CN111212427A - Application APP account login management system based on mobile terminal - Google Patents

Application APP account login management system based on mobile terminal Download PDF

Info

Publication number
CN111212427A
CN111212427A CN202010050787.8A CN202010050787A CN111212427A CN 111212427 A CN111212427 A CN 111212427A CN 202010050787 A CN202010050787 A CN 202010050787A CN 111212427 A CN111212427 A CN 111212427A
Authority
CN
China
Prior art keywords
user
mobile terminal
application app
management system
login management
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010050787.8A
Other languages
Chinese (zh)
Inventor
陈良准
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN202010050787.8A priority Critical patent/CN111212427A/en
Publication of CN111212427A publication Critical patent/CN111212427A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3218Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/068Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications

Abstract

The invention relates to the technical field of application APP account login management, and discloses an application APP account login management system based on a mobile terminal, which comprises: cloud server S running with application APP system softwarecMobile terminal MT running application APP system softwareiThe application APP system comprises an account login management system; the cloud server ScThrough wireless network equipment and mobile terminal MTiPerforming communication connection between each other; when the mobile terminal MTiUser U ofiWhen a login request is sent to an application APP system, an account login management system of the application APP system adopts a verification method based on zero-knowledge proof to the MTiUser U ofiOnly the mobile terminal MT performs authenticationiUser U ofiThe identity of the user passes the verification of the account login management system of the application APP system and is proved to be a legal userTo allow the mobile terminal MTiUser U ofiLogging into an application APP system. The invention further improves the technical effect of login security of the APP account.

Description

Application APP account login management system based on mobile terminal
Technical Field
The invention relates to the technical field of application APP account login management, in particular to an application APP account login management system based on a mobile terminal.
Background
With the development of internet technology, applications APP based on mobile terminals are continuously developed and widely used. Many applications APP involve the login of an individual account during use, and a user can automatically log in the own account in subsequent operations after the first login.
The existing account login method mainly comprises two modes, wherein one mode is that a mobile terminal sends and stores a user name and a password input by a user in a server, and simultaneously stores a device Identification (ID) and the user name corresponding to the mobile terminal in the mobile terminal, when the user starts application again, a client sends the device ID and the user name to the server for verification, and automatic login is performed if the verification is passed.
The other mode is that after the user successfully logs in for the first time, the server sends a token (token) corresponding to the mobile terminal, the mobile terminal receives and stores the device token, when the user starts the application again, the mobile terminal sends the device token to the server, the server verifies the device token, and the user automatically logs in after the verification is passed.
It can be seen that the existing two ways store the device ID/token in the mobile terminal permanently, so that the possibility of breaking the device is high, and potential safety hazards exist.
Disclosure of Invention
Technical problem to be solved
Aiming at the defects of the prior art, the invention provides an application APP account login management system based on a mobile terminal, which realizes the technical purpose of further improving the login safety of an application APP account through a user login authentication mode based on zero knowledge certification.
(II) technical scheme
In order to achieve the purpose, the invention provides the following technical scheme:
a login management system for an application APP account based on a mobile terminal comprises: cloud server S running with application APP system softwarecMobile terminal MT running application APP system softwareiThe application APP system comprises an account login management system;
the cloud server ScThrough wireless network equipment and mobile terminal MTiPerforming communication connection between each other;
when the mobile terminal MTiUser U ofiWhen a login request is sent to an application APP system, an account login management system of the application APP system adopts a verification method based on zero-knowledge proof to the MTiUser U ofiThe authentication method of the account login management system comprises the following steps:
the method comprises the following steps: mobile terminal MTiUser U ofiAccount in application APP systemThe user registration is carried out on the user login management system, and the method specifically comprises the following steps:
account login management system in binary domain
Figure BDA0002371104280000021
On the selected curve Dp(a, b) in the curve Dp(a, B) selecting a point B as a base point, and returning the base point B to the mobile terminal MTiUser U ofi
Mobile terminal MTiUser U ofiIn the binary field
Figure BDA0002371104280000022
Selecting a private key H, calculating a public key H ═ hB, and transmitting the public key H to an account login management system;
step two: when the mobile terminal MTiUser U ofiWhen a login request is sent to the application APP system, the account login management system of the application APP system starts to log in to the mobile terminal MTiUser U ofiThe identity of the user is verified, and the specific authentication process comprises the following steps:
s1, the account login management system pops up on a verification page and moves a Mobile Terminal (MT)iUser U ofiA dialog box for interactive communication;
s2. Mobile terminal MTiUser U ofiIn the binary field
Figure BDA0002371104280000031
Selecting a random number x at random, calculating B1X B, such that B1At curve DpOn (a, B), adding B1Inputting the data into a dialog box;
s3, the account login management system is randomly generated in a binary system domain
Figure BDA0002371104280000032
The random number e is displayed in the dialog box, i.e. returned to the mobile terminal MTiUser U ofi
S4. Mobile terminal MTiUser U ofiCalculating S as v + eh, and inputting S into the dialog box;
s5, the account login management system verifies the MTiUser U ofiIf SB is legal, B1If + eH is true, it indicates that the authentication is passed and the mobile terminal MTiUser U ofiIdentity legitimacy, i.e. allowing mobile terminals MTiUser U ofiLogging into an application APP system.
Further, in the step one, the mobile terminal MTiUser U ofiUser registration is carried out on an account login management system of an application APP system, and the method specifically comprises the following steps:
s1, the account login management system pops up on a registration page and moves a Mobile Terminal (MT)iUser U ofiA dialog box for interactive communication;
s2, the account login management system is in a binary system domain
Figure BDA0002371104280000033
On the selected curve Dp(a, b) in the curve Dp(a, B) randomly selecting a point B as a base point, and displaying the base point B in the dialog box, i.e. returning to the mobile terminal MTiUser U ofi
S3. Mobile terminal MTiUser U ofiIn the binary field
Figure BDA0002371104280000034
And selecting a private key H, calculating a public key H ═ hB, and inputting the public key H into the dialog box, namely transmitting the public key H to the account login management system.
Further, in the second step, if SB ═ B1+ eH fails, indicating that authentication failed, mobile terminal MTiUser U ofiIf the identity is illegal, the mobile terminal MT is rejectediUser U ofiLogging into an application APP system.
Furthermore, the interactive communication dialog box has a traceless communication function, that is, all interactive communication contents in the dialog box have no backup record.
(III) advantageous technical effects
Compared with the prior art, the invention has the following beneficial technical effects:
the invention is applicable to mobile terminal MTiUser U ofiWhen a login request is sent to an application APP system, an account login management system of the application APP system adopts a verification method based on zero-knowledge proof to the MTiUser U ofiOnly the mobile terminal MT performs authenticationiUser U ofiThe identity of the mobile terminal MT is verified by the account login management system of the application APP system to be a legal user, and the mobile terminal MT is allowediUser U ofiLogging in an application APP system;
and at the mobile terminal MTiUser U ofiAfter the identity authentication is completed, the account login management system only knows the MT of the mobile terminaliUser U ofiIs legitimate, it does not know the mobile terminal MTiUser U ofiPrivate key h of, i.e. mobile terminal MTiUser U ofiThe identity authentication is completed on the premise of not revealing the private key h of the user; (ii) a
Therefore, the technical effect of further improving the login safety of the APP account is achieved.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
A login management system for an application APP account based on a mobile terminal comprises: cloud server S running with application APP system softwarecMobile terminal MT running application APP system softwareiThe application APP system comprises an account login management system;
the cloud server ScThrough wireless network equipment and mobile terminal MTiPerforming communication connection between each other;
when the mobile terminal MTiUser U ofiWhen a login request is sent to an application APP system, an account login management system of the application APP system adopts a verification method based on zero-knowledge proof to the MTiUser U ofiThe authentication method of the account login management system comprises the following steps:
the method comprises the following steps: mobile terminal MTiUser U ofiUser registration is carried out on an account login management system of an application APP system, and the method specifically comprises the following steps:
s1, the account login management system pops up on a registration page and moves a Mobile Terminal (MT)iUser U ofiA dialog box for interactive communication;
s2, the account login management system is in a binary system domain
Figure BDA0002371104280000051
On the selected curve Dp(a, b) in the curve Dp(a, B) randomly selecting a point B as a base point, and displaying the base point B in the dialog box, i.e. returning to the mobile terminal MTiUser U ofi
S3. Mobile terminal MTiUser U ofiIn the binary field
Figure BDA0002371104280000052
Selecting a private key H, calculating a public key H ═ hB, and inputting the public key H into a dialog box, namely transmitting the public key H to an account login management system;
the private key h is the only legal certification key and is the mobile terminal MTiUser U ofiThe account is owned independently, namely the account login management system does not know the private key h;
step two: when the mobile terminal MTiUser U ofiWhen a login request is sent to the application APP system, the account login management system of the application APP system starts to log in the mobile terminal MTiUser U ofiThe identity of the user is verified, and the specific authentication process comprises the following steps:
s1, the account login management system pops up on a verification page and moves a Mobile Terminal (MT)iUser U ofiA dialog box for interactive communication;
s2. Mobile terminal MTiUser U ofiIn the binary field
Figure BDA0002371104280000061
Selecting a random number x at random, calculating B1X B, such that B1At curve DpOn (a, B), adding B1Inputting the data into a dialog box;
s3, the account login management system is randomly generated in a binary system domain
Figure BDA0002371104280000062
The random number e is displayed in the dialog box, i.e. returned to the mobile terminal MTiUser U ofi
S4. Mobile terminal MTiUser U ofiCalculating S as v + eh, and inputting S into the dialog box;
s5, the account login management system verifies the MTiUser U ofiIf SB is legal, B1If + eH is true, it indicates that the authentication is passed and the mobile terminal MTiUser U ofiIdentity legitimacy, i.e. allowing mobile terminals MTiUser U ofiLogging in an application APP system;
if SB is B1If + eH fails, it indicates that the authentication is not passed and the mobile terminal MTiUser U ofiThe identity being illegal, i.e. refusing the mobile terminal MTiUser U ofiLogging in an application APP system;
if the mobile terminal MTiUser U ofiAfter the identity of the mobile terminal MT passes the verification of the account login management system of the application APP system, the mobile terminal MT is provediUser U ofiIdentity legitimacy, i.e. allowing mobile terminals MTiUser U ofiLogging in an application APP system;
if the mobile terminal MTiUser U ofiIf the identity of the mobile terminal MT is not verified by the account login management system applying the APP system, the mobile terminal MT is provediUser U ofiThe identity being illegal, i.e. refusing the mobile terminal MTiUser U ofiLogging in an application APP system;
the interactive communication dialog box has a traceless communication function, namely all interactive communication contents in the dialog box have no backup record.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.

Claims (4)

1. The utility model provides an application APP account login management system based on mobile terminal which characterized in that includes: cloud server S running with application APP system softwarecMobile terminal MT running application APP system softwareiThe application APP system comprises an account login management system;
the cloud server ScThrough wireless network equipment and mobile terminal MTiPerforming communication connection between each other;
when the mobile terminal MTiUser U ofiWhen a login request is sent to an application APP system, an account login management system of the application APP system adopts a verification method based on zero-knowledge proof to the MTiUser U ofiThe authentication method of the account login management system comprises the following steps:
the method comprises the following steps: mobile terminal MTiUser U ofiUser registration is carried out on an account login management system of an application APP system, and the method specifically comprises the following steps:
account login management system in binary domain
Figure FDA0002371104270000013
On the selected curve Dp(a, b) in the curve Dp(a, B) selecting a point B as a base point, and returning the base point B to the mobile terminal MTiUser U ofi
Mobile terminal MTiUser U ofiIn the binary field
Figure FDA0002371104270000011
Selecting a private key H, calculating a public key H ═ hB, and transmitting the public key H to an account login management system;
step two: when the mobile terminal MTiUser U ofiWhen a login request is sent to the application APP system, the account login management system of the application APP system starts to log in to the mobile terminal MTiUser U ofiThe identity of the user is verified, and the specific authentication process comprises the following steps:
s1, the account login management system pops up on a verification page and moves a Mobile Terminal (MT)iUser U ofiA dialog box for interactive communication;
s2. Mobile terminal MTiUser U ofiIn the binary field
Figure FDA0002371104270000012
Selecting a random number x at random, calculating B1X B, such that B1At curve DpOn (a, B), adding B1Inputting the data into a dialog box;
s3, the account login management system is randomly generated in a binary system domain
Figure FDA0002371104270000021
The random number e is displayed in the dialog box, i.e. returned to the mobile terminal MTiUser U ofi
S4. Mobile terminal MTiUser U ofiCalculating S as v + eh, and inputting S into the dialog box;
s5, the account login management system verifies the MTiUser U ofiIf SB is legal, B1If + eH is true, it indicates that the authentication is passed and the mobile terminal MTiUser U ofiIdentity legitimacy, i.e. allowing mobile terminals MTiUser U ofiLogging into an application APP system.
2. The system according to claim 1, wherein in step one, the mobile terminal MT is configured to perform the steps ofiUser U ofiUser registration is carried out on an account login management system of an application APP system, and the method specifically comprises the following steps:
s1, the account login management system pops up on a registration page and moves a Mobile Terminal (MT)iUser U ofiA dialog box for interactive communication;
s2, the account login management system is in a binary system domain
Figure FDA0002371104270000023
On the selected curve Dp(a, b) in the curve Dp(a, B) randomly selecting a point B as a base point, and displaying the base point B in the dialog box, i.e. returning to the mobile terminal MTiUser U ofi
S3. Mobile terminal MTiUser U ofiIn the binary field
Figure FDA0002371104270000022
And selecting a private key H, calculating a public key H ═ hB, and inputting the public key H into the dialog box.
3. The system of claim 2, wherein in step two, if SB ═ B, then1+ eH fails, indicating that authentication failed, mobile terminal MTiUser U ofiIf the identity is illegal, the mobile terminal MT is rejectediUser U ofiLogging into an application APP system.
4. The system of claim 3, wherein the interactive communication dialog box has traceless communication function, that is, all interactive communication contents in the dialog box have no backup record.
CN202010050787.8A 2020-01-14 2020-01-14 Application APP account login management system based on mobile terminal Pending CN111212427A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010050787.8A CN111212427A (en) 2020-01-14 2020-01-14 Application APP account login management system based on mobile terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010050787.8A CN111212427A (en) 2020-01-14 2020-01-14 Application APP account login management system based on mobile terminal

Publications (1)

Publication Number Publication Date
CN111212427A true CN111212427A (en) 2020-05-29

Family

ID=70787352

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010050787.8A Pending CN111212427A (en) 2020-01-14 2020-01-14 Application APP account login management system based on mobile terminal

Country Status (1)

Country Link
CN (1) CN111212427A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101902476A (en) * 2010-07-27 2010-12-01 浙江大学 Method for authenticating identity of mobile peer-to-peer user
CN101969377A (en) * 2010-10-09 2011-02-09 成都市华为赛门铁克科技有限公司 Zero-knowledge identity authentication method and system
CN106850699A (en) * 2017-04-10 2017-06-13 中国工商银行股份有限公司 A kind of mobile terminal login authentication method and system
US20180270065A1 (en) * 2017-03-15 2018-09-20 NuID, Inc. Methods and systems for universal storage and access to user-owned credentials for trans-institutional digital authentication
CN110266496A (en) * 2019-06-18 2019-09-20 浙江齐治科技股份有限公司 A kind of identity identifying method and system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101902476A (en) * 2010-07-27 2010-12-01 浙江大学 Method for authenticating identity of mobile peer-to-peer user
CN101969377A (en) * 2010-10-09 2011-02-09 成都市华为赛门铁克科技有限公司 Zero-knowledge identity authentication method and system
US20180270065A1 (en) * 2017-03-15 2018-09-20 NuID, Inc. Methods and systems for universal storage and access to user-owned credentials for trans-institutional digital authentication
CN106850699A (en) * 2017-04-10 2017-06-13 中国工商银行股份有限公司 A kind of mobile terminal login authentication method and system
CN110266496A (en) * 2019-06-18 2019-09-20 浙江齐治科技股份有限公司 A kind of identity identifying method and system

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
左为平等: "一种基于椭圆曲线的双向身份认证方案", 《天水师范学院学报》 *
曹炳华等: "基于自证明公钥和零知识证明的身份认证协议", 《计算机工程》 *
王龙葛等: "基于椭圆曲线的数字签名及其身份识别", 《郑州轻工业学院学报(自然科学版)》 *
风行南方: "零知识证明介绍", 《HTTPS://BLOG.CSDN.NET/LANSOUL1987/ARTICLE/DETAILS/90744165》 *

Similar Documents

Publication Publication Date Title
CN113285807B (en) Network access authentication method and system for intelligent equipment
CN111031365B (en) User authentication system suitable for cloud broadcast television network
CN109257391A (en) A kind of access authority opening method, device, server and storage medium
CN111294796A (en) Smart phone login management system based on zero-knowledge proof
CN106161348A (en) A kind of method of single-sign-on, system and terminal
CN111600713A (en) Security protection system based on cloud computing server
CN107180172A (en) A kind of IPSAN access control methods and device based on USBKey digital certificate authentications
CN108011873A (en) A kind of illegal connection determination methods based on set covering
CN111695147A (en) Data security management system based on cloud storage technology
CN106161475A (en) The implementation method of subscription authentication and device
CN115842680A (en) Network identity authentication management method and system
CN111935067A (en) Enterprise user identity authentication system based on cloud computing technology
CN103532979A (en) Method for generating and verifying multi-conversation verification codes under CGI (common gateway interface) for web
US11575667B1 (en) System and method for secure communications
CN102833214A (en) Webpage login system and method based on credential
CN111274572A (en) User login authentication system based on online banking safety management
CN109639695A (en) Dynamic identity authentication method, electronic equipment and storage medium based on mutual trust framework
CN111212427A (en) Application APP account login management system based on mobile terminal
CN111277571A (en) Enterprise APP login management system based on zero-knowledge proof
CN111245623A (en) Login safety management system based on game login server
US10447688B1 (en) System for secure communications
CN111898113A (en) Intelligent interactive enterprise knowledge management platform
CN111581609A (en) User identity authentication system based on application program login
CN111581610A (en) Login management system based on database security
CN111600838A (en) Authority management system based on network database

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20200529

RJ01 Rejection of invention patent application after publication