CN108650210A - A kind of Verification System and method - Google Patents

A kind of Verification System and method Download PDF

Info

Publication number
CN108650210A
CN108650210A CN201810208496.XA CN201810208496A CN108650210A CN 108650210 A CN108650210 A CN 108650210A CN 201810208496 A CN201810208496 A CN 201810208496A CN 108650210 A CN108650210 A CN 108650210A
Authority
CN
China
Prior art keywords
information
module
key
server
certified
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810208496.XA
Other languages
Chinese (zh)
Inventor
文明
刘俊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Zhongyitong Security Core Technology Co Ltd
Original Assignee
Shenzhen Zhongyitong Security Core Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Zhongyitong Security Core Technology Co Ltd filed Critical Shenzhen Zhongyitong Security Core Technology Co Ltd
Priority to CN201810208496.XA priority Critical patent/CN108650210A/en
Publication of CN108650210A publication Critical patent/CN108650210A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions

Abstract

The invention discloses a kind of Verification System and method, system includes input module and the first encrypting module;Server-side includes authentication module and the second encrypting module;Wherein, input module obtains information to be certified, and the first encrypting module encrypts information to be certified, and the second encrypting module decrypts information to be certified, and whether authentication module verifies information to be certified correct.Method includes:Information to be certified is obtained, key application is proposed to server-side;Server-side generates encrypted public key;Parse the encrypted public key, information to be certified is subjected to Hash operation to obtain information cryptographic Hash, several plus salt figure is inserted into information cryptographic Hash to generate information character string, the information character string is calculated to obtain character string cryptographic Hash, uses public key and encryption keys character string cryptographic Hash;Server-side verifies character string cryptographic Hash after right value and encryption.The present invention can reduce the probability being stolen in data transmission procedure, improve safety by the way that information to be verified is encrypted.

Description

A kind of Verification System and method
Technical field
The present invention relates to security certification technical field more particularly to a kind of Verification Systems and method.
Background technology
With the continuous development of Internet technology, in network communications, because numerical ciphers are easy to be remembered by user, and for Password authentification cost is also the cheapest for Internet Service Provider, therefore up to the present carries out identity with username and password Certification is still one of primary authentication method.
Initial modification logging storage is arranged in the server by client registers in user, is subsequently inputted again by client Account number cipher game server, the user information inputted according to client are matched with the data information that server end stores, Otherwise certification is disabled user, limits it and log in client and Connection Service device by being then validated user.When user is in client After end input account and encrypted message, account and encrypted message are transmitted to service by client by the transmission mode of internet Device end, verifies user data.However, during account number cipher is transmitted to server end, due to network communication Uncertainty, hacker can be by modes such as network interception, Trojan software, node attack, network holes to client and server The communication at end is attacked, and the crucial interaction data of the two is stolen.
Invention content
To solve the above-mentioned problems, a kind of Verification System of present invention offer and method.
On the one hand the technical solution adopted by the present invention is a kind of Verification System, including client and server-side, the client End includes input module and the first encrypting module;The server-side includes authentication module and the second encrypting module;Wherein, described defeated Enter module and obtain information to be certified, first encrypting module encrypts the information to be certified, the second encrypting module decryption The information to be certified, whether the authentication module verifies the information to be certified correct.
Preferably, the client and service end group realize basic verification in PKI-CA systems.
Preferably, first encrypting module is negotiated with second encrypting module to obtain encryption key;The encryption Key is there are the pot life, and when meeting the preset time limit, first encrypting module is renegotiated with second encrypting module To update encryption key.
Preferably, further include plus salt module, described plus salt module connect the input module and add letter to be certified described in salt Breath.
Preferably, further include data memory module.
On the one hand the technical solution adopted by the present invention is a kind of authentication method, be suitable for above system, including step:Client End obtains information to be certified, and key application is proposed to server-side;Server-side generates encrypted public key;Client parses the encryption Public key, information to be certified is subjected to Hash operation to obtain information cryptographic Hash, will several plus salt figure insertion described information Hash Value calculates the information character string to obtain character string cryptographic Hash, uses public key and encryption keys to generate information character string The character string cryptographic Hash;Character string cryptographic Hash after the more preset right value of server-side and encryption, is unanimously then verified.
Preferably, the server-side is based on RSA Algorithm and generates public key, private key, using encryption key and is based on symmetric cryptography Public key described in algorithm 3DES encryption is to generate encrypted public key.
Preferably, the Hash operation is the Hash operation based on SHA512.
Beneficial effects of the present invention are by being encrypted, can reduce in data transmission procedure to information to be verified The probability being stolen improves safety.
Description of the drawings
Fig. 1 show the schematic diagram of the system framework based on the embodiment of the present invention;
Fig. 2 show the schematic diagram that the server-side based on the embodiment of the present invention carries out the preset flow of security key;
Fig. 3 show the flow chart of the bidirectional safe certification based on the embodiment of the present invention;
Fig. 4 show the user based on the embodiment of the present invention and carries out register flow path schematic diagram by client;
Fig. 5 show the identifying procedure schematic diagram based on the embodiment of the present invention.
Specific implementation mode
The present invention will be described with reference to embodiments.
Embodiment based on invention, a kind of Verification System, including client and server-side, the client include input mould Block and the first encrypting module;The server-side includes authentication module and the second encrypting module;Wherein, the input module acquisition waits for Authentication information, first encrypting module encrypt the information to be certified, and second encrypting module decrypts the letter to be certified Breath, whether the authentication module verifies the information to be certified correct.
The client and service end group realize basic verification in PKI-CA systems.
First encrypting module is negotiated with second encrypting module to obtain encryption key;The encryption key exists Pot life, when meeting the preset time limit, first encrypting module is renegotiated with second encrypting module to be added with updating Key.
Further include plus salt module, described plus salt module connect the input module and add information to be certified described in salt.
It further include data memory module.
Embodiment based on invention, a kind of authentication method are suitable for above system, including step:Client, which obtains, to wait recognizing Information is demonstrate,proved, key application is proposed to server-side;Server-side generates encrypted public key;Client parses the encrypted public key, will Information to be certified carries out Hash operation to obtain information cryptographic Hash, and several plus salt figure is inserted into described information cryptographic Hash to generate letter Character string is ceased, the information character string is calculated to obtain character string cryptographic Hash, uses character string described in public key and encryption keys Cryptographic Hash;Character string cryptographic Hash after the more preset right value of server-side and encryption, is unanimously then verified.
The server-side is based on RSA Algorithm and generates public key, private key, using encryption key and is based on symmetric encipherment algorithm 3DES The public key is encrypted to generate encrypted public key.
The Hash operation is the Hash operation based on SHA512.
Fig. 1 show the system block diagram of client and server-side, user's account that this example is carried out with client and server-side Number and password for carry out user's registration and the identifying procedure that logs in, the service of various C/S and B/S structures can be applied, as Internetbank, Booking software, immediate communication tool log in etc., the communication of client and server-side by way of wired or wireless network into Row communication.Such as figure, which is mainly made of client and server-side two parts, and client realizes user's operation function, input Module refers to the user account and Password Input module that user carries out registration and authentication, which can be different password Input frame or safer code keyboard control, are account number cipher recording modules;It is to password input by user to add salt module It carries out the cryptographic Hash after Hash operation to carry out adding salt, i.e., to adding salt figure to password;(i.e. described first encryption of first encryption/decryption module Module) refer to the crypto module with various algorithms, this module can be that soft encryption can also be hardware encryption module (such as safe core Piece), to realize that encryption and decryption of the client to critical datas such as account number ciphers input by user, crypto module support asymmetric calculation The many algorithms such as method, symmetry algorithm, hash Hash.Server-side mainly realizes the preservation of critical data and the certification of user identity. Authentication module is the assembling to authentication data and the verification of correctness judgement to user account password, provides user identity judgement To wrong result;Database module is for storing cryptographic Hash and user account that user password adds salt, the data in database module It is intended to through encrypting storing, to ensure the confidentiality of data in database;Second encryption/decryption module (the i.e. described second encryption mould Block), refer to hardware enciphering and deciphering module (such as cipher machine) in the present system, is used to protect the safety of key in server-side encryption/decryption module It deposits, and supports a variety of asymmetric, symmetrical and hash hash algorithms, realize the encryption and decryption to critical data, produce asymmetric calculation Method public private key pair and random number.
Fig. 2 is the initialization process that server-side carries out security key, and server-side calls the second encrypting module to generate two The random number of 16byte i.e. the first random number and the second random number, respectively preserve the first random number and the second random number to second The secure storage areas of encrypting module turns pair when 3DES encryption operation for RSA as security key R-key and C-key, R_key Encrypted security key, C_key is claimed to be used for the security key of data in encrypting database, server-side record security key R_key It will be by adding solution when preserving in encryption and decryption mould secure storage areas and reaching three months (the i.e. described time limit) with the generated time of C_key Close module (including the first encrypting module and second encrypting module) regenerates new random number, as new security key R_key And C_key, data of encrypting storing in original database, first with after old security key C_key decryption, then it is close with new safety Key C_key encryptions, it is preferable that can will also shorten such as one month security key period generated time, reach preferably safety time.
Fig. 3 is the flow chart that client carries out bidirectional safe certification with server-side, the root before carrying out mutual authentication process According to PKI security systems, the CA applied to CA in the preset root certificate of client and client public key certificate, server-side by CA The server-side public key certificate of signature, public key certificate are demonstrate,proved for RSA or SM2 asymmetric arithmetics, because certificate initialization process is public technology, Which is not described herein again.It is postponed in advance in certificate, carries out the bidirectional safe certification of HTTPS agreements, primary authentication flow is as follows:
1) client is sent to server-side in locally group packet transmission Client-SSL version number, authentication handshake information data;
2) after server-side receives information, SSL version numbers, server-side RSA public key certificate are sent to client;
3) legitimacy of client verification server-side RSA public key certificate, continues if certificate is legal, otherwise terminates both ends and recognizes Card is shaken hands;
4) after client verification server-side certificate is legal, the RSA public key certificate of client is sent to server-side;
5) legitimacy of server-side verification client RSA public key certificate obtains the RSA public keys of client after verifying successfully;
6) client generates ciphertext using server-side RSA public key encryptions symmetric key (3DES algorithm secret keys) assembled scheme, And ciphertext is sent to server-side;
7) server-side decrypts the symmetric key assembled scheme ciphertext that client is sent, and confirmation pair with server-side RSA private keys Claim the assembled scheme of key;
8) after server-side confirms symmetric key assembled scheme, the RSA public key cryptographic validations information using client and general Encrypted data ciphertext is back to client;
9) client receives the symmetric key assembled scheme confirmation message ciphertext that server-side returns, and uses the RSA of client Private key decrypts the information ciphertext;
10) after client obtains confirmation message, if symmetric key assembled scheme is using random number as symmetric key, client End generates random number as session key (the i.e. described encryption key), after being encrypted to session key using server-side public key, transmission To server-side, there are many symmetric key combinations, this example is illustrated using random number as key;
11) after server-side receives session key ciphertext, session key is obtained after being decrypted with the RSA private keys of server-side;
12) mutual authentication is shaken hands success, and session key agreement is completed.
Fig. 4 is the process that user is registered by client, and user needs first to register when using server end Operation, detailed process are as follows:
1, when user selects registering functional by client, client is public by registration request, registration request time, request Key instruction is by calling the session key negotiated when the first encrypting module two-way authentication with 3DES algorithm for encryption registration request, registration Request time, request public key data, and ciphertext is assembled into ciphertext instruction and sends server-side to;
2, server-side call the second encrypting module using session key decryption ciphertext instruct, solve client registers request, Registion time and request public key instruction, server-side call the public and private key (Pub_ of safety of a pair of of RSA Algorithm of the second encrypting module generation Key, Pri_key), using session key with symmetric encipherment algorithm 3DES encryption public key Pub_key (the i.e. described encrypted public key), Public key cryptography instruction is generated, ciphertext is sent and instructs to client;
3, client receives the public key cryptography instruction that server-side is sent, and session key is called to decrypt ciphertext using symmetry algorithm Instruction obtains public key, and inputs register account number Name and password Pwd by input module and (belong to one of information to be certified Point), user password progress SHA512 Hash operations are obtained into cryptographic Hash SHA (Pwd) (i.e. described information cryptographic Hash), add salt Module registration request time, user account, client public key (client public key in Fig. 3) are inserted into respectively in cryptographic Hash as Adding salt figure to generate the character string Str after adding salt, (three kinds of registration request time, user account, client public key character strings are inserted respectively Enter position before, during and after cryptographic Hash character string, other deformations, i.e. described information character string can also be used), and to character string Str It carries out SHA512 Hash operations and generates cryptographic Hash SHA (Str) (the i.e. described character string cryptographic Hash);
4, client public key Pub_key cryptographic hash SHA (Str) safe to use and user account Name, obtain ciphertext It is close using session key encryption M1 generations M1 to recall the first encrypting module by M1=ECN (Pub_key, SHA (Str)+Name) Text, and it is sent to server-side;
5, server-side is calculated by session key S_key and secure private key Pri_key using symmetrical respectively after receiving M1 ciphertexts Method 3DES and non-to being decrypted to ciphertext at algorithm RSA, obtains cryptographic Hash SHA (Str) and user account, server-side call second plus Close module use is stored in safe storage ciphering key _ key with 3DES encryption algorithm for encryption cryptographic Hash SHA (Str) and user's account Number (RSA turns 3DES), and the ciphertext of generation is stored into service client database, use session key encrypting registration successful information Instruction ciphertext returns to client;
6, client receives ciphertext, and decryption obtains instruction of succeeding in registration, and reminds user registration success.
Fig. 5 is the process that user carries out cipher authentication by client and server-side, realizes the certification of user identity, is judged It is whether legal, it is primary authentication process below:
Step 1:User inputs user account and password (information i.e. to be certified) by client input module, initiates certification Above instructions data are carried out 3DES symmetric cryptographies using session key, are transmitted to by log on request and the safe public key request of acquisition Server-side;
Step 2:Server-side calls the second encrypting module, and the encryption data ciphertext received using session key decryption is referred to It enables, client certificate request is got after decryption and request public key instruction, encrypting module generate a pair of RSA public and private keys safely (Pub1-key, Pri1-key) will be sent to client after protection public key session key encryption;
Step 3:Client receives and gets safe public key Pub1-key using session key decryption after encryption data, will User password Pwd ' carries out SHA512 Hash operations and obtains cryptographic Hash SHA (Pwd) ', add salt module the registration request time, User account, client public key be inserted into respectively in cryptographic Hash as plus salt figure generate plus salt after character string Str ', and to character String carries out SHA512 Hash operations and generates cryptographic Hash SHA (Str ');
Step 4:Public key Pub1_key cryptographic hash SHA (Str ') safe to use and user account Name ', obtain ciphertext M1 '=ECN (Pub1_key, SHA (Str ')+Name ') recalls encrypting module and generates ciphertext using session key encryption M1' M2', and it is sent to server-side;
Step 5:Server-side is used symmetrically by session key S_key and secure private key Pri1_key respectively after receiving ciphertext Algorithm and non-to being decrypted to ciphertext at algorithm, acquisition cryptographic Hash SHA (Str ') and user account Name ', server-side calling encryption Module respectively obtains ciphertext using key R_key with 3DES encryption algorithm for encryption cryptographic Hash SHA (Str ') and user account Name ' Cp=ENC (R_key, SHA (Str ')) and Cn=(R_key, Name ');
Step 6:Server-side calls encrypting module using ciphering key _ key with the close Kazakhstan in 3DES encryption algorithm ciphertext data library Uncommon value SHA (Str) ciphertexts and user account Name ciphertexts, be used in combination after key R_key encrypting and decryptings cryptographic Hash SHA (Str) and Name generates ciphertext Sp=ENC (R_key, SHA (Str)) and Sn=(R_key, Name) respectively;
Step 7:The authentication module of server-side compares Cp and Sp, and whether Cn and Sn is consistent, if inconsistent, user, which logs in, to be recognized Card failure;If consistent, user account and password are correct, and login authentication success encrypts authentication success message using session key Return to client;
Step 8:Client receives debarkation authentication success ciphertext, and decryption obtains authentication success message, and user identity is successfully recognized Card, accessing server by customer end.
The purpose of invention is solution cipher authentication security risk of the user by client and server-side, i.e., really The legitimacy for determining user identity protects the safety of the safety of authentication procedures, especially user password and verification process.User Password is by the way of adding dynamic salt, and salt figure is made of a variety of, and it is non-right to be respectively adopted in password plus salt cryptographic Hash transmission process Title and symmetric encryption operation ensure the safety for adding the transmission of salt cryptographic Hash, server side authentication while avoiding password from directly transmitting Process turns 3DES encryption password by RSA and salt cryptographic Hash is added to generate certification ciphertext, and cipher authentication, number are carried out by comparing certification ciphertext According to library, by server-side encryption/decryption module, temporally the period generates key encryption at random, and above scheme can effectively ensure that data pass Defeated, cipher authentication and data preserve the safety of whole process.
The above, only presently preferred embodiments of the present invention, the invention is not limited in the above embodiments, as long as It reaches the technique effect of the present invention with identical means, should all belong to the scope of protection of the present invention.In the protection model of the present invention Its technical solution and/or embodiment can have a variety of different modifications and variations in enclosing.

Claims (8)

1. a kind of Verification System, including client and server-side, which is characterized in that the client includes input module and first Encrypting module;
The server-side includes authentication module and the second encrypting module;Wherein,
The input module obtains information to be certified, and first encrypting module encrypts the information to be certified, and described second adds Close module decrypts the information to be certified, and whether the authentication module verifies the information to be certified correct.
2. a kind of Verification System according to claim 1, which is characterized in that the client and service end group are in PKI-CA System realizes basic verification.
3. a kind of Verification System according to claim 1 or 2, which is characterized in that first encrypting module and described the Two encrypting modules are negotiated to obtain encryption key;
The encryption key is there are the pot life, and when meeting the preset time limit, first encrypting module is encrypted with described second Module is renegotiated to update encryption key.
4. a kind of Verification System according to claim 3, which is characterized in that further include adding salt module, described plus salt module It connects the input module and adds information to be certified described in salt.
5. a kind of Verification System according to claim 1, which is characterized in that further include data memory module.
6. a kind of authentication method is suitable for system described in claim 4, which is characterized in that including step:
Client obtains information to be certified, and key application is proposed to server-side;
Server-side generates encrypted public key;
Client parses the encrypted public key, will be several by information to be certified progress Hash operation to obtain information cryptographic Hash Add salt figure to be inserted into described information cryptographic Hash to generate information character string, calculate the information character string to obtain character string cryptographic Hash, Use character string cryptographic Hash described in public key and encryption keys;
Character string cryptographic Hash after the more preset right value of server-side and encryption, is unanimously then verified.
7. a kind of authentication method according to claim 6, which is characterized in that the server-side is based on RSA Algorithm and generates public affairs Key, private key, using encryption key and based on public key described in symmetric encipherment algorithm 3DES encryption to generate encrypted public key.
8. a kind of authentication method according to claim 6, which is characterized in that the Hash operation is the Kazakhstan based on SHA512 Uncommon operation.
CN201810208496.XA 2018-03-14 2018-03-14 A kind of Verification System and method Pending CN108650210A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810208496.XA CN108650210A (en) 2018-03-14 2018-03-14 A kind of Verification System and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810208496.XA CN108650210A (en) 2018-03-14 2018-03-14 A kind of Verification System and method

Publications (1)

Publication Number Publication Date
CN108650210A true CN108650210A (en) 2018-10-12

Family

ID=63744229

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810208496.XA Pending CN108650210A (en) 2018-03-14 2018-03-14 A kind of Verification System and method

Country Status (1)

Country Link
CN (1) CN108650210A (en)

Cited By (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109547459A (en) * 2018-12-11 2019-03-29 航天信息股份有限公司 A kind of method and system of authorization terminal equipment printing electronic bill
CN109756343A (en) * 2019-01-31 2019-05-14 平安科技(深圳)有限公司 Authentication method, device, computer equipment and the storage medium of digital signature
CN109936447A (en) * 2019-01-31 2019-06-25 平安科技(深圳)有限公司 Encryption and authentication method, system and computer equipment based on timestamp
CN109934017A (en) * 2019-03-12 2019-06-25 苏州科达科技股份有限公司 Check information generates and file integrality method of calibration, system, equipment and medium
CN110519300A (en) * 2019-09-24 2019-11-29 杭州字节信息技术有限公司 Client key method for secure storing based on password bidirectional authentication
CN110535868A (en) * 2019-09-05 2019-12-03 山东浪潮商用系统有限公司 Data transmission method and system based on Hybrid Encryption algorithm
CN111107038A (en) * 2018-10-25 2020-05-05 山东量子科学技术研究院有限公司 Encryption method, decryption method and device
CN111177693A (en) * 2019-12-11 2020-05-19 福建魔方电子科技有限公司 Method, device, equipment and medium for verifying terminal root certificate
CN111611552A (en) * 2020-05-21 2020-09-01 浩云科技股份有限公司 License authorization method and device based on combination of software and hardware
CN111917535A (en) * 2020-06-30 2020-11-10 山东信通电子股份有限公司 Data encryption storage method and device and server
CN112417393A (en) * 2020-11-02 2021-02-26 深圳依时货拉拉科技有限公司 Identity verification method and device, computer equipment and computer readable storage medium
CN112507365A (en) * 2020-12-16 2021-03-16 平安银行股份有限公司 Data matching method, terminal and storage medium
CN112685756A (en) * 2020-12-30 2021-04-20 北京海泰方圆科技股份有限公司 Data writing and reading method, device, medium and equipment
CN112702305A (en) * 2019-10-23 2021-04-23 中电智能科技有限公司 System access authentication method and device
CN112787996A (en) * 2020-12-25 2021-05-11 郑州信大捷安信息技术股份有限公司 Password equipment management method and system
CN113130031A (en) * 2021-05-18 2021-07-16 中南大学湘雅三医院 PKI-based intercourse electronic medical record interaction system, method, equipment and storage medium
CN113382400A (en) * 2021-06-01 2021-09-10 广州朗国电子科技有限公司 Method for setting screen parameter by using NFC
CN113411321A (en) * 2021-06-15 2021-09-17 国网电子商务有限公司 Block chain-based electricity consumption data acquisition method and system
CN114499859A (en) * 2022-03-22 2022-05-13 深圳壹账通智能科技有限公司 Password verification method, device, equipment and storage medium
CN114978525A (en) * 2022-04-26 2022-08-30 邹瀚霆 Data security authentication method and system based on BIM
CN115913672A (en) * 2022-11-02 2023-04-04 广州市南方人力资源评价中心有限公司 Electronic file encryption transmission method, system, terminal equipment and computer medium
CN117521160A (en) * 2024-01-05 2024-02-06 中安网脉(北京)技术股份有限公司 SM2 private key authorization code quick verification method and application thereof

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105721390A (en) * 2014-12-01 2016-06-29 阿里巴巴集团控股有限公司 Encrypted storage method and encrypted storage device
CN106656476A (en) * 2017-01-18 2017-05-10 腾讯科技(深圳)有限公司 Password protecting method and device
CN107104787A (en) * 2017-04-26 2017-08-29 山东开创云软件有限公司 A kind of cipher set-up method for resisting password cracking
CN107395344A (en) * 2017-07-18 2017-11-24 北京深思数盾科技股份有限公司 User profile guard method and device
CN107454048A (en) * 2016-06-01 2017-12-08 腾讯科技(深圳)有限公司 The processing method and processing device of information, the authentication method of information, apparatus and system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105721390A (en) * 2014-12-01 2016-06-29 阿里巴巴集团控股有限公司 Encrypted storage method and encrypted storage device
CN107454048A (en) * 2016-06-01 2017-12-08 腾讯科技(深圳)有限公司 The processing method and processing device of information, the authentication method of information, apparatus and system
CN106656476A (en) * 2017-01-18 2017-05-10 腾讯科技(深圳)有限公司 Password protecting method and device
CN107104787A (en) * 2017-04-26 2017-08-29 山东开创云软件有限公司 A kind of cipher set-up method for resisting password cracking
CN107395344A (en) * 2017-07-18 2017-11-24 北京深思数盾科技股份有限公司 User profile guard method and device

Cited By (34)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111107038A (en) * 2018-10-25 2020-05-05 山东量子科学技术研究院有限公司 Encryption method, decryption method and device
CN111107038B (en) * 2018-10-25 2022-07-29 山东量子科学技术研究院有限公司 Encryption method, decryption method and device
CN109547459A (en) * 2018-12-11 2019-03-29 航天信息股份有限公司 A kind of method and system of authorization terminal equipment printing electronic bill
CN109936447A (en) * 2019-01-31 2019-06-25 平安科技(深圳)有限公司 Encryption and authentication method, system and computer equipment based on timestamp
WO2020155779A1 (en) * 2019-01-31 2020-08-06 平安科技(深圳)有限公司 Method and apparatus for authenticating digital signature, computer device and storage medium
CN109756343A (en) * 2019-01-31 2019-05-14 平安科技(深圳)有限公司 Authentication method, device, computer equipment and the storage medium of digital signature
CN109936447B (en) * 2019-01-31 2021-10-08 平安科技(深圳)有限公司 Encryption and authentication method and system based on timestamp and computer equipment
CN109756343B (en) * 2019-01-31 2021-07-20 平安科技(深圳)有限公司 Authentication method and device for digital signature, computer equipment and storage medium
CN109934017A (en) * 2019-03-12 2019-06-25 苏州科达科技股份有限公司 Check information generates and file integrality method of calibration, system, equipment and medium
CN110535868A (en) * 2019-09-05 2019-12-03 山东浪潮商用系统有限公司 Data transmission method and system based on Hybrid Encryption algorithm
CN110519300A (en) * 2019-09-24 2019-11-29 杭州字节信息技术有限公司 Client key method for secure storing based on password bidirectional authentication
CN110519300B (en) * 2019-09-24 2021-08-06 杭州字节信息技术有限公司 Client-side secret key safe storage method based on password bidirectional authentication
CN112702305B (en) * 2019-10-23 2023-05-16 中电智能科技有限公司 System access authentication method and device
CN112702305A (en) * 2019-10-23 2021-04-23 中电智能科技有限公司 System access authentication method and device
CN111177693B (en) * 2019-12-11 2022-08-16 福建魔方电子科技有限公司 Method, device, equipment and medium for verifying terminal root certificate
CN111177693A (en) * 2019-12-11 2020-05-19 福建魔方电子科技有限公司 Method, device, equipment and medium for verifying terminal root certificate
CN111611552A (en) * 2020-05-21 2020-09-01 浩云科技股份有限公司 License authorization method and device based on combination of software and hardware
CN111611552B (en) * 2020-05-21 2023-04-07 浩云科技股份有限公司 License authorization method and device based on combination of software and hardware
CN111917535A (en) * 2020-06-30 2020-11-10 山东信通电子股份有限公司 Data encryption storage method and device and server
CN112417393A (en) * 2020-11-02 2021-02-26 深圳依时货拉拉科技有限公司 Identity verification method and device, computer equipment and computer readable storage medium
CN112507365A (en) * 2020-12-16 2021-03-16 平安银行股份有限公司 Data matching method, terminal and storage medium
CN112507365B (en) * 2020-12-16 2023-08-22 平安银行股份有限公司 Data matching method, terminal and storage medium
CN112787996A (en) * 2020-12-25 2021-05-11 郑州信大捷安信息技术股份有限公司 Password equipment management method and system
CN112685756A (en) * 2020-12-30 2021-04-20 北京海泰方圆科技股份有限公司 Data writing and reading method, device, medium and equipment
CN113130031A (en) * 2021-05-18 2021-07-16 中南大学湘雅三医院 PKI-based intercourse electronic medical record interaction system, method, equipment and storage medium
CN113382400A (en) * 2021-06-01 2021-09-10 广州朗国电子科技有限公司 Method for setting screen parameter by using NFC
CN113411321A (en) * 2021-06-15 2021-09-17 国网电子商务有限公司 Block chain-based electricity consumption data acquisition method and system
CN114499859A (en) * 2022-03-22 2022-05-13 深圳壹账通智能科技有限公司 Password verification method, device, equipment and storage medium
CN114978525A (en) * 2022-04-26 2022-08-30 邹瀚霆 Data security authentication method and system based on BIM
CN114978525B (en) * 2022-04-26 2023-10-13 深筑城市科技(深圳)有限公司 BIM-based data security authentication method and system
CN115913672A (en) * 2022-11-02 2023-04-04 广州市南方人力资源评价中心有限公司 Electronic file encryption transmission method, system, terminal equipment and computer medium
CN115913672B (en) * 2022-11-02 2023-09-01 广州市南方人力资源评价中心有限公司 Electronic file encryption transmission method, system, terminal equipment and computer medium
CN117521160A (en) * 2024-01-05 2024-02-06 中安网脉(北京)技术股份有限公司 SM2 private key authorization code quick verification method and application thereof
CN117521160B (en) * 2024-01-05 2024-03-19 中安网脉(北京)技术股份有限公司 SM2 private key authorization code quick verification method and application thereof

Similar Documents

Publication Publication Date Title
CN108650210A (en) A kind of Verification System and method
US5418854A (en) Method and apparatus for protecting the confidentiality of passwords in a distributed data processing system
US8306228B2 (en) Universal secure messaging for cryptographic modules
US9330245B2 (en) Cloud-based data backup and sync with secure local storage of access keys
US9197411B2 (en) Protocol and method for client-server mutual authentication using event-based OTP
CN108599925B (en) Improved AKA identity authentication system and method based on quantum communication network
US8291231B2 (en) Common key setting method, relay apparatus, and program
US8868909B2 (en) Method for authenticating a communication channel between a client and a server
CN110519300B (en) Client-side secret key safe storage method based on password bidirectional authentication
US10177921B2 (en) Secure login without passwords
WO2009155813A1 (en) Method for storing encrypted data in client and system thereof
CN108599926B (en) HTTP-Digest improved AKA identity authentication system and method based on symmetric key pool
JP2012235214A (en) Encryption communication device and encryption communication system
JPH10154977A (en) User certification system and method therefor
CN105471896B (en) Proxy Method, apparatus and system based on SSL
CN110493177A (en) Based on unsymmetrical key pond to and sequence number quantum communications service station AKA cryptographic key negotiation method and system
JPH10340255A (en) System for authenticating network user
Das et al. A decentralized open web cryptographic standard
CN114765543A (en) Encryption communication method and system of quantum cryptography network expansion equipment
CN108551391A (en) A kind of authentication method based on USB-key
JP4937921B2 (en) A secure interface for generic key derivation function support
Thuc et al. A Sofware Solution for Defending Against Man-in-the-Middle Attacks on Wlan
JP6165044B2 (en) User authentication apparatus, system, method and program
US11876789B2 (en) Encrypted data communication and gateway device for encrypted data communication
CN117714185A (en) Bank counter data processing method and system based on cryptographic algorithm

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20181012