CN106874743B - Method and system for storing and extracting smart card password - Google Patents
Method and system for storing and extracting smart card password Download PDFInfo
- Publication number
- CN106874743B CN106874743B CN201611247618.3A CN201611247618A CN106874743B CN 106874743 B CN106874743 B CN 106874743B CN 201611247618 A CN201611247618 A CN 201611247618A CN 106874743 B CN106874743 B CN 106874743B
- Authority
- CN
- China
- Prior art keywords
- password
- card
- personal terminal
- ciphertext
- smart card
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K17/00—Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations
Abstract
The invention provides a method and a system for storing and extracting a smart card password, which specifically comprise the following steps: when the personal terminal communicates with the smart card for the first time, the personal terminal stores the password according to the following steps: s11: after receiving the password of the verification operation, encrypting the password to obtain an encrypted ciphertext; s12: the personal terminal distributively stores the encrypted ciphertext into a storage space of the personal terminal; when the personal terminal is not communicated with the intelligent card for the first time, the password is extracted according to the following steps: s21: extracting encrypted ciphertext distributed in a storage space of the personal terminal; s22: and carrying out decryption processing on the encrypted ciphertext to obtain a password for verification operation. The invention can inquire the result without the password when inquiring the balance in the card and the historical transaction record again by automatically storing the password after the user verifies the password for the first time, is convenient to use, and stores the encrypted ciphertext of the password in a distributed manner, thereby improving the security of the encrypted ciphertext data.
Description
Technical Field
The invention relates to the technical field of password storage and extraction of a personal terminal value card, in particular to a method and a system for storing and extracting a password of an intelligent card.
Background
With the development of personal terminal equipment technology, personal terminal value storage cards are beginning to appear at present, and users can communicate with the value storage cards (smart cards) through personal terminals of the users, so that balance in the value storage cards and historical transaction records can be directly inquired through the personal terminals.
For example, as protocol specifications for smart cards such as PBOC1.0 specification, PBOC2.0 specification, middle petrochemical IC card specification, middle petroleum IC card specification, public transportation card specification and the like are established, smart cards are becoming popular. However, when the existing personal terminal device reads the stored value IC card and inquires the balance and the historical transaction record in the card, the PIN (password) of the card needs to be input every time, the result can be inquired after the verification is passed, and the inquiry is inconvenient for a plurality of times. In addition, for a user, when the personal terminal device is used for inquiring the balance or the historical transaction record in the stored-value IC card, the operation is relatively not too high in security level, and the password is easy to leak due to repeated operation processes. How to make the user experience more humanized and more convenient and improve the safety of reading the balance and the historical data of the stored-value card by the user through the personal terminal is a problem to be solved urgently in the field.
Disclosure of Invention
The invention aims to provide a method and a system for storing and extracting a password of an intelligent card, which are used for solving the problems of poor user experience, inconvenience and poor safety of the existing personal terminal that when the balance in a stored-value card and a historical transaction record are inquired, a result can be inquired only after a PIN (personal identification number) code of the card is correctly input every time.
The second objective of the present invention is to provide a method and a system for storing and extracting a smart card password, so that a user only needs to correctly input a card PIN (password) once, and then does not need to input the card PIN (password) again, which is convenient to use.
In order to achieve the above object, the present invention provides a method for storing and extracting a smart card password, which comprises the following steps:
when the personal terminal communicates with the smart card for the first time, the personal terminal stores the password according to the following steps:
s11: after receiving a password of a verification operation, encrypting the password to obtain an encrypted ciphertext;
s12: the personal terminal distributively stores the encrypted ciphertext into a storage space of the personal terminal;
when the personal terminal is not communicated with the smart card for the first time, firstly, the password is extracted according to the following steps:
s21: extracting encrypted ciphertext distributed in a storage space of the personal terminal;
s22: and carrying out decryption processing on the encrypted ciphertext to obtain a password for verification operation.
Preferably, when the personal terminal communicates with the smart card for the first time, the personal terminal encrypts the card number of the smart card at the same time and stores the encrypted card number in a distributed manner in the storage space of the personal terminal;
when the personal terminal is not communicated with the intelligent card for the first time, the card number of the intelligent card is encrypted to obtain the encrypted card number, then whether the same encrypted card number exists or not is searched in the storage space, and if yes, the password corresponding to the card number is extracted.
Preferably, the encryption processing in step S11 includes:
A. carrying out initial encryption on the password through a preset encryption algorithm to obtain an initial encryption ciphertext;
B. adding a unique identification code related to the smart card into the initial encrypted ciphertext to obtain an encrypted ciphertext;
then, the decryption process in step S22 includes:
a. initially decrypting the encrypted ciphertext according to the unique identification code to obtain an initial encrypted ciphertext;
b. and decrypting the initial encrypted ciphertext by using a decryption algorithm corresponding to a preset encryption algorithm to obtain the password.
Preferably, the predetermined encryption algorithm includes a plurality of sets of predetermined encryption keys and decryption keys, and the personal terminal randomly selects one set of the encryption key and the decryption key when receiving the password of the verification operation for the first time, and initially encrypts the password with the selected encryption key, and initially decrypts with the corresponding decryption key when decrypting.
Preferably, the unique identification code is a card number of the smart card or a chip ID of the smart card.
Preferably, the step S12 further includes:
1) splitting the encrypted ciphertext into a plurality of ciphertext data blocks according to a preset rule;
2) storing the ciphertext data blocks into storage spaces with different addresses in a distributed manner, and separately recording the storage space addresses storing the ciphertext data blocks;
3) if the free space exists between the storage spaces with different addresses, adding random filling data into the free space;
in S21, the encrypted ciphertext distributed in the storage space of the personal terminal is extracted according to the storage space address.
Preferably, the storage space address is independently stored in a storage space of the personal terminal in a file form, and the personal terminal acquires the storage space address in the file by calling the file.
The invention also provides a system for storing and extracting the smart card password, which comprises: the system comprises a memory, a processor and a smart card identification unit which are arranged on the personal mobile terminal, wherein the smart card identification unit is used for identifying a smart card and receiving a password of an authentication operation;
the processor is used for encrypting and decrypting the password and controlling distributed storage and reading of the ciphertext;
the memory comprises a plurality of independent storage spaces for distributively storing the ciphertext.
Preferably, the processor comprises:
the unique identification code acquisition unit is used for acquiring the unique identification code of the intelligent card through the intelligent card identification unit;
the initial encryption/decryption unit is used for initially encrypting the password through a preset encryption algorithm to obtain an initial encrypted ciphertext and initially decrypting the encrypted ciphertext according to the unique identification code to obtain an initial encrypted ciphertext;
the intelligent card encryption/decryption unit is used for adding a unique identification code related to the intelligent card into the initial encrypted ciphertext to obtain an encrypted ciphertext and decrypting the initial encrypted ciphertext by a decryption algorithm corresponding to a preset encryption algorithm to obtain the password;
and the storage control unit is used for distributively storing the encrypted ciphertext into the storage space of the personal terminal and extracting the encrypted ciphertext distributed in the storage space of the personal terminal when the personal terminal is not communicated with the smart card for the first time.
Preferably, the storage control unit includes:
the ciphertext data block dividing module is used for dividing the encrypted ciphertext into a plurality of ciphertext data blocks according to a preset rule;
the distributed storage control module is used for storing the ciphertext data blocks into storage spaces with different addresses in a distributed manner;
the random data filling module is used for adding random filling data into the free space between the storage spaces with different addresses;
preferably, the memory further includes a file area for separately storing a file in which the address of the storage space of the ciphertext data block is recorded.
Preferably, the smart card identification unit includes:
the password receiving unit is used for receiving a password of the verification operation and forwarding the password to the processor;
and the smart card reader is used for reading the card information of the smart card communicated with the personal terminal and forwarding the card information to the processor so that the processor can judge whether the smart card is communicated with the personal terminal for the first time.
Preferably, the processor further comprises: the card number encryption unit is used for encrypting the card number of the smart card to obtain an encrypted card number; the encrypted card number is distributively stored into the memory space of the personal terminal by the memory control unit when the personal terminal is communicating with the smart card for the first time.
The scheme of the invention has the following beneficial effects:
1) after the user verifies that the PIN (password) passes for the first time, the PIN (password) is automatically stored in the terminal equipment; therefore, when the balance in the card and the historical transaction record are inquired again next time, the PIN (password) is not required to be input any more, the terminal can automatically extract the PIN (password) for verification and inquire the result, the use is convenient, the password leakage caused by inputting the password for many times is avoided, and the safety is high;
2) the correct PIN (password) code input by the user is encrypted by the traditional encryption algorithms such as AES, RSA, DES and the like, and the encryption algorithms are mature in technology, difficult to crack and good in safety;
3) by adding other elements to participate in encryption, such as card numbers, chip unique IDs and the like, the uniqueness of a ciphertext is better ensured, so that personal terminal equipment can store the passwords of a plurality of cards at the same time, and different intelligent cards can be distinguished conveniently;
4) the encrypted ciphertext of each intelligent card is stored in the personal terminal device in a distributed mode, the security of encrypted ciphertext data is improved, random filling data are further added into the free storage space, the security of the encrypted ciphertext in the personal terminal device is better guaranteed, and the password of the intelligent card is not easy to be stolen and cracked maliciously.
Drawings
FIG. 1A is a flowchart of a smart card password saving method according to a preferred embodiment of the present invention;
FIG. 1B is a flowchart of a smart card password extraction method according to a preferred embodiment of the present invention;
FIG. 2A is a flow diagram of a smart card cryptographic method of the preferred embodiment;
FIG. 2B is a flowchart of a smart card cryptographic decryption method of the preferred embodiment;
FIG. 3 is a flowchart of a ciphertext storage method of the preferred embodiment;
FIG. 4 is a diagram of the system components for smart card password saving and extraction in the preferred embodiment;
FIG. 5 is a block diagram of a processor in accordance with the preferred embodiments;
fig. 6 is a schematic diagram of an encrypted ciphertext storage of an embodiment.
Detailed Description
To better illustrate the present invention, a preferred embodiment is described in detail with reference to the accompanying drawings, in which:
the embodiment provides a method for storing and extracting a smart card password, which comprises the following steps:
when the personal terminal communicates with the smart card for the first time, as shown in fig. 1A, the password is stored according to the following steps:
s11: after receiving a password of a verification operation, encrypting the password to obtain an encrypted ciphertext;
s12: the personal terminal distributively stores the encrypted ciphertext into a storage space of the personal terminal;
when the personal terminal is not communicating with the smart card for the first time, as shown in fig. 1B, the personal terminal first extracts the password according to the following steps:
s21: extracting encrypted ciphertext distributed in a storage space of the personal terminal;
s22: and carrying out decryption processing on the encrypted ciphertext to obtain a password for verification operation.
In a preferred embodiment, as shown in fig. 2A, the encryption processing in step S11 includes:
A. carrying out initial encryption on the password through a preset encryption algorithm to obtain an initial encryption ciphertext;
B. adding a unique identification code related to the smart card into the initial encrypted ciphertext to obtain an encrypted ciphertext;
as shown in fig. 2B, the decryption process in step S22 includes:
a. initially decrypting the encrypted ciphertext according to the unique identification code to obtain an initial encrypted ciphertext;
b. and decrypting the initial encrypted ciphertext by using a decryption algorithm corresponding to a preset encryption algorithm to obtain the password.
Further in a preferred embodiment, as shown in fig. 3, the process of storing the encrypted ciphertext in step S12 specifically includes:
1) splitting the encrypted ciphertext into a plurality of ciphertext data blocks according to a preset rule;
2) storing the ciphertext data blocks into storage spaces with different addresses in a distributed manner, and separately recording the storage space addresses storing the ciphertext data blocks;
3) if the free space exists between the storage spaces with different addresses, adding random filling data into the free space;
in S21, the encrypted ciphertext distributed in the storage space of the personal terminal is extracted according to the storage space address.
Preferably, the above-mentioned storage space address is independently stored in the storage space of the personal terminal in the form of a file, and the personal terminal can directly obtain the storage space address in the file by calling the file.
Further, the preset encryption algorithm in this embodiment includes a plurality of groups of preset encryption keys and decryption keys, and when the personal terminal receives the password of the verification operation for the first time, one group of the encryption keys and the decryption keys is randomly selected, and the password is initially encrypted by using the selected encryption key, and when decrypted, initial decryption is performed by using the corresponding decryption key.
Preferably, the unique identification code in this embodiment may be set as a card number of the smart card or a chip ID of the smart card, or other data, characters, etc. uniquely associated with the smart card, as required.
In another preferred embodiment of the invention, when the personal terminal communicates with the smart card for the first time, the personal terminal encrypts the card number of the smart card at the same time and stores the encrypted card number in the storage space of the personal terminal in a distributed manner; when the personal terminal is not communicated with the intelligent card for the first time, the card number of the intelligent card is encrypted to obtain the encrypted card number, then whether the same encrypted card number exists or not is searched in the storage space, and if yes, the password corresponding to the card number is extracted. The card number stored in the intelligent terminal equipment can be safer by encrypting the card number of the intelligent card, so that the safety of the user information of the intelligent card is ensured.
In the preferred embodiment, the card number and the password are respectively encrypted and then stored in the storage space in a distributed mode. The encryption processing mode of the card number can be encrypted by adopting a preset encryption algorithm according to needs, the preset encryption algorithm can be the same as or different from the algorithm for initially encrypting the password, and the encryption processing mode can be freely selected by a person skilled in the art according to needs.
As shown in fig. 4, this embodiment further provides a system for storing and extracting a smart card password, which includes: a memory 410, a processor 420 and a smart card identification unit 430 disposed on the personal mobile terminal 400, wherein the smart card identification unit 430 is configured to identify a smart card and receive a password for an authentication operation; the processor 420 is configured to encrypt and decrypt the password, and control distributed storage and reading of the ciphertext; the memory 410 includes several independent storage spaces for distributively storing the ciphertext.
Preferably, referring to fig. 5, the processor 420 includes:
a unique identification code obtaining unit 421, configured to obtain a unique identification code of the smart card through the smart card identification unit;
an initial encryption/decryption unit 422, configured to perform initial encryption on the password through a preset encryption algorithm to obtain an initial encrypted ciphertext, and perform initial decryption on the encrypted ciphertext according to the unique identifier to obtain an initial encrypted ciphertext;
the smart card encryption/decryption unit 423 is configured to add a unique identification code associated with a smart card to the initial encrypted ciphertext to obtain an encrypted ciphertext, and decrypt the initial encrypted ciphertext with a decryption algorithm corresponding to a preset encryption algorithm to obtain the password;
a storage control unit 424, configured to distributively store the encrypted ciphertext into the storage space of the personal terminal, and extract the encrypted ciphertext distributed in the storage space of the personal terminal when the personal terminal is not in first communication with the smart card.
Preferably, the storage control unit 424 includes:
the ciphertext data block dividing module is used for dividing the encrypted ciphertext into a plurality of ciphertext data blocks according to a preset rule;
the distributed storage control module is used for storing the ciphertext data blocks into storage spaces with different addresses in a distributed manner;
and the random data filling module is used for adding random filling data into the free space between the storage spaces with different addresses.
Preferably, the memory 410 further includes a file area 411 for separately storing a file in which the address of the storage space of the ciphertext data block is recorded.
Preferably, the smart card recognition unit 430 includes:
the password receiving unit is used for receiving a password of the verification operation and forwarding the password to the processor;
and the smart card reader is used for reading the card information of the smart card communicated with the personal terminal and forwarding the card information to the processor so that the processor can judge whether the smart card is communicated with the personal terminal for the first time. The smart card reader can be set as a Near Field Communication (NFC) chip as required, and the NFC chip is communicated with the smart card chip to read card information of the smart card, such as the card number of the smart card or the chip ID of the smart card.
In another preferred embodiment, the processor further includes: the card number encryption unit is used for encrypting the card number of the smart card to obtain an encrypted card number; the encrypted card number is distributively stored into the memory space of the personal terminal by the memory control unit when the personal terminal is communicating with the smart card for the first time.
The technical solution of the present invention is illustrated in a specific example below:
when using personal terminal to inquire the card balance and history transaction record of value-stored IC card for the first time, the inquiry flow is as follows: the personal terminal prompts a user to insert a card or approach the card to the personal terminal, and after the user inserts the card or approaches the card to the personal terminal, the personal terminal reads the card information, for example, the card reading number is '10001137000068017 XX', the read card number is encrypted to obtain an encrypted card number, and whether the information of the IC card is stored in the storage space is searched according to the encrypted data of the encrypted card number. If the card is not found, the personal terminal judges that the card is the first query, simultaneously prompts a user to input a password, and respectively encrypts the card number and the password by the personal terminal after the user inputs the password to obtain an encrypted ciphertext and stores the encrypted ciphertext in a storage space of the personal terminal in a distributed manner. Meanwhile, the card number, balance and historical transaction records can be displayed to the user.
In the encryption process, firstly, encryption algorithms such as AES, RSA, DES and the like are adopted to initially encrypt correct PIN (password) input by a user, a group of encryption keys and decryption keys are randomly selected during encryption, the encryption keys are adopted to perform initial encryption according to the algorithms, and meanwhile, corresponding decryption keys are stored. The encryption of the card number may be performed by using the encryption algorithm described above, and the encryption algorithm of the card number may be the same as or different from that of the password. For the password, other elements such as a card number, a chip unique ID and the like are added into the initially encrypted ciphertext, and the uniqueness of the ciphertext of the password can be ensured by adding the unique identifiers uniquely related to the card. In order to further ensure the security of the cryptograph of the card number and the password, the embodiment divides the encrypted cryptograph into a plurality of data blocks according to a preset rule, such as a plurality of data blocks with equal data length, or a plurality of data blocks with different data lengths. After the data blocks are divided, the data blocks are stored in a distributed manner in a storage space of the personal terminal, as shown in fig. 6, according to a screenshot of a data packet captured on the personal terminal device, it can be seen that in this embodiment, the data block 601 and the data block 602 are stored in addresses of 130h (0 to 7 bytes) and 140h (8 to f bytes), respectively, and storage addresses of the data blocks are recorded. Meanwhile, in order to further guarantee the data security of the stored ciphertext, increase the reading difficulty of malicious reading and cause interference to the decryption process of the ciphertext, random data filling is performed on the free data space between addresses 130h (0-7 bytes) and 140h (8-f bytes) in the embodiment, referring to the data blocks 603 and 604 at the addresses 130h (8-f bytes) and 140h (0-7 bytes), and the data of the data blocks 603 and 604 have no actual meaning and only are randomly filled data, so that a good interference effect is achieved.
When the personal terminal is used for inquiring the balance and the historical transaction record in the stored value IC card for the second time or the third time and the like, the inquiry process comprises the following steps: and the personal terminal prompts a user to insert a card or approach the card to the personal terminal, and after the user inserts the card or approaches the card to the personal terminal, the personal terminal reads the card information and searches the card information of the card in the personal terminal, and after the card information is found, the encrypted ciphertext is automatically extracted from the storage space according to the card information and is decrypted to obtain the original password. And meanwhile, the personal terminal automatically verifies the password, and after the verification is passed, the information such as the card number, the balance, the historical transaction record and the like of the intelligent card can be displayed to the user.
Specifically, during decryption, the personal terminal acquires the storage addresses of the encrypted ciphertext corresponding to the password of the stored-value IC card according to the card information of the stored-value IC card, wherein the storage addresses are 130h (0-7 bytes) and 140h (8-f bytes), then extracts the data of the two addresses and combines the data to obtain the encrypted ciphertext, then calculates the initial encrypted ciphertext according to the card information (such as the card number), and then decrypts the ciphertext according to the decryption rule corresponding to the encryption algorithm by adopting the stored decryption key to obtain the original password.
In a preferred embodiment, an upper limit of the card information stored in the personal terminal device may be set, for example, the information and the password of 10 cards are stored, and when a new card is available, the information and the password of the card with the longest storage time are automatically covered, so that the card information is updated, and the reuse rate of the storage space is improved. Of course, the information and the password of how many cards are stored can be set adaptively by those skilled in the art according to the capacity of the memory of the personal terminal device and the processing capability of the processor, and the number of the cards is not limited specifically here.
It should be understood that, in the above process, for each smart card, when communicating with the personal terminal, the personal terminal first reads the card information of the card to determine whether the card is read for the first time, that is, whether the password of the smart card is stored in the personal terminal.
The personal terminal in the above embodiments may be a personal mobile communication device (such as a mobile phone, a tablet, etc. with a function of communicating with a smart card), or a personal stored-value card reading device (such as a POS machine or an identification device corresponding to another special IC card), etc.
The above description is only an embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art should be able to make modifications or substitutions within the technical scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.
Claims (8)
1. A method for storing and extracting smart card passwords is characterized by comprising the following steps:
when the personal terminal communicates with the smart card for the first time, the personal terminal stores the password according to the following steps:
s11: after receiving a password of a verification operation, encrypting the password to obtain an encrypted ciphertext; the encryption processing in step S11 includes:
A. carrying out initial encryption on the password through a preset encryption algorithm to obtain an initial encryption ciphertext;
B. adding a unique identification code related to the smart card into the initial encrypted ciphertext to obtain an encrypted ciphertext;
s12: the personal terminal distributively stores the encrypted ciphertext into a storage space of the personal terminal;
the step S12 further includes:
1) splitting the encrypted ciphertext into a plurality of ciphertext data blocks according to a preset rule;
2) storing the ciphertext data blocks into storage spaces with different addresses in a distributed manner, and separately recording the storage space addresses storing the ciphertext data blocks;
3) if the free space exists between the storage spaces with different addresses, adding random filling data into the free space;
when the personal terminal is not communicated with the smart card for the first time, firstly, the password is extracted according to the following steps:
s21: extracting encrypted ciphertext distributed in a storage space of the personal terminal according to the storage space address;
s22: carrying out decryption processing on the encrypted ciphertext to obtain a password for verification operation;
the decryption process in step S22 includes:
a. initially decrypting the encrypted ciphertext according to the unique identification code to obtain an initial encrypted ciphertext;
b. and decrypting the initial encrypted ciphertext by using a decryption algorithm corresponding to a preset encryption algorithm to obtain the password.
2. The method for saving and extracting the password of the smart card according to claim 1, wherein the personal terminal encrypts the card number of the smart card at the same time when communicating with the smart card for the first time, and distributively stores the encrypted card number into the storage space of the personal terminal;
when the personal terminal is not communicated with the intelligent card for the first time, the card number of the intelligent card is encrypted to obtain the encrypted card number, then whether the same encrypted card number exists or not is searched in the storage space, and if yes, the password corresponding to the card number is extracted.
3. The smart card password storage and extraction method according to claim 1, wherein the predetermined encryption algorithm comprises a plurality of predetermined sets of encryption keys and decryption keys, and the personal terminal randomly selects one set of encryption key and decryption key when receiving the password of the authentication operation for the first time, and initially encrypts the password with the selected encryption key, and initially decrypts the password with the corresponding decryption key when decrypting the password.
4. The method of claim 1, wherein the unique identification code is a card number of the smart card or a chip ID of the smart card.
5. The method for smart card password saving and extraction according to claim 1, wherein the storage space address is stored in the storage space of the personal terminal independently in the form of a file, and the personal terminal obtains the storage space address in the file by calling the file.
6. A system for storing and extracting smart card passwords, comprising: the system comprises a memory, a processor and a smart card identification unit which are arranged on the personal mobile terminal, wherein the smart card identification unit is used for identifying a smart card and receiving a password of an authentication operation;
the processor is configured to encrypt and decrypt the password, and control distributed storage and reading of a ciphertext, specifically:
the processor includes:
the unique identification code acquisition unit is used for acquiring the unique identification code of the intelligent card through the intelligent card identification unit;
the initial encryption/decryption unit is used for initially encrypting the password through a preset encryption algorithm to obtain an initial encrypted ciphertext and initially decrypting the encrypted ciphertext according to the unique identification code to obtain an initial encrypted ciphertext;
the intelligent card encryption/decryption unit is used for adding a unique identification code related to the intelligent card into the initial encrypted ciphertext to obtain an encrypted ciphertext and decrypting the initial encrypted ciphertext by a decryption algorithm corresponding to a preset encryption algorithm to obtain the password;
the storage control unit is used for distributively storing the encrypted ciphertext into the storage space of the personal terminal and extracting the encrypted ciphertext distributed in the storage space of the personal terminal when the personal terminal is not communicated with the intelligent card for the first time;
the storage control unit includes:
the ciphertext data block dividing module is used for dividing the encrypted ciphertext into a plurality of ciphertext data blocks according to a preset rule;
the distributed storage control module is used for storing the ciphertext data blocks into storage spaces with different addresses in a distributed manner;
the random data filling module is used for adding random filling data into the free space between the storage spaces with different addresses;
the memory comprises a plurality of independent storage spaces for distributively storing the ciphertext.
7. The smart card password saving and extracting system as claimed in claim 6, wherein said memory comprises a file area for separately storing a file in which the address of the storage space of the ciphertext data block is recorded.
8. The smart card password saving and extracting system of claim 6, wherein the processor further comprises: the card number encryption unit is used for encrypting the card number of the smart card to obtain an encrypted card number; the encrypted card number is distributively stored into the memory space of the personal terminal by the memory control unit when the personal terminal is communicating with the smart card for the first time.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611247618.3A CN106874743B (en) | 2016-12-29 | 2016-12-29 | Method and system for storing and extracting smart card password |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611247618.3A CN106874743B (en) | 2016-12-29 | 2016-12-29 | Method and system for storing and extracting smart card password |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106874743A CN106874743A (en) | 2017-06-20 |
| CN106874743B true CN106874743B (en) | 2020-07-10 |
Family
ID=59164438
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611247618.3A Active CN106874743B (en) | 2016-12-29 | 2016-12-29 | Method and system for storing and extracting smart card password |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106874743B (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109933994B (en) * | 2017-12-18 | 2024-03-29 | 北京三快在线科技有限公司 | Data hierarchical storage method and device and computing equipment |
| WO2019120038A1 (en) | 2017-12-18 | 2019-06-27 | 北京三快在线科技有限公司 | Encrypted storage of data |
| CN108900869B (en) * | 2018-05-04 | 2021-02-02 | 烽火通信科技股份有限公司 | Communication group information encryption and decryption method and system |
| CN108337090A (en) * | 2018-05-21 | 2018-07-27 | 上海众人网络安全技术有限公司 | A kind of dynamic password acquisition methods, device, terminal and storage medium |
| CN109977640B (en) * | 2019-02-21 | 2020-12-25 | 兴业数字金融服务(上海)股份有限公司 | Method and device for recovering, keeping and using admin password |
| CN110795702A (en) * | 2019-10-12 | 2020-02-14 | 山东英信计算机技术有限公司 | Software anti-cracking method, device, equipment and medium |
| CN114360110A (en) * | 2022-01-06 | 2022-04-15 | 广东汇泰龙科技股份有限公司 | IC card encryption method, IC card verification method, device, equipment and medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102098401A (en) * | 2009-12-11 | 2011-06-15 | 华为技术有限公司 | Voucher card generating, charging and inquiring methods and systems |
| CN102158483A (en) * | 2011-03-11 | 2011-08-17 | 青岛海信传媒网络技术有限公司 | Method and system for authenticating access of intelligent television, intelligent television and authentication server |
| CN104683301A (en) * | 2013-11-28 | 2015-06-03 | 腾讯科技(深圳)有限公司 | Password saving method and password saving device |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100550083C (en) * | 2006-03-30 | 2009-10-14 | 华为技术有限公司 | The conversion method of character string and the generation of intelligent net service card and authentication method |
| CN102737308B (en) * | 2012-06-08 | 2015-08-12 | 中兴通讯股份有限公司 | The method and system of a kind of mobile terminal and inquiry smart card information thereof |
| CN105847279A (en) * | 2016-05-03 | 2016-08-10 | 深圳市永兴元科技有限公司 | Distributed data processing method and data center |
-
2016
- 2016-12-29 CN CN201611247618.3A patent/CN106874743B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102098401A (en) * | 2009-12-11 | 2011-06-15 | 华为技术有限公司 | Voucher card generating, charging and inquiring methods and systems |
| CN102158483A (en) * | 2011-03-11 | 2011-08-17 | 青岛海信传媒网络技术有限公司 | Method and system for authenticating access of intelligent television, intelligent television and authentication server |
| CN104683301A (en) * | 2013-11-28 | 2015-06-03 | 腾讯科技(深圳)有限公司 | Password saving method and password saving device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106874743A (en) | 2017-06-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106874743B (en) | Method and system for storing and extracting smart card password | |
| EP2442601B1 (en) | Method and system for automatically logging in client | |
| JP6129325B2 (en) | Method, system, and terminal for encrypting and decrypting application program in communication terminal | |
| WO2017202025A1 (en) | Terminal file encryption method, terminal file decryption method, and terminal | |
| US9461995B2 (en) | Terminal, network locking and network unlocking method for same, and storage medium | |
| CN102867157B (en) | Mobile terminal and data guard method | |
| CN101282218B (en) | Method for ciphering and deciphering host computer and pickaback plane of split type terminal | |
| CN105933886B (en) | ESIM number writing method, security system, ESIM number server and terminal | |
| EP2521065A2 (en) | Memory device and method for accessing the same | |
| CN109981275B (en) | Data transmission method, device, system, equipment and storage medium | |
| US20120284534A1 (en) | Memory Device and Method for Accessing the Same | |
| CN102123027A (en) | Information security processing method and mobile terminal | |
| CN104468937A (en) | Data encryption and decryption methods and devices for mobile terminal and protection system | |
| CN104244237A (en) | Data transmitting and receiving method, receiving and transmitting terminal and data transmitter-receiver set | |
| WO2015162127A1 (en) | Method and system for securing electronic data exchange between an industrial programmable device and a portable programmable device | |
| CN108667784B (en) | System and method for protecting internet identity card verification information | |
| CN103914662A (en) | Access control method and device of file encrypting system on the basis of partitions | |
| CN104239821A (en) | Encrypted solid state storage disc | |
| CN101866411A (en) | Security certification and encryption method and system of multi-application noncontact-type CPU card | |
| EP2065830B1 (en) | System and method of controlling access to a device | |
| US20050223218A1 (en) | Storing of data in a device | |
| CN102799540A (en) | Method, system and terminal for encrypting/decrypting storage card by secret key of subscriber identity module | |
| CN101883357A (en) | Method, device and system for mutual authentication between terminal and intelligent card | |
| EP3200436B1 (en) | Data processing method and data processing apparatus | |
| KR101666591B1 (en) | One time password certifacation system and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |