CN108400868A - Storage method, device and the mobile terminal of seed key - Google Patents

Storage method, device and the mobile terminal of seed key Download PDF

Info

Publication number
CN108400868A
CN108400868A CN201810043839.1A CN201810043839A CN108400868A CN 108400868 A CN108400868 A CN 108400868A CN 201810043839 A CN201810043839 A CN 201810043839A CN 108400868 A CN108400868 A CN 108400868A
Authority
CN
China
Prior art keywords
seed key
mobile terminal
seed
information
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810043839.1A
Other languages
Chinese (zh)
Other versions
CN108400868B (en
Inventor
陈柳章
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Excelsecu Data Technology Co Ltd
Original Assignee
Shenzhen Excelsecu Data Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Excelsecu Data Technology Co Ltd filed Critical Shenzhen Excelsecu Data Technology Co Ltd
Priority to CN201810043839.1A priority Critical patent/CN108400868B/en
Publication of CN108400868A publication Critical patent/CN108400868A/en
Application granted granted Critical
Publication of CN108400868B publication Critical patent/CN108400868B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Telephone Function (AREA)

Abstract

The present invention is suitable for field of information security technology, provides storage method, device, mobile terminal and the computer readable storage medium of seed key, including:Seed key is divided at least two parts seed key information according to preset rules;At least part seed key information is preserved by user and/or third party, and by remaining, at least part seed key information preservation is in mobile terminal.The difficulty that seed key is cracked can be increased through the invention, improve the safety of seed key.

Description

Storage method, device and the mobile terminal of seed key
Technical field
The invention belongs to field of information security technology more particularly to the storage method of seed key, device, mobile terminal and Computer readable storage medium.
Background technology
Dynamic password is to generate a uncertain random digit combination according to special algorithm, and each key can only make With primary, it is widely used in the fields such as Internetbank, network game, e-commerce at present.In the prior art, it is generated in mobile terminal dynamic Seed key needed for generation dynamic password is typically stored in mobile terminal by state password.However seed key is stored in Mobile terminal is easy to be parsed or copied by other people, and then seed key is caused to be cracked by other people, and safety is relatively low.
Therefore, it is necessary to propose a kind of new technical solution, to solve the above technical problems.
Invention content
In view of this, the present invention provides the storage method of seed key, device, mobile terminal and computer-readable storages Medium improves the safety of seed key to increase the difficulty that seed key is cracked.
The first aspect of the present invention provides a kind of storage method of seed key, including:
Seed key is divided at least two parts seed key information according to preset rules;
At least part seed key information is preserved by user and/or third party, and by remaining, at least part plants Sub-key information preservation is in mobile terminal.
The second aspect of the present invention provides a kind of storage device of seed key, including:
Seed key division module, for seed key to be divided at least two parts seed key letter according to preset rules Breath;
First information processing module, at least part seed key information to be preserved by user and/or third party, and By remaining, at least part seed key information preservation is in mobile terminal.
The third aspect of the present invention provides a kind of mobile terminal, including memory, processor and is stored in described deposit In reservoir and the computer program that can run on the processor, the processor are realized such as when executing the computer program The step of above-mentioned first aspect the method.
The fourth aspect of the present invention provides a kind of computer readable storage medium, and the computer readable storage medium is deposited Computer program is contained, is realized such as the step of above-mentioned first aspect the method when the computer program is executed by processor.
Existing advantageous effect is the present invention program compared with prior art:The present invention program is according to preset rules by seed Key is divided at least two parts seed key information, by least part seed key information by user and/or third party into Row record preserves, and by remaining, at least part seed key information preservation is in mobile terminal.The present invention program will be by that will plant Sub-key divides at least two parts, is preserved at least partially by user and/or third party, remaining another part is by mobile terminal It preserves, to realize being stored separately for seed key, increases the difficulty that seed key is cracked, improve the peace of seed key Quan Xing.
Description of the drawings
It to describe the technical solutions in the embodiments of the present invention more clearly, below will be to embodiment or description of the prior art Needed in attached drawing be briefly described, it should be apparent that, the accompanying drawings in the following description be only the present invention some Embodiment for those of ordinary skill in the art without having to pay creative labor, can also be according to these Attached drawing obtains other attached drawings.
Fig. 1 is the implementation process schematic diagram of the storage method for the seed key that the embodiment of the present invention one provides;
Fig. 2 is the implementation process schematic diagram of the storage method of seed key provided by Embodiment 2 of the present invention;
Fig. 3 is the schematic diagram of the storage device for the seed key that the embodiment of the present invention three provides;
Fig. 4 is the schematic diagram for the mobile terminal that the embodiment of the present invention four provides;
Fig. 5 is the schematic diagram for the mobile terminal that the embodiment of the present invention five provides.
Specific implementation mode
In being described below, for illustration and not for limitation, it is proposed that such as tool of particular system structure, technology etc Body details, to understand thoroughly the embodiment of the present invention.However, it will be clear to one skilled in the art that there is no these specific The present invention can also be realized in the other embodiments of details.In other situations, it omits to well-known system, device, electricity The detailed description of road and method, in case unnecessary details interferes description of the invention.
It should be appreciated that ought use in this specification and in the appended claims, the instruction of term " comprising " is described special Sign, entirety, step, operation, the presence of element and/or component, but be not precluded one or more of the other feature, entirety, step, Operation, element, component and/or its presence or addition gathered.
It is also understood that the term used in this description of the invention is merely for the sake of the mesh for describing specific embodiment And be not intended to limit the present invention.As description of the invention and it is used in the attached claims, unless on Other situations are hereafter clearly indicated, otherwise " one " of singulative, "one" and "the" are intended to include plural form.
It will be further appreciated that the term "and/or" used in description of the invention and the appended claims is Refer to any combinations and all possible combinations of one or more of associated item listed, and includes these combinations.
As used in this specification and in the appended claims, term " if " can be according to context quilt Be construed to " when ... " or " once " or " in response to determination " or " in response to detecting ".Similarly, phrase " if it is determined that " or " if detecting [described condition or event] " can be interpreted to mean according to context " once it is determined that " or " in response to true It is fixed " or " once detecting [described condition or event] " or " in response to detecting [described condition or event] ".
In the specific implementation, the mobile terminal described in the embodiment of the present invention is including but not limited to such as with the sensitive table of touch Mobile phone, laptop computer or the tablet computer in face (for example, touch-screen display and/or touch tablet) etc it is other Portable device.It is to be further understood that in certain embodiments, the equipment is not portable communication device, but is had The desktop computer of touch sensitive surface (for example, touch-screen display and/or touch tablet).
In following discussion, the mobile terminal including display and touch sensitive surface is described.However, should manage Solution, mobile terminal may include that one or more of the other physical User of such as physical keyboard, mouse and/or control-rod connects Jaws equipment.
Mobile terminal supports various application programs, such as one of the following or multiple:Drawing application program, demonstration application Program, word-processing application, website establishment application program, disk imprinting application program, spreadsheet applications, game are answered With program, telephony application, videoconference application, email application, instant messaging applications, forging Refining supports application program, photo management application program, digital camera application program, digital camera application program, web-browsing to answer With program, digital music player application and/or video frequency player application program.
The various application programs that can be executed on mobile terminals can use at least one of such as touch sensitive surface Public physical user-interface device.It can be adjusted among applications and/or in corresponding application programs and/or change touch is quick Feel the corresponding information shown in the one or more functions and terminal on surface.In this way, terminal public physical structure (for example, Touch sensitive surface) it can support the various application programs with intuitive and transparent user interface for a user.
It should be understood that the size of the serial number of each step is not meant that the order of the execution order in the present embodiment, each process Execution sequence should be determined by its function and internal logic, and the implementation process of the embodiments of the invention shall not be constituted with any limitation.
In order to illustrate technical solutions according to the invention, illustrated below by specific embodiment.
It is the implementation process schematic diagram of the storage method for the seed key that the embodiment of the present invention one provides, this kind referring to Fig. 1 The storage method of sub-key is applied to mobile terminal, and the storage method of the seed key as shown in the figure may comprise steps of:
Seed key is divided at least two parts seed key information by step S101 according to preset rules.
In embodiments of the present invention, preset rules can be the first preset rules or the second preset rules, according to default rule Seed key is then divided at least two parts seed key information.
Seed key can integrally be handed down to mobile terminal by server, if will calculate seed key by server The dry factor that calculates is handed down to mobile terminal, and seed key then is calculated in mobile terminal.
If seed key is integrally handed down to mobile terminal by server, preset rules are the first preset rules at this time, mobile Seed key is divided at least two parts seed key information by terminal according to the first preset rules.
If several calculating factors for calculating seed key are handed down to mobile terminal by server, preset rules are second at this time Several calculating factors for calculating seed key are divided at least two by preset rules, mobile terminal according to the second preset rules Divide seed key information, does not limit herein.Calculate the parameter that the factor can refer to required when calculating seed key.For example, by The information such as user password, user name, card number calculate seed key, and user password, user name, card number at this time etc. can be seed The calculating factor of key.Therefore the calculating factor of seed key can be calculated by division, seed key is divided at least two Divide seed key information.
Wherein, preset rules can refer to the pre-set rule for how dividing and (splitting) seed key of user.The How one preset rules divides the seed key that mobile terminal is integrally handed down to by server if can referring to that user is pre-set Rule, user can voluntarily be arranged the rule, not limit herein as needed, for example, seed key is 128K byte numbers According to, it can be using preceding 32K byte datas as a part of information of seed key, remaining 96K byte datas are as seed key Another part information, do not limit herein.Optionally, the seed key can be plaintext, can also be ciphertext, herein not It limits.How second preset rules divides the calculating that mobile terminal is handed down to by server if can referring to that user is pre-set The rule of several calculating factors of seed key, user can voluntarily be arranged the rule, not limit herein as needed.
Step S102 is preserved at least part seed key information by user and/or third party, and by remaining, extremely Few a part of seed key information preservation is in mobile terminal.
In embodiments of the present invention, seed key can be divided at least two parts, at least partially by user and/or Third party carries out record preservation, remaining is stored in mobile terminal at least partially, even if other people, which have cracked, is stored in movement eventually The seed encrypted message at end, can not also know complete seed key, because of at least part seed key letter of seed key Breath is preserved by user and/or third party, other people can not know the seed key letter by user and/or third party's preservation Breath.For example, seed key can be divided into two parts, a part is preserved by user, and another part is by being stored in mobile terminal; Or seed key is divided into three parts, a part is preserved by user, and a part is sent to server preservation, and a part is by moving Dynamic terminal preserves, and when enabling the OTP of mobile terminal, a part of seed key of preservation is sent to user, user by server A part of seed key of a part of seed key and oneself preservation that the server received is sent is submitted into mobile terminal, with Seed key is obtained with recovery together with a part of seed key of mobile terminal.
Optionally, after at least part seed key information is fed back to user's (such as being shown to user), if connecing (such as user remembers at least part seed key information for the confirmation instruction for receiving at least part seed key information Afterwards, at least part seed key information region is clicked) or after preset time (such as 1 minute), no longer Show at least part seed key information.
Or after at least part seed key information is sent to third party, third party receives and preserves this extremely After few a part of key information, to mobile terminal feedback response instruction, mobile terminal is no longer shown after receiving response instruction At least part seed key information, wherein response instruction is used to indicate third party and has received and preserved mobile terminal transmission Seed key information.Third party can refer to the equipment in addition to user and mobile terminal, such as the pre-set clothes of user Business device.
Optionally, described preserve at least part seed key information by user and/or third party includes:
A part of seed key presentation of information is preserved to user or a part of seed key information is sent to third party It preserves or a part of seed key presentation of information is preserved to user and a part of seed key information is sent to third party and protects It deposits.
Optionally, the seed key information for being stored in the mobile terminal can be stored in the shifting again after encryption Dynamic terminal.
Optionally, the embodiment of the invention also includes:
The encryption factor of encryption seed key information is divided at least two parts encryption factor according to third preset rules Information;
At least part encryption factor information is preserved by user and/or third party, and by remaining, at least part plus Close factor information preserves or is stored in the mobile terminal after encrypting.
Optionally, described preserve at least part encryption factor information by user and/or third party includes:
A part of encryption factor presentation of information is preserved to user or a part of encryption factor information is sent to third party It preserves or a part of encryption factor presentation of information is preserved to user and a part of encryption factor information is sent to third party and protects It deposits.
Wherein, third preset rules can refer to the pre-set rule for how dividing encryption factor of user, Yong Huke The rule to be voluntarily arranged as needed, do not limit herein.
By the way that seed key is divided at least two parts, a part is preserved the embodiment of the present invention by user and/or third party, Remaining another part is preserved by mobile terminal, to realize being stored separately for seed key, is increased seed key and is cracked Difficulty, improve the safety of seed key.And encryption factor is further divided at least two parts respectively by user or Tripartite preserves, mobile terminal preserves, and enhances the safety of seed key storage.
It is the implementation process schematic diagram of the storage method of seed key provided by Embodiment 2 of the present invention, this kind referring to Fig. 2 The storage method of sub-key is applied to the OTP of mobile terminal, and the storage method of the seed key as shown in the figure may include following Step:
Step S201 activates stage, seed key to be integrally handed down to mobile terminal by server in OTP, pre- according to first If whole seed key is divided at least two parts seed key information by rule;Or activate stage, seed key in OTP Several calculate factors the mobile terminal be handed down to by server, if according to the second preset rules by the seed key Dry calculates the factor and is divided at least two parts seed key information.
OTP in the embodiment of the present invention refers to the soft OTP applied to mobile terminal, by software according to seed key and Current time calculates dynamic password by dynamic password computational methods together.Wherein, dynamic password is according to special algorithm Section generates one and is combined with time correlation, uncertain random digit at regular intervals.
Wherein, the first preset rules can refer to that pre-set how to divide of user is integrally handed down to movement by server The rule of the seed key of terminal, user can voluntarily be arranged the rule, not limit herein as needed, for example, seed is close Key is 128K byte datas, can be using preceding 32K byte datas as seed key first part information, remaining 96K byte numbers According to the second part information as seed key, do not limit herein.Optionally, the seed key can in plain text, also may be used To be ciphertext, do not limit herein.
Wherein, the parameter that the factor can refer to required when calculating seed key is calculated.For example, by user password, user name, The information such as card number calculate seed key, and user password, user name, card number at this time etc. can be the calculating factor of seed key. Therefore the calculating factor of seed key can be calculated by division, seed key is divided at least two parts seed key information.
How second preset rules divides several rules for calculating the factors if can referring to that user is pre-set, user can be with The rule is voluntarily set as needed, is not limited herein.
Step S202 is preserved at least part seed key information by user and/or third party, and by remaining, extremely Few a part of seed key information preservation is in mobile terminal.
In embodiments of the present invention, seed key can be divided at least two parts, at least partially by user and/or Third party carries out record preservation, remaining is stored in mobile terminal at least partially, even if other people, which have cracked, is stored in movement eventually The seed encrypted message at end, can not also know complete seed key, because of at least part seed key letter of seed key Breath is preserved by user and/or third party, other people can not know the seed key letter by user and/or third party's preservation Breath.For example, seed key can be divided into two parts, a part is preserved by user, and another part is by being stored in mobile terminal; Or seed key is divided into three parts, a part is preserved by user, and a part is sent to server preservation, and a part is by moving Dynamic terminal preserves, and when enabling the OTP of mobile terminal, a part of seed key of preservation is sent to user, user by server A part of seed key of a part of seed key and oneself preservation that the server received is sent is submitted into mobile terminal, with Seed key is obtained with recovery together with a part of seed key of mobile terminal.
Optionally, after at least part seed key information is fed back to user's (such as being shown to user), if connecing (such as user remembers at least part seed key information for the confirmation instruction for receiving at least part seed key information Afterwards, at least part seed key information region is clicked) or after preset time (such as 1 minute), no longer Show at least part seed key information.
Or after at least part seed key information is sent to third party, third party receives and preserves this extremely After few a part of key information, to mobile terminal feedback response instruction, mobile terminal is no longer shown after receiving response instruction At least part seed key information, wherein response instruction is used to indicate third party and has received and preserved mobile terminal transmission Seed key information.Third party can refer to the equipment in addition to user and mobile terminal, such as the pre-set clothes of user Business device.
Optionally, described preserve at least part seed key information by user and/or third party includes:
A part of seed key presentation of information is preserved to user or a part of seed key information is sent to third party It preserves or a part of seed key presentation of information is preserved to user and a part of seed key information is sent to third party and protects It deposits.
Optionally, the seed key information for being stored in the mobile terminal can be stored in the shifting again after encryption Dynamic terminal.
Optionally, the embodiment of the invention also includes:
The encryption factor of encryption seed key information is divided at least two parts encryption factor according to third preset rules Information;
At least part encryption factor information is preserved by user and/or third party, and by remaining, at least part plus Close factor information preserves or is stored in the mobile terminal after encrypting.
Optionally, described preserve at least part encryption factor information by user and/or third party includes:
A part of encryption factor presentation of information is preserved to user or a part of encryption factor information is sent to third party It preserves or a part of encryption factor presentation of information is preserved to user and a part of encryption factor information is sent to third party and protects It deposits.
Wherein, third preset rules can refer to the pre-set rule for how dividing encryption factor of user, Yong Huke The rule to be voluntarily arranged as needed, do not limit herein.
Step S203 obtains input by user preserved by user and/or user obtains from third party when starting OTP Seed key information obtains the seed key information that the mobile terminal preserves.
In embodiments of the present invention, when starting OTP, user can be inputted by mobile terminal and be preserved or used by user Seed key information that family is obtained from third party (such as seed key information is inputted on the touch screen of mobile terminal) or by User preserves and the seed key information that is obtained from third party of user, to obtain seed key information input by user, and from Its own seed key information preserved is obtained in mobile terminal.
Step S204, in plain text according to whole seed key Information recovering seed keys of acquisition.
In embodiments of the present invention, since the seed of seed key information input by user and mobile terminal itself preservation is close Key information is to divide gained by seed key, then the kind that seed key information input by user and mobile terminal itself are preserved Sub-key information, which is combined, can obtain complete seed key.It is if being stored in the Some seeds key information of mobile terminal By encrypted, then first decrypt and obtain seed key with seed key Information recovering input by user again in plain text.
Step S205 calculates dynamic password with dynamic password algorithm in plain text according to the seed key.
The embodiment of the present invention by seed key by dividing at least two parts, at least partially by user and/or third party It preserves, remaining another part is preserved by mobile terminal, to realize being stored separately for seed key, increases seed key quilt The difficulty cracked improves the safety of seed key, the dynamic password safety and reliability being calculated.
It is the schematic diagram of the storage device for the seed key that the embodiment of the present invention three provides, for the ease of saying referring to Fig. 3 It is bright, it illustrates only and the relevant part of the embodiment of the present invention.
Described device includes:
Seed key division module 31, for seed key to be divided at least two parts seed key according to preset rules Information;
First information processing module 32, for by least part seed key first part's information by user and/or the Tripartite preserves, and by remaining, at least part seed key information preservation is in mobile terminal.
Optionally, the seed key division module 31 is specifically used for:
The preset rules are the first preset rules, activate stage, the seed key integrally to be issued by server in OTP To the mobile terminal, whole seed key is divided at least two parts seed key information according to the first preset rules; Or
The preset rules are the second preset rules, activate stage, several of the seed key to calculate the factor in OTP The mobile terminal is handed down to by server, is divided several calculating factors of the seed key according to the second preset rules It is at least two parts seed key information.
Optionally, described device further includes:
Data obtaining module 33, for when starting OTP, obtain it is input by user by user's preservation and/or user from the The seed key information that tripartite obtains obtains the seed key information that the mobile terminal preserves;
Seed key recovery module 34, for whole seed key Information recovering seed keys plaintext according to acquisition;
Dynamic password computing module 35, for calculating dynamic mouth with dynamic password algorithm in plain text according to the seed key It enables.
Optionally, the seed key information for being stored in the mobile terminal is to be stored in the movement again after encryption eventually End.
Optionally, described device further includes:
Encryption factor division module, for being divided the encryption factor of encryption seed key information according to third preset rules It is at least two parts encryption factor information;
Second message processing module, at least part encryption factor information to be preserved by user and/or third party, and By remaining, at least part encryption factor information preservation or encryption after be stored in the mobile terminal.
Wherein, the encryption factor division module and second message processing module are not shown in figure 3.
Device provided in an embodiment of the present invention can be applied in preceding method embodiment one and embodiment two, details referring to The description of above method embodiment one and embodiment two, details are not described herein.
Fig. 4 is the schematic diagram for the mobile terminal that the embodiment of the present invention four provides.The mobile terminal as shown in the figure can wrap It includes:One or more processors 401 (only show one) in figure;One or more input equipments 402 (only show one) in figure, One or more output equipments 403 (one is only shown in figure) and memory 404.It is above-mentioned processor 401, input equipment 402, defeated Go out equipment 403 and memory 404 is connected by bus 405.Memory 404 for storing instruction, for executing deposit by processor 401 The instruction that reservoir 404 stores.Wherein:
The processor 401, for seed key to be divided at least two parts seed key information according to preset rules; At least part seed key information is preserved by user and/or third party, and by remaining, at least part seed key believes Breath is stored in mobile terminal.
Optionally, the processor 401 is specifically used for:
The preset rules are the first preset rules, activate stage, the seed key integrally to be issued by server in OTP To the mobile terminal, whole seed key is divided at least two parts seed key information according to the first preset rules; Or
The preset rules are the second preset rules, activate stage, several of the seed key to calculate the factor in OTP The mobile terminal is handed down to by server, is divided several calculating factors of the seed key according to the second preset rules It is at least two parts seed key information.
Optionally, the processor 401 is additionally operable to:
When starting OTP, the seed key letter input by user preserved by user and/or user obtains from third party is obtained Breath obtains the seed key information that the mobile terminal preserves;
In plain text according to whole seed key Information recovering seed keys of acquisition;
According to the seed key dynamic password is calculated with dynamic password algorithm in plain text.
Optionally, the seed key information for being stored in the mobile terminal is to be stored in the movement again after encryption eventually End.
Optionally, the processor 401 is additionally operable to:
The encryption factor of encryption seed key information is divided at least two parts encryption factor according to third preset rules Information;
At least part encryption factor information is preserved by user and/or third party, and by remaining, at least part plus Close factor information preserves or is stored in the mobile terminal after encrypting.
It should be appreciated that in embodiments of the present invention, the processor 401 can be central processing unit (Central Processing Unit, CPU), which can also be other general processors, digital signal processor (Digital Signal Processor, DSP), application-specific integrated circuit (Application Specific Integrated Circuit, ASIC), ready-made programmable gate array (Field-Programmable Gate Array, FPGA) or other programmable logic Device, discrete gate or transistor logic, discrete hardware components etc..General processor can be microprocessor or this at It can also be any conventional processor etc. to manage device.
Input equipment 402 may include that Trackpad, fingerprint adopt sensor (finger print information and fingerprint for acquiring user Directional information), microphone, data receiver interface etc..Output equipment 403 may include display (LCD etc.), loud speaker, data Transmission interface etc..
The memory 404 may include read-only memory and random access memory, and to processor 401 provide instruction and Data.The a part of of memory 404 can also include nonvolatile RAM.For example, memory 404 can also be deposited Store up the information of device type.
In the specific implementation, processor 401 described in the embodiment of the present invention, input equipment 402,403 and of output equipment Memory 404 can perform the realization side described in the embodiment of the storage method of seed key provided in an embodiment of the present invention Formula also can perform the realization method described in the storage device of seed key described in embodiment three, and details are not described herein.
Fig. 5 is the schematic diagram for the mobile terminal that the embodiment of the present invention five provides.As shown in figure 5, the mobile end of the embodiment End 5 includes:Processor 50, memory 51 and it is stored in the meter that can be run in the memory 51 and on the processor 50 Calculation machine program 52.The processor 50 realizes that the storage method of above-mentioned each seed key is real when executing the computer program 52 Apply the step in example, such as step S101 to S102 shown in FIG. 1.Alternatively, the processor 50 executes the computer program The function of each module/unit in above-mentioned each device embodiment is realized when 52.
Illustratively, the computer program 52 can be divided into one or more module/units, it is one or Multiple module/units are stored in the memory 51, and are executed by the processor 50, to complete the present invention.Described one A or multiple module/units can be the series of computation machine program instruction section that can complete specific function, which is used for Implementation procedure of the computer program 52 in the mobile terminal 5 is described.For example, the computer program 52 can be divided It is cut into seed key division module, first information processing module, data obtaining module, seed key recovery module, dynamic password Computing module, encryption factor division module and the second message processing module, each module concrete function are as follows:
Seed key division module, for seed key to be divided at least two parts seed key letter according to preset rules Breath;
First information processing module, at least part seed key information to be preserved by user and/or third party, and By remaining, at least part seed key information preservation is in mobile terminal.
Optionally, the seed key division module is specifically used for:
The preset rules are the first preset rules, activate stage, the seed key integrally to be issued by server in OTP To the mobile terminal, whole seed key is divided at least two parts seed key information according to the first preset rules; Or
The preset rules are the second preset rules, activate stage, several of the seed key to calculate the factor in OTP The mobile terminal is handed down to by server, is divided several calculating factors of the seed key according to the second preset rules It is at least two parts seed key information.
Optionally, data obtaining module, it is input by user by user's preservation and/or user for when starting OTP, obtaining The seed key information obtained from third party obtains the seed key information that the mobile terminal preserves;
Seed key recovery module, for whole seed key Information recovering seed keys plaintext according to acquisition;
Dynamic password computing module, for calculating dynamic password with dynamic password algorithm in plain text according to the seed key.
Optionally, encryption factor division module, for according to third preset rules by the encryption of encryption seed key information The factor is divided at least two parts encryption factor information;
Second message processing module, at least part encryption factor information to be preserved by user and/or third party, and By remaining, at least part encryption factor information preservation or encryption after be stored in the mobile terminal.
The mobile terminal 5 can be that the calculating such as desktop PC, notebook, palm PC and cloud server are set It is standby.The mobile terminal may include, but be not limited only to, processor 50, memory 51.It will be understood by those skilled in the art that Fig. 5 The only example of mobile terminal 5 does not constitute the restriction to mobile terminal 5, may include than illustrating more or fewer portions Part either combines certain components or different components, such as the mobile terminal can also include input-output equipment, net Network access device, bus etc..
Alleged processor 50 can be central processing unit CPU, can also be other general processors, Digital Signal Processing Device DSP, application-specific integrated circuit ASIC, ready-made programmable gate array FPGA either other programmable logic device, discrete gate or Transistor logic, discrete hardware components etc..General processor can be microprocessor or the processor can also be to appoint What conventional processor etc..
The memory 51 can be the internal storage unit of the mobile terminal 5, such as the hard disk of mobile terminal 5 or interior It deposits.The memory 51 can also be to be equipped on the External memory equipment of the mobile terminal 5, such as the mobile terminal 5 Plug-in type hard disk, intelligent memory card (Smart Media Card, SMC), secure digital (Secure Digital, SD) card dodge Deposit card (Flash Card) etc..Further, the memory 51 can also both include the storage inside list of the mobile terminal 5 Member also includes External memory equipment.The memory 51 is for storing needed for the computer program and the mobile terminal Other programs and data.The memory 51 can be also used for temporarily storing the data that has exported or will export.
It is apparent to those skilled in the art that for convenience of description and succinctly, only with above-mentioned each work( Can unit, module division progress for example, in practical application, can be as needed and by above-mentioned function distribution by different Functional unit, module are completed, i.e., the internal structure of described device are divided into different functional units or module, more than completion The all or part of function of description.Each functional unit, module in embodiment can be integrated in a processing unit, also may be used It, can also be above-mentioned integrated during two or more units are integrated in one unit to be that each unit physically exists alone The form that hardware had both may be used in unit is realized, can also be realized in the form of SFU software functional unit.In addition, each function list Member, the specific name of module are also only to facilitate mutually distinguish, the protection domain being not intended to limit this application.Above system The specific work process of middle unit, module, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.
In the above-described embodiments, it all emphasizes particularly on different fields to the description of each embodiment, is not described in detail or remembers in some embodiment The part of load may refer to the associated description of other embodiments.
Those of ordinary skill in the art may realize that lists described in conjunction with the examples disclosed in the embodiments of the present disclosure Member and algorithm steps can be realized with the combination of electronic hardware or computer software and electronic hardware.These functions are actually It is implemented in hardware or software, depends on the specific application and design constraint of technical solution.Professional technician Each specific application can be used different methods to achieve the described function, but this realization is it is not considered that exceed The scope of the present invention.
In embodiment provided by the present invention, it should be understood that disclosed device/mobile terminal and method, it can be with It realizes by another way.For example, device described above/mobile terminal embodiment is only schematical, for example, institute The division of module or unit is stated, only a kind of division of logic function, formula that in actual implementation, there may be another division manner, such as Multiple units or component can be combined or can be integrated into another system, or some features can be ignored or not executed.Separately A bit, shown or discussed mutual coupling or direct-coupling or communication connection can be by some interfaces, device Or INDIRECT COUPLING or the communication connection of unit, can be electrical, machinery or other forms.
The unit illustrated as separating component may or may not be physically separated, aobvious as unit The component shown may or may not be physical unit, you can be located at a place, or may be distributed over multiple In network element.Some or all of unit therein can be selected according to the actual needs to realize the mesh of this embodiment scheme 's.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, it can also It is that each unit physically exists alone, it can also be during two or more units be integrated in one unit.Above-mentioned integrated list The form that hardware had both may be used in member is realized, can also be realized in the form of SFU software functional unit.
If the integrated module/unit be realized in the form of SFU software functional unit and as independent product sale or In use, can be stored in a computer read/write memory medium.Based on this understanding, the present invention realizes above-mentioned implementation All or part of flow in example method, can also instruct relevant hardware to complete, the meter by computer program Calculation machine program can be stored in a computer readable storage medium, the computer program when being executed by processor, it can be achieved that on The step of stating each embodiment of the method.Wherein, the computer program includes computer program code, the computer program generation Code can be source code form, object identification code form, executable file or certain intermediate forms etc..The computer-readable medium May include:Any entity or device, recording medium, USB flash disk, mobile hard disk, magnetic of the computer program code can be carried Dish, CD, computer storage, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), electric carrier signal, telecommunication signal and software distribution medium etc..It should be noted that described The content that computer-readable medium includes can carry out increasing appropriate according to legislation in jurisdiction and the requirement of patent practice Subtract, such as in certain jurisdictions, according to legislation and patent practice, computer-readable medium does not include electric carrier signal and electricity Believe signal.
Embodiment described above is merely illustrative of the technical solution of the present invention, rather than its limitations;Although with reference to aforementioned reality Applying example, invention is explained in detail, it will be understood by those of ordinary skill in the art that:It still can be to aforementioned each Technical solution recorded in embodiment is modified or equivalent replacement of some of the technical features;And these are changed Or replace, the spirit and scope for various embodiments of the present invention technical solution that it does not separate the essence of the corresponding technical solution should all It is included within protection scope of the present invention.

Claims (10)

1. a kind of storage method of seed key, which is characterized in that including:
Seed key is divided at least two parts seed key information according to preset rules;
At least part seed key information is preserved by user and/or third party, and by remaining, at least part seed it is close Key information preservation is in mobile terminal.
2. the storage method of seed key as described in claim 1, which is characterized in that drawn seed key according to preset rules Being divided at least two parts seed key information includes:
The preset rules are the first preset rules, activate stage, the seed key to be integrally handed down to institute by server in OTP Mobile terminal is stated, whole seed key is divided at least two parts seed key information according to the first preset rules;Or
The preset rules are the second preset rules, activate stage, several of the seed key to calculate the factor by taking in OTP Business device be handed down to the mobile terminal, according to the second preset rules by the seed key several calculate factors be divided into Few two parts seed key information.
3. the storage method of seed key as described in claim 1, which is characterized in that further include:
When starting OTP, the seed key information input by user preserved by user and/or user obtains from third party is obtained, Obtain the seed key information that the mobile terminal preserves;
In plain text according to whole seed key Information recovering seed keys of acquisition;
According to the seed key dynamic password is calculated with dynamic password algorithm in plain text.
4. the storage method of seed key as described in claim 1, which is characterized in that be stored in the seed of the mobile terminal Key information is to be stored in the mobile terminal again after encryption.
5. the storage method of seed key as claimed in claim 4, which is characterized in that further include:
The encryption factor of encryption seed key information is divided at least two parts encryption factor information according to third preset rules;
At least part encryption factor information is preserved by user and/or third party, and by remaining, at least part encryption because Sub-information preserves or is stored in the mobile terminal after encrypting.
6. a kind of storage device of seed key, which is characterized in that including:
Seed key division module, for seed key to be divided at least two parts seed key information according to preset rules;
First information processing module, at least part seed key information to be preserved by user and/or third party, and by its Remaining, at least part seed key information preservation is in mobile terminal.
7. the storage device of seed key as claimed in claim 6, which is characterized in that the seed key division module is specific For:
The preset rules are the first preset rules, activate stage, the seed key to be integrally handed down to institute by server in OTP Mobile terminal is stated, whole seed key is divided at least two parts seed key information according to the first preset rules;Or
The preset rules are the second preset rules, activate stage, several of the seed key to calculate the factor by taking in OTP Business device be handed down to the mobile terminal, according to the second preset rules by the seed key several calculate factors be divided into Few two parts seed key information;
Described device further includes:
Data obtaining module is used for when starting OTP, and acquisition is input by user to be obtained by user's preservation and/or user from third party The seed key information arrived obtains the seed key information that the mobile terminal preserves;
Seed key recovery module, for whole seed key Information recovering seed keys plaintext according to acquisition;
Dynamic password computing module, for calculating dynamic password with dynamic password algorithm in plain text according to the seed key.
8. the storage device of seed key as claimed in claim 6, which is characterized in that be stored in the seed of the mobile terminal Key information is to be stored in the mobile terminal again after encryption;
Described device further includes:
Encryption factor division module, for according to third preset rules by the encryption factor of encryption seed key information be divided into Few two parts encryption factor information;
Second message processing module, at least part encryption factor information to be preserved by user and/or third party, and by its It is stored in the mobile terminal after remaining, at least part encryption factor information preservation or encryption.
9. a kind of mobile terminal, including memory, processor and it is stored in the memory and can be on the processor The computer program of operation, which is characterized in that the processor realizes such as claim 1 to 5 when executing the computer program The step of any one the method.
10. a kind of computer readable storage medium, the computer-readable recording medium storage has computer program, feature to exist In when the computer program is executed by processor the step of any one of such as claim 1 to 5 of realization the method.
CN201810043839.1A 2018-01-17 2018-01-17 Seed key storage method and device and mobile terminal Active CN108400868B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810043839.1A CN108400868B (en) 2018-01-17 2018-01-17 Seed key storage method and device and mobile terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810043839.1A CN108400868B (en) 2018-01-17 2018-01-17 Seed key storage method and device and mobile terminal

Publications (2)

Publication Number Publication Date
CN108400868A true CN108400868A (en) 2018-08-14
CN108400868B CN108400868B (en) 2021-06-15

Family

ID=63094569

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810043839.1A Active CN108400868B (en) 2018-01-17 2018-01-17 Seed key storage method and device and mobile terminal

Country Status (1)

Country Link
CN (1) CN108400868B (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109389397A (en) * 2018-09-28 2019-02-26 北京金山安全软件有限公司 Hardware wallet
CN110069949A (en) * 2019-04-19 2019-07-30 浙江鲸腾网络科技有限公司 A kind of electronic contract signature method, apparatus, equipment and medium
CN110166425A (en) * 2019-04-09 2019-08-23 北京奇艺世纪科技有限公司 Data processing method, device, system and computer readable storage medium
CN112636907A (en) * 2020-12-18 2021-04-09 深圳前海微众银行股份有限公司 Key management method, key using method, device and equipment
CN113507368A (en) * 2021-06-17 2021-10-15 北京惠而特科技有限公司 Industrial control equipment identity authentication method and device based on dynamic password
CN113595727A (en) * 2021-09-26 2021-11-02 南京慧链和信数字信息科技研究院有限公司 Key safety system based on key separate storage and hardware binding
CN113806787A (en) * 2021-11-19 2021-12-17 苏州浪潮智能科技有限公司 Method, device and equipment for automatic decryption of ARM platform and readable medium

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100211787A1 (en) * 2009-02-19 2010-08-19 Leonid Bukshpun Chaotic cipher system and method for secure communication
CN101826957A (en) * 2010-01-19 2010-09-08 北京信安世纪科技有限公司 Dynamic token seed key injection method
WO2011089143A1 (en) * 2010-01-20 2011-07-28 Intrinsic Id B.V. Device and method for obtaining a cryptographic key
CN103746801A (en) * 2014-01-21 2014-04-23 北京智控美信信息技术有限公司 Method for protecting dynamic password seed key on smart phone or tablet personal computer
CN106330868A (en) * 2016-08-14 2017-01-11 北京数盾信息科技有限公司 Encrypted storage key management system and method of high-speed network
CN106878005A (en) * 2016-12-23 2017-06-20 中国电子科技集团公司第三十研究所 A kind of root key management method and device based on network good friend
CN106961336A (en) * 2017-04-18 2017-07-18 北京百旺信安科技有限公司 A kind of key components trustship method and system based on SM2 algorithms

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100211787A1 (en) * 2009-02-19 2010-08-19 Leonid Bukshpun Chaotic cipher system and method for secure communication
CN101826957A (en) * 2010-01-19 2010-09-08 北京信安世纪科技有限公司 Dynamic token seed key injection method
WO2011089143A1 (en) * 2010-01-20 2011-07-28 Intrinsic Id B.V. Device and method for obtaining a cryptographic key
CN103746801A (en) * 2014-01-21 2014-04-23 北京智控美信信息技术有限公司 Method for protecting dynamic password seed key on smart phone or tablet personal computer
CN106330868A (en) * 2016-08-14 2017-01-11 北京数盾信息科技有限公司 Encrypted storage key management system and method of high-speed network
CN106878005A (en) * 2016-12-23 2017-06-20 中国电子科技集团公司第三十研究所 A kind of root key management method and device based on network good friend
CN106961336A (en) * 2017-04-18 2017-07-18 北京百旺信安科技有限公司 A kind of key components trustship method and system based on SM2 algorithms

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
张剑主编: "2.4 密钥管理", 《信息安全技术》 *
邱卫东主编: "密钥共享Secret key sharing", 《英汉信息安全技术辞典》 *

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109389397A (en) * 2018-09-28 2019-02-26 北京金山安全软件有限公司 Hardware wallet
CN109389397B (en) * 2018-09-28 2021-11-26 北京金山安全软件有限公司 Hardware wallet
CN110166425A (en) * 2019-04-09 2019-08-23 北京奇艺世纪科技有限公司 Data processing method, device, system and computer readable storage medium
CN110166425B (en) * 2019-04-09 2021-08-20 北京奇艺世纪科技有限公司 Data processing method, device, system and computer readable storage medium
CN110069949A (en) * 2019-04-19 2019-07-30 浙江鲸腾网络科技有限公司 A kind of electronic contract signature method, apparatus, equipment and medium
CN112636907A (en) * 2020-12-18 2021-04-09 深圳前海微众银行股份有限公司 Key management method, key using method, device and equipment
CN112636907B (en) * 2020-12-18 2023-04-18 深圳前海微众银行股份有限公司 Key management method, key using method, device and equipment
CN113507368A (en) * 2021-06-17 2021-10-15 北京惠而特科技有限公司 Industrial control equipment identity authentication method and device based on dynamic password
CN113595727A (en) * 2021-09-26 2021-11-02 南京慧链和信数字信息科技研究院有限公司 Key safety system based on key separate storage and hardware binding
CN113806787A (en) * 2021-11-19 2021-12-17 苏州浪潮智能科技有限公司 Method, device and equipment for automatic decryption of ARM platform and readable medium

Also Published As

Publication number Publication date
CN108400868B (en) 2021-06-15

Similar Documents

Publication Publication Date Title
CN108400868A (en) Storage method, device and the mobile terminal of seed key
TWI728639B (en) Data processing method, device and electronic equipment
CN109214201B (en) Data sharing method, terminal equipment and computer readable storage medium
CN107704765A (en) A kind of interface access method, server and computer-readable recording medium
CN107786328A (en) A kind of method, service node device and computer-readable medium for generating key
CN107592636A (en) A kind of method of processing information, terminal and server
CN107733984A (en) A kind of method, terminal and computer-readable recording medium for pushing screen locking information
CN108681676A (en) Data managing method and device, system, electronic equipment, program and storage medium
CN107193598A (en) Application starting method, mobile terminal and computer readable storage medium
CN109635572A (en) A kind of contract signing method, apparatus and terminal device based on block chain
CN108038112A (en) Document handling method, mobile terminal and computer-readable recording medium
CN107864039A (en) A kind of application signature method, terminal and computer-readable recording medium
CN106603510A (en) Data processing method and terminal
CN107506494B (en) Document handling method, mobile terminal and computer readable storage medium
CN107547748A (en) A kind of picture management method, terminal and computer-readable recording medium
CN107368735A (en) One kind applies installation method, mobile terminal and computer-readable recording medium
CN108289028A (en) A kind of signature authentication method, relevant device and computer readable storage medium
CN107317928A (en) Information processing method, mobile terminal and computer-readable recording medium
CN110245520A (en) A kind of file enciphering method, file encryption device and terminal device
CN108520186A (en) Record screen method, mobile terminal and computer readable storage medium
CN107332988A (en) Information processing method, mobile terminal and computer-readable recording medium
CN107783932A (en) Information processing method, mobile terminal and the computer-readable recording medium of calculator
CN107301236A (en) Application searches method, mobile terminal, server and computer-readable recording medium
CN108156273A (en) A kind of anonymous ID generation methods, device and electronic equipment
CN107515666A (en) A kind of data managing method and terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant