CN108924164A - A method of based on the synchronous two-pass cipher of Internet of Things - Google Patents
A method of based on the synchronous two-pass cipher of Internet of Things Download PDFInfo
- Publication number
- CN108924164A CN108924164A CN201810939914.2A CN201810939914A CN108924164A CN 108924164 A CN108924164 A CN 108924164A CN 201810939914 A CN201810939914 A CN 201810939914A CN 108924164 A CN108924164 A CN 108924164A
- Authority
- CN
- China
- Prior art keywords
- internet
- things
- user
- synchronous
- corresponding relationship
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
The invention discloses a kind of method and devices of two-pass cipher synchronous based on Internet of Things, when providing user's login system, system and user pass through the corresponding relationship between the synchronous foundation of Internet of Things, system synchronizes the method synchronized identifying user identity and user based on Internet of Things to generate modification logging using Internet of Things.Method of the present invention includes according to the process of user's login system, and system establishes the Internet of Things corresponding relationship between user and system, and obtains the Internet of Things information for needing user to confirm;Object security code can be used to protect confirmed Internet of Things information in user, or the anti-repudiation relationship being digitally signed to the Internet of Things information to establish between system;Accordingly, user is able to use object and protects equipment to generate the password based on the synchronous login system of Internet of Things;The method of the invention further includes that system is according to the Internet of Things corresponding relationship between the user and system established, to identify user identity and verifying modification logging.
Description
The application is to be to submit on December 12nd, 2013 applying date application No. is 201310671803.5, entitled
The divisional application of Chinese invention patent application based on the synchronous cryptographic system of Internet of Things.
Technical field
The present invention relates to the technical fields such as the management of user and password and its application specifically to relate generally to need
Identify anti-counterfeiting, illegal, attack protection and anti-repudiation involved in application field of user identity and verifying modification logging etc.
The two-pass cipher synchronous based on Internet of Things method.
Background technique
As the fields such as ATM terminal, POS machine, e-commerce, Web bank, online game are close using mould using a card one
The increasingly extensive and popularization and improvement of formula because card is cloned, password leakage, steal account etc. caused by dispute in rising year by year
Trend, while huge loss of economic benefit is brought to user side and service side.
Currently, the industries such as bank, insurance, social security, telecommunication, electric business and network game are related to user identity proof and password authentification
The close cipher mode of a card one is generallyd use when Deng application, or by increasing the rings such as mobile phone note verification code, security card, general order
Section is to reinforce the close safety of card;Network application also encourages user to use the password of one-time pad, it is intended to enhance network application
Safety.Since mobile phone note verification code is sent out by service side and is controlled by the user and has neither part nor lot in user, vulnerable to fishing or puppet
Card, pseudo-base station attack;It is made of based on the security card of event synchronization the number fixed and permutation and combination collection is too small, vulnerable to wooden horse
Screenshotss and replication attacks;And dynamic password of the general order category based on time synchronization, equally vulnerable to wooden horse cut code with when synchronous
Interior carry out Replay Attack;The essence of one-time pad still falls within the close cipher mode of a card one, vulnerable to fishing mode and playback
The attack of mode.Therefore, an one close cipher mode of card, when, there are when third party, existing always between service side and user side
Security risk.
Summary of the invention
The embodiment of the present invention provides a kind of method and device thereof of two-pass cipher synchronous based on Internet of Things, to solve one
Block the safety problem of a close cipher mode.
The embodiment of the present invention provides a kind of method of two-pass cipher synchronous based on Internet of Things, includes the following steps:
System is established between the corresponding relationship between user and user password, user password and object security code according to user information
Corresponding relationship, object security code and object protect the corresponding relationship between equipment;
User's login system, it is synchronous that system according to the Internet of Things corresponding relationship between user and system establishes the first Internet of Things, and by
One Internet of Things synchronous coding is sent to user at Internet of Things coding;
The object of user protects equipment and receives Internet of Things coding, under the control of object security code, protects equipment for the received Internet of Things of institute using object
Coding mapping submits to system at modification logging;
System receives modification logging, and it is synchronous according to the Internet of Things corresponding relationship between modification logging and system to establish the second Internet of Things;
This method includes:
User submits user password to system;
System receives user password, and it is synchronous according to the Internet of Things corresponding relationship between user password and system to establish third Internet of Things;
This method further includes:
System according to the first Internet of Things it is synchronous with the second Internet of Things synchronize identify the user identity of modification logging, and according to the correspondence
Relationship verifies modification logging;
System is synchronous according to the first Internet of Things, the second Internet of Things are synchronous, third Internet of Things synchronize the user identity to identify user password, and
User password is verified according to the corresponding relationship.
The embodiment of the present invention provides a kind of device of two-pass cipher synchronous based on Internet of Things, comprises the following modules:
Memory module, for saving user information, including but not limited to account information, user password, object security code, object guarantor is set
Standby, object protect synchronous module, Internet of Things, modification logging and its between corresponding relationship;
Internet of Things module, for according to the Internet of Things relationship of the Internet of Things relationship of user and system, modification logging and system, user password with
It is synchronous to establish corresponding Internet of Things respectively for Internet of Things relationship between system;
Object protects module, sends and receives for what 1. Internet of Things synchronized;2. Internet of Things synchronous coding is encoded at Internet of Things;3. maintaining secrecy in object
Under the control of code, modification logging is generated according to Internet of Things coding mapping;
The device includes:
Identification module, for, the modification logging synchronous with Internet of Things according to user and Internet of Things between synchronous, user password and Internet of Things synchronization
Corresponding relationship identify user identity;
The device further includes:
Authentication module, according to the corresponding relationship and Internet of Things synchronization and object breath information-preserving, to verify modification logging and user password.
Described in the embodiment of the present invention, corresponding relationship, user password and the object security code between user and user password are established
Between corresponding relationship and object security code and object protect the corresponding relationship between equipment;Wherein, object guarantor means that Internet of Things are protected, object
Connection refers to physical connection, including but not limited to, 1. code related with user, card, password, equipment or terminal etc.;2. with being
It unites related terminal, equipment, platform.The object of user protects equipment, and mobile device, desk-top is set tablet device
Standby, USB device, card-type device etc..During user's login system, 1. user corresponds to system terminal, and system is accordingly
The Internet of Things relationship between user and system terminal is generated, and it is synchronous to establish the first Internet of Things between user and system terminal;2. using
Modification logging is submitted to system by system terminal in family, and system generates the pass of the Internet of Things between modification logging and system terminal accordingly
System, and it is synchronous to establish the second Internet of Things between modification logging and system terminal;3. user is submitted to system by system terminal and is used
Family password, system generate the Internet of Things relationship between user password and system terminal accordingly, and establish user password and system end
Third Internet of Things between end are synchronous;Synchronous this user of composition synchronous with third Internet of Things synchronous with the second Internet of Things of first Internet of Things steps on
The Internet of Things of land system are synchronous.The embodiment of the present invention includes, system is synchronous with Internet of Things according to user, modification logging and Internet of Things are synchronous,
Corresponding relationship between user password is synchronous with Internet of Things identifies user identity;User is synchronous with Internet of Things by modification logging
Corresponding relationship, the user password corresponding relationship synchronous with Internet of Things, come the anti-repudiation relationship established between user and system;To
It can effectively prevent stealing the malfeasance that attacks and the malicious conspiracies such as brush, playback, fishing, wooden horse are swiped the card.The present invention
Embodiment further includes, and system is synchronous by the Internet of Things between reversely tracing user and system according to the corresponding relationship, and
Corresponding user information, user terminal, object protect equipment, object security code, modification logging, user password etc., and system can effectively be known
Other login user identity and establish relation of trust between user and system.
Detailed description of the invention
Fig. 1 is flow chart of the embodiment of the present invention;
Fig. 2 is the object guarantor flow chart synchronous based on Internet of Things of the embodiment of the present invention;
Fig. 3 is the identification trace flow figure synchronous based on Internet of Things of the embodiment of the present invention;
Fig. 4 is system construction drawing of the embodiment of the present invention.
Specific embodiment
In embodiments of the present invention, management information system presets the corresponding relationship of user and user password, Yi Jijian
Corresponding relationship, object security code and the object of vertical user password and object security code protect the corresponding relationship of equipment;In this way, system can be by object
In conjunction with Internet of Things corresponding to step coding submit to user object protect equipment, by user using object security code by Internet of Things coding mapping at
Modification logging.The embodiment of the invention also includes system is same with Internet of Things according to user, object guarantor equipment, modification logging, user password etc.
Corresponding relationship between step closes to identify user identity and tracking illegal user according to modification logging and the corresponding of Internet of Things synchronization
System, the user password corresponding relationship synchronous with Internet of Things are come the anti-repudiation relationship established between user and system.According to the correspondence
Relationship, system establish one time between reliable modification logging and system between cryptographic relationship and user password and system
Two-pass cipher relationship.
Shown in Figure 1, the method for the embodiment of the present invention comprises the steps of:
Step 11, user has code and corresponding account, password and equipment of uniqueness etc..
Specific implementation process is as follows:
When user opens an account, system invests one group of unique code of every user, the code can store in card or other set
In standby.User selects user password and object security code and is stored in the account of system foundation, and user's selection and binding object guarantor set
It is standby.
Step 12, the management information system of the embodiment of the present invention, the corresponding relationship established between user and user password are used
Corresponding relationship between family password and object security code, and establish the corresponding relationship between object security code and object guarantor's equipment.
Firstly, system establishes the first corresponding relationship of user and user password, user password and object security code are then established
The second corresponding relationship.Object protects the equipment that equipment inclusion is protected module and selected by system intialization in user, and such as mobile device is put down
Plate or portable or desktop computer, USB device, card-type device etc., system are established object accordingly and are protected between equipment and object security code
Third corresponding relationship.
Step 13, according to the Internet of Things corresponding relationship generation between user and system in conjunction with step.
Specific implementation process, can be as follows:
Firstly, we are by the terminal of 1. personal code work card insertion system, for example, ATM machine, POS machine, sales counter front end machine etc.;Or
It is that 2. user passes through system terminal input code or password;Either, 3. the processes such as network platform of user's login system claim
For landfall process.User's code related with landfall process and card, password, equipment etc. be known as user or user terminal, system with
The related terminal of landfall process, post, equipment, platform etc. are known as system or system terminal, and system is according to user's login system
Internet of Things corresponding relationship in the process, it is synchronous to establish the Internet of Things between user and system, including between user and system terminal
First Internet of Things are synchronous, the second Internet of Things between modification logging and system terminal are synchronous, the between user password and system terminal
Three Internet of Things are synchronous.
Step 14, user by Internet of Things synchronization map at modification logging, and submission system.
Realization process includes but is not limited to, firstly, system is according between user and system terminal when user's login system
Internet of Things corresponding relationship, the first Internet of Things established between user and system terminal are synchronous;Then, the first Internet of Things are synchronized and are compiled by system
Code encodes A at Internet of Things, and the object for being sent to user protects equipment.
The first Internet of Things that object guarantor's equipment of user receives system transmission synchronize corresponding Internet of Things coding A, use object security code A
Internet of Things coding A is mapped to modification logging A, then modification logging A is submitted to by system by system terminal by user.
System terminal is sent to system after receiving the modification logging A that user submits;System is according to modification logging A and system
Internet of Things corresponding relationship between terminal, it is synchronous come the second Internet of Things for establishing between modification logging A and system terminal.System mentions respectively
Take the first Internet of Things synchronize in element related with user and the second Internet of Things it is synchronous in the first verifying of element related with system construction
Internet of Things are synchronous;Then, system synchronizes corresponding personal code work according to the first Internet of Things and obtains corresponding object security code B, reuses
First verifying Internet of Things are synchronized corresponding Internet of Things coding B and are mapped to modification logging B by the object security code B;And if only if logging in
When password A is equal to modification logging B, the Internet of Things established between this user, modification logging A and system synchronize corresponding establishment, object
The third corresponding relationship protected between equipment and object security code is verified, between modification logging A and system a cryptographic relationship
It sets up.
Step 15, user submits user password to system.
Realization process includes but is not limited to that after the modification logging that user submits obtains system verifying, system terminal allows simultaneously
Receive user and submits user password.
User submits user password A by system terminal, and user password A is sent to system by system terminal;System according to
Internet of Things corresponding relationship between user password A and system terminal, come the third object established between user password A and system terminal
In conjunction with step.Firstly, system extract respectively the first Internet of Things synchronize in element related with user, the second Internet of Things it is synchronous in set with object guarantor
Standby related element is synchronous in conjunction with the second verifying Internet of Things of element related with system in step construction with third object one;Then, system
Corresponding personal code work is synchronized according to the first Internet of Things and obtains corresponding object security code C, reuses the object security code C for second
Verifying Internet of Things synchronize corresponding Internet of Things coding C and are mapped to modification logging C;And if only if modification logging C is equal to modification logging A
When, the first Internet of Things are obtained further according to the corresponding relationship and synchronize corresponding personal code work, and are used according to the first corresponding relationship
User password B corresponding to the code of family;And if only if when user password A is equal to user password B, between user and user password
The first corresponding relationship be verified, two-pass cipher relationship between user password A and system is set up.
The embodiment of the present invention is described in further detail with reference to the accompanying drawings of the specification.
The embodiment of the present invention is one of synchronous with Internet of Things, i.e., user logs in bank management information system by ATM in bank
System carries out for account operation, wherein personal code work is stored in card, and user selects mobile phone to protect equipment as object.Reference Fig. 2,
Process is protected based on the synchronous object of Internet of Things for the embodiment of the present invention, it is specific to execute shown in steps are as follows:
Step 201, in the MIS in the bank of the embodiment of the present invention, the code of every user all existence anduniquess passes through
The data of filing of user can be inquired or be verified to this code, account information, account's flowing water, user password, object security code, object guarantor set
It is standby, Internet of Things are synchronous, modification logging etc., and these user informations have corresponding information coding.In the process of user's login system
In, user's related code synchronous with Internet of Things and card, password, terminal, equipment, platform, time and address etc. have corresponding letter
Breath coding.
Step 202, the MIS in the bank of the embodiment of the present invention is established corresponding database for every user, is used
In storage user information, Internet of Things it is synchronous and its between corresponding relationship.During user's login system, system is same with Internet of Things
Walking related terminal, equipment, platform, time and address etc. also has corresponding information coding.
Step 203, according to the Internet of Things process of user's login system, the Internet of Things established between user and system are synchronous.
During the Internet of Things of user's login system of the embodiment of the present invention, system establish 1. personal code work card and ATM machine it
Between the first Internet of Things it is synchronous;2. the second Internet of Things between modification logging and ATM machine are synchronous;3. between user password and ATM machine
Third Internet of Things are synchronous.
Sub-step 211 establishes the Internet of Things relationship of user and landfall process.
It is assumed that personal code work is 4,367 4,238 1,313 0,497 633, user is at the plug-in card time embodiment of the present invention
2013 0820 0928 57;Then, system uses personal code work and user's plug-in card time, logs in ATM machine to establish the user
Internet of Things relationship.
Sub-step 221 establishes the Internet of Things relationship of system and landfall process.
The embodiment of the present invention is it is further assumed that the ATM machine code that logs in of user's plug-in card is 8,600 7551, ATM machine address
Code be 610,041 02 08, ATM machine receive user's plug-in card time be 2,013 0,820 092857;Then, system uses ATM machine generation
Code, ATM machine address code and ATM machine receive user's plug-in card time, to establish the Internet of Things relationship of system and landfall process.
Step 204, the Internet of Things for needing object to protect are obtained and synchronize corresponding Internet of Things coding.
User logs in banking system by ATM machine using personal code work card, and system is according between personal code work card and ATM machine
Internet of Things relationship to establish the first Internet of Things synchronous.Wherein, personal code work uses 19 decimal codeds;ATM machine code uses 8
Decimal coded;The Internet of Things time uses 14 decimal codeds of date Hour Minute Second;Station address is identical as ATM machine address,
Its code is made of 6 line number+2 of postcode+2 codings, for example, ATM machine address:Sichuan Chengdu Renminnan Road four sections No. 21
Postcode be 610041, Construction Bank's line number be 02, which is encoded to 08;According to above-mentioned corresponding relationship, system obtain user with
The first Internet of Things between ATM machine synchronize corresponding Internet of Things coding, specific as follows:
Personal code work:4367 4238 1313 0497 633
Station address:610041 02 08
The Internet of Things time:2013 0820 0928 57
ATM machine code:8600 7551
ATM machine address:610041 02 08
Sub-step 222, system establish user's corresponding relationship synchronous with the first Internet of Things.
System extracts personal code work when user's login system, for example, the personal code work of the embodiment of the present invention is assumed to be
4367 4,238 1,313 0,497 633, and the personal code work corresponding relationship synchronous with the first Internet of Things is established accordingly.
Sub-step 212, user setting object security code.
User selects one group of number as object security code and saves in systems.Present embodiment assumes that object security code is
100757。
Sub-step 213, user's candidate protect equipment.
System intialization simultaneously binds object guarantor's module in object guarantor's equipment that user selects, and each object, which protects module, corresponding generation
Code.In the present embodiment, user selects mobile phone to protect equipment as object;It is assumed that user mobile phone identification code is
357683002201996, it is 02 028 00870219 that object, which protects block code,.
Step 205, user synchronizes corresponding Internet of Things according to the first Internet of Things and encodes, and mapping generates modification logging, and passes through
ATM machine window submits to system.
The generation of modification logging includes but is not limited to following manner:
In the embodiment of the present invention, modification logging is made of 6 decimal numbers, by user using object guarantor's module and in object security code
The lower mapping of control generates;Wherein, object security code is made of 6 decimal numbers, presets and be stored in system, example for user
Such as, 100757.System intialization protects module coding in the object that the object of user is protected in equipment ,+area code+can be set by Routing Number
Standby serial number forms, for example, 02 028 00870219.Object, which protects module, can use one-way function algorithm, for convenience of description, this reality
It applies an object and protects module using the MD5 algorithm of one-way Hash algorithm, and generate modification logging using mapping ruler and coding rule.
Coding rule can be to be formed to by the obtained mapping digital combination of mapping ruler, for example, first that mapping is the digital position 1-8
After 9-16 step-by-step exclusive or, take respectively first 1 and 2, it is 8 and 9 intermediate, rear 15 and 16 bit mapping it is digital, then it is pressed respectively
10 remainder of mould:
Mapping ruler:MD5 (MD5 (MD5 ((Internet of Things coding)+object protects module)+object security code))
Internet of Things coding:4367 4238 1313 0495 633
610041 02 08
2013 0820 0928 57
8600 7551
610041 02 08
Object protects module:02 028 00870219
Object security code:10 07 57
Mapping is digital:3MUaidRJEDpIfjxD
Modification logging:37 49 08
Sub-step 223, it is synchronous that system according to the Internet of Things relationship between modification logging and ATM machine establishes the second Internet of Things.
Personal code work:4367 4238 1313 0495 633
Modification logging:37 49 08
Station address:610041 02 08
The Internet of Things time:2013 0820 0929 36
ATM machine code:8600 7551
ATM machine address:610041 02 08
Sub-step 214 establishes the corresponding relationship of user and user password.
User selects one group of number as user password and saves in systems, present embodiment assumes that, the use of user's selection
Family password is 680820, and system establishes the corresponding relationship with user password according to personal code work.
Step 206, user password is submitted to system by ATM machine window by user.
After ATM machine receives the user password of user's submission, system is sent jointly to together with ATM machine element.
Sub-step 224, it is synchronous that system according to the Internet of Things relationship between user password and ATM machine establishes third Internet of Things.
Personal code work:4367 4238 1313 0495 633
User password:68 08 20
Station address:610041 02 08
The Internet of Things time:2013 0820 0930 19
ATM machine code:8600 7551
ATM machine address:610041 02 08
The embodiment of the present invention includes system is synchronous according to the Internet of Things between user and system and object is protected to identify user identity and chase after
Track user information, referring to Fig. 3, detailed process is as follows:
Step 301, when user establishes account, system distributes to the unique personal code work of the user, and establishes the personal code work pair
User password, object security code and the object answered protect equipment;It is specific as follows:
Personal code work:4367 4238 1313 0495 633
User password:68 08 20
Object security code:10 07 57
Object protects equipment:357683002201996
Step 302, system intialization object is protected module and is protected in equipment in the object of user, and it is close with user further to establish personal code work
Code, user password and object security code, object security code and object protect the corresponding relationship between module;It is as follows that object protects block code:
Object protects module:02 028 00870219
Step 303, user's login system:System is according to the Internet of Things corresponding relationship between user and system terminal, to establish first
Internet of Things are synchronous.
Sub-step 311, system establish user's corresponding Internet of Things relationship synchronous with the first Internet of Things according to step 303.
Personal code work:4367 4238 1313 0495 633
Station address:610041 02 08
The plug-in card time:2013 0820 0928 57
Sub-step 321, system establish system terminal corresponding Internet of Things relationship synchronous with the first Internet of Things according to step 303.
ATM machine code:8600 7551
ATM machine address:610041 02 08
Step 304, user inputs modification logging by ATM machine window;System is according to the object between modification logging and system terminal
Join corresponding relationship, it is synchronous to establish the second Internet of Things.
As follows, corresponding code is synchronized for the second Internet of Things:
Modification logging:37 49 08
Station address:610041 02 08
The Internet of Things time:2013 0820 0929 36
ATM machine code:8600 7551
ATM machine address:610041 02 08
Sub-step 312, system is protected according to Internet of Things information and object, come the anti-repudiation relationship established between user and system.
1. the Internet of Things information of user's confirmation:The object that Internet of Things information is shown in user is protected in equipment, after needing user to verify really
Recognize.
Personal code work:4367 4238 1313 0495 633
Address name:* vibration is peaceful
Station address:Sichuan Chengdu Renminnan Road four sections No. 21
The plug-in card time:2013 0820 0928 57
ATM machine code:8600 7551
ATM machine address:Sichuan Chengdu Renminnan Road four sections No. 21
2. object breath information-preserving corresponding to the modification logging that user generates:User carries out object to object breath information-preserving using object security code and protects label
Name.
Personal code work:4367 4238 1313 0495 633
Address name:* vibration is peaceful
User mobile phone:357683002201996
Object protects module:02 028 00870219
Object protects the time:2013 0820 0929 66
Object security code:10 07 57
Station address:610041 02 08
The plug-in card time:2013 0820 0928 57
ATM machine code:8600 7551
ATM machine address:610041 02 08
Sub-step 322, system protect to identify user identity according to modification logging and object.
1. the first Internet of Things synchronize element:
Personal code work:4367 4238 1313 0495 633
Address name:* vibration is peaceful
ATM machine code:8600 7551
2. the second Internet of Things synchronize element:
The plug-in card time:2013 0820 0928 57
ATM machine address:610041 02 08
3. system extracts the synchronous element of the first Internet of Things element synchronous with the second Internet of Things respectively and carries out the verifying that object protects signature.
Step 305, user inputs user password by ATM machine window;System is according between user password and system terminal
Internet of Things corresponding relationship, it is synchronous to establish third Internet of Things.
As follows, corresponding code is synchronized for third Internet of Things:
User password:68 08 20
Station address:610041 02 08
The Internet of Things time:2013 0820 0930 19;
ATM machine code:8600 7551
ATM machine address:610041 02 08
Sub-step 323, system protect to identify user identity according to user password and object.
1. the first Internet of Things synchronize element:
Personal code work:4367 4238 1313 0495 633
Address name:* vibration is peaceful
ATM machine code:8600 7551
2. the second Internet of Things synchronize element:
The plug-in card time:2013 0820 0928 57
ATM machine address:610041 02 08
3. system verifies the synchronous element of third Internet of Things according to the synchronous element of the first Internet of Things element synchronous with the second Internet of Things.
Sub-step 313, user use user password and object security code, and by confirmation object it is information-preserving breath come establish with system it
Between relation of trust.
The above method can construct a kind of device of two-pass cipher synchronous based on Internet of Things according to the present invention, referring to Fig. 4,
Device of the embodiment of the present invention based on the synchronous two-pass cipher of Internet of Things include:Memory module 451, Internet of Things module 452, object protect mould
Block 453.
Memory module 451 protects module 453 with Internet of Things module 452 and object respectively and is connected, for saving:1. user information and
Between corresponding relationship;2. the Internet of Things between user and system are synchronous;3. user synchronizes relevant code to Internet of Things, password, sets
It is standby etc.;4. system synchronizes relevant terminal, post, equipment and platform etc. to Internet of Things.
Internet of Things module 452 is connected with memory module 451, for generating during user's login system;1. user with
Internet of Things between system are synchronous;2. the Internet of Things between modification logging and system are synchronous;3. the Internet of Things between user password and system
It is synchronous.
Object protects module 453, is connected with memory module 451,1. for Internet of Things to be synchronized to corresponding code, by coding rule
It is encoded into Internet of Things coding;2. for Internet of Things coding mapping to be generated modification logging.
Device described in the embodiment of the present invention also includes:Identification module 461, tracing module 462 and authentication module 463.
Identification module 461 is connected with memory module 451, for identifying user's body according to Internet of Things synchronization and object breath information-preserving
Part:1. identifying the user identity of modification logging;2. identifying the user identity of user password.
Tracing module 462 is connected with identification module 461 and memory module 451, for what is saved according to memory module 451
User and the system corresponding relationship synchronous with Internet of Things, during tracking user's login system:1. code related to user, close
Code, equipment, address and time etc.;2. terminal system-related, equipment, platform, address and time etc..
Authentication module 463 is connected with identification module 461 and memory module 451, for 1. according between user and system
Internet of Things are synchronous, Internet of Things between modification logging and system synchronize verify modification logging;2. according to the object between user and system
Internet of Things in conjunction with the Internet of Things between step, modification logging and system between synchronous, user password and system synchronize close to verify user
Code.
Device described in the embodiment of the present invention, wherein memory module 451 further includes the first memory module, the second storage mould
Block, third memory module, the 4th memory module, the 5th memory module, the 6th memory module and the 7th memory module:
First memory module, for saving the first corresponding relationship between personal code work and user password;
Second memory module, for saving the second corresponding relationship between user password and object security code;
Third memory module, for saving the third corresponding relationship between object security code and object guarantor's module;
4th memory module, for save object protect module it is synchronous with Internet of Things between the 4th corresponding relationship;
5th memory module, it is synchronous for saving the first Internet of Things between user and system;
6th memory module, it is synchronous for saving the second Internet of Things between modification logging and system;
7th memory module, it is synchronous for saving the third Internet of Things between user password and system.
Device described in the embodiment of the present invention, wherein object protects module 452 and also includes:
First extraction module, for extract the first Internet of Things synchronize in code;
Second extraction module, for extract the second Internet of Things synchronize in code;
Third extraction module, for extract third Internet of Things synchronize in code.
Device described in the embodiment of the present invention, wherein object is protected module 453 and further included:
The coding method of code is arranged in coding rule, system;
Internet of Things are synchronized corresponding code coding according to coding rule and encoded at Internet of Things by coding module;
The object that Internet of Things synchronization or Internet of Things coding are sent to user is protected equipment by sending module, system;
Receiving module, user protect Internet of Things transmitted by equipment reception system using object and encode;
Mapping block, user is using object security code by Internet of Things coding mapping at modification logging.
Anti-repudiation module, for system to send Internet of Things coding in plain text, it is synchronous that user checks Internet of Things accordingly:1. confirm, user
Module mapping, which is protected, using object generates this modification logging;Or it is re-mapped comprising digital signature and generates this modification logging;2. negating
When, user protects module using object and submits refusal information to system;Or stop this logon operation.
Device described in the embodiment of the present invention, wherein memory module 451 further includes:
The close guarantor's module of password, 1. system carries out cryptoguard to user password using one-way hash function, so that user password exists
It is ciphertext always under storage state;2. system carries out object security code using user password ciphertext as key or part of key close
Code protection.
Password authentication module, the user password progress hash operations that system input user using one-way hash function at
Family cryptographic secret, then the user password ciphertext is compared with the user password ciphertext of storage.
Claims (3)
1. a kind of method of the two-pass cipher synchronous based on Internet of Things, which is characterized in that include the following steps:
(1) system is according to user information, establish corresponding relationship, user password and object security code between user and user password it
Between corresponding relationship, object security code and object protect the corresponding relationship between equipment;
(2) user's login system, it is synchronous that system according to the Internet of Things corresponding relationship between user and system establishes the first Internet of Things, and will
First Internet of Things synchronous coding is sent to user at Internet of Things coding;
(3) object of user protects equipment and receives Internet of Things coding, under the control of object security code, protects equipment for the received object of institute using object
Binding code is mapped to modification logging, and submits to system;
(4) system receives modification logging, and it is same according to the Internet of Things corresponding relationship between modification logging and system to establish the second Internet of Things
Step;
2. the method for the two-pass cipher synchronous based on Internet of Things according to claim 1, which is characterized in that the method is into one
Step includes:
User submits user password to system;
System receives user password, and it is synchronous according to the Internet of Things corresponding relationship between user password and system to establish third Internet of Things.
3. the method for the two-pass cipher synchronous based on Internet of Things according to claim 1, which is characterized in that the method is into one
Step includes:
System according to the first Internet of Things it is synchronous with the second Internet of Things synchronize identify the user identity of modification logging, and according to the correspondence
Relationship verifies modification logging;
System is synchronous according to the first Internet of Things, the second Internet of Things are synchronous, third Internet of Things synchronize the user identity to identify user password, and
User password is verified according to the corresponding relationship.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810939914.2A CN108924164B (en) | 2013-12-12 | 2013-12-12 | Method for secondary password based on Internet of things synchronization |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310671803.5A CN103684756B (en) | 2013-12-12 | 2013-12-12 | The cryptographic system synchronized based on Internet of Things |
| CN201810939914.2A CN108924164B (en) | 2013-12-12 | 2013-12-12 | Method for secondary password based on Internet of things synchronization |
Related Parent Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310671803.5A Division CN103684756B (en) | 2013-12-12 | 2013-12-12 | The cryptographic system synchronized based on Internet of Things |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108924164A true CN108924164A (en) | 2018-11-30 |
| CN108924164B CN108924164B (en) | 2020-04-24 |
Family
ID=50321155
Family Applications (3)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810939914.2A Expired - Fee Related CN108924164B (en) | 2013-12-12 | 2013-12-12 | Method for secondary password based on Internet of things synchronization |
| CN201310671803.5A Expired - Fee Related CN103684756B (en) | 2013-12-12 | 2013-12-12 | The cryptographic system synchronized based on Internet of Things |
| CN201810939912.3A Active CN108933669B (en) | 2013-12-12 | 2013-12-12 | Device of secondary password based on thing allies oneself with is synchronous |
Family Applications After (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310671803.5A Expired - Fee Related CN103684756B (en) | 2013-12-12 | 2013-12-12 | The cryptographic system synchronized based on Internet of Things |
| CN201810939912.3A Active CN108933669B (en) | 2013-12-12 | 2013-12-12 | Device of secondary password based on thing allies oneself with is synchronous |
Country Status (1)
| Country | Link |
|---|---|
| CN (3) | CN108924164B (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080291728A1 (en) * | 2007-04-24 | 2008-11-27 | Esin Terzioglu | Single-Poly Non-Volatile Memory Cell |
| CN101789864A (en) * | 2010-02-05 | 2010-07-28 | 中国工商银行股份有限公司 | On-line bank background identity identification method, device and system |
| CN101854628A (en) * | 2010-04-27 | 2010-10-06 | 王卫东 | Password verification system and password verification method |
| WO2012092735A1 (en) * | 2011-01-06 | 2012-07-12 | 西安电子科技大学 | Internet of things network system and data processing method |
| CN103108327A (en) * | 2011-11-15 | 2013-05-15 | 中国移动通信集团公司 | Method, device and system of verification of safety association between terminal equipment and user card |
| CN203180939U (en) * | 2013-03-28 | 2013-09-04 | 北京帕斯沃得科技有限公司 | Dynamic password input rule calculating and digital certificate token apparatus |
Family Cites Families (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101800645B (en) * | 2010-02-05 | 2012-02-08 | 中国工商银行股份有限公司 | Identity authentication method, device and system |
| CN201717873U (en) * | 2010-02-05 | 2011-01-19 | 中国工商银行股份有限公司 | Identity authentication device and system |
| CN102571702B (en) * | 2010-12-22 | 2014-11-05 | 中兴通讯股份有限公司 | Key generation method, system and equipment in Internet of things |
| KR101670522B1 (en) * | 2011-05-13 | 2016-10-28 | 주식회사 케이티 | Time Synchronization Method in Machine to Machine Communication System |
| CN102523240B (en) * | 2012-01-06 | 2016-08-03 | 北京邮电大学 | A kind of sensor resource integrated mechanism based on Internet of Things |
| CN102780698A (en) * | 2012-07-24 | 2012-11-14 | 南京邮电大学 | User terminal safety communication method in platform of Internet of Things |
| CN103023993B (en) * | 2012-11-28 | 2015-10-07 | 青岛双瑞海洋环境工程股份有限公司 | A kind of enterprise information system based on cloud computing |
| CN103106749B (en) * | 2012-12-25 | 2015-10-28 | 中国工商银行股份有限公司 | Bank service device, atm device, banking system and bank service system |
-
2013
- 2013-12-12 CN CN201810939914.2A patent/CN108924164B/en not_active Expired - Fee Related
- 2013-12-12 CN CN201310671803.5A patent/CN103684756B/en not_active Expired - Fee Related
- 2013-12-12 CN CN201810939912.3A patent/CN108933669B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080291728A1 (en) * | 2007-04-24 | 2008-11-27 | Esin Terzioglu | Single-Poly Non-Volatile Memory Cell |
| CN101789864A (en) * | 2010-02-05 | 2010-07-28 | 中国工商银行股份有限公司 | On-line bank background identity identification method, device and system |
| CN101854628A (en) * | 2010-04-27 | 2010-10-06 | 王卫东 | Password verification system and password verification method |
| WO2012092735A1 (en) * | 2011-01-06 | 2012-07-12 | 西安电子科技大学 | Internet of things network system and data processing method |
| CN103108327A (en) * | 2011-11-15 | 2013-05-15 | 中国移动通信集团公司 | Method, device and system of verification of safety association between terminal equipment and user card |
| CN203180939U (en) * | 2013-03-28 | 2013-09-04 | 北京帕斯沃得科技有限公司 | Dynamic password input rule calculating and digital certificate token apparatus |
Non-Patent Citations (1)
| Title |
|---|
| 罗志伟等: "基于物联网印章的银行支票交易系统", 《物联网技术》 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108933669A (en) | 2018-12-04 |
| CN108933669B (en) | 2021-02-09 |
| CN108924164B (en) | 2020-04-24 |
| CN103684756A (en) | 2014-03-26 |
| CN103684756B (en) | 2018-10-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105515783B (en) | Identity identifying method, server and certification terminal | |
| CN108833114A (en) | A kind of decentralization identity authorization system and method based on block chain | |
| CN101334884B (en) | Improve the method and system of account transfer safety | |
| CN101262349A (en) | SMS-based identity authentication method and device | |
| CN103986725A (en) | Client side, server side and identity authentication system and method | |
| CN102202300A (en) | System and method for dynamic password authentication based on dual channels | |
| CN103873244A (en) | Identity authentication method and system in mobile payment based on fingerprint identification | |
| TWI632798B (en) | Server, mobile terminal, and network real-name authentication system and method | |
| CN103971239A (en) | Verification method and device | |
| CN107592308A (en) | A kind of two server multiple-factor authentication method towards mobile payment scene | |
| CN103853950A (en) | Authentication method based on mobile terminal and mobile terminal | |
| CN102930435A (en) | Authentication method and system for mobile payment | |
| CN103971241A (en) | Two-channel payment method and system | |
| CN106953732A (en) | The key management system and method for chip card | |
| CN104079562A (en) | Safety authentication method based on payment terminal and related device | |
| CN105009140A (en) | Method and apparatus for managing passcode | |
| CN104376465A (en) | Safe mobile payment method | |
| CN105187463A (en) | Remote sharing method, VTM terminal, network side equipment, and system | |
| CN108259445A (en) | MS windows desktops Security Login System and its login method based on smart mobile phone | |
| KR101202245B1 (en) | System and Method For Transferring Money Using OTP Generated From Account Number | |
| CN106789977B (en) | Method and system for realizing mobile phone token based on key segmentation | |
| CN102170437A (en) | System and method for realizing Phishing identification based on challenge password token | |
| CN103139210A (en) | Method of safety authentication | |
| CN103297237A (en) | Identity registration method, identity authentication method, identity registration system, identity authentication system, personal authentication equipment and authentication server | |
| Pratama et al. | 2FMA-NetBank: A proposed two factor and mutual authentication scheme for efficient and secure internet banking |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20200331 Address after: 528000 c8068, No. 189, Foshan Avenue, Chancheng District, Foshan City, Guangdong Province (application for residence) Applicant after: Foshan new destiny Education Technology Co.,Ltd. Address before: 226661 No. 123 South Street, Qu Tang Town, Haian, Nantong, Jiangsu Applicant before: Jing Zhuqiang |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 528000 c8068, No. 189, Foshan Avenue, Chancheng District, Foshan City, Guangdong Province (application for residence) Patentee after: Guangdong new destiny Education Technology Co.,Ltd. Address before: 528000 c8068, No. 189, Foshan Avenue, Chancheng District, Foshan City, Guangdong Province (application for residence) Patentee before: Foshan new destiny Education Technology Co.,Ltd. |
|
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20200424 Termination date: 20211212 |