CN111212427A - Application APP account login management system based on mobile terminal - Google Patents
Application APP account login management system based on mobile terminal Download PDFInfo
- Publication number
- CN111212427A CN111212427A CN202010050787.8A CN202010050787A CN111212427A CN 111212427 A CN111212427 A CN 111212427A CN 202010050787 A CN202010050787 A CN 202010050787A CN 111212427 A CN111212427 A CN 111212427A
- Authority
- CN
- China
- Prior art keywords
- user
- mobile terminal
- application app
- management system
- login management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 claims abstract description 20
- 238000004891 communication Methods 0.000 claims abstract description 19
- 238000012795 verification Methods 0.000 claims abstract description 13
- 230000002452 interceptive effect Effects 0.000 claims description 12
- 229910002056 binary alloy Inorganic materials 0.000 claims description 6
- 230000000694 effects Effects 0.000 abstract description 4
- 230000004075 alteration Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3218—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/068—Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
Abstract
The invention relates to the technical field of application APP account login management, and discloses an application APP account login management system based on a mobile terminal, which comprises: cloud server S running with application APP system softwarecMobile terminal MT running application APP system softwareiThe application APP system comprises an account login management system; the cloud server ScThrough wireless network equipment and mobile terminal MTiPerforming communication connection between each other; when the mobile terminal MTiUser U ofiWhen a login request is sent to an application APP system, an account login management system of the application APP system adopts a verification method based on zero-knowledge proof to the MTiUser U ofiOnly the mobile terminal MT performs authenticationiUser U ofiThe identity of the user passes the verification of the account login management system of the application APP system and is proved to be a legal userTo allow the mobile terminal MTiUser U ofiLogging into an application APP system. The invention further improves the technical effect of login security of the APP account.
Description
Technical Field
The invention relates to the technical field of application APP account login management, in particular to an application APP account login management system based on a mobile terminal.
Background
With the development of internet technology, applications APP based on mobile terminals are continuously developed and widely used. Many applications APP involve the login of an individual account during use, and a user can automatically log in the own account in subsequent operations after the first login.
The existing account login method mainly comprises two modes, wherein one mode is that a mobile terminal sends and stores a user name and a password input by a user in a server, and simultaneously stores a device Identification (ID) and the user name corresponding to the mobile terminal in the mobile terminal, when the user starts application again, a client sends the device ID and the user name to the server for verification, and automatic login is performed if the verification is passed.
The other mode is that after the user successfully logs in for the first time, the server sends a token (token) corresponding to the mobile terminal, the mobile terminal receives and stores the device token, when the user starts the application again, the mobile terminal sends the device token to the server, the server verifies the device token, and the user automatically logs in after the verification is passed.
It can be seen that the existing two ways store the device ID/token in the mobile terminal permanently, so that the possibility of breaking the device is high, and potential safety hazards exist.
Disclosure of Invention
Technical problem to be solved
Aiming at the defects of the prior art, the invention provides an application APP account login management system based on a mobile terminal, which realizes the technical purpose of further improving the login safety of an application APP account through a user login authentication mode based on zero knowledge certification.
(II) technical scheme
In order to achieve the purpose, the invention provides the following technical scheme:
a login management system for an application APP account based on a mobile terminal comprises: cloud server S running with application APP system softwarecMobile terminal MT running application APP system softwareiThe application APP system comprises an account login management system;
the cloud server ScThrough wireless network equipment and mobile terminal MTiPerforming communication connection between each other;
when the mobile terminal MTiUser U ofiWhen a login request is sent to an application APP system, an account login management system of the application APP system adopts a verification method based on zero-knowledge proof to the MTiUser U ofiThe authentication method of the account login management system comprises the following steps:
the method comprises the following steps: mobile terminal MTiUser U ofiAccount in application APP systemThe user registration is carried out on the user login management system, and the method specifically comprises the following steps:
account login management system in binary domainOn the selected curve Dp(a, b) in the curve Dp(a, B) selecting a point B as a base point, and returning the base point B to the mobile terminal MTiUser U ofi;
Mobile terminal MTiUser U ofiIn the binary fieldSelecting a private key H, calculating a public key H ═ hB, and transmitting the public key H to an account login management system;
step two: when the mobile terminal MTiUser U ofiWhen a login request is sent to the application APP system, the account login management system of the application APP system starts to log in to the mobile terminal MTiUser U ofiThe identity of the user is verified, and the specific authentication process comprises the following steps:
s1, the account login management system pops up on a verification page and moves a Mobile Terminal (MT)iUser U ofiA dialog box for interactive communication;
s2. Mobile terminal MTiUser U ofiIn the binary fieldSelecting a random number x at random, calculating B1X B, such that B1At curve DpOn (a, B), adding B1Inputting the data into a dialog box;
s3, the account login management system is randomly generated in a binary system domainThe random number e is displayed in the dialog box, i.e. returned to the mobile terminal MTiUser U ofi;
S4. Mobile terminal MTiUser U ofiCalculating S as v + eh, and inputting S into the dialog box;
s5, the account login management system verifies the MTiUser U ofiIf SB is legal, B1If + eH is true, it indicates that the authentication is passed and the mobile terminal MTiUser U ofiIdentity legitimacy, i.e. allowing mobile terminals MTiUser U ofiLogging into an application APP system.
Further, in the step one, the mobile terminal MTiUser U ofiUser registration is carried out on an account login management system of an application APP system, and the method specifically comprises the following steps:
s1, the account login management system pops up on a registration page and moves a Mobile Terminal (MT)iUser U ofiA dialog box for interactive communication;
s2, the account login management system is in a binary system domainOn the selected curve Dp(a, b) in the curve Dp(a, B) randomly selecting a point B as a base point, and displaying the base point B in the dialog box, i.e. returning to the mobile terminal MTiUser U ofi;
S3. Mobile terminal MTiUser U ofiIn the binary fieldAnd selecting a private key H, calculating a public key H ═ hB, and inputting the public key H into the dialog box, namely transmitting the public key H to the account login management system.
Further, in the second step, if SB ═ B1+ eH fails, indicating that authentication failed, mobile terminal MTiUser U ofiIf the identity is illegal, the mobile terminal MT is rejectediUser U ofiLogging into an application APP system.
Furthermore, the interactive communication dialog box has a traceless communication function, that is, all interactive communication contents in the dialog box have no backup record.
(III) advantageous technical effects
Compared with the prior art, the invention has the following beneficial technical effects:
the invention is applicable to mobile terminal MTiUser U ofiWhen a login request is sent to an application APP system, an account login management system of the application APP system adopts a verification method based on zero-knowledge proof to the MTiUser U ofiOnly the mobile terminal MT performs authenticationiUser U ofiThe identity of the mobile terminal MT is verified by the account login management system of the application APP system to be a legal user, and the mobile terminal MT is allowediUser U ofiLogging in an application APP system;
and at the mobile terminal MTiUser U ofiAfter the identity authentication is completed, the account login management system only knows the MT of the mobile terminaliUser U ofiIs legitimate, it does not know the mobile terminal MTiUser U ofiPrivate key h of, i.e. mobile terminal MTiUser U ofiThe identity authentication is completed on the premise of not revealing the private key h of the user; (ii) a
Therefore, the technical effect of further improving the login safety of the APP account is achieved.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
A login management system for an application APP account based on a mobile terminal comprises: cloud server S running with application APP system softwarecMobile terminal MT running application APP system softwareiThe application APP system comprises an account login management system;
the cloud server ScThrough wireless network equipment and mobile terminal MTiPerforming communication connection between each other;
when the mobile terminal MTiUser U ofiWhen a login request is sent to an application APP system, an account login management system of the application APP system adopts a verification method based on zero-knowledge proof to the MTiUser U ofiThe authentication method of the account login management system comprises the following steps:
the method comprises the following steps: mobile terminal MTiUser U ofiUser registration is carried out on an account login management system of an application APP system, and the method specifically comprises the following steps:
s1, the account login management system pops up on a registration page and moves a Mobile Terminal (MT)iUser U ofiA dialog box for interactive communication;
s2, the account login management system is in a binary system domainOn the selected curve Dp(a, b) in the curve Dp(a, B) randomly selecting a point B as a base point, and displaying the base point B in the dialog box, i.e. returning to the mobile terminal MTiUser U ofi;
S3. Mobile terminal MTiUser U ofiIn the binary fieldSelecting a private key H, calculating a public key H ═ hB, and inputting the public key H into a dialog box, namely transmitting the public key H to an account login management system;
the private key h is the only legal certification key and is the mobile terminal MTiUser U ofiThe account is owned independently, namely the account login management system does not know the private key h;
step two: when the mobile terminal MTiUser U ofiWhen a login request is sent to the application APP system, the account login management system of the application APP system starts to log in the mobile terminal MTiUser U ofiThe identity of the user is verified, and the specific authentication process comprises the following steps:
s1, the account login management system pops up on a verification page and moves a Mobile Terminal (MT)iUser U ofiA dialog box for interactive communication;
s2. Mobile terminal MTiUser U ofiIn the binary fieldSelecting a random number x at random, calculating B1X B, such that B1At curve DpOn (a, B), adding B1Inputting the data into a dialog box;
s3, the account login management system is randomly generated in a binary system domainThe random number e is displayed in the dialog box, i.e. returned to the mobile terminal MTiUser U ofi;
S4. Mobile terminal MTiUser U ofiCalculating S as v + eh, and inputting S into the dialog box;
s5, the account login management system verifies the MTiUser U ofiIf SB is legal, B1If + eH is true, it indicates that the authentication is passed and the mobile terminal MTiUser U ofiIdentity legitimacy, i.e. allowing mobile terminals MTiUser U ofiLogging in an application APP system;
if SB is B1If + eH fails, it indicates that the authentication is not passed and the mobile terminal MTiUser U ofiThe identity being illegal, i.e. refusing the mobile terminal MTiUser U ofiLogging in an application APP system;
if the mobile terminal MTiUser U ofiAfter the identity of the mobile terminal MT passes the verification of the account login management system of the application APP system, the mobile terminal MT is provediUser U ofiIdentity legitimacy, i.e. allowing mobile terminals MTiUser U ofiLogging in an application APP system;
if the mobile terminal MTiUser U ofiIf the identity of the mobile terminal MT is not verified by the account login management system applying the APP system, the mobile terminal MT is provediUser U ofiThe identity being illegal, i.e. refusing the mobile terminal MTiUser U ofiLogging in an application APP system;
the interactive communication dialog box has a traceless communication function, namely all interactive communication contents in the dialog box have no backup record.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (4)
1. The utility model provides an application APP account login management system based on mobile terminal which characterized in that includes: cloud server S running with application APP system softwarecMobile terminal MT running application APP system softwareiThe application APP system comprises an account login management system;
the cloud server ScThrough wireless network equipment and mobile terminal MTiPerforming communication connection between each other;
when the mobile terminal MTiUser U ofiWhen a login request is sent to an application APP system, an account login management system of the application APP system adopts a verification method based on zero-knowledge proof to the MTiUser U ofiThe authentication method of the account login management system comprises the following steps:
the method comprises the following steps: mobile terminal MTiUser U ofiUser registration is carried out on an account login management system of an application APP system, and the method specifically comprises the following steps:
account login management system in binary domainOn the selected curve Dp(a, b) in the curve Dp(a, B) selecting a point B as a base point, and returning the base point B to the mobile terminal MTiUser U ofi;
Mobile terminal MTiUser U ofiIn the binary fieldSelecting a private key H, calculating a public key H ═ hB, and transmitting the public key H to an account login management system;
step two: when the mobile terminal MTiUser U ofiWhen a login request is sent to the application APP system, the account login management system of the application APP system starts to log in to the mobile terminal MTiUser U ofiThe identity of the user is verified, and the specific authentication process comprises the following steps:
s1, the account login management system pops up on a verification page and moves a Mobile Terminal (MT)iUser U ofiA dialog box for interactive communication;
s2. Mobile terminal MTiUser U ofiIn the binary fieldSelecting a random number x at random, calculating B1X B, such that B1At curve DpOn (a, B), adding B1Inputting the data into a dialog box;
s3, the account login management system is randomly generated in a binary system domainThe random number e is displayed in the dialog box, i.e. returned to the mobile terminal MTiUser U ofi;
S4. Mobile terminal MTiUser U ofiCalculating S as v + eh, and inputting S into the dialog box;
s5, the account login management system verifies the MTiUser U ofiIf SB is legal, B1If + eH is true, it indicates that the authentication is passed and the mobile terminal MTiUser U ofiIdentity legitimacy, i.e. allowing mobile terminals MTiUser U ofiLogging into an application APP system.
2. The system according to claim 1, wherein in step one, the mobile terminal MT is configured to perform the steps ofiUser U ofiUser registration is carried out on an account login management system of an application APP system, and the method specifically comprises the following steps:
s1, the account login management system pops up on a registration page and moves a Mobile Terminal (MT)iUser U ofiA dialog box for interactive communication;
s2, the account login management system is in a binary system domainOn the selected curve Dp(a, b) in the curve Dp(a, B) randomly selecting a point B as a base point, and displaying the base point B in the dialog box, i.e. returning to the mobile terminal MTiUser U ofi;
3. The system of claim 2, wherein in step two, if SB ═ B, then1+ eH fails, indicating that authentication failed, mobile terminal MTiUser U ofiIf the identity is illegal, the mobile terminal MT is rejectediUser U ofiLogging into an application APP system.
4. The system of claim 3, wherein the interactive communication dialog box has traceless communication function, that is, all interactive communication contents in the dialog box have no backup record.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010050787.8A CN111212427A (en) | 2020-01-14 | 2020-01-14 | Application APP account login management system based on mobile terminal |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010050787.8A CN111212427A (en) | 2020-01-14 | 2020-01-14 | Application APP account login management system based on mobile terminal |
Publications (1)
Publication Number | Publication Date |
---|---|
CN111212427A true CN111212427A (en) | 2020-05-29 |
Family
ID=70787352
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010050787.8A Pending CN111212427A (en) | 2020-01-14 | 2020-01-14 | Application APP account login management system based on mobile terminal |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111212427A (en) |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101902476A (en) * | 2010-07-27 | 2010-12-01 | 浙江大学 | Method for authenticating identity of mobile peer-to-peer user |
CN101969377A (en) * | 2010-10-09 | 2011-02-09 | 成都市华为赛门铁克科技有限公司 | Zero-knowledge identity authentication method and system |
CN106850699A (en) * | 2017-04-10 | 2017-06-13 | 中国工商银行股份有限公司 | A kind of mobile terminal login authentication method and system |
US20180270065A1 (en) * | 2017-03-15 | 2018-09-20 | NuID, Inc. | Methods and systems for universal storage and access to user-owned credentials for trans-institutional digital authentication |
CN110266496A (en) * | 2019-06-18 | 2019-09-20 | 浙江齐治科技股份有限公司 | A kind of identity identifying method and system |
-
2020
- 2020-01-14 CN CN202010050787.8A patent/CN111212427A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101902476A (en) * | 2010-07-27 | 2010-12-01 | 浙江大学 | Method for authenticating identity of mobile peer-to-peer user |
CN101969377A (en) * | 2010-10-09 | 2011-02-09 | 成都市华为赛门铁克科技有限公司 | Zero-knowledge identity authentication method and system |
US20180270065A1 (en) * | 2017-03-15 | 2018-09-20 | NuID, Inc. | Methods and systems for universal storage and access to user-owned credentials for trans-institutional digital authentication |
CN106850699A (en) * | 2017-04-10 | 2017-06-13 | 中国工商银行股份有限公司 | A kind of mobile terminal login authentication method and system |
CN110266496A (en) * | 2019-06-18 | 2019-09-20 | 浙江齐治科技股份有限公司 | A kind of identity identifying method and system |
Non-Patent Citations (4)
Title |
---|
左为平等: "一种基于椭圆曲线的双向身份认证方案", 《天水师范学院学报》 * |
曹炳华等: "基于自证明公钥和零知识证明的身份认证协议", 《计算机工程》 * |
王龙葛等: "基于椭圆曲线的数字签名及其身份识别", 《郑州轻工业学院学报(自然科学版)》 * |
风行南方: "零知识证明介绍", 《HTTPS://BLOG.CSDN.NET/LANSOUL1987/ARTICLE/DETAILS/90744165》 * |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN113285807B (en) | Network access authentication method and system for intelligent equipment | |
CN111031365B (en) | User authentication system suitable for cloud broadcast television network | |
CN109257391A (en) | A kind of access authority opening method, device, server and storage medium | |
CN111294796A (en) | Smart phone login management system based on zero-knowledge proof | |
CN106161348A (en) | A kind of method of single-sign-on, system and terminal | |
CN111600713A (en) | Security protection system based on cloud computing server | |
CN107180172A (en) | A kind of IPSAN access control methods and device based on USBKey digital certificate authentications | |
CN108011873A (en) | A kind of illegal connection determination methods based on set covering | |
CN111695147A (en) | Data security management system based on cloud storage technology | |
CN106161475A (en) | The implementation method of subscription authentication and device | |
CN115842680A (en) | Network identity authentication management method and system | |
CN111935067A (en) | Enterprise user identity authentication system based on cloud computing technology | |
CN103532979A (en) | Method for generating and verifying multi-conversation verification codes under CGI (common gateway interface) for web | |
US11575667B1 (en) | System and method for secure communications | |
CN102833214A (en) | Webpage login system and method based on credential | |
CN111274572A (en) | User login authentication system based on online banking safety management | |
CN109639695A (en) | Dynamic identity authentication method, electronic equipment and storage medium based on mutual trust framework | |
CN111212427A (en) | Application APP account login management system based on mobile terminal | |
CN111277571A (en) | Enterprise APP login management system based on zero-knowledge proof | |
CN111245623A (en) | Login safety management system based on game login server | |
US10447688B1 (en) | System for secure communications | |
CN111898113A (en) | Intelligent interactive enterprise knowledge management platform | |
CN111581609A (en) | User identity authentication system based on application program login | |
CN111581610A (en) | Login management system based on database security | |
CN111600838A (en) | Authority management system based on network database |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200529 |
|
RJ01 | Rejection of invention patent application after publication |