoint)), i.e. wifi access point.Existing wifi is increasingly Popular, everybody all with, a device that can provide wifi signal is exactly focus, and everybody can search with mobile phone or notebook Being attached after seeking focus, the connection of existing focus is all attached according to ssid and password, as long as and general phase Near same ssid and the focus of password occur in, it is possible in connection, so facilitate everybody connection.Such as existing public transport The focus of car, user take bus or i.e. can connect around bus on bus focus.But have one to ask Topic, if illegal ssid becomes with cryptographic camouflage and bus wifi, such user just can connect this illegal heat Point, will result in focus and " goes fishing ", and the most illegal focus pretends to be legal focus.This focus is if having information interception merit Can, then user is during normal online, accidentally it is possible to cause the leakage of information, such as bank card information, thus can Serious safety issue can be caused.

Summary of the invention

For this reason, it may be necessary to provide a kind of hot information processing method based on Quick Response Code, solve spoofed the asking of existing focus Topic.

For achieving the above object, inventor provide a kind of hot information processing method based on Quick Response Code, be applied to visitor Between family end, focus and certificate server, focus has unique first encryption method, and certificate server has and the first encryption side The first decryption method that method is corresponding, comprises the steps:

Focus changes ssid and password at set intervals;

Quick Response Code is generated after focus encryption ssid and password;

Focus is two-dimensional code display information on the display being attached thereto;

The deciphering of client scan Quick Response Code obtains ssid and the password of focus;

Client forbids that other application programs communicate by being attached thereto wifi module;

Client, according to the ssid obtained and password, sets up connection by the wifi module being attached thereto to focus;

Client sends and counts to focus at random;

Focus uses the first encryption method to be verified information after random number is encrypted computing;

Focus replys checking information to client;

Client sends focus identification information, checking information and counts to certificate server at random;

Certificate server obtains first decryption method according to focus identification information;

After certificate server uses first decryption method to be decrypted checking information and compare with random number and obtain Authentication result;

Certificate server replys authentication result to client;

Client judges whether authentication result is passed through;

If passed through, then other application programs are allowed to communicate by being attached thereto wifi module;

If do not passed through, then disconnect the connection between focus.

Further, having unique second encryption method between certificate server, client has and the second encryption method The second corresponding decryption method, wherein:

When client sends authentication information to certificate server, client sends client identification information to authentication service Device;

After certificate server obtains authentication result, obtain the second encryption method according to client identification information, use second Authentication result and random number are encrypted by encryption method, and the authentication result after then certificate server replys encryption is to client End;

Client judges, when whether authentication result is passed through, to be decrypted authentication result initially with the second decryption method, Judge that random number is the most correct and whether authentication result is passed through;

If random number is correct and authentication result is passed through, then other application programs are allowed to enter by being attached thereto wifi module Row communication;

Otherwise, then the connection between focus is disconnected.

Further, client sends and the information of reception certificate server includes: client passes through mobile phone radio frequency module Send and receive certificate server information.

Further, before this method starts, further comprise the steps of:

Client judges around whether there is the focus that two or more ssid information is identical with mac information, if it has, then carry Show this focus.

Further, also comprise the steps: to detect focus signal intensity, after focus signal intensity is less than preset value, Disconnect the connection with focus and delete hot information.

Being different from prior art, technique scheme passes through certificate server, it is possible to achieve the uniqueness certification of focus, keeps away Exempt from that the situation that AP is gone fishing occurs.

Accompanying drawing explanation

Fig. 1 is the system architecture schematic diagram of the present invention.

Detailed description of the invention

By describing the technology contents of technical scheme, structural feature in detail, being realized purpose and effect, below in conjunction with concrete real Execute example to be explained in detail.

Refer to shown in Fig. 1, present embodiments provide a kind of hot information processing method based on Quick Response Code, can apply In the system 100 of Fig. 1, being applied between client, focus and certificate server, client can be mobile phone 101 or notes This client.Focus 102 has unique first encryption method, i.e. the most different from other focuses, can be by focus Identification information carries out uniqueness association.Certificate server 103 has the first decryption method corresponding with the first encryption method.

This method comprises the steps: that focus changes ssid and password at set intervals;Focus encryption ssid and password Rear generation Quick Response Code;Focus is two-dimensional code display information on the display being attached thereto.So ssid and password be just not easy by Artificially crack.

Client is encryption by ssid and the password, i.e. ssid and password of photographic head scanning Quick Response Code deciphering acquisition focus , decipherment algorithm is deposited on the client.This Quick Response Code can be pasted onto the doorway of the trade company having this focus, so wants The user's relative difficult forging illegal focus knows ssid and password, and user is without being manually entered these information, after convenience Face quickly connects.Client forbids that other application programs communicate by being attached thereto wifi module;Client is typically installed On an operating system, operating system having other application programs, operating system connects wifi module, and application program can lead to Cross wifi module to communicate with external program.Client forbids that other application programs have multiple realization by wifi module communication Mode, by intercepting the communication of other application programs and can fall data packet discarding, or arrange an invalid route, from And by all of application program all by this routing forwarding, the communication of these application programs i.e. can be forbidden.

Client, according to the ssid obtained and password, sets up connection by the wifi module being attached thereto to focus.

Client sends and counts to focus at random;Client can generate a random number, and having of this random number is many The mode of kind.Focus uses the first encryption method to be verified information after random number is encrypted computing;Checking information i.e. adds Random number after close.

Focus replys checking information to client;Client sends focus identification information, checking information and counts at random recognize Card server.Focus identification information can be mac address information or other information of focus, if other information, Ke Yi Focus is replied checking information and is sent focus identification information together to client to focus when of client.

Certificate server obtains first decryption method according to focus identification information;Certificate server uses first decryption method After checking information is decrypted and compare with random number and obtain authentication result;Certificate server replys authentication result to visitor Family end;Client judges whether authentication result is passed through.

If passed through, then other application programs are allowed to communicate by being attached thereto wifi module;If do not passed through, then Disconnect the connection between focus.So, random number owing to not knowing encryption method, then can not be added by the focus falsely used Close and obtain correct checking information, natural cannot certification on certificate server is passed through.Then client just can disconnect and emit The connection of focus, thus avoid the connection of illegal focus.

Focus in order to avoid falsely using directly transmits legal authentication result to client, in certain embodiments, and certification Having unique second encryption method between server, client has second decryption method corresponding with the second encryption method, its In: when client sends authentication information to certificate server, client sends client identification information to certificate server;Certification After server obtains authentication result, obtain the second encryption method according to client identification information, use the second encryption method to recognizing Card result and random number are encrypted, and the authentication result after then certificate server replys encryption is to client;Client judges When whether authentication result is passed through, initially with the second decryption method, authentication result is decrypted, it is judged that random number is the most correct Whether pass through with authentication result;If random number is correct and authentication result is passed through, then allow other application programs by connecting therewith Connect wifi module to communicate;Otherwise, then the connection between focus is disconnected.So, authentication result is also the data of encryption, as The focus falsely used of fruit at will sends other legal authentication results, then be not through the second encryption side due to this authentication result Method encryption, then cannot decipher and obtain correct random number and authentication result.Thus avoid the focus falsely used and arbitrarily send one Other legal authentication results individual are to client, and cause the problem that client connects.

Certainly, as long as client is not by being the wifi module acquisition that is authenticated result, it is possible to be greatly improved certification The correctness of result, as passed through mobile phone radio frequency module (2G, 3G, 4G communication module etc.), client sends and receives certification The information of server includes: client sends and receive certificate server information by mobile phone radio frequency module.So owing to falsely using Focus wifi pattern when carrying out, and mobile phone radio frequency module cannot be falsely used, then client gets from mobile phone radio frequency module Authentication result is legal authentication result.

Many times, the focus falsely used and legal focus are in a place, for this illegal in the case of, need and Time remind user.Then before this method starts, further comprise the steps of: client judges around whether there is two or more ssid (abbreviation of Service Set Identifier, service set) information and mac (Media Access Control, media Access and control, can be obtained by the beacon frame of scan hot spot) focus that information is identical, if it has, then point out this focus.Prompting Can carry out by dialog box or by the way of being highlighted, user one sees such situation, will be relative when of connection Vigilance.

In order to avoid connecting illegal focus elsewhere, present invention additionally comprises following steps: detect focus signal Intensity, after focus signal intensity is less than preset value, disconnects the connection with focus and deletes hot information.Delete hot information After, the equipment installing client just cannot connect this hot information automatically, thus ensures safety.

Although being described the various embodiments described above, but those skilled in the art once know basic wound The property made concept, then can make other change and amendment to these embodiments, so the foregoing is only embodiments of the invention, Not thereby the scope of patent protection of the present invention, every equivalent structure utilizing description of the invention and accompanying drawing content to be made are limited Or equivalence flow process conversion, or directly or indirectly it is used in other relevant technical fields, the most in like manner it is included in the patent of the present invention Within protection domain.

Claims (3)

1. a hot information processing method based on Quick Response Code, is applied between client, focus and certificate server, and focus is deposited Having unique first encryption method, certificate server has the first decryption method corresponding with the first encryption method, and its feature exists In, comprise the steps:
Focus changes ssid and password at set intervals;
Quick Response Code is generated after focus encryption ssid and password;
Focus is two-dimensional code display information on the display being attached thereto;
The deciphering of client scan Quick Response Code obtains ssid and the password of focus;
Client judges around whether there is the focus that two or more ssid information is identical with mac information, if it has, then prompting should Focus;
Client forbids that other application programs communicate by being attached thereto wifi module;
Client, according to the ssid obtained and password, sets up connection by the wifi module being attached thereto to focus;
Client sends and counts to focus at random;
Focus uses the first encryption method to be verified information after random number is encrypted computing;
Focus replys checking information to client;
Client sends focus identification information, checking information and counts to certificate server at random;
Certificate server obtains first decryption method according to focus identification information;
After certificate server uses first decryption method to be decrypted checking information and compare with random number and obtain certification Result;
Certificate server replys authentication result to client;
Client judges whether authentication result is passed through;
If passed through, then other application programs are allowed to communicate by being attached thereto wifi module;
If do not passed through, then disconnect the connection between focus.
A kind of hot information processing method based on Quick Response Code the most according to claim 1, it is characterised in that authentication service Having unique second encryption method between device, client has second decryption method corresponding with the second encryption method, wherein:
When client sends authentication information to certificate server, client sends client identification information to certificate server;
After certificate server obtains authentication result, obtain the second encryption method according to client identification information, use the second encryption Authentication result and random number are encrypted by method, and the authentication result after then certificate server replys encryption is to client;
Client judges, when whether authentication result is passed through, to be decrypted authentication result initially with the second decryption method, it is judged that Random number is the most correct and whether authentication result is passed through;
If random number is correct and authentication result is passed through, then other application programs are allowed to lead to by being attached thereto wifi module Letter;
Otherwise, then the connection between focus is disconnected.
A kind of hot information processing method based on Quick Response Code the most according to claim 2, it is characterised in that client is sent out Send and receive the information of certificate server and include: client sends and receive certificate server information by mobile phone radio frequency module.
CN201610339017.9A 2016-05-19 2016-05-19 A kind of hot information processing method based on Quick Response Code CN106101058A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610339017.9A CN106101058A (en) 2016-05-19 2016-05-19 A kind of hot information processing method based on Quick Response Code

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610339017.9A CN106101058A (en) 2016-05-19 2016-05-19 A kind of hot information processing method based on Quick Response Code

Publications (1)

Publication Number Publication Date
CN106101058A true CN106101058A (en) 2016-11-09

Family

ID=57229355

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610339017.9A CN106101058A (en) 2016-05-19 2016-05-19 A kind of hot information processing method based on Quick Response Code

Country Status (1)

Country Link
CN (1) CN106101058A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106973425A (en) * 2017-04-06 2017-07-21 上海掌门科技有限公司 A kind of method and apparatus for connecting WAP

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004034213A2 (en) * 2002-10-08 2004-04-22 Koolspan Localized network authentication and security using tamper-resistant keys
CN102547701A (en) * 2010-12-24 2012-07-04 中国移动通信集团公司 Authentication method and wireless access point as well as authentication server
CN102883315A (en) * 2012-08-28 2013-01-16 中兴通讯股份有限公司 Wireless fidelity (WiFi) authentication method and system, and terminal
CN103763631A (en) * 2014-01-07 2014-04-30 青岛海信信芯科技有限公司 Authentication method, server and television
CN104735052A (en) * 2015-01-28 2015-06-24 中山大学 WiFi hot spot safe login method and system
CN104883343A (en) * 2014-02-28 2015-09-02 致伸科技股份有限公司 Online sharing method, system and transaction machine thereof
CN105188055A (en) * 2015-08-14 2015-12-23 中国联合网络通信集团有限公司 Wireless network access method, wireless access point and server
CN105554760A (en) * 2016-01-29 2016-05-04 腾讯科技(深圳)有限公司 Wireless access point authentication method, device and system

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004034213A2 (en) * 2002-10-08 2004-04-22 Koolspan Localized network authentication and security using tamper-resistant keys
CN102547701A (en) * 2010-12-24 2012-07-04 中国移动通信集团公司 Authentication method and wireless access point as well as authentication server
CN102883315A (en) * 2012-08-28 2013-01-16 中兴通讯股份有限公司 Wireless fidelity (WiFi) authentication method and system, and terminal
CN103763631A (en) * 2014-01-07 2014-04-30 青岛海信信芯科技有限公司 Authentication method, server and television
CN104883343A (en) * 2014-02-28 2015-09-02 致伸科技股份有限公司 Online sharing method, system and transaction machine thereof
CN104735052A (en) * 2015-01-28 2015-06-24 中山大学 WiFi hot spot safe login method and system
CN105188055A (en) * 2015-08-14 2015-12-23 中国联合网络通信集团有限公司 Wireless network access method, wireless access point and server
CN105554760A (en) * 2016-01-29 2016-05-04 腾讯科技(深圳)有限公司 Wireless access point authentication method, device and system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106973425A (en) * 2017-04-06 2017-07-21 上海掌门科技有限公司 A kind of method and apparatus for connecting WAP
WO2018184410A1 (en) * 2017-04-06 2018-10-11 上海掌门科技有限公司 Method and apparatus for connecting to wireless access point

Similar Documents

Publication Publication Date Title
JP6262308B2 (en) System and method for performing link setup and authentication
EP3105904B1 (en) Assisted device provisioning in a network
US8763097B2 (en) System, design and process for strong authentication using bidirectional OTP and out-of-band multichannel authentication
US9143937B2 (en) Wireless communication using concurrent re-authentication and connection setup
JP6022596B2 (en) Method and device for authentication in an integrated wireless network
EP2633716B1 (en) Data processing for securing local resources in a mobile device
US8467532B2 (en) System and method for secure transaction of data between a wireless communication device and a server
CN102204305B (en) Home node-b apparatus and security protocols
US10587614B2 (en) Method and apparatus for facilitating frictionless two-factor authentication
US9742737B2 (en) Authenticated time-of-flight indoor positioning systems and methods
KR20140066230A (en) Systems and methods for encoding exchanges with a set of shared ephemeral key data
US10554420B2 (en) Wireless connections to a wireless access point
CN103427992B (en) The method and system of secure communication is set up between node in a network
US9306748B2 (en) Authentication method and apparatus in a communication system
CN104270250B (en) WiFi internets online connection authentication method based on asymmetric whole encryption
CN103597799B (en) service access authentication method and system
CN1874271B (en) Protection for wireless devices against false access-point attacks
US9948647B2 (en) Method and device for authenticating static user terminal
Hwang et al. A study on MITM (Man in the Middle) vulnerability in wireless network using 802.1 X and EAP
JP4777729B2 (en) Setting information distribution apparatus, method, program, and medium
TWI420921B (en) Fast authentication between heterogeneous wireless networks
US20140189811A1 (en) Security enclave device to extend a virtual secure processing environment to a client device
CN101163000B (en) Secondary authentication method and system
CA2956590C (en) Apparatus and method for sharing a hardware security module interface in a collaborative network
DE102015111526A1 (en) Establishing secure transmission for vehicle diagnostic data

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination