CN107026733A

CN107026733A - A kind of wearable device and the method that Password Management is carried out by it

Info

Publication number: CN107026733A
Application number: CN201610066108.XA
Authority: CN
Inventors: 李明
Original assignee: Individual
Current assignee: Individual
Priority date: 2016-01-29
Filing date: 2016-01-29
Publication date: 2017-08-08

Abstract

A kind of method that Password Management is carried out the invention discloses wearable device and by it.This method includes：Wearable device obtains the checking information and online PIN code of managed devices；The first quantity of preparatory condition is met in N number of detected value that judgement is detected；When the first quantity is more than or equal to X, online PIN code is encrypted, storage checking information and online PIN code ciphertext；When wearable device receives the password acquisition request that managed devices are sent：Judge to meet in the currently detected N number of detected value of N number of sensor the second quantity of preparatory condition；When the second quantity is more than or equal to Y, judge that password obtains the asked password of request；When the password asked is off line PIN code, authentication information is generated according to checking information and single authentication data, authentication information is sent to managed devices；When judging asked password as online PIN code, the online PIN code ciphertext of storage is sent to managed devices.

Description

A kind of wearable device and the method that Password Management is carried out by it

Technical field

The present invention relates to a kind of electronic technology field, more particularly to a kind of wearable device and the method by its progress Password Management.

Background technology

With the development of mobile communication technology and intelligent mobile terminal, increasing personal information storage is in mobile terminal such as intelligence On the personal devices such as energy mobile phone, IPAD, and some personal information are secret for the user for holding mobile terminal, such as Short message, message registration, contact person, photo and social software, banking software etc..If user loses smart mobile phone, Information in smart mobile phone can be obtained by criminal, so as to be caused damage to user.Therefore, safety of the user to mobile terminal The requirement more and more higher of property.

In the related art, the personal information generally for protection user will not be compromised, and user can set to smart mobile phone and unlock Password, for example, user checks short message, photo, when opening the social softwares such as banking software or wechat, QQ such as Alipay, Need to input a unlocking pin, by verifying that the unlocking pin of input is authenticated the identity of the user of smart mobile phone, only Have that the unlocking pin of input is correct, smart mobile phone could be used normally.

Although the personal information of user can be protected by way of inputting password to be revealed, and there is following drawback：One It is that using cumbersome, user checks that encrypted content must all input password every time, influences Consumer's Experience, profit inconvenient for use；Two Be if user set password it is too simple, once hand-set from stolen, illegal molecule be easy for can decryption, so as to can not reach To protecting the not compromised purpose of userspersonal information.

The content of the invention

One of present invention seek to address that above mentioned problem/.

It is a primary object of the present invention to provide a kind of method that Password Management is carried out by wearable device.

Another object of the present invention is to provide a kind of wearable device.

To reach above-mentioned purpose, what technical scheme was specifically realized in：

One aspect of the present invention provides a kind of method that Password Management is carried out by wearable device, including：Wearable device is obtained The checking information of managed devices and online PIN code；Wearable device judges the N that N number of sensor of wearable device is detected The first quantity of preparatory condition is met in individual detected value, wherein, preparatory condition is：I-th of detection that i-th of sensor is detected Value reaches i-th of predetermined threshold value, i=1,2,3 ... ..., N-1, N, N >=4 and N is positive integer；It is more than or equal in the first quantity In the case of X, online PIN code is encrypted wearable device, obtains online PIN code ciphertext, and store checking information and Online PIN code ciphertext, wherein, X is positive integer, and 3≤X≤N；After storage checking information and online PIN code ciphertext, After when the password that wearable device receives managed devices transmission obtains request, following operation is performed：Judge N number of sensing Meet the second quantity of preparatory condition in the currently detected N number of detected value of device；In the case where the second quantity is less than Y, it can wear Wear equipment refusal password and obtain request, wherein, Y is integer, and 0≤Y≤X；It is more than or equal to Y situation in the second quantity Under, wearable device judges that password obtains the asked password of request；Asked password is asked for off line judging that password is obtained In the case of PIN code, wearable device generates authentication information according to checking information and single authentication data, and authentication information is sent To managed devices；In the case where judging that password obtains the asked password of request for online PIN code, wearable device will be deposited The online PIN code ciphertext of storage is sent to managed devices.

Optionally, the checking information of wearable device acquisition managed devices includes one below：Wearable device is set with being managed It is standby to hold consultation, certification key is obtained, certification key is regard as checking information；Wearable device receives user and set by wearable The off line PIN code of standby input unit input, regard off line PIN code as checking information；Wearable device receives managed devices The off line PIN code of transmission, regard off line PIN code as checking information；And/or, wearable device obtains the online of managed devices PIN code, including one below：Wearable device receives the online PIN code that user is inputted by the input unit of wearable device； Wearable device receives the online PIN code that managed devices are sent.

Optionally, single authentication data include one below：The current time of the clock of wearable device, the meter of wearable device The current value and random number of number device.

Optionally, this method also includes：Judge the connection status or access times of managed devices and wearable device, if by Management equipment and the connection status of wearable device to disconnect or access times exceed preset times, then delete storage by pipe The checking information or online PIN code ciphertext of equipment are managed, or the checking information of the managed devices of storage or online PIN code is close The use mark of text is set to unavailable.

Optionally, this method also includes：Wearable device receives the Transaction Information that managed devices are sent；Wearable device is exported Prompt message, points out user to have transaction；Wearable device receives the confirmation response of user's input；Wearable device storage is handed over Easy information, and send confirmation to managed devices.

Optionally, wearable device, which receives managed devices and sent currently, the incident prompt message of friendship；Wearable device judges Whether the transaction that the last time occurs has been identified；In the case where the upper transaction once occurred is not identified, prompt message is exported, Prompting user confirms to last time transaction；Wearable device receives the confirmation response of user's input；Wearable device will be stored The state of last Transaction Information be set to have confirmed that；Wearable device sends prompt message to managed devices, points out quilt Management equipment continues current transaction.

Another aspect of the present invention provides a kind of wearable device, including：First acquisition module, for obtaining managed devices Checking information；Second acquisition module, the online PIN code for obtaining managed devices；Encrypting module, for being obtained to second The online PIN code that module is obtained is encrypted；Memory module, for storing the connection that checking information and encrypting module encryption are obtained Machine PIN code ciphertext；Receiving module, sets for after storage checking information and online PIN code ciphertext, often receiving to be managed The password that preparation is sent obtains request, detection trigger module；Detection module, for detect wearable device it is subsidiary in circuit return Whether road turns on；Performing module, in the case of being not turned in circuit loop, refusal password obtains request；3rd obtains Module, in the case of being turned in circuit loop, obtains the detected value that the sensor being arranged on subsidiary is detected；First sentences Disconnected module, for judging whether the detected value that the 3rd acquisition module is obtained reaches predetermined threshold value；Performing module is additionally operable to sentence first In the case that disconnected module judges that detected value is not reaching to predetermined threshold value, wearable device refusal password obtains request；Second judges mould Block, in the case of judging that detected value reaches predetermined threshold value in the first judge module, judges that password acquisition is asked close Code；Respond module, in the case of judging the asked password of password acquisition request for off line PIN code in the second judge module, According to checking information and single authentication data generation authentication information, authentication information is sent to managed devices；And judging close Code obtains the asked password of request and set in the case of online PIN code, the online PIN code ciphertext of storage to be sent to be managed It is standby.

Optionally, the first acquisition module obtains the checking information of managed devices one of in the following manner：Wearable device and quilt Management equipment is held consultation, and obtains certification key, regard certification key as checking information；Wearable device receives user by can The off line PIN code of the input unit input of wearable device, regard off line PIN code as checking information；Wearable device is received by pipe The off line PIN code that equipment is sent is managed, off line PIN code is regard as checking information.

Optional, the second acquisition module obtains the online PIN code of managed devices in the following manner：Reception user passes through wearable The online PIN code of the input unit input of equipment；Or, receive the online PIN code that managed devices are sent.

Alternatively, the equipment also includes：3rd judge module, the connection status for judging managed devices and wearable device Or access times；Performing module be additionally operable to the connection status in managed devices and wearable device for disconnect or access times In the case of preset times, the checking information or online PIN code ciphertext of the managed devices of storage are deleted, or will storage Managed devices checking information or online PIN code ciphertext use mark be set to it is unavailable.

Alternatively, receiving module is additionally operable to receive the Transaction Information that managed devices are sent；Wearable device also includes：First carries Show module, for exporting prompt message, point out user to have transaction；The confirmation that receiving module is additionally operable to receive user's input rings Should；Memory module is additionally operable to store transaction information；Respond module is additionally operable to after receiving module receives confirmation response, to quilt Management equipment sends confirmation.

Alternatively, receiving module is additionally operable to receive managed devices and send currently have the incident prompt message of friendship；Wearable device Also include：3rd judge module, for judging whether the transaction of last generation has been identified；Second reminding module, for In the case that the transaction that last time occurs is not identified, prompt message is exported, points out user to confirm last time transaction； Receiving module is additionally operable to receive the confirmation response of user's input；Performing module is additionally operable to the shape of the last Transaction Information of storage State is set to have confirmed that；Respond module is additionally operable to send prompt message to managed devices, points out managed devices to continue current hand over Easily.

As seen from the above technical solution provided by the invention, the technical scheme provided by the present invention, wearable device is true Surely in the case of being worn on user, the checking information of managed devices and online PIN code ciphertext are stored, receive by When the password of management equipment obtains request, it is ensured that in the case that wearable device is still worn on user, set if be managed Standby request is off line PIN code, then generates authentication information according to checking information, authentication information is returned into managed devices, such as The online PIN code that the request of fruit managed devices is, then be sent to managed devices by the online PIN code ciphertext of storage, so as to To ensure the safety of password, the input number of times of password can be reduced again, improve Consumer's Experience..

Brief description of the drawings

In order to illustrate the technical solution of the embodiments of the present invention more clearly, the accompanying drawing used required in being described below to embodiment It is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the present invention, for this area For those of ordinary skill, on the premise of not paying creative work, other accompanying drawings can also be obtained according to these accompanying drawings.

Fig. 1 is the system architecture diagram that Password Management is carried out by wearable device that the embodiment of the present invention 1 is provided；

Fig. 2 is a kind of wearable device structural representation that the embodiment of the present invention 2 is provided；

Fig. 3 is the structural representation for another wearable device that the embodiment of the present invention 2 is provided；

Fig. 4 is the method flow diagram that Password Management is carried out by wearable device that the embodiment of the present invention 3 is provided.

Embodiment

With reference to the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described, Obviously, described embodiment is only a part of embodiment of the invention, rather than whole embodiments.Reality based on the present invention Example is applied, the every other embodiment that those of ordinary skill in the art are obtained under the premise of creative work is not made is belonged to Protection scope of the present invention.

In the description of the invention, it is to be understood that term " " center ", " longitudinal direction ", " transverse direction ", " on ", " under ", "front", "rear", The orientation or position relationship of the instruction such as "left", "right", " vertical ", " level ", " top ", " bottom ", " interior ", " outer " is based on accompanying drawing institutes The orientation or position relationship shown, is for only for ease of the description present invention and simplifies description, rather than indicate or imply signified device Or element there must be specific orientation, with specific azimuth configuration and operation, therefore it is not considered as limiting the invention. In addition, term " first ", " second " are only used for describing purpose, and it is not intended that indicating or implying relative importance or quantity or position Put.

In the description of the invention, it is necessary to explanation, unless otherwise clearly defined and limited, term " installation ", " connected ", " connection " should be interpreted broadly, for example, it may be being fixedly connected or being detachably connected, or be integrally connected；Can be with It is mechanical connection or electrical connection；Can be joined directly together, can also be indirectly connected to by intermediary, can be two The connection of individual element internal.For the ordinary skill in the art, with concrete condition above-mentioned term can be understood in the present invention In concrete meaning.

The embodiment of the present invention is described in further detail below in conjunction with accompanying drawing.

Embodiment 1

Present embodiments provide a kind of system that Password Management is carried out by wearable device.

The configuration diagram of the system for the wearable device transmission password that Fig. 1 provides for the present embodiment, as shown in figure 1, the system Mainly include：Wearable device 10 and managed devices 20.

In the present embodiment, wearable device 10 and managed devices 20 can be by wired connections, can also be by wirelessly connecting Connect.Alternatively, wearable device 10 and managed devices 20 are by wireless connection, for example, bluetooth approach, WIFI modes, Infrared mode or NFC modes etc..Wearable device 10 can be guarded against for intelligent watch, Intelligent bracelet, intelligent waistband, intelligence Finger etc. can directly be worn on human body and can manage the portable set of other equipment, and managed devices 20 can be intelligence Card, electronic key equipment, mobile terminal (for example, smart mobile phone, tablet personal computer etc.) etc..

In the present embodiment, wearable device 10 is used for：Obtain the checking information and online PIN code of managed devices 20；Sentence The first quantity of preparatory condition is met in N number of detected value that N number of sensor of disconnected wearable device 10 is detected, wherein, in advance If condition is：I-th of detected value that i-th of sensor is detected reaches i-th of predetermined threshold value, i=1,2,3 ... ..., N-1, N, N >=4 And N is positive integer；In the case where the first quantity is more than or equal to X, online PIN code is encrypted, online PIN is obtained Code ciphertext, and stores checking information and online PIN code ciphertext, wherein, X is positive integer, and 3≤X≤N.In the present embodiment In, wearable device 10 is before by the checking information of managed devices 20 and the storage of online PIN code ciphertext, and first to judge can Whether wearable device 10 is worn on user, only in the case where wearable device 10 is worn on user, just will be by The checking information of management equipment 20 and the storage of online PIN code ciphertext, so as to ensure the safe handling of password.

In the present embodiment, it is wearable before the checking information and online PIN code of the acquisition of wearable device 10 managed devices Equipment 10 can be authenticated with the identity of managed devices 20, and checking information is just stored after in authentication, so as to To ensure the identity of managed devices 20.Checking information and online PIN code ciphertext can be stored in and can worn by wearable device 10 Wear the storage region that can only be had secure access in equipment 10, it is ensured that the safety of checking information.

For example, can be mutually authenticated in the following manner between wearable device 10 and managed devices 20：It is managed and sets The first data to be signed of standby 20 generation, first data to be signed can include random number and/or chance event, managed devices 20 pairs of first data to be signed carry out signature the first signed data of generation, and managed devices 20 encrypt the first data to be signed Sent afterwards together with the first signed data to wearable device 10, wearable device 10 is using the first data to be signed to first Signed data carries out sign test, in sign test by rear, generates the second data to be signed, second data to be signed can include random Number and/or chance event, 10 pairs of wearable device, second data to be signed carry out signature the second signed data of generation, wearable Equipment 10 is sent to managed devices 20, managed devices after second data to be signed are encrypted together with the second signed data 20 carry out sign test using the second data to be signed to the second signed data, and sign test is by rear, then mutual authentication passes through, thus, can It is considered that other side is trusted device between wearable device 10 and managed devices 20, authentication mode mentioned above is One kind in a variety of authentication modes, the present embodiment is not precluded from other authentication modes.

As an optional embodiment of the embodiment of the present invention, wearable device 10 can be obtained by pipe by following three kinds of modes Manage the checking information of equipment 20：

Mode one, wearable device 10 are held consultation with managed devices 20, obtain certification key, using certification key as testing Information is demonstrate,proved, or, (for example, MAC is calculated or Hash calculation) can also be calculated certification key, result of calculation is made For checking information.

Wearable device 10 can be held consultation after mutual authentication with managed devices 20, obtain certification key, in addition, Wearable device 10 and managed devices 20 can also negotiate transmission key simultaneously, during subsequent communications, and both sides can be with Decryption is encrypted to the data transmitted during intercommunication using respective transmission key, encrypted transmission is realized, it is ensured that number According to the security of transmission.

In the present embodiment, wearable device 10 is consulted to obtain after certification key with managed devices 20, the He of wearable device 10 Managed devices 20 can recognize the certification key, and wearable device 10 is obtained after certification key, can make certification key Stored for checking information.By certification key rather than directly using off line PIN code as checking information, off line PIN can be prevented Code leakage.

Mode two, wearable device 10 receive the off line PIN code that user is inputted by the input unit of wearable device 10, will Off line PIN code as checking information, or, off line PIN code can also be calculated (for example, MAC calculate or Hash meter Calculate), it regard result of calculation as checking information；

In the present embodiment, off line PIN code for can the local verification correctness of managed devices 20 PIN code, for example, Startup password, unlocking pin etc..User be able to can also be passed through by the input through keyboard off line PIN code of wearable device 10 The touch-screen input off line PIN code of wearable device 10, can also input language by the voice input device of wearable device 10 The off line PIN code of sound form, specific the present embodiment is not construed as limiting.Off line PIN is inputted by the input unit of wearable device 10 Code, off line PIN code is directly obtained by wearable device 10, eliminates the risk that off line PIN code is held as a hostage in transmitting procedure, It ensure that the safety of off line PIN code.

Mode three, wearable device 10 receive the off line PIN code that managed devices 20 are sent, and regard off line PIN code as checking Information, or, (for example, MAC is calculated or Hash calculation) can also be calculated off line PIN code, result of calculation is made For checking information.

In the present embodiment, the off line PIN code that managed devices 20 are sent can be input of the user by managed devices 20 Device inputs off line PIN code, or other equipment is sent to the off line PIN code of managed devices 20, managed devices 20 can be that after first time is verified to off line PIN code, off line PIN code is sent into wearable device 10.It can wear Wear equipment 10 and receive the off line PIN code that managed devices 20 are sent, input dress is set without extra on wearable device 10 Put, simplify the structure of wearable device 10, saved the cost of wearable device 10.

In the present embodiment, online PIN code is that can only can not be verified in the local verification of managed devices 20 in background server PIN code, for example, login password.Wearable device 10 can make when encrypting the online PIN code of managed devices 20 Online PIN code is encrypted with the public key of managed devices 20, the online PIN code ciphertext that storage encryption is obtained.By right Online PIN code is encrypted, even if online PIN code ciphertext is illegally obtained by third party, because third party does not have managed devices Private key, it is impossible to online PIN code is obtained in plain text to the decryption of online PIN code ciphertext, it is ensured that the safety of online PIN code.Certainly, Wearable device 10 online PIN code can also be encrypted using other keys, for example, wearable device 10 can be used Online PIN code is encrypted the transmission key consulted with managed devices 20, and specific the present embodiment is not construed as limiting.

As an optional embodiment of the embodiment of the present invention, wearable device 10 can be obtained by pipe by following two modes Manage the online PIN code of equipment：

Mode one：Wearable device 10 receives the online PIN code that user is inputted by the input unit of wearable device 10.With Family can connect PIN code by the input through keyboard of wearable device 10, can also be inputted by the touch-screen of wearable device 10 Online PIN code, can also input the online PIN code of speech form by the voice input device of wearable device 10.Pass through The input unit of wearable device 10 inputs online PIN code, and online PIN code is directly obtained by wearable device 10, eliminates connection The risk that machine PIN code is held as a hostage in transmitting procedure, it is ensured that the safety of online PIN code.

Mode two：Wearable device 10 receives the online PIN code that managed devices are sent.Wearable device 10 receives user and led to The online PIN code of the input unit input of managed devices is crossed, or wearable device 10 receives other equipment and sent to by pipe Manage the online PIN code of equipment.Wearable device 10 receives the online PIN code that managed devices are sent, without being set wearable It is extra on standby 10 that input unit is set, the structure of wearable device 10 is simplified, the cost of wearable device 10 has been saved.

As an optional embodiment of inventive embodiments, wearable device 10 can be close by checking information and online PIN code Text is stored in the RAM of itself.In the present embodiment, checking information and online PIN code ciphertext are stored in random access memory In (Random Access Memory, RAM), storage and the operation read can be rapidly completed.In addition, wearable ought set During standby 10 power-off, the checking information and online PIN code ciphertext being stored in RAM will be deleted, it is ensured that the peace of information Entirely.

Managed devices 20, for when needing input password, sending password to wearable device 10 and obtaining request；For example, Managed devices 20 are when starting shooting or solving lock screen, it is necessary to input off line PIN code, and managed devices 20 are to wearable device 10 Send password and obtain request, the acquisition request off line PIN code；Or, managed devices 20 can also logged in or merchandised Need to input online PIN code in journey, sending password to wearable device 10 obtains request.

In a particular application, wearable device 10, can be respectively to checking when storing checking information and online PIN code ciphertext Information and online PIN code ciphertext set an identification information, and identification information is notified to managed devices 20, managed devices 20 when asking password, can send corresponding password according to the identification information and obtain request.

In the present embodiment, wearable device 10 is additionally operable to：Receive managed devices 20 send password obtain request when it Afterwards, judge to meet in the currently detected N number of detected value of N number of sensor the second quantity of preparatory condition；It is less than in the second quantity In the case of Y, the refusal password of wearable device 10 obtains request, wherein, Y is integer, and 0≤Y≤X；In the second quantity In the case of Y, wearable device 10 judges that password obtains the asked password of request；Judging password acquisition In the case that the asked password of request is off line PIN code, wearable device 10 is given birth to according to checking information and single authentication data Into authentication information, authentication information is sent to managed devices 20；Asked password is asked to be online judging that password is obtained In the case of PIN code, the online PIN code ciphertext of storage is sent to managed devices 20 by wearable device 10.

I.e. in the present embodiment, wearable device 10 directly can't send out corresponding information when receiving password acquisition request Managed devices 20 are given, but first to judge whether wearable device 10 is under wearing state, only in wearing shape Under state, corresponding information is just sent to managed devices 20.In the present embodiment, wearable device 10 is receiving password Obtain the condition ratio judged during request wide in storage checking information and online PIN code ciphertext, i.e., the principle gone out using Yan Jinkuan, The safety of information can be ensured, the property easy to use of user is disclosure satisfy that again.

In an optional embodiment of the embodiment of the present invention, the password that managed devices 20 are sent is obtained can also take in request To data to be signed sign obtained signature value with managed devices 20；Then wearable device 10 is additionally operable to signature value Sign test is carried out, in sign test in the case of, performs and judges the step of password obtains request asked password, it is obstructed in sign test In the case of crossing, refusal password obtains request.For example, managed devices 20 can be treated using the private key of managed devices 20 Signed data sign obtaining signature value, and the embodiment of signature is：Managed devices 20 are calculated using HASH algorithms Data to be signed obtain the summary of data to be signed, and the summary of data to be signed is added using the private key of managed devices 20 It is close, obtain signature value.Wearable device 10 judges that password is obtained before asking asked password, it is possible to use managed devices 20 public key carries out sign test to signature value, and the embodiment of sign test can be：Wearable device 10 utilizes managed devices The signature value of reception is decrypted 20 public key, obtain the summary of data to be signed, and using HASH algorithms to receiving Data to be signed calculate the summary for obtaining data to be signed, compare and decrypt obtained data to be signed summary with calculating what is obtained Whether the summary of data to be signed is identical, if identical, and the sign test to signature value passes through, and it is close that execution acquisition is asked The step of code, if it is not the same, refusal password obtains request.It can ensure that sending password obtains by carrying out sign test to signature value The identity of the managed devices of request, it is ensured that information uses safety.

In an optional embodiment of the embodiment of the present invention, single authentication data include but is not limited to one below：It is wearable The current time of the clock of equipment 10, the current value and random number of the counter of wearable device 10.

In above-mentioned optional embodiment, when current time of the single authentication data for the clock of wearable device, single authentication Data can be for some time the term of validity, such as single authentication data can be as accurate as 1 minute, all be effective in one minute , both avoid Replay Attack, can avoid again single authentication data effective time it is too short cause single authentication data authentication fail Rate increase.When the current value of the counter of single authentication data bit wearable device, wearable device often performs a password The operation of response is obtained, counter can increase a count value, for example, when wearable device performs password acquisition response for the first time, Counter produces count value 1, and when performing password acquisition response next time, counter produces count value 2, by that analogy, certainly specific Count value form not limited to this.When single authentication data be random factor when, random factor can be one or a string of random numbers, Either can be one or a string of random characters or a string of random numbers and any combination of random character, in this case, Random factor with authentication information can be sent jointly to managed devices by wearable device.In the present embodiment, single authentication number According to being used only once, therefore Replay Attack can be prevented.

In an optional embodiment of the embodiment of the present invention, managed devices 20 are additionally operable to refuse close in wearable device 10 In the case that code obtains request, prompt message is exported, user is pointed out input password.I.e. in the present embodiment, if wearable set Standby 10 passwords that have rejected managed devices 20 obtain request, then managed devices 20 can export prompt message, for example, One Password Input frame of display etc., points out user to be manually entered password, it is ensured that the flow that managed devices 20 are currently performed can be after It is continuous.

In an optional embodiment of the embodiment of the present invention, managed devices 20 are additionally operable to：Returned in wearable device 10 In the case of authentication information, according to single authentication data and predetermined checking information, response is generated, and judge generation Whether response matches unanimously with the authentication information received, in the case where judging that response is matched with authentication information, is managed Equipment 20 determines local verification password authentification success, continues follow-up process；Judging response and the unmatched situation of authentication information Under, the output prompt message of managed devices 20 points out user input local verification password；Returned in wearable device 10 online In the case of PIN code ciphertext, online PIN code ciphertext is decrypted, online PIN code is obtained, online PIN code is sent to Remote authentication.I.e. in the present embodiment, the information that managed devices 20 can be returned according to wearable device 10, is performed with working as The preceding corresponding password authentification of flow obtains operation, so that managed devices 20 can continue executing with follow-up flow.

In the present embodiment, the sensor being arranged on wearable device 10 can be temperature sensor, Proximity Sensor, energy Enough obtain sensor of user biological feature (for example, pulse, heart rate etc.) etc., accordingly, the detected value that sensor is detected Can be the distance between temperature, the object nearest from sensor and sensor of the object nearest from sensor, biological characteristic letter Breath etc., is not restricted in the present embodiment.Corresponding predetermined threshold value can be set according to the type of detected value.If for example, passed Sensor is temperature sensor, and its detected value is the temperature of the object nearest from sensor, then wearable device may determine that temperature is passed Whether the temperature that sensor is detected is more than predetermined threshold value, wherein, predetermined threshold value can be set as slightly below body surface mean temperature A temperature value, for example, 36 degrees Celsius, is not specifically limited in the present embodiment.If sensor is Proximity Sensor, Its detected value is the distance between the object nearest from sensor and sensor, then wearable device judges Proximity Sensor detection Whether the distance arrived is less than predetermined threshold value, wherein, predetermined threshold value can be set as a less distance value, for example, 5 millimeters, It is not specifically limited in the present embodiment.If sensor is that can obtain user biological feature (for example, pulse, heart rate etc.) Sensor, its detected value is biological information, then wearable device judges the biological information that detects and the use prestored Whether the matching degree of family biological information is more than predetermined threshold value, and wherein predetermined threshold value can be set as detected value and the user prestored The matching degree of biological information, for example, 90%, it is not specifically limited in the present embodiment.

In the present embodiment, being arranged on multiple sensors on wearable device 10 can be with identical, can also be different.In addition, each The corresponding threshold value of individual sensor can be the same or different, even if same sensor, be arranged on wearable device 10 not With the sensor of position, corresponding threshold value can also be identical, can also be different.For example, be all pressure sensor for bracelet, When judging whether wearable device 10 is under wearing state, the pressure that the pressure above arm is more than lower section, correspondence are worn on The threshold value of the sensor of position is corresponding also big.

In an optional embodiment of the embodiment of the present invention, wearable device 10 is additionally operable to reception managed devices 20 and sent Transaction Information；Prompt message is exported, points out user to have transaction；Receive the confirmation response of user's input；Store transaction is believed Breath, and send confirmation to managed devices 20.I.e. in the optional embodiment, managed devices 20 are being merchandised Afterwards, when producing easy information, the Transaction Information of this transaction is sent to wearable device 10, the prompting of wearable device 10 is used Whether family allows this to merchandise, and after the confirmation for receiving user is responded, confirmation is sent to managed devices 20, by pipe Reason equipment 20 is received after confirmation, can perform corresponding operation of withholing.By the optional embodiment, user can be with Merchandise occur when, transaction is confirmed, prohibit the use of wearable device 10 to the off line PIN codes of managed devices 20 and After online PIN code realization is automatically entered, occurs the unknowable illegal transaction of user, it is ensured that the property safety of user.

Or, in another optional embodiment of the present embodiment, managed devices 20 can also be when there is transaction to occur to can Wearable device sends prompt message, in the optional embodiment, and wearable device 10 is additionally operable to reception managed devices 20 and sent out Sending currently has the incident prompt message of friendship；Judge whether the transaction of last generation has been identified；In the upper transaction once occurred In the case of not being identified, prompt message is exported, points out user to confirm last time transaction；Receive user's input really Recognize response；The state of the last Transaction Information of storage is set to have confirmed that；Prompt message is sent to managed devices 20, Indicate that the managed devices continue current transaction.In the optional embodiment, if wearable device 10 judges last friendship Easily it has been identified, then directly can have sent prompt message to managed devices 20, has indicated that the managed devices continue current transaction. Using the optional embodiment, wearable device 10 can also be prohibitted the use of to the off line PIN code of managed devices 20 and online After PIN code realization is automatically entered, occurs the unknowable illegal transaction of user, it is ensured that the property safety of user.

By technical scheme provided in an embodiment of the present invention, wearable device, will be by the case of it is determined that being worn on user The checking information of management equipment and the storage of online PIN code ciphertext, when the password for receiving managed devices obtains request, it is ensured that In the case that wearable device is still worn on user, if managed devices request is off line PIN code, basis is tested Information generation authentication information is demonstrate,proved, authentication information is returned into managed devices, if the online PIN code that managed devices request is, The online PIN code ciphertext of storage is then sent to managed devices, the safety of password is thereby may be ensured that, password can be reduced again Number of times is inputted, Consumer's Experience is improved.Also, judge that the condition whether wearable device is worn on user is strict in obtaining during storage The condition whether wearable device is worn on user is judged when taking, so as to while information security is preserved, improve and use The convenience that family is used.

Embodiment 2

A kind of wearable device is present embodiments provided, the wearable device can be used as the wearable device in above-described embodiment 10。

The structural representation for the wearable device that Fig. 2 provides for the present embodiment, as shown in Fig. 2 the wearable device mainly includes： First acquisition module 201, the checking information for obtaining managed devices；Second acquisition module 202, is managed for obtaining The online PIN code of equipment；Encrypting module 203, for the online PIN code that the second acquisition module is obtained to be encrypted；Storage Module 204, for storing the online PIN code ciphertext that checking information and encrypting module encryption are obtained；Receiving module 205, is used Request, triggering are obtained in the password for after storage checking information and online PIN code ciphertext, often receiving managed devices transmission Detection module 206；Detection module 206, for detect wearable device it is subsidiary in circuit loop whether turn on；Perform mould Block 207, in the case of being not turned in circuit loop, refusal password obtains request；3rd acquisition module 208, is used for In the case where circuit loop is turned on, the detected value that the sensor being arranged on subsidiary is detected is obtained；First judge module 209, For judging whether the detected value that the 3rd acquisition module is obtained reaches predetermined threshold value；Performing module 207 is additionally operable to judge mould first In the case that block 209 judges that detected value is not reaching to predetermined threshold value, wearable device refusal password obtains request；Second judges mould Block 210 is used in the case where the first judge module 209 judges that detected value reaches predetermined threshold value, judges that password is obtained and asks The password asked；Respond module 211, for judging that password obtains the asked password of request for off line in the second judge module 210 In the case of PIN code, authentication information is generated according to checking information and single authentication data, authentication information is sent to be managed set It is standby；And in the case where judging that password obtains the asked password of request for online PIN code, the online PIN code of storage is close Text is sent to managed devices.

In an optional embodiment of the embodiment of the present invention, the first acquisition module 201 can be obtained one of in the following manner The checking information of managed devices：

(1) held consultation with managed devices, obtain certification key, regard certification key as checking information；Or, can also (for example, MAC is calculated or Hash calculation) is calculated certification key, result of calculation is regard as checking information.

(2) the off line PIN code that user is inputted by the input unit of wearable device is received, off line PIN code is regard as checking Information, or, (for example, MAC is calculated or Hash calculation) can also be calculated off line PIN code, result of calculation is made For checking information.

(3) the off line PIN code that managed devices are sent is received, using off line PIN code as checking information, or, can also (for example, MAC is calculated or Hash calculation) is calculated off line PIN code, result of calculation is regard as checking information.

In an optional embodiment of the embodiment of the present invention, the second acquisition module 202 is obtained to be managed and set in the following manner Standby online PIN code：

(1) the online PIN code that user is inputted by the input unit of wearable device is received；User can pass through wearable device Input through keyboard connection PIN code, online PIN code can also be inputted by the touch-screen of wearable device, can also be by that can wear The voice input device for wearing equipment inputs the online PIN code of speech form.Online PIN is inputted by the input unit of wearable device Code, online PIN code is directly obtained by wearable device, eliminates the risk that online PIN code is held as a hostage in transmitting procedure, it is ensured that The safety of online PIN code.

(2) the online PIN code that managed devices are sent is received.For example, it is defeated by the input unit of managed devices to receive user The online PIN code entered, or reception other equipment are sent to the online PIN code of managed devices.Using which, without It is extra on wearable device that input unit is set, the structure of wearable device is simplified, the cost of wearable device has been saved.

Managed devices, which are carried, in an optional embodiment of the embodiment of the present invention, in password acquisition request treats number of signature The signature value obtained according to sign；Wearable device can also include：Sign test module, for judging close in the second judge module Code is obtained before the asked password of request, and sign test is carried out to signature value, in sign test in the case of, and triggering first judges mould Block, in sign test not in the case of, the triggering refusal password of performing module 207 obtains request.

In an optional embodiment of the embodiment of the present invention, memory module 204 stores checking information and connection in the following manner Machine PIN code ciphertext：Checking information and online PIN code ciphertext are stored in the RAM of wearable device.In the present embodiment, Checking information and online PIN code ciphertext are stored in random access memory (Random Access Memory, RAM), Storage and the operation read can be rapidly completed.In addition, when wearable device power-off, being stored in the checking letter in RAM Breath and online PIN code ciphertext will be deleted, it is ensured that the safety of information.

In an optional embodiment of the embodiment of the present invention, as shown in figure 3, wearable device can also include：4th obtains Modulus block 212, the device identification for obtaining managed devices；Memory module 204 can store checking letter in such a way Breath and online PIN code ciphertext：According to device identification associated storage checking information and online PIN code ciphertext.

Wherein, the device identification of managed devices can be the sequence number of managed devices, certainly, the equipment mark of managed devices As long as knowledge can be with the mark of unique mark managed devices, it is not limited to the sequence number of managed devices.Memory module 204 can be according to the device identification associated storage checking information of managed devices and the embodiment of online PIN code ciphertext： Device identification and the checking information and the mapping relations of online PIN code ciphertext of managed devices are set up, according to setting for managed devices The mapping relations storage checking information of standby mark and checking information and online PIN code ciphertext.Verified according to device identification associated storage Information and online PIN code ciphertext, when the password for receiving managed devices obtains request, can search according to device identification and verify Information and online PIN code ciphertext, accelerate wearable device response speed, improve the operating efficiency of wearable device.

In an optional embodiment of the embodiment of the present invention, as shown in figure 3, wearable device can also include：3rd sentences Disconnected module 213, connection status or access times for judging managed devices and wearable device；Performing module 207 is also used In the connection status of managed devices and wearable device for disconnect or access times exceed preset times in the case of, delete The checking information or online PIN code ciphertext associated except the device identification with wearable device of storage, or by storage with that can wear The use mark of the checking information or online PIN code ciphertext of wearing the device identification association of equipment is set to unavailable.It is optional by this Embodiment, it is ensured that using for the password of the managed devices of storage is safe.

For example, it is possible to use binary-coded character is represented using mark, when using being designated 1, represents checking information or online PIN Code ciphertext can use, and when using being designated 0, identity verification information or online PIN code ciphertext are unavailable.It is of course also possible to Other modes are set using the available or down state of mark.It is disconnected in the connection status of managed devices and wearable device Open or access times are more than in the case of preset times, can will correspond to the checking information or online PIN code of managed devices Ciphertext is designated unavailable, and the follow-up managed devices are accessed or during certification again, can direct testing the managed devices 20 Card information or online PIN code ciphertext are designated available, the checking information or online without obtaining the managed devices 20 again PIN code ciphertext is simultaneously stored, and has been saved the time, has been improved Consumer's Experience.

In the present embodiment, wearable device, which can be set, can obtain the preset times of password response, when managed devices are obtained When the access times of password response exceed preset times, then the checking letter that the device identification with wearable device of storage is associated is deleted Breath or online PIN code ciphertext, or the checking information that the device identification with wearable device of storage is associated or online PIN code The use mark of ciphertext is set to unavailable.By the embodiment, it can prevent managed devices from unrestrictedly obtaining checking information With online PIN code ciphertext, it is ensured that the safety of checking information and online PIN code ciphertext.

In the present embodiment, be arranged on sensor on wearable device can for temperature sensor, Proximity Sensor, can Sensor of user biological feature (for example, pulse, heart rate etc.) etc. is obtained, accordingly, the detected value that sensor is detected can Think the distance between temperature, the object nearest from sensor and sensor of the object nearest from sensor, biological information Deng not being restricted in the present embodiment.Corresponding predetermined threshold value can be set according to the type of detected value.If for example, sensing Device is temperature sensor, and its detected value is the temperature of the object nearest from sensor, then wearable device may determine that TEMP Whether the temperature that device is detected is more than predetermined threshold value, wherein, predetermined threshold value can be set as slightly below body surface mean temperature One temperature value, for example, 36 degrees Celsius, is not specifically limited in the present embodiment.If sensor is Proximity Sensor, Its detected value is the distance between the object nearest from sensor and sensor, then wearable device judges Proximity Sensor detection Whether the distance arrived is less than predetermined threshold value, wherein, predetermined threshold value can be set as a less distance value, for example, 5 millimeters, It is not specifically limited in the present embodiment.If sensor is that can obtain user biological feature (for example, pulse, heart rate etc.) Sensor, its detected value is biological information, then wearable device judges the biological information that detects and the use prestored Whether the matching degree of family biological information is more than predetermined threshold value, and wherein predetermined threshold value can be set as detected value and the user prestored The matching degree of biological information, for example, 90%, it is not specifically limited in the present embodiment.

In the present embodiment, being arranged on multiple sensors on wearable device can be with identical, can also be different.In addition, each The corresponding threshold value of sensor can be the same or different, even if same sensor, be arranged on the different positions on wearable device The corresponding threshold value of sensor put can also be identical, can also be different.For example, being all pressure sensor for bracelet, sentencing When whether disconnected wearable device is under wearing state, the pressure that the pressure above arm is more than lower section is worn on, correspondence position The threshold value of sensor is corresponding also big.

In an optional embodiment of the embodiment of the present invention, receiving module 205 is additionally operable to receive the friendship that managed devices are sent Easy information；Wearable device can also include：First reminding module, for exporting prompt message, points out user to have transaction； Receiving module 205 is additionally operable to receive the confirmation response of user's input；Memory module 204 is additionally operable to store transaction information；Respond mould Block 211 is additionally operable to after receiving module 205 receives confirmation response, and confirmation is sent to managed devices.I.e. can at this Select in embodiment, managed devices are being merchandised, when producing easy information, the friendship of this transaction is sent to wearable device Easy information, receiving module 205 is received after the Transaction Information, and the first reminding module of triggering prompts the user whether to allow this to hand over Easily, after receiving module 205 receives the confirmation response of user, respond module 211 sends confirmation to managed devices, Managed devices are received after confirmation, can perform corresponding operation of withholing.Pass through the optional embodiment, Yong Huke With merchandise occur when, transaction is confirmed, wearable device is prohibitted the use of to the off line PIN code of managed devices and online After PIN code realization is automatically entered, occurs the unknowable illegal transaction of user, it is ensured that the property safety of user.

Or, in another optional embodiment of the present embodiment, receiving module 205 is additionally operable to receive managed devices transmission It is current to have the incident prompt message of friendship；Wearable device can also include：3rd judge module, for judging last generation Transaction whether be identified；Second reminding module, in the case of not being identified in the upper transaction once occurred, output Prompt message, points out user to confirm last time transaction；Receiving module 205 is additionally operable to receive the confirmation response of user's input； Performing module 207 is additionally operable to be set to have confirmed that by the state of the last Transaction Information of storage；Respond module 211 is additionally operable to Prompt message is sent to managed devices, points out managed devices to continue current transaction.In the optional embodiment, if sentenced Disconnected last transaction has been identified, then directly can send prompt message to managed devices, indicate that the managed devices continue Current transaction.Using the optional embodiment, wearable device can also be prohibitted the use of to the off line PIN code of managed devices and After online PIN code realization is automatically entered, occurs the unknowable illegal transaction of user, it is ensured that the property safety of user.

The technical scheme provided by the present embodiment, wearable device will be managed in the case of it is determined that being worn on user The checking information of equipment and the storage of online PIN code ciphertext, when the password for receiving managed devices obtains request, it is ensured that can wear Wear in the case that equipment is still worn on user, if managed devices request is off line PIN code, believed according to checking Breath generation authentication information, managed devices are returned to by authentication information, if the online PIN code that managed devices request is, The online PIN code ciphertext of storage is sent to managed devices, the safety of password is thereby may be ensured that, the defeated of password can be reduced again Indegree, improves Consumer's Experience.Also, judge that the condition whether wearable device is worn on user is strict in obtaining during storage When judge the condition whether wearable device is worn on user, so as to preserve information security while, improve user The convenience used.

Embodiment 3

Present embodiments provide a kind of method that wearable device carries out Password Management by wearable device.

Fig. 4 carries out the flow chart of the method for Password Management for the wearable device that the present embodiment is provided by wearable device, such as schemes Shown in 4, this method mainly includes the following steps that S401- steps S409.

Step S401, wearable device obtains the checking information and online PIN code of managed devices；

In the present embodiment, before the checking information and online PIN code of wearable device acquisition managed devices, wearable device It can be authenticated with managed devices identity, checking information just be stored after in authentication, so as to ensure by pipe Manage the identity of equipment.Checking information and online PIN code ciphertext can be stored in wearable device and can only be pacified by wearable device The storage region accessed entirely, it is ensured that the safety of checking information.

For example, can be mutually authenticated in the following manner between wearable device and managed devices：Managed devices are generated First data to be signed, first data to be signed can include random number and/or chance event, and managed devices first are treated to this Signed data carry out signature generation the first signed data, managed devices by the first data to be signed encrypt after together with the first number of signature According to sending together to wearable device, wearable device carries out sign test to the first signed data using the first data to be signed, tested After label pass through, the second data to be signed are generated, second data to be signed can include random number and/or chance event, wearable Equipment carries out signature the second signed data of generation to second data to be signed, after wearable device encrypts the second data to be signed Sent together with the second signed data to managed devices, managed devices are using the second data to be signed to the second signed data Carry out sign test, sign test is by rear, then mutual authentication passes through, thus, between wearable device and managed devices it is considered that pair Fang Junwei trusted devices, authentication mode mentioned above is one kind in a variety of authentication modes, and the present embodiment is not precluded from it His authentication mode.

As an optional embodiment of the embodiment of the present invention, wearable device can be obtained by following three kinds of modes and is managed The checking information of equipment：

Mode one, wearable device and managed devices are held consultation, and obtain certification key, using certification key as checking information, Or, (for example, MAC is calculated or Hash calculation) can also be calculated certification key, is believed result of calculation as checking Breath.

Wearable device can be held consultation after mutual authentication with managed devices, obtain certification key, in addition, wearable Equipment can also negotiate transmission key simultaneously with managed devices, during subsequent communications, and both sides can be passed using respective Decryption is encrypted to the data transmitted during intercommunication in defeated key, realizes encrypted transmission, it is ensured that the safety of data transfer Property.

In the present embodiment, wearable device is consulted to obtain after certification key with managed devices, wearable device and managed devices The certification key can be recognized, wearable device is obtained after certification key, certification key can be deposited as checking information Storage.By certification key rather than directly using off line PIN code as checking information, it can prevent off line PIN code from revealing.

Mode two, wearable device receive the off line PIN code that user is inputted by the input unit of wearable device, by off line PIN Code as checking information, or, (for example, MAC calculate or Hash calculation) can also be calculated off line PIN code, general Result of calculation is used as checking information；

In the present embodiment, off line PIN code for can managed devices local verification correctness PIN code, for example, start Password, unlocking pin etc..User can also can be set by the input through keyboard off line PIN code of wearable device by wearable Standby touch-screen input off line PIN code, can also input the off line PIN of speech form by the voice input device of wearable device Code, specific the present embodiment is not construed as limiting.Off line PIN code is inputted by the input unit of wearable device, it is straight by wearable device Obtain and take off line PIN code, eliminate the risk that off line PIN code is held as a hostage in transmitting procedure, it is ensured that the safety of off line PIN code.

Mode three, wearable device receive the off line PIN code that managed devices are sent, using off line PIN code as checking information, Or, (for example, MAC is calculated or Hash calculation) can also be calculated off line PIN code, result of calculation is regard as checking Information.

In the present embodiment, the off line PIN code that managed devices are sent can be defeated by the input unit of managed devices for user Enter off line PIN code, or other equipment is sent to the off line PIN code of managed devices, managed devices can be After being once verified to off line PIN code, off line PIN code is sent to wearable device.Wearable device is received and is managed The off line PIN code that equipment is sent, sets input unit without extra on wearable device, simplifies the structure of wearable device, The cost of wearable device is saved.

In the present embodiment, online PIN code for can not in managed devices local verification, can only background server verify PIN Code, for example, login password.Wearable device can use managed devices when encrypting the online PIN code of managed devices Public key online PIN code is encrypted, the obtained online PIN code ciphertext of storage encryption.By being added to online PIN code It is close, even if online PIN code ciphertext is illegally obtained by third party, because third party does not have the private key of managed devices, it is impossible to distich The decryption of machine PIN code ciphertext obtains online PIN code in plain text, it is ensured that the safety of online PIN code.Certainly, wearable device also may be used So that online PIN code to be encrypted using other keys, for example, wearable device can use the biography consulted with managed devices Online PIN code is encrypted defeated key, and specific the present embodiment is not construed as limiting.

As an optional embodiment of the embodiment of the present invention, wearable device can be obtained by following two modes and is managed The online PIN code of equipment：

Mode one：Wearable device receives the online PIN code that user is inputted by the input unit of wearable device.User can be with PIN code is connected by the input through keyboard of wearable device, online PIN code can also be inputted by the touch-screen of wearable device, The online PIN code of speech form can also be inputted by the voice input device of wearable device.Pass through the input of wearable device Device inputs online PIN code, and online PIN code is directly obtained by wearable device, eliminates online PIN code quilt in transmitting procedure The risk of abduction, it is ensured that the safety of online PIN code.

Mode two：Wearable device receives the online PIN code that managed devices are sent.Wearable device receives user and passed through by pipe The online PIN code of the input unit input of equipment is managed, or wearable device receives other equipment and sent to the connection of managed devices Machine PIN code.Wearable device receives the online PIN code that managed devices are sent, without additionally setting defeated on wearable device Enter device, simplify the structure of wearable device, save the cost of wearable device.

Step S402, wearable device judges to meet in N number of detected value that N number of sensor of the wearable device is detected First quantity of preparatory condition, wherein, the preparatory condition is：I-th of detected value that i-th of sensor is detected reaches i-th Individual predetermined threshold value, i=1,2,3 ... ..., N-1, N, N >=4 and N are positive integer；It is more than or equal to X feelings in first quantity Under condition, the online PIN code is encrypted the wearable device, obtains online PIN code ciphertext, and store the checking Information and the online PIN code ciphertext, wherein, X is positive integer, and 3≤X≤N；

In the present embodiment, the checking information of managed devices 20 and online PIN code ciphertext are being stored it by wearable device 10 Before, first to judge whether wearable device 10 is worn on user, be only worn in wearable device 10 with user In the case of, just the checking information of managed devices 20 and online PIN code ciphertext are stored, so as to ensure the safe handling of password.

Step S403, wearable device detects whether that the password for receiving managed devices transmission obtains request, if it is, holding Row step S404：

For example, managed devices start shooting or solve lock screen when, it is necessary to input off line PIN code, managed devices are set to wearable Standby 10, which send password, obtains request, the acquisition request off line PIN code；Or, managed devices can also logged in or merchandised During need to input online PIN code, to wearable device send password obtain ask.

Step S404, judges to meet the second of the preparatory condition in the currently detected N number of detected value of N number of sensor Quantity, in the case where second quantity is less than Y, performs step S407, is more than or equal to Y feelings in second quantity Under condition, step S405 is performed, wherein, Y is integer, and 0≤Y≤X；

I.e. in the present embodiment, wearable device directly can't send corresponding information when receiving password acquisition request To managed devices, but first to judge whether wearable device is under wearing state, only under wearing state, Perform step S404.In the present embodiment, the condition ratio that wearable device judges when receiving password acquisition request is tested in storage Demonstrate,prove information and online PIN code ciphertext will width, i.e., the principle gone out using Yan Jinkuan, you can to ensure the safety of information, can expire again The property easy to use of sufficient user.

In an optional embodiment of the embodiment of the present invention, the password that managed devices are sent is obtained can also carry in request There are managed devices to carry out the obtained signature value of signing to data to be signed；Then wearable device perform step S404 before, Sign test is carried out to signature value, in sign test in the case of, performs and judges the step of password obtains request asked password, Sign test is not in the case of, and refusal password obtains request.For example, managed devices can utilize the private key pair of managed devices Data to be signed sign obtaining signature value, and the embodiment of signature is：Managed devices are calculated using HASH algorithms Data to be signed obtain the summary of data to be signed, and the summary of data to be signed is encrypted using the private key of managed devices, Obtain signature value.Wearable device is performed before step S404, it is possible to use the public key of managed devices is tested signature value Sign, the embodiment of sign test can be：Wearable device is solved using the public key of managed devices to the signature value of reception It is close, the summary of data to be signed is obtained, and the data to be signed received calculate obtaining to be signed using HASH algorithms The summary of data, whether with the summary of data to be signed that calculating obtain identical, such as if comparing the data to be signed summary that decryption obtains Really identical, then the sign test to signature value passes through, and performs and obtains the step of asking asked password, if it is not the same, refusal is close Code obtains request.It can ensure to send the identity for the managed devices that password obtains request by carrying out signature value sign test, it is ensured that Information uses safety.

Step S405, wearable device judges that the password obtains the asked password of request；Asked judging that the password is obtained In the case that the password asked is the off line PIN code, step S406 is performed, is asked judging that the password is obtained Password be the online PIN code in the case of, perform step S407.

Step S406, wearable device generates authentication information according to the checking information and single authentication data, and the certification is believed Breath is sent to the managed devices；

In an optional embodiment of the embodiment of the present invention, single authentication data include but is not limited to one below：It is wearable The current time of the clock of equipment, the current value and random number of the counter of wearable device.

In an optional embodiment of the embodiment of the present invention, wearable device obtain off line PIN code checking information and Obtain before online PIN code, obtain the device identification of managed devices；Wearable device stores checking information in the following manner With online PIN code ciphertext：According to device identification associated storage checking information and online PIN code ciphertext.I.e. in the present embodiment, Wearable device can manage multiple managed devices simultaneously, and each managed devices is distinguished by device identification.

Wherein, the device identification of managed devices can be the sequence number of managed devices, certainly, the equipment mark of managed devices As long as knowledge can be with the mark of unique mark managed devices, it is not limited to the sequence number of managed devices.It is wearable to set The embodiment of the standby device identification associated storage checking information according to managed devices can be：Set up managed devices Device identification and the mapping relations of checking information, are tested according to the device identification of managed devices and the mapping relations storage of checking information Demonstrate,prove information.Wearable device can according to the embodiment of the online PIN code ciphertext of device identification associated storage of managed devices Think：The device identification of managed devices and the mapping relations of online PIN code ciphertext are set up, according to the equipment mark of managed devices Know the mapping relations storage checking information with online PIN code ciphertext.According to device identification associated storage checking information and online PIN Code ciphertext, when the password for receiving managed devices obtains request, can search checking information and online PIN according to device identification Code ciphertext, accelerates wearable device response speed, improves the operating efficiency of wearable device.

As an optional embodiment of the embodiment of the present invention, in order to ensure cryptosecurity, checking information and online PIN are being preserved After code ciphertext, wearable device is additionally operable to judge the connection status or access times of managed devices and wearable device, if The connection status of managed devices and wearable device for disconnect or access times exceed preset times, then delete storage with The checking information or online PIN code ciphertext of the device identification association of wearable device, or setting storage and wearable device The checking information of standby mark association or the use mark of online PIN code ciphertext are set to unavailable.By the optional embodiment, The use safety of the password of the managed devices of storage can be ensured.

In the present embodiment, it is possible to use represent that checking information or online PIN code ciphertext can use or disabled tool using mark Body mode can be：Represented using binary-coded character using mark, when using being designated 1, represent checking information or online PIN Code ciphertext can use, and when using being designated 0, identity verification information or online PIN code ciphertext are unavailable.It is of course also possible to Other modes are set using the available or down state of mark.It is disconnected in the connection status of managed devices and wearable device Open or access times are more than in the case of preset times, can will correspond to the checking information or online PIN code of managed devices Ciphertext is designated unavailable, and the follow-up managed devices are accessed or during certification again, can be directly by the checking of the managed devices Information or online PIN code ciphertext are designated available, checking information or online PIN code without obtaining the managed devices again Ciphertext is simultaneously stored, and has been saved the time, has been improved Consumer's Experience.

The online PIN code ciphertext of storage is sent to managed devices by step S407, wearable device.

Step S408, the password that wearable device refusal managed devices are sent obtains request.

And managed devices are in the case of wearable device return authentication information, according to single authentication data and predetermined test Information is demonstrate,proved, response is generated, and judges whether authentication information of the response of generation with receiving matches unanimously, response is being judged In the case that value is matched with authentication information, managed devices determine local verification password authentification success, continue follow-up process；Sentencing In the case of disconnected response and authentication information are unmatched, managed devices output prompt message points out user's input local verification close Code；In the case where wearable device returns to online PIN code ciphertext, online PIN code ciphertext is decrypted, online PIN is obtained Code, remote authentication is sent to by online PIN code.I.e. in the present embodiment, managed devices can be returned according to wearable device Information, perform corresponding with current process password authentification or obtain and operate so that managed devices can continue executing with it is follow-up Flow.

In an optional embodiment of the embodiment of the present invention, this method can also include：Wearable device is received to be managed and set The Transaction Information that preparation is sent；Wearable device exports prompt message, points out user to have transaction；Wearable device receives user The confirmation response of input；Wearable device store transaction information, and send confirmation to managed devices 20.It is i.e. optional at this In embodiment, managed devices are being merchandised, and when producing easy information, the transaction of this transaction is sent to wearable device Information, wearable device is prompted the user whether to allow this to merchandise, after the confirmation for receiving user is responded, set to being managed Preparation send confirmation, and managed devices are received after confirmation, can perform corresponding operation of withholing.It is optional by this Embodiment, user can confirm when merchandising generation, prohibit the use of wearable device to managed devices 20 to transaction Off line PIN code and online PIN code realize after automatically entering occur the unknowable illegal transaction of user, it is ensured that the wealth of user Production safety.

Or, in another optional embodiment of the present embodiment, managed devices can also be when there is transaction to occur to can wear Wear equipment and send prompt message, in the optional embodiment, this method also includes：Wearable device receives managed devices hair Sending currently has the incident prompt message of friendship；Wearable device judges whether the transaction of last generation has been identified；It is wearable to set It is standby to export prompt message in the case where the upper transaction once occurred is not identified, point out user to carry out last time transaction true Recognize；Wearable device receives the confirmation response of user's input；The state of the last Transaction Information of storage is set to have confirmed that； Prompt message is sent to managed devices, indicates that the managed devices continue current transaction.In the optional embodiment, such as Fruit wearable device judges that last transaction has been identified, then directly can send prompt message to managed devices, indicate described Managed devices continue current transaction.Using the optional embodiment, wearable device can also be prohibitted the use of to managed devices Off line PIN code and online PIN code realize after automatically entering occur the unknowable illegal transaction of user, it is ensured that the wealth of user Production safety.

In above-mentioned optional embodiment, wearable device can according to the state of the last Transaction Information being locally stored whether Judge whether the transaction of last generation has been identified to have confirmed that.

In flow chart or herein any process described otherwise above or method description be construed as, expression include one or Module, fragment or the part of the code of the executable instruction for the step of more are used to realize specific logical function or process, and The scope of the preferred embodiment of the present invention includes other realization, wherein can not be by order that is shown or discussing, including root According to involved function by it is basic simultaneously in the way of or in the opposite order, carry out perform function, this should be by embodiments of the invention institute Category those skilled in the art are understood.

It should be appreciated that each several part of the present invention can be realized with hardware, software, firmware or combinations thereof.In above-mentioned implementation In mode, software or firmware that multiple steps or method can in memory and by suitable instruction execution system be performed with storage To realize.If for example, being realized with hardware, with another embodiment, following technology well known in the art can be used Any one of or their combination realize：Discrete with the logic gates for realizing logic function to data-signal is patrolled Collect circuit, the application specific integrated circuit with suitable combinational logic gate circuit, programmable gate array (PGA), field programmable gate Array (FPGA) etc..

Those skilled in the art be appreciated that to realize all or part of step that above-described embodiment method is carried is can be with The hardware of correlation is instructed to complete by program, described program can be stored in a kind of computer-readable recording medium, the journey Sequence upon execution, including one or a combination set of the step of embodiment of the method.

In addition, each functional unit in each embodiment of the invention can be integrated in a processing module or each Unit is individually physically present, can also two or more units be integrated in a module.Above-mentioned integrated module both can be with Realized in the form of hardware, it would however also be possible to employ the form of software function module is realized.If the integrated module is with software work( The form of energy module is realized and is situated between as independent production marketing or in use, an embodied on computer readable storage can also be stored in In matter.

Storage medium mentioned above can be read-only storage, disk or CD etc..

In the description of this specification, reference term " one embodiment ", " some embodiments ", " example ", " specific example " or The description of " some examples " etc. means that combining the embodiment or specific features, structure, material or the feature of example description is contained in In at least one embodiment or example of the present invention.In this manual, the schematic representation of above-mentioned term is not necessarily referring to Identical embodiment or example.Moreover, specific features, structure, material or the feature of description can be in any one or many Combined in an appropriate manner in individual embodiment or example.

Although embodiments of the invention have been shown and described above, it is to be understood that above-described embodiment be it is exemplary, It is not considered as limiting the invention, one of ordinary skill in the art is not in the case where departing from the principle and objective of the present invention Above-described embodiment can be changed, changed within the scope of the invention, replaced and modification.The scope of the present invention is by appended power Profit is required and its equivalent restriction.

Claims

1. a kind of method that Password Management is carried out by wearable device, it is characterised in that including：

Wearable device obtains the checking information and online PIN code of managed devices；

The wearable device judges to meet preparatory condition in N number of detected value that N number of sensor of the wearable device is detected The first quantity, wherein, the preparatory condition is：I-th of detected value that i-th of sensor is detected reaches i-th of default threshold Value, i=1,2,3 ... ..., N-1, N, N >=4 and N are positive integer；

In the case where first quantity is more than or equal to X, the online PIN code is encrypted the wearable device, Online PIN code ciphertext is obtained, and stores the checking information and the online PIN code ciphertext, wherein, X is positive integer, and 3≤X≤N；

After the checking information and the online PIN code ciphertext is stored, it is managed whenever described in wearable device reception After the password that equipment is sent is obtained when asking, following operate is performed：

Judge to meet in the currently detected N number of detected value of N number of sensor the second quantity of the preparatory condition；

In the case where second quantity is less than Y, the wearable device refuses the password and obtains request, wherein, Y For integer, and 0≤Y≤X；

In the case where second quantity is more than or equal to Y, the wearable device judges that the password obtains request institute The password of request；

In the case where judging that the password obtains the asked password of request for the off line PIN code, the wearable device According to the checking information and single authentication data generation authentication information, the authentication information is sent to described be managed and set It is standby；

In the case where judging that the password obtains the asked password of request for the online PIN code, the wearable device The online PIN code ciphertext of storage is sent to the managed devices.

2. according to the method described in claim 1, it is characterised in that

The checking information that wearable device obtains managed devices includes one below：The wearable device is set with described be managed It is standby to hold consultation, certification key is obtained, the certification key is regard as the checking information；The wearable device receives user The off line PIN code inputted by the input unit of the wearable device, believes the off line PIN code as the checking Breath；The wearable device receives the off line PIN code that the managed devices are sent, and regard the off line PIN code as institute State checking information；And/or,

The wearable device obtains the online PIN code of the managed devices, including one below：The wearable device connects Receive the online PIN code that user is inputted by the input unit of the wearable device；The wearable device receives the quilt The online PIN code that management equipment is sent.

3. method according to claim 1 or 2, it is characterised in that the single authentication data include one below：Institute State current time, the current value and random number of the counter of the wearable device of the clock of wearable device.

4. the method according to any one of claims 1 to 3, it is characterised in that methods described also includes：

Judge the connection status or access times of the managed devices and the wearable device, if the managed devices with The connection status of the wearable device is that disconnection or the access times exceed preset times, then deletes the quilt of storage The checking information of management equipment or online PIN code ciphertext, or by the checking information or online PIN of the managed devices of storage The use mark of code ciphertext is set to unavailable.

5. the method according to any one of Claims 1-4, it is characterised in that methods described also includes：

The wearable device receives the Transaction Information that the managed devices are sent；

The wearable device exports prompt message, points out user to have transaction；

The wearable device receives the confirmation response of user's input；

The wearable device stores the Transaction Information, and sends confirmation to the managed devices.

6. the method according to any one of Claims 1-4, it is characterised in that

The wearable device, which receives the managed devices and sent currently, the incident prompt message of friendship；

The wearable device judges whether the transaction of last generation has been identified；

In the case where the upper transaction once occurred is not identified, prompt message is exported, points out user to carry out last time transaction Confirm；

The wearable device receives the confirmation response of user's input；

The state of the last Transaction Information of storage is set to have confirmed that by the wearable device；

The wearable device sends prompt message to the managed devices, points out the managed devices to continue current transaction.

7. a kind of wearable device, it is characterised in that including：

First acquisition module, the checking information for obtaining managed devices；

Second acquisition module, the online PIN code for obtaining the managed devices；

Encrypting module, for the online PIN code that second acquisition module is obtained to be encrypted；

Memory module, for storing the online PIN code ciphertext that the checking information and encrypting module encryption are obtained；

Receiving module, for after the checking information and the online PIN code ciphertext is stored, often receiving described be managed The password that equipment is sent obtains request, detection trigger module；

The detection module, for detect the wearable device it is subsidiary in circuit loop whether turn on；

Performing module, in the case of being not turned in the circuit loop, refuses the password and obtains request；

3rd acquisition module, in the case of being turned in the circuit loop, obtains the sensor inspection being arranged on described attach The detected value measured；

First judge module, for judging whether the detected value that the 3rd acquisition module is obtained reaches predetermined threshold value；

The performing module is additionally operable to judge that the detected value is not reaching to the situation of the predetermined threshold value in first judge module Under, the wearable device refuses the password and obtains request；

Second judge module, in the case of judging that the detected value reaches the predetermined threshold value in first judge module, Judge that the password obtains the asked password of request；

Respond module, for judging that the password obtains the asked password of request for the off line in second judge module In the case of PIN code, authentication information is generated according to the checking information and single authentication data, the authentication information is sent to The managed devices；And in the case where judging that the password obtains the asked password of request for the online PIN code, The online PIN code ciphertext of storage is sent to the managed devices.

8. equipment according to claim 7, it is characterised in that first acquisition module is obtained one of in the following manner The checking information of managed devices：

The wearable device is held consultation with the managed devices, obtains certification key, using the certification key as described Checking information；

The wearable device receives the off line PIN code that user is inputted by the input unit of the wearable device, by institute Off line PIN code is stated as the checking information；

The wearable device receives the off line PIN code that the managed devices are sent, and regard the off line PIN code as institute State checking information.

9. the equipment according to claim 7 or 8, it is characterised in that second acquisition module is obtained in the following manner Take the online PIN code of the managed devices：

Receive the online PIN code that user is inputted by the input unit of the wearable device；Or,

Receive the online PIN code that the managed devices are sent.

10. the equipment according to any one of claim 7 to 9, it is characterised in that

The equipment also includes：3rd judge module, the connection shape for judging the managed devices and the wearable device State or access times；

The performing module is additionally operable to the connection status in the managed devices and the wearable device to disconnect or described make In the case of exceeding preset times with number of times, the checking information or online PIN code ciphertext of the managed devices of storage are deleted, Or be set to the use mark of the checking information of the managed devices of storage or online PIN code ciphertext unavailable.

11. the equipment according to any one of claim 7 to 10, it is characterised in that

The receiving module is additionally operable to receive the Transaction Information that the managed devices are sent；

The wearable device also includes：First reminding module, for exporting prompt message, points out user to have transaction；

The receiving module is additionally operable to receive the confirmation response of user's input；

The memory module is additionally operable to store the Transaction Information；

The respond module is additionally operable to after the receiving module receives the confirmation response, is sent to the managed devices Confirmation.

12. the equipment according to any one of claim 7 to 10, it is characterised in that

The receiving module is additionally operable to receive the managed devices and send currently have the incident prompt message of friendship；

The wearable device also includes：3rd judge module, for judging whether the transaction of last generation has been identified；

Second reminding module, in the case of not being identified in the upper transaction once occurred, exports prompt message, points out to use Family confirms to last time transaction；

The performing module is additionally operable to be set to have confirmed that by the state of the last Transaction Information of storage；

The respond module is additionally operable to send prompt message to the managed devices, points out the managed devices to continue current hand over Easily.