CN106656495B - A kind of method and device of user password storage - Google Patents
A kind of method and device of user password storage Download PDFInfo
- Publication number
- CN106656495B CN106656495B CN201610907011.7A CN201610907011A CN106656495B CN 106656495 B CN106656495 B CN 106656495B CN 201610907011 A CN201610907011 A CN 201610907011A CN 106656495 B CN106656495 B CN 106656495B
- Authority
- CN
- China
- Prior art keywords
- encrypted
- digest value
- key
- current
- time
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
- H04L9/16—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms the keys or algorithms being changed during operation
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The present invention relates to the method and devices that information security field more particularly to a kind of user password store, and this method is to receive user password input by user, and according to preset digest algorithm, calculates the first digest value of the user password;According to current first time and preset initial key, current first key is generated, and first digest value is encrypted based on the current first key;Encrypted first digest value is stored, in this way, what is stored is simply not only the digest value of user password, but, the digest value of user password is encrypted again, what is stored is the digest value of encrypted user password, further improves the safety of user password storage, improves the information security of user.
Description
Technical field
The present invention relates to the method and devices that information security field more particularly to a kind of user password store.
Background technology
At present, in information-based today, the information security of user also increasingly attracts attention, in order to ensure the information of user
Safety, is typically necessary between user and server and is authenticated, wherein, the certification based on user password is a kind of effective side
Method.User needs to pre-enter user password, and then the user password of server stores user input, later in registration
In user authentication process, the user password that by certification when inputs is compared with pre-stored user password, and then is realized and used
The certification at family.
In the prior art, the method for secure storage being carried out to user password is typically all that user password is passed through digest algorithm
Storage is in system after calculating, and later, when system is authenticated user, user inputs user password first, then to
The registered permanent residence, which enables, carries out digest calculations, and finally the digest value with the pre-stored user password of system is compared, and recognizes if consistent
Card passes through, otherwise authentification failure.
Can also be that system firstly generates a random number, user's input also, in the prior art, in verification process
Digest calculations are carried out after user password, primary abstract is then calculated again to abstract result and random number, it then will be pre- in system
The digest value and random number first stored also calculates primary abstract again, and finally the two digest value are compared again, if unanimously
Then certification passes through, otherwise authentification failure.
But in the prior art, the digest value of pre-stored user password is all fixed in system, break through system it
After can be readily available the digest value, if user password is not too complicated, by the method for exhaustion or hit library method can be very
The user password is readily obtained, and then great risk is brought to the information security of user.
Invention content
The embodiment of the present invention provides a kind of method and device of user password storage, improves the peace of the storage of user password
Quan Xing, so as to improve the information security of user.
Specific technical solution provided in an embodiment of the present invention is as follows:
A kind of method of user password storage, including:
User password input by user is received, and according to preset digest algorithm, calculate the user password first is plucked
It is worth;
According to current first time and preset initial key, current first key is generated, and based on described current
First key first digest value is encrypted;
Encrypted first digest value is stored.
In the embodiment of the present invention, user password input by user is received, and according to preset digest algorithm, calculate the use
The first digest value that the registered permanent residence enables;According to current first time and preset initial key, current first key, and base are generated
First digest value is encrypted in the current first key;Encrypted first digest value is stored, this
Sample, storage not only be simply user password digest value, but, the digest value of user password is encrypted again,
What is stored is the digest value of encrypted user password, after can preventing disabled user from obtaining user data, passes through the method for exhaustion
Or hit library method and cracked, the safety of user password storage is further improved, improves the information security of user.
Preferably, after encrypted first digest value is stored, further comprise:
According to the preset period, encrypted first digest value is updated.
Preferably, being updated to encrypted first digest value, specifically include:
According to the second current time and the initial key, the second current key is generated;
Based on the current first key, encrypted first digest value is decrypted, obtains described first
Digest value;
Encryption is re-started based on the first digest value described in the second current key pair, and by the after re-encrypted
One digest value is stored.
In this way, due to be to the first of user password the encrypted key of abstract according to time dynamic, can be with
Disabled user is effectively prevent to carry out data analysis after obtaining entire database to crack user password, further improves and uses the registered permanent residence
Enable the safety of storage.
