CN108400868A - Storage method, device and the mobile terminal of seed key - Google Patents
Storage method, device and the mobile terminal of seed key Download PDFInfo
- Publication number
- CN108400868A CN108400868A CN201810043839.1A CN201810043839A CN108400868A CN 108400868 A CN108400868 A CN 108400868A CN 201810043839 A CN201810043839 A CN 201810043839A CN 108400868 A CN108400868 A CN 108400868A
- Authority
- CN
- China
- Prior art keywords
- seed key
- mobile terminal
- seed
- information
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Telephone Function (AREA)
Abstract
The present invention is suitable for field of information security technology, provides storage method, device, mobile terminal and the computer readable storage medium of seed key, including:Seed key is divided at least two parts seed key information according to preset rules;At least part seed key information is preserved by user and/or third party, and by remaining, at least part seed key information preservation is in mobile terminal.The difficulty that seed key is cracked can be increased through the invention, improve the safety of seed key.
Description
Technical field
The invention belongs to field of information security technology more particularly to the storage method of seed key, device, mobile terminal and
Computer readable storage medium.
Background technology
Dynamic password is to generate a uncertain random digit combination according to special algorithm, and each key can only make
With primary, it is widely used in the fields such as Internetbank, network game, e-commerce at present.In the prior art, it is generated in mobile terminal dynamic
Seed key needed for generation dynamic password is typically stored in mobile terminal by state password.However seed key is stored in
Mobile terminal is easy to be parsed or copied by other people, and then seed key is caused to be cracked by other people, and safety is relatively low.
Therefore, it is necessary to propose a kind of new technical solution, to solve the above technical problems.
Invention content
In view of this, the present invention provides the storage method of seed key, device, mobile terminal and computer-readable storages
Medium improves the safety of seed key to increase the difficulty that seed key is cracked.
The first aspect of the present invention provides a kind of storage method of seed key, including:
Seed key is divided at least two parts seed key information according to preset rules;
At least part seed key information is preserved by user and/or third party, and by remaining, at least part plants
Sub-key information preservation is in mobile terminal.
The second aspect of the present invention provides a kind of storage device of seed key, including:
Seed key division module, for seed key to be divided at least two parts seed key letter according to preset rules
Breath;
First information processing module, at least part seed key information to be preserved by user and/or third party, and
By remaining, at least part seed key information preservation is in mobile terminal.
The third aspect of the present invention provides a kind of mobile terminal, including memory, processor and is stored in described deposit
In reservoir and the computer program that can run on the processor, the processor are realized such as when executing the computer program
The step of above-mentioned first aspect the method.
The fourth aspect of the present invention provides a kind of computer readable storage medium, and the computer readable storage medium is deposited
Computer program is contained, is realized such as the step of above-mentioned first aspect the method when the computer program is executed by processor.
Existing advantageous effect is the present invention program compared with prior art:The present invention program is according to preset rules by seed
Key is divided at least two parts seed key information, by least part seed key information by user and/or third party into
Row record preserves, and by remaining, at least part seed key information preservation is in mobile terminal.The present invention program will be by that will plant
Sub-key divides at least two parts, is preserved at least partially by user and/or third party, remaining another part is by mobile terminal
It preserves, to realize being stored separately for seed key, increases the difficulty that seed key is cracked, improve the peace of seed key
Quan Xing.
Description of the drawings
It to describe the technical solutions in the embodiments of the present invention more clearly, below will be to embodiment or description of the prior art
Needed in attached drawing be briefly described, it should be apparent that, the accompanying drawings in the following description be only the present invention some
Embodiment for those of ordinary skill in the art without having to pay creative labor, can also be according to these
Attached drawing obtains other attached drawings.
Fig. 1 is the implementation process schematic diagram of the storage method for the seed key that the embodiment of the present invention one provides;
Fig. 2 is the implementation process schematic diagram of the storage method of seed key provided by Embodiment 2 of the present invention;
Fig. 3 is the schematic diagram of the storage device for the seed key that the embodiment of the present invention three provides;
Fig. 4 is the schematic diagram for the mobile terminal that the embodiment of the present invention four provides;
Fig. 5 is the schematic diagram for the mobile terminal that the embodiment of the present invention five provides.
Specific implementation mode
In being described below, for illustration and not for limitation, it is proposed that such as tool of particular system structure, technology etc
Body details, to understand thoroughly the embodiment of the present invention.However, it will be clear to one skilled in the art that there is no these specific
The present invention can also be realized in the other embodiments of details.In other situations, it omits to well-known system, device, electricity
The detailed description of road and method, in case unnecessary details interferes description of the invention.
It should be appreciated that ought use in this specification and in the appended claims, the instruction of term " comprising " is described special
Sign, entirety, step, operation, the presence of element and/or component, but be not precluded one or more of the other feature, entirety, step,
Operation, element, component and/or its presence or addition gathered.
It is also understood that the term used in this description of the invention is merely for the sake of the mesh for describing specific embodiment
And be not intended to limit the present invention.As description of the invention and it is used in the attached claims, unless on
Other situations are hereafter clearly indicated, otherwise " one " of singulative, "one" and "the" are intended to include plural form.
It will be further appreciated that the term "and/or" used in description of the invention and the appended claims is
Refer to any combinations and all possible combinations of one or more of associated item listed, and includes these combinations.
As used in this specification and in the appended claims, term " if " can be according to context quilt
Be construed to " when ... " or " once " or " in response to determination " or " in response to detecting ".Similarly, phrase " if it is determined that " or
" if detecting [described condition or event] " can be interpreted to mean according to context " once it is determined that " or " in response to true
It is fixed " or " once detecting [described condition or event] " or " in response to detecting [described condition or event] ".
In the specific implementation, the mobile terminal described in the embodiment of the present invention is including but not limited to such as with the sensitive table of touch
Mobile phone, laptop computer or the tablet computer in face (for example, touch-screen display and/or touch tablet) etc it is other
Portable device.It is to be further understood that in certain embodiments, the equipment is not portable communication device, but is had
The desktop computer of touch sensitive surface (for example, touch-screen display and/or touch tablet).
In following discussion, the mobile terminal including display and touch sensitive surface is described.However, should manage
Solution, mobile terminal may include that one or more of the other physical User of such as physical keyboard, mouse and/or control-rod connects
Jaws equipment.
Mobile terminal supports various application programs, such as one of the following or multiple:Drawing application program, demonstration application
Program, word-processing application, website establishment application program, disk imprinting application program, spreadsheet applications, game are answered
With program, telephony application, videoconference application, email application, instant messaging applications, forging
Refining supports application program, photo management application program, digital camera application program, digital camera application program, web-browsing to answer
With program, digital music player application and/or video frequency player application program.
The various application programs that can be executed on mobile terminals can use at least one of such as touch sensitive surface
Public physical user-interface device.It can be adjusted among applications and/or in corresponding application programs and/or change touch is quick
Feel the corresponding information shown in the one or more functions and terminal on surface.In this way, terminal public physical structure (for example,
Touch sensitive surface) it can support the various application programs with intuitive and transparent user interface for a user.
It should be understood that the size of the serial number of each step is not meant that the order of the execution order in the present embodiment, each process
Execution sequence should be determined by its function and internal logic, and the implementation process of the embodiments of the invention shall not be constituted with any limitation.
In order to illustrate technical solutions according to the invention, illustrated below by specific embodiment.
It is the implementation process schematic diagram of the storage method for the seed key that the embodiment of the present invention one provides, this kind referring to Fig. 1
The storage method of sub-key is applied to mobile terminal, and the storage method of the seed key as shown in the figure may comprise steps of:
Seed key is divided at least two parts seed key information by step S101 according to preset rules.
In embodiments of the present invention, preset rules can be the first preset rules or the second preset rules, according to default rule
Seed key is then divided at least two parts seed key information.
Seed key can integrally be handed down to mobile terminal by server, if will calculate seed key by server
The dry factor that calculates is handed down to mobile terminal, and seed key then is calculated in mobile terminal.
If seed key is integrally handed down to mobile terminal by server, preset rules are the first preset rules at this time, mobile
Seed key is divided at least two parts seed key information by terminal according to the first preset rules.
If several calculating factors for calculating seed key are handed down to mobile terminal by server, preset rules are second at this time
Several calculating factors for calculating seed key are divided at least two by preset rules, mobile terminal according to the second preset rules
Divide seed key information, does not limit herein.Calculate the parameter that the factor can refer to required when calculating seed key.For example, by
The information such as user password, user name, card number calculate seed key, and user password, user name, card number at this time etc. can be seed
The calculating factor of key.Therefore the calculating factor of seed key can be calculated by division, seed key is divided at least two
Divide seed key information.
Wherein, preset rules can refer to the pre-set rule for how dividing and (splitting) seed key of user.The
How one preset rules divides the seed key that mobile terminal is integrally handed down to by server if can referring to that user is pre-set
Rule, user can voluntarily be arranged the rule, not limit herein as needed, for example, seed key is 128K byte numbers
According to, it can be using preceding 32K byte datas as a part of information of seed key, remaining 96K byte datas are as seed key
Another part information, do not limit herein.Optionally, the seed key can be plaintext, can also be ciphertext, herein not
It limits.How second preset rules divides the calculating that mobile terminal is handed down to by server if can referring to that user is pre-set
The rule of several calculating factors of seed key, user can voluntarily be arranged the rule, not limit herein as needed.
Step S102 is preserved at least part seed key information by user and/or third party, and by remaining, extremely
Few a part of seed key information preservation is in mobile terminal.
In embodiments of the present invention, seed key can be divided at least two parts, at least partially by user and/or
Third party carries out record preservation, remaining is stored in mobile terminal at least partially, even if other people, which have cracked, is stored in movement eventually
The seed encrypted message at end, can not also know complete seed key, because of at least part seed key letter of seed key
Breath is preserved by user and/or third party, other people can not know the seed key letter by user and/or third party's preservation
Breath.For example, seed key can be divided into two parts, a part is preserved by user, and another part is by being stored in mobile terminal;
Or seed key is divided into three parts, a part is preserved by user, and a part is sent to server preservation, and a part is by moving
Dynamic terminal preserves, and when enabling the OTP of mobile terminal, a part of seed key of preservation is sent to user, user by server
A part of seed key of a part of seed key and oneself preservation that the server received is sent is submitted into mobile terminal, with
Seed key is obtained with recovery together with a part of seed key of mobile terminal.
Optionally, after at least part seed key information is fed back to user's (such as being shown to user), if connecing
(such as user remembers at least part seed key information for the confirmation instruction for receiving at least part seed key information
Afterwards, at least part seed key information region is clicked) or after preset time (such as 1 minute), no longer
Show at least part seed key information.
Or after at least part seed key information is sent to third party, third party receives and preserves this extremely
After few a part of key information, to mobile terminal feedback response instruction, mobile terminal is no longer shown after receiving response instruction
At least part seed key information, wherein response instruction is used to indicate third party and has received and preserved mobile terminal transmission
Seed key information.Third party can refer to the equipment in addition to user and mobile terminal, such as the pre-set clothes of user
Business device.
Optionally, described preserve at least part seed key information by user and/or third party includes:
A part of seed key presentation of information is preserved to user or a part of seed key information is sent to third party
It preserves or a part of seed key presentation of information is preserved to user and a part of seed key information is sent to third party and protects
It deposits.
Optionally, the seed key information for being stored in the mobile terminal can be stored in the shifting again after encryption
Dynamic terminal.
Optionally, the embodiment of the invention also includes:
The encryption factor of encryption seed key information is divided at least two parts encryption factor according to third preset rules
Information;
At least part encryption factor information is preserved by user and/or third party, and by remaining, at least part plus
Close factor information preserves or is stored in the mobile terminal after encrypting.
Optionally, described preserve at least part encryption factor information by user and/or third party includes:
A part of encryption factor presentation of information is preserved to user or a part of encryption factor information is sent to third party
It preserves or a part of encryption factor presentation of information is preserved to user and a part of encryption factor information is sent to third party and protects
It deposits.
Wherein, third preset rules can refer to the pre-set rule for how dividing encryption factor of user, Yong Huke
The rule to be voluntarily arranged as needed, do not limit herein.
By the way that seed key is divided at least two parts, a part is preserved the embodiment of the present invention by user and/or third party,
Remaining another part is preserved by mobile terminal, to realize being stored separately for seed key, is increased seed key and is cracked
Difficulty, improve the safety of seed key.And encryption factor is further divided at least two parts respectively by user or
Tripartite preserves, mobile terminal preserves, and enhances the safety of seed key storage.
It is the implementation process schematic diagram of the storage method of seed key provided by Embodiment 2 of the present invention, this kind referring to Fig. 2
The storage method of sub-key is applied to the OTP of mobile terminal, and the storage method of the seed key as shown in the figure may include following
Step:
Step S201 activates stage, seed key to be integrally handed down to mobile terminal by server in OTP, pre- according to first
If whole seed key is divided at least two parts seed key information by rule;Or activate stage, seed key in OTP
Several calculate factors the mobile terminal be handed down to by server, if according to the second preset rules by the seed key
Dry calculates the factor and is divided at least two parts seed key information.
OTP in the embodiment of the present invention refers to the soft OTP applied to mobile terminal, by software according to seed key and
Current time calculates dynamic password by dynamic password computational methods together.Wherein, dynamic password is according to special algorithm
Section generates one and is combined with time correlation, uncertain random digit at regular intervals.
Wherein, the first preset rules can refer to that pre-set how to divide of user is integrally handed down to movement by server
The rule of the seed key of terminal, user can voluntarily be arranged the rule, not limit herein as needed, for example, seed is close
Key is 128K byte datas, can be using preceding 32K byte datas as seed key first part information, remaining 96K byte numbers
According to the second part information as seed key, do not limit herein.Optionally, the seed key can in plain text, also may be used
To be ciphertext, do not limit herein.
Wherein, the parameter that the factor can refer to required when calculating seed key is calculated.For example, by user password, user name,
The information such as card number calculate seed key, and user password, user name, card number at this time etc. can be the calculating factor of seed key.
Therefore the calculating factor of seed key can be calculated by division, seed key is divided at least two parts seed key information.
How second preset rules divides several rules for calculating the factors if can referring to that user is pre-set, user can be with
The rule is voluntarily set as needed, is not limited herein.
Step S202 is preserved at least part seed key information by user and/or third party, and by remaining, extremely
Few a part of seed key information preservation is in mobile terminal.
In embodiments of the present invention, seed key can be divided at least two parts, at least partially by user and/or
Third party carries out record preservation, remaining is stored in mobile terminal at least partially, even if other people, which have cracked, is stored in movement eventually
The seed encrypted message at end, can not also know complete seed key, because of at least part seed key letter of seed key
Breath is preserved by user and/or third party, other people can not know the seed key letter by user and/or third party's preservation
Breath.For example, seed key can be divided into two parts, a part is preserved by user, and another part is by being stored in mobile terminal;
Or seed key is divided into three parts, a part is preserved by user, and a part is sent to server preservation, and a part is by moving
Dynamic terminal preserves, and when enabling the OTP of mobile terminal, a part of seed key of preservation is sent to user, user by server
A part of seed key of a part of seed key and oneself preservation that the server received is sent is submitted into mobile terminal, with
Seed key is obtained with recovery together with a part of seed key of mobile terminal.
Optionally, after at least part seed key information is fed back to user's (such as being shown to user), if connecing
(such as user remembers at least part seed key information for the confirmation instruction for receiving at least part seed key information
Afterwards, at least part seed key information region is clicked) or after preset time (such as 1 minute), no longer
Show at least part seed key information.
Or after at least part seed key information is sent to third party, third party receives and preserves this extremely
After few a part of key information, to mobile terminal feedback response instruction, mobile terminal is no longer shown after receiving response instruction
At least part seed key information, wherein response instruction is used to indicate third party and has received and preserved mobile terminal transmission
Seed key information.Third party can refer to the equipment in addition to user and mobile terminal, such as the pre-set clothes of user
Business device.
Optionally, described preserve at least part seed key information by user and/or third party includes:
A part of seed key presentation of information is preserved to user or a part of seed key information is sent to third party
It preserves or a part of seed key presentation of information is preserved to user and a part of seed key information is sent to third party and protects
It deposits.
Optionally, the seed key information for being stored in the mobile terminal can be stored in the shifting again after encryption
Dynamic terminal.
Optionally, the embodiment of the invention also includes:
The encryption factor of encryption seed key information is divided at least two parts encryption factor according to third preset rules
Information;
At least part encryption factor information is preserved by user and/or third party, and by remaining, at least part plus
Close factor information preserves or is stored in the mobile terminal after encrypting.
Optionally, described preserve at least part encryption factor information by user and/or third party includes:
A part of encryption factor presentation of information is preserved to user or a part of encryption factor information is sent to third party
It preserves or a part of encryption factor presentation of information is preserved to user and a part of encryption factor information is sent to third party and protects
It deposits.
Wherein, third preset rules can refer to the pre-set rule for how dividing encryption factor of user, Yong Huke
The rule to be voluntarily arranged as needed, do not limit herein.
Step S203 obtains input by user preserved by user and/or user obtains from third party when starting OTP
Seed key information obtains the seed key information that the mobile terminal preserves.
In embodiments of the present invention, when starting OTP, user can be inputted by mobile terminal and be preserved or used by user
Seed key information that family is obtained from third party (such as seed key information is inputted on the touch screen of mobile terminal) or by
User preserves and the seed key information that is obtained from third party of user, to obtain seed key information input by user, and from
Its own seed key information preserved is obtained in mobile terminal.
Step S204, in plain text according to whole seed key Information recovering seed keys of acquisition.
In embodiments of the present invention, since the seed of seed key information input by user and mobile terminal itself preservation is close
Key information is to divide gained by seed key, then the kind that seed key information input by user and mobile terminal itself are preserved
Sub-key information, which is combined, can obtain complete seed key.It is if being stored in the Some seeds key information of mobile terminal
By encrypted, then first decrypt and obtain seed key with seed key Information recovering input by user again in plain text.
Step S205 calculates dynamic password with dynamic password algorithm in plain text according to the seed key.
The embodiment of the present invention by seed key by dividing at least two parts, at least partially by user and/or third party
It preserves, remaining another part is preserved by mobile terminal, to realize being stored separately for seed key, increases seed key quilt
The difficulty cracked improves the safety of seed key, the dynamic password safety and reliability being calculated.
It is the schematic diagram of the storage device for the seed key that the embodiment of the present invention three provides, for the ease of saying referring to Fig. 3
It is bright, it illustrates only and the relevant part of the embodiment of the present invention.
Described device includes:
Seed key division module 31, for seed key to be divided at least two parts seed key according to preset rules
Information;
First information processing module 32, for by least part seed key first part's information by user and/or the
Tripartite preserves, and by remaining, at least part seed key information preservation is in mobile terminal.
Optionally, the seed key division module 31 is specifically used for:
The preset rules are the first preset rules, activate stage, the seed key integrally to be issued by server in OTP
To the mobile terminal, whole seed key is divided at least two parts seed key information according to the first preset rules;
Or
The preset rules are the second preset rules, activate stage, several of the seed key to calculate the factor in OTP
The mobile terminal is handed down to by server, is divided several calculating factors of the seed key according to the second preset rules
It is at least two parts seed key information.
Optionally, described device further includes:
Data obtaining module 33, for when starting OTP, obtain it is input by user by user's preservation and/or user from the
The seed key information that tripartite obtains obtains the seed key information that the mobile terminal preserves;
Seed key recovery module 34, for whole seed key Information recovering seed keys plaintext according to acquisition;
Dynamic password computing module 35, for calculating dynamic mouth with dynamic password algorithm in plain text according to the seed key
It enables.
Optionally, the seed key information for being stored in the mobile terminal is to be stored in the movement again after encryption eventually
End.
Optionally, described device further includes:
Encryption factor division module, for being divided the encryption factor of encryption seed key information according to third preset rules
It is at least two parts encryption factor information;
Second message processing module, at least part encryption factor information to be preserved by user and/or third party, and
By remaining, at least part encryption factor information preservation or encryption after be stored in the mobile terminal.
Wherein, the encryption factor division module and second message processing module are not shown in figure 3.
Device provided in an embodiment of the present invention can be applied in preceding method embodiment one and embodiment two, details referring to
The description of above method embodiment one and embodiment two, details are not described herein.
Fig. 4 is the schematic diagram for the mobile terminal that the embodiment of the present invention four provides.The mobile terminal as shown in the figure can wrap
It includes:One or more processors 401 (only show one) in figure;One or more input equipments 402 (only show one) in figure,
One or more output equipments 403 (one is only shown in figure) and memory 404.It is above-mentioned processor 401, input equipment 402, defeated
Go out equipment 403 and memory 404 is connected by bus 405.Memory 404 for storing instruction, for executing deposit by processor 401
The instruction that reservoir 404 stores.Wherein:
The processor 401, for seed key to be divided at least two parts seed key information according to preset rules;
At least part seed key information is preserved by user and/or third party, and by remaining, at least part seed key believes
Breath is stored in mobile terminal.
Optionally, the processor 401 is specifically used for:
The preset rules are the first preset rules, activate stage, the seed key integrally to be issued by server in OTP
To the mobile terminal, whole seed key is divided at least two parts seed key information according to the first preset rules;
Or
The preset rules are the second preset rules, activate stage, several of the seed key to calculate the factor in OTP
The mobile terminal is handed down to by server, is divided several calculating factors of the seed key according to the second preset rules
It is at least two parts seed key information.
Optionally, the processor 401 is additionally operable to:
When starting OTP, the seed key letter input by user preserved by user and/or user obtains from third party is obtained
Breath obtains the seed key information that the mobile terminal preserves;
In plain text according to whole seed key Information recovering seed keys of acquisition;
According to the seed key dynamic password is calculated with dynamic password algorithm in plain text.
Optionally, the seed key information for being stored in the mobile terminal is to be stored in the movement again after encryption eventually
End.
Optionally, the processor 401 is additionally operable to:
The encryption factor of encryption seed key information is divided at least two parts encryption factor according to third preset rules
Information;
At least part encryption factor information is preserved by user and/or third party, and by remaining, at least part plus
Close factor information preserves or is stored in the mobile terminal after encrypting.
It should be appreciated that in embodiments of the present invention, the processor 401 can be central processing unit (Central
Processing Unit, CPU), which can also be other general processors, digital signal processor (Digital
Signal Processor, DSP), application-specific integrated circuit (Application Specific Integrated Circuit,
ASIC), ready-made programmable gate array (Field-Programmable Gate Array, FPGA) or other programmable logic
Device, discrete gate or transistor logic, discrete hardware components etc..General processor can be microprocessor or this at
It can also be any conventional processor etc. to manage device.
Input equipment 402 may include that Trackpad, fingerprint adopt sensor (finger print information and fingerprint for acquiring user
Directional information), microphone, data receiver interface etc..Output equipment 403 may include display (LCD etc.), loud speaker, data
Transmission interface etc..
The memory 404 may include read-only memory and random access memory, and to processor 401 provide instruction and
Data.The a part of of memory 404 can also include nonvolatile RAM.For example, memory 404 can also be deposited
Store up the information of device type.
In the specific implementation, processor 401 described in the embodiment of the present invention, input equipment 402,403 and of output equipment
Memory 404 can perform the realization side described in the embodiment of the storage method of seed key provided in an embodiment of the present invention
Formula also can perform the realization method described in the storage device of seed key described in embodiment three, and details are not described herein.
Fig. 5 is the schematic diagram for the mobile terminal that the embodiment of the present invention five provides.As shown in figure 5, the mobile end of the embodiment
End 5 includes:Processor 50, memory 51 and it is stored in the meter that can be run in the memory 51 and on the processor 50
Calculation machine program 52.The processor 50 realizes that the storage method of above-mentioned each seed key is real when executing the computer program 52
Apply the step in example, such as step S101 to S102 shown in FIG. 1.Alternatively, the processor 50 executes the computer program
The function of each module/unit in above-mentioned each device embodiment is realized when 52.
Illustratively, the computer program 52 can be divided into one or more module/units, it is one or
Multiple module/units are stored in the memory 51, and are executed by the processor 50, to complete the present invention.Described one
A or multiple module/units can be the series of computation machine program instruction section that can complete specific function, which is used for
Implementation procedure of the computer program 52 in the mobile terminal 5 is described.For example, the computer program 52 can be divided
It is cut into seed key division module, first information processing module, data obtaining module, seed key recovery module, dynamic password
Computing module, encryption factor division module and the second message processing module, each module concrete function are as follows:
Seed key division module, for seed key to be divided at least two parts seed key letter according to preset rules
Breath;
First information processing module, at least part seed key information to be preserved by user and/or third party, and
By remaining, at least part seed key information preservation is in mobile terminal.
Optionally, the seed key division module is specifically used for:
The preset rules are the first preset rules, activate stage, the seed key integrally to be issued by server in OTP
To the mobile terminal, whole seed key is divided at least two parts seed key information according to the first preset rules;
Or
The preset rules are the second preset rules, activate stage, several of the seed key to calculate the factor in OTP
The mobile terminal is handed down to by server, is divided several calculating factors of the seed key according to the second preset rules
It is at least two parts seed key information.
Optionally, data obtaining module, it is input by user by user's preservation and/or user for when starting OTP, obtaining
The seed key information obtained from third party obtains the seed key information that the mobile terminal preserves;
Seed key recovery module, for whole seed key Information recovering seed keys plaintext according to acquisition;
Dynamic password computing module, for calculating dynamic password with dynamic password algorithm in plain text according to the seed key.
Optionally, encryption factor division module, for according to third preset rules by the encryption of encryption seed key information
The factor is divided at least two parts encryption factor information;
Second message processing module, at least part encryption factor information to be preserved by user and/or third party, and
By remaining, at least part encryption factor information preservation or encryption after be stored in the mobile terminal.
The mobile terminal 5 can be that the calculating such as desktop PC, notebook, palm PC and cloud server are set
It is standby.The mobile terminal may include, but be not limited only to, processor 50, memory 51.It will be understood by those skilled in the art that Fig. 5
The only example of mobile terminal 5 does not constitute the restriction to mobile terminal 5, may include than illustrating more or fewer portions
Part either combines certain components or different components, such as the mobile terminal can also include input-output equipment, net
Network access device, bus etc..
Alleged processor 50 can be central processing unit CPU, can also be other general processors, Digital Signal Processing
Device DSP, application-specific integrated circuit ASIC, ready-made programmable gate array FPGA either other programmable logic device, discrete gate or
Transistor logic, discrete hardware components etc..General processor can be microprocessor or the processor can also be to appoint
What conventional processor etc..
The memory 51 can be the internal storage unit of the mobile terminal 5, such as the hard disk of mobile terminal 5 or interior
It deposits.The memory 51 can also be to be equipped on the External memory equipment of the mobile terminal 5, such as the mobile terminal 5
Plug-in type hard disk, intelligent memory card (Smart Media Card, SMC), secure digital (Secure Digital, SD) card dodge
Deposit card (Flash Card) etc..Further, the memory 51 can also both include the storage inside list of the mobile terminal 5
Member also includes External memory equipment.The memory 51 is for storing needed for the computer program and the mobile terminal
Other programs and data.The memory 51 can be also used for temporarily storing the data that has exported or will export.
It is apparent to those skilled in the art that for convenience of description and succinctly, only with above-mentioned each work(
Can unit, module division progress for example, in practical application, can be as needed and by above-mentioned function distribution by different
Functional unit, module are completed, i.e., the internal structure of described device are divided into different functional units or module, more than completion
The all or part of function of description.Each functional unit, module in embodiment can be integrated in a processing unit, also may be used
It, can also be above-mentioned integrated during two or more units are integrated in one unit to be that each unit physically exists alone
The form that hardware had both may be used in unit is realized, can also be realized in the form of SFU software functional unit.In addition, each function list
Member, the specific name of module are also only to facilitate mutually distinguish, the protection domain being not intended to limit this application.Above system
The specific work process of middle unit, module, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.
In the above-described embodiments, it all emphasizes particularly on different fields to the description of each embodiment, is not described in detail or remembers in some embodiment
The part of load may refer to the associated description of other embodiments.
Those of ordinary skill in the art may realize that lists described in conjunction with the examples disclosed in the embodiments of the present disclosure
Member and algorithm steps can be realized with the combination of electronic hardware or computer software and electronic hardware.These functions are actually
It is implemented in hardware or software, depends on the specific application and design constraint of technical solution.Professional technician
Each specific application can be used different methods to achieve the described function, but this realization is it is not considered that exceed
The scope of the present invention.
In embodiment provided by the present invention, it should be understood that disclosed device/mobile terminal and method, it can be with
It realizes by another way.For example, device described above/mobile terminal embodiment is only schematical, for example, institute
The division of module or unit is stated, only a kind of division of logic function, formula that in actual implementation, there may be another division manner, such as
Multiple units or component can be combined or can be integrated into another system, or some features can be ignored or not executed.Separately
A bit, shown or discussed mutual coupling or direct-coupling or communication connection can be by some interfaces, device
Or INDIRECT COUPLING or the communication connection of unit, can be electrical, machinery or other forms.
The unit illustrated as separating component may or may not be physically separated, aobvious as unit
The component shown may or may not be physical unit, you can be located at a place, or may be distributed over multiple
In network element.Some or all of unit therein can be selected according to the actual needs to realize the mesh of this embodiment scheme
's.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, it can also
It is that each unit physically exists alone, it can also be during two or more units be integrated in one unit.Above-mentioned integrated list
The form that hardware had both may be used in member is realized, can also be realized in the form of SFU software functional unit.
If the integrated module/unit be realized in the form of SFU software functional unit and as independent product sale or
In use, can be stored in a computer read/write memory medium.Based on this understanding, the present invention realizes above-mentioned implementation
All or part of flow in example method, can also instruct relevant hardware to complete, the meter by computer program
Calculation machine program can be stored in a computer readable storage medium, the computer program when being executed by processor, it can be achieved that on
The step of stating each embodiment of the method.Wherein, the computer program includes computer program code, the computer program generation
Code can be source code form, object identification code form, executable file or certain intermediate forms etc..The computer-readable medium
May include:Any entity or device, recording medium, USB flash disk, mobile hard disk, magnetic of the computer program code can be carried
Dish, CD, computer storage, read-only memory (ROM, Read-Only Memory), random access memory (RAM,
Random Access Memory), electric carrier signal, telecommunication signal and software distribution medium etc..It should be noted that described
The content that computer-readable medium includes can carry out increasing appropriate according to legislation in jurisdiction and the requirement of patent practice
Subtract, such as in certain jurisdictions, according to legislation and patent practice, computer-readable medium does not include electric carrier signal and electricity
Believe signal.
Embodiment described above is merely illustrative of the technical solution of the present invention, rather than its limitations;Although with reference to aforementioned reality
Applying example, invention is explained in detail, it will be understood by those of ordinary skill in the art that:It still can be to aforementioned each
Technical solution recorded in embodiment is modified or equivalent replacement of some of the technical features;And these are changed
Or replace, the spirit and scope for various embodiments of the present invention technical solution that it does not separate the essence of the corresponding technical solution should all
It is included within protection scope of the present invention.
Claims (10)
1. a kind of storage method of seed key, which is characterized in that including:
Seed key is divided at least two parts seed key information according to preset rules;
At least part seed key information is preserved by user and/or third party, and by remaining, at least part seed it is close
Key information preservation is in mobile terminal.
2. the storage method of seed key as described in claim 1, which is characterized in that drawn seed key according to preset rules
Being divided at least two parts seed key information includes:
The preset rules are the first preset rules, activate stage, the seed key to be integrally handed down to institute by server in OTP
Mobile terminal is stated, whole seed key is divided at least two parts seed key information according to the first preset rules;Or
The preset rules are the second preset rules, activate stage, several of the seed key to calculate the factor by taking in OTP
Business device be handed down to the mobile terminal, according to the second preset rules by the seed key several calculate factors be divided into
Few two parts seed key information.
3. the storage method of seed key as described in claim 1, which is characterized in that further include:
When starting OTP, the seed key information input by user preserved by user and/or user obtains from third party is obtained,
Obtain the seed key information that the mobile terminal preserves;
In plain text according to whole seed key Information recovering seed keys of acquisition;
According to the seed key dynamic password is calculated with dynamic password algorithm in plain text.
4. the storage method of seed key as described in claim 1, which is characterized in that be stored in the seed of the mobile terminal
Key information is to be stored in the mobile terminal again after encryption.
5. the storage method of seed key as claimed in claim 4, which is characterized in that further include:
The encryption factor of encryption seed key information is divided at least two parts encryption factor information according to third preset rules;
At least part encryption factor information is preserved by user and/or third party, and by remaining, at least part encryption because
Sub-information preserves or is stored in the mobile terminal after encrypting.
6. a kind of storage device of seed key, which is characterized in that including:
Seed key division module, for seed key to be divided at least two parts seed key information according to preset rules;
First information processing module, at least part seed key information to be preserved by user and/or third party, and by its
Remaining, at least part seed key information preservation is in mobile terminal.
7. the storage device of seed key as claimed in claim 6, which is characterized in that the seed key division module is specific
For:
The preset rules are the first preset rules, activate stage, the seed key to be integrally handed down to institute by server in OTP
Mobile terminal is stated, whole seed key is divided at least two parts seed key information according to the first preset rules;Or
The preset rules are the second preset rules, activate stage, several of the seed key to calculate the factor by taking in OTP
Business device be handed down to the mobile terminal, according to the second preset rules by the seed key several calculate factors be divided into
Few two parts seed key information;
Described device further includes:
Data obtaining module is used for when starting OTP, and acquisition is input by user to be obtained by user's preservation and/or user from third party
The seed key information arrived obtains the seed key information that the mobile terminal preserves;
Seed key recovery module, for whole seed key Information recovering seed keys plaintext according to acquisition;
Dynamic password computing module, for calculating dynamic password with dynamic password algorithm in plain text according to the seed key.
8. the storage device of seed key as claimed in claim 6, which is characterized in that be stored in the seed of the mobile terminal
Key information is to be stored in the mobile terminal again after encryption;
Described device further includes:
Encryption factor division module, for according to third preset rules by the encryption factor of encryption seed key information be divided into
Few two parts encryption factor information;
Second message processing module, at least part encryption factor information to be preserved by user and/or third party, and by its
It is stored in the mobile terminal after remaining, at least part encryption factor information preservation or encryption.
9. a kind of mobile terminal, including memory, processor and it is stored in the memory and can be on the processor
The computer program of operation, which is characterized in that the processor realizes such as claim 1 to 5 when executing the computer program
The step of any one the method.
10. a kind of computer readable storage medium, the computer-readable recording medium storage has computer program, feature to exist
In when the computer program is executed by processor the step of any one of such as claim 1 to 5 of realization the method.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810043839.1A CN108400868B (en) | 2018-01-17 | 2018-01-17 | Seed key storage method and device and mobile terminal |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810043839.1A CN108400868B (en) | 2018-01-17 | 2018-01-17 | Seed key storage method and device and mobile terminal |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108400868A true CN108400868A (en) | 2018-08-14 |
CN108400868B CN108400868B (en) | 2021-06-15 |
Family
ID=63094569
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810043839.1A Active CN108400868B (en) | 2018-01-17 | 2018-01-17 | Seed key storage method and device and mobile terminal |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108400868B (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109389397A (en) * | 2018-09-28 | 2019-02-26 | 北京金山安全软件有限公司 | Hardware wallet |
CN110069949A (en) * | 2019-04-19 | 2019-07-30 | 浙江鲸腾网络科技有限公司 | A kind of electronic contract signature method, apparatus, equipment and medium |
CN110166425A (en) * | 2019-04-09 | 2019-08-23 | 北京奇艺世纪科技有限公司 | Data processing method, device, system and computer readable storage medium |
CN112636907A (en) * | 2020-12-18 | 2021-04-09 | 深圳前海微众银行股份有限公司 | Key management method, key using method, device and equipment |
CN113507368A (en) * | 2021-06-17 | 2021-10-15 | 北京惠而特科技有限公司 | Industrial control equipment identity authentication method and device based on dynamic password |
CN113595727A (en) * | 2021-09-26 | 2021-11-02 | 南京慧链和信数字信息科技研究院有限公司 | Key safety system based on key separate storage and hardware binding |
CN113806787A (en) * | 2021-11-19 | 2021-12-17 | 苏州浪潮智能科技有限公司 | Method, device and equipment for automatic decryption of ARM platform and readable medium |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100211787A1 (en) * | 2009-02-19 | 2010-08-19 | Leonid Bukshpun | Chaotic cipher system and method for secure communication |
CN101826957A (en) * | 2010-01-19 | 2010-09-08 | 北京信安世纪科技有限公司 | Dynamic token seed key injection method |
WO2011089143A1 (en) * | 2010-01-20 | 2011-07-28 | Intrinsic Id B.V. | Device and method for obtaining a cryptographic key |
CN103746801A (en) * | 2014-01-21 | 2014-04-23 | 北京智控美信信息技术有限公司 | Method for protecting dynamic password seed key on smart phone or tablet personal computer |
CN106330868A (en) * | 2016-08-14 | 2017-01-11 | 北京数盾信息科技有限公司 | Encrypted storage key management system and method of high-speed network |
CN106878005A (en) * | 2016-12-23 | 2017-06-20 | 中国电子科技集团公司第三十研究所 | A kind of root key management method and device based on network good friend |
CN106961336A (en) * | 2017-04-18 | 2017-07-18 | 北京百旺信安科技有限公司 | A kind of key components trustship method and system based on SM2 algorithms |
-
2018
- 2018-01-17 CN CN201810043839.1A patent/CN108400868B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100211787A1 (en) * | 2009-02-19 | 2010-08-19 | Leonid Bukshpun | Chaotic cipher system and method for secure communication |
CN101826957A (en) * | 2010-01-19 | 2010-09-08 | 北京信安世纪科技有限公司 | Dynamic token seed key injection method |
WO2011089143A1 (en) * | 2010-01-20 | 2011-07-28 | Intrinsic Id B.V. | Device and method for obtaining a cryptographic key |
CN103746801A (en) * | 2014-01-21 | 2014-04-23 | 北京智控美信信息技术有限公司 | Method for protecting dynamic password seed key on smart phone or tablet personal computer |
CN106330868A (en) * | 2016-08-14 | 2017-01-11 | 北京数盾信息科技有限公司 | Encrypted storage key management system and method of high-speed network |
CN106878005A (en) * | 2016-12-23 | 2017-06-20 | 中国电子科技集团公司第三十研究所 | A kind of root key management method and device based on network good friend |
CN106961336A (en) * | 2017-04-18 | 2017-07-18 | 北京百旺信安科技有限公司 | A kind of key components trustship method and system based on SM2 algorithms |
Non-Patent Citations (2)
Title |
---|
张剑主编: "2.4 密钥管理", 《信息安全技术》 * |
邱卫东主编: "密钥共享Secret key sharing", 《英汉信息安全技术辞典》 * |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109389397A (en) * | 2018-09-28 | 2019-02-26 | 北京金山安全软件有限公司 | Hardware wallet |
CN109389397B (en) * | 2018-09-28 | 2021-11-26 | 北京金山安全软件有限公司 | Hardware wallet |
CN110166425A (en) * | 2019-04-09 | 2019-08-23 | 北京奇艺世纪科技有限公司 | Data processing method, device, system and computer readable storage medium |
CN110166425B (en) * | 2019-04-09 | 2021-08-20 | 北京奇艺世纪科技有限公司 | Data processing method, device, system and computer readable storage medium |
CN110069949A (en) * | 2019-04-19 | 2019-07-30 | 浙江鲸腾网络科技有限公司 | A kind of electronic contract signature method, apparatus, equipment and medium |
CN112636907A (en) * | 2020-12-18 | 2021-04-09 | 深圳前海微众银行股份有限公司 | Key management method, key using method, device and equipment |
CN112636907B (en) * | 2020-12-18 | 2023-04-18 | 深圳前海微众银行股份有限公司 | Key management method, key using method, device and equipment |
CN113507368A (en) * | 2021-06-17 | 2021-10-15 | 北京惠而特科技有限公司 | Industrial control equipment identity authentication method and device based on dynamic password |
CN113595727A (en) * | 2021-09-26 | 2021-11-02 | 南京慧链和信数字信息科技研究院有限公司 | Key safety system based on key separate storage and hardware binding |
CN113806787A (en) * | 2021-11-19 | 2021-12-17 | 苏州浪潮智能科技有限公司 | Method, device and equipment for automatic decryption of ARM platform and readable medium |
Also Published As
Publication number | Publication date |
---|---|
CN108400868B (en) | 2021-06-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108400868A (en) | Storage method, device and the mobile terminal of seed key | |
TWI728639B (en) | Data processing method, device and electronic equipment | |
CN109214201B (en) | Data sharing method, terminal equipment and computer readable storage medium | |
CN107704765A (en) | A kind of interface access method, server and computer-readable recording medium | |
CN107786328A (en) | A kind of method, service node device and computer-readable medium for generating key | |
CN107592636A (en) | A kind of method of processing information, terminal and server | |
CN107733984A (en) | A kind of method, terminal and computer-readable recording medium for pushing screen locking information | |
CN108681676A (en) | Data managing method and device, system, electronic equipment, program and storage medium | |
CN107193598A (en) | Application starting method, mobile terminal and computer readable storage medium | |
CN109635572A (en) | A kind of contract signing method, apparatus and terminal device based on block chain | |
CN108038112A (en) | Document handling method, mobile terminal and computer-readable recording medium | |
CN107864039A (en) | A kind of application signature method, terminal and computer-readable recording medium | |
CN106603510A (en) | Data processing method and terminal | |
CN107506494B (en) | Document handling method, mobile terminal and computer readable storage medium | |
CN107547748A (en) | A kind of picture management method, terminal and computer-readable recording medium | |
CN107368735A (en) | One kind applies installation method, mobile terminal and computer-readable recording medium | |
CN108289028A (en) | A kind of signature authentication method, relevant device and computer readable storage medium | |
CN107317928A (en) | Information processing method, mobile terminal and computer-readable recording medium | |
CN110245520A (en) | A kind of file enciphering method, file encryption device and terminal device | |
CN108520186A (en) | Record screen method, mobile terminal and computer readable storage medium | |
CN107332988A (en) | Information processing method, mobile terminal and computer-readable recording medium | |
CN107783932A (en) | Information processing method, mobile terminal and the computer-readable recording medium of calculator | |
CN107301236A (en) | Application searches method, mobile terminal, server and computer-readable recording medium | |
CN108156273A (en) | A kind of anonymous ID generation methods, device and electronic equipment | |
CN107515666A (en) | A kind of data managing method and terminal |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |