CN107864136A - A kind of stolen method of anti-locking system short message service - Google Patents
A kind of stolen method of anti-locking system short message service Download PDFInfo
- Publication number
- CN107864136A CN107864136A CN201711089004.1A CN201711089004A CN107864136A CN 107864136 A CN107864136 A CN 107864136A CN 201711089004 A CN201711089004 A CN 201711089004A CN 107864136 A CN107864136 A CN 107864136A
- Authority
- CN
- China
- Prior art keywords
- ciphertext
- client
- short message
- key
- service end
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0846—Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
Abstract
The present invention relates to a kind of method that anti-locking system short message service is stolen, including:Client initiates checking request to service end;After the service end receives the request, a key is generated, and the first ciphertext is encrypted to by the first AES, is sent to the client;After the client is decoded first ciphertext, then with the second AES it is encrypted to the second ciphertext;The client is sent to the service end using the second ciphertext and user profile as parameter;The key is encrypted by second AES for the service end, generates the 3rd ciphertext;When second ciphertext is identical with the 3rd ciphertext matching, the service end generates a new password, and is sent to client.After the present invention encrypts the key of service end generation by client and service end respectively, matched, it is ensured that short message is sent by me, and sets matching times and match time, anti-locking system short message service maliciously to be used.
Description
Technical field
It is stolen the present invention relates to anti-locking system short message service, field, more particularly to a kind of anti-locking system is used by malice
The stolen method of short message service.
Background technology
We have this road program of short-message verification in registration of website, bank paying, and user is received by mobile phone and verified
Code, for ensureing the authenticity of user's fill message, also provides new proving program for the payment of user to a certain extent, plays
The effect informed and be vigilant.With the popularization of smart mobile phone, it would be desirable to which the thing of registration is more and more, almost can all receive daily
To the short message verification code from every field such as bank, website, client, ticketing service companies.
In order to which the short breath service function of anti-locking system is maliciously used, each large platform is most commonly used at present three kinds of methods:
(1) short message sending is arranged at intervals, and is set jack per line to repeat the time interval sent, is traditionally arranged to be 50s-
100s;
(2) IP is limited, and according to the business characteristic of oneself, sets the daily maximum traffic volumes of each IP;
(3) phone number limits, and according to business characteristic, sets the daily maximum traffic volume of each phone number.
Although three of the above method prevent to some extent system short message service and maliciously be used, but due to short message
The various limitations such as number, transmission time interval are sent, substantially reduce Consumer's Experience.And work as and trigger to the interface of sending short message by mobile phone
When, these interfaces may be exposed and then be illegally used, and safety problem is brought to user, may send out some useless harassing and wrecking
Information, also economic loss can be brought to company while corporate reputation is damaged.
The content of the invention
In order to overcome system short message service maliciously to be used and safety problem, the present invention propose a kind of anti-locking system short message
The stolen method of service.After the present invention encrypts the key of service end generation by client and service end respectively, progress
Match somebody with somebody, it is ensured that short message is sent by me, and sets matching times and match time, anti-locking system short message service maliciously to be used.
To achieve the above object, the invention provides a kind of method that anti-locking system short message service is stolen, including:Client
Hold to service end and initiate checking request;After the service end receives the request, a key is generated, and pass through the first encryption
Algorithm for encryption is sent to the client into the first ciphertext;After the client is decoded first ciphertext, then with
Two AESs are encrypted to the second ciphertext;The client is sent to the clothes using the second ciphertext and cellphone information as parameter
Business end;The key is encrypted by second AES for the service end, generates the 3rd ciphertext;When described second
When ciphertext is identical with the 3rd ciphertext matching, the service end generates a new password, and is sent to client.
Preferably, first AES is DES algorithms.
Preferably, first ciphertext is decoded into the key by the client, then passes through second AES
The key is encrypted to the second ciphertext.
Preferably, second AES is MD5, and in the client, the MD5 algorithms will be by the first ciphertext solution
The close key out is encrypted to second ciphertext;In service end, the key is encrypted to described by the MD5 algorithms
3rd ciphertext.
Preferably, when second ciphertext matches different with the 3rd ciphertext, the server is not handled.
Preferably, after second ciphertext uses once with the 3rd ciphertext matched interfaces, the key failure.
Preferably, second ciphertext is lost with the 3rd ciphertext match time beyond time, the key is pre-set
Effect.
Preferably, the cellphone information includes:Phone number information.
After the present invention encrypts the key of service end generation by client and service end respectively, matched, only
With successful just more new password, to ensure that short message is sent by me, ensure short message service security;And by setting matching times
And match time, anti-locking system short message service are maliciously used.
Brief description of the drawings
In order to illustrate the technical solution of the embodiments of the present invention more clearly, required use in being described below to embodiment
Accompanying drawing be briefly described.It should be evident that drawings in the following description are only some embodiments of the present invention, for this
For the those of ordinary skill of field, on the premise of not paying creative work, it can also be obtained according to these accompanying drawings other
Accompanying drawing.
Fig. 1 is the stolen method flow diagram of the anti-locking system short message service of the present invention;
Fig. 2 is short message service process flow diagram flow chart of the embodiment of the present invention.
Embodiment
Fig. 1 is the stolen method flow diagram of the anti-locking system short message service of the present invention.As shown in figure 1, the present invention proposes
A kind of stolen method of anti-locking system short message service, specific steps include:
Step 101, client initiates checking request to service end.
Specifically, it is necessary to which input handset number carries out user's verification, visitor when user forgets client login password
Just checking request is initiated to service end in family end.
Step 102, after the service end receives the request, a key is generated, and add by the first AES
It is close into the first ciphertext, be sent to the client.
Specifically, service end receives the request sent after client, according to the phone number received generation one at random
Individual key.In order to send safety, service end is then forwarded to client after key is encrypted.
Wherein, service end uses the first AES DES (Data Encrypt ion Standard, data encryption mark
Standard, a kind of DEA) key is encrypted.Key after des encryption is not the 3rd in addition to service end and client
Known to side, so the first ciphertext after its encryption can not be decrypted by stranger, primary key also just can't see.
Step 103, after the client is decoded first ciphertext, then with the second AES it is encrypted to second
Ciphertext;The client is sent to the service end using the second ciphertext and cellphone information as parameter.
Specifically, after client receives the first ciphertext that service end sends over, carried out decoding first original
Key, then to primary key, using the second AES MD5, (Message-Digest Algorithm 5, disappear client again
Breath digest algorithm the 5th edition) it is encrypted, the second ciphertext is encrypted to, last client believes the second ciphertext after encryption and mobile phone
Breath is used as parameter, sends jointly to service end.
Wherein, the number that cellphone information can be phone number or user is set.Client by cellphone information and
Second ciphertext is sent to service end together as parameter, it is ensured that the second transmitted ciphertext is that user oneself sends, and is prevented not
People obtains the password updated with another client after having usurped key.
Step 104, the key is encrypted by second AES for the service end, and generation the 3rd is close
Text;When second ciphertext is identical with the 3rd ciphertext matching, the service end generates a new password, and is sent to visitor
Family end.
Specifically, the key of service end generation is after the first AES des encryption merely through not being sent to client, and
Service end generates the 3rd ciphertext by the second AES md5 encryption.Therefore, the key of service end generation, in the client, lead to
MD5 algorithm for encryption is crossed into the second ciphertext;In service end, by MD5 algorithm for encryption into the 3rd ciphertext.
Service end is by the 3rd ciphertext of generation and receives the second ciphertext for coming and is matched, when the second ciphertext and the 3rd close
When text matching is identical, service end will reset password, generate a new password, and be sent to client;When the second ciphertext and the 3rd
When ciphertext matching is different, server is not handled.
Wherein, it is once with setting matching times in the 3rd ciphertext matched interfaces in the second ciphertext of service end, when second
After ciphertext is once matched with the 3rd ciphertext, original key will be arranged to invalid by service end automatically, if it is desired to again
Once, user need to start checking request again for matching.This method is by realizing that the single availability of interface can solve the problem that safety is asked
Topic, short message interface are also not in risk even if this interface exposes using once immediately failing afterwards.
Service end can also pre-set match time, when service end since the first ciphertext of transmission or client receive first
Ciphertext starts timing, and the parameter that client is sent is received in preset time, if not receiving parameter in preset time, clothes
Original key is also arranged to invalid by business end.
In the present invention, if primary key will be arranged to invalid by the legitimacy that service end demonstrates the second ciphertext,
Even if so someone, which has stolen the first ciphertext and imitated the second ciphertext of generation, is sent to service end, server will not also be located
Reason, because now matched mistake once, cannot be matched again, thus effectively eliminate the hidden danger of short message bombing.
To make what the technical scheme of the embodiment of the present invention and advantage expressed to become apparent from, below by drawings and examples,
Technical scheme is described in further detail.
Fig. 2 is system short message service verification process flow chart of the embodiment of the present invention.As shown in Fig. 2 provide a germline
System short message service verification process flow chart, this method include:
Step S201, client just initiate checking request to service end;
Step S202, after service end receives checking request, generate unique key Key;
Auth is encrypted into DES in the key Key of generation by step S203, service end;
The auth of generation is sent to client by step S204, service end;
Step S205, after client receives auth, decode it, and auth2 is calculated as with MD5;
The auth2 and phone number of generation are sent to service end by step S206, client as parameter;
Key Key is directly encrypted to auth3 by step S207, service end with MD5;
Step S208, service end receive the parameter of client transmission, auth2 are matched with auth3, judges them
It is whether identical, if auth2 is identical with auth3, perform step S209;If auth2 and auth3 are differed, verification process terminates;
Step S209, if auth2 is identical with auth3, service end will reset password, generate a new password, and be sent to
Client.
After the present invention encrypts the key of service end generation by client and service end respectively, matched, only
With successful just more new password, to ensure that short message is sent by me, ensure short message service security.
Above-described embodiment, the purpose of the present invention, technical scheme and beneficial effect are carried out further
Describe in detail, should be understood that the embodiment that the foregoing is only the present invention, be not intended to limit the present invention
Protection domain, within the spirit and principles of the invention, any modification, equivalent substitution and improvements done etc., all should include
Within protection scope of the present invention.
Claims (8)
1. a kind of stolen method of anti-locking system short message service, it is characterised in that including:
Client initiates checking request to service end;
After the service end receives the request, a key is generated, and the first ciphertext is encrypted to by the first AES,
It is sent to the client;
After the client is decoded first ciphertext, then with the second AES it is encrypted to the second ciphertext;The visitor
Family end is sent to the service end using the second ciphertext and cellphone information as parameter;
The key is encrypted by second AES for the service end, generates the 3rd ciphertext;When described second
When ciphertext is identical with the 3rd ciphertext matching, the service end generates a new password, and is sent to client.
2. the stolen method of anti-locking system short message service according to claim 1, it is characterised in that first encryption
Algorithm is DES algorithms.
3. the stolen method of anti-locking system short message service according to claim 1, it is characterised in that the client will
First ciphertext is decoded into the key, then the key is encrypted into the second ciphertext by second AES.
4. the stolen method of anti-locking system short message service according to claim 1, it is characterised in that second encryption
Algorithm is MD5, and in the client, the key decrypted by first ciphertext is encrypted to described by the MD5 algorithms
Second ciphertext;In service end, the key is encrypted to the 3rd ciphertext by the MD5 algorithms.
5. the stolen method of anti-locking system short message service according to claim 1, it is characterised in that second ciphertext
When matching different with the 3rd ciphertext, the server is not handled.
6. the stolen method of anti-locking system short message service according to claim 5, it is characterised in that second ciphertext
After being used once with the 3rd ciphertext matched interfaces, the key failure.
7. the stolen method of anti-locking system short message service according to claim 1, it is characterised in that second ciphertext
Failed with the 3rd ciphertext match time beyond time, the key is pre-set.
8. the stolen method of anti-locking system short message service according to claim 1, it is characterised in that the cellphone information
Including:Phone number information.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711089004.1A CN107864136A (en) | 2017-11-08 | 2017-11-08 | A kind of stolen method of anti-locking system short message service |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711089004.1A CN107864136A (en) | 2017-11-08 | 2017-11-08 | A kind of stolen method of anti-locking system short message service |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107864136A true CN107864136A (en) | 2018-03-30 |
Family
ID=61701327
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711089004.1A Pending CN107864136A (en) | 2017-11-08 | 2017-11-08 | A kind of stolen method of anti-locking system short message service |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107864136A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112565156A (en) * | 2019-09-10 | 2021-03-26 | 北京京东尚科信息技术有限公司 | Information registration method, device and system |
CN114302403A (en) * | 2021-12-29 | 2022-04-08 | 中国建设银行股份有限公司 | Short message authenticity verifying method and device, electronic equipment and storage medium |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6826686B1 (en) * | 2000-04-14 | 2004-11-30 | International Business Machines Corporation | Method and apparatus for secure password transmission and password changes |
CN101146261A (en) * | 2007-10-19 | 2008-03-19 | 吕利勇 | A realization method for digital protection of electronic media |
CN101677269A (en) * | 2008-09-17 | 2010-03-24 | 比亚迪股份有限公司 | Method and system for transmitting keys |
CN102724205A (en) * | 2012-06-27 | 2012-10-10 | 浙江中控软件技术有限公司 | Method for encrypting communication process in industrial field and data collection device |
US20150195280A1 (en) * | 2014-01-08 | 2015-07-09 | Panasonic Intellectual Property Management Co., Ltd. | Authentication system and authentication method |
CN104883255A (en) * | 2015-06-24 | 2015-09-02 | 郑州悉知信息技术有限公司 | Password resetting method and device |
CN105376216A (en) * | 2015-10-12 | 2016-03-02 | 华为技术有限公司 | Remote access method, agent server and client end |
CN105704095A (en) * | 2014-11-26 | 2016-06-22 | 阿里巴巴集团控股有限公司 | Identity authentication method and identity authentication device |
CN106713327A (en) * | 2016-12-29 | 2017-05-24 | 上海众人网络安全技术有限公司 | Authentication method and system of verification code security reinforcement |
-
2017
- 2017-11-08 CN CN201711089004.1A patent/CN107864136A/en active Pending
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6826686B1 (en) * | 2000-04-14 | 2004-11-30 | International Business Machines Corporation | Method and apparatus for secure password transmission and password changes |
CN101146261A (en) * | 2007-10-19 | 2008-03-19 | 吕利勇 | A realization method for digital protection of electronic media |
CN101677269A (en) * | 2008-09-17 | 2010-03-24 | 比亚迪股份有限公司 | Method and system for transmitting keys |
CN102724205A (en) * | 2012-06-27 | 2012-10-10 | 浙江中控软件技术有限公司 | Method for encrypting communication process in industrial field and data collection device |
US20150195280A1 (en) * | 2014-01-08 | 2015-07-09 | Panasonic Intellectual Property Management Co., Ltd. | Authentication system and authentication method |
CN105704095A (en) * | 2014-11-26 | 2016-06-22 | 阿里巴巴集团控股有限公司 | Identity authentication method and identity authentication device |
CN104883255A (en) * | 2015-06-24 | 2015-09-02 | 郑州悉知信息技术有限公司 | Password resetting method and device |
CN105376216A (en) * | 2015-10-12 | 2016-03-02 | 华为技术有限公司 | Remote access method, agent server and client end |
CN106713327A (en) * | 2016-12-29 | 2017-05-24 | 上海众人网络安全技术有限公司 | Authentication method and system of verification code security reinforcement |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112565156A (en) * | 2019-09-10 | 2021-03-26 | 北京京东尚科信息技术有限公司 | Information registration method, device and system |
CN114302403A (en) * | 2021-12-29 | 2022-04-08 | 中国建设银行股份有限公司 | Short message authenticity verifying method and device, electronic equipment and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102651739B (en) | Login validation method, system and IM server | |
CN106453361B (en) | A kind of security protection method and system of the network information | |
CN105306211B (en) | A kind of identity identifying method of client software | |
US10263782B2 (en) | Soft-token authentication system | |
TWI632798B (en) | Server, mobile terminal, and network real-name authentication system and method | |
CN112989426B (en) | Authorization authentication method and device, and resource access token acquisition method | |
CN106304264B (en) | Wireless network access method and device | |
EP2806667A1 (en) | Message filtering method and system | |
CN105357186A (en) | Secondary authentication method based on out-of-band authentication and enhanced OTP (One-time Password) mechanism | |
CN104753674A (en) | Application identity authentication method and device | |
CN101420298B (en) | Method and system for negotiating cipher | |
CN104754571A (en) | User authentication realizing method, device and system thereof for multimedia data transmission | |
CN109729000B (en) | Instant messaging method and device | |
CN109728896A (en) | A kind of incoming call certification and source tracing method and process based on block chain | |
CN111914291A (en) | Message processing method, device, equipment and storage medium | |
CN106453321A (en) | Authentication server, system and method, and to-be-authenticated terminal | |
CN104125230A (en) | Short message authentication service system and authentication method | |
CN113595985A (en) | Internet of things security cloud platform implementation method based on state cryptographic algorithm security chip | |
US9160739B2 (en) | Secure data transmission system | |
CN105141629A (en) | Method for improving network security of public Wi-Fi based on WPA/WPA2 PSK multiple passwords | |
KR101358375B1 (en) | Prevention security system and method for smishing | |
CN106789845A (en) | A kind of method of network data security transmission | |
CN103685181A (en) | Key negotiation method based on SRTP | |
CN107864136A (en) | A kind of stolen method of anti-locking system short message service | |
CN104901967A (en) | Registration method for trusted device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180330 |
|
RJ01 | Rejection of invention patent application after publication |