CN110336660B - Password generation method, verification method, corresponding device, system and storage medium - Google Patents
Password generation method, verification method, corresponding device, system and storage medium Download PDFInfo
- Publication number
- CN110336660B CN110336660B CN201910734852.6A CN201910734852A CN110336660B CN 110336660 B CN110336660 B CN 110336660B CN 201910734852 A CN201910734852 A CN 201910734852A CN 110336660 B CN110336660 B CN 110336660B
- Authority
- CN
- China
- Prior art keywords
- password
- user
- verification
- secret key
- random number
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/065—Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
- H04L9/0656—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the invention discloses a password generation method, a verification method, a corresponding device, a system and a storage medium. The password generation method comprises the following steps: the method comprises the steps of obtaining a preset shared secret key and password validation time input by a user, generating a user password corresponding to the user according to the shared secret key and the password validation time and combining a random number with a set length, and sending the user password to a user side of the user so that the user can obtain the user password. Compared with the prior art, the random number is introduced in the process of generating the user password, so that the generated user password is different even if the password validation time is the same, the user passwords obtained by different users at the same time are prevented from being repeated, and the user password is more controllable.
Description
Technical Field
The embodiment of the invention relates to the technical field of information security, in particular to a password generation method, a verification method, a corresponding device, a corresponding system and a storage medium.
Background
The Time-based One-Time Password (TOTP) algorithm is an algorithm that calculates a One-Time Password from a shared key and a current Time. The key objective of the algorithm is that a password generated independently at one end can be verified and passed at the opposite end within a certain time range.
In the prior art, the TOTP passwords generated based on the TOTP algorithm are the same within a certain time range, that is, the passwords acquired by different users within the time range are the same. When different users execute operations on the same electronic device by using the password, the background cannot distinguish the users of the password due to the same password, and further control over the users of the password is influenced. For example, in a room door lock, the door lock passwords acquired by different users are consistent within a certain time range, so that the background cannot be distinguished by who performs the door opening operation at all.
Disclosure of Invention
The embodiment of the invention provides a password generation method, a verification method, a corresponding device, a system and a storage medium, so as to better realize the management and control of passwords.
In a first aspect, an embodiment of the present invention provides a password generation method, applied to a password production end, including:
acquiring a preset shared secret key and password validation time input by a user;
and generating a user password corresponding to the user according to the shared secret key and the password validation time and by combining a random number with a set length, and sending the user password to a user side of the user so that the user can obtain the user password.
Optionally, the generating a user password corresponding to the user according to the shared secret key and the password validation time by combining a random number with a set length includes:
encrypting the shared secret key and the password validation time according to a preset encryption algorithm to generate a basic password;
mixing the random number and the basic password to obtain a user password corresponding to the user;
wherein the random number is generated according to a random number generation rule.
In a second aspect, an embodiment of the present invention further provides a password verification method, applied to a password verification end, including:
acquiring a preset shared secret key and a user password input by a user, wherein the user password is generated according to the password generation method of the first aspect;
determining the triggering time for triggering verification by the user according to the triggering operation of the user, wherein the step length corresponding to the triggering time is the same as the step length corresponding to the password effective time;
generating a verification password according to the trigger time and the shared key and by combining a verification password generation rule;
and verifying the user password according to the verification password to determine a verification result.
Optionally, the generating a verification password according to the trigger time and the shared key and by combining a verification password generation rule includes:
and encrypting the trigger time and the shared secret key according to a preset encryption algorithm to generate a password with a first set length as a verification password.
Optionally, the verifying the user password according to the verification password to determine a verification result includes:
comparing the user password with the verification password;
if the arrangement sequence of the verification password is consistent with that of the basic password in the user password, the verification is passed, otherwise, the verification fails.
In a third aspect, an embodiment of the present invention further provides a password generation apparatus, applied to a password production end, including:
the information acquisition module is used for acquiring a preset shared key and password validation time input by a user;
and the user password generating module is used for generating a user password corresponding to the user according to the shared secret key and the password validation time and by combining a random number with a set length, and sending the user password to the user side of the user so that the user can obtain the user password.
In a fourth aspect, an embodiment of the present invention further provides a password verification apparatus, applied to a password verification end, including:
a user password obtaining module, configured to obtain a preset shared key and a user password input by a user, where the user password is generated according to the password generation method of the first aspect;
the trigger time determining module is used for determining the trigger time for triggering verification by the user according to the trigger operation of the user, and the step length corresponding to the trigger time is the same as the step length corresponding to the password effective time;
the verification password generation module is used for generating a verification password according to the trigger time and the shared key and by combining a verification password generation rule;
and the verification module is used for verifying the user password according to the verification password and determining a verification result.
In a fifth aspect, an embodiment of the present invention further provides a password management system, including: a password production end and a password verification end;
the password production end is used for generating a user password according to the acquired shared secret key and the password validation time input by the user in combination with the random number with the set length;
and the password verification end is used for generating a verification password according to the triggering time of the user triggering verification and the acquired shared key, verifying the user password input by the user according to the verification password and determining a verification result.
In a sixth aspect, an embodiment of the present invention further provides a storage medium, on which a computer program is stored, where the computer program, when executed by a password production end, implements the password generation method according to the first aspect.
In a seventh aspect, an embodiment of the present invention further provides a storage medium, where a computer program is stored on the storage medium, and when the computer program is executed by a password verification terminal, the password verification method according to the second aspect is implemented.
The embodiment of the invention provides a password generation method, a verification method, a corresponding device, a system and a storage medium, wherein a preset shared secret key and password validation time input by a user are obtained, a user password corresponding to the user is generated according to the shared secret key and the password validation time and a random number with a set length, and the user password is sent to a user side of the user, so that the user can obtain the user password. Compared with the prior art, the random number is introduced in the process of generating the user password, so that the generated user password is different even if the password validation time is the same, the user passwords obtained by different users at the same time are prevented from being repeated, and the user password is more controllable.
Drawings
Fig. 1 is a flowchart of a password generation method according to an embodiment of the present invention;
fig. 2 is a schematic diagram of a process for generating a user password according to an embodiment of the present invention;
fig. 3 is a flowchart of a password verification method according to a second embodiment of the present invention;
fig. 4 is a schematic diagram of a password verification process according to a second embodiment of the present invention;
fig. 5 is a structural diagram of a password generation apparatus according to a third embodiment of the present invention;
fig. 6 is a structural diagram of a password verification apparatus according to a fourth embodiment of the present invention;
fig. 7 is a structural diagram of a password management system according to a fifth embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting of the invention. It should be further noted that, for the convenience of description, only some of the structures related to the present invention are shown in the drawings, not all of the structures. In addition, the embodiments and features of the embodiments in the present invention may be combined with each other without conflict.
Example one
Fig. 1 is a flowchart of a password generation method according to an embodiment of the present invention, where the present embodiment is applicable to a situation of generating a password, and the method may be executed by a password generation apparatus, and the apparatus may be implemented in a software and/or hardware manner and integrated in a password production end, where the password production end may be determined according to an actual application scenario, for example, the password production end may be applied to a door lock industry, the password production end may be a server, and the password production end may be a U-shield in a bank. Specifically, referring to fig. 1, the method includes the following steps:
and S110, acquiring a preset shared secret key and password validation time input by a user.
The shared secret key is a secret key shared by the password production end and the password verification end, the form and the content of the shared secret key can be set according to requirements, and the embodiment is not limited. The shared secret key is pre-stored in the password production end and the password verification end, and provides basis for the generation and verification of the password. The password validation time is the time when the password is validated, and may be determined specifically according to the requirements of the user, for example, the password validation time expected by the user is two points in the afternoon, and in order to reserve sufficient time and prevent the password from being invalid, the user may input the password validation time two points in the afternoon before and obtain the password in advance. Optionally, the user may directly input the password validation time at the password production end, or may send the password validation time to the password production end through the user end.
S120, generating a user password corresponding to the user according to the shared secret key and the password validation time and by combining a random number with a set length, and sending the user password to a user side of the user so that the user can obtain the user password.
The random number is a value of a certain number generated randomly, and may be generated by using a random function or a formula, and the embodiment does not limit the number of the random numbers, where the number of the random numbers may be taken as the length of the random numbers, for example, if there are 3 generated random numbers, the length of the random numbers is referred to as 3. Illustratively, the random number may be generated by the following formula:
R[]=Random(N) (1)
wherein, R [ ] is random number, N is number of random number, can generate N random numbers according to above formula (1), the size of N can be confirmed according to the actual need.
The user password is generated according to the shared secret key, the password effective time and the random number with the set length, and the user passwords corresponding to different users are different, so that the control of the users can be realized according to the user passwords. Optionally, the basic password may be generated according to the shared secret key and the password validation time, and then the basic password and the random number are mixed according to a preset mixing rule to obtain the user password. The basic password can be generated through a TOTP algorithm, the shared key and the password effective time are encrypted through an encryption algorithm, and for different users, if the obtained password effective time is the same, the generated basic password is also the same. It should be noted that the TOTP algorithm depends on the time, which is determined according to the password validation time and the preset step length or accuracy, for example, the password validation time is 14 minutes, 30 minutes and 25 seconds, if the accuracy is minutes, it is equivalent to erasing the seconds, and if the accuracy is hours, it is equivalent to erasing the minutes and the seconds. Taking the accuracy as a minute for example, when the password validation time is 14 minutes to 14 minutes and 30 minutes to 59 seconds, the password production end obtains the same time based on the password validation time and the accuracy, and the password generated by combining the shared key is also the same.
It can be seen that when the effective time of the password input by different users is 14 minutes to 30 minutes to 14 minutes and 30 minutes to 59 seconds, the obtained basic passwords are the same, if the basic password is used as the final user password of the user, when different users use the corresponding user password, the background cannot determine the user identity corresponding to the user password, so that the user cannot be effectively controlled. For this reason, a random number is introduced in this embodiment, and the addition of the random number makes the user passwords obtained by different users different even if the basic passwords are the same. Compared with the prior art, the technical scheme of the embodiment introduces the random number on the basis of the TOTP algorithm, so that the issuing and the control of the password are more controllable, the control of the user is realized, and the user can be distinguished according to the user password. The embodiment does not limit the encryption algorithm and the mixing rule, for example, the encryption algorithm may use a Hash algorithm, and the mixing rule may be a random mixture, or a random number may be inserted into every certain number of basic passwords.
After the user password is generated, the user password can be sent to the user side corresponding to the user, so that the user can obtain the corresponding user password through the user side and use the user password in the password validation time. When the user uses the user password, the identity of the user can be determined according to the user password, and the user management is facilitated.
The embodiment of the invention provides a password generation method, which comprises the steps of acquiring a preset shared secret key and password validation time input by a user, generating a user password corresponding to the user according to the shared secret key and the password validation time and combining a random number with a set length, and sending the user password to a user side of the user so that the user can acquire the user password. Compared with the prior art, the embodiment of the invention introduces the random number in the process of generating the user password, so that the generated user password is different even if the password validation time is the same, the user passwords obtained by different users at the same time are prevented from being repeated, and the user password is more controllable.
On the basis of the foregoing embodiment, the user password of the corresponding user may be generated in the following manner, optionally, S120 includes:
encrypting the shared secret key and the password validation time according to a preset encryption algorithm to generate a basic password;
mixing the random number and the basic password to obtain a user password corresponding to the user;
wherein the random number is generated according to a random number generation rule.
Optionally, the preset encryption algorithm is a Hash algorithm, and the basic password may be generated by the following formula:
TOTP_basic=CUT(HashSHA1(K,T),L) (2)
wherein, the TOTP _ basic is a basic password, the HashSHA1 (K, T) is a password obtained by using a TOTP algorithm, called as a TOTP password, the encryption algorithm adopts a Hash algorithm, the K is a shared key, the T is the password effective time, and the L is the length of the basic password. It can be understood that the password obtained by using the Hash algorithm for encryption is long, and is usually 32 bits, in practical application, in order to facilitate the use of a user, the password with the length of L is intercepted as a basic password, and CUT (HashSHA 1 (K, T), L) represents the password with the length of L. The basic password with the length of L can be obtained by using the formula (2).
And mixing the random number and the basic password to obtain the user password of the corresponding user, wherein the length of the user password is L + N if the length of the random number is N and the length of the basic password is L. Optionally, the random number and the basic password may be mixed by a mixing formula to obtain the user password:
TOTP=MIX(TOTP_basic,R[]) (3)
wherein, TOTP is the user password, and the user password can be obtained by combining the formula (3) according to the basic password and the random number.
Exemplarily, referring to fig. 2, fig. 2 is a schematic diagram of a process for generating a user password according to an embodiment of the present invention. The password production end obtains the shared secret key and the password validation time, locally generates a basic password with the length of L, then generates N random numbers, and mixes the basic password and the random numbers to obtain a user password. Optionally, N = L/2, and an integer is taken, for example, L =5, and then N =3. In fig. 2, the base password 12345 without diagonal lines has a length of 5, the random numbers 6, 9, 5 with diagonal lines have a length of 3, and the user password obtained by mixing the base password and the random numbers has a length of 12639455.
Example two
Fig. 3 is a flowchart of a password verification method according to a second embodiment of the present invention, where the present embodiment is applicable to a situation of verifying a password, and the method may be executed by a password verification apparatus, and the apparatus may be implemented in a software and/or hardware manner and integrated at a password verification end, where a password verified by the password verification end is generated by the password production end described in the above embodiment, and the password verification end is matched with the password production end, for example, when the apparatus is applied to a door lock industry, and the password production end is a server, the password verification end may be a door lock, and when the apparatus is applied to a bank, and the password production end is a U shield, the password verification end may be a server. It should be noted that no communication is performed between the password production end and the password verification end. Specifically, referring to fig. 3, the method includes the following steps:
s210, acquiring a preset shared secret key and a user password input by a user.
The user password is generated according to the password generation method described in the above embodiment, and the specific generation process may refer to the above embodiment, which is not described herein again. And the shared secret key stored by the password verifying end is the same as the shared secret key stored by the password producing end.
S220, determining the trigger time for triggering verification by the user according to the trigger operation of the user.
And the step length corresponding to the trigger time is the same as the step length corresponding to the effective time of the password. The trigger operation may be a touch operation or a click operation, and is used to trigger the password verification end to verify the user password input by the user. And determining the time corresponding to the trigger operation as the trigger time when the password verification end detects the trigger operation of the user. The step size of the trigger time may be understood as the accuracy of the trigger time, which is the same as the accuracy of the time the password takes effect.
And S230, generating a verification password according to the trigger time and the shared key and by combining a verification password generation rule.
The verification password generation rule is a rule for generating a verification password, and optionally, the verification password generation rule is a TOTP algorithm, that is, the same as a rule corresponding to the basic password generated by the password production end, so as to ensure successful verification of the user password. Because the precision of the password production end is the same as that of the password verification end, the time for generating the verification password obtained by the password verification end according to the trigger time of the user is the same as that of the password production end, for example, the precision of the password effective time and the trigger time are both minutes, the password effective time input by the user is 14 hours, 30 minutes, 25 seconds and can be precisely 14 hours, 30 minutes and 30 minutes, the trigger time for the user to trigger the verification is 14 hours, 30 minutes and 48 seconds and can be precisely 14 hours, 30 minutes, namely, the corresponding time of the two is the same, and because the shared passwords of the two are also the same, the verification password generated based on the same TOTP algorithm is the same as the basic password.
S240, verifying the user password according to the verification password and determining a verification result.
Optionally, the verification password and the user password may be matched, and the verification result may be determined according to the arrangement order of the verification password and the user password. For example, the user password is 13578620, wherein 15760 is the basic password, 382 is the random number, the verification password is 15760, and the sequence of the verification password is the same as the sequence of the basic password in the user password, which indicates that the verification is successful.
The second embodiment of the invention provides a password verification method, which comprises the steps of obtaining a preset shared secret key and a user password input by a user, determining the trigger time for triggering verification by the user according to the trigger operation of the user, generating a verification password according to the trigger time and the shared secret key and by combining a verification password generation rule, verifying the user password according to the verification password, and determining a verification result. The user password input by the user is verified through the verification password generated by the password verification end, so that the control of the user is realized.
On the basis of the above embodiment, optionally, S230 includes:
and encrypting the trigger time and the shared secret key according to a preset encryption algorithm to generate a password with a first set length as a verification password.
The generation process of the verification password is similar to the generation process of the basic password of the user password, and reference may be specifically made to the above embodiments, which are not described herein again.
On the basis of the above embodiment, optionally, S240 includes:
comparing the user password with the verification password;
if the arrangement sequence of the verification password is consistent with the arrangement sequence of the basic password in the user password, the verification is passed, otherwise, the verification fails.
Because the random number is added in the user password, the length of the verification password is smaller than that of the user password, and only the sequence of the verification password is required to be compared with the sequence of the basic passwords in the user password, and the verification result is determined according to the comparison result. Specifically, when the sequence of the verification password is consistent with the arrangement sequence of the basic password in the user password, the verification is passed, otherwise, the verification fails.
Exemplarily, referring to fig. 4, fig. 4 is a schematic diagram of a password verification process according to a second embodiment of the present invention. The password verification end obtains a user password to be verified and corresponding trigger time according to user operation, generates a verification password locally according to the trigger time and a shared secret key, and then compares the verification password with the user password in a circulating mode to determine a verification result. As shown in fig. 4, the diagonal lines 6, 9, and 5 are random numbers, and the verification is successful if the verification password 12345 matches the basic password 12345 in the user password 12639455.
EXAMPLE III
Fig. 5 is a structural diagram of a password generation apparatus according to a third embodiment of the present invention, where the apparatus may execute the password generation method according to the first embodiment, specifically, the apparatus includes:
an information obtaining module 310, configured to obtain a preset shared key and password validation time input by a user;
the user password generating module 320 is configured to generate a user password corresponding to the user according to the shared key and the password validation time in combination with a random number with a set length, and send the user password to the user side of the user, so that the user obtains the user password.
The third embodiment of the present invention provides a password generation apparatus, which generates a user password corresponding to a user by acquiring a preset shared secret key and password validation time input by the user, according to the shared secret key and the password validation time, and combining a random number with a set length, and sends the user password to a user side of the user, so that the user acquires the user password. Compared with the prior art, the random number is introduced in the process of generating the user password, so that the generated user password is different even if the password validation time is the same, the user passwords obtained by different users at the same time are prevented from being repeated, and the user password is more controllable.
On the basis of the foregoing embodiment, the user password generating module 320 is specifically configured to:
encrypting the shared secret key and the password validation time according to a preset encryption algorithm to generate a basic password;
mixing the random number and the basic password to obtain a user password corresponding to the user;
wherein the random number is generated according to a random number generation rule.
The password generation device provided by the third embodiment of the invention can execute the password generation method described in the above embodiments, and has corresponding functions and beneficial effects.
Example four
Fig. 6 is a structural diagram of a password verification apparatus according to a fourth embodiment of the present invention, which can execute the password verification method according to the second embodiment, specifically, the apparatus includes:
a user password obtaining module 410, configured to obtain a preset shared key and a user password input by a user, where the user password is generated according to the password generation method in the first embodiment;
a trigger time determining module 420, configured to determine, according to the trigger operation of the user, a trigger time for triggering verification by the user, where a step length corresponding to the trigger time is the same as a step length corresponding to a password validation time;
the verification password generation module 430 is configured to generate a verification password according to the trigger time and the shared key in combination with a verification password generation rule;
the verification module 440 is configured to verify the user password according to the verification password, and determine a verification result.
The fourth embodiment of the present invention provides a password verification apparatus, which determines a trigger time for triggering verification by a user according to a trigger operation of the user by obtaining a preset shared secret key and a user password input by the user, generates a verification password according to the trigger time and the shared secret key and by combining a verification password generation rule, verifies the user password according to the verification password, and determines a verification result. The user password input by the user is verified through the verification password generated by the password verification end, so that the control of the user is realized.
On the basis of the foregoing embodiment, the verification password generating module 430 is specifically configured to:
and encrypting the trigger time and the shared secret key according to a preset encryption algorithm to generate a password with a first set length as a verification password.
On the basis of the foregoing embodiment, the checking module 440 is specifically configured to:
comparing the user password with the verification password;
if the arrangement sequence of the verification password is consistent with the arrangement sequence of the basic password in the user password, the verification is passed, otherwise, the verification fails.
The password verification device provided by the fourth embodiment of the invention can execute the password verification method described in the above embodiments, and has corresponding functions and beneficial effects.
EXAMPLE five
Fig. 7 is a structural diagram of a password management system according to a fifth embodiment of the present invention, where the password management system 1 includes: the password generation terminal 510 is configured to generate a user password by combining a random number with a set length according to the obtained shared secret key and password validation time input by the user. And the password verifying terminal 520 is configured to generate a verification password according to the triggering time of the user trigger verification and the acquired shared key, verify the user password input by the user according to the verification password, and determine a verification result.
The password management system provided by the fifth embodiment of the present invention is the same as the password generation method and the password verification method provided by the foregoing embodiments, and the technical details that are not described in detail in this embodiment may be referred to the foregoing embodiments.
EXAMPLE six
A sixth embodiment of the present invention further provides a storage medium, on which a computer program is stored, where the computer program, when executed by a password production end, implements the password generation method according to the foregoing embodiment of the present invention.
Of course, the storage medium provided by the embodiment of the present invention includes computer-executable instructions, and the computer-executable instructions are not limited to the operations in the password generation method described above, and may also perform related operations in the password generation method provided by any embodiment of the present invention, and have corresponding functions and advantages.
From the above description of the embodiments, it is obvious for those skilled in the art that the present invention can be implemented by software and necessary general hardware, and certainly, can also be implemented by hardware, but the former is a better embodiment in many cases. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which may be stored in a computer-readable storage medium, such as a floppy disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a FLASH Memory (FLASH), a hard disk or an optical disk of a computer, and includes several instructions to enable a computer device (which may be a robot, a personal computer, a server, or a network device) to execute the password generation method according to the foregoing embodiments of the present invention.
EXAMPLE seven
The seventh embodiment of the present invention further provides a storage medium, where a computer program is stored, and when the computer program is executed by a password verification terminal, the password verification method according to the foregoing embodiment of the present invention is implemented.
Of course, the storage medium provided by the embodiment of the present invention includes computer-executable instructions, and the computer-executable instructions are not limited to the operations in the password verification method described above, and may also perform related operations in the password verification method provided by any embodiment of the present invention, and have corresponding functions and advantages.
From the above description of the embodiments, it is obvious for those skilled in the art that the present invention can be implemented by software and necessary general hardware, and certainly, can also be implemented by hardware, but the former is a better embodiment in many cases. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which may be stored in a computer-readable storage medium, such as a floppy disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a FLASH Memory (FLASH), a hard disk or an optical disk of a computer, and includes several instructions for enabling a computer device (which may be a robot, a personal computer, a server, or a network device) to execute the password verification method according to the foregoing embodiments of the present invention.
It is to be noted that the foregoing description is only exemplary of the invention and that the principles of the technology may be employed. Those skilled in the art will appreciate that the present invention is not limited to the particular embodiments described herein, and that various obvious changes, rearrangements and substitutions will now be apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present invention has been described in greater detail by the above embodiments, the present invention is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present invention, and the scope of the present invention is determined by the scope of the appended claims.
Claims (8)
1. A password generation method is applied to a password production end and is characterized by comprising the following steps:
acquiring a preset shared secret key and password validation time input by a user; the shared secret key is a secret key shared by the password production end and the password verification end;
generating a user password corresponding to the user according to the shared secret key and the password validation time and by combining a random number with a set length, and sending the user password to a user side of the user so that the user can obtain the user password;
generating a user password corresponding to the user according to the shared secret key and the password validation time by combining a random number with a set length, wherein the generating comprises the following steps:
encrypting the shared secret key and the password validation time according to a preset encryption algorithm to generate a basic password;
mixing the random number and the basic password to obtain a user password corresponding to the user;
wherein the random number is generated according to a random number generation rule.
2. A password verification method is applied to a password verification end and is characterized by comprising the following steps:
acquiring a preset shared secret key and a user password input by a user, wherein the user password is generated according to the password generation method of claim 1; the shared secret key is a secret key shared by a password production end and the password verification end;
determining the triggering time for triggering verification by the user according to the triggering operation of the user, wherein the step length corresponding to the triggering time is the same as the step length corresponding to the password effective time;
generating a verification password according to the trigger time and the shared key and by combining a verification password generation rule;
verifying the user password according to the verification password to determine a verification result;
wherein, the verifying the user password according to the verification password and determining the verification result comprises:
comparing the user password with the verification password;
if the arrangement sequence of the verification password is consistent with the arrangement sequence of the basic password in the user password, the verification is passed, otherwise, the verification fails.
3. The method of claim 2, wherein generating a verification password according to the trigger time and the shared key in combination with a verification password generation rule comprises:
and encrypting the trigger time and the shared secret key according to a preset encryption algorithm to generate a password with a first set length as a verification password.
4. A password generation device is applied to a password production end and is characterized by comprising:
the information acquisition module is used for acquiring a preset shared key and password validation time input by a user; the shared secret key is a secret key shared by the password production end and the password verification end;
the user password generating module is used for generating a user password corresponding to the user according to the shared secret key and the password validation time and by combining a random number with a set length, and sending the user password to the user side of the user so that the user can obtain the user password;
the user password generating module is specifically configured to:
encrypting the shared secret key and the password validation time according to a preset encryption algorithm to generate a basic password;
mixing the random number and the basic password to obtain a user password corresponding to the user;
wherein the random number is generated according to a random number generation rule.
5. The utility model provides a password verifying attachment, is applied to password check end, its characterized in that includes:
a user password obtaining module, configured to obtain a preset shared secret key and a user password input by a user, where the user password is generated according to the password generation method of claim 1; the shared secret key is a secret key shared by a password production end and the password verification end;
the trigger time determining module is used for determining the trigger time for triggering verification by the user according to the trigger operation of the user, and the step length corresponding to the trigger time is the same as the step length corresponding to the password effective time;
the verification password generation module is used for generating a verification password according to the trigger time and the shared key and by combining a verification password generation rule;
the verification module is used for verifying the user password according to the verification password and determining a verification result;
the verification module is specifically configured to:
comparing the user password with the verification password;
if the arrangement sequence of the verification password is consistent with that of the basic password in the user password, the verification is passed, otherwise, the verification fails.
6. A password management system, comprising: the password verifying method comprises the following steps of (1) a password production end and a password verifying end;
the password production end is used for generating a user password according to the acquired shared secret key and the password validation time input by the user in combination with the random number with the set length; wherein the shared secret key is a secret key shared by the password production terminal and the password verification terminal;
the password verification end is used for generating a verification password according to the triggering time of the user triggering verification and the acquired shared key, verifying the user password input by the user according to the verification password and determining a verification result;
the password production end is specifically used for encrypting the shared secret key and the password validation time according to a preset encryption algorithm to generate a basic password; mixing the random number and the basic password to obtain a user password corresponding to the user; wherein the random number is generated according to a random number generation rule;
wherein, the verifying the user password input by the user according to the verification password and determining the verification result comprise:
comparing the user password with the verification password;
if the arrangement sequence of the verification password is consistent with the arrangement sequence of the basic password in the user password, the verification is passed, otherwise, the verification fails.
7. A storage medium having stored thereon a computer program, characterized in that the program realizes the password generation method according to claim 1 when executed by a password production side.
8. A storage medium on which a computer program is stored, characterized in that the program, when executed by a password verifier, implements the password verification method according to any one of claims 2 to 3.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910734852.6A CN110336660B (en) | 2019-08-09 | 2019-08-09 | Password generation method, verification method, corresponding device, system and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910734852.6A CN110336660B (en) | 2019-08-09 | 2019-08-09 | Password generation method, verification method, corresponding device, system and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110336660A CN110336660A (en) | 2019-10-15 |
| CN110336660B true CN110336660B (en) | 2023-03-24 |
Family
ID=68149259
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910734852.6A Active CN110336660B (en) | 2019-08-09 | 2019-08-09 | Password generation method, verification method, corresponding device, system and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110336660B (en) |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100365641C (en) * | 2006-04-11 | 2008-01-30 | 北京飞天诚信科技有限公司 | Method for protecting computer login using disposable password |
| CN104794587A (en) * | 2015-05-05 | 2015-07-22 | 罗贤 | Method, device and system of rooms management |
| CN106779705B (en) * | 2016-12-08 | 2021-06-01 | 上海众人网络安全技术有限公司 | Dynamic payment method and system |
| CN108234651A (en) * | 2018-01-02 | 2018-06-29 | 京东方科技集团股份有限公司 | A kind of shared vehicles management method, device, system and equipment, storage medium |
| CN108737394B (en) * | 2018-05-08 | 2020-05-22 | 腾讯科技(深圳)有限公司 | Offline verification system, code scanning device and server |
| CN109389716A (en) * | 2018-09-21 | 2019-02-26 | 深圳市二八智能家居有限公司 | Realize the method and device that safety long-distance is unlocked |
-
2019
- 2019-08-09 CN CN201910734852.6A patent/CN110336660B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN110336660A (en) | 2019-10-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109359691B (en) | Identity verification method and system based on block chain | |
| US9280653B2 (en) | Security access method for automotive electronic control units | |
| WO2018046009A1 (en) | Block chain identity system | |
| US9641521B2 (en) | Systems and methods for network connected authentication | |
| US8590024B2 (en) | Method for generating digital fingerprint using pseudo random number code | |
| CN109981562B (en) | Software development kit authorization method and device | |
| US10771467B1 (en) | External accessibility for computing devices | |
| CN111107073B (en) | Application automatic login method and device, computer equipment and storage medium | |
| US20040177248A1 (en) | Network connection system | |
| CN108023873B (en) | Channel establishing method and terminal equipment | |
| CN113221128B (en) | Account and password storage method and registration management system | |
| CN108259502A (en) | For obtaining the identification method of interface access rights, server-side and storage medium | |
| US20080016347A1 (en) | Systems and Methods of User Authentication | |
| CN102457491A (en) | Dynamic identity authenticating method and system | |
| CN111538983A (en) | User password generation method and device, computer equipment and storage medium | |
| CN113656775A (en) | Offline password verification method and system with expiration date and intelligent lock | |
| CN114172747B (en) | Method and system for group members to obtain authentication certificate based on digital certificate | |
| CN112398824A (en) | Authority verification method, storage medium and electronic equipment | |
| CN109586898A (en) | Dual system communication key generation method and computer readable storage medium | |
| EP2273416A1 (en) | Method of managing a one-time password in a portable electronic device | |
| CN110336660B (en) | Password generation method, verification method, corresponding device, system and storage medium | |
| CN106656946B (en) | Dynamic authentication method and device | |
| US10951412B2 (en) | Cryptographic device with administrative access interface utilizing event-based one-time passcodes | |
| CN111344996B (en) | Secret key generation method, secret key acquisition method, private key updating method, chip and server | |
| CN112818329B (en) | Authentication method and device, user side, equipment side and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |