CN107294704B - Password generation method, password execution method and terminal - Google Patents
Password generation method, password execution method and terminal Download PDFInfo
- Publication number
- CN107294704B CN107294704B CN201610201498.7A CN201610201498A CN107294704B CN 107294704 B CN107294704 B CN 107294704B CN 201610201498 A CN201610201498 A CN 201610201498A CN 107294704 B CN107294704 B CN 107294704B
- Authority
- CN
- China
- Prior art keywords
- password
- terminal
- preset
- encrypted data
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a password generation method, which comprises the following steps: the method comprises the steps that a first terminal encodes operation information corresponding to a target application program to generate first encoded data, wherein the operation information at least comprises one of an operation instruction and an operation parameter; the first terminal encrypts the first coded data according to a preset secret key to obtain first encrypted data; the first terminal sequences the preset secret key and the first encrypted data according to a preset sequencing rule to generate a first password corresponding to the target application program. The password generation method of the invention can generate the password by the terminal without the help of the server, thereby reducing the network overhead and having the advantages of high password generation speed and safe and reliable password. The invention also discloses a password execution method and a terminal.
Description
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a password generation method, a password execution method, and a terminal.
Background
Passwords can be shared between terminals (e.g., smartphones), such as: the password is panned by the mobile phone, and the password is panned by the mobile phone skatecat. Taking 'panning password' of mobile phone panning as an example, after a mobile phone starts a panning client (namely a client program), a password can be requested from a server, the server feeds back the generated password to a terminal, and the terminal can send the password to other terminals by means of instant communication tools such as short messages, WeChat, mails, mobile phone QQ and the like. Other terminals can request the server for operation instructions and/or parameters and the like according to the password after receiving the password, and after receiving the operation instructions and/or parameters fed back by the server, the Taobao client can execute corresponding actions.
The prior art has the defects that the password does not contain data such as specific operation instructions and parameters (namely, the data such as the operation instructions and the parameters need to be requested from the server), the password is only a unique identification of the related data, and the password is generated and executed through the server. For example: the terminal sending the password needs to access the server to generate the password, and the terminal receiving the password needs to request the server for relevant operation instructions and/or parameters according to the password. The speed of generating and analyzing the password is slow because the client program needs to access the server, and especially under the condition of poor network environment, the speed is slow, and the failure of the generating and analyzing process is easy to cause. Meanwhile, the client program frequently accesses the server, which causes certain pressure on the server and increases the overhead of the server.
Disclosure of Invention
A first object of the present invention is to provide a password generation method. By using the method, the terminal can generate the password by itself without a server, thereby reducing the network overhead and having the advantages of high password generation speed and safe and reliable password.
A second object of the present invention is to provide a method for executing a password.
A third object of the present invention is to provide a terminal.
A fourth object of the present invention is to provide a terminal.
A fifth object of the present invention is to provide a password transmission system.
In order to achieve the above object, a method for generating a password according to an embodiment of the first aspect of the present invention includes the following steps: the method comprises the steps that a first terminal encodes operation information corresponding to a target application program to generate first encoded data, wherein the operation information at least comprises one of an operation instruction and an operation parameter; the first terminal encrypts the first coded data according to a preset secret key to obtain first encrypted data; and the first terminal sequences the preset secret key and the first encrypted data according to a preset sequencing rule to generate a first password corresponding to the target application program.
According to the password generation method provided by the embodiment of the invention, the password is generated in the first terminal, and a server is not required to be requested to generate the password, so that the interaction time with the server is saved, and the network overhead is further reduced. In addition, the password is subjected to universal coding to weaken the characteristics of the password, and the probability of interception during transmission is avoided. In addition, the data in the password is ensured to be safe in an encryption and sequencing mode, and the password comprises a check code, so that the integrity and the correctness of the password can be detected. The password generation method has the advantages of high password generation speed, completeness, safety and reliability.
In addition, the password generation method according to the above embodiment of the present invention may further have the following additional technical features:
in some examples, further comprising: and the first terminal sends the first password to a second terminal.
In some examples, the first password includes copy information, the first terminal sorts the preset key and the first encrypted data by a predetermined sorting rule, and generates the first password corresponding to the target application, including: and sequencing the preset secret key and the first encrypted data according to a preset sequencing rule to obtain a first sequencing result, and splicing the file information into the first sequencing result to obtain the first password.
In some examples, the first terminal encodes the operation information corresponding to the target application program, and after generating the first encoded data, further includes: generating a first check code according to the first coded data; encoding the first check code to generate second encoded data; encrypting the first coded data and the second coded data respectively according to the preset key to obtain first encrypted data and second encrypted data; and sequencing the preset secret key, the first encrypted data and the second encrypted data according to the preset sequencing rule to generate a second password corresponding to the target application program.
In some examples, the first terminal sends the second password to the second terminal.
In some examples, the second password further includes copy information, and the first terminal sorts the preset key, the first encrypted data, and the second encrypted data by the predetermined sorting rule to generate the second password corresponding to the target application, including: and sequencing the preset secret key, the first encrypted data and the second encrypted data according to the preset sequencing rule to obtain a second sequencing result, and splicing the file information into the second sequencing result to obtain the second password.
The method for executing the password of the embodiment of the second aspect of the invention comprises the following steps: after receiving a first password sent by a first terminal, a second terminal identifies the first password according to a preset sequencing rule to obtain a preset secret key and first encrypted data; the second terminal decrypts the first encrypted data according to the preset key to obtain the first encoded data; the second terminal decodes the first coded data to obtain the operation information; and the second terminal executes corresponding action according to the operation information.
According to the password execution method, the work of password identification and analysis (namely decoding, decryption and the like) is completed in the second terminal, so that compared with the mode of identifying and analyzing the password by the server in the related art, the method does not need the server to participate, and omits the interaction process with the server, so that the requirement on network speed is low, the interaction time with the server is saved, the method has the advantage of high password identification and analysis speed, and the target application program of the second terminal can simply and quickly execute corresponding actions.
In addition, the method for executing the password according to the above embodiment of the present invention may further have the following additional technical features:
in some examples, further comprising: after receiving the second password sent by the first terminal, the second terminal identifies the second password according to the preset ordering rule to obtain the preset secret key, the first encrypted data and the second encrypted data; decrypting the second encrypted data according to the preset key to obtain second encoded data; decoding the second coded data to obtain the first check code; generating a second check code according to the first coding data, and checking the first coding data according to the first check code and the second check code; if the check is passed, decoding the first coded data to obtain the operation information; and the target application program in the second terminal executes corresponding action according to the operation information.
A terminal according to an embodiment of the third aspect of the present invention includes: the encoding module is used for encoding operation information corresponding to a target application program to generate first encoded data, wherein the operation information comprises an operation instruction and/or an operation parameter; the encryption module is used for encrypting the first coded data according to a preset secret key to obtain first encrypted data; and the password generation module is used for sequencing the preset secret key and the first encrypted data according to a preset sequencing rule to generate a first password corresponding to the target application program.
In addition, the first terminal according to the above embodiment of the present invention may further have the following additional technical features:
in some examples, further comprising: and the sending module is used for sending the first password to a second terminal.
In some examples, the first password includes copy information, the password generation module sorts the preset key and the first encrypted data by a predetermined sorting rule, generates a first password corresponding to the target application, and includes: and sequencing the preset secret key and the first encrypted data according to a preset sequencing rule to obtain a first sequencing result, and splicing the file information into the first sequencing result to obtain the first password.
In some examples, further comprising: the encoding module is used for encoding the first check code to generate second encoded data, and the encryption module is further used for encrypting the first encoded data and the second encoded data respectively according to the preset secret key to obtain first encrypted data and second encrypted data; the password generation module is further configured to sequence the preset key, the first encrypted data, and the second encrypted data according to the predetermined sequencing rule, and generate a second password corresponding to the target application program.
In some examples, the sending module is further configured to send the second password to the second terminal.
In some examples, the second password further includes copy information, and the password generation module orders the preset key, the first encrypted data, and the second encrypted data according to the predetermined ordering rule to generate the second password corresponding to the target application, including: and sequencing the preset secret key, the first encrypted data and the second encrypted data according to the preset sequencing rule to obtain a second sequencing result, and splicing the file information into the second sequencing result to obtain the second password.
A terminal according to a fourth aspect of the present invention includes: the identification module is used for identifying the first password according to the preset sequencing rule after receiving the first password sent by the first terminal to obtain the preset secret key and the first encrypted data; the decryption module is used for decrypting the first encrypted data according to the preset secret key to obtain the first encoded data; and the decoding module is used for decoding the first coded data to obtain the operation information so that a target application program in the second terminal executes corresponding action according to the operation information.
In addition, the second terminal according to the above embodiment of the present invention may further have the following additional technical features:
in some examples, the identification module is further configured to identify the second password according to the predetermined ordering rule after receiving the second password sent by the first terminal, so as to obtain the preset key, the first encrypted data, and the second encrypted data; the decryption module is further configured to decrypt the second encrypted data according to the preset key to obtain the second encoded data; the decoding module is further configured to decode the second encoded data to obtain the first check code; the second terminal further includes: the device comprises a second check code generation module and a check module, wherein the second check code generation module is used for generating a second check code according to the first coding data, and the check module is used for checking the first coding data according to the first check code and the second check code; the decoding module is further configured to decode the first encoded data after the verification of the verification module passes, so as to obtain the operation information, so that a target application program in the second terminal executes a corresponding action according to the operation information.
The password transmission system of the fifth embodiment of the invention comprises: the first terminal according to any of the above embodiments; and a second terminal according to any of the above embodiments.
Additional aspects and advantages of the invention will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the invention.
Drawings
The above and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which,
FIG. 1 is a flow diagram of a password generation method according to one embodiment of the present invention;
FIG. 2 is a timing diagram of a password generation method according to one embodiment of the present invention;
FIG. 3 is a detailed flow diagram of a password generation method according to one embodiment of the present invention;
fig. 4A and 4B are schematic views of a password in the related art and a password of a password generation method according to an embodiment of the present invention, respectively;
FIG. 5 is a flow diagram of a method of performing a password according to one embodiment of the invention;
FIG. 6 is a timing diagram of a method of performing a password according to one embodiment of the present invention;
FIG. 7 is a detailed flow diagram of a method of performing a password according to one embodiment of the present invention;
fig. 8A and 8B are schematic diagrams of a password before and after parsing in a method for executing a password according to an embodiment of the present invention;
fig. 9 is a block diagram of a first terminal according to an embodiment of the present invention;
fig. 10 is a block diagram of a second terminal according to an embodiment of the present invention.
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the accompanying drawings are illustrative only for the purpose of explaining the present invention, and are not to be construed as limiting the present invention. On the contrary, the embodiments of the invention include all changes, modifications and equivalents coming within the spirit and terms of the claims appended hereto.
In the description of the present invention, it is to be understood that the terms "first," "second," and the like are used for descriptive purposes only and are not to be construed as indicating or implying relative importance. In the description of the present invention, it is to be noted that, unless otherwise explicitly specified or limited, the terms "connected" and "connected" are to be interpreted broadly, e.g., as being fixed or detachable or integrally connected; can be mechanically or electrically connected; may be directly connected or indirectly connected through an intermediate. The specific meanings of the above terms in the present invention can be understood in specific cases to those skilled in the art. In addition, in the description of the present invention, "a plurality" means two or more unless otherwise specified.
Any process or method descriptions in flow charts or otherwise described herein may be understood as representing modules, segments, or portions of code which include one or more executable instructions for implementing specific logical functions or steps of the process, and alternate implementations are included within the scope of the preferred embodiment of the present invention in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the present invention.
The password generation method, the password execution method and the terminal according to the embodiments of the present invention are described below with reference to the accompanying drawings.
FIG. 1 is a flow diagram of a password generation method according to one embodiment of the present invention. As shown in fig. 1, a method for generating a password according to an embodiment of the present invention includes the following steps:
s101: the first terminal encodes operation information corresponding to the target application program to generate first encoded data, wherein the operation information at least comprises one of an operation instruction and an operation parameter.
The operation information may be, for example, an instruction to start a certain page, for example, a lottery page sharing a treasure, and the first terminal is, but not limited to, a mobile terminal, such as a smart phone, a tablet computer, and the like. The target application is, but not limited to, a Taobao client application installed on the first terminal, a Techthy client application, or the like.
The encoding method can adopt the character encoding method of Base64, and the encoded data can be data composed of ASCII characters (namely American Standard Code for Information exchange Code). The Base64 character coding mode has the characteristic of high speed and high efficiency. Because only ASCII characters can be used in the system of some terminals, the character encoding mode of the Base64 can convert data consisting of non-ASCII characters into data consisting of ASCII characters, and in addition, the character encoding mode of the Base64 is suitable for rapidly transmitting data under HTTP and MIME protocols. The basic principle of the Base64 character encoding method is to convert every three 8-Bit bytes into four 6-Bit bytes (i.e., 3 × 8 ═ 4 × 6 ═ 24), and then add two more high bits 0 to the 6-Bit bytes to form four 8-Bit bytes, and the converted character string will theoretically be 1/3 longer than the original character string. Because the character set used in the Base64 encoding and the sequence of the characters in the character set can be customized, a certain encryption effect can be achieved while encoding data by using the Base64 character encoding method.
ASCII is a set of computer coding systems based on Latin letters, mainly used for displaying modern English and other Western European languages, is the most common single-byte coding system nowadays, and is equivalent to the international standard ISO/IEC 646.
S102: the first terminal encrypts the first coded data according to the preset secret key to obtain first encrypted data.
The preset key is a parameter, which is input in an algorithm for converting a plaintext into a ciphertext or converting a ciphertext into a plaintext, and may be pre-stored in the local storage space of the first terminal. The encryption method may be md5 or the like.
S103: the first terminal sequences the preset secret key and the first encrypted data according to a preset sequencing rule to generate a first password corresponding to the target application program.
The predetermined ordering rule is, for example, shuffling, i.e.: and exchanging the position of the preset key and the first encrypted data.
In the embodiment of the invention, the first password (password for short) generated by the first terminal comprises operation information, a preset key and the like. The password refers to a recognizable code of the program, for example: the password can be identified by the Taobao client or the cat client, and the password has a character sequence with operation significance and may contain url scheme or user-defined operation instructions and parameters and other data.
Further, after the target application program generated in the first terminal generates the first password, the first terminal may send the first password to the second terminal. Wherein the first terminal can send the first password to the second terminal by means of the social software. The second terminal may be a terminal of the same type as the first terminal, such as a smart phone or a tablet computer, and the target application program, such as a panning client or a tianmao client, is also installed in the second terminal. Social software is for example short messages, mailboxes, instant messaging tools (e.g. QQ), etc.
In addition, the first password may further include document information, the document information may be understood as suggestive information, such as suggestive information like an icon, the icon may be an icon for operation prompting or indicating, for example, how to perform an operation may be known from a certain icon, or the icon may be a suggestive icon representing an identity of a certain password, for example, a password for which an operation is performed may be known when the icon is seen. The first terminal sequences a preset secret key and first encrypted data according to a preset sequencing rule to generate a first password corresponding to the target application program, and the method comprises the following steps: and sequencing the preset secret key and the first encrypted data according to a preset sequencing rule to obtain a first sequencing result, and splicing the file information into the first sequencing result to obtain a first password.
As a specific example, taking a pay wallet installed in a mobile terminal as an example, referring to fig. 2, a password sharer first starts appA (e.g., pay wallet), appA enters a password generation process, for example, the above-mentioned encoding, encrypting and other operations are performed on url scheme or user-defined operation instructions and parameters, and after the password is generated, password information may be displayed in appA clipboard. The password sharer (i.e., the user of the first terminal) is then prompted to send the password. And then, the password sharer opens software such as an instant messaging tool (such as QQ) and the like, the password is sent to the second terminal, and after the password is sent, the instant messaging tool informs the user of the completion of the password sending.
According to the password generation method provided by the embodiment of the invention, the password generation is completed in the first terminal, so that compared with a password generation mode by virtue of a server in the related art, the password generation method does not need the server to participate, and an interaction process with the server is omitted, so that the password generation method has the advantages of low requirement on network speed, short interaction time with the server and high password generation speed. In addition, the characteristics of the password are removed through a coding and encryption mode, the password is encrypted data similar to a common character string, when the password is sent, the fact that an instant messaging tool filters the password is avoided, and the safety in network transmission is improved.
In order to ensure the correctness and integrity of the password, the method for generating the password according to the embodiment of the present invention further provides a means for verifying the password, and specifically, as shown in fig. 3, the method includes:
s301: the first terminal encodes the operation information corresponding to the target application program to generate first encoded data. Namely: the customized Base64 encoding is carried out on the operation instruction and/or the operation parameter, and the first encoding data which is the processing result is abbreviated as A. Wherein, the instruction refers to operation information (i.e. including operation instruction and/or operation parameter), and the encode is to perform Base64 encoding on the instruction.
S302: and generating a first check code according to the first encoding data. For example: and (4) performing crc32 calculation on the A, wherein the calculation result is the first check code which is abbreviated as B. Wherein, CRC32 is Cyclic Redundancy Check (CRC), CRC32 is a data transmission error detection function, which can perform polynomial calculation on data, attach the obtained result to the frame, and perform similar processing after the second terminal receives the password, so as to ensure the correctness and integrity of the data in the network transmission process.
S303: and coding the first check code to generate second coded data. For example, the same Base64 encoding as described above is performed on B, and the second encoded data, which is the processing result, is abbreviated as C.
S304: and respectively encrypting the first encoding data and the second encoding data according to a preset key to obtain first encryption data and second encryption data. Where a 'represents the first encrypted data and C' represents the second encrypted data. The key is a preset key, and the encrypt is, for example, md5 encryption operation on A and C according to the key.
S305: and sequencing the preset secret key, the first encrypted data and the second encrypted data according to a preset sequencing rule to generate a second password corresponding to the target application program. Namely: and carrying out mixed arrangement processing on the A ', the C' and the key, and splicing the processing result, the file information and the like together to form a second password. Further, the first terminal may send the second password to the second terminal. The second password is sent to the second terminal, for example by means of an instant messaging tool.
The second password may further include pattern information, the preset key, the first encrypted data, and the second encrypted data are sequenced according to a predetermined sequencing rule to obtain a second sequencing result, and the pattern information is spliced into the second sequencing result to obtain the second password. Namely: and carrying out encryption processing on the characters in the A and the C according to the preset key, and obtaining results called A 'and C'.
It should be noted that, compared with the first password in the above-mentioned embodiment, the second password has one more check code than the first password for checking whether the operation information is correct, as in the first check code in step S302. Furthermore, after the second password is sent to the second terminal by the first terminal, the second terminal may verify whether the operation information in the second password is correct according to the check code before executing the operation information such as the operation instruction in the second password, and execute the operation information such as the operation instruction in the second password after verifying that the operation information is correct. Thus, the correctness and integrity of the password can be ensured to a certain extent.
The second password generated by the method of the present invention is different from the password generated by the server in the related art in the format of the password generated by the server in the related art as shown in fig. 4A, and fig. 4B is the format of the second password generated by the method of the present invention. In the related art, a password generated by a server generally includes several parts, including script information (description), a tag character (@) and a password id (code). The second password generated by the method of the invention comprises four parts: the system comprises file information (description), operation instructions and/or parameters (instruction), check codes (check) and preset keys (key). And the operation instruction and/or parameter (instruction) and check code (check) in the second password are sent to the second terminal after being processed by coding, encrypting, checking and the like.
According to the password generation method provided by the embodiment of the invention, the password is generated in the first terminal, and a server is not required to be requested to generate the password, so that the interaction time with the server is saved, and the network overhead is further reduced. In addition, the password is subjected to universal coding to weaken the characteristics of the password, and the probability of interception during transmission is avoided. In addition, the data in the password is ensured to be safe in an encryption and sequencing mode, and the password comprises a check code, so that the integrity and the correctness of the password can be detected. The password generation method has the advantages of high password generation speed, completeness, safety and reliability.
Fig. 5 is a flowchart of a password execution method according to an embodiment of the present invention, and as shown in fig. 5, the password execution method according to an embodiment of the present invention includes the following steps:
s501: and after receiving the first password sent by the first terminal, the second terminal identifies the first password according to a preset sequencing rule to obtain a preset secret key and first encrypted data.
S502: and the second terminal decrypts the first encrypted data according to the preset key to obtain first encoded data.
S503: the second terminal decodes the first coded data to obtain the operation information.
S504: and the second terminal executes corresponding action according to the operation information.
It should be noted that the second terminal and the first terminal may be the same terminal or different terminals, for example: after the target application program is installed, the smart phone, the tablet computer and the like can have the functions of the first terminal and the second terminal at the same time.
The second terminal knows the predetermined sorting rule in advance. Therefore, after receiving the first password sent by the first terminal, the second terminal may first identify a part of the preset key and a part of the first encrypted data in the first password according to a predetermined ordering rule, then decrypt the first encrypted data by using the identified preset key and a decryption method corresponding to the encryption method, and decode by using a decoding method corresponding to the encoding method, thereby obtaining the operation information in the first password, and finally, the target application program in the second terminal may execute a corresponding action according to the operation instruction and/or the operation parameter in the operation information.
As a specific example, as shown in fig. 6, after the second terminal opens an instant messaging tool such as a short message, a mailbox, or a QQ, the password sent by the first terminal is received, and then when the second terminal opens a target application appA (such as a pay wallet), the appA first identifies a preset key portion and a first encrypted data portion in the password according to a predetermined sorting rule, then decrypts the first encrypted data according to the preset key, and then decodes the decrypted data, so as to obtain operation information in the password, and further, may execute a corresponding action.
According to the password execution method, the work of password identification and analysis (namely decoding, decryption and the like) is completed in the second terminal, so that compared with the mode of identifying and analyzing the password by the server in the related art, the method does not need the server to participate, and omits the interaction process with the server, so that the requirement on network speed is low, the interaction time with the server is saved, the method has the advantage of high password identification and analysis speed, and the target application program of the second terminal can simply and quickly execute corresponding actions.
In order to ensure the integrity and correctness of the received password, the method for executing the password of the embodiment of the invention further comprises a means for verifying the password. Specifically, as shown in fig. 7, the method for executing the password includes:
s701: and after receiving the second password sent from the first terminal, the second terminal identifies the second password according to a preset sequencing rule to obtain a preset secret key, first encrypted data and second encrypted data. And decrypting the second encrypted data according to the preset key to obtain second encoded data. Namely: and performing composition operation, namely recombining the received second password according to the sequencing rule to obtain three contents, namely operation information, a check code, a preset key and the like.
S702: and decoding the second coded data to obtain a first check code. Namely: and decrypting the instruction part and the check code part according to the secret key.
S703: and generating a second check code according to the first coding data, and checking the first coding data according to the first check code and the second check code. Namely: crc32 operation is performed on A, and then whether the first check code of decode (C) is consistent with the second check code after the crc32 operation is performed on A is judged.
S704: and if the check is passed (namely the first check code and the second check code are consistent), decoding the first coded data to obtain the operation information.
S705: and the target application program in the second terminal executes corresponding action according to the operation information. I.e. execute operations.
It should be noted that, in the process of generating and executing the password, both the sender (the target application of the first terminal) and the receiver (the target application of the second terminal) know the encoding rule, the encryption rule and the shuffling rule. And the key can be obtained only when the receiver receives the password, and corresponding decryption operation is carried out according to the key. Wherein the shuffling process aims to mix three parts of characters together, removes features and is safer. The second password before processing is shown in fig. 8A, and the password after processing is shown in fig. 8B, and the total length increases by about 1/3 due to the encoding processing excluding the document information. The processed operation information and check code are both composed of common ASCII characters. The scrambled instruction and check code portion may be divided into a plurality of portions and the receiver may need to reassemble the data after receiving the second password.
According to the password execution method, the work of password identification and analysis (namely decoding, decryption and the like) is completed in the second terminal, so that compared with the mode of identifying and analyzing the password by the server in the related art, the method does not need the server to participate, and omits the interaction process with the server, so that the requirement on network speed is low, the interaction time with the server is saved, the method has the advantage of high password identification and analysis speed, and the target application program of the second terminal can simply and quickly execute corresponding actions.
Fig. 9 is a block diagram of a first terminal according to an embodiment of the present invention, and as shown in fig. 9, a terminal 900 according to an embodiment of the present invention, the terminal 900 being referred to as the first terminal 900, includes: an encoding module 910, an encryption module 920, and a password generation module 930.
The encoding module 910 is configured to encode operation information corresponding to a target application program to generate first encoded data, where the operation information includes an operation instruction and/or an operation parameter. The encryption module 920 is configured to encrypt the first encoded data according to a preset key to obtain first encrypted data. The password generating module 930 is configured to sort the preset key and the first encrypted data by a predetermined sorting rule, and generate a first password corresponding to the target application.
Further, the first terminal 900 further includes: a sending module (not shown in fig. 9) for sending the first password to the second terminal.
In one embodiment of the present invention, the first password includes pattern information, and the password generation module sorts the preset key and the first encrypted data by a predetermined sorting rule to generate the first password corresponding to the target application, including: and sequencing the preset secret key and the first encrypted data according to a preset sequencing rule to obtain a first sequencing result, and splicing the file information into the first sequencing result to obtain the first password.
Embodiments of the invention further include: a first check code generating module (not shown in fig. 9) configured to generate a first check code according to first encoded data after the encoding module encodes operation information corresponding to a target application program to generate the first encoded data, the encoding module is further configured to encode the first check code to generate second encoded data, and the encrypting module is further configured to encrypt the first encoded data and the second encoded data according to the preset key to obtain first encrypted data and second encrypted data, respectively; the password generation module is further configured to sequence the preset key, the first encrypted data, and the second encrypted data according to the predetermined sequencing rule, and generate a second password corresponding to the target application program.
The sending module is further configured to send the second password to a second terminal. Further, the second password further includes copy information, and the password generation module sequences the preset key, the first encrypted data, and the second encrypted data according to the predetermined sequencing rule to generate the second password corresponding to the target application program, including: and sequencing the preset secret key, the first encrypted data and the second encrypted data according to the preset sequencing rule to obtain a second sequencing result, and splicing the file information into the second sequencing result to obtain the second password.
According to the first terminal of the embodiment of the invention, the password is generated in the first terminal, so that compared with a method of generating the password by a server in the related art, the method does not need the server to participate, and omits the interaction process with the server, so that the method has the advantages of low requirement on network speed, short interaction time with the server and high password generation speed. In addition, the characteristics of the password are removed through a coding and encryption mode, the password is encrypted data similar to a common character string, when the password is sent, the fact that an instant messaging tool filters the password is avoided, and the safety in network transmission is improved.
It should be noted that a specific implementation manner of the first terminal in the embodiment of the present invention is similar to a specific implementation manner of the password generation method in the embodiment of the present invention, and please refer to the description of the method part specifically, and details are not described here in order to reduce redundancy.
As shown in fig. 10, an embodiment of the present invention discloses a terminal 1000, where the terminal 1000 is referred to as a second terminal 1000 to distinguish from a first terminal 900, and the terminal 1000 includes: an identification module 1010, a decryption module 1020, and a decoding module 1030.
The identifying module 1010 is configured to identify the first password according to the predetermined sorting rule after receiving the first password sent by the first terminal, so as to obtain the preset key and the first encrypted data. The decryption module 1020 is configured to decrypt the first encrypted data according to the preset key to obtain the first encoded data. The decoding module 1030 is configured to decode the first encoded data to obtain the operation information, so that a target application in the second terminal performs a corresponding action according to the operation information.
The identification module is further configured to identify the second password according to the predetermined ordering rule after receiving the second password sent by the first terminal, so as to obtain the preset key, the first encrypted data, and the second encrypted data; the decryption module is further configured to decrypt the second encrypted data according to the preset key to obtain the second encoded data; the decoding module is further configured to decode the second encoded data to obtain the first check code; the second terminal further includes: the device comprises a second check code generation module and a check module, wherein the second check code generation module is used for generating a second check code according to the first coding data, and the check module is used for checking the first coding data according to the first check code and the second check code; the decoding module is further configured to decode the first encoded data after the verification of the verification module passes, so as to obtain the operation information, so that a target application program in the second terminal executes a corresponding action according to the operation information.
According to the second terminal of the embodiment of the invention, the work of identifying and analyzing (decoding, decrypting and the like) the password is completed in the second terminal, so that compared with the mode of identifying and analyzing the password by the server in the related art, the method does not need the server to participate, and omits the interaction process with the server, so that the requirement on network speed is low, the interaction time with the server is saved, the method has the advantage of high password identification and analysis speed, and the target application program of the second terminal can simply and quickly execute corresponding actions.
It should be noted that a specific implementation manner of the second terminal in the embodiment of the present invention is similar to a specific implementation manner of the method for executing a password in the embodiment of the present invention, and please refer to the description of the method part specifically, and details are not described here in order to reduce redundancy.
The embodiment of the invention discloses a password transmission system, which comprises: the first terminal and the second terminal of the above embodiments. The password transmission system can realize the generation, transmission and execution of the password without the participation of a server, and has the advantages of simplicity, convenience and high safety.
It should be understood that portions of the present invention may be implemented in hardware, software, firmware, or a combination thereof. In the above embodiments, the various steps or methods may be implemented in software or firmware stored in memory and executed by a suitable instruction execution system. For example, if implemented in hardware, as in another embodiment, any one or combination of the following techniques, which are known in the art, may be used: a discrete logic circuit having a logic gate circuit for implementing a logic function on a data signal, an application specific integrated circuit having an appropriate combinational logic gate circuit, a Programmable Gate Array (PGA), a Field Programmable Gate Array (FPGA), or the like.
In the description herein, references to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
While embodiments of the invention have been shown and described, it will be understood by those of ordinary skill in the art that: various changes, modifications, substitutions and alterations can be made to the embodiments without departing from the principles and spirit of the invention, the scope of which is defined by the claims and their equivalents.
Claims (17)
1. A method for generating a password, comprising the steps of:
the method comprises the steps that a first terminal encodes operation information corresponding to a target application program to generate first encoded data, wherein the operation information at least comprises one of an operation instruction and an operation parameter;
the first terminal encrypts the first coded data according to a preset secret key to obtain first encrypted data;
and the first terminal sequences the preset secret key and the first encrypted data according to a preset sequencing rule to generate a first password corresponding to the target application program.
2. The method for generating a password according to claim 1, further comprising: and the first terminal sends the first password to a second terminal.
3. The password generation method according to claim 1, wherein the first password includes document information,
the first terminal sequences the preset secret key and the first encrypted data according to a preset sequencing rule to generate a first password corresponding to the target application program, and the method comprises the following steps: and sequencing the preset secret key and the first encrypted data according to a preset sequencing rule to obtain a first sequencing result, and splicing the file information into the first sequencing result to obtain the first password.
4. The method of claim 1, wherein the first terminal encodes operation information corresponding to the target application program, and further comprises, after generating the first encoded data:
generating a first check code according to the first coded data;
encoding the first check code to generate second encoded data;
encrypting the first coded data and the second coded data respectively according to the preset key to obtain first encrypted data and second encrypted data;
and sequencing the preset secret key, the first encrypted data and the second encrypted data according to the preset sequencing rule to generate a second password corresponding to the target application program.
5. The password generation method according to claim 4, wherein the first terminal transmits the second password to the second terminal.
6. The password generation method according to claim 5, wherein said second password further includes filing information,
the first terminal sequences the preset secret key, the first encrypted data and the second encrypted data according to the preset sequencing rule to generate a second password corresponding to the target application program, and the method comprises the following steps: and sequencing the preset secret key, the first encrypted data and the second encrypted data according to the preset sequencing rule to obtain a second sequencing result, and splicing the file information into the second sequencing result to obtain the second password.
7. A method for executing a password, comprising the steps of:
after receiving a first password sent by a first terminal, a second terminal identifies the first password according to a preset sequencing rule to obtain a preset secret key and first encrypted data;
the second terminal decrypts the first encrypted data according to the preset key to obtain first encoded data;
the second terminal decodes the first coded data to obtain operation information;
and the second terminal executes corresponding action according to the operation information.
8. The method for executing a password according to claim 7, further comprising:
after receiving a second password sent by the first terminal, the second terminal identifies the second password according to the preset sequencing rule to obtain the preset secret key, the first encrypted data and the second encrypted data;
decrypting the second encrypted data according to the preset key to obtain second encoded data;
decoding the second coded data to obtain a first check code;
generating a second check code according to the first coding data, and checking the first coding data according to the first check code and the second check code;
if the check is passed, decoding the first coded data to obtain the operation information;
and the target application program in the second terminal executes corresponding action according to the operation information.
9. A terminal, comprising:
the encoding module is used for encoding operation information corresponding to a target application program to generate first encoded data, wherein the operation information comprises an operation instruction and/or an operation parameter;
the encryption module is used for encrypting the first coded data according to a preset secret key to obtain first encrypted data;
and the password generation module is used for sequencing the preset secret key and the first encrypted data according to a preset sequencing rule to generate a first password corresponding to the target application program.
10. The terminal of claim 9, further comprising: and the sending module is used for sending the first password to a second terminal.
11. The terminal of claim 9, wherein the first password comprises protocol information,
the password generating module sequences the preset key and the first encrypted data according to a preset sequencing rule to generate a first password corresponding to the target application program, and the password generating module comprises: and sequencing the preset secret key and the first encrypted data according to a preset sequencing rule to obtain a first sequencing result, and splicing the file information into the first sequencing result to obtain the first password.
12. The terminal of claim 10, further comprising: a first check code generation module, configured to generate a first check code according to first encoded data after the encoding module encodes operation information corresponding to a target application to generate the first encoded data,
the encoding module is further configured to encode the first check code to generate second encoded data,
the encryption module is further configured to encrypt the first encoded data and the second encoded data according to the preset key, so as to obtain first encrypted data and second encrypted data;
the password generation module is further configured to sequence the preset key, the first encrypted data, and the second encrypted data according to the predetermined sequencing rule, and generate a second password corresponding to the target application program.
13. The terminal of claim 12, wherein the sending module is further configured to send the second password to a second terminal.
14. The terminal of claim 13, wherein the second password further comprises scrip information,
the password generating module sequences the preset secret key, the first encrypted data and the second encrypted data according to the preset sequencing rule to generate a second password corresponding to the target application program, and the password generating module comprises: and sequencing the preset secret key, the first encrypted data and the second encrypted data according to the preset sequencing rule to obtain a second sequencing result, and splicing the file information into the second sequencing result to obtain the second password.
15. A terminal, comprising:
the identification module is used for identifying a first password sent by a first terminal according to a preset sequencing rule after receiving the first password to obtain a preset secret key and first encrypted data;
the decryption module is used for decrypting the first encrypted data according to the preset secret key to obtain first encoded data;
and the decoding module is used for decoding the first coded data to obtain operation information so that a target application program in the second terminal executes corresponding action according to the operation information.
16. The terminal of claim 15, wherein the identifying module is further configured to identify a second password according to the predetermined ordering rule after receiving the second password sent by the first terminal, so as to obtain the preset key, the first encrypted data, and second encrypted data;
the decryption module is further configured to decrypt the second encrypted data according to the preset key to obtain second encoded data;
the decoding module is further configured to decode the second encoded data to obtain a first check code;
the second terminal further includes: the device comprises a second check code generation module and a check module, wherein the second check code generation module is used for generating a second check code according to the first coding data, and the check module is used for checking the first coding data according to the first check code and the second check code;
the decoding module is further configured to decode the first encoded data after the verification of the verification module passes, so as to obtain the operation information, so that a target application program in the second terminal executes a corresponding action according to the operation information.
17. A password delivery system, comprising:
a first terminal according to any of claims 9-14;
a second terminal according to claim 15 or 16.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610201498.7A CN107294704B (en) | 2016-03-31 | 2016-03-31 | Password generation method, password execution method and terminal |
| CN202110547419.9A CN113517982B (en) | 2016-03-31 | 2016-03-31 | Password generation method, password execution method and terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610201498.7A CN107294704B (en) | 2016-03-31 | 2016-03-31 | Password generation method, password execution method and terminal |
Related Child Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110547419.9A Division CN113517982B (en) | 2016-03-31 | 2016-03-31 | Password generation method, password execution method and terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107294704A CN107294704A (en) | 2017-10-24 |
| CN107294704B true CN107294704B (en) | 2021-05-04 |
Family
ID=60086865
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110547419.9A Active CN113517982B (en) | 2016-03-31 | 2016-03-31 | Password generation method, password execution method and terminal |
| CN201610201498.7A Active CN107294704B (en) | 2016-03-31 | 2016-03-31 | Password generation method, password execution method and terminal |
Family Applications Before (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110547419.9A Active CN113517982B (en) | 2016-03-31 | 2016-03-31 | Password generation method, password execution method and terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (2) | CN113517982B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108710699B (en) * | 2018-05-23 | 2022-03-08 | 陈达康 | Dynamic password generation method, device and system |
| CN110290146B (en) * | 2019-07-03 | 2021-10-08 | 北京达佳互联信息技术有限公司 | Method and device for generating shared password, server and storage medium |
| CN111339508A (en) * | 2020-02-28 | 2020-06-26 | 北京达佳互联信息技术有限公司 | Shared password analysis method and device, electronic equipment and storage medium |
| WO2022132253A1 (en) * | 2020-12-17 | 2022-06-23 | Arris Enterprises Llc | System and method for merging live medical device readings into virtual doctor visit secure video |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101997849A (en) * | 2009-08-18 | 2011-03-30 | 阿里巴巴集团控股有限公司 | Method, device and system for authentication of internet user |
| US8479298B2 (en) * | 2010-07-30 | 2013-07-02 | At&T Intellectual Property I, L.P. | Method for encrypting and embedding information in a URL for content delivery |
| CN103379098A (en) * | 2012-04-19 | 2013-10-30 | 华为技术有限公司 | Content sharing method, device and network system thereof |
| CN103516525A (en) * | 2013-10-22 | 2014-01-15 | 天地融科技股份有限公司 | Dynamic password generation method and system |
| CN103533460A (en) * | 2013-09-30 | 2014-01-22 | 深圳市龙视传媒有限公司 | Method, device, terminal and system for sharing television service |
| CN104899083A (en) * | 2015-05-19 | 2015-09-09 | 小米科技有限责任公司 | Application share method and device |
| JP2016010492A (en) * | 2014-06-27 | 2016-01-21 | 株式会社ニューギン | Game machine |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102377783B (en) * | 2011-11-07 | 2014-03-12 | 飞天诚信科技股份有限公司 | Dynamic password generation and authentication method and dynamic password generation and authentication system |
| CN103475479A (en) * | 2013-09-03 | 2013-12-25 | 天地融科技股份有限公司 | Intelligent secret key equipment, mobile terminal, dynamic password output method and system |
| CN103475486A (en) * | 2013-09-22 | 2013-12-25 | 天地融科技股份有限公司 | Intelligent secret key equipment, mobile terminal and dynamic password output method and system |
-
2016
- 2016-03-31 CN CN202110547419.9A patent/CN113517982B/en active Active
- 2016-03-31 CN CN201610201498.7A patent/CN107294704B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101997849A (en) * | 2009-08-18 | 2011-03-30 | 阿里巴巴集团控股有限公司 | Method, device and system for authentication of internet user |
| US8479298B2 (en) * | 2010-07-30 | 2013-07-02 | At&T Intellectual Property I, L.P. | Method for encrypting and embedding information in a URL for content delivery |
| CN103379098A (en) * | 2012-04-19 | 2013-10-30 | 华为技术有限公司 | Content sharing method, device and network system thereof |
| CN103533460A (en) * | 2013-09-30 | 2014-01-22 | 深圳市龙视传媒有限公司 | Method, device, terminal and system for sharing television service |
| CN103516525A (en) * | 2013-10-22 | 2014-01-15 | 天地融科技股份有限公司 | Dynamic password generation method and system |
| JP2016010492A (en) * | 2014-06-27 | 2016-01-21 | 株式会社ニューギン | Game machine |
| CN104899083A (en) * | 2015-05-19 | 2015-09-09 | 小米科技有限责任公司 | Application share method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113517982B (en) | 2023-04-25 |
| CN113517982A (en) | 2021-10-19 |
| CN107294704A (en) | 2017-10-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111371549B (en) | Message data transmission method, device and system | |
| CN106788995B (en) | File encryption method and device | |
| CN107294704B (en) | Password generation method, password execution method and terminal | |
| CN106254327A (en) | Information processor and method | |
| CN104079581A (en) | Identity authentication method and device | |
| CN110912920A (en) | Data processing method, apparatus and medium | |
| CN105430640A (en) | Short message encryption and authentication method, terminal and system | |
| CN112491549A (en) | Data information encryption verification method, system and computer readable storage medium | |
| CN109729000B (en) | Instant messaging method and device | |
| CN113515766A (en) | File transmission method and device | |
| CN109918211A (en) | A kind of method, apparatus of Auto-writing identifying code | |
| CN114499857B (en) | Method for realizing data correctness and consistency in encryption and decryption of large data quanta | |
| CN113014580A (en) | File transmission method and device, electronic equipment and storage medium | |
| CN108141353A (en) | The method and apparatus of cryptographic algorithm upgrading | |
| CN115102768B (en) | Data processing method and device and computer equipment | |
| CN105915531B (en) | A kind of unlocking screen method and terminal | |
| CN113158218B (en) | Data encryption method and device and data decryption method and device | |
| CN112995210B (en) | Data transmission method and device and electronic equipment | |
| US8966254B2 (en) | Keyless challenge and response system | |
| CN111147461B (en) | Data transmission method, device, server and user terminal | |
| CN112291189A (en) | Method, device, equipment and storage medium for sending and checking ciphertext | |
| CN112926076B (en) | Data processing method, device and system | |
| CN116455892B (en) | File transmission method, file transmission device and terminal equipment | |
| WO2018094594A1 (en) | Communication method and device | |
| CN113343269B (en) | Encryption method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 1246034 Country of ref document: HK |
|
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20200924 Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands Applicant after: Innovative advanced technology Co.,Ltd. Address before: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands Applicant before: Advanced innovation technology Co.,Ltd. Effective date of registration: 20200924 Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands Applicant after: Advanced innovation technology Co.,Ltd. Address before: A four-storey 847 mailbox in Grand Cayman Capital Building, British Cayman Islands Applicant before: Alibaba Group Holding Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |