CN107437994A - A kind of method and device of safe memory mobile terminal password - Google Patents
A kind of method and device of safe memory mobile terminal password Download PDFInfo
- Publication number
- CN107437994A CN107437994A CN201610362968.8A CN201610362968A CN107437994A CN 107437994 A CN107437994 A CN 107437994A CN 201610362968 A CN201610362968 A CN 201610362968A CN 107437994 A CN107437994 A CN 107437994A
- Authority
- CN
- China
- Prior art keywords
- mobile terminal
- password
- identification card
- encryption unit
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M1/00—Substation equipment, e.g. for use by subscribers
- H04M1/26—Devices for calling a subscriber
- H04M1/27—Devices whereby a plurality of signals may be stored simultaneously
- H04M1/274—Devices whereby a plurality of signals may be stored simultaneously with provision for storing more than one subscriber number at a time, e.g. using toothed disc
- H04M1/2745—Devices whereby a plurality of signals may be stored simultaneously with provision for storing more than one subscriber number at a time, e.g. using toothed disc using static electronic memories, e.g. chips
Abstract
The invention discloses a kind of method and device of safe memory mobile terminal password, it is related to technical field of mobile terminals, this method includes:Mobile terminal safety password is set;The security password is split into the first encryption unit and the second encryption unit;First encryption unit is spliced with information of mobile terminal, and using preservation after the encryption of the first AES to the memory block of mobile terminal;Second encryption unit is spliced with subscriber identity information, and using preservation after the encryption of the second AES to subscriber identification card, the scheme provided according to embodiments of the present invention, by the way that password is carried out into splitting and reorganizing and encrypted, and preserve respectively to mobile terminal and SIM card (or UIM), improve the security of mobile terminal.
Description
Technical field
The present invention relates to technical field of mobile terminals, more particularly to a kind of safe memory mobile terminal password
Method and device.
Background technology
In order to prevent other people from operating the mobile phone of oneself, mobile phone has screen-lock password or startup password at present,
But in general way is all at user data subregion (data subregions) password storage, and is bright mostly
Text storage, the problem of so causing is exactly that user cipher is easier to crack, even if password cracking is not,
Password can also be removed by simple factory reset, do not influence the normal use of mobile phone, not enough peace
Entirely.
The content of the invention
The main purpose of the embodiment of the present invention be a kind of method for proposing safe memory mobile terminal password and
Device, by the way that password splitting and reorganizing and encrypt, and preserve respectively to mobile terminal and SIM card (or
UIM on), the security of mobile terminal is improved.
To achieve the above object, on the one hand, a kind of method of safe memory mobile terminal password is provided,
Including:
Mobile terminal safety password is set;
The security password is split into the first encryption unit and the second encryption unit;
First encryption unit is spliced with information of mobile terminal, and encrypted using the first AES
Preserve afterwards to the memory block of mobile terminal;
Second encryption unit is spliced with subscriber identity information, and encrypted using the second AES
After preserve to subscriber identification card.
Alternatively, the security password is split into the first encryption unit and the second encryption unit is specially:
The security password step-by-step is split into the first encryption unit and the second encryption unit.
Alternatively, first AES and the second AES are all irreversible encryption algorithm.
Alternatively, the subscriber identification card includes SIM card and UIM cards, when described in mobile terminal
When the quantity of subscriber identification card is two, second encryption unit is divided into the first user identity identification
Card encryption portion and second user identification card encryption unit, it is correspondingly, described that second encryption unit is same
Subscriber identity information is spliced, and using preservation after the encryption of the second AES to subscriber identification card
Specially:
By the first subscriber identification card encryption unit with user's body corresponding to the first subscriber identification card
Part information is spliced, and using preservation after the encryption of the second AES to the first subscriber identification card;
By the second user identification card encryption unit with user's body corresponding to second user identification card
Part information is spliced, and using preservation after the encryption of the second AES to second user identification card.
Alternatively, also include after the setting mobile terminal safety password:
The registration decoded information related to the security password, and will preserve after decoded information encryption to
The memory block of mobile terminal, wherein, the decoded information includes being used to give the second of the security password for change
Mobile terminal number.
On the other hand, there is provided a kind of device of safe memory mobile terminal password, including:
Setup module, for setting mobile terminal safety password;
Module is split, for the security password to be split into the first encryption unit and the second encryption unit;
First memory module, for first encryption unit to be spliced with information of mobile terminal, and adopt
Preserved after being encrypted with the first AES to the memory block of mobile terminal;
Second memory module, for second encryption unit to be spliced with subscriber identity information, and adopt
Preserved after being encrypted with the second AES to subscriber identification card.
Alternatively, the fractionation module is specially:The security password step-by-step is split into the first encryption unit
With the second encryption unit;
First AES and the second AES are all irreversible encryption algorithm.
Alternatively, the subscriber identification card includes SIM card and UIM cards, when described in mobile terminal
When the quantity of subscriber identification card is two, second encryption unit is divided into the first user identity identification
Card encryption portion and second user identification card encryption unit, correspondingly, second memory module includes:
First subscriber identification card memory cell, for by the first subscriber identification card encryption unit
Spliced with subscriber identity information corresponding to the first subscriber identification card, and use the second AES
Preserved after encryption to the first subscriber identification card;
Second user identification card memory cell, for by the second user identification card encryption unit
Spliced with subscriber identity information corresponding to second user identification card, and use the second AES
Preserved after encryption to second user identification card.
Alternatively, in addition to:
Registering modules, believe for registering the decoded information related to the security password, and by the decoding
Preserved after encryption for information to the memory block of mobile terminal, wherein, the decoded information includes described for giving for change
Second mobile terminal number of security password.
Alternatively, in addition to:
Correction verification module, for carrying out cryptographic check when mobile terminal-opening and solution screen locking;
Module is removed, in the case of cryptographic check is correct, removing security password;
Password recovery module, for giving password for change by the Registering modules.
A kind of method and device of safe memory mobile terminal password proposed by the present invention, this method include:
Mobile terminal safety password is set;The security password is split into the first encryption unit and the second encryption unit;
First encryption unit is spliced with information of mobile terminal, and protected after being encrypted using the first AES
Deposit to the memory block of mobile terminal;Second encryption unit is spliced with subscriber identity information, and adopted
Preserved after being encrypted with the second AES to subscriber identification card, the side provided according to embodiments of the present invention
Case, by the way that password splitting and reorganizing and encrypt, and preserve respectively to mobile terminal and SIM card (or
UIM on), the security of mobile terminal is improved.
Brief description of the drawings
Fig. 1 is the hardware architecture diagram for realizing each optional mobile terminal of embodiment one of the present invention;
Fig. 2 is the wireless communication system schematic diagram of mobile terminal as shown in Figure 1;
Fig. 3 is a kind of method flow diagram for safe memory mobile terminal password that the embodiment of the present invention one provides;
Fig. 4 is a kind of method flow diagram for safe memory mobile terminal password that the embodiment of the present invention two provides;
Fig. 5 is a kind of method flow diagram for safe memory mobile terminal password that the embodiment of the present invention three provides;
Fig. 6 is that a kind of device for safe memory mobile terminal password that the embodiment of the present invention four provides is exemplary
Structured flowchart;
Fig. 7 is that a kind of device for safe memory mobile terminal password that the embodiment of the present invention five provides is exemplary
Structured flowchart;
Fig. 8 is that a kind of device for safe memory mobile terminal password that the embodiment of the present invention six provides is exemplary
Structured flowchart.
The realization, functional characteristics and advantage of the object of the invention will be done further referring to the drawings in conjunction with the embodiments
Explanation.
Embodiment
It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not used to limit
The fixed present invention.
In follow-up description, such as " module ", " part " or " unit " for representing element are used
Suffix only for be advantageous to the present invention explanation, itself do not have specific meaning.Therefore, " module
" with " part " can be used mixedly.
Mobile terminal can be implemented in a variety of manners.For example, the terminal described in the present invention can include
(individual digital helps by such as mobile phone, smart phone, notebook computer, digit broadcasting receiver, PDA
Reason), PAD (tablet personal computer), PMP (portable media player), the mobile end of guider etc.
End and the fixed terminal of such as digital TV, desktop computer etc..Hereinafter it is assumed that terminal is mobile whole
End.However, it will be understood by those skilled in the art that in addition to being used in particular for moving the element of purpose,
Construction according to the embodiment of the present invention can also apply to the terminal of fixed type.
Fig. 1 is the hardware architecture diagram for realizing each optional mobile terminal of embodiment one of the present invention.
Mobile terminal 100 can include wireless communication unit 110, A/V (audio/video) input block 120,
User input unit 130, sensing unit 140, output unit 150, memory 160, interface unit 170,
Controller 180 and power subsystem 190 etc..Fig. 1 shows the mobile terminal with various assemblies, but should
What is understood is, it is not required that implements all components shown.More or less groups can alternatively be implemented
Part.The element of mobile terminal will be discussed in more detail below.
Wireless communication unit 110 generally includes one or more assemblies, its allow mobile terminal 100 with it is wireless
Radio communication between communication system or network.For example, wireless communication unit can include mobile communication
It is at least one in module 112, wireless Internet module 113, short range communication module 114.
Mobile communication module 112 send radio signals to base station (for example, access point, node B etc.),
At least one in exterior terminal and server and/or receive from it radio signal.Such radio
Signal can include voice call signal, video calling signal or according to text and/or Multimedia Message
The various types of data for sending and/or receiving.
Wireless Internet module 113 supports the Wi-Fi (Wireless Internet Access) of mobile terminal.The module can it is internal or
Externally it is couple to terminal.Wi-Fi (Wireless Internet Access) technology involved by the module can include WLAN (nothings
Line LAN) (Wi-Fi), Wibro (WiMAX), Wimax (worldwide interoperability for microwave accesses), HSDPA (at a high speed
Downlink packets access) etc..
Short range communication module 114 is the module for supporting junction service.Some examples of short-range communication technology
Including bluetooth TM, radio frequency identification (RFID), Infrared Data Association (IrDA), ultra wide band (UWB), purple honeybee
TM etc..
A/V input blocks 120 are used to receive audio or video signal.A/V input blocks 120 can include taking the photograph
As first 121 and microphone 1220, camera 121 in video acquisition mode or image capture mode by scheming
As the static images or the view data of video that acquisition equipment obtains are handled.Picture frame after processing can
To be shown on display unit 151.Picture frame after the processing of camera 121 can be stored in memory
It is transmitted in 160 (or other storage mediums) or via wireless communication unit 110, can be according to mobile whole
The construction at end provides two or more cameras 1210.Microphone 122 can be in telephone calling model, record
In pattern, speech recognition mode etc. operational mode sound (voice data), and energy are received via microphone
It is voice data enough by such acoustic processing.Audio (voice) data after processing can be in telephone relation mould
The form output of mobile communication base station can be sent to via mobile communication module 112 by being converted in the case of formula.
Microphone 122 can implement various types of noises elimination (or suppression) algorithms and received with eliminating (or suppression)
With caused noise or interference during transmission audio signal.
The order that user input unit 130 can input according to user generates key input data to control movement
The various operations of terminal.User input unit 130 allows user to input various types of information, and can be with
Including keyboard, metal dome, touch pad (for example, detection resistance, pressure, electricity caused by being touched
The sensitive component for the change held etc.), roller, rocking bar etc..Especially, when touch pad in the form of layer
When being superimposed upon on display unit 151, touch-screen can be formed.
Sensing unit 140 detect mobile terminal 100 current state, (for example, the opening of mobile terminal 100 or
Closed mode), the contact (that is, touch input) of the position of mobile terminal 100, user for mobile terminal 100
The presence or absence of, the acceleration or deceleration of the orientation of mobile terminal 100, mobile terminal 100 is mobile and direction etc.,
And generate order or the signal of the operation for controlling mobile terminal 100.For example, work as mobile terminal 100
When being embodied as sliding-type mobile phone, it is to engage on or off that sensing unit 140, which can sense the sliding-type number,
Close.In addition, sensing unit 140 can detect whether power subsystem 190 provides electric power or interface unit 170
Whether coupled with external device (ED).
Interface unit 170 is used as at least one external device (ED) and connecing of can passing through is connected with mobile terminal 100
Mouthful.For example, external device (ED) can include wired or wireless head-band earphone port, external power source (or battery
Charger) port, wired or wireless FPDP, memory card port, for connecting with identification module
The port of device, audio input/output (I/O) port, video i/o port, ear port etc..Identify mould
Block can be that storage is used to verify user using the various information of mobile terminal 100 and can include user
Identification module (UIM), client identification module (SIM), Universal Subscriber identification module (USIM) etc..In addition,
Device with identification module can (hereinafter referred to as " identification device ") take the form of smart card, therefore, know
Other device can be connected via port or other attachment means with mobile terminal 100.Interface unit 170 can be with
For receiving the input (for example, data message, electric power etc.) from external device (ED) and defeated by what is received
Enter to be transferred to one or more elements in mobile terminal 100 or can be used in mobile terminal and outside
Data are transmitted between device.
In addition, when mobile terminal 100 is connected with external base, interface unit 170 may be used as allowing to lead to
It is crossed electric power is provided to the path of mobile terminal 100 from base or may be used as allowing to input from base
Various command signals the path of mobile terminal is transferred to by it.From the various command signals of base input
Or electric power may be used as the signal that whether is accurately fitted within base for identifying mobile terminal.Output is single
Member 150 be configured to vision, audio and/or tactile manner provide output signal (for example, audio signal,
Vision signal, alarm signal, vibration signal etc.).Output unit 150 can include display unit 151,
Dio Output Modules 152 etc..
Display unit 151 may be displayed in mobile terminal 100 information handled.For example, work as mobile terminal
100 when being in telephone calling model, and display unit 151 can be shown with conversing or other communicating (for example, text
This information receiving and transmitting, multimedia file are downloaded etc.) related user interface (UI) or graphic user interface
(GUI).When mobile terminal 100 is in video calling pattern or image capture mode, display unit 151
Can show the image of capture and/or the image of reception, show video or image and correlation function UI or
GUI etc..
Meanwhile when display unit 151 and touch pad in the form of layer it is superposed on one another to form touch-screen when, show
Show that unit 151 may be used as input unit and output device.Display unit 151 can include liquid crystal display
(LCD), thin film transistor (TFT) LCD (TFT-LCD), Organic Light Emitting Diode (OLED) display, flexibility are aobvious
Show at least one of device, three-dimensional (3D) display etc..Some in these displays may be constructed such that
For transparence to allow user to be watched from outside, this is properly termed as transparent display, typical transparent display
It can be, for example, TOLED (transparent organic light emitting diode) display etc..According to specific desired implementation
Mode, mobile terminal 100 can include two or more display units (or other display devices), for example,
Mobile terminal can include outernal display unit (not shown) and inner display unit (not shown).Touch-screen can
For detecting touch input pressure and touch input position and touch input area.
Dio Output Modules 152 can be in call signal reception pattern, call mode, note in mobile terminal
When under the isotypes such as record pattern, speech recognition mode, broadcast reception mode, wireless communication unit 110 is connect
The receive or voice data transducing audio signal that is stored in memory 160 and to export be sound.And
And dio Output Modules 152 can provide to mobile terminal 100 perform specific function it is related audio it is defeated
Go out (for example, call signal receives sound, message sink sound etc.).Dio Output Modules 152 can wrap
Include loudspeaker, buzzer etc..
Memory 160 can store software program of the processing performed by controller 180 and control operation etc.
Deng, or can temporarily store exported or will export data (for example, telephone directory, message,
Still image, video etc.).Moreover, memory 160 can be stored on when touch is applied to touch-screen
The vibration of various modes of output and the data of audio signal.
Memory 160 can include the storage medium of at least one type, the storage medium include flash memory,
Hard disk, multimedia card, card-type memory (for example, SD or DX memories etc.), random access storage device
(RAM), static random-access memory (SRAM), read-only storage (ROM), electrically erasable
Read-only storage (EEPROM), programmable read only memory (PROM), magnetic storage, disk, light
Disk etc..Moreover, mobile terminal 100 can be with the store function by network connection execution memory 160
Network storage device cooperation.
Controller 180 generally controls the overall operation of mobile terminal.For example, controller 180 performs and voice
The related control and processing of call, data communication, video calling etc..In addition, controller 180 can wrap
The multi-media module 1810 for reproducing (or playback) multi-medium data is included, multi-media module 1810 can construct
In controller 180, or it can be structured as separating with controller 180.Controller 180 can be with execution pattern
Identifying processing, by the handwriting input performed on the touchscreen or picture draw input be identified as character or
Image.
Power subsystem 190 receives external power or internal power under the control of controller 180 and provides behaviour
Make the appropriate electric power needed for each element and component.
Various embodiments described herein can be with use such as computer software, hardware or its any group
The computer-readable medium of conjunction is implemented.Implement for hardware, embodiment described herein can pass through
Use application-specific IC (ASIC), digital signal processor (DSP), digital signal processing device
(DSPD), programmable logic device (PLD), field programmable gate array (FPGA), processor, control
Device, microcontroller, microprocessor, it is designed to perform in the electronic unit of function described herein extremely
Lack one kind to implement, in some cases, such embodiment can be implemented in controller 180.It is right
In software implementation, the embodiment of such as process or function can be with allowing to perform at least one function or behaviour
The single software module made is implemented.Software code can be by being write with any appropriate programming language
Software application (or program) is implemented, and software code can be stored in memory 160 and by controlling
Device 180 performs.
So far, mobile terminal is described according to its function.Below, for the sake of brevity, will describe
Various types of mobile terminals of such as folded form, board-type, oscillating-type, slide type mobile terminal etc.
In slide type mobile terminal as example.Therefore, the present invention can be applied to any kind of mobile whole
End, and it is not limited to slide type mobile terminal.
With reference to figure 2, cdma wireless communication system can include multiple mobile terminals 100, multiple base stations
(BS) 270, base station controller (BSC) 275 and mobile switching centre (MSC) 280.MSC280 is configured to
Interface is formed with Public Switched Telephony Network (PSTN) 290.MSC280 be also structured to can via return
The BSC275 that journey circuit is couple to base station 270 forms interface.Back haul link can be according to some known interfaces
Any of construct, the interface includes such as E1/T1, ATM, IP, PPP, frame relay, HDSL,
ADSL or xDSL.It will be appreciated that system can include multiple BSC2750 as shown in Figure 2.
Each BS270 can service one or more subregions (or region), by multidirectional antenna or point to certain party
To antenna cover each subregion radially away from BS270.Or each subregion can be by for dividing
Two or more antennas covering that collection receives.Each BS270, which may be constructed such that, supports multiple frequency distribution,
And each frequency distribution has specific frequency spectrum (for example, 1.25MHz, 5MHz etc.).
What subregion and frequency were distributed, which intersects, can be referred to as CDMA Channel.BS270 can also be referred to as base station
Transceiver subsystem (BTS) or other equivalent terms.In this case, term " base station " can be used
In broadly representing single BSC275 and at least one BS270.Base station can also be referred to as " cellular station ".
Or specific BS270 each subregion can be referred to as multiple cellular stations.
As shown in Figure 2, broadcast singal is sent to the shifting operated in system by broadcsting transmitter (BT) 295
Dynamic terminal 100.Broadcasting reception module 111 as shown in Figure 1 is arranged at mobile terminal 100 to receive
The broadcast singal sent by BT295.In fig. 2 it is shown that several global positioning system (GPS) satellites 300.
The help of satellite 300 positions at least one in multiple mobile terminals 100.
In fig. 2, multiple satellites 300 are depicted, it is understood that, any number of defend can be utilized
Star obtains useful location information.
As a typical operation of wireless communication system, BS270 is received from various mobile terminals 100
Reverse link signal.Mobile terminal 100 generally participates in call, information receiving and transmitting and other types of communication.It is special
The each reverse link signal for determining the reception of base station 270 is handled in specific BS270.The data of acquisition
It is forwarded to the BSC275 of correlation.BSC provides call resource allocation and including the soft handover between BS270
The mobile management function of the coordination of process.The data received are also routed to MSC280 by BSC275, its
Extra route service for forming interface with PSTN290 is provided.Similarly, PSTN290 with
MSC280 forms interface, and MSC and BSC275 forms interface, and BSC275 correspondingly controls BS270
So that forward link signals are sent into mobile terminal 100.
Based on above-mentioned mobile terminal hardware configuration and communication system, each embodiment of the inventive method is proposed.
Embodiment one
As shown in figure 3, the present embodiment proposes a kind of method of safe memory mobile terminal password, including:
S10, mobile terminal safety password is set;
Specifically, security password can be set in the setup module of mobile terminal, if user's selection is close
Code mode screen locking, then the security password is also used as screen-lock password simultaneously, if user selects other modes lock
Screen, then for this security password as startup password, length and complexity for password can do certain limit
System, for example require that Password Length is no less than 6, it is impossible to it is digital etc..
S20, the security password split into the first encryption unit and the second encryption unit;
Specifically, the security password step-by-step is split into the first encryption unit and the second encryption unit, for example used
The password of family input is a1b2c3, can split into abc and 123, can also split into a1b and 2c3,
Or other combinations.Assuming that password has split into abc and 123, then we just need abc and
123 are stored separately;As another embodiment, the security password can also be split as more than two parts,
For example (Subscriber Identity Module, client identify mould when including two SIM cards in mobile terminal
Block) or include a SIM card and a UIM card (User Identify Module, subscriber identification module)
When, security password can be divided into corresponding three parts, when in mobile terminal include more SIM cards (or
UIM cards) when, the security password can be split into the number of respective number, so that security password is more
Complicate, improve the security of mobile terminal.
S30, first encryption unit spliced with information of mobile terminal, and use the first AES
Preserved after encryption to the memory block of mobile terminal;
In the present embodiment, the information of mobile terminal is the fuselage information of mobile terminal, such as IMEI
(International Mobile Equipment Identity, be international mobile equipment identification number), MEID
(Mobile Equipment Identifier, mobile device identification code) etc.;First AES is not
Irreversible cryptographic algorithm, such as SHA or MD5 scheduling algorithms, still by taking above-mentioned example as an example, it is assumed that password is torn open
Abc and 123 are divide into, abc is encrypted with irreversible encryption algorithm, value and hand after then encrypting
The fuselage information of machine is spliced, and is encrypted again with irreversible encryption algorithm, preserves adding to mobile phone
Close file partition.
S40, second encryption unit spliced with subscriber identity information, and use the second AES
Preserved after encryption to subscriber identification card.
In the present embodiment, the subscriber identity information refers to information corresponding to subscriber identification card, institute
Stating subscriber identification card includes SIM card and UIM cards, wherein, SIM card is used for CHINAUNICOM and China
Mobile, for UIM cards for China Telecom, the subscriber identity information can be IMSI (International
Mobile Subscriber Identity, international mobile subscriber identity) etc. information on card;Second encryption
Algorithm is irreversible encryption algorithm, still by taking above-mentioned example as an example, it is assumed that password has split into abc and 123,
Abc is stored on mobile terminal, and 123 are encrypted with irreversible encryption algorithm, after then encrypting
Field in value and SIM (UIM) card is spliced, and is encrypted again with irreversible encryption algorithm,
Preserve to SIM (UIM) card, password is safer, and even if the password of two mobile phones complete one
Sample, due to the information association such as IMEI, then the value of actual storage is also different, that is to say, that every
The password actual storage value of platform mobile phone is all unique.Because password is to be stored respectively in mobile phone after encrypting
On encrypted file system subregion and SIM (UIM) card, then being can not be by factory reset, T
The modes such as card upgrade, Fota upgradings remove password, along with using irreversible encryption algorithm, just
It ensure that the security of password.
Embodiment two
As shown in figure 4, in the present embodiment, based on embodiment one, when user's body in mobile terminal
When the quantity of part identification card is two, i.e. the first subscriber identification card and second user identification card,
Second encryption unit is divided into the first subscriber identification card encryption unit and second user identification card adds
Compact part, correspondingly, the step S40 include:
S41, it will be used corresponding to same first subscriber identification card of the first subscriber identification card encryption unit
Family identity information is spliced, and using preservation after the encryption of the second AES to the first user identity identification
Card;
Specifically, first subscriber identification card can be SIM card or UIM cards, user's body
Part information can be information on the cards such as IMSI.
S42, by the second user identification card encryption unit with using corresponding to second user identification card
Family identity information is spliced, and using preservation after the encryption of the second AES to second user identification
Card.
Specifically, first subscriber identification card can be SIM card or UIM cards, user's body
Part information can be information on the cards such as IMSI.
As another embodiment, the subscriber identification card can identify use to be other kinds of
The identification card of family identity, such as virtual card, the quantity of the subscriber identification card in the mobile terminal
Can be two or more, when including more SIM cards (or UIM cards, virtual card) in mobile terminal,
The security password can be split into the number of respective number, so that security password more complicatedization, is improved
The security of mobile terminal.
Embodiment three
As shown in figure 5, in the present embodiment, based on embodiment one, after the step S10, S20
Also include before:
S11, the registration decoded information related to the security password, and protected after the decoded information is encrypted
Deposit to the memory block of mobile terminal, wherein, the decoded information includes being used to give the security password for change
Second mobile terminal number.
Specifically, the decoded information is primarily referred to as other mobile terminals in addition to mobile terminal own number
Number, can be by removing shifting when forgetting Password or password loss to what is preserved when registering decoded information
Other mobile terminal numbers outside dynamic terminal own number send temporary password;Mobile terminal user inputs just
After true temporary password, security password can be reset or removed;In addition, continuously inputted in mobile phone
After bad password causes phone lock, it can also send and face to other mobile terminal numbers of registration in advance automatically
When password;Assuming that lost mobile phone or being used by others, then user is after temporary password is received, so that it may
To know that mobile phone is in lost state, the possibility of getting back mobile phone there is.Here, can also set interim
The time of password failure, the time of temporary password is both sent to the mobile terminal number of input from mobile terminal
Start to calculate, temporary password how long interior failure;The time of specific temporary password failure can basis
It is actually needed flexible setting.In addition, registration relative decoding information, is selected for user flexibility, user
It can select to register, can also select not register, if do not registered, after password is forgotten or lost
Can only be solved by mode after sale.
For example, other mobile terminal numbers in addition to mobile terminal own number registered here as
13900000000, because the decoded information is also extremely important, so the decoded information uses DES or 3DES
Preserved Deng irreversible cryptographic algorithm to the encrypted file system subregion of mobile terminal, prevent from being cracked by lawless people;
The methods of factory reset simultaneously, T card upgrades, Fota upgradings, can not remove the decoded information.
In the present embodiment, also include after the step S40:
S50, verification security password;
Specifically, verification security password here, which mainly starts shooting to verify, conciliates screen locking verification.If user
Pin mode screen locking is selected, then the security password is also used as screen-lock password simultaneously, needs in such cases
Start verifies security password when conciliating screen locking.If user selects other modes screen locking, this safety is close
Code is only used as startup password, only carries out verification security password in start in such cases.Concrete mode and
The password step-by-step progress splitting and reorganizing that password pre-treating method is identical, first inputs user is stored, such as
The password of user's input is a1b2c3, and the password after splitting and reorganizing is abc and 123 respectively, is then entered respectively
Cryptographic check on row mobile terminal side and SIM (UIM) card.The cryptographic check mode of mobile terminal side
For:Abc is encrypted with irreversible encryption algorithm, the fuselage letter of the value and mobile terminal after then encrypting
Breath is spliced, and is encrypted again with irreversible encryption algorithm, value and mobile terminal after then encrypting
The password value of encrypted file system partitioned storage is compared to pair, if identical, mobile terminal side verifies
Pass through.Cryptographic check mode on SIM (UIM) card is:123 are added with irreversible encryption algorithm
Close, the field in value and SIM (UIM) card after then encrypting is spliced, and is added again with irreversible
Close algorithm is encrypted, and the value after then encrypting is compared pair with the password value stored on SIM (UIM) card,
If identical, the verification of card side passes through.Here AES, fuselage information, SIM (UIM)
Field on card is identical with embodiment one.If mobile terminal side and card side password verify logical
To cross, then allow user to operate mobile terminal, otherwise continuously input password three times by mistake, mobile terminal locks automatically,
And send temporary password to the mobile terminal number of registration in advance.Only after correct temporary password is inputted
Just allow to be once again set up password or remove password, otherwise mobile terminal is just constantly in lock-out state.This
Even if sample mobile terminal is lost, other people are also can not the normal use mobile terminal.Because password is point
Mobile terminal side and card side are not stored in, be there is a kind of special circumstances here, are exactly that mobile terminal changes
During card, even if Password Input is correct, then also only have mobile terminal side to verify and pass through, card side can school
Test failure.User can be prompted first to remove security password before card is changed in such cases, or mobile whole
Side verification to other mobile terminal numbers of registration in advance sends interim check code in the case of passing through,
Interim check code allows user to reset security password in the case of or removes security password.
In the present embodiment, also include after the step S50:
S60, remove security password;
Because password is that encryption is stored in mobile terminal side and card side respectively, and in mobile terminal side
Also no and in general user data is stored together password, then being can not be by factory reset, T
The conventional meanses such as card upgrade, Fota upgradings remove security password.Here removing security password mainly has
Three kinds of modes are removed.First way:In the case of correct security password is inputted, it is allowed to which user removes
Security password;The second way:In the case of input correctly interim verification password, it is allowed to which user removes
Security password;The third mode, removed by instrument after sale.
Example IV
As shown in fig. 6, in the present embodiment, there is provided a kind of device of safe memory mobile terminal password,
Including:
Setup module 10, for setting mobile terminal safety password;
Module 20 is split, for the security password to be split into the first encryption unit and the second encryption unit;
First memory module 30, for first encryption unit to be spliced with information of mobile terminal, and
Preserved after being encrypted using the first AES to the memory block of mobile terminal;
Second memory module 40, for second encryption unit to be spliced with subscriber identity information, and
Preserved after being encrypted using the second AES to subscriber identification card.
In the present embodiment, the fractionation module 20 is specially:The security password step-by-step is split into
One encryption unit and the second encryption unit;
First AES and the second AES are all irreversible encryption algorithm.
Embodiment five
As shown in fig. 7, in the present embodiment, based on example IV, the subscriber identification card includes
SIM card and UIM cards, when the quantity of the subscriber identification card in mobile terminal is two, by institute
State the second encryption unit and be divided into the first subscriber identification card encryption unit and second user identification card encryption
Portion, correspondingly, second memory module 40 include:
First subscriber identification card memory cell 41, for first subscriber identification card to be encrypted
Portion is spliced with subscriber identity information corresponding to the first subscriber identification card, and is calculated using the second encryption
Preserved after method encryption to the first subscriber identification card;
Second user identification card memory cell 42, for by the second user identification card encryption
Portion is spliced with subscriber identity information corresponding to second user identification card, and is calculated using the second encryption
Preserved after method encryption to second user identification card.
Embodiment six
As shown in figure 8, in the present embodiment, based on example IV, safe memory mobile terminal password
Device also includes:
Registering modules 50, for registering the decoded information related to the security password, and by the decoding
Preserved after information encryption to the encrypted file system subregion of mobile terminal, wherein, the decoded information includes
For giving the second mobile terminal number of the security password for change.
In the present embodiment, in addition to:
Correction verification module 60, distinguish for carrying out cryptographic check when mobile terminal-opening and solution screen locking, during verification
Opponent's pusher side and card side encrypted message be encrypted respectively after verification;
Module 70 is removed, security password is removed for user, wherein only in security password or interim school
Test Password Input it is correct in the case of can just remove security password;
Password recovery module 80, under mobile phone locked state or forget Password, password lose etc. feelings
Under condition, interim verification password is sent to other mobile terminal numbers of registration in advance.
It should be noted that herein, term " comprising ", "comprising" or its any other variant
Be intended to including for nonexcludability so that process, method, article including a series of elements or
Person's device not only includes those key elements, but also the other element including being not expressly set out, or also
Including for this process, method, article or the intrinsic key element of device.In the feelings not limited more
Under condition, the key element that is limited by sentence "including a ...", it is not excluded that the process including the key element,
Other identical element in method, article or device also be present.
The embodiments of the present invention are for illustration only, do not represent the quality of embodiment.
Through the above description of the embodiments, those skilled in the art can be understood that above-mentioned
Embodiment method can add the mode of required general hardware platform to realize by software, naturally it is also possible to logical
Cross hardware, but the former is more preferably embodiment in many cases.It is of the invention based on such understanding
The part that technical scheme substantially contributes to prior art in other words can in the form of software product body
Reveal and, the computer software product is stored in storage medium (such as ROM/RAM, magnetic disc, a light
Disk) in, including some instructions to cause a station terminal equipment (can be mobile phone, computer, service
Device, air conditioner, or network equipment etc.) perform method described in each embodiment of the present invention.
The preferred embodiments of the present invention are these are only, are not intended to limit the scope of the invention, it is every
The equivalent structure or equivalent flow conversion made using description of the invention and accompanying drawing content, or directly or
Connect and be used in other related technical areas, be included within the scope of the present invention.
Claims (10)
1. a kind of method of safe memory mobile terminal password, including:
Mobile terminal safety password is set;
The security password is split into the first encryption unit and the second encryption unit;
First encryption unit is spliced with information of mobile terminal, and encrypted using the first AES
Preserve afterwards to the memory block of mobile terminal;
Second encryption unit is spliced with subscriber identity information, and encrypted using the second AES
After preserve to subscriber identification card.
2. a kind of method of safe memory mobile terminal password according to claim 1, its feature exist
In the security password is split into the first encryption unit and the second encryption unit is specially:
The security password step-by-step is split into the first encryption unit and the second encryption unit.
3. a kind of method of safe memory mobile terminal password according to claim 1, its feature exist
In first AES and the second AES are all irreversible encryption algorithm.
4. a kind of method of safe memory mobile terminal password according to claim 1, its feature exist
In the subscriber identification card includes SIM card and UIM cards, when user's body in mobile terminal
When the quantity of part identification card is two, second encryption unit is divided into the encryption of the first subscriber identification card
Portion and second user identification card encryption unit, correspondingly, it is described by second encryption unit with user's body
Part information is spliced, and is specially using being preserved after the encryption of the second AES to subscriber identification card:
By the first subscriber identification card encryption unit with user's body corresponding to the first subscriber identification card
Part information is spliced, and using preservation after the encryption of the second AES to the first subscriber identification card;
By the second user identification card encryption unit with user's body corresponding to second user identification card
Part information is spliced, and using preservation after the encryption of the second AES to second user identification card.
5. a kind of method of safe memory mobile terminal password according to claim 1, its feature exist
In the setting mobile terminal safety password also includes afterwards:
The registration decoded information related to the security password, and will preserve after decoded information encryption to
The memory block of mobile terminal, wherein, the decoded information includes being used to give the second of the security password for change
Mobile terminal number.
6. a kind of device of safe memory mobile terminal password, including:
Setup module, for setting mobile terminal safety password;
Module is split, for the security password to be split into the first encryption unit and the second encryption unit;
First memory module, for first encryption unit to be spliced with information of mobile terminal, and adopt
Preserved after being encrypted with the first AES to the memory block of mobile terminal;
Second memory module, for second encryption unit to be spliced with subscriber identity information, and adopt
Preserved after being encrypted with the second AES to subscriber identification card.
7. a kind of device of safe memory mobile terminal password according to claim 6, its feature exist
In the fractionation module is specially:The security password step-by-step is split into the first encryption unit and second to add
Compact part;
First AES and the second AES are all irreversible encryption algorithm.
8. a kind of device of safe memory mobile terminal password according to claim 6, its feature exist
In the subscriber identification card includes SIM card and UIM cards, when user's body in mobile terminal
When the quantity of part identification card is two, second encryption unit is divided into the encryption of the first subscriber identification card
Portion and second user identification card encryption unit, correspondingly, second memory module includes:
First subscriber identification card memory cell, for by the first subscriber identification card encryption unit
Spliced with subscriber identity information corresponding to the first subscriber identification card, and use the second AES
Preserved after encryption to the first subscriber identification card;
Second user identification card memory cell, for by the second user identification card encryption unit
Spliced with subscriber identity information corresponding to second user identification card, and use the second AES
Preserved after encryption to second user identification card.
9. a kind of device of safe memory mobile terminal password according to claim 6, its feature exist
In, in addition to:
Registering modules, believe for registering the decoded information related to the security password, and by the decoding
Preserved after encryption for information to the memory block of mobile terminal, wherein, the decoded information includes described for giving for change
Second mobile terminal number of security password.
10. a kind of device of safe memory mobile terminal password according to claim 9, its feature
It is, in addition to:
Correction verification module, for carrying out cryptographic check when mobile terminal-opening and solution screen locking;
Module is removed, in the case of cryptographic check is correct, removing security password;
Password recovery module, for giving password for change by the Registering modules.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610362968.8A CN107437994A (en) | 2016-05-26 | 2016-05-26 | A kind of method and device of safe memory mobile terminal password |
PCT/CN2016/096053 WO2017201896A1 (en) | 2016-05-26 | 2016-08-19 | Method and apparatus for secure storage of password of mobile terminal |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610362968.8A CN107437994A (en) | 2016-05-26 | 2016-05-26 | A kind of method and device of safe memory mobile terminal password |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107437994A true CN107437994A (en) | 2017-12-05 |
Family
ID=60411025
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610362968.8A Pending CN107437994A (en) | 2016-05-26 | 2016-05-26 | A kind of method and device of safe memory mobile terminal password |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN107437994A (en) |
WO (1) | WO2017201896A1 (en) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110334505A (en) * | 2019-05-27 | 2019-10-15 | 深圳市好成绩网络科技有限公司 | Remove cryptographic methods, device and the electronic equipment of electronic equipment |
CN110855446B (en) * | 2019-11-27 | 2022-11-25 | 杭州迪普科技股份有限公司 | Password verification method and device |
CN114692113B (en) * | 2020-12-31 | 2024-02-13 | 成都鼎桥通信技术有限公司 | Decryption method, decryption device, mobile terminal and readable storage medium |
CN117812575A (en) * | 2022-09-23 | 2024-04-02 | 中兴通讯股份有限公司 | Password retrieving method, terminal device, electronic device and computer storage medium |
CN116680673B (en) * | 2023-06-20 | 2024-04-16 | 深圳市彤兴电子有限公司 | Identity verification method and device for display and computer equipment |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7600115B2 (en) * | 2005-04-05 | 2009-10-06 | Cisco Technology, Inc. | Control key capable of storing multiple and variable data packet classification results |
CN104683301B (en) * | 2013-11-28 | 2020-01-10 | 腾讯科技(深圳)有限公司 | Password storage method and device |
CN103984904A (en) * | 2014-05-27 | 2014-08-13 | 深圳市欧珀通信软件有限公司 | Method and device for preventing screen locking code of mobile terminal from being cracked |
CN104135371B (en) * | 2014-08-18 | 2017-07-14 | 新华三技术有限公司 | A kind of password store method and device |
CN105530637A (en) * | 2015-12-11 | 2016-04-27 | 北京元心科技有限公司 | Method for protecting subscriber privacy of intelligent terminal and intelligent terminal |
-
2016
- 2016-05-26 CN CN201610362968.8A patent/CN107437994A/en active Pending
- 2016-08-19 WO PCT/CN2016/096053 patent/WO2017201896A1/en active Application Filing
Also Published As
Publication number | Publication date |
---|---|
WO2017201896A1 (en) | 2017-11-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104915119B (en) | Terminal desktop icon method of adjustment and device | |
CN105208011B (en) | A kind of verifying system and method | |
CN105160264B (en) | Photo encryption device and method | |
CN104902463A (en) | Mobile terminal, multi-card management method for virtual card terminal thereof, and server | |
CN104636030B (en) | Method and device for starting application programs and mobile terminal | |
CN107437994A (en) | A kind of method and device of safe memory mobile terminal password | |
CN105117123A (en) | Device and method for displaying hidden object | |
CN104966013A (en) | Unlocking method and apparatus | |
CN105099701B (en) | A kind of method of terminal and terminal authentication | |
CN106453056A (en) | Mobile terminal and method for safely sharing picture | |
CN104836884A (en) | Standby unlocking method of mobile terminal, and mobile terminal | |
CN105095790A (en) | Hidden object view method and device | |
CN106817377A (en) | A kind of data encryption device, decryption device and method | |
CN106778523A (en) | Fingerprint input method and device | |
CN106095464B (en) | A kind of method and device of the seamless operation of application program | |
CN104834863A (en) | Wi-Fi password storage method and apparatus | |
CN104820797B (en) | Using the management method and device of account | |
CN105049582B (en) | A kind of save set of calling record, method and display methods | |
CN106899418A (en) | Information acquisition device and method | |
CN105101186A (en) | Mobile terminal and method and device for preventing information leakage of virtual SIM card thereof | |
CN104735254B (en) | terminal screen locking method and system | |
CN106791195A (en) | A kind of operation processing method and device | |
CN106507343A (en) | A kind of information processing method, mobile terminal and server | |
CN106778212A (en) | A kind of mobile terminal and control method | |
CN106161474A (en) | A kind of password determines apparatus and method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20171205 |
|
WD01 | Invention patent application deemed withdrawn after publication |