CN111147239B - Offline remote authorization authentication method and system - Google Patents

Offline remote authorization authentication method and system Download PDF

Info

Publication number
CN111147239B
CN111147239B CN201911375768.6A CN201911375768A CN111147239B CN 111147239 B CN111147239 B CN 111147239B CN 201911375768 A CN201911375768 A CN 201911375768A CN 111147239 B CN111147239 B CN 111147239B
Authority
CN
China
Prior art keywords
authorization
random number
authorized
authorized device
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911375768.6A
Other languages
Chinese (zh)
Other versions
CN111147239A (en
Inventor
郭卫斌
牛国富
任嘉义
马骥
武忠品
雷宇龙
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhengzhou Xinda Jiean Information Technology Co Ltd
Original Assignee
Zhengzhou Xinda Jiean Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhengzhou Xinda Jiean Information Technology Co Ltd filed Critical Zhengzhou Xinda Jiean Information Technology Co Ltd
Priority to CN201911375768.6A priority Critical patent/CN111147239B/en
Publication of CN111147239A publication Critical patent/CN111147239A/en
Application granted granted Critical
Publication of CN111147239B publication Critical patent/CN111147239B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Abstract

The invention provides an off-line remote authorization authentication method and a system, wherein the method comprises the following steps: the authorized device and the authorization device are communicated in advance and synchronously obtain a secret key seed; the authorized equipment and the authorization equipment respectively use the same algorithm to calculate the secret key seeds and generate the same ordered random array for pre-storage; when the authorized equipment and the authorization equipment cannot communicate and authorization authentication is needed, a user of the authorized equipment requests authorization from an administrator through a third-party path; the administrator looks up a random number in the ordered random number group from the authorization equipment based on the user identity; the administrator informs the user of the authorized device of the random number through a third-party path; a user acquires a random number and inputs the random number into authorized equipment; and the authorized equipment searches and compares the input random number with a pre-stored ordered random array, and if the random number is found, the authorization authentication is successful. The invention meets the requirement of authorization and authentication under the offline condition.

Description

Offline remote authorization authentication method and system
Technical Field
The invention relates to the technical field of authorization and authentication, in particular to an offline remote authorization and authentication method and system.
Background
At present, for an application scenario requiring remote authorization, a real-time network communication link is generally required to be established between an authorizer and an authorized party, so that the authorizer authenticates authority request data sent by the authorized party, and then, remote authorization and authentication of the authorizer to the authorized party are realized.
However, the above remote authorization and authentication method requires real-time network communication between the authorizer and the authorized party, and once the authorized party is in an offline state, the authorizer cannot obtain the permission request data sent by the authorized party, and further cannot perform remote authorization and authentication on the authorized party.
Therefore, there is an urgent need to provide an off-line remote authorization and authentication method to achieve remote authorization and authentication when the authorized party and the authorized party cannot establish a network communication connection.
Disclosure of Invention
In order to solve the above problems, it is necessary to provide an offline remote authorization authentication method and system.
The invention provides an off-line remote authorization authentication method in a first aspect, which comprises the following steps:
the authorized device and the authorization device are communicated in advance and synchronously obtain a secret key seed;
the authorized device and the authorization device respectively use the same algorithm to calculate the secret key seed, and generate the same ordered random array for pre-storage, wherein the ordered random array is represented as a1,a2,…,an
When the authorized device and the authorization device cannot communicate and authorization authentication is needed, the user of the authorized device requests authorization from an administrator through a third-party path;
after the administrator verifies the user identity, the administrator looks up and obtains one random number a in the ordered random array from the authorization equipment based on the user identitykWherein k is more than or equal to 1 and less than or equal to n;
the administrator sends the random number a through the third party pathkNotifying a user of the authorized device;
the user obtains the random number akAnd input it into the authorized device;
the authorized device is based on the input random number akSearching and comparing in a pre-stored ordered random array, and if the random number a cannot be foundkIf the random number a is found, the authorization authentication failskThen the authorization authentication is successful.
Further, after the authorization authentication is successful, the method further includes:
the authorized equipment clears the random number a in the ordered random arraykAnd the random number akPrevious random number a1,a2,…,ak-1
Further, after the administrator consults the authorization device to obtain one random number in the ordered random number group based on the user identity, the method further comprises:
the authorization equipment clears the random number a in the ordered random arraykAnd the random number akPrevious random number a1,a2,…,ak-1
Further, the authorized device and the authorization device communicate in advance, and synchronously obtain a key seed, which specifically includes:
the authorized device sends the identification information of the authorized device to the authorization device;
the authorization equipment randomly generates a secret key seed according to the identification information, and binds and prestores the secret key seed and the identification information;
and the authorization equipment synchronizes the key seed to the authorized equipment.
Further, the administrator refers to and obtains a random number a in the ordered random array from the authorization equipment based on the identity of the userkThe method specifically comprises the following steps:
the authorization device prestores an association table of a user and an authorized device, and the administrator searches the association table based on the user identity to obtain the identification information of the authorized device;
the authorization equipment refers to and obtains an ordered random array with a binding relation with the identification information according to the identification information;
the administrator selects a random number a from the ordered random arrayk
Further, after the authorization authentication fails or succeeds, the method further includes:
if the authorized device can communicate with the authorization device, and the ordered random array a1,a2,…,anIf the key is exhausted, the authorized device and the authorization device synchronously obtain a new key seed, and respectively generate a new ordered random array according to the new key seed; or
If the authorized device and the authorization device can communicate and a preset updating period is reached, the authorized device and the authorization device synchronously obtain a new secret key seed, and a new ordered random array is respectively generated according to the new secret key seed.
Further, the algorithm is any one or more of an RC4 algorithm, an RC5 algorithm, an RC6 algorithm, a DES algorithm and an AES algorithm.
Further, the third party path includes any one or more of short message, telephone, mail and instant communication.
The second aspect of the present invention further provides an offline remote authorization and authentication system, configured to implement the above offline remote authorization and authentication method, where the system includes an authorization device and an authorized device;
the authorization equipment comprises a first communication module and a password management module;
the authorized device comprises a second communication module, a secret key management module and an access control module;
the authorization device and the authorized device are respectively communicated in advance through the first communication module and the second communication module, and a secret key seed is synchronously obtained;
the password management module and the secret key management module respectively use the same algorithm to calculate the secret key seeds and generate the same ordered random array for pre-storage, wherein the ordered random array is represented as a1,a2,…,an
When the first communication module and the second communication module can not communicate and the authorized deviceWhen authorization authentication is needed, a user of the authorized equipment requests authorization from an administrator through a third-party path; after the administrator verifies the user identity, the administrator looks up and obtains a random number a in the ordered random array from the password management module based on the user identitykWherein k is more than or equal to 1 and less than or equal to n; the administrator sends the random number a through the third party pathkNotifying a user of the authorized device; the user obtains the random number akAnd input it into the authorized device; the access control module is used for controlling the access of the mobile terminal according to the input random number akSearching and comparing in the key management module, if the random number a can not be foundkIf the random number a is found, the authorization authentication failskThen the authorization authentication is successful.
Further, the authorization device further includes a user information module, where the user information module is configured to store the key seed, the identification information of the authorized device, and the user identity information in an associated manner.
The invention can realize remote authorization and password authentication of the authorized equipment under the offline condition. Meanwhile, the method and the device can be suitable for a multi-device scene, each authorized device has different offline authorization authentication passwords, and each password of the same authorized device is only valid once, so that the dynamic password is realized under the offline condition, and the safety is improved.
Additional aspects and advantages of the invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention.
Drawings
The above and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
FIG. 1 is a flow chart illustrating an off-line remote authorization authentication method of the present invention;
fig. 2 shows a block diagram of an offline remote authorization authentication system of the present invention.
Detailed Description
In order that the above objects, features and advantages of the present invention can be more clearly understood, a more particular description of the invention will be rendered by reference to the appended drawings. It should be noted that the embodiments and features of the embodiments of the present application may be combined with each other without conflict.
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention, however, the present invention may be practiced in other ways than those specifically described herein, and therefore the scope of the present invention is not limited by the specific embodiments disclosed below.
Fig. 1 shows a flowchart of an offline remote authorization authentication method according to the present invention.
As shown in fig. 1, a first aspect of the present invention provides an offline remote authorization authentication method, including the following steps:
s101, the authorized device and the authorization device are communicated in advance, and a secret key seed is obtained synchronously;
s102, the authorized device and the authorization device respectively use the same algorithm to calculate the secret key seed, and generate the same ordered random array for pre-storage, wherein the ordered random array is represented as a1,a2,…,an
S103, when the authorized device and the authorization device cannot communicate and authorization authentication is needed, the user of the authorized device requests authorization from an administrator through a third-party path;
s104, after the administrator verifies the user identity, the administrator looks up and obtains a random number a in the ordered random array from the authorization equipment based on the user identitykWherein k is more than or equal to 1 and less than or equal to n ak
S105, the administrator sends the random number a through the third party pathkNotifying a user of the authorized device;
s106, the user obtains the random number akAnd input it into the authorized device;
s107, the authorized device inputs the random number akSearching and comparing the pre-stored ordered random array, if soThe random number a cannot be foundkIf the random number a is found, the authorization authentication failskThen the authorization authentication is successful.
Specifically, the authorized device and the authorization device may be a mobile phone, an IPAD, a PC, or the like.
It can be understood that the authorization authentication of the authorized device by the present invention can be based on the authorization unlocking authentication of the functional module of the authorized device itself, for example: unlocking and authenticating a screen of the authorized equipment, unlocking and authenticating a camera of the authorized equipment and the like; authentication may also be authorized based on application software installed on the authorized device. But is not limited thereto.
Preferably, the ordered random array generated from the key seed includes 100 random numbers, but is not limited thereto.
Preferably, the algorithm is any one or more of an RC4 algorithm, an RC5 algorithm, an RC6 algorithm, a DES algorithm and an AES algorithm. But is not limited thereto.
Preferably, the third party path includes any one or more of short message, telephone, mail and instant communication. But is not limited thereto.
It can be understood that the third-party path may be an available communication path on the authorized device, for example, in a specific application, a camera of the authorized device is locked, and authorization unlocking authentication needs to be performed on the camera of the authorized device, however, communication paths such as a short message and a telephone of the authorized device are still available, and then the user may request authorization authentication by calling or sending a short message to an administrator through the authorized device; the third party path may also be a communication path of the other device, for example, when the screen of the authorized device is locked, since the user can no longer enable the authorized device, authorization authentication of the authorized device may be requested from the administrator by means of the other device.
Further, after the authorization authentication is successful, the method further includes:
the authorized equipment clears the random number a in the ordered random arraykAnd the random number akPrevious random number a1,a2,…,ak-1
Since the user knows the random number and uses the random number to perform an offline authorization authentication. In order to prevent the authorized device from using the same random number when the authorized device needs authorization authentication next time, the authorized device of the invention carries out clearing processing on the pre-stored random number, thereby effectively preventing the random number from being used repeatedly. Furthermore, if the user knows the random number, the user can easily deduce the previous random number, so the authorized device of the present invention still needs to clear the pre-stored previous random number, thereby greatly improving the security and reliability of the offline authorization and authentication of the authorized device.
Further, after the administrator consults the authorization device to obtain one random number in the ordered random number group based on the user identity, the method further comprises:
the authorization equipment clears the random number a in the ordered random arraykAnd the random number akPrevious random number a1,a2,…,ak-1
If the authorized device does not perform the clearing process, the administrator is likely to refer again, but will cause the authorization authentication to fail because the authorized device has already cleared it. The invention not only clears the random number in the authorized equipment, but also clears the random number in the authorized equipment, thereby keeping the random numbers reserved in the authorized equipment and the authorized equipment consistent.
Further, the authorized device and the authorization device communicate in advance, and synchronously obtain a key seed, which specifically includes:
the authorized device sends the identification information of the authorized device to the authorization device;
the authorization equipment randomly generates a secret key seed according to the identification information, and binds and prestores the secret key seed and the identification information;
and the authorization equipment synchronizes the key seed to the authorized equipment.
Preferably, the identification information may be an ID number, an IP address, a mobile phone number, and the like of the authorized device.
Further, the administrator refers to and obtains a random number a in the ordered random array from the authorization equipment based on the identity of the userkThe method specifically comprises the following steps:
the authorization device prestores an association table of a user and an authorized device, and the administrator searches the association table based on the user identity to obtain the identification information of the authorized device;
the authorization equipment refers to and obtains an ordered random array with a binding relation with the identification information according to the identification information;
the administrator selects a random number a from the ordered random arrayk
Further, after the authorization authentication fails or succeeds, the method further includes:
if the authorized device can communicate with the authorization device, and the ordered random array akIf the key is exhausted, the authorized device and the authorization device synchronously obtain a new key seed, and respectively generate a new ordered random array according to the new key seed; or
If the authorized device and the authorization device can communicate and a preset updating period is reached, the authorized device and the authorization device synchronously obtain a new secret key seed, and a new ordered random array is respectively generated according to the new secret key seed.
It will be appreciated that in the authorized device offline state, authorization authentication may be required more than once, for example: after the authorized device screen is successfully authorized and unlocked, the screen may be locked again due to illegal operation of the user, and at this time, the authorized device still needs to be subjected to secondary authorization and authentication. And each time of authorization authentication needs to consume one random number, when the ordered random number group is exhausted, the authorized device can not be subjected to off-line authorization authentication any more, and the authorization device and the authorized device can be continuously used as long as a new secret key seed is synchronously generated again before the ordered random number group is exhausted.
It can be understood that, when the authorized device and the authorization device can communicate with each other, the ordered random array may not be exhausted yet, and in order to further increase the difficulty of illegally obtaining the ordered random array, the authorization device and the authorized device of the present invention synchronously update the key seed according to a preset time period (such as one week, one month, etc.), and generate a new ordered random array based on the updated key seed, thereby further improving the security and reliability of the authorization authentication.
Fig. 2 shows a block diagram of an offline remote authorization authentication system of the present invention.
As shown in fig. 2, the second aspect of the present invention further provides an offline remote authorization and authentication system, for implementing the above offline remote authorization and authentication method, where the system includes an authorization device and an authorized device;
the authorization equipment comprises a first communication module and a password management module;
the authorized device comprises a second communication module, a secret key management module and an access control module;
the authorization device and the authorized device are respectively communicated in advance through the first communication module and the second communication module, and a secret key seed is synchronously obtained;
the password management module and the secret key management module respectively use the same algorithm to calculate the secret key seeds and generate the same ordered random array for pre-storage, wherein the ordered random array is represented as a1,a2,…,an
When the first communication module and the second communication module cannot communicate and the authorized device needs authorization authentication, the user of the authorized device requests authorization from an administrator through a third-party path; after the administrator verifies the user identity, the administrator looks up and obtains a random number a in the ordered random array from the password management module based on the user identitykWherein k is more than or equal to 1 and less than or equal to n; the administrator sends the random number a through the third party pathkNotifying a user of the authorized device; the user obtains the random number akAnd input it into the authorized device; the access control module is used for controlling the access of the mobile terminal according to the input random number akSearching and comparing in the key management module, if the random number a can not be foundkIf the random number a is found, the authorization authentication failskThen the authorization authentication is successful.
Specifically, the first communication module and the second communication module may communicate through a wireless network or a wired network, and the wireless network may be a 4G network, a 5G network, or the like.
Preferably, the algorithm is any one or more of an RC4 algorithm, an RC5 algorithm, an RC6 algorithm, a DES algorithm and an AES algorithm. But is not limited thereto.
Preferably, the third party path includes any one or more of short message, telephone, mail and instant communication. But is not limited thereto.
Further, after the authorization authentication is successful, the authorized device clears the random number a in the ordered random number groupkAnd a random number a preceding the random number1,a2,…,ak-1
Further, after the administrator refers to and obtains one random number in the ordered random number group from the authorization device based on the user identity, the authorization device clears the random number a in the ordered random number groupkAnd a random number a preceding the random number1,a2,…,ak-1
Further, the authorization device further includes a user information module, where the user information module is configured to store the key seed, the identification information of the authorized device, and the user identity information in an associated manner.
Specifically, the authorized device sends its identification information to the authorizing device; the authorization equipment randomly generates a secret key seed according to the identification information, binds the secret key seed and the identification information and prestores the secret key seed and the identification information in a user information module; and the authorization equipment synchronizes the key seed to the authorized equipment.
The user information module is prestored with users and is authorizedThe administrator searches the association table of the user information module to obtain the identification information of the authorized equipment based on the user identity; then according to the identification information, looking up and obtaining an ordered random array having a binding relationship with the identification information; the administrator selects a random number a from the ordered random arrayk
Further, after the authorization authentication fails or succeeds, if the authorized device and the authorization device can communicate, the ordered random array a1,a2,…,anIf the key is exhausted, the authorized device and the authorization device synchronously obtain a new key seed, and respectively generate a new ordered random array according to the new key seed;
if the authorized device and the authorization device can communicate and a preset updating period is reached, the authorized device and the authorization device synchronously obtain a new secret key seed, and a new ordered random array is respectively generated according to the new secret key seed.
The invention can realize remote authorization and password authentication of the authorized equipment under the offline condition. For example: when the authorized equipment is in a special environment or scene (for example, a remote area cannot be connected with a network), the method can be adopted to carry out offline remote authorization authentication, and the user requirements under the special scene are met.
The method and the device can be suitable for a multi-device scene, each authorized device has different offline authorization authentication passwords, and each password of the same authorized device is only valid once, so that the dynamism of the password is realized under the offline condition, and the safety is improved.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.

Claims (10)

1. An off-line remote authorization authentication method, characterized in that the method comprises the following steps:
the authorized device and the authorization device are communicated in advance and synchronously obtain a secret key seed;
the authorized device and the authorization device respectively use the same algorithm to calculate the secret key seed, and generate the same ordered random array for pre-storage, wherein the ordered random array is represented as a1,a2,…,an
When the authorized device and the authorization device cannot communicate and authorization authentication is needed, the user of the authorized device requests authorization from an administrator through a third-party path;
after the administrator verifies the user identity, the administrator looks up and obtains one random number a in the ordered random array from the authorization equipment based on the user identitykWherein k is more than or equal to 1 and less than or equal to n;
the administrator sends the random number a through the third party pathkNotifying a user of the authorized device;
the user obtains the random number akAnd input it into the authorized device;
the authorized device is based on the input random number akSearching and comparing in a pre-stored ordered random array, and if the random number a cannot be foundkIf the random number a is found, the authorization authentication failskThen the authorization authentication is successful.
2. The offline remote authorization and authentication method according to claim 1, wherein after the authorization and authentication are successful, the method further comprises:
the authorized equipment clears the random number a in the ordered random arraykAnd the random number akPrevious random number a1,a2,…,ak-1
3. The offline remote authorization authentication method according to claim 1, wherein after the administrator consults and obtains one random number in the ordered random number group from the authorization device based on the user identity, the method further comprises:
the authorization equipment clears the random number a in the ordered random arraykAnd the random number akPrevious random number a1,a2,…,ak-1
4. The method according to claim 1, wherein the authorized device and the authorization device communicate with each other in advance and synchronously obtain a key seed, and the method specifically comprises:
the authorized device sends the identification information of the authorized device to the authorization device;
the authorization equipment randomly generates a secret key seed according to the identification information, and binds and prestores the secret key seed and the identification information;
and the authorization equipment synchronizes the key seed to the authorized equipment.
5. The method of claim 4, wherein the administrator refers to and obtains one random number a in the ordered random number group from the authorization device based on the user identitykThe method specifically comprises the following steps:
the authorization device prestores an association table of a user and an authorized device, and the administrator searches the association table based on the user identity to obtain the identification information of the authorized device;
the authorization equipment refers to and obtains an ordered random array with a binding relation with the identification information according to the identification information;
the administrator selects a random number a from the ordered random arrayk
6. The offline remote authorization and authentication method according to claim 1, wherein after the authorization and authentication fails or succeeds, the method further comprises:
if the authorized device can communicate with the authorization device, and the ordered random array a1,a2,…,anIf the key is exhausted, the authorized device and the authorization device synchronously obtain a new key seed, and respectively generate a new ordered random array according to the new key seed; or
If the authorized device and the authorization device can communicate and a preset updating period is reached, the authorized device and the authorization device synchronously obtain a new secret key seed, and a new ordered random array is respectively generated according to the new secret key seed.
7. The method of claim 1, wherein the algorithm is any one or more of RC4 algorithm, RC5 algorithm, RC6 algorithm, DES algorithm and AES algorithm.
8. The method of claim 1, wherein the third party path comprises any one or more of short message, telephone, mail, and instant messaging.
9. An offline remote authorization and authentication system for implementing the offline remote authorization and authentication method of any one of the preceding claims 1 to 8, wherein the system comprises an authorization device and an authorized device;
the authorization equipment comprises a first communication module and a password management module;
the authorized device comprises a second communication module, a secret key management module and an access control module;
the authorization device and the authorized device are respectively communicated in advance through the first communication module and the second communication module, and a secret key seed is synchronously obtained;
the password management module and the secret key management module respectively use the same algorithm to calculate and process the secret key seed and generate the same secret key seedPre-storing an ordered random array, wherein the ordered random array is represented as a1,a2,…,an
When the first communication module and the second communication module cannot communicate and the authorized device needs authorization authentication, the user of the authorized device requests authorization from an administrator through a third-party path; after the administrator verifies the user identity, the administrator looks up and obtains a random number a in the ordered random array from the password management module based on the user identitykWherein k is more than or equal to 1 and less than or equal to n; the administrator sends the random number a through the third party pathkNotifying a user of the authorized device; the user obtains the random number akAnd input it into the authorized device; the access control module is used for controlling the access of the mobile terminal according to the input random number akSearching and comparing in the key management module, if the random number a can not be foundkIf the random number a is found, the authorization authentication failskThen the authorization authentication is successful.
10. The system of claim 9, wherein the authorization device further comprises a user information module, and the user information module is configured to store the key seed, the identification information of the authorized device, and user identity information in an associated manner.
CN201911375768.6A 2019-12-27 2019-12-27 Offline remote authorization authentication method and system Active CN111147239B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911375768.6A CN111147239B (en) 2019-12-27 2019-12-27 Offline remote authorization authentication method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911375768.6A CN111147239B (en) 2019-12-27 2019-12-27 Offline remote authorization authentication method and system

Publications (2)

Publication Number Publication Date
CN111147239A CN111147239A (en) 2020-05-12
CN111147239B true CN111147239B (en) 2022-02-11

Family

ID=70520856

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911375768.6A Active CN111147239B (en) 2019-12-27 2019-12-27 Offline remote authorization authentication method and system

Country Status (1)

Country Link
CN (1) CN111147239B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113784344A (en) * 2021-08-19 2021-12-10 杭州宇链科技有限公司 Trusted address binding device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104160652A (en) * 2011-12-27 2014-11-19 英特尔公司 Method and system for distributed off-line logon using one-time passwords
CN105471583A (en) * 2014-09-11 2016-04-06 比亚迪股份有限公司 Electronic authentication method and system of vehicle-mounted electric appliances
CN108932425A (en) * 2018-07-11 2018-12-04 飞天诚信科技股份有限公司 A kind of offline identity identifying method, Verification System and authenticating device
CN109005187A (en) * 2018-08-21 2018-12-14 广州飞硕信息科技股份有限公司 A kind of communication information guard method and device
CN109858201A (en) * 2018-12-29 2019-06-07 北京奇安信科技有限公司 A kind of security software pattern switching authorization method, client and server-side

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006211343A (en) * 2005-01-28 2006-08-10 Renesas Technology Corp Authentication method and its system
WO2007012083A2 (en) * 2005-07-20 2007-01-25 Verimatrix, Inc. Network user authentication system and method
EP3086253B1 (en) * 2013-12-16 2017-12-13 Panasonic Intellectual Property Management Co., Ltd. Authentication system, and authentication method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104160652A (en) * 2011-12-27 2014-11-19 英特尔公司 Method and system for distributed off-line logon using one-time passwords
CN105471583A (en) * 2014-09-11 2016-04-06 比亚迪股份有限公司 Electronic authentication method and system of vehicle-mounted electric appliances
CN108932425A (en) * 2018-07-11 2018-12-04 飞天诚信科技股份有限公司 A kind of offline identity identifying method, Verification System and authenticating device
CN109005187A (en) * 2018-08-21 2018-12-14 广州飞硕信息科技股份有限公司 A kind of communication information guard method and device
CN109858201A (en) * 2018-12-29 2019-06-07 北京奇安信科技有限公司 A kind of security software pattern switching authorization method, client and server-side

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Syeda Iffat Naqvi ; Adeel Akram.Pseudo-random key generation for secure HMAC-MD5.《2011 IEEE 3rd International Conference on Communication Software and Networks》.2011, *
基于动态身份的远程用户认证方案;屈娟;李艳平;《山东大学学报(理学版)》;20160918;全文 *

Also Published As

Publication number Publication date
CN111147239A (en) 2020-05-12

Similar Documents

Publication Publication Date Title
KR101047641B1 (en) Enhance security and privacy for security devices
EP2950506B1 (en) Method and system for establishing a secure communication channel
US5689563A (en) Method and apparatus for efficient real-time authentication and encryption in a communication system
US7734280B2 (en) Method and apparatus for authentication of mobile devices
AU2004307800B2 (en) Method for managing the security of applications with a security module
EP1051820B1 (en) Method for dynamically updating cellular-phone-unique-encryption keys
CN105828332B (en) improved method of wireless local area network authentication mechanism
US6892308B1 (en) Internet protocol telephony security architecture
CN111512608A (en) Trusted execution environment based authentication protocol
KR20120131541A (en) Method for smart phone registration when accessing security authentication device and method for access authentication of registered smart phone
JP2008312200A (en) Method and apparatus for operating wireless home area network
WO2021113034A1 (en) Full-duplex password-less authentication
US6665530B1 (en) System and method for preventing replay attacks in wireless communication
JPH05503816A (en) Method for authenticating and protecting subscribers in telephone communication systems
CN112202770A (en) Equipment networking method and device, equipment and storage medium
US8800012B2 (en) System and method for authentication in wireless networks by means of one-time passwords
CN108667800B (en) Access authority authentication method and device
CN111147239B (en) Offline remote authorization authentication method and system
WO2020188679A1 (en) Communication system
US20210216619A1 (en) Method and apparatus for authenticating a user of a compartment installation
CN105873059A (en) United identity authentication method and system for power distribution communication wireless private network
KR20150005788A (en) Method for authenticating by using user's key value
CN111918292B (en) Access method and device
KR100545512B1 (en) System and method for preventing replay attacks in wireless communication
KR101451163B1 (en) System and method for access authentication for wireless network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CB03 Change of inventor or designer information

Inventor after: Guo Weibin

Inventor after: Niu Guofu

Inventor after: Ren Jiayi

Inventor after: Ma Ji

Inventor after: Wu Zongpin

Inventor after: Lei Yulong

Inventor before: Guo Weibin

Inventor before: Niu Guofu

Inventor before: Ren Jiayi

Inventor before: Ma Ji

Inventor before: Wu Zhongpin

Inventor before: Lei Yulong

CB03 Change of inventor or designer information
PE01 Entry into force of the registration of the contract for pledge of patent right

Denomination of invention: A Method and System for Offline Remote Authorization and Authentication

Effective date of registration: 20230412

Granted publication date: 20220211

Pledgee: China Construction Bank Corporation Zhengzhou Jinshui sub branch

Pledgor: ZHENGZHOU XINDA JIEAN INFORMATION TECHNOLOGY Co.,Ltd.

Registration number: Y2023980037751

PE01 Entry into force of the registration of the contract for pledge of patent right