CN107437994A - A kind of method and device of safe memory mobile terminal password - Google Patents

Abstract

The invention discloses a kind of method and device of safe memory mobile terminal password, it is related to technical field of mobile terminals, this method includes：Mobile terminal safety password is set；The security password is split into the first encryption unit and the second encryption unit；First encryption unit is spliced with information of mobile terminal, and using preservation after the encryption of the first AES to the memory block of mobile terminal；Second encryption unit is spliced with subscriber identity information, and using preservation after the encryption of the second AES to subscriber identification card, the scheme provided according to embodiments of the present invention, by the way that password is carried out into splitting and reorganizing and encrypted, and preserve respectively to mobile terminal and SIM card (or UIM), improve the security of mobile terminal.

Description

A kind of method and device of safe memory mobile terminal password

Technical field

The present invention relates to technical field of mobile terminals, more particularly to a kind of safe memory mobile terminal password Method and device.

Background technology

In order to prevent other people from operating the mobile phone of oneself, mobile phone has screen-lock password or startup password at present, But in general way is all at user data subregion (data subregions) password storage, and is bright mostly Text storage, the problem of so causing is exactly that user cipher is easier to crack, even if password cracking is not, Password can also be removed by simple factory reset, do not influence the normal use of mobile phone, not enough peace Entirely.

The content of the invention

The main purpose of the embodiment of the present invention be a kind of method for proposing safe memory mobile terminal password and Device, by the way that password splitting and reorganizing and encrypt, and preserve respectively to mobile terminal and SIM card (or UIM on), the security of mobile terminal is improved.

To achieve the above object, on the one hand, a kind of method of safe memory mobile terminal password is provided, Including：

Mobile terminal safety password is set；

The security password is split into the first encryption unit and the second encryption unit；

First encryption unit is spliced with information of mobile terminal, and encrypted using the first AES Preserve afterwards to the memory block of mobile terminal；

Second encryption unit is spliced with subscriber identity information, and encrypted using the second AES After preserve to subscriber identification card.

Alternatively, the security password is split into the first encryption unit and the second encryption unit is specially：

The security password step-by-step is split into the first encryption unit and the second encryption unit.

Alternatively, first AES and the second AES are all irreversible encryption algorithm.

Alternatively, the subscriber identification card includes SIM card and UIM cards, when described in mobile terminal When the quantity of subscriber identification card is two, second encryption unit is divided into the first user identity identification Card encryption portion and second user identification card encryption unit, it is correspondingly, described that second encryption unit is same Subscriber identity information is spliced, and using preservation after the encryption of the second AES to subscriber identification card Specially：

By the first subscriber identification card encryption unit with user's body corresponding to the first subscriber identification card Part information is spliced, and using preservation after the encryption of the second AES to the first subscriber identification card；

By the second user identification card encryption unit with user's body corresponding to second user identification card Part information is spliced, and using preservation after the encryption of the second AES to second user identification card.

Alternatively, also include after the setting mobile terminal safety password：

The registration decoded information related to the security password, and will preserve after decoded information encryption to The memory block of mobile terminal, wherein, the decoded information includes being used to give the second of the security password for change Mobile terminal number.

On the other hand, there is provided a kind of device of safe memory mobile terminal password, including：

Setup module, for setting mobile terminal safety password；

Module is split, for the security password to be split into the first encryption unit and the second encryption unit；

First memory module, for first encryption unit to be spliced with information of mobile terminal, and adopt Preserved after being encrypted with the first AES to the memory block of mobile terminal；

Second memory module, for second encryption unit to be spliced with subscriber identity information, and adopt Preserved after being encrypted with the second AES to subscriber identification card.

Alternatively, the fractionation module is specially：The security password step-by-step is split into the first encryption unit With the second encryption unit；

First AES and the second AES are all irreversible encryption algorithm.

Alternatively, the subscriber identification card includes SIM card and UIM cards, when described in mobile terminal When the quantity of subscriber identification card is two, second encryption unit is divided into the first user identity identification Card encryption portion and second user identification card encryption unit, correspondingly, second memory module includes：

First subscriber identification card memory cell, for by the first subscriber identification card encryption unit Spliced with subscriber identity information corresponding to the first subscriber identification card, and use the second AES Preserved after encryption to the first subscriber identification card；

Second user identification card memory cell, for by the second user identification card encryption unit Spliced with subscriber identity information corresponding to second user identification card, and use the second AES Preserved after encryption to second user identification card.

Alternatively, in addition to：

Registering modules, believe for registering the decoded information related to the security password, and by the decoding Preserved after encryption for information to the memory block of mobile terminal, wherein, the decoded information includes described for giving for change Second mobile terminal number of security password.

Alternatively, in addition to：

Correction verification module, for carrying out cryptographic check when mobile terminal-opening and solution screen locking；

Module is removed, in the case of cryptographic check is correct, removing security password；

Password recovery module, for giving password for change by the Registering modules.

A kind of method and device of safe memory mobile terminal password proposed by the present invention, this method include： Mobile terminal safety password is set；The security password is split into the first encryption unit and the second encryption unit； First encryption unit is spliced with information of mobile terminal, and protected after being encrypted using the first AES Deposit to the memory block of mobile terminal；Second encryption unit is spliced with subscriber identity information, and adopted Preserved after being encrypted with the second AES to subscriber identification card, the side provided according to embodiments of the present invention Case, by the way that password splitting and reorganizing and encrypt, and preserve respectively to mobile terminal and SIM card (or UIM on), the security of mobile terminal is improved.

Brief description of the drawings

Fig. 1 is the hardware architecture diagram for realizing each optional mobile terminal of embodiment one of the present invention；

Fig. 2 is the wireless communication system schematic diagram of mobile terminal as shown in Figure 1；

Fig. 3 is a kind of method flow diagram for safe memory mobile terminal password that the embodiment of the present invention one provides；

Fig. 4 is a kind of method flow diagram for safe memory mobile terminal password that the embodiment of the present invention two provides；

Fig. 5 is a kind of method flow diagram for safe memory mobile terminal password that the embodiment of the present invention three provides；

Fig. 6 is that a kind of device for safe memory mobile terminal password that the embodiment of the present invention four provides is exemplary Structured flowchart；

Fig. 7 is that a kind of device for safe memory mobile terminal password that the embodiment of the present invention five provides is exemplary Structured flowchart；

Fig. 8 is that a kind of device for safe memory mobile terminal password that the embodiment of the present invention six provides is exemplary Structured flowchart.

The realization, functional characteristics and advantage of the object of the invention will be done further referring to the drawings in conjunction with the embodiments Explanation.

Embodiment

It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not used to limit The fixed present invention.

In follow-up description, such as " module ", " part " or " unit " for representing element are used Suffix only for be advantageous to the present invention explanation, itself do not have specific meaning.Therefore, " module " with " part " can be used mixedly.

Mobile terminal can be implemented in a variety of manners.For example, the terminal described in the present invention can include (individual digital helps by such as mobile phone, smart phone, notebook computer, digit broadcasting receiver, PDA Reason), PAD (tablet personal computer), PMP (portable media player), the mobile end of guider etc. End and the fixed terminal of such as digital TV, desktop computer etc..Hereinafter it is assumed that terminal is mobile whole End.However, it will be understood by those skilled in the art that in addition to being used in particular for moving the element of purpose, Construction according to the embodiment of the present invention can also apply to the terminal of fixed type.

Fig. 1 is the hardware architecture diagram for realizing each optional mobile terminal of embodiment one of the present invention.

Mobile terminal 100 can include wireless communication unit 110, A/V (audio/video) input block 120, User input unit 130, sensing unit 140, output unit 150, memory 160, interface unit 170, Controller 180 and power subsystem 190 etc..Fig. 1 shows the mobile terminal with various assemblies, but should What is understood is, it is not required that implements all components shown.More or less groups can alternatively be implemented Part.The element of mobile terminal will be discussed in more detail below.

Wireless communication unit 110 generally includes one or more assemblies, its allow mobile terminal 100 with it is wireless Radio communication between communication system or network.For example, wireless communication unit can include mobile communication It is at least one in module 112, wireless Internet module 113, short range communication module 114.

Mobile communication module 112 send radio signals to base station (for example, access point, node B etc.), At least one in exterior terminal and server and/or receive from it radio signal.Such radio Signal can include voice call signal, video calling signal or according to text and/or Multimedia Message The various types of data for sending and/or receiving.

Wireless Internet module 113 supports the Wi-Fi (Wireless Internet Access) of mobile terminal.The module can it is internal or Externally it is couple to terminal.Wi-Fi (Wireless Internet Access) technology involved by the module can include WLAN (nothings Line LAN) (Wi-Fi), Wibro (WiMAX), Wimax (worldwide interoperability for microwave accesses), HSDPA (at a high speed Downlink packets access) etc..

Short range communication module 114 is the module for supporting junction service.Some examples of short-range communication technology Including bluetooth TM, radio frequency identification (RFID), Infrared Data Association (IrDA), ultra wide band (UWB), purple honeybee TM etc..

A/V input blocks 120 are used to receive audio or video signal.A/V input blocks 120 can include taking the photograph As first 121 and microphone 1220, camera 121 in video acquisition mode or image capture mode by scheming As the static images or the view data of video that acquisition equipment obtains are handled.Picture frame after processing can To be shown on display unit 151.Picture frame after the processing of camera 121 can be stored in memory It is transmitted in 160 (or other storage mediums) or via wireless communication unit 110, can be according to mobile whole The construction at end provides two or more cameras 1210.Microphone 122 can be in telephone calling model, record In pattern, speech recognition mode etc. operational mode sound (voice data), and energy are received via microphone It is voice data enough by such acoustic processing.Audio (voice) data after processing can be in telephone relation mould The form output of mobile communication base station can be sent to via mobile communication module 112 by being converted in the case of formula. Microphone 122 can implement various types of noises elimination (or suppression) algorithms and received with eliminating (or suppression) With caused noise or interference during transmission audio signal.

The order that user input unit 130 can input according to user generates key input data to control movement The various operations of terminal.User input unit 130 allows user to input various types of information, and can be with Including keyboard, metal dome, touch pad (for example, detection resistance, pressure, electricity caused by being touched The sensitive component for the change held etc.), roller, rocking bar etc..Especially, when touch pad in the form of layer When being superimposed upon on display unit 151, touch-screen can be formed.

Sensing unit 140 detect mobile terminal 100 current state, (for example, the opening of mobile terminal 100 or Closed mode), the contact (that is, touch input) of the position of mobile terminal 100, user for mobile terminal 100 The presence or absence of, the acceleration or deceleration of the orientation of mobile terminal 100, mobile terminal 100 is mobile and direction etc., And generate order or the signal of the operation for controlling mobile terminal 100.For example, work as mobile terminal 100 When being embodied as sliding-type mobile phone, it is to engage on or off that sensing unit 140, which can sense the sliding-type number, Close.In addition, sensing unit 140 can detect whether power subsystem 190 provides electric power or interface unit 170 Whether coupled with external device (ED).

Interface unit 170 is used as at least one external device (ED) and connecing of can passing through is connected with mobile terminal 100 Mouthful.For example, external device (ED) can include wired or wireless head-band earphone port, external power source (or battery Charger) port, wired or wireless FPDP, memory card port, for connecting with identification module The port of device, audio input/output (I/O) port, video i/o port, ear port etc..Identify mould Block can be that storage is used to verify user using the various information of mobile terminal 100 and can include user Identification module (UIM), client identification module (SIM), Universal Subscriber identification module (USIM) etc..In addition, Device with identification module can (hereinafter referred to as " identification device ") take the form of smart card, therefore, know Other device can be connected via port or other attachment means with mobile terminal 100.Interface unit 170 can be with For receiving the input (for example, data message, electric power etc.) from external device (ED) and defeated by what is received Enter to be transferred to one or more elements in mobile terminal 100 or can be used in mobile terminal and outside Data are transmitted between device.

In addition, when mobile terminal 100 is connected with external base, interface unit 170 may be used as allowing to lead to It is crossed electric power is provided to the path of mobile terminal 100 from base or may be used as allowing to input from base Various command signals the path of mobile terminal is transferred to by it.From the various command signals of base input Or electric power may be used as the signal that whether is accurately fitted within base for identifying mobile terminal.Output is single Member 150 be configured to vision, audio and/or tactile manner provide output signal (for example, audio signal, Vision signal, alarm signal, vibration signal etc.).Output unit 150 can include display unit 151, Dio Output Modules 152 etc..

Display unit 151 may be displayed in mobile terminal 100 information handled.For example, work as mobile terminal 100 when being in telephone calling model, and display unit 151 can be shown with conversing or other communicating (for example, text This information receiving and transmitting, multimedia file are downloaded etc.) related user interface (UI) or graphic user interface (GUI).When mobile terminal 100 is in video calling pattern or image capture mode, display unit 151 Can show the image of capture and/or the image of reception, show video or image and correlation function UI or GUI etc..

Meanwhile when display unit 151 and touch pad in the form of layer it is superposed on one another to form touch-screen when, show Show that unit 151 may be used as input unit and output device.Display unit 151 can include liquid crystal display (LCD), thin film transistor (TFT) LCD (TFT-LCD), Organic Light Emitting Diode (OLED) display, flexibility are aobvious Show at least one of device, three-dimensional (3D) display etc..Some in these displays may be constructed such that For transparence to allow user to be watched from outside, this is properly termed as transparent display, typical transparent display It can be, for example, TOLED (transparent organic light emitting diode) display etc..According to specific desired implementation Mode, mobile terminal 100 can include two or more display units (or other display devices), for example, Mobile terminal can include outernal display unit (not shown) and inner display unit (not shown).Touch-screen can For detecting touch input pressure and touch input position and touch input area.

Dio Output Modules 152 can be in call signal reception pattern, call mode, note in mobile terminal When under the isotypes such as record pattern, speech recognition mode, broadcast reception mode, wireless communication unit 110 is connect The receive or voice data transducing audio signal that is stored in memory 160 and to export be sound.And And dio Output Modules 152 can provide to mobile terminal 100 perform specific function it is related audio it is defeated Go out (for example, call signal receives sound, message sink sound etc.).Dio Output Modules 152 can wrap Include loudspeaker, buzzer etc..

Memory 160 can store software program of the processing performed by controller 180 and control operation etc. Deng, or can temporarily store exported or will export data (for example, telephone directory, message, Still image, video etc.).Moreover, memory 160 can be stored on when touch is applied to touch-screen The vibration of various modes of output and the data of audio signal.

Memory 160 can include the storage medium of at least one type, the storage medium include flash memory, Hard disk, multimedia card, card-type memory (for example, SD or DX memories etc.), random access storage device (RAM), static random-access memory (SRAM), read-only storage (ROM), electrically erasable Read-only storage (EEPROM), programmable read only memory (PROM), magnetic storage, disk, light Disk etc..Moreover, mobile terminal 100 can be with the store function by network connection execution memory 160 Network storage device cooperation.

Controller 180 generally controls the overall operation of mobile terminal.For example, controller 180 performs and voice The related control and processing of call, data communication, video calling etc..In addition, controller 180 can wrap The multi-media module 1810 for reproducing (or playback) multi-medium data is included, multi-media module 1810 can construct In controller 180, or it can be structured as separating with controller 180.Controller 180 can be with execution pattern Identifying processing, by the handwriting input performed on the touchscreen or picture draw input be identified as character or Image.

Power subsystem 190 receives external power or internal power under the control of controller 180 and provides behaviour Make the appropriate electric power needed for each element and component.

Various embodiments described herein can be with use such as computer software, hardware or its any group The computer-readable medium of conjunction is implemented.Implement for hardware, embodiment described herein can pass through Use application-specific IC (ASIC), digital signal processor (DSP), digital signal processing device (DSPD), programmable logic device (PLD), field programmable gate array (FPGA), processor, control Device, microcontroller, microprocessor, it is designed to perform in the electronic unit of function described herein extremely Lack one kind to implement, in some cases, such embodiment can be implemented in controller 180.It is right In software implementation, the embodiment of such as process or function can be with allowing to perform at least one function or behaviour The single software module made is implemented.Software code can be by being write with any appropriate programming language Software application (or program) is implemented, and software code can be stored in memory 160 and by controlling Device 180 performs.

So far, mobile terminal is described according to its function.Below, for the sake of brevity, will describe Various types of mobile terminals of such as folded form, board-type, oscillating-type, slide type mobile terminal etc. In slide type mobile terminal as example.Therefore, the present invention can be applied to any kind of mobile whole End, and it is not limited to slide type mobile terminal.

With reference to figure 2, cdma wireless communication system can include multiple mobile terminals 100, multiple base stations (BS) 270, base station controller (BSC) 275 and mobile switching centre (MSC) 280.MSC280 is configured to Interface is formed with Public Switched Telephony Network (PSTN) 290.MSC280 be also structured to can via return The BSC275 that journey circuit is couple to base station 270 forms interface.Back haul link can be according to some known interfaces Any of construct, the interface includes such as E1/T1, ATM, IP, PPP, frame relay, HDSL, ADSL or xDSL.It will be appreciated that system can include multiple BSC2750 as shown in Figure 2.

Each BS270 can service one or more subregions (or region), by multidirectional antenna or point to certain party To antenna cover each subregion radially away from BS270.Or each subregion can be by for dividing Two or more antennas covering that collection receives.Each BS270, which may be constructed such that, supports multiple frequency distribution, And each frequency distribution has specific frequency spectrum (for example, 1.25MHz, 5MHz etc.).

What subregion and frequency were distributed, which intersects, can be referred to as CDMA Channel.BS270 can also be referred to as base station Transceiver subsystem (BTS) or other equivalent terms.In this case, term " base station " can be used In broadly representing single BSC275 and at least one BS270.Base station can also be referred to as " cellular station ". Or specific BS270 each subregion can be referred to as multiple cellular stations.

As shown in Figure 2, broadcast singal is sent to the shifting operated in system by broadcsting transmitter (BT) 295 Dynamic terminal 100.Broadcasting reception module 111 as shown in Figure 1 is arranged at mobile terminal 100 to receive The broadcast singal sent by BT295.In fig. 2 it is shown that several global positioning system (GPS) satellites 300. The help of satellite 300 positions at least one in multiple mobile terminals 100.

In fig. 2, multiple satellites 300 are depicted, it is understood that, any number of defend can be utilized Star obtains useful location information.

As a typical operation of wireless communication system, BS270 is received from various mobile terminals 100 Reverse link signal.Mobile terminal 100 generally participates in call, information receiving and transmitting and other types of communication.It is special The each reverse link signal for determining the reception of base station 270 is handled in specific BS270.The data of acquisition It is forwarded to the BSC275 of correlation.BSC provides call resource allocation and including the soft handover between BS270 The mobile management function of the coordination of process.The data received are also routed to MSC280 by BSC275, its Extra route service for forming interface with PSTN290 is provided.Similarly, PSTN290 with MSC280 forms interface, and MSC and BSC275 forms interface, and BSC275 correspondingly controls BS270 So that forward link signals are sent into mobile terminal 100.

Based on above-mentioned mobile terminal hardware configuration and communication system, each embodiment of the inventive method is proposed.

Embodiment one

As shown in figure 3, the present embodiment proposes a kind of method of safe memory mobile terminal password, including：

S10, mobile terminal safety password is set；

Specifically, security password can be set in the setup module of mobile terminal, if user's selection is close Code mode screen locking, then the security password is also used as screen-lock password simultaneously, if user selects other modes lock Screen, then for this security password as startup password, length and complexity for password can do certain limit System, for example require that Password Length is no less than 6, it is impossible to it is digital etc..

S20, the security password split into the first encryption unit and the second encryption unit；

Specifically, the security password step-by-step is split into the first encryption unit and the second encryption unit, for example used The password of family input is a1b2c3, can split into abc and 123, can also split into a1b and 2c3, Or other combinations.Assuming that password has split into abc and 123, then we just need abc and 123 are stored separately；As another embodiment, the security password can also be split as more than two parts, For example (Subscriber Identity Module, client identify mould when including two SIM cards in mobile terminal Block) or include a SIM card and a UIM card (User Identify Module, subscriber identification module) When, security password can be divided into corresponding three parts, when in mobile terminal include more SIM cards (or UIM cards) when, the security password can be split into the number of respective number, so that security password is more Complicate, improve the security of mobile terminal.

S30, first encryption unit spliced with information of mobile terminal, and use the first AES Preserved after encryption to the memory block of mobile terminal；

In the present embodiment, the information of mobile terminal is the fuselage information of mobile terminal, such as IMEI (International Mobile Equipment Identity, be international mobile equipment identification number), MEID (Mobile Equipment Identifier, mobile device identification code) etc.；First AES is not Irreversible cryptographic algorithm, such as SHA or MD5 scheduling algorithms, still by taking above-mentioned example as an example, it is assumed that password is torn open Abc and 123 are divide into, abc is encrypted with irreversible encryption algorithm, value and hand after then encrypting The fuselage information of machine is spliced, and is encrypted again with irreversible encryption algorithm, preserves adding to mobile phone Close file partition.

S40, second encryption unit spliced with subscriber identity information, and use the second AES Preserved after encryption to subscriber identification card.

In the present embodiment, the subscriber identity information refers to information corresponding to subscriber identification card, institute Stating subscriber identification card includes SIM card and UIM cards, wherein, SIM card is used for CHINAUNICOM and China Mobile, for UIM cards for China Telecom, the subscriber identity information can be IMSI (International Mobile Subscriber Identity, international mobile subscriber identity) etc. information on card；Second encryption Algorithm is irreversible encryption algorithm, still by taking above-mentioned example as an example, it is assumed that password has split into abc and 123, Abc is stored on mobile terminal, and 123 are encrypted with irreversible encryption algorithm, after then encrypting Field in value and SIM (UIM) card is spliced, and is encrypted again with irreversible encryption algorithm, Preserve to SIM (UIM) card, password is safer, and even if the password of two mobile phones complete one Sample, due to the information association such as IMEI, then the value of actual storage is also different, that is to say, that every The password actual storage value of platform mobile phone is all unique.Because password is to be stored respectively in mobile phone after encrypting On encrypted file system subregion and SIM (UIM) card, then being can not be by factory reset, T The modes such as card upgrade, Fota upgradings remove password, along with using irreversible encryption algorithm, just It ensure that the security of password.

Embodiment two

As shown in figure 4, in the present embodiment, based on embodiment one, when user's body in mobile terminal When the quantity of part identification card is two, i.e. the first subscriber identification card and second user identification card, Second encryption unit is divided into the first subscriber identification card encryption unit and second user identification card adds Compact part, correspondingly, the step S40 include：

S41, it will be used corresponding to same first subscriber identification card of the first subscriber identification card encryption unit Family identity information is spliced, and using preservation after the encryption of the second AES to the first user identity identification Card；

Specifically, first subscriber identification card can be SIM card or UIM cards, user's body Part information can be information on the cards such as IMSI.

S42, by the second user identification card encryption unit with using corresponding to second user identification card Family identity information is spliced, and using preservation after the encryption of the second AES to second user identification Card.

Specifically, first subscriber identification card can be SIM card or UIM cards, user's body Part information can be information on the cards such as IMSI.

As another embodiment, the subscriber identification card can identify use to be other kinds of The identification card of family identity, such as virtual card, the quantity of the subscriber identification card in the mobile terminal Can be two or more, when including more SIM cards (or UIM cards, virtual card) in mobile terminal, The security password can be split into the number of respective number, so that security password more complicatedization, is improved The security of mobile terminal.

Embodiment three

As shown in figure 5, in the present embodiment, based on embodiment one, after the step S10, S20 Also include before：

S11, the registration decoded information related to the security password, and protected after the decoded information is encrypted Deposit to the memory block of mobile terminal, wherein, the decoded information includes being used to give the security password for change Second mobile terminal number.

Specifically, the decoded information is primarily referred to as other mobile terminals in addition to mobile terminal own number Number, can be by removing shifting when forgetting Password or password loss to what is preserved when registering decoded information Other mobile terminal numbers outside dynamic terminal own number send temporary password；Mobile terminal user inputs just After true temporary password, security password can be reset or removed；In addition, continuously inputted in mobile phone After bad password causes phone lock, it can also send and face to other mobile terminal numbers of registration in advance automatically When password；Assuming that lost mobile phone or being used by others, then user is after temporary password is received, so that it may To know that mobile phone is in lost state, the possibility of getting back mobile phone there is.Here, can also set interim The time of password failure, the time of temporary password is both sent to the mobile terminal number of input from mobile terminal Start to calculate, temporary password how long interior failure；The time of specific temporary password failure can basis It is actually needed flexible setting.In addition, registration relative decoding information, is selected for user flexibility, user It can select to register, can also select not register, if do not registered, after password is forgotten or lost Can only be solved by mode after sale.

For example, other mobile terminal numbers in addition to mobile terminal own number registered here as 13900000000, because the decoded information is also extremely important, so the decoded information uses DES or 3DES Preserved Deng irreversible cryptographic algorithm to the encrypted file system subregion of mobile terminal, prevent from being cracked by lawless people； The methods of factory reset simultaneously, T card upgrades, Fota upgradings, can not remove the decoded information.

In the present embodiment, also include after the step S40：

S50, verification security password；

Specifically, verification security password here, which mainly starts shooting to verify, conciliates screen locking verification.If user Pin mode screen locking is selected, then the security password is also used as screen-lock password simultaneously, needs in such cases Start verifies security password when conciliating screen locking.If user selects other modes screen locking, this safety is close Code is only used as startup password, only carries out verification security password in start in such cases.Concrete mode and The password step-by-step progress splitting and reorganizing that password pre-treating method is identical, first inputs user is stored, such as The password of user's input is a1b2c3, and the password after splitting and reorganizing is abc and 123 respectively, is then entered respectively Cryptographic check on row mobile terminal side and SIM (UIM) card.The cryptographic check mode of mobile terminal side For：Abc is encrypted with irreversible encryption algorithm, the fuselage letter of the value and mobile terminal after then encrypting Breath is spliced, and is encrypted again with irreversible encryption algorithm, value and mobile terminal after then encrypting The password value of encrypted file system partitioned storage is compared to pair, if identical, mobile terminal side verifies Pass through.Cryptographic check mode on SIM (UIM) card is：123 are added with irreversible encryption algorithm Close, the field in value and SIM (UIM) card after then encrypting is spliced, and is added again with irreversible Close algorithm is encrypted, and the value after then encrypting is compared pair with the password value stored on SIM (UIM) card, If identical, the verification of card side passes through.Here AES, fuselage information, SIM (UIM) Field on card is identical with embodiment one.If mobile terminal side and card side password verify logical To cross, then allow user to operate mobile terminal, otherwise continuously input password three times by mistake, mobile terminal locks automatically, And send temporary password to the mobile terminal number of registration in advance.Only after correct temporary password is inputted Just allow to be once again set up password or remove password, otherwise mobile terminal is just constantly in lock-out state.This Even if sample mobile terminal is lost, other people are also can not the normal use mobile terminal.Because password is point Mobile terminal side and card side are not stored in, be there is a kind of special circumstances here, are exactly that mobile terminal changes During card, even if Password Input is correct, then also only have mobile terminal side to verify and pass through, card side can school Test failure.User can be prompted first to remove security password before card is changed in such cases, or mobile whole Side verification to other mobile terminal numbers of registration in advance sends interim check code in the case of passing through, Interim check code allows user to reset security password in the case of or removes security password.

In the present embodiment, also include after the step S50：

S60, remove security password；

Because password is that encryption is stored in mobile terminal side and card side respectively, and in mobile terminal side Also no and in general user data is stored together password, then being can not be by factory reset, T The conventional meanses such as card upgrade, Fota upgradings remove security password.Here removing security password mainly has Three kinds of modes are removed.First way：In the case of correct security password is inputted, it is allowed to which user removes Security password；The second way：In the case of input correctly interim verification password, it is allowed to which user removes Security password；The third mode, removed by instrument after sale.

Example IV

As shown in fig. 6, in the present embodiment, there is provided a kind of device of safe memory mobile terminal password, Including：

Setup module 10, for setting mobile terminal safety password；

Module 20 is split, for the security password to be split into the first encryption unit and the second encryption unit；

First memory module 30, for first encryption unit to be spliced with information of mobile terminal, and Preserved after being encrypted using the first AES to the memory block of mobile terminal；

Second memory module 40, for second encryption unit to be spliced with subscriber identity information, and Preserved after being encrypted using the second AES to subscriber identification card.

In the present embodiment, the fractionation module 20 is specially：The security password step-by-step is split into One encryption unit and the second encryption unit；

First AES and the second AES are all irreversible encryption algorithm.

Embodiment five

As shown in fig. 7, in the present embodiment, based on example IV, the subscriber identification card includes SIM card and UIM cards, when the quantity of the subscriber identification card in mobile terminal is two, by institute State the second encryption unit and be divided into the first subscriber identification card encryption unit and second user identification card encryption Portion, correspondingly, second memory module 40 include：

First subscriber identification card memory cell 41, for first subscriber identification card to be encrypted Portion is spliced with subscriber identity information corresponding to the first subscriber identification card, and is calculated using the second encryption Preserved after method encryption to the first subscriber identification card；

Second user identification card memory cell 42, for by the second user identification card encryption Portion is spliced with subscriber identity information corresponding to second user identification card, and is calculated using the second encryption Preserved after method encryption to second user identification card.

Embodiment six

As shown in figure 8, in the present embodiment, based on example IV, safe memory mobile terminal password Device also includes：

Registering modules 50, for registering the decoded information related to the security password, and by the decoding Preserved after information encryption to the encrypted file system subregion of mobile terminal, wherein, the decoded information includes For giving the second mobile terminal number of the security password for change.

In the present embodiment, in addition to：

Correction verification module 60, distinguish for carrying out cryptographic check when mobile terminal-opening and solution screen locking, during verification Opponent's pusher side and card side encrypted message be encrypted respectively after verification；

Module 70 is removed, security password is removed for user, wherein only in security password or interim school Test Password Input it is correct in the case of can just remove security password；

Password recovery module 80, under mobile phone locked state or forget Password, password lose etc. feelings Under condition, interim verification password is sent to other mobile terminal numbers of registration in advance.

It should be noted that herein, term " comprising ", "comprising" or its any other variant Be intended to including for nonexcludability so that process, method, article including a series of elements or Person's device not only includes those key elements, but also the other element including being not expressly set out, or also Including for this process, method, article or the intrinsic key element of device.In the feelings not limited more Under condition, the key element that is limited by sentence "including a ...", it is not excluded that the process including the key element, Other identical element in method, article or device also be present.

The embodiments of the present invention are for illustration only, do not represent the quality of embodiment.

Through the above description of the embodiments, those skilled in the art can be understood that above-mentioned Embodiment method can add the mode of required general hardware platform to realize by software, naturally it is also possible to logical Cross hardware, but the former is more preferably embodiment in many cases.It is of the invention based on such understanding The part that technical scheme substantially contributes to prior art in other words can in the form of software product body Reveal and, the computer software product is stored in storage medium (such as ROM/RAM, magnetic disc, a light Disk) in, including some instructions to cause a station terminal equipment (can be mobile phone, computer, service Device, air conditioner, or network equipment etc.) perform method described in each embodiment of the present invention.

The preferred embodiments of the present invention are these are only, are not intended to limit the scope of the invention, it is every The equivalent structure or equivalent flow conversion made using description of the invention and accompanying drawing content, or directly or Connect and be used in other related technical areas, be included within the scope of the present invention.

Claims (10)

1. a kind of method of safe memory mobile terminal password, including：

Mobile terminal safety password is set；

The security password is split into the first encryption unit and the second encryption unit；

First encryption unit is spliced with information of mobile terminal, and encrypted using the first AES Preserve afterwards to the memory block of mobile terminal；

Second encryption unit is spliced with subscriber identity information, and encrypted using the second AES After preserve to subscriber identification card.

2. a kind of method of safe memory mobile terminal password according to claim 1, its feature exist In the security password is split into the first encryption unit and the second encryption unit is specially：

The security password step-by-step is split into the first encryption unit and the second encryption unit.

3. a kind of method of safe memory mobile terminal password according to claim 1, its feature exist In first AES and the second AES are all irreversible encryption algorithm.

4. a kind of method of safe memory mobile terminal password according to claim 1, its feature exist In the subscriber identification card includes SIM card and UIM cards, when user's body in mobile terminal When the quantity of part identification card is two, second encryption unit is divided into the encryption of the first subscriber identification card Portion and second user identification card encryption unit, correspondingly, it is described by second encryption unit with user's body Part information is spliced, and is specially using being preserved after the encryption of the second AES to subscriber identification card：

By the first subscriber identification card encryption unit with user's body corresponding to the first subscriber identification card Part information is spliced, and using preservation after the encryption of the second AES to the first subscriber identification card；

By the second user identification card encryption unit with user's body corresponding to second user identification card Part information is spliced, and using preservation after the encryption of the second AES to second user identification card.

5. a kind of method of safe memory mobile terminal password according to claim 1, its feature exist In the setting mobile terminal safety password also includes afterwards：

The registration decoded information related to the security password, and will preserve after decoded information encryption to The memory block of mobile terminal, wherein, the decoded information includes being used to give the second of the security password for change Mobile terminal number.

6. a kind of device of safe memory mobile terminal password, including：

Setup module, for setting mobile terminal safety password；

Module is split, for the security password to be split into the first encryption unit and the second encryption unit；

First memory module, for first encryption unit to be spliced with information of mobile terminal, and adopt Preserved after being encrypted with the first AES to the memory block of mobile terminal；

Second memory module, for second encryption unit to be spliced with subscriber identity information, and adopt Preserved after being encrypted with the second AES to subscriber identification card.

7. a kind of device of safe memory mobile terminal password according to claim 6, its feature exist In the fractionation module is specially：The security password step-by-step is split into the first encryption unit and second to add Compact part；

First AES and the second AES are all irreversible encryption algorithm.

8. a kind of device of safe memory mobile terminal password according to claim 6, its feature exist In the subscriber identification card includes SIM card and UIM cards, when user's body in mobile terminal When the quantity of part identification card is two, second encryption unit is divided into the encryption of the first subscriber identification card Portion and second user identification card encryption unit, correspondingly, second memory module includes：

First subscriber identification card memory cell, for by the first subscriber identification card encryption unit Spliced with subscriber identity information corresponding to the first subscriber identification card, and use the second AES Preserved after encryption to the first subscriber identification card；

Second user identification card memory cell, for by the second user identification card encryption unit Spliced with subscriber identity information corresponding to second user identification card, and use the second AES Preserved after encryption to second user identification card.

9. a kind of device of safe memory mobile terminal password according to claim 6, its feature exist In, in addition to：

Registering modules, believe for registering the decoded information related to the security password, and by the decoding Preserved after encryption for information to the memory block of mobile terminal, wherein, the decoded information includes described for giving for change Second mobile terminal number of security password.

10. a kind of device of safe memory mobile terminal password according to claim 9, its feature It is, in addition to：

Correction verification module, for carrying out cryptographic check when mobile terminal-opening and solution screen locking；

Module is removed, in the case of cryptographic check is correct, removing security password；

Password recovery module, for giving password for change by the Registering modules.