CN107483199A - Information Authentication method and device - Google Patents

Information Authentication method and device Download PDF

Info

Publication number
CN107483199A
CN107483199A CN201710934172.XA CN201710934172A CN107483199A CN 107483199 A CN107483199 A CN 107483199A CN 201710934172 A CN201710934172 A CN 201710934172A CN 107483199 A CN107483199 A CN 107483199A
Authority
CN
China
Prior art keywords
character string
parameter
entry name
length
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710934172.XA
Other languages
Chinese (zh)
Inventor
张云帆
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chongqing Hao Feng Agel Ecommerce Ltd
Original Assignee
Chongqing Hao Feng Agel Ecommerce Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chongqing Hao Feng Agel Ecommerce Ltd filed Critical Chongqing Hao Feng Agel Ecommerce Ltd
Priority to CN201710934172.XA priority Critical patent/CN107483199A/en
Publication of CN107483199A publication Critical patent/CN107483199A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2151Time stamp

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)

Abstract

In the Information Authentication method and device that the embodiment of the present application provides, entry name is extracted from framework hyperlink request, and obtain checking parameter corresponding to entry name;Obtain the timestamp parameter of current system, timestamp parameter is attached to the ending of the first parameter character string, by the first parameter character string and timestamp parameter collectively as the second parameter character string, obtain the length of the second parameter character string, then the length of character string to be verified is obtained according to the length of the second parameter character string, entry name and timestamp parameter, is designated as L.Intercepted length is L character string from the second parameter character string, as character string to be verified, verification carried out to the character string to be verified obtain first to check character string, first, which is checked character, to go here and there is attached at the ending of the second parameter character string, as the 3rd parameter character string.

Description

Information Authentication method and device
Technical field
The application is related to internet arena, in particular to a kind of Information Authentication method and device.
Background technology
It is presently in existence some solutions encrypted and verified for RESTful API, in terms of encryption, existing skill Art either uses symmetric cryptography or asymmetric encryption techniques, is to sending using certificate fixed in programming The link of RESTful HTTP requests or content are encrypted.If using modular cluster service, then be sent to , randomness is relatively low for the encryption key of all service modules and cipher mode.
In terms of checking, current techniques are mostly to carry out hash check to specified some or all of parameters, lack randomness. The low randomness of two aspects hides some dangers for the safety of whole system.
Apply for content
In view of this, the embodiment of the present application provides a kind of Information Authentication method and device, is tested with improving existing information Card method lacks the technical problem of randomness in encryption key, cipher mode, hash check.
To achieve the above object, the embodiment of the present application provides a kind of Information Authentication method, and methods described includes:From described Framework hyperlink request extracts the entry name, and obtains checking parameter corresponding to the entry name;Obtain the time of current system Stab parameter, the timestamp parameter be attached to the ending of the first parameter character string, by the first parameter character string and Timestamp parameter is collectively as the second parameter character string;The length of the second parameter character string is obtained, according to the described second ginseng Length, entry name and the timestamp parameter of numeric string obtain the length of character string to be verified, are designated as L;From the described second ginseng Intercepted length is L character string in numeric string, as character string to be verified;The character string to be verified is verified Obtain first to check character string, the ending gone here and there and be attached to the second parameter character string that described first is checked character, by described the Two parameter character strings and first check character string collectively as the 3rd parameter character string.
The embodiment of the present application additionally provides a kind of Information Authentication device, and described device includes:Checking parameter module, for from The framework hyperlink request extracts the entry name, and obtains checking parameter corresponding to the entry name;Second parameter character string Module, for obtaining the timestamp parameter of current system, the timestamp parameter is attached to the knot of the first parameter character string Tail, by the first parameter character string and timestamp parameter collectively as the second parameter character string;String length to be verified Module, for obtaining the length of the second parameter character string, according to the length of the second parameter character string, entry name and Timestamp parameter obtains the length of character string to be verified, is designated as L;Character string module to be verified, for from second parameter word The character string that intercepted length is L in symbol string, as character string to be verified;3rd parameter character string module, for described Character string to be verified carries out verification and obtains first checking character string, and the described first string of checking character is attached into second parameter word The ending of string is accorded with, the second parameter character string and first are checked character into string collectively as the 3rd parameter character string.
The Information Authentication method and device that the embodiment of the present application provides has the beneficial effect that:
In the Information Authentication method and device that the embodiment of the present application provides, entry name is extracted from framework hyperlink request, and obtain Take checking parameter corresponding to entry name;The timestamp parameter of current system is obtained, timestamp parameter is attached to the first parameter character The ending of string, by the first parameter character string and timestamp parameter collectively as the second parameter character string, obtain the second parameter word The length of string is accorded with, character string to be verified is then obtained according to the length of the second parameter character string, entry name and timestamp parameter Length, be designated as L.Intercepted length is L character string from the second parameter character string, as character string to be verified, to this Character string to be verified carries out verification and obtains first checking character string, the knot gone here and there and be attached to the second parameter character string that first is checked character At tail, as the 3rd parameter character string.The application provide Information Authentication method can obtain checking parameter corresponding to entry name with And timestamp parameter, and character string to be verified is chosen using it, then treat string verification acquisition first of checking character and check character String, then obtain the 3rd parameter character string of string of being checked character comprising first.Compared with existing method of calibration, what the application provided Information Authentication method randomness is stronger, so as to the security beneficial to safeguards system.
Brief description of the drawings
, below will be to embodiment or existing for clearer explanation the embodiment of the present application or technical scheme of the prior art There is the required accompanying drawing used in technology description to be briefly described, it should be apparent that, drawings in the following description are only this Some embodiments of application, for those of ordinary skill in the art, on the premise of not paying creative work, can be with Other accompanying drawings are obtained according to these accompanying drawings.
Fig. 1 is the application environment schematic diagram of the embodiment of the present application;
Fig. 2 is the flow chart for the Information Authentication method that the application first embodiment provides;
Fig. 3 is the part schematic flow sheet for the Information Authentication method that the application first embodiment provides;
Fig. 4 is the part schematic flow sheet for the Information Authentication method that the application first embodiment provides;
Fig. 5 is the part schematic flow sheet for the Information Authentication method that the application first embodiment provides;
Fig. 6 is the part schematic flow sheet for the Information Authentication method that the application first embodiment provides;
Fig. 7 is the structured flowchart for the Information Authentication device that the application second embodiment provides.
Embodiment
Fig. 1 shows a kind of structured flowchart for the server 20 that can be applied in the embodiment of the present application.As shown in figure 1, institute Stating server 20 includes memory 202, storage control 204, one or more (one is only shown in figure) processors 206, outer If interface 208, radio-frequency module 210 etc..These components are mutually communicated by one or more communication bus/signal wire 216.
Memory 202 can be used for storage software program and module, such as the Information Authentication method in the embodiment of the present invention and Programmed instruction/module corresponding to device, processor 206 are stored in software program and module in memory 202 by operation, So as to perform various function application and data processing, such as Information Authentication method provided in an embodiment of the present invention.
Memory 202 may include high speed random access memory, may also include nonvolatile memory, such as one or more magnetic Property storage device, flash memory or other non-volatile solid state memories.Processor 206 and other possible components are to storage The access of device 202 can be carried out under the control of storage control 204.
Various input/output devices are coupled to processor 206 and memory 202 by Peripheral Interface 208.In some implementations In example, Peripheral Interface 208, processor 206 and storage control 204 can be realized in one single chip.In some other reality In example, they can be realized by independent chip respectively.
Radio-frequency module 210 is used to receiving and sending electromagnetic wave, realizes the mutual conversion of electromagnetic wave and electric signal, so that with Communication network or other equipment are communicated.
It is appreciated that structure shown in Fig. 1 is only to illustrate, user terminal 20 may also include it is more more than shown in Fig. 1 or Less component, or there is the configuration different from shown in Fig. 1.Each component shown in Fig. 1 can use hardware, software or its Combination is realized.
First embodiment
Fig. 2 is referred to, Fig. 2 shows the schematic flow sheet for the Information Authentication method that the application first embodiment provides, tool Body comprises the following steps:
Step S110, the entry name is extracted from the framework hyperlink request, and obtain and verified corresponding to the entry name Parameter.
Framework hyperlink request is specifically as follows Restful hyperlink requests, and link is specifically as follows:http(s):// example.com/v1/model/methodParam1=1&param2=2, wherein, v1 is version number, and model is project Name, method is method name, and param1, param2 are parameter name, and param1=1&param2=2 is parameter character string, Question mark between method and parameter character stringFor the connector of method name and parameter.First obtain in the framework hyperlink request Entry name, then obtain the checking parameter of entry name.Checking parameter is parameter corresponding with entry name, is represented with factor, example Such as factor=3.
Fig. 4 is referred to, before step S110, is also comprised the following steps:
Step S101, receive framework hyperlink request.
Framework hyperlink request can be first received, then framework hyperlink request is handled again.
Step S102, judges whether the framework hyperlink request meets call format, if so, performing step S110.
Judge whether to meet to require, that is, judge whether to meet http (s)://example.com/v1/model/method Param1=1&param2=2 call format.
Step S120, the timestamp parameter of current system is obtained, the timestamp parameter is attached to first parameter word The ending of string is accorded with, by the first parameter character string and timestamp parameter collectively as the second parameter character string.
Timestamp parameter refers to from zero second on the stroke of midnight millisecond numerical value so far on January 1st, 1970, and timestamp parameter can be with Represented with timestamp, such as timestamp=1504669883844, the knot of the first parameter character string is attached to as parameter Tail.First parameter character string refers to parameter character string mentioned above.With http (s)://example.com/v1/model/ methodIllustrated exemplified by param1=1&param2=2, the first parameter character string is param1=1&param2=2.Will Timestamp is attached to the ending of the first parameter character string, i.e. param1=1&param2=2&timestamp=1504669883844 For the second parameter character string.
Step S130, the length of the second parameter character string is obtained, according to the length of the second parameter character string, item Mesh name and timestamp parameter obtain the length of character string to be verified, are designated as L.
The length of the second parameter character string is obtained, the length of the second parameter character string is represented with Length, specifically, Length length can be 41.
The length of character string to be verified, character string to be verified are obtained by timestamp X factor mod Length Length represent that specifically, L length can be 34 with L.
Step S140, intercepted length is L character string from the second parameter character string, as character to be verified String.
34 words before being intercepted from front to back from param1=1&param2=2&timestamp=1504669883844 Symbol, i.e. param1=1&param2=2&timestamp=150466, using the character string as character string to be verified.
Step S150, verification is carried out to the character string to be verified obtain first to check character string, described first is verified Character string is attached to the ending of the second parameter character string, and the second parameter character string and first are checked character into string jointly As the 3rd parameter character string.
String of checking character can specifically be treated and carry out hash check, such as to param1=1&param2=2& Timestamp=150466 carry out MD5 verifications, obtain MD5 check character string S= D19e5c306de66aa2da0330d5fd557c9b, this section of character string are first to check character string, and this first is checked character String can be attached to the ending of the second parameter character string, and the 3rd parameter character string is specially:
Param1=1&param2=2&timestamp=1504669883844&md5= d19e5c306de66aa2da0330d5fd557c9b。
Fig. 3 is referred to, methods described also comprises the following steps:
Step S160, obtain entry name key seed corresponding with the entry name.
Key seed 1, such as abcdefgh are obtained according to entry name model.
Step S170, the entry name key seed and general key seed group are turned into the first complete key seed.
Key seed 1 and general key seed such as 12345678 are formed to the complete key seed into 16: Abcdefgh12345678, abcdefgh12345678 are the first complete key seed.
Step S180, according to the described first complete key seed generation encryption key.
According to the first complete key seed abcdefgh12345678 generation AES encryption keys K.
Step S190, it is encrypted according to the 3rd parameter character string described in the encryption secret key pair.
The 3rd parameter character string is encrypted according to encryption key K, obtains ciphertext character string.
Such as the 3rd parameter character string is encrypted, ciphertext character string can be obtained.
Step S200, the ciphertext character string obtained using encryption replaces the 3rd parameter character string, after being encrypted Framework hyperlink request.
The 3rd parameter character string is replaced with ciphertext character string, can be with the framework hyperlink request after being encrypted.
Fig. 5 is referred to, methods described also includes:
Step S210, receive the framework hyperlink request after encryption.
Mainly parameter string portions are encrypted for framework hyperlink request after encryption, therefore, framework hyperlink request Version number, the information such as entry name still can be acquired.
Step S220, obtain the entry name of the framework hyperlink request and entry name key kind corresponding with the entry name Son.
Obtain the entry name of the framework hyperlink request after the encryption, and entry name key kind corresponding with the entry name Son, such as the entry name key seed are abcdefgh.
Step S230, the entry name key seed and the general key seed are formed into the second complete key seed.
It is combined with general key seed 12345678, obtains the second complete key seed abcdefgh12345678.
Step S240, according to the described second complete key seed generation decryption key.
According to the second complete key seed generation decryption key, the decryption key is corresponding with encryption key, that is, is similarly K。
Step S250, it is decrypted using ciphertext character string described in the decryption secret key pair, obtains the 3rd parameter character string.
The ciphertext character string in the framework hyperlink request after encryption is decrypted using key K is decrypted, obtains the 3rd ginseng Numeric string.
Fig. 6 is referred to, methods described also includes:
Step S260, the entry name in the framework hyperlink request after encryption is obtained, and obtain school corresponding to the entry name Test parameter.
The entry name in the framework hyperlink request after encryption is obtained, and obtains checking parameter corresponding to entry name, that is, is obtained Factor=3.
Step S270, obtain the length of the second parameter character string, and the timestamp ginseng in the second parameter character string Number.
The timestamp parameter in Length and the second parameter character string is obtained, specifically, MD5 (H1) value can be ignored So as to obtain the length Length of the second parameter character string.
Step S280, obtained according to the length of the second parameter character string, the checking parameter and timestamp parameter The length L of character string to be verified.
The length of character string to be verified, character string to be verified are obtained by timestamp X factor mod Length Length represent that specifically, L length can be 34 with L.
Step S290, checking character for the 3rd parameter character string is removed, from the 3rd ginseng checked character described in removal Intercepted length is L character string in numeric string, and carrying out verification acquisition second to the character string that the length is L checks character String.
MD5 hash checks are carried out to L character string, obtain md5 values (H2).
Step S300, judge whether the described second string of checking character equal with the first string of checking character, if so, then verify into Work(.
Judge second check character string with first check character go here and there it is whether identical, if so, then surface verifies successfully.
Application scheme realizes to be combined for the different key of the disparate modules generation of network service, makes the generation of key With using certain randomness is carried, key and the security of ciphering process are further improved.
Application scheme realizes and Restful is calculated at random using the weight coefficient of timestamp and each module simultaneously The string length of progress hash check is needed in required parameter character string, the word of the length is then intercepted from parameter character string Symbol string carries out hash check, and is no longer to choose individual parameters to carry out hash check, considerably simplify Restful The code of encryption and the verification of API request is realized, and improves security to a certain extent.
Second embodiment
Fig. 7 is referred to, Fig. 7 shows the Information Authentication device that the application second embodiment provides, and the device 300 includes:
Checking parameter module 310, for extracting the entry name from the framework hyperlink request, and obtain the entry name Corresponding checking parameter.
Second parameter character string module 320, it is for obtaining the timestamp parameter of current system, the timestamp parameter is attached In the ending of the first parameter character string, by the first parameter character string and timestamp parameter collectively as the second parameter Character string.
String length module 330 to be verified, for obtaining the length of the second parameter character string, according to described second Length, entry name and the timestamp parameter of parameter character string obtain the length of character string to be verified, are designated as L.
Character string module 340 to be verified, will for the character string that intercepted length is L from the second parameter character string It is as character string to be verified.
3rd parameter character string module 350, checked character for carrying out verification acquisition first to the character string to be verified String, the described first string of checking character is attached to the ending of the second parameter character string, by the second parameter character string and First checks character string collectively as the 3rd parameter character string.
The Information Authentication device that the application second embodiment provides also includes:
Entry name key module, for obtaining entry name key seed corresponding with the entry name.
First complete key seed module, for the entry name key seed and general key seed group to be turned into first Complete key seed.
Key generation module is encrypted, for according to the described first complete key seed generation encryption key.
Encrypting module, it is encrypted for the 3rd parameter character string according to the encryption secret key pair.
Encryption Architecture acquisition module, the ciphertext character string for being obtained using encryption replace the 3rd parameter character string, Framework hyperlink request after being encrypted.
Receiving module is linked, for receiving framework hyperlink request.
Form judge module, for judging whether the framework hyperlink request meets call format, if so, performing " from institute State framework hyperlink request and extract the entry name, and obtain checking parameter corresponding to the entry name " step.
Framework request receiving module, for receiving the framework hyperlink request after encrypting.
Entry name key seed module, for obtaining the entry name of the framework hyperlink request and corresponding with the entry name Entry name key seed.
Second complete key seed module, for by the entry name key seed and the general key seed composition the Two complete key seeds.
Key generation module is decrypted, for according to the described second complete key seed generation decryption key.
3rd parameter character string module, for being decrypted using ciphertext character string described in the decryption secret key pair, obtain 3rd parameter character string.
Checking parameter module, for obtaining the entry name in the framework hyperlink request after encrypting, and obtain the entry name Corresponding checking parameter.
Timestamp parameter module, for obtaining the length of the second parameter character string, and in the second parameter character string Timestamp parameter.
String length module to be verified, for the length according to the second parameter character string, the checking parameter with And the length L of timestamp gain of parameter character string to be verified.
Second checks character string module, for removing checking character for the 3rd parameter character string, from removing the school The character string that intercepted length in the 3rd parameter character string of character is L is tested, verification acquisition is carried out to the character string that the length is L Second checks character string.
Judge module is verified, for judging whether the described second string of checking character is equal with the first string of checking character, if so, Then verify successfully.
The Information Authentication device that the application second embodiment provides is relative with the Information Authentication method that first embodiment provides Should, just do not repeat herein.
In the Information Authentication method and device that the embodiment of the present application provides, entry name is extracted from framework hyperlink request, and obtain Take checking parameter corresponding to entry name;The timestamp parameter of current system is obtained, timestamp parameter is attached to the first parameter character The ending of string, by the first parameter character string and timestamp parameter collectively as the second parameter character string, obtain the second parameter word The length of string is accorded with, character string to be verified is then obtained according to the length of the second parameter character string, entry name and timestamp parameter Length, be designated as L.Intercepted length is L character string from the second parameter character string, as character string to be verified, to this Character string to be verified carries out verification and obtains first checking character string, the knot gone here and there and be attached to the second parameter character string that first is checked character At tail, as the 3rd parameter character string.The application provide Information Authentication method can obtain checking parameter corresponding to entry name with And timestamp parameter, and character string to be verified is chosen using it, then treat string verification acquisition first of checking character and check character String, then obtain the 3rd parameter character string of string of being checked character comprising first.Compared with existing method of calibration, what the application provided Information Authentication method randomness is stronger, so as to the security beneficial to safeguards system.
It should be noted that each embodiment in this specification is described by the way of progressive, each embodiment weight Point explanation is all difference with other embodiment, between each embodiment identical similar part mutually referring to. For device class embodiment, because it is substantially similar to embodiment of the method, so description is fairly simple, related part is joined See the part explanation of embodiment of the method.
In several embodiments provided herein, it should be understood that disclosed apparatus and method, it can also be passed through Its mode is realized.Device embodiment described above is only schematical, for example, the flow chart and block diagram in accompanying drawing show Device, architectural framework in the cards, the work(of method and computer program product of multiple embodiments according to the application are shown Can and it operate.At this point, each square frame in flow chart or block diagram can represent one of a module, program segment or code Point, a part for the module, program segment or code includes one or more and is used to realize the executable of defined logic function Instruction.It should also be noted that at some as in the implementation replaced, the function of being marked in square frame can also be with different from attached The order marked in figure occurs.For example, two continuous square frames can essentially perform substantially in parallel, they also may be used sometimes To perform in the opposite order, this is depending on involved function.It is it is also noted that each in block diagram and/or flow chart The combination of square frame and the square frame in block diagram and/or flow chart, can use function or action as defined in performing it is special based on The system of hardware is realized, or can be realized with the combination of specialized hardware and computer instruction.
In addition, each functional module in each embodiment of the application can integrate to form an independent portion Point or modules individualism, can also two or more modules be integrated to form an independent part.
If the function is realized in the form of software function module and is used as independent production marketing or in use, can be with It is stored in a computer read/write memory medium.Based on such understanding, the technical scheme of the application is substantially in other words The part to be contributed to prior art or the part of the technical scheme can be embodied in the form of software product, the meter Calculation machine software product is stored in a storage medium, including some instructions are causing a computer equipment (can be People's computer, server, or network equipment etc.) perform each embodiment methods described of the application all or part of step. And foregoing storage medium includes:USB flash disk, mobile hard disk, read-only storage (ROM, Read-Only Memory), arbitrary access are deposited Reservoir (RAM, Random Access Memory), magnetic disc or CD etc. are various can be with the medium of store program codes.Need Illustrate, herein, such as first and second or the like relational terms be used merely to by an entity or operation with Another entity or operation make a distinction, and not necessarily require or imply between these entities or operation any this reality be present The relation or order on border.Moreover, term " comprising ", "comprising" or its any other variant are intended to the bag of nonexcludability Contain, so that process, method, article or equipment including a series of elements not only include those key elements, but also including The other element being not expressly set out, or also include for this process, method, article or the intrinsic key element of equipment. In the absence of more restrictions, the key element limited by sentence "including a ...", it is not excluded that including the key element Process, method, other identical element also be present in article or equipment.
The preferred embodiment of the application is the foregoing is only, is not limited to the application, for the skill of this area For art personnel, the application can have various modifications and variations.It is all within spirit herein and principle, made any repair Change, equivalent substitution, improvement etc., should be included within the protection domain of the application.It should be noted that:Similar label and letter exists Similar terms is represented in following accompanying drawing, therefore, once being defined in a certain Xiang Yi accompanying drawing, is then not required in subsequent accompanying drawing It is further defined and explained.
Described above, the only embodiment of the application, but the protection domain of the application is not limited thereto is any Those familiar with the art can readily occur in change or replacement in the technical scope that the application discloses, and should all contain Cover within the protection domain of the application.Therefore, the protection domain of the application described should be defined by scope of the claims.

Claims (10)

  1. A kind of 1. Information Authentication method, it is characterised in that for carrying out Information Authentication, the framework request to framework hyperlink request Link, which includes entry name and the first parameter character string, methods described, to be included:
    The entry name is extracted from the framework hyperlink request, and obtains checking parameter corresponding to the entry name;
    The timestamp parameter of current system is obtained, the timestamp parameter is attached to the ending of the first parameter character string, will The first parameter character string and timestamp parameter are collectively as the second parameter character string;
    The length of the second parameter character string is obtained, according to length, entry name and the time of the second parameter character string The length of gain of parameter character string to be verified is stabbed, is designated as L;
    Intercepted length is L character string from the second parameter character string, as character string to be verified;
    Verification is carried out to the character string to be verified obtain first to check character string, described first is checked character described in string is attached to The ending of second parameter character string, the second parameter character string and first are checked character into string collectively as the 3rd parameter word Symbol string.
  2. 2. according to the method for claim 1, it is characterised in that methods described also includes:
    Obtain entry name key seed corresponding with the entry name;
    The entry name key seed and general key seed group are turned into the first complete key seed;
    According to the described first complete key seed generation encryption key;
    It is encrypted according to the 3rd parameter character string described in the encryption secret key pair;
    The ciphertext character string obtained using encryption replaces the 3rd parameter character string, the framework hyperlink request after being encrypted.
  3. 3. according to the method for claim 1, it is characterised in that described to extract the entry name from the framework hyperlink request Before, methods described also includes:
    Receive framework hyperlink request;
    Judge whether the framework hyperlink request meets call format, if so, performing " from described in framework hyperlink request extraction Entry name, and obtain checking parameter corresponding to the entry name " step.
  4. 4. according to the method for claim 2, it is characterised in that methods described also includes:
    Receive the framework hyperlink request after encryption;
    Obtain the entry name of the framework hyperlink request and entry name key seed corresponding with the entry name;
    The entry name key seed and the general key seed are formed into the second complete key seed;
    According to the described second complete key seed generation decryption key;
    It is decrypted using ciphertext character string described in the decryption secret key pair, obtains the 3rd parameter character string.
  5. 5. according to the method for claim 4, it is characterised in that methods described also includes:
    The entry name in the framework hyperlink request after encryption is obtained, and obtains checking parameter corresponding to the entry name;
    Obtain the timestamp parameter in the length of the second parameter character string, and the second parameter character string;
    Character string to be verified is obtained according to the length of the second parameter character string, the checking parameter and timestamp parameter Length L;
    Checking character for the 3rd parameter character string is removed, is intercepted from the 3rd parameter character string checked character described in removal Length is L character string, carries out verification to the character string that the length is L and obtain second to check character string;
    Judge whether the described second string of checking character is equal with the first string of checking character, if so, then verifying successfully.
  6. 6. a kind of Information Authentication device, it is characterised in that for carrying out Information Authentication, described device bag to framework hyperlink request Include:
    Checking parameter module, for extracting the entry name from the framework hyperlink request, and obtain corresponding to the entry name Checking parameter;
    Second parameter character string module, for obtaining the timestamp parameter of current system, the timestamp parameter is attached to described The ending of first parameter character string, by the first parameter character string and timestamp parameter collectively as the second parameter character String;
    String length module to be verified, for obtaining the length of the second parameter character string, according to second parameter word Length, entry name and the timestamp parameter for according with string obtain the length of character string to be verified, are designated as L;
    Character string module to be verified, for the character string that intercepted length is L from the second parameter character string, as treating Check character string;
    3rd parameter character string module, first is obtained for carrying out verification to the character string to be verified and is checked character string, by institute State the first string of checking character and be attached to the ending of the second parameter character string, will the second parameter character string and the first verification Character string is collectively as the 3rd parameter character string.
  7. 7. device according to claim 6, it is characterised in that described device also includes:
    Entry name key module, for obtaining entry name key seed corresponding with the entry name;
    First complete key seed module is complete for the entry name key seed to be turned into first with general key seed group Key seed;
    Key generation module is encrypted, for according to the described first complete key seed generation encryption key;
    Encrypting module, it is encrypted for the 3rd parameter character string according to the encryption secret key pair;
    Encryption Architecture acquisition module, the ciphertext character string for being obtained using encryption replace the 3rd parameter character string, obtain Framework hyperlink request after encryption.
  8. 8. device according to claim 6, it is characterised in that described device also includes:
    Receiving module is linked, for receiving framework hyperlink request;
    Form judge module, for judging whether the framework hyperlink request meets call format, if so, performing " from the frame Structure hyperlink request extracts the entry name, and obtains checking parameter corresponding to the entry name " step.
  9. 9. device according to claim 8, it is characterised in that described device also includes:
    Framework request receiving module, for receiving the framework hyperlink request after encrypting;
    Entry name key seed module, for the entry name for obtaining the framework hyperlink request and project corresponding with the entry name Name key seed;
    Second complete key seed module, for the entry name key seed and the general key seed composition second is complete Whole key seed;
    Key generation module is decrypted, for according to the described second complete key seed generation decryption key;
    3rd parameter character string module, for being decrypted using ciphertext character string described in the decryption secret key pair, obtain the 3rd Parameter character string.
  10. 10. device according to claim 9, it is characterised in that described device also includes:
    Checking parameter module, for obtaining the entry name in the framework hyperlink request after encrypting, and it is corresponding to obtain the entry name Checking parameter;
    Timestamp parameter module, for obtain the second parameter character string length, and in the second parameter character string when Between stab parameter;
    String length module to be verified, for the length according to the second parameter character string, the checking parameter with timely Between stab gain of parameter character string to be verified length L;
    Second checks character string module, for removing checking character for the 3rd parameter character string, from removing the check word Intercepted length is L character string in 3rd parameter character string of symbol, and carrying out verification to the character string that the length is L obtains second Check character string;
    Judge module is verified, for judging whether the described second string of checking character is equal with the first string of checking character, if so, then school Test success.
CN201710934172.XA 2017-10-10 2017-10-10 Information Authentication method and device Pending CN107483199A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710934172.XA CN107483199A (en) 2017-10-10 2017-10-10 Information Authentication method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710934172.XA CN107483199A (en) 2017-10-10 2017-10-10 Information Authentication method and device

Publications (1)

Publication Number Publication Date
CN107483199A true CN107483199A (en) 2017-12-15

Family

ID=60605245

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710934172.XA Pending CN107483199A (en) 2017-10-10 2017-10-10 Information Authentication method and device

Country Status (1)

Country Link
CN (1) CN107483199A (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109299719A (en) * 2018-09-30 2019-02-01 武汉斗鱼网络科技有限公司 Barrage method of calibration, device, terminal and storage medium based on Character segmentation
CN110659154A (en) * 2018-06-28 2020-01-07 北京京东尚科信息技术有限公司 Data processing method and device
CN110830451A (en) * 2019-10-21 2020-02-21 上海百事通信息技术股份有限公司 Data transmission method, device, storage medium and terminal
CN110868400A (en) * 2019-10-21 2020-03-06 上海百事通信息技术股份有限公司 Data transmission method, device, storage medium and terminal
CN110881028A (en) * 2019-10-24 2020-03-13 上海百事通信息技术股份有限公司 Data transmission control method, device, storage medium and terminal
CN110881029A (en) * 2019-10-24 2020-03-13 上海百事通信息技术股份有限公司 Data transmission control method, device, storage medium and terminal
CN111064697A (en) * 2019-10-21 2020-04-24 上海百事通信息技术股份有限公司 Data transmission method, device, storage medium and terminal
CN111262645A (en) * 2019-10-21 2020-06-09 上海百事通信息技术股份有限公司 Data transmission method, device, storage medium and terminal
CN112109644A (en) * 2020-09-11 2020-12-22 中国第一汽车股份有限公司 Vehicle control method, device, equipment and storage medium
CN116471119A (en) * 2022-05-25 2023-07-21 北京永信至诚科技股份有限公司 Signature verification method and device based on rs and sign

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002029641A2 (en) * 2000-10-03 2002-04-11 Sun Microsystems, Inc. Http transaction monitor with replay capacity
CN101997880A (en) * 2010-12-01 2011-03-30 湖南智源信息网络技术开发有限公司 Method and device for verifying security of network page or interface
US20110173681A1 (en) * 2010-01-12 2011-07-14 Microsoft Corporation flexible authentication and authorization mechanism
CN103067156A (en) * 2012-12-28 2013-04-24 北京移数通电讯有限公司 Uniform resource locator (URL) encryption and validation method for mobile internet user resource access and device provided with the same
CN105207782A (en) * 2015-11-18 2015-12-30 上海爱数软件有限公司 Identity verification method based on restful framework
CN106470103A (en) * 2015-08-17 2017-03-01 苏宁云商集团股份有限公司 A kind of client sends the method and system of encryption URL request
CN106533658A (en) * 2017-01-11 2017-03-22 安徽博约信息科技股份有限公司 URL tamper-proofing signature and signature verification method based on MD5 algorithm

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002029641A2 (en) * 2000-10-03 2002-04-11 Sun Microsystems, Inc. Http transaction monitor with replay capacity
US20110173681A1 (en) * 2010-01-12 2011-07-14 Microsoft Corporation flexible authentication and authorization mechanism
CN101997880A (en) * 2010-12-01 2011-03-30 湖南智源信息网络技术开发有限公司 Method and device for verifying security of network page or interface
CN103067156A (en) * 2012-12-28 2013-04-24 北京移数通电讯有限公司 Uniform resource locator (URL) encryption and validation method for mobile internet user resource access and device provided with the same
CN106470103A (en) * 2015-08-17 2017-03-01 苏宁云商集团股份有限公司 A kind of client sends the method and system of encryption URL request
CN105207782A (en) * 2015-11-18 2015-12-30 上海爱数软件有限公司 Identity verification method based on restful framework
CN106533658A (en) * 2017-01-11 2017-03-22 安徽博约信息科技股份有限公司 URL tamper-proofing signature and signature verification method based on MD5 algorithm

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110659154A (en) * 2018-06-28 2020-01-07 北京京东尚科信息技术有限公司 Data processing method and device
CN109299719A (en) * 2018-09-30 2019-02-01 武汉斗鱼网络科技有限公司 Barrage method of calibration, device, terminal and storage medium based on Character segmentation
CN110830451A (en) * 2019-10-21 2020-02-21 上海百事通信息技术股份有限公司 Data transmission method, device, storage medium and terminal
CN110868400A (en) * 2019-10-21 2020-03-06 上海百事通信息技术股份有限公司 Data transmission method, device, storage medium and terminal
CN111064697A (en) * 2019-10-21 2020-04-24 上海百事通信息技术股份有限公司 Data transmission method, device, storage medium and terminal
CN111262645A (en) * 2019-10-21 2020-06-09 上海百事通信息技术股份有限公司 Data transmission method, device, storage medium and terminal
CN110830451B (en) * 2019-10-21 2022-03-29 上海百事通信息技术股份有限公司 Data transmission method, device, storage medium and terminal
CN110881028A (en) * 2019-10-24 2020-03-13 上海百事通信息技术股份有限公司 Data transmission control method, device, storage medium and terminal
CN110881029A (en) * 2019-10-24 2020-03-13 上海百事通信息技术股份有限公司 Data transmission control method, device, storage medium and terminal
CN112109644A (en) * 2020-09-11 2020-12-22 中国第一汽车股份有限公司 Vehicle control method, device, equipment and storage medium
CN116471119A (en) * 2022-05-25 2023-07-21 北京永信至诚科技股份有限公司 Signature verification method and device based on rs and sign
CN116471119B (en) * 2022-05-25 2024-01-30 北京永信至诚科技股份有限公司 Signature verification method and device based on rs and sign

Similar Documents

Publication Publication Date Title
CN107483199A (en) Information Authentication method and device
AU2021203184B2 (en) Transaction messaging
CN106790253A (en) Authentication method and device based on block chain
CN106027235B (en) A kind of PCI cipher card and magnanimity secret key cipher operation method and system
CN105812366B (en) Server, anti-crawler system and anti-crawler verification method
CN104463040A (en) Secure input method and system for password
CN110061967A (en) Business datum providing method, device, equipment and computer readable storage medium
CN103414727A (en) Encryption protection system for input password input box and using method thereof
CN107707562A (en) A kind of method, apparatus of asymmetric dynamic token Encrypt and Decrypt algorithm
WO2017006118A1 (en) Secure distributed encryption system and method
Al-gohany et al. Comparative study of database security in cloud computing using AES and DES encryption algorithms
CN110210591A (en) A kind of wiring method, computer installation and the computer readable storage medium of intellective IC card personal data
CN115276978A (en) Data processing method and related device
CN105933116B (en) The electronic signature generation of SM2 based on segmentation module feature and verification method and device
EP2950229B1 (en) Method for facilitating transactions, computer program product and mobile device
CN104918245B (en) A kind of identity identifying method, device, server and client
CN106161036B (en) A kind of mobile station (MS) state transition method and system of credit
CN108965315A (en) A kind of authentic authentication method of terminal device, device and terminal device
CN107493572B (en) Wireless radio frequency equipment, authentication server and authentication method
CN106330877B (en) It is a kind of to authorize the method and system converted to the SOT state of termination
TW201828134A (en) Ciphertext-based identity verification method
CN115150061A (en) Post-quantum cryptographic algorithm digital currency transaction method, device, equipment and medium
CN107959670B (en) Dynamic password generation method and device, terminal equipment and storage medium
CN103354634B (en) Method and system for information processing
CN109284999A (en) Business confirmation method and system based on mobile network's terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
AD01 Patent right deemed abandoned

Effective date of abandoning: 20201106

AD01 Patent right deemed abandoned