Preferably, further comprise:
User password input by user is received, and according to preset digest algorithm, calculate the user password second is plucked
It is worth;
According to current third time and the initial key, current third key is generated, and based on described current
The second digest value is encrypted described in third key pair;
The first digest value after encrypted second digest value and re-encrypted is compared, when determining encrypted
When two digest value are consistent with the first digest value after re-encrypted, judgement certification passes through.
Preferably, when the first digest value after determining encrypted second digest value and re-encrypted is inconsistent, into one
Step includes:
According to current third time and the preset period, calculate previous relative to the current third time
A time and the latter time;
Based on the previous time, the latter time and the initial key, the previous time pair is generated respectively
The 4th key answered and the latter time corresponding 5th key;
Second digest value described in being based respectively on the 4th key and the 5th key pair re-starts encryption, and respectively
The first digest value after the second digest value and re-encrypted after re-encrypted is compared, when determining at least one again
When encrypted second digest value is consistent with the first digest value after re-encrypted, judgement certification passes through.
A kind of device of user password storage, including:
First computing unit, for receiving user password input by user, and according to preset digest algorithm, described in calculating
First digest value of user password;
First encryption unit, for according to current first time and preset initial key, it is close to generate current first
Key, and first digest value is encrypted based on the current first key;
Storage unit, for encrypted first digest value to be stored.
In the embodiment of the present invention, user password input by user is received, and according to preset digest algorithm, calculate the use
The first digest value that the registered permanent residence enables;According to current first time and preset initial key, current first key, and base are generated
First digest value is encrypted in the current first key;Encrypted first digest value is stored, this
Sample, storage not only be simply user password digest value, but, the digest value of user password is encrypted again,
What is stored is the digest value of encrypted user password, after can preventing disabled user from obtaining user data, passes through the method for exhaustion
Or hit library method and cracked, the safety of user password storage is further improved, improves the information security of user.
Preferably, after encrypted first digest value is stored, further comprise:
Updating unit, for according to the preset period, being updated to encrypted first digest value.
Preferably, when being updated to encrypted first digest value, updating unit is specifically used for:
According to the second current time and the initial key, the second current key is generated;
Based on the current first key, encrypted first digest value is decrypted, obtains described first
Digest value;
Encryption is re-started based on the first digest value described in the second current key pair, and by the after re-encrypted
One digest value is stored.
In this way, due to be to the first of user password the encrypted key of abstract according to time dynamic, can be with
Disabled user is effectively prevent to carry out data analysis after obtaining entire database to crack user password, further improves and uses the registered permanent residence
Enable the safety of storage.
Preferably, further comprise:
Second computing unit, for receiving user password input by user, and according to preset digest algorithm, described in calculating
Second digest value of user password;
Second encryption unit, for according to current third time and the initial key, generating current third key,
And it is encrypted based on the second digest value described in the current third key pair;
First authentication unit, for the first digest value after encrypted second digest value and re-encrypted to be compared
Compared with when determining that encrypted second digest value is consistent with the first digest value after re-encrypted, judgement certification passes through.
Preferably, when the first digest value after determining encrypted second digest value and re-encrypted is inconsistent, into one
Step includes:
Third computing unit, for according to current third time and the preset period, calculating and working as relative to described
The previous time of preceding third time and the latter time;
Third encryption unit, for being based on the previous time, the latter time and the initial key, respectively
Corresponding 4th key of previous time and the latter time corresponding 5th key are generated, and is based respectively on the 4th key
Encryption is re-started with the second digest value described in the 5th key pair;
Second authentication unit, for respectively by the first digest value after the second digest value and re-encrypted after re-encrypted
It is compared, the second digest value after at least one re-encrypted is determined is consistent with the first digest value after re-encrypted
When, judgement certification passes through.
Description of the drawings
Fig. 1 is the method flow diagram of user password storage in the embodiment of the present invention;
Fig. 2 is the apparatus structure schematic diagram of user password storage in the embodiment of the present invention.
Specific embodiment
Below in conjunction with the attached drawing in the embodiment of the present invention, the technical solution in the embodiment of the present invention is carried out clear, complete
Site preparation describes, it is clear that described embodiment is only part of the embodiment of the present invention, is not whole embodiments.It is based on
Embodiment in the present invention, those of ordinary skill in the art are obtained every other without making creative work
Embodiment shall fall within the protection scope of the present invention.
In order to further improve the safety of the storage of user password, so as to improve the information security of user, the present invention is real
It applies in example, when being stored to user password, calculates the digest value of user password, and give birth to according to current time and initial key
Into current key, the digest value based on current key pair user password is encrypted, and then stores and encrypted use the registered permanent residence
The digest value of order.
The present invention program is described in detail below by specific embodiment, certainly, the present invention is not limited to following realities
Apply example.
As shown in fig.1, in the embodiment of the present invention, the idiographic flow of the method for user password storage is as follows:
Step 100:User password input by user is received, and according to preset digest algorithm, calculates above-mentioned user password
The first digest value.
In practice, in order to ensure the information security of user, it is often necessary to carry out user authentication, therefore, user is at the beginning
It during registration, is required for first setting user password, stores the user password in systems, and then when user later logs in, be based on
The user password is authenticated user.If the user password stored in system is illegally accessed, user will be caused very big
Security threat.
In the embodiment of the present invention, in user's registration, first according to preset digest algorithm, calculate user password first is plucked
It is worth, in this way, being equivalent to carry out one-time pad encryption to user password.
Wherein, above-mentioned preset digest algorithm in the embodiment of the present invention, and is not limited, and can be in the prior art
Arbitrary digest algorithm, for example, Message Digest 5 version 5 (Message-Digest Algorithm 5, MD5) algorithm
Deng.
For example, user password input by user is P, according to preset digest algorithm, calculate the user password P's of acquisition
First digest value is H (P).
Step 110:According to current first time and preset initial key, current first key is generated, and be based on
Above-mentioned first digest value is encrypted in above-mentioned current first key.
In the embodiment of the present invention, one-time pad encryption is carried out again to the digest value of user password, in this way, being equivalent to user
Password is encrypted twice, further improves the safety of user password storage.
When performing step 110, specifically include:
First, according to current first time and preset initial key, current first key is generated.
Wherein, above-mentioned initial key can be that system generates at random in initialization, and user need not know that this is initial close
Key can further improve the safety of the first key of generation in this way.
And it is possible to the accuracy of the current first time is set, for example, hour is accurate to, for example, the time is 8:
05:32, then when generating key, the current time can be considered 8h to calculate.
In the embodiment of the present invention, for how to generate current first key, can also equally it use of the prior art
Algorithm, for example, hash algorithm etc., in the embodiment of the present invention, and is not limited.
Then, above-mentioned first digest value is encrypted based on above-mentioned current first key.
Similarly, the Encryption Algorithm used when the first digest value is encrypted, in the embodiment of the present invention, and without
Limitation.
For example, initial key is K0, current first time is 5h, then according to K0Generating current first key with 5h is
K1, then, based on K1, using preset Encryption Algorithm, H (P) is encrypted, obtaining encrypted first digest value is
Step 120:Encrypted first digest value is stored.
In this way, what is stored in system is not simply the digest value of user password, but, to the digest value of user password again
Encrypted, storage be encrypted user password digest value, after can preventing disabled user from obtaining user data,
It by the method for exhaustion or hits library method and is cracked, improve the safety of user password storage.
Further, in the embodiment of the present invention, the method for user password storage further includes:According to the preset period, pair plus
The first digest value after close is updated, specially:
For example, the preset period is a hour, then every a hour, system is automatically to encrypted first digest value
It is updated.
First, according to the second current time and above-mentioned initial key, the second current key is generated.
Likewise it is possible to the accuracy of the second current time is set, for example, being accurate to hour.
Then, based on above-mentioned current first key, above-mentioned encrypted first digest value is decrypted, is obtained above-mentioned
First digest value.
Finally, encryption is re-started based on above-mentioned current above-mentioned first digest value of the second key pair, and by re-encrypted
The first digest value afterwards is stored.
For example, initial key is K0, the second current time is 6h, then according to K0The second current key is with 6h generations
K2, then, use K1To encrypted first digest valueIt is decrypted, H (P) is obtained, finally, based on K2, use
Preset Encryption Algorithm re-starts encryption to H (P), obtains the first digest value after re-encrypted and is
That is, system can periodically generate new key, and use the new key pair registered permanent residence according to the preset period
The first digest value enabled re-starts encryption.In this way, since the first encrypted key of abstract to user password is according to the time
Dynamic change, therefore, disabled user can be effectively prevent to obtain and carry out data analysis after entire database and use the registered permanent residence to crack
It enables, further improves the safety of user password storage.
Further, based on above-described embodiment, correspondingly, in user authentication, including:
First, user password input by user is received, and according to preset digest algorithm, calculates the of above-mentioned user password
Two digest value.
That is, in certification, for example, user logs in some websites, user name and user password (i.e. password) are inputted,
System needs to be authenticated user password, that is, judges whether user password corresponding with the user name currently stored in system
Unanimously, at this moment, it is necessary to according to the method that user password stores, using identical method, correspondingly come to carry out user password
Certification.
For example, during user authentication, the user password of input is P1, according to preset digest algorithm, calculates the use of acquisition
It is H (P1) that the registered permanent residence, which enables the first digest value of P1,.
Wherein, here preset digest algorithm is identical in preset digest algorithm and step 100.
Then, according to current third time and above-mentioned initial key, current third key is generated, and work as based on above-mentioned
Above-mentioned second digest value of preceding third key pair is encrypted.
For example, initial key is K0, the current third time is 6h, then according to K0Generating current third key with 6h is
K3, based on K3, using preset Encryption Algorithm, H (P1) is encrypted, obtaining encrypted second digest value is
Finally, the first digest value after encrypted second digest value and re-encrypted is compared, when determining encryption
When the second digest value afterwards is consistent with the first digest value after re-encrypted, judgement certification passes through.
For example, since system also can periodically be updated encrypted first digest value, according to above-described embodiment, it is assumed that
Encrypted first digest value stored in current system isThen willWithIt carries out
Compare, when determining consistent, it is possible to determine P=P1, that is, judge that certification passes through.
This is because when user password certification and storage, initial key is identical, using identical digest algorithm and is added
Close algorithm, system can periodically update encrypted first digest value according to the time again, and therefore, when certification, to certification when is defeated
What the key and the digest value of the user password to being stored in system that the digest value of the user password entered is encrypted were encrypted
Key be also it is identical, therefore, the embodiment of the present invention, it is possibility to have effect be properly completed verification process.
Further, in verification process, the first abstract after encrypted second digest value and re-encrypted is determined
When being worth inconsistent, further include:
First, it according to current third time and above-mentioned preset period, calculates relative to the above-mentioned current third time
The previous time and the latter time.
For example, the current third time be 8h, predetermined period 1h, then relative to the previous time of 8h and the latter when
Between be respectively 7h and 9h.
Then, based on above-mentioned previous time, above-mentioned the latter time and above-mentioned initial key, when generating previous respectively
Between corresponding 4th key and the latter time corresponding 5th key, and be based respectively on above-mentioned 4th key and the 5th key pair
Above-mentioned second digest value re-starts encryption.
Finally, the first digest value after the second digest value and re-encrypted after re-encrypted is compared respectively, when
When determining that the second digest value after at least one re-encrypted is consistent with the first digest value after re-encrypted, judgement certification is led to
It crosses.
It is a kind of the reason is that the user password of input is inconsistent this is because when determining inconsistent, it is also a kind of the reason is that
During possible system is updated current key, i.e., the process that is updated to encrypted first digest value
In, therefore, at this moment just need based on current third time and predetermined period, to obtain previous time and the latter time,
It calculates corresponding key respectively again, and then the second digest value is encrypted respectively, be finally compared respectively, in this way, can be with
Further improve the accuracy of certification.
Based on above-described embodiment, as shown in fig.2, in the embodiment of the present invention, the device of user password storage is specific to wrap
It includes:
First computing unit 20 for receiving user password input by user, and according to preset digest algorithm, calculates institute
State the first digest value of user password;
First encryption unit 21, for according to current first time and preset initial key, generating current first
Key, and first digest value is encrypted based on the current first key;
Storage unit 22, for encrypted first digest value to be stored.
Preferably, after encrypted first digest value is stored, further comprise:
Updating unit 23, for according to the preset period, being updated to encrypted first digest value.
Preferably, when being updated to encrypted first digest value, updating unit 23 is specifically used for:
According to the second current time and the initial key, the second current key is generated;
Based on the current first key, encrypted first digest value is decrypted, obtains described first
Digest value;
Encryption is re-started based on the first digest value described in the second current key pair, and by the after re-encrypted
One digest value is stored.
Preferably, further comprise:
Second computing unit 24 for receiving user password input by user, and according to preset digest algorithm, calculates institute
State the second digest value of user password;
Second encryption unit 25, for according to current third time and the initial key, it is close to generate current third
Key, and be encrypted based on the second digest value described in the current third key pair;
First authentication unit 26, for the first digest value after encrypted second digest value and re-encrypted to be compared
Compared with when determining that encrypted second digest value is consistent with the first digest value after re-encrypted, judgement certification passes through.
Preferably, when the first digest value after determining encrypted second digest value and re-encrypted is inconsistent, into one
Step includes:
Third computing unit 27, for according to current third time and the preset period, calculating relative to described
The previous time of current third time and the latter time;
Third encryption unit 28, for being based on the previous time, the latter time and the initial key, point
Corresponding 4th key of previous time and the latter time corresponding 5th key are not generated, and it is close to be based respectively on the described 4th
Second digest value described in key and the 5th key pair re-starts encryption;
Second authentication unit 29, for respectively by the first abstract after the second digest value and re-encrypted after re-encrypted
Value is compared, and the second digest value after at least one re-encrypted is determined is consistent with the first digest value after re-encrypted
When, judgement certification passes through.
In conclusion in the embodiment of the present invention, user password input by user is received, and according to preset digest algorithm,
Calculate the first digest value of the user password;According to current first time and preset initial key, current is generated
One key, and first digest value is encrypted based on the current first key;By encrypted first digest value
Stored, in this way, storage be simply not only user password digest value, but, to the digest value of user password again
Encrypted, storage be encrypted user password digest value, further improve user password storage safety,
Improve the information security of user.
It should be understood by those skilled in the art that, the embodiment of the present invention can be provided as method, system or computer program
Product.Therefore, the reality in terms of complete hardware embodiment, complete software embodiment or combination software and hardware can be used in the present invention
Apply the form of example.Moreover, the computer for wherein including computer usable program code in one or more can be used in the present invention
The computer program production that usable storage medium is implemented on (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.)
The form of product.
The present invention be with reference to according to the method for the embodiment of the present invention, the flow of equipment (system) and computer program product
Figure and/or block diagram describe.It should be understood that it can be realized by computer program instructions every first-class in flowchart and/or the block diagram
The combination of flow and/or box in journey and/or box and flowchart and/or the block diagram.These computer programs can be provided
The processor of all-purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices is instructed to produce
A raw machine so that the instruction performed by computer or the processor of other programmable data processing devices is generated for real
The device of function specified in present one flow of flow chart or one box of multiple flows and/or block diagram or multiple boxes.
These computer program instructions, which may also be stored in, can guide computer or other programmable data processing devices with spy
Determine in the computer-readable memory that mode works so that the instruction generation being stored in the computer-readable memory includes referring to
Enable the manufacture of device, the command device realize in one flow of flow chart or multiple flows and/or one box of block diagram or
The function of being specified in multiple boxes.
These computer program instructions can be also loaded into computer or other programmable data processing devices so that counted
Series of operation steps are performed on calculation machine or other programmable devices to generate computer implemented processing, so as in computer or
The instruction offer performed on other programmable devices is used to implement in one flow of flow chart or multiple flows and/or block diagram one
The step of function of being specified in a box or multiple boxes.
Although preferred embodiments of the present invention have been described, but those skilled in the art once know basic creation
Property concept, then can make these embodiments other change and modification.So appended claims be intended to be construed to include it is excellent
It selects embodiment and falls into all change and modification of the scope of the invention.
Obviously, those skilled in the art can carry out the embodiment of the present invention various modification and variations without departing from this hair
The spirit and scope of bright embodiment.In this way, if these modifications and variations of the embodiment of the present invention belong to the claims in the present invention
And its within the scope of equivalent technologies, then the present invention is also intended to include these modifications and variations.
Claims (8)
- A kind of 1. method of user password storage, which is characterized in that including:User password input by user is received, and according to preset digest algorithm, calculates the first digest value of the user password;According to current first time and preset initial key, current first key is generated, and based on described current the The first digest value is encrypted described in one key pair;Encrypted first digest value is stored;User password input by user is received, and according to preset digest algorithm, calculates the second digest value of the user password;According to current third time and the initial key, current third key is generated, and based on the current third The second digest value is encrypted described in key pair;Encrypted second digest value and encrypted first digest value are compared, when determining encrypted second digest value When consistent with encrypted first digest value, judgement certification passes through.
- 2. the method as described in claim 1, which is characterized in that after encrypted first digest value is stored, into one Step includes:According to the preset period, encrypted first digest value is updated.
- 3. method as claimed in claim 2, which is characterized in that be updated, specifically include to encrypted first digest value:According to the second current time and the initial key, the second current key is generated;Based on the current first key, encrypted first digest value is decrypted, obtains first abstract Value;Encryption is re-started, and first after re-encrypted is plucked based on the first digest value described in the second current key pair It is worth and is stored.
- 4. method as claimed in claim 2, which is characterized in that when determining encrypted second digest value and encrypted first When digest value is inconsistent, further comprise:According to current third time and the preset period, calculate relative to the current third time it is previous when Between and the latter time;Based on the previous time, the latter time and the initial key, it is corresponding that the previous time is generated respectively 4th key and the latter time corresponding 5th key;Second digest value described in being based respectively on the 4th key and the 5th key pair re-starts encryption, and respectively will weight New encrypted second digest value and encrypted first digest value are compared, after at least one re-encrypted is determined When second digest value is consistent with encrypted first digest value, judgement certification passes through.
- 5. a kind of device of user password storage, which is characterized in that including:First computing unit for receiving user password input by user, and according to preset digest algorithm, calculates the user First digest value of password;First encryption unit, for according to current first time and preset initial key, generating current first key, and First digest value is encrypted based on the current first key;Storage unit, for encrypted first digest value to be stored;Second computing unit for receiving user password input by user, and according to preset digest algorithm, calculates the user Second digest value of password;Second encryption unit, for according to current third time and the initial key, generating current third key, and base It is encrypted in the second digest value described in the current third key pair;First authentication unit, for encrypted second digest value and encrypted first digest value to be compared, when determining When encrypted second digest value is consistent with encrypted first digest value, judgement certification passes through.
- 6. device as claimed in claim 5, which is characterized in that after encrypted first digest value is stored, into one Step includes:Updating unit, for according to the preset period, being updated to encrypted first digest value.
- 7. device as claimed in claim 6, which is characterized in that when being updated to encrypted first digest value, update is single Member is specifically used for:According to the second current time and the initial key, the second current key is generated;Based on the current first key, encrypted first digest value is decrypted, obtains first abstract Value;Encryption is re-started, and first after re-encrypted is plucked based on the first digest value described in the second current key pair It is worth and is stored.
- 8. device as claimed in claim 6, which is characterized in that when determining encrypted second digest value and encrypted first When digest value is inconsistent, further comprise:Third computing unit, for according to current third time and the preset period, calculating relative to described current The previous time of third time and the latter time;Third encryption unit for being based on the previous time, the latter time and the initial key, generates respectively Previous time corresponding 4th key and the latter time corresponding 5th key, and it is based respectively on the 4th key and institute Second digest value described in stating the 5th key pair re-starts encryption;Second authentication unit, for respectively comparing the second digest value after re-encrypted and encrypted first digest value Compared with, when the second digest value after determining at least one re-encrypted is consistent with encrypted first digest value, judgement certification Pass through.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610907011.7A CN106656495B (en) | 2016-10-18 | 2016-10-18 | A kind of method and device of user password storage |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610907011.7A CN106656495B (en) | 2016-10-18 | 2016-10-18 | A kind of method and device of user password storage |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106656495A CN106656495A (en) | 2017-05-10 |
CN106656495B true CN106656495B (en) | 2018-06-12 |
Family
ID=58855933
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610907011.7A Active CN106656495B (en) | 2016-10-18 | 2016-10-18 | A kind of method and device of user password storage |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106656495B (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111934862B (en) * | 2019-08-23 | 2023-08-11 | 广州华多网络科技有限公司 | Server access method and device, readable medium and electronic equipment |
CN112788012B (en) * | 2020-12-30 | 2023-07-25 | 深圳市欢太科技有限公司 | Log file encryption method and device, storage medium and electronic equipment |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101291227A (en) * | 2008-06-06 | 2008-10-22 | 薛明 | Password inputting method, device and system |
CN102480353A (en) * | 2010-11-26 | 2012-05-30 | 航天信息股份有限公司 | Method of password authentication and secret key protection |
CN102843422A (en) * | 2012-07-31 | 2012-12-26 | 郑州信大捷安信息技术股份有限公司 | Account management system and account management method based on cloud service |
CN105391556A (en) * | 2015-11-27 | 2016-03-09 | 厦门雅迅网络股份有限公司 | Method and apparatus for generating dynamic password, authentication method and system |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101301609B1 (en) * | 2012-05-31 | 2013-08-29 | 서울대학교산학협력단 | Apparatus and method for generating secret key, and recording medium storing program for executing method of the same in computer |
-
2016
- 2016-10-18 CN CN201610907011.7A patent/CN106656495B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101291227A (en) * | 2008-06-06 | 2008-10-22 | 薛明 | Password inputting method, device and system |
CN102480353A (en) * | 2010-11-26 | 2012-05-30 | 航天信息股份有限公司 | Method of password authentication and secret key protection |
CN102843422A (en) * | 2012-07-31 | 2012-12-26 | 郑州信大捷安信息技术股份有限公司 | Account management system and account management method based on cloud service |
CN105391556A (en) * | 2015-11-27 | 2016-03-09 | 厦门雅迅网络股份有限公司 | Method and apparatus for generating dynamic password, authentication method and system |
Also Published As
Publication number | Publication date |
---|---|
CN106656495A (en) | 2017-05-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106687980B (en) | Management program and virtual machine protection | |
CN105491062B (en) | A kind of client software guard method, device and client | |
CN106991298B (en) | Access method of application program to interface, authorization request method and device | |
CN103329095B (en) | Authenticate a hypervisor with encoded information | |
US11418499B2 (en) | Password security | |
WO2015188426A1 (en) | Method, device, system, and related device for identity authentication | |
RU2015117644A (en) | SAFE DATA PROCESSING BY VIRTUAL MACHINE | |
CN104980477A (en) | Data access control method and system in cloud storage environment | |
JPWO2019239591A1 (en) | Authentication system, authentication method, application provider, authentication device, and authentication program | |
CN106716957A (en) | Efficient and reliable attestation | |
JP2014516448A (en) | Secure data storage | |
CA2842741C (en) | Password audit system | |
CN106992859B (en) | Bastion machine private key management method and device | |
EP3206329A1 (en) | Security check method, device, terminal and server | |
US9378358B2 (en) | Password management system | |
CN104794394A (en) | Virtual machine starting verification method and device | |
CN106656495B (en) | A kind of method and device of user password storage | |
CN101404052A (en) | Method for remotely activating software | |
EP3338214B1 (en) | Secure computation environment | |
CN103457721B (en) | A kind of method and device of Mass production password | |
US9930031B2 (en) | Multi-factor user authentication based on user credentials and entry timing | |
CN114666108A (en) | Identity authentication method, device, equipment and medium based on user-defined resources | |
CN107209506B (en) | The product identification of safety and verification | |
CN107800536A (en) | Security procedure imitates detection | |
CN107070648A (en) | A kind of cryptographic key protection method and PKI system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |