CN106453418A - Verification method and system - Google Patents
Verification method and system Download PDFInfo
- Publication number
- CN106453418A CN106453418A CN201611114228.9A CN201611114228A CN106453418A CN 106453418 A CN106453418 A CN 106453418A CN 201611114228 A CN201611114228 A CN 201611114228A CN 106453418 A CN106453418 A CN 106453418A
- Authority
- CN
- China
- Prior art keywords
- verification
- communication channel
- server
- client
- algorithm
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012795 verification Methods 0.000 title claims abstract description 572
- 238000000034 method Methods 0.000 title claims abstract description 48
- 238000004891 communication Methods 0.000 claims abstract description 244
- 238000012790 confirmation Methods 0.000 claims abstract description 32
- 230000006870 function Effects 0.000 claims description 110
- 238000004364 calculation method Methods 0.000 claims description 64
- 230000009191 jumping Effects 0.000 claims description 20
- 238000013519 translation Methods 0.000 claims description 18
- 125000004122 cyclic group Chemical group 0.000 claims description 14
- 238000010200 validation analysis Methods 0.000 claims description 10
- 230000003993 interaction Effects 0.000 abstract description 11
- 230000008569 process Effects 0.000 abstract description 8
- 238000012545 processing Methods 0.000 description 6
- 230000004044 response Effects 0.000 description 6
- 238000010586 diagram Methods 0.000 description 4
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/18—Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention provides a verification method and system. The method comprises the following steps: receiving a first obtaining request by a server through a first communication channel, sending first verification data on the basis of the first obtaining request; receiving a first verification result through a second communication channel, wherein the first verification result is obtained by using pre-constructed verification algorithm to calculate the first verification data; judging whether the first verification result is correct, if the first verification result is correct, sending first confirmation information through the second communication channel, wherein the first communication channel and the second communication channel are established according to different communication protocols; and the verification algorithm contains logic of operation, circulation, skip and address change. In this way, the complexity of the verification algorithm is improved, HACK does not find out a code of the corresponding algorithm from the network easily, the validity of the client can be verified more accurately, and in the verification process, the safety of the verification process is further improved by using two different communication channels to perform the data interaction.
Description
Technical Field
The invention belongs to the technical field of communication, and particularly relates to a verification method and a verification system.
Background
At present, for an application system with account login, a client generally registers first, and after the registration is finished, login verification is performed by using an account name and a password. The authentication process of the client and the server can be solved by adopting the method for the system which is not particularly important in general. For some systems of greater importance, the validity of a client is not guaranteed by merely using an account login system, so that an additional protocol is added between the client and the server to verify the validity of a client.
The method in the prior art is to use an asymmetric encryption algorithm between a client and a server to verify the legality of the client, but the existing asymmetric encryption algorithms are public and open-source, and the corresponding encryption algorithm is easily determined from the code characteristics, so that a HACK can find the code of the corresponding algorithm from a network, and can easily impersonate a false client to log in the server.
Disclosure of Invention
Aiming at the problems in the prior art, the embodiment of the invention provides a verification method and a verification system, which are used for solving the technical problem that a pseudo client is difficult to verify when the client is verified in the prior art.
The invention provides a verification method, which comprises the following steps:
the server receives a first acquisition request through a first communication channel and sends first verification data based on the first acquisition request;
receiving a first verification result through a second communication channel, the first verification result being calculated from the first verification data using a pre-configured verification algorithm;
judging whether the first verification result is correct or not, and if the first verification result is correct, sending first confirmation information through the second communication channel; wherein the first communication channel and the second communication channel are established according to different communication protocols; the verification algorithm comprises the logics of operation, circulation, jumping and address replacement.
In the foregoing solution, the determining whether the first verification result is correct includes:
reading a calculation result in the configuration file;
comparing the first verification result with the calculation result, and if the first verification result is consistent with the calculation result, determining that the first verification result is correct; and the calculation result is calculated by the verification algorithm according to preset verification data in advance.
In the above scheme, the pre-constructing of the verification algorithm includes:
constructing a verification algorithm function;
performing a logical operation in the verification algorithm function;
performing a cyclic logical operation in the verification algorithm function;
executing a jump logic operation in the verification algorithm function;
performing an address translation logic operation in the validation algorithm function.
In the above solution, the performing an address translation logical operation in the verification algorithm function includes:
calling an API function memcpy;
and executing the copy operation of the data of the verification algorithm function in the memory according to the API function memcpy.
The invention also provides a verification method, which comprises the following steps:
the client sends a first acquisition request through a first communication channel, so that the server can return first verification data based on the first acquisition request;
calculating the first verification data by using a pre-constructed verification algorithm, acquiring a first verification result, and sending the first verification result through a second communication channel, so that the server can judge whether the first verification result is correct;
if the first verification result is correct, first confirmation information is received through the second communication channel; wherein the first communication channel and the second communication channel are established according to different communication protocols; the verification algorithm comprises the logics of operation, circulation, jumping and address replacement.
In the above solution, the performing an address translation logical operation in the verification algorithm function includes:
calling an API function memcpy;
and executing the copy operation of the data of the verification algorithm function in the memory according to the API function memcpy.
The invention also provides a verification method, which comprises the following steps:
the client sends a first acquisition request to the server through a first communication channel;
the server sends first verification data to the client through the first communication channel based on the first acquisition request;
the client calculates the first verification data according to a pre-constructed verification algorithm to obtain a first verification result, and sends the first verification result to the server through a second communication channel;
the server judges whether the first verification result is correct or not, and if the first verification result is correct, first confirmation information is sent to the client through the second communication channel;
wherein the first communication channel and the second communication channel are established according to different communication protocols; the verification algorithm comprises the logics of operation, circulation, jumping and address replacement.
The present invention provides a server, comprising:
a first receiving unit, configured to receive a first acquisition request through a first communication channel, and receive a first verification result through a second communication channel, where the first verification result is obtained by calculating the first verification data using a pre-configured verification algorithm;
a first sending unit, configured to send first verification data based on the first acquisition request; and sending first acknowledgement information through the second communication channel;
the judging unit is used for judging whether the first verification result is correct or not; wherein the first communication channel and the second communication channel are established according to different communication protocols; the verification algorithm comprises the logics of operation, circulation, jumping and address replacement.
The present invention provides a client, comprising:
a second sending unit, configured to send the first acquisition request through a first communication channel, so that the server can return first verification data based on the first acquisition request; sending the first verification result through a second communication channel, so that the server can judge whether the first verification result is correct or not;
the calculation unit is used for calculating the first verification data by utilizing a pre-constructed verification algorithm to obtain a first verification result;
a second receiving unit, configured to receive first acknowledgement information through the second communication channel; wherein the first communication channel and the second communication channel are established according to different communication protocols.
The present invention provides a verification system, the system comprising:
the client is used for sending a first acquisition request to the server through a first communication channel;
a server for sending first authentication data to the client through the first communication channel based on the first acquisition request;
the client is used for calculating the first verification data according to a pre-constructed verification algorithm to obtain a first verification result and sending the first verification result to the server through a second communication channel;
the server is used for judging whether the first verification result is correct or not, and if the first verification result is correct, first confirmation information is sent to the client through the second communication channel;
wherein the first communication channel and the second communication channel are established according to different communication protocols; the verification algorithm comprises the logics of operation, circulation, jumping and address replacement.
The invention provides a verification method and a system, wherein the verification method comprises the following steps: the server receives a first acquisition request through a first communication channel and sends first verification data based on the first acquisition request; receiving a first verification result through a second communication channel, the first verification result being calculated from the first verification data using a pre-configured verification algorithm; judging whether the first verification result is correct or not, and if the first verification result is correct, sending first confirmation information through the second communication channel; wherein the first communication channel and the second communication channel are established according to different communication protocols; the verification algorithm comprises the logics of operation, circulation, jumping and address replacement; therefore, the verification algorithm comprises the logics of operation, circulation, skipping and address replacement, the complexity of the verification algorithm is improved, the HACK is not easy to find codes corresponding to the algorithm from a network, the legality of a client can be prevented from being verified more accurately, and in the verification process, two different communication channels are used for data interaction, so that the safety of the verification process is further improved.
Drawings
Fig. 1 is a schematic diagram of an overall structure of a verification system according to an embodiment of the present invention;
fig. 2 is a schematic diagram of data interaction between a client and a server according to an embodiment of the present invention;
FIG. 3 is a flowchart illustrating a verification method according to an embodiment of the present invention;
fig. 4 is a schematic flowchart of another verification method according to an embodiment of the present invention;
fig. 5 is a schematic overall structure diagram of an authentication server according to an embodiment of the present invention;
fig. 6 is a schematic overall structure diagram of the client according to the embodiment of the present invention.
Detailed Description
In order to improve the accuracy of verification when a client is verified, the invention provides a verification method and a system, wherein the verification method comprises the following steps: the server receives a first acquisition request through a first communication channel and sends first verification data based on the first acquisition request; receiving a first verification result through a second communication channel, the first verification result being calculated from the first verification data using a pre-configured verification algorithm; judging whether the first verification result is correct or not, and if the first verification result is correct, sending first confirmation information through the second communication channel; wherein the first communication channel and the second communication channel are established according to different communication protocols; the verification algorithm comprises the logics of operation, circulation, jumping and address replacement.
The technical solution of the present invention is further described in detail by the accompanying drawings and the specific embodiments.
Example one
Before describing the method embodiment of the present invention, the architecture of the verification system in the embodiment of the present invention is described, as shown in fig. 1, the system includes: a client 101 and a server 102. As shown in fig. 1, the server 102 may be in communication connection with N clients 101, where N is a natural number, where a communication mode between the client 101 and the server 102 may be wired communication or wireless communication, and the client 101 may specifically be a smart phone, a tablet computer, an intelligent wearable device, and the like, which is not limited in this application.
As shown in fig. 2, the data interaction process between the client 101 and the server 102 is as follows:
s1, the client sends the first get request to the server through the first communication channel.
In this step, when verifying the validity of the client, the client needs to send a first acquisition request to the server through a first communication channel to acquire verification data; the first communication channel may be a communication channel established based on an HTTP protocol, or based on a TCP protocol, or based on a UDT protocol, or other protocols that can perform communication between a client and a server, or the like.
S2, the server sends the first authentication data to the client through the first communication channel based on the first acquisition request.
After receiving a first acquisition request, the server sends first verification data to the client through the first communication channel based on the first acquisition request. The first verification data is carried in the reply information which replies to the client request, and the first verification data can be a character string, an icon and the like.
S3, the client calculates the first verification data according to the pre-constructed verification algorithm to obtain a first verification result, and sends the first verification result to the server through a second communication channel.
In this step, after receiving first verification data, the client creates a second communication channel with the server, calculates the first verification data according to a pre-constructed verification algorithm to obtain a first verification result, and then sends the first verification result to the server by using the second communication channel. Wherein the second communication channel may be a communication channel established based on an HTTP protocol, or based on a TCP protocol, or based on a UDT protocol, etc., and wherein the first communication channel and the second communication channel are established according to different communication protocols. The verification algorithm comprises the logics of operation, circulation, jumping and address replacement.
Here, the authentication algorithm is constructed in advance, including: constructing a verification algorithm function; the verification algorithm function is typically represented as a string; to increase the complexity of the verification algorithm, a logical operation may be performed in the verification algorithm function; performing a cyclic logical operation in the verification algorithm function; executing a jump logic operation in the verification algorithm function; performing an address translation logic operation in the validation algorithm function.
Specifically, when the logic operation is performed in the verification algorithm function, the logic operation may be an operation of adding, subtracting, multiplying, dividing, logically xoring, and the like to the data, and the operation may be unordered and non-logical, and any number of the added logic operations may be added, with the greater the number of the added logic operations, the greater the complexity.
When the cyclic logic operation is executed in the verification algorithm function, the method comprises the following steps: and determining a cycle count, and adding the corresponding cycle count in the verification algorithm function data structure so as to circularly execute the logic operation. In practical application, the loop count is added at multiple positions, so that the HACK is prevented from easily analyzing the verification algorithm, and the loop logic is always executed in corresponding logic operation until the loop count is completed.
In order to further improve the complexity of the verification algorithm, jump logic operation is executed in the verification algorithm function; because the verification algorithm is composed of loop statements and operation logics, the jump from one logic operation to another logic operation can be realized through jump statements, and then the jump is realized after the calculation is finished, so that the whole structure can jump from one place to another place from the view of the structure of the whole verification algorithm, and the complexity of code debugging and analysis is increased.
In addition, in order to avoid code logic tracking to an algorithm through read-write access, the present embodiment further performs an address translation logic operation in the verification algorithm function, including: calling an API function memcpy; and executing the copy operation of the data of the verification algorithm function in the memory according to the API function memcpy.
In practical application, a plurality of memory copy operations are used in the verification algorithm, and one piece of data is copied from one memory to another memory, and the memory address where the data is located changes once per copy. This can be cumbersome to track for HACK debugging.
And S4, the server judges whether the first verification result is correct, and if the first verification result is correct, the server sends first confirmation information to the client through the second communication channel.
In this step, after the server receives the first verification result through the second communication channel, the server determines whether the first verification result is correct, and if the first verification result is correct, sends first confirmation information to the client through the second communication channel.
The server judging whether the first verification result is correct or not comprises the following steps: reading a calculation result in the configuration file; comparing the first verification result with the calculation result, and if the first verification result is consistent with the calculation result, determining that the first verification result is correct; and the calculation result is calculated by the verification algorithm according to preset verification data in advance.
Here, in order to reduce the online processing pressure of the server, some check data are preset, then the calculation result is calculated through the verification algorithm and is placed in the configuration file, so that when data interaction is performed in real time, the server does not need to perform real-time calculation, and the calculation result can be directly read from the configuration file.
In order to further improve the security of the verification, when the server determines that the first verification result is correct, the server further performs a second verification, specifically:
when the client receives the first confirmation information, a second acquisition request is sent to the server through the first communication channel, and after the server receives the second acquisition request, second verification data is sent to the client through the first communication channel based on the second acquisition request. The second verification data is carried in the response information for replying the client request, the second verification data can be a character string, an icon and the like, and the second verification data comprises the first verification result.
And after receiving second verification data, the client establishes a second communication channel with the server, calculates the second verification data according to a pre-constructed verification algorithm to obtain a second verification result, and then sends the second verification result to the server by using the second communication channel. Wherein the operation logic of the verification algorithm used for the second time should be more complex than the operation logic of the verification algorithm used for the first time.
And after receiving a second verification result through a second communication channel, the server judges whether the second verification result is correct or not, and if the second verification result is correct, second confirmation information is sent to the client through the second communication channel to indicate that the client is a legal client.
Of course, if the security of the verification is further improved, the verification may be performed multiple times, and the number of times of verification may be determined in a specific case.
Further, if the first verification result is inconsistent with the calculation result, determining that the first verification result is wrong; the client is a fake client, the server will disconnect the client, and no subsequent authentication is needed.
Example two
The embodiment provides a verification method, which is applied to a server side, and referring to fig. 3, the method includes:
s301, the server receives a first acquisition request through a first communication channel, and sends first verification data based on the first acquisition request.
In this step, when verifying the validity of the client, the client needs to send a first acquisition request to the server through a first communication channel to acquire verification data; the first communication channel may be a communication channel established based on an HTTP protocol, or based on a TCP protocol, or based on a UDT protocol, or other protocols that can perform communication between a client and a server, or the like.
The server sends first verification data to the client based on a first acquisition request when receiving the first acquisition request through a first communication channel. The first verification data is carried in the reply information which replies to the client request, and the first verification data can be a character string, an icon and the like.
After receiving the first verification data, the client establishes a second communication channel with the server, calculates the first verification data according to a pre-constructed verification algorithm to obtain a first verification result, and then sends the first verification result to the server by using the second communication channel. Wherein the second communication channel may be a communication channel established based on an HTTP protocol, or based on a TCP protocol, or based on a UDT protocol, etc., and wherein the first communication channel and the second communication channel are established according to different communication protocols. The verification algorithm comprises the logics of operation, circulation, jumping and address replacement.
Here, the authentication algorithm is constructed in advance, including: constructing a verification algorithm function; the verification algorithm function is typically represented as a string; to increase the complexity of the verification algorithm, a logical operation may be performed in the verification algorithm function; performing a cyclic logical operation in the verification algorithm function; executing a jump logic operation in the verification algorithm function; performing an address translation logic operation in the validation algorithm function.
Specifically, when the logic operation is performed in the verification algorithm function, the logic operation may be an operation of adding, subtracting, multiplying, dividing, logically xoring, and the like to the data, and the operation may be unordered and non-logical, and any number of the added logic operations may be added, with the greater the number of the added logic operations, the greater the complexity.
When the cyclic logic operation is executed in the verification algorithm function, the method comprises the following steps: and determining a cycle count, and adding the corresponding cycle count in the verification algorithm function data structure so as to circularly execute the logic operation. In practical application, the loop count is added at multiple positions, so that the HACK is prevented from easily analyzing the verification algorithm, and the loop logic is always executed in corresponding logic operation until the loop count is completely counted.
In order to further improve the complexity of the verification algorithm, jump logic operation is executed in the verification algorithm function; because the verification algorithm is composed of loop statements and operation logics, the jump from one logic operation to another logic operation can be realized through jump statements, and then the jump is realized after the calculation is finished, so that the whole structure can jump from one place to another place from the view of the structure of the whole verification algorithm, and the complexity of code debugging and analysis is increased.
In addition, in order to avoid code logic tracking to an algorithm through read-write access, the present embodiment further performs an address translation logic operation in the verification algorithm function, including: calling an API function memcpy; and executing the copy operation of the data of the verification algorithm function in the memory according to the API function memcpy.
In practical application, a plurality of memory copy operations are used in the verification algorithm, and one piece of data is copied from one memory to another memory, and the memory address where the data is located changes once per copy. This can be cumbersome to track for HACK debugging.
S302, receiving a first verification result through a second communication channel, wherein the first verification result is obtained by calculating the first verification data by utilizing a pre-constructed verification algorithm.
In this step, after the client sends the first verification result through the second communication channel, the server receives the first verification result through the second communication channel, and the first verification result is obtained by calculating the first verification data by using a pre-configured verification algorithm.
And S303, judging whether the first verification result is correct or not, and if so, sending first confirmation information through the second communication channel.
In this step, after the server receives the first verification result through the second communication channel, the server determines whether the first verification result is correct, and if the first verification result is correct, sends first confirmation information to the client through the second communication channel.
The server judging whether the first verification result is correct or not comprises the following steps: reading a calculation result in the configuration file; comparing the first verification result with the calculation result, and if the first verification result is consistent with the calculation result, determining that the first verification result is correct; and the calculation result is calculated by the verification algorithm according to preset verification data in advance.
Here, in order to reduce the online processing pressure of the server, some check data are preset, then the calculation result is calculated through the verification algorithm and is placed in the configuration file, so that when data interaction is performed in real time, the server does not need to perform real-time calculation, and the calculation result can be directly read from the configuration file.
In order to further improve the security of the verification, when the server determines that the first verification result is correct, the server further performs a second verification, specifically:
when the client receives the first confirmation information, a second acquisition request is sent to the server through the first communication channel, and after the server receives the second acquisition request, second verification data is sent to the client through the first communication channel based on the second acquisition request. The second verification data is carried in the response information for replying the client request, the second verification data can be a character string, an icon and the like, and the second verification data comprises the first verification result.
And after receiving second verification data, the client establishes a second communication channel with the server, calculates the second verification data according to a pre-constructed verification algorithm to obtain a second verification result, and then sends the second verification result to the server by using the second communication channel. Wherein the operation logic of the verification algorithm used for the second time should be more complex than the operation logic of the verification algorithm used for the first time.
And after receiving a second verification result through a second communication channel, the server judges whether the second verification result is correct or not, and if the second verification result is correct, second confirmation information is sent to the client through the second communication channel to indicate that the client is a legal client.
Of course, if the security of the verification is further improved, the verification may be performed multiple times, and the number of times of verification may be determined in a specific case.
Further, if the first verification result is inconsistent with the calculation result, determining that the first verification result is wrong; the client is a fake client, the server will disconnect the client, and no subsequent authentication is needed.
EXAMPLE III
The present embodiment further provides a verification method applied to a client, as shown in fig. 4, where the method includes:
s401, the client sends a first acquisition request through a first communication channel, so that the server can return first verification data based on the first acquisition request.
In this step, when verifying the validity of the client, the client needs to send a first acquisition request to the server through a first communication channel to acquire verification data; the first communication channel may be a communication channel established based on an HTTP protocol, or based on a TCP protocol, or based on a UDT protocol, or other protocols that can perform communication between a client and a server, or the like.
After receiving a first acquisition request, the server sends first verification data to the client through the first communication channel based on the first acquisition request. The first verification data is carried in the reply information which replies to the client request, and the first verification data can be a character string, an icon and the like.
S402, calculating the first verification data by using a pre-constructed verification algorithm, obtaining a first verification result, and sending the first verification result through a second communication channel, so that the server can judge whether the first verification result is correct.
In this step, after receiving first verification data, the client creates a second communication channel with the server, calculates the first verification data according to a pre-constructed verification algorithm to obtain a first verification result, and then sends the first verification result to the server by using the second communication channel. Wherein the first authentication result is obtained by calculating the first authentication data by using a pre-constructed authentication algorithm, the second communication channel may be a communication channel established based on an HTTP protocol, or based on a TCP protocol, or based on a UDT protocol, and the like, and wherein the first communication channel and the second communication channel are established according to different communication protocols. The verification algorithm comprises the logics of operation, circulation, jumping and address replacement.
Here, the authentication algorithm is constructed in advance, including: constructing a verification algorithm function; the verification algorithm function is typically represented as a string; to increase the complexity of the verification algorithm, a logical operation may be performed in the verification algorithm function; performing a cyclic logical operation in the verification algorithm function; executing a jump logic operation in the verification algorithm function; performing an address translation logic operation in the validation algorithm function.
Specifically, when the logic operation is performed in the verification algorithm function, the logic operation may be an operation of adding, subtracting, multiplying, dividing, logically xoring, and the like to the data, and the operation may be unordered and non-logical, and any number of the added logic operations may be added, with the greater the number of the added logic operations, the greater the complexity.
When the cyclic logic operation is executed in the verification algorithm function, the method comprises the following steps: and determining a cycle count, and adding the corresponding cycle count in the verification algorithm function data structure so as to circularly execute the logic operation. In practical application, the loop count is added at multiple positions, so that the HACK is prevented from easily analyzing the verification algorithm, and the loop logic is always executed in corresponding logic operation until the loop count is completely counted.
In order to further improve the complexity of the verification algorithm, jump logic operation is executed in the verification algorithm function; because the verification algorithm is composed of loop statements and operation logics, the jump from one logic operation to another logic operation can be realized through jump statements, and then the jump is realized after the calculation is finished, so that the whole structure can jump from one place to another place from the view of the structure of the whole verification algorithm, and the complexity of code debugging and analysis is increased.
In addition, in order to avoid code logic tracking to an algorithm through read-write access, the present embodiment further performs an address translation logic operation in the verification algorithm function, including: calling an API function memcpy; and executing the copy operation of the data of the verification algorithm function in the memory according to the API function memcpy.
In practical application, a plurality of memory copy operations are used in the verification algorithm, and one piece of data is copied from one memory to another memory, and the memory address where the data is located changes once per copy. This can be cumbersome to track for HACK debugging.
The server judging whether the first verification result is correct or not comprises the following steps: reading a calculation result in the configuration file; comparing the first verification result with the calculation result, and if the first verification result is consistent with the calculation result, determining that the first verification result is correct; and the calculation result is calculated by the verification algorithm according to preset verification data in advance.
Here, in order to reduce the online processing pressure of the server, some check data are preset, then the calculation result is calculated through the verification algorithm and is placed in the configuration file, so that when data interaction is performed in real time, the server does not need to perform real-time calculation, and the calculation result can be directly read from the configuration file.
S403, if the first verification result is correct, receiving first confirmation information through the second communication channel.
In this step, if the first verification result is correct, first confirmation information is received through the second communication channel.
In addition, in order to further improve the security of the verification, when it is determined that the first verification result is correct, the server may further perform a second verification, specifically:
when the client receives the first confirmation information, a second acquisition request is sent to the server through the first communication channel, and after the server receives the second acquisition request, second verification data is sent to the client through the first communication channel based on the second acquisition request. The second verification data is carried in the response information for replying the client request, the second verification data can be a character string, an icon and the like, and the second verification data comprises the first verification result.
And after receiving second verification data, the client establishes a second communication channel with the server, calculates the second verification data according to a pre-constructed verification algorithm to obtain a second verification result, and then sends the second verification result to the server by using the second communication channel. Wherein the operation logic of the verification algorithm used for the second time should be more complex than the operation logic of the verification algorithm used for the first time.
And after receiving a second verification result through a second communication channel, the server judges whether the second verification result is correct or not, and if the second verification result is correct, second confirmation information is sent to the client through the second communication channel to indicate that the client is a legal client.
Of course, if the security of the verification is further improved, the verification may be performed multiple times, and the number of times of verification may be determined in a specific case.
Further, if the first verification result is inconsistent with the calculation result, determining that the first verification result is wrong; the client is a fake client, the server will disconnect the client, and no subsequent authentication is needed.
Example four
In a first embodiment, this embodiment provides a verification system, referring to fig. 1, the system includes: a client 101 and a server 102.
When verifying the validity of the client 101, the client 101 needs to send a first acquisition request to the server 102 through a first communication channel to acquire verification data; the first communication channel may be a communication channel established based on an HTTP protocol, or based on a TCP protocol, or based on a UDT protocol, or other protocols that can perform communication between the client 101 and the server 102.
When the server 102 receives a first acquisition request, first verification data is sent to the client 101 through the first communication channel based on the first acquisition request. First verification data is carried in the reply information requested by the reply client 101, and the first verification data may be a character string, an icon, or the like.
After receiving the first verification data, the client 101 creates a second communication channel with the server 102, calculates the first verification data according to a pre-constructed verification algorithm to obtain a first verification result, and then sends the first verification result to the server 102 by using the second communication channel. Wherein the first authentication result is obtained by calculating the first authentication data by using a pre-constructed authentication algorithm, the second communication channel may be a communication channel established based on an HTTP protocol, or based on a TCP protocol, or based on a UDT protocol, and the like, and wherein the first communication channel and the second communication channel are established according to different communication protocols. The verification algorithm comprises the logics of operation, circulation, jumping and address replacement.
Here, the authentication algorithm is constructed in advance, including: constructing a verification algorithm function; the verification algorithm function is typically represented as a string; to increase the complexity of the verification algorithm, a logical operation may be performed in the verification algorithm function; performing a cyclic logical operation in the verification algorithm function; executing a jump logic operation in the verification algorithm function; performing an address translation logic operation in the validation algorithm function.
Specifically, when the logic operation is performed in the verification algorithm function, the logic operation may be an operation of adding, subtracting, multiplying, dividing, logically xoring, and the like to the data, and the operation may be unordered and non-logical, and any number of the added logic operations may be added, with the greater the number of the added logic operations, the greater the complexity.
When the cyclic logic operation is executed in the verification algorithm function, the method comprises the following steps: and determining a cycle count, and adding the corresponding cycle count in the verification algorithm function data structure so as to circularly execute the logic operation. In practical application, the loop count is added at multiple positions, so that the HACK is prevented from easily analyzing the verification algorithm, and the loop logic is always executed in corresponding logic operation until the loop count is completely counted.
In order to further improve the complexity of the verification algorithm, jump logic operation is executed in the verification algorithm function; because the verification algorithm is composed of loop statements and operation logics, the jump from one logic operation to another logic operation can be realized through jump statements, and then the jump is realized after the calculation is finished, so that the whole structure can jump from one place to another place from the view of the structure of the whole verification algorithm, and the complexity of code debugging and analysis is increased.
In addition, in order to avoid code logic tracking to an algorithm through read-write access, the present embodiment further performs an address translation logic operation in the verification algorithm function, including: calling an API function memcpy; and executing the copy operation of the data of the verification algorithm function in the memory according to the API function memcpy.
In practical application, a plurality of memory copy operations are used in the verification algorithm, and one piece of data is copied from one memory to another memory, and the memory address where the data is located changes once per copy. This can be cumbersome to track for HACK debugging.
After receiving the first verification result through the second communication channel, the server 102 determines whether the first verification result is correct, and if the first verification result is correct, sends first confirmation information to the client 101 through the second communication channel.
The determining, by the server 102, whether the first verification result is correct includes: reading a calculation result in the configuration file; comparing the first verification result with the calculation result, and if the first verification result is consistent with the calculation result, determining that the first verification result is correct; and the calculation result is calculated by the verification algorithm according to preset verification data in advance.
Here, in order to reduce the online processing pressure of the server 102, some verification data is preset, and then the calculation result is calculated by the verification algorithm and is placed in the configuration file, so that when data interaction is performed in real time, the server 102 does not need to perform real-time calculation, and can directly read the calculation result from the configuration file.
In order to further improve the security of the verification, when determining that the first verification result is correct, the server 102 further performs a second verification, specifically:
when the client 101 receives the first confirmation information, a second acquisition request is sent to the server 102 through the first communication channel, and after receiving the second acquisition request, the server 102 sends second verification data to the client 101 through the first communication channel based on the second acquisition request. Second verification data is carried in the reply information that replies to the request of the client 101, where the second verification data may be a character string, an icon, or the like, and the second verification data includes the first verification result.
After receiving the second verification data, the client 101 creates a second communication channel with the server 102, calculates the second verification data according to a pre-configured verification algorithm to obtain a second verification result, and then sends the second verification result to the server 102 by using the second communication channel. Wherein the operation logic of the verification algorithm used for the second time should be more complex than the operation logic of the verification algorithm used for the first time.
After receiving the second verification result through the second communication channel, the server 102 determines whether the second verification result is correct, and if the second verification result is correct, sends second confirmation information to the client through the second communication channel, which indicates that the client 101 is a valid client.
Of course, if the security of the verification is further improved, the verification may be performed multiple times, and the number of times of verification may be determined in a specific case.
Further, if the first verification result is inconsistent with the calculation result, determining that the first verification result is wrong; it is said that the client 101 is a fake client and the server 102 will disconnect from the client 101 without subsequent authentication.
EXAMPLE five
Corresponding to the second embodiment, this embodiment further provides a server, referring to fig. 5, where the server includes: a first receiving unit 51, a first transmitting unit 52, and a judging unit 53; wherein,
when the validity of the client is verified, the client needs to send a first acquisition request to the server through a first communication channel to acquire verification data; the first communication channel may be a communication channel established based on an HTTP protocol, or based on a TCP protocol, or based on a UDT protocol, or other protocols that can perform communication between a client and a server, or the like.
After the first receiving unit 51 receives the first obtaining request through the first communication channel, the first sending unit 52 is configured to send first verification data to the client based on the first obtaining request. The first sending unit 52 carries first verification data in the response information responding to the client request, where the first verification data may be a character string, an icon, or the like.
After receiving the first verification data, the client establishes a second communication channel with the server, calculates the first verification data according to a pre-constructed verification algorithm to obtain a first verification result, and then sends the first verification result to the server by using the second communication channel. Wherein the first authentication result is obtained by calculating the first authentication data by using a pre-constructed authentication algorithm, the second communication channel may be a communication channel established based on an HTTP protocol, or based on a TCP protocol, or based on a UDT protocol, and the like, and wherein the first communication channel and the second communication channel are established according to different communication protocols. The verification algorithm comprises the logics of operation, circulation, jumping and address replacement.
Here, the authentication algorithm is constructed in advance, including: constructing a verification algorithm function; the verification algorithm function is typically represented as a string; to increase the complexity of the verification algorithm, a logical operation may be performed in the verification algorithm function; performing a cyclic logical operation in the verification algorithm function; executing a jump logic operation in the verification algorithm function; performing an address translation logic operation in the validation algorithm function.
Specifically, when the logic operation is performed in the verification algorithm function, the logic operation may be an operation of adding, subtracting, multiplying, dividing, logically xoring, and the like to the data, and the operation may be unordered and non-logical, and any number of the added logic operations may be added, with the greater the number of the added logic operations, the greater the complexity.
When the cyclic logic operation is executed in the verification algorithm function, the method comprises the following steps: and determining a cycle count, and adding the corresponding cycle count in the verification algorithm function data structure so as to circularly execute the logic operation. In practical application, the loop count is added at multiple positions, so that the HACK is prevented from easily analyzing the verification algorithm, and the loop logic is always executed in corresponding logic operation until the loop count is completely counted.
In order to further improve the complexity of the verification algorithm, jump logic operation is executed in the verification algorithm function; because the verification algorithm is composed of loop statements and operation logics, the jump from one logic operation to another logic operation can be realized through jump statements, and then the jump is realized after the calculation is finished, so that the whole structure can jump from one place to another place from the view of the structure of the whole verification algorithm, and the complexity of code debugging and analysis is increased.
In addition, in order to avoid code logic tracking to an algorithm through read-write access, the present embodiment further performs an address translation logic operation in the verification algorithm function, including: calling an API function memcpy; and executing the copy operation of the data of the verification algorithm function in the memory according to the API function memcpy.
In practical application, a plurality of memory copy operations are used in the verification algorithm, and one piece of data is copied from one memory to another memory, and the memory address where the data is located changes once per copy. This can be cumbersome to track for HACK debugging.
After the client sends the first verification result, the first receiving unit 51 is further configured to receive the first verification result through the second communication channel. The judging unit 53 is configured to judge whether the first verification result is correct; wherein the first communication channel and the second communication channel are established according to different communication protocols; the verification algorithm comprises the logics of operation, circulation, jumping and address replacement.
The judging unit 53 judges whether the first verification result is correct, including: reading a calculation result in the configuration file; comparing the first verification result with the calculation result, and if the first verification result is consistent with the calculation result, determining that the first verification result is correct; and the calculation result is calculated by the verification algorithm according to preset verification data in advance.
Here, in order to reduce the online processing pressure of the server, some check data are preset, then the calculation result is calculated through the verification algorithm and is placed in the configuration file, so that when data interaction is performed in real time, the server does not need to perform real-time calculation, and the calculation result can be directly read from the configuration file.
In order to further improve the security of the verification, when the server determines that the first verification result is correct, the server further performs a second verification, specifically:
when the client receives the first confirmation information, the first sending unit 52 sends a second obtaining request to the server through the first communication channel, and when the first receiving unit 51 receives the second obtaining request, the first sending unit 52 sends second verification data to the client through the first communication channel based on the second obtaining request. The second verification data is carried in the response information for replying the client request, the second verification data can be a character string, an icon and the like, and the second verification data comprises the first verification result.
And after the client receives second verification data, a second communication channel between the client and the server is established, the second verification data is calculated according to a pre-constructed verification algorithm to obtain a second verification result, and the client sends the second verification result to the server by using the second communication channel. Wherein the operation logic of the verification algorithm used for the second time should be more complex than the operation logic of the verification algorithm used for the first time.
When the first receiving unit 52 receives the second verification result through the second communication channel, the determining unit 53 determines whether the second verification result is correct, and if the second verification result is correct, sends second confirmation information to the client through the second communication channel, which indicates that the client is a valid client.
Of course, if the security of the verification is further improved, the verification may be performed multiple times, and the number of times of verification may be determined in a specific case.
Further, if the first verification result is inconsistent with the calculation result, determining that the first verification result is wrong; the client is a fake client, the server will disconnect the client, and no subsequent authentication is needed.
EXAMPLE six
Corresponding to the third embodiment, this embodiment further provides a client, referring to fig. 6, where the client includes: a second transmitting unit 61, a calculating unit 62, and a second receiving unit 63; wherein,
the second sending unit 61 is configured to send the first obtaining request through the first communication channel, so that the server can return the first verification data based on the first obtaining request; when verifying the validity of the client, the second sending unit 61 needs to send a first obtaining request to the server through the first communication channel to obtain verification data; the first communication channel may be a communication channel established based on an HTTP protocol, or based on a TCP protocol, or based on a UDT protocol, or other protocols that can perform communication between a client and a server, or the like.
After receiving a first acquisition request, the server sends first verification data to the client through the first communication channel based on the first acquisition request. The first verification data is carried in the reply information which replies to the client request, and the first verification data can be a character string, an icon and the like.
When the second receiving unit 63 receives the first verification data, the calculating unit 62 is configured to calculate the first verification data by using a pre-configured verification algorithm, and obtain a first verification result.
Specifically, after the second receiving unit 63 receives the first verification data, it creates a second communication channel with the server, and calculates the first verification data according to a pre-configured verification algorithm to obtain a first verification result, and the second sending unit 61 is further configured to send the first verification result to the server by using the second communication channel. Wherein the second communication channel may be a communication channel established based on an HTTP protocol, or based on a TCP protocol, or based on a UDT protocol, etc., and wherein the first communication channel and the second communication channel are established according to different communication protocols. The verification algorithm comprises the logics of operation, circulation, jumping and address replacement.
Here, the authentication algorithm is constructed in advance, including: constructing a verification algorithm function; the verification algorithm function is typically represented as a string; to increase the complexity of the verification algorithm, a logical operation may be performed in the verification algorithm function; performing a cyclic logical operation in the verification algorithm function; executing a jump logic operation in the verification algorithm function; performing an address translation logic operation in the validation algorithm function.
Specifically, when the logic operation is performed in the verification algorithm function, the logic operation may be an operation of adding, subtracting, multiplying, dividing, logically xoring, and the like to the data, and the operation may be unordered and non-logical, and any number of the added logic operations may be added, with the greater the number of the added logic operations, the greater the complexity.
When the cyclic logic operation is executed in the verification algorithm function, the method comprises the following steps: and determining a cycle count, and adding the corresponding cycle count in the verification algorithm function data structure so as to circularly execute the logic operation. In practical application, the loop count is added at multiple positions, so that the HACK is prevented from easily analyzing the verification algorithm, and the loop logic is always executed in corresponding logic operation until the loop count is completely counted.
In order to further improve the complexity of the verification algorithm, jump logic operation is executed in the verification algorithm function; because the verification algorithm is composed of loop statements and operation logics, the jump from one logic operation to another logic operation can be realized through jump statements, and then the jump is realized after the calculation is finished, so that the whole structure can jump from one place to another place from the view of the structure of the whole verification algorithm, and the complexity of code debugging and analysis is increased.
In addition, in order to avoid code logic tracking to an algorithm through read-write access, the present embodiment further performs an address translation logic operation in the verification algorithm function, including: calling an API function memcpy; and executing the copy operation of the data of the verification algorithm function in the memory according to the API function memcpy.
In practical application, a plurality of memory copy operations are used in the verification algorithm, and one piece of data is copied from one memory to another memory, and the memory address where the data is located changes once per copy. This can be cumbersome to track for HACK debugging.
After the server receives a first verification result, judging whether the first verification result is correct, including: reading a calculation result in the configuration file; comparing the first verification result with the calculation result, and if the first verification result is consistent with the calculation result, determining that the first verification result is correct; and the calculation result is calculated by the verification algorithm according to preset verification data in advance.
Here, in order to reduce the online processing pressure of the server, some check data are preset, then the calculation result is calculated through the verification algorithm and is placed in the configuration file, so that when data interaction is performed in real time, the server does not need to perform real-time calculation, and the calculation result can be directly read from the configuration file.
When the server determines that the first verification result is correct, the second receiving unit 63 is further configured to receive first confirmation information sent by the server through the second communication channel; wherein the first communication channel and the second communication channel are established according to different communication protocols.
In addition, in order to further improve the security of the verification, when it is determined that the first verification result is correct, the server may further perform a second verification, specifically:
when the second receiving unit 63 receives the first confirmation information, it sends a second acquisition request to the server through the first communication channel, and after receiving the second acquisition request, the server sends second verification data to the client through the first communication channel based on the second acquisition request. The second verification data is carried in the response information for replying the client request, the second verification data can be a character string, an icon and the like, and the second verification data comprises the first verification result.
When the second receiving unit 63 receives the second verification data, a second communication channel between the server and the second receiving unit is created, the second verification data is calculated according to a pre-constructed verification algorithm to obtain a second verification result, and then the second verification result is sent to the server through the second communication channel. Wherein the operation logic of the verification algorithm used for the second time should be more complex than the operation logic of the verification algorithm used for the first time.
And after receiving a second verification result through a second communication channel, the server judges whether the second verification result is correct or not, and if the second verification result is correct, second confirmation information is sent to the client through the second communication channel to indicate that the client is a legal client.
Of course, if the security of the verification is further improved, the verification may be performed multiple times, and the number of times of verification may be determined in a specific case.
Further, if the first verification result is inconsistent with the calculation result, determining that the first verification result is wrong; the client is a fake client, the server will disconnect the client, and no subsequent authentication is needed.
The beneficial effects brought by one or more embodiments of the invention are as follows:
the invention provides a verification method and a system, wherein the verification method comprises the following steps: the server receives a first acquisition request through a first communication channel and sends first verification data based on the first acquisition request; receiving a first verification result through a second communication channel, the first verification result being calculated from the first verification data using a pre-configured verification algorithm; judging whether the first verification result is correct or not, and if so, sending first confirmation information through the second communication channel; wherein the first communication channel and the second communication channel are established according to different communication protocols; the verification algorithm comprises the logics of operation, circulation, jumping and address replacement; therefore, the verification algorithm comprises the logics of operation, circulation, skipping and address replacement, the complexity of the verification algorithm is improved, the HACK is not easy to find codes corresponding to the algorithm from a network, the legality of a client can be prevented from being verified more accurately, and in the verification process, two different communication channels are used for data interaction, so that the safety of the verification process is further improved.
The above description is only exemplary of the present invention and should not be taken as limiting the scope of the present invention, and any modifications, equivalents, improvements, etc. that are within the spirit and principle of the present invention should be included in the present invention.
Claims (10)
1. A method of authentication, the method comprising:
the server receives a first acquisition request through a first communication channel and sends first verification data based on the first acquisition request;
receiving a first verification result through a second communication channel, the first verification result being calculated from the first verification data using a pre-configured verification algorithm;
judging whether the first verification result is correct or not, and if the first verification result is correct, sending first confirmation information through the second communication channel; wherein the first communication channel and the second communication channel are established according to different communication protocols; the verification algorithm comprises the logics of operation, circulation, jumping and address replacement.
2. The method of claim 1, wherein said determining whether said first verification result is correct comprises:
reading a calculation result in the configuration file;
comparing the first verification result with the calculation result, and if the first verification result is consistent with the calculation result, determining that the first verification result is correct; and the calculation result is calculated by the verification algorithm according to preset verification data in advance.
3. The method of claim 1, wherein pre-constructing a verification algorithm comprises:
constructing a verification algorithm function;
performing a logical operation in the verification algorithm function;
performing a cyclic logical operation in the verification algorithm function;
executing a jump logic operation in the verification algorithm function;
performing an address translation logic operation in the validation algorithm function.
4. The method of claim 3, wherein performing an address translation logic operation in the validation algorithm function comprises:
calling an API function memcpy;
and executing the copy operation of the data of the verification algorithm function in the memory according to the API function memcpy.
5. A method of authentication, the method comprising:
the client sends a first acquisition request through a first communication channel, so that the server can return first verification data based on the first acquisition request;
calculating the first verification data by using a pre-constructed verification algorithm, acquiring a first verification result, and sending the first verification result through a second communication channel, so that the server can judge whether the first verification result is correct;
if the first verification result is correct, first confirmation information is received through the second communication channel; wherein the first communication channel and the second communication channel are established according to different communication protocols; the verification algorithm comprises the logics of operation, circulation, jumping and address replacement.
6. The method of claim 5, wherein performing an address translation logic operation in the validation algorithm function comprises:
calling an API function memcpy;
and executing the copy operation of the data of the verification algorithm function in the memory according to the API function memcpy.
7. A method of authentication, the method comprising:
the client sends a first acquisition request to the server through a first communication channel;
the server sends first verification data to the client through the first communication channel based on the first acquisition request;
the client calculates the first verification data according to a pre-constructed verification algorithm to obtain a first verification result, and sends the first verification result to the server through a second communication channel;
the server judges whether the first verification result is correct or not, and if the first verification result is correct, first confirmation information is sent to the client through the second communication channel;
wherein the first communication channel and the second communication channel are established according to different communication protocols; the verification algorithm comprises the logics of operation, circulation, jumping and address replacement.
8. A server, characterized in that the server comprises:
a first receiving unit, configured to receive a first acquisition request through a first communication channel, and receive a first verification result through a second communication channel, where the first verification result is obtained by calculating the first verification data using a pre-configured verification algorithm;
a first sending unit, configured to send first verification data based on the first acquisition request; and sending first acknowledgement information through the second communication channel;
the judging unit is used for judging whether the first verification result is correct or not; wherein the first communication channel and the second communication channel are established according to different communication protocols; the verification algorithm comprises the logics of operation, circulation, jumping and address replacement.
9. A client, the client comprising:
a second sending unit, configured to send the first acquisition request through a first communication channel, so that the server can return first verification data based on the first acquisition request; sending the first verification result through a second communication channel, so that the server can judge whether the first verification result is correct or not;
the calculation unit is used for calculating the first verification data by utilizing a pre-constructed verification algorithm to obtain a first verification result;
a second receiving unit, configured to receive first acknowledgement information through the second communication channel; wherein the first communication channel and the second communication channel are established according to different communication protocols.
10. An authentication system, the system comprising:
the client is used for sending a first acquisition request to the server through a first communication channel;
a server for sending first authentication data to the client through the first communication channel based on the first acquisition request;
the client is used for calculating the first verification data according to a pre-constructed verification algorithm to obtain a first verification result and sending the first verification result to the server through a second communication channel;
the server is used for judging whether the first verification result is correct or not, and if the first verification result is correct, first confirmation information is sent to the client through the second communication channel;
wherein the first communication channel and the second communication channel are established according to different communication protocols; the verification algorithm comprises the logics of operation, circulation, jumping and address replacement.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611114228.9A CN106453418A (en) | 2016-12-07 | 2016-12-07 | Verification method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611114228.9A CN106453418A (en) | 2016-12-07 | 2016-12-07 | Verification method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106453418A true CN106453418A (en) | 2017-02-22 |
Family
ID=58216716
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611114228.9A Pending CN106453418A (en) | 2016-12-07 | 2016-12-07 | Verification method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106453418A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107645506A (en) * | 2017-09-28 | 2018-01-30 | 世纪龙信息网络有限责任公司 | The verification method and device of information |
| CN109714298A (en) * | 2017-10-25 | 2019-05-03 | 腾讯科技(深圳)有限公司 | Verification method, device and storage medium |
| CN111478903A (en) * | 2020-04-07 | 2020-07-31 | 浙江同花顺智能科技有限公司 | Client-based verification method, server and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101188495A (en) * | 2007-12-04 | 2008-05-28 | 魏恺言 | A secure system and method for realizing powerful password authentication mode |
| CN102710657A (en) * | 2012-06-19 | 2012-10-03 | 上海安简信息技术有限公司 | One-time password generation method and system |
| US20120284786A1 (en) * | 2011-05-05 | 2012-11-08 | Visto Corporation | System and method for providing access credentials |
| CN103747013A (en) * | 2014-01-24 | 2014-04-23 | 沈文策 | Cloud terminal login verification method and device |
| CN103905401A (en) * | 2012-12-27 | 2014-07-02 | 中国移动通信集团公司 | Identity authentication method and device |
| CN104113551A (en) * | 2014-07-28 | 2014-10-22 | 百度在线网络技术(北京)有限公司 | Platform authorization method, platform server side, application client side and system |
-
2016
- 2016-12-07 CN CN201611114228.9A patent/CN106453418A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101188495A (en) * | 2007-12-04 | 2008-05-28 | 魏恺言 | A secure system and method for realizing powerful password authentication mode |
| US20120284786A1 (en) * | 2011-05-05 | 2012-11-08 | Visto Corporation | System and method for providing access credentials |
| CN102710657A (en) * | 2012-06-19 | 2012-10-03 | 上海安简信息技术有限公司 | One-time password generation method and system |
| CN103905401A (en) * | 2012-12-27 | 2014-07-02 | 中国移动通信集团公司 | Identity authentication method and device |
| CN103747013A (en) * | 2014-01-24 | 2014-04-23 | 沈文策 | Cloud terminal login verification method and device |
| CN104113551A (en) * | 2014-07-28 | 2014-10-22 | 百度在线网络技术(北京)有限公司 | Platform authorization method, platform server side, application client side and system |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107645506A (en) * | 2017-09-28 | 2018-01-30 | 世纪龙信息网络有限责任公司 | The verification method and device of information |
| CN109714298A (en) * | 2017-10-25 | 2019-05-03 | 腾讯科技(深圳)有限公司 | Verification method, device and storage medium |
| CN109714298B (en) * | 2017-10-25 | 2020-08-11 | 腾讯科技(深圳)有限公司 | Verification method, verification device and storage medium |
| CN111478903A (en) * | 2020-04-07 | 2020-07-31 | 浙江同花顺智能科技有限公司 | Client-based verification method, server and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11025417B2 (en) | Cross-blockchain data access method, apparatus and system, and computer readable medium | |
| CN107079034B (en) | Identity authentication method, terminal equipment, authentication server and electronic equipment | |
| CN104144419B (en) | Identity authentication method, device and system | |
| CN104065621B (en) | A kind of auth method of third party's service, client and system | |
| EP3534584B1 (en) | Service implementation method and apparatus | |
| CN104869175B (en) | Cross-platform account resource-sharing implementation method, apparatus and system | |
| CN105119722B (en) | A kind of auth method, equipment and system | |
| EP3163793A1 (en) | Tag, related method and system for identifying and/or authenticating objects | |
| JP6481038B2 (en) | Service processing method and apparatus, and service server | |
| KR102167602B1 (en) | Trusted terminal verification method and apparatus | |
| CN109639723A (en) | A kind of micro services access method and server based on ERP system | |
| CN107451819B (en) | Identity verification method and device based on user operation behavior characteristics | |
| CN104580112B (en) | A kind of service authentication method, system and server | |
| CN103139200A (en) | Single sign-on method of web service | |
| CN111241555B (en) | Access method and device for simulating user login, computer equipment and storage medium | |
| CN107733883B (en) | Method and device for detecting account numbers registered in batches | |
| CN108874654B (en) | Idempotent validity test method, device and equipment and readable medium | |
| CN110175448B (en) | Trusted device login authentication method and application system with authentication function | |
| CN105450592A (en) | Safety verification method and device, server and terminal | |
| CN106453418A (en) | Verification method and system | |
| JP6629973B2 (en) | Method and apparatus for recognizing a service request to change a mobile phone number | |
| CN110599180A (en) | Block chain-based vaccine circulation management method and device | |
| CN106878336A (en) | A kind of data interactive method and device | |
| CN110113329A (en) | A kind of verification method and device of identifying code | |
| CN105162774A (en) | Virtual machine login method and device used for terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170222 |
|
| RJ01 | Rejection of invention patent application after publication |