CN112966252B

CN112966252B - Client verification method and device based on password technology, electronic equipment and medium

Info

Publication number: CN112966252B
Application number: CN202110458166.8A
Authority: CN
Inventors: 吴江桥
Original assignee: Ping An International Smart City Technology Co Ltd
Current assignee: Ping An International Smart City Technology Co Ltd
Priority date: 2021-04-26
Filing date: 2021-04-26
Publication date: 2023-11-24
Anticipated expiration: 2041-04-26
Also published as: CN112966252A

Abstract

The embodiment of the application discloses a client verification method and device based on a password technology, electronic equipment and a medium, and can be applied to the field of the password technology. The method comprises the following steps: receiving an authentication request sent by a client, wherein the authentication request carries initial characters, extracting the initial characters carried in the authentication request, generating a candidate character set according to the initial characters, generating authentication information based on the candidate character set, sending the authentication information to the client, receiving character information returned by the client based on the authentication information, and determining that the client passes the authentication if the character information is matched with a target character combination. By adopting the embodiment of the application, the corresponding verification information can be generated based on the received characters, and the intelligence in the information verification process is improved.

Description

Client verification method and device based on password technology, electronic equipment and medium

Technical Field

The present application relates to the field of cryptography, and in particular, to a client verification method, device, electronic apparatus, and medium based on cryptography.

Background

With the rapid development of cryptography, during the login or use of internet products (such as software applications, systems, etc.), an authentication process is generally required to prevent the authentication object of the internet product from continuously attempting to log in through a specific program. Currently, the verification process generally directly generates a verification code image by a server, wherein the verification code image can comprise a plurality of fuzzy characters, and the server feeds the verification code image back to the client so that a user using the client can complete verification in the client.

In practice, the verification method is generally not matched with the verification method desired by the user, if the old user is hard to see the characters in the blurred verification code, multiple verification errors are easily caused, namely, the server cannot select the corresponding verification method according to the actual situation of the user, so that how to select the verification method suitable for the user for verification becomes a problem to be solved urgently.

Disclosure of Invention

The embodiment of the application provides a client verification method, a device, electronic equipment and a medium based on a password technology, which can generate corresponding verification information based on received characters and are beneficial to improving the intelligence in the information verification process.

In one aspect, an embodiment of the present application provides a client authentication method based on cryptographic technology, where the method includes:

receiving a verification request sent by a client, wherein the verification request carries an initial character;

extracting the initial character carried in the verification request, and generating a candidate character set according to the initial character, wherein the candidate character set comprises a target character combination and an interference character combination;

generating verification information based on the candidate character set, and sending the verification information to the client;

Receiving character information returned by the client based on the verification information, wherein the character information comprises at least one character;

and if the character information is matched with the target character combination, determining that the client verification is passed.

In another aspect, an embodiment of the present application provides a client authentication apparatus based on cryptographic technology, including:

the receiving module is used for receiving a verification request sent by the client, wherein the verification request carries an initial character;

the processing module is used for extracting the initial character carried in the verification request, and generating a candidate character set according to the initial character, wherein the candidate character set comprises a target character combination and an interference character combination;

the processing module is further used for generating verification information based on the candidate character set and sending the verification information to the client;

the receiving module is further used for receiving character information returned by the client based on the verification information, wherein the character information comprises at least one character;

and the processing module is further used for determining that the client verification passes if the character information is matched with the target character combination.

In yet another aspect, an embodiment of the present application provides an electronic device, where the electronic device includes a processor and a storage device, where the processor is connected to the storage device, and the storage device is configured to store computer program instructions, and the processor is configured to perform the following steps:

In yet another aspect, embodiments of the present application provide a computer readable storage medium having stored therein computer program instructions for performing the following steps when executed by a processor:

The embodiment of the application receives the verification request sent by the client, wherein the verification request carries initial characters, extracts the initial characters carried in the verification request, generates a candidate character set according to the initial characters, generates verification information based on the candidate character set, sends the verification information to the client, receives character information returned by the client based on the verification information, and determines that the verification of the client passes if the character information is matched with the target character combination. Therefore, corresponding verification information can be generated based on the received characters, and the intelligence in the information verification process is improved.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings required for the description of the embodiments will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present application, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.

Fig. 1 is a schematic structural diagram of a client verification system based on cryptographic technology according to an embodiment of the present application;

FIG. 2 is a schematic flow chart of a client verification method based on cryptographic technique according to an embodiment of the present application;

FIG. 3 is a schematic diagram of an effect of verifying an image according to an embodiment of the present application;

FIG. 4 is a schematic diagram showing the effect of another verification image according to an embodiment of the present application;

FIG. 5 is a schematic diagram showing the effect of another verification interface according to an embodiment of the present application;

FIG. 6 is a flowchart of another client authentication method based on cryptographic techniques according to an embodiment of the present application;

FIG. 7 is a schematic diagram showing the effect of a verification mode selection interface according to an embodiment of the present application;

FIG. 8 is a schematic diagram of the effect of a character verification interface according to an embodiment of the present application;

Fig. 9 is a schematic structural diagram of a verification device according to an embodiment of the present application;

fig. 10 is a schematic structural diagram of an electronic device according to an embodiment of the present application.

Detailed Description

The technical solutions in the embodiments of the present application will be described below with reference to the accompanying drawings in the embodiments of the present application.

The embodiment of the application provides a client verification scheme based on a password technology, which can receive an initial character sent by a client, generate verification information according to the initial character, return the verification information to the client, and determine that the client passes verification based on the character information when character information returned by the client based on the verification information is received. Therefore, corresponding verification information can be generated based on the received characters, and the intelligence in the information verification process is improved.

It will be appreciated that the client described in the present application may be a terminal, for example, the terminal may be a smart phone, a tablet computer, a notebook computer, a desktop computer, a smart speaker, a smart watch, etc., which is not limited herein.

The technical scheme of the application can be applied to electronic equipment, wherein the electronic equipment can be a terminal, a server or other equipment for verification, and the application is not limited. Optionally, the method comprises the steps of. The server may be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server providing cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, CDNs, basic cloud computing services such as big data and artificial intelligent platforms. The terminal may be, but is not limited to, a smart phone, a tablet computer, a notebook computer, a desktop computer, etc.

In one possible implementation manner, the present application may be applied to a verification system, please refer to fig. 1, and fig. 1 is a schematic structural diagram of a verification system according to an embodiment of the present application. In an authentication system as shown in fig. 1, comprising at least one client and a server, the at least one client comprising an application of an internet product, the at least one client may be configured to send an authentication request to the server; the at least one client may be further configured to display a character verification interface or a verification mode selection interface; the at least one client may also be used to transmit character information or the like, without limitation. The server is the electronic equipment to which the scheme is applied, and can be used for receiving the verification request sent by the client; the server side can also be used for extracting initial characters carried in the verification request and generating a candidate character set according to the initial characters; the server side can also be used for generating verification information based on the candidate character set and sending the verification information to the client side; the server may also be configured to receive character information returned by the client based on the verification information, obtain a matching result of the character information and the target character combination, and the like, which is not limited herein.

It can be understood that the above scenario is merely an example, and does not constitute a limitation on the application scenario of the technical solution provided by the embodiment of the present application, and the technical solution of the present application may also be applied to other scenarios. For example, as one of ordinary skill in the art can know, with the evolution of the system architecture and the appearance of new service scenarios, the technical solution provided by the embodiment of the present application is also applicable to similar technical problems.

Based on the above description, the embodiment of the application provides a client verification method based on a cryptographic technology. Referring to fig. 2, fig. 2 is a flowchart of a client verification method based on cryptographic technology according to an embodiment of the present application, and the method may include steps S201 to S205.

S201, receiving a verification request sent by a client.

The verification request carries an initial character, where the initial character is one or more characters input in the client, such as a chinese character, an english character, a numeric character, other language characters (e.g., german characters, russian characters, etc.), and the like, which is not limited herein.

Optionally, the verification request may further carry login information in the client, where the login information may be a verification object name, a verification object unique id, and the like, and is not limited herein.

In one possible implementation, the verification request may further include location information of the initial character, the location information indicating a language order relationship of the character in the string. For example, each character in the character string "ocean broad sky" has corresponding position information, "sea" corresponds to a first position, "broad" corresponds to a second position, "sky" corresponds to a third position, and "null" corresponds to a fourth position, and in the verification request sent by the client, the position information of each initial character is carried, for example, the position information of the initial character "broad" is the second position, and the position information of the initial character "sky" is the third position. For another example, each character in the character string "LAUGH" has corresponding position information, "L" corresponds to a first position, "a" corresponds to a second position, "U" corresponds to a third position, "G" corresponds to a fourth position, "H" corresponds to a fifth position, and if the verification request sent by the client also carries the initial position information, for example, the position information of the initial character "L" is the first position, the position information of the initial character "a" is the second position, and the position information of the initial character "G" is the fourth position.

Alternatively, the position information of the initial character may be represented by a number, for example, a first position is denoted as 1, a second position is denoted as 2, a third position is denoted as 3, a fourth position is denoted as 4, and if the initial character information in the verification request is: the "broad" position information is the second position, and the "day" position information is the third position, and the initial character in the verification request may be represented in the form of "broad 2 days 3". The position information of the initial character may also be expressed alphabetically, for example, a first position is denoted as a, a second position is denoted as b, a third position is denoted as c, and a fourth position is denoted as d, if the initial character information in the verification request is: the "broad" position information is the second position, and the "sky" position information is the third position, and the initial character in the verification request may be represented in the form of "broad b-sky c". Similarly, the position information of the initial character may also be represented by other forms of numbers or letters, which are not limited herein.

S202, extracting initial characters carried in the verification request, and generating a candidate character set according to the initial characters.

The candidate character set is used for the client to select correct or incorrect character combinations from the candidate character set, so that whether the client can pass verification is determined. Optionally, the candidate character set may include a target character combination and an interference character combination, where the target character combination is a correct character in the candidate character set, and if a character selected by the client from the candidate character set matches the target character combination (i.e., the client selects the correct character combination), the client verifies that the character passes; the interference character combination is used for the interference verification object to select correct characters from the candidate character set, in other words, the incorrect character combination in the candidate character set, if the client selects the interference character, the client fails to verify.

In one possible implementation, generating the candidate character set from the initial character may include the steps of: acquiring at least one candidate character string containing initial characters; screening target candidate character strings from at least one candidate character string based on a preset screening rule, and constructing a target character combination based on each character in the target candidate character strings; determining an interference character combination according to each character included in at least one candidate character string; and constructing a candidate character set based on the target character combination and the interference character combination.

Wherein the at least one candidate character string includes an initial character. For example, if the initial character carried by the verification request sent by the client is "sea" and "sky", a plurality of candidate character strings including the initial character, such as "sea sky color", "skyline sea angle", "sea broadsky", and the like, may be obtained. For another example, if the initial character carried by the verification request sent by the client is "L", "a" and "G", then multiple candidate character strings including the initial character, such as multiple candidate character strings including "LAUGH", "LANG", "LAG", "LAUGHs", and the like, may be obtained.

Optionally, when the verification request sent by the client carries the position information of the initial character, the at least one candidate character string is a character string whose position information matches with the position information of the included initial character. For example, if the initial character carried by the verification request sent by the client is "broad 2 days 3", then a plurality of candidate character sets with the second position being "broad" and the third position being "day" can be obtained, such as "broad sky", "broad sky long" and waiting character strings. For another example, the initial character carried by the verification request sent by the client is "L1A2G4", a plurality of candidate character strings with the first position being "L", the second position being "a", and the fourth position being "G", such as a plurality of candidate character strings including LAUGH "," LANG "," LAUGHs ", etc., may be obtained.

Optionally, the at least one candidate character string may be obtained from a target character database, where the target character database includes a plurality of character strings, and after receiving a verification request sent by the client, the at least one candidate character string is obtained by matching an initial character in the verification request with a character string in the target character database. Alternatively, after receiving the verification request, the character string containing the initial character may be retrieved from the target character database according to the initial character in the verification request, so as to obtain at least one candidate character string.

The target candidate character string is a character string selected from the at least one candidate character string based on a preset screening rule. The preset filtering rule may be to randomly determine a string from at least one candidate string as a target candidate string, and if the at least one candidate string has only one candidate string, use the candidate string as the target candidate string. The preset filtering rule may further determine, as the target candidate character string, a candidate character string with the highest (or lowest) commonality among the at least one candidate character string according to the commonality of the candidate character string, where the commonality may be the number of times of use of the character string in the target character database obtained by means of web crawling, so as to record the commonality level, such as high, medium, low, etc., of each character string in the target character database.

Optionally, the method for screening the target candidate character string from the at least one candidate character string based on a preset screening rule may further include the following steps: and acquiring historical character information returned by the client of the historical record, determining each candidate character string which is not matched with the historical character information from at least one candidate character string, and randomly screening target candidate character strings from each candidate character string which is not matched with the historical character information. The historical character information is used for indicating character information returned to the client before the verification process, the historical character information comprises at least one character returned in a historical mode, and then each candidate character string which is not matched with the historical character information is determined according to at least one candidate character, so that the situation that when initial characters carried by multiple verification requests sent by the same client are identical, the same character information of the client is returned, and the character information comprises at least one character can be avoided. Alternatively, when the target candidate character string is selected from the candidate character strings that do not match the history character information, the target candidate character string may be randomly selected from the candidate character strings that do not match the history character information, or the candidate character string with the highest (or lowest) commonality among the at least one candidate character string may be determined as the target candidate character string according to the commonality of the candidate character strings that do not match the history character information, which is not limited herein.

The target character combination may include at least one character, and the target character combination is constructed based on each character in the target candidate character string, specifically may be constructed by characters in the target candidate character string other than the initial character. For example, if the target candidate character string is "sea sky", and the initial character carried by the verification request sent by the client is "sea" and "day", the characters in the target candidate character string except for the initial character are "broad", "null", and the target character combination may be "broad", "null". For another example, if the target candidate character string is "LAUGH", and the initial character carried by the verification request sent by the client is "L", "a" and "G", the characters except for the initial character in the target candidate character string are "U" and "H", and the target character combination may be "U" and "H";

alternatively, the target character combination may have location information. For example, if the target candidate character string is "ocean sky", and the initial character carried by the verification request sent by the client is "ocean 1 day 3" (i.e., "ocean" at the first position and "day" at the third position), the characters except for the initial character in the target candidate character string are: the second position "broad", the fourth position "null", the target character combination may be the second position "broad", the fourth position "null".

Wherein each character in the interfering character combination is different from each character in the at least one candidate character string. For example, after the initial character carried by the verification request sent by the client is "sea" and "sky", and the initial character is matched with the target character database, a plurality of candidate character strings including the initial character, such as a plurality of candidate character strings including "sea sky color", "skyline", "sea broadsky", etc., where each character in the plurality of candidate character strings includes characters including the initial character "sea" and "sky", and may include characters including "one", "color", "caree", "corner", "broad", "blank" and the like, and the interference character combination may not include characters including "one", "color", "caree", "corner", "broad", "blank" and the like. Further optionally, when determining that the interference character set is determined according to each character included in at least one candidate character string, determining that characters except for the characters in the candidate character string are randomly determined from an interference character library, where the interference character library may be a character library matched with the types of the characters in the candidate character string, if the characters in the candidate character string are chinese characters, the interference character library may include a large number of chinese characters, if the characters in the candidate character string are english letters, the interference character library may include each english letter, if the characters in the candidate character string are numerals, and the characters in the interference character library are each numerals.

Alternatively, each character in the interfering character combination may be the same as the character in the at least one candidate character string, but not include the characters other than the initial character in the same candidate character string. For example, after the initial character carried by the verification request sent by the client is "sea" and "sky", and the initial character is matched with the target character database, a plurality of candidate character strings containing the initial character, such as a plurality of candidate character strings containing initial characters such as "sea sky" and "career sea angle", may be obtained, each character in the plurality of candidate character strings may further include characters such as "one", "career", "corner", "wide", "empty" and the like besides the initial characters such as "sea" and "sky", and the interference character combination may not include "one", "career" ("one", "color" and "from" sea sky ") or may not include" career "(" career "and" angle "and" from "career sea angle") at the same time, or may not include "wide", "empty" ("broad" and "from" sea angle ") at the same time, but may include" one "," career "" "wide", "empty" "" and the like at the same time, or may not include "career" "" and "empty" at the same time. Further optionally, when determining the interference character combination according to each character included in the at least one candidate character string, determining the interference character combination randomly may be performed from the interference character library.

The candidate character set may include a target character combination and an interference character combination to construct a candidate character set. For example, according to the initial character "broad", "sky" (or "broad 2 days 3"), a plurality of candidate character strings "sea sky", "skyline sea angle", "sea broadsky", and the target candidate character string determined therefrom is "sea broadsky", then the target character combination may be "sea", "sky" (or "sea 1 sky 4"), and according to the interference character library, 3 characters "eating", "dream", "producing" included in the interference character combination may be obtained, so that characters included in the candidate character set may include "broad", "sky", "eating", "dream", "producing".

In one possible implementation, when at least one candidate character string containing the initial character is not acquired, character prompt information is generated based on the initial character, and the character prompt information is sent to the client. Wherein the character prompt information is used for prompting the client to resend the character which is different from the initial character, namely prompting the verification object to resend the character which is different from the initial character in the client

In one possible implementation manner, a history initial character carried in a history verification request sent by a client of a history record may be obtained, and when it is detected that an initial character carried in a verification request sent by the client matches with the history initial character, first prompt information is sent to the client, where the first prompt information is used to prompt that an initial character input by the client is repeated with the history initial character. The history initial character is used for indicating characters carried in a history verification request before the client sends the verification request. Therefore, the client can be prevented from repeatedly inputting the same initial character for verification, and the probability of being cracked by a program is reduced.

S203, generating verification information based on the candidate character set, and sending the verification information to the client.

The verification information is used for indicating information for verifying the verification object, the verification information can be a verification image containing a candidate character set, and the verification information can also comprise webpage interface information for describing the candidate character set, and is not limited herein.

Optionally, the verification information may further include sequence number characters randomly assigned to each character in the candidate character set. The serial number characters may be digital, english letters, or letters of other languages, without limitation. For example, the candidate character set includes characters "broad", "sky", "eating", "dream" and "produce", after sequence number characters are randomly allocated to the characters in the candidate character set, the characters can be obtained, where "sky" corresponds to sequence number 1, "broad" corresponds to sequence number 2, "produce" corresponds to sequence number 3, "dream" corresponds to sequence number 4, and "eat" corresponds to sequence number 5, and the verification information further includes sequence number characters corresponding to each character in the candidate character set.

In one possible implementation, the verification information may be a verification image, and generating the verification information based on the candidate character set may include the steps of: randomly arranging each character in the candidate character set, and generating a character image based on each character after random arrangement; and randomly adjusting display information of each character in the character image to obtain a verification image, wherein the display information comprises at least one of display size, display font and display definition. The character image may be a digital image including the candidate character set, or may be a digital image including the candidate character set and serial number characters of each character in the candidate character set. The random arrangement of each character (and the serial number character of each character) in the candidate character set may be determining the position of the character in the candidate character set in the character image, and the random arrangement of each character may be that the each character is randomly arranged on the same straight line in the character image, or that each character is randomly arranged on a certain curve in the character image, or that each character is randomly arranged at any position on the character image, which is not limited herein. The verification image may be an image obtained by randomly adjusting display information of the characters according to the character image, for example, determining a display size, a display font and a display definition of the characters in the candidate character set, and optionally, determining a pixel size of the verification image, which is not limited herein. Referring to fig. 3, fig. 3 is a schematic diagram illustrating an effect of a verification image provided by an embodiment of the present application, where the verification image shown in fig. 3 a is a verification image obtained by processing characters in a candidate character set, and the verification image includes characters: "Wide", "Tian", "eat", "dream", "produce"; the verification image shown in fig. 3 b is a verification image obtained by processing characters in the candidate character set and serial numbers corresponding to the characters in the candidate character set, where the verification image includes the characters: "broad", "day", "eating", "dream", "produce", and "day" corresponds to serial number character 1, "broad" corresponds to serial number character 2, "produce" corresponds to serial number character 3, "dream" corresponds to serial number character 4, "eat" corresponds to serial number character 5.

Further alternatively, when the display information of each character in the character image is randomly adjusted, an interference element may be added to the character image, so as to obtain a verification image. The interference element may mask part of the content of the character by randomly adding graphics into the character image, and may blur part of the content of the character in the character image, which is not limited herein. Thereby, the program can be prevented from acquiring characters in the verification image by OCR recognition or the like. Referring to fig. 4, fig. 4 is a schematic diagram illustrating an effect of another verification image according to an embodiment of the application. The verification image shown in a of fig. 4 is obtained by processing characters in a candidate character set and adding interference elements; fig. 4 b shows a verification image obtained by processing the characters in the candidate character set and the serial number characters corresponding to the characters in the candidate character set and adding the interference elements.

In one possible implementation, the verification information may be a web page interface information that may further include information describing the candidate character set, the web page interface information may include characters in the candidate character set, or may include each character in the candidate character set and a serial number character of each character. For example, the characters (and serial number characters of each character) in the candidate character set are randomly arranged, and then display information of the characters in the web page, such as display font, display size, display position, etc., may be described by html, etc., without limitation.

In one possible implementation, after sending the verification information to the client, the client receives the verification information, generates a first verification interface according to the verification information, and displays the first verification interface so that the verification object can select characters from the first verification interface. The first verification interface may include information such as a display area of the verification information, a character input focus, and the like. The display area of the verification information is used for displaying verification information (such as a verification image, a web page interface, etc.), the character input focus may be used for receiving a character selected by a verification object by the client, the character input focus may be a fixed position, the verification object may input a character (or a serial number character corresponding to the character) from a candidate character set from the fixed position, the character input focus may also be a position corresponding to each character in the display area of the verification information, and when the verification object clicks (such as a click/double click operation, etc.) on the corresponding position of each character (or the serial number character corresponding to the character), the client may receive the character selected by the verification object as the character corresponding to the position of the verification object click. Optionally, the first verification interface may further include an initial character display area, and when the character input focus is input at a fixed position, the fixed position is a position in the initial character display area, so that a user can select a correct character from the candidate character set according to the initial character.

For example, referring to fig. 5, fig. 5 is a schematic diagram showing the effect of another verification interface according to an embodiment of the present application, where the interface includes information such as a display area of the verification information, a character input focus, and a display area of an initial character. In the first verification interface shown in fig. 5 a, a verification image is displayed in a verification information display area in the first verification interface, and a character input focus is a fixed position shown in 5101 and 5102. Alternatively, when the authentication object inputs a character (or a serial number character of a character) in the candidate character set at the position shown in 5101, 5102, the input character (or a serial number character of a character) is displayed in the first authentication interface, such as the input character (or a serial number character of a character) is displayed in the display area of the initial character. In another first verification interface shown in fig. 5 b, a verification information display area in the first verification interface displays a web page interface returned by the electronic device, and a character input focus is a position corresponding to each character in the verification information display area, that is, a position shown in fig. 5 b and indicated by 5201. Optionally, when the authentication object clicks 5201 in the first authentication interface, the clicked character (or the serial number character of the character) is displayed in a fixed position in the first authentication interface, for example, in the initial character display area, as shown in fig. 5202 and 5203 in fig. 5 b.

It will be appreciated that the display interface of the verification information and the representation form of the character input focus may be combined arbitrarily, for example, when the verification information is a verification image, the character input focus may also be a position corresponding to each character in the display area of the verification information, and when the verification information is a web page interface, the character input focus may also be a fixed position, which is not limited herein.

In one possible implementation, when the target character combination in the candidate character set in the verification information is sent to the client to have the position information, the character input by the verification object in the client should also have the corresponding target position information. The location information is used to indicate the location information of the character that the client needs to receive, so that the electronic device can determine whether the client is authenticated or not through the target location information. For example, when the target character combination determined by the electronic device is "broad 2 days 3", that is, the second position is "broad", and the third position is "day", the position information of the character that the client needs to receive is the second position and the third position. Alternatively, when the character input focus in the first verification interface is a fixed position, a character (or a serial number character of the character) is input from a fixed position indicating target position information (e.g., a first position, a second position, etc.), and the position information of the input character (or the serial number character of the character) is the target position information. Optionally, when the character input focus in the first verification interface is the position corresponding to each character in the display area of the verification information, the target position information (such as the first position and the second position) is determined according to the sequence when the verification object touches the character (or the serial number character of the character), for example, when the position information of the character received by the client is required to be the first position and the third position, the client may detect that the character touched by the verification object first (or the serial number character of the character) is the first position, the character touched by the verification object second time (or the serial number character of the character) is the second position, and the characters touched by the verification object each time (or the serial number characters of the character) may be the same or different, which is not limited herein.

S204, receiving character information returned by the client based on the verification information.

Wherein the character information includes at least one character, and the at least one character may be a character selected by the verification object from the candidate character set in the client. Alternatively, the character information may be at least one character and position information of the at least one character. The character information can also be serial number characters corresponding to at least one character; the character information may also be a serial number character corresponding to at least one character and position information of the at least one character.

In one possible embodiment, the character information may be at least one character. For example, when the client receives the character "broad" and "day" input by the authentication object, the character information may be "broad" and "day".

In one possible embodiment, the character information may also be at least one character and position information of the at least one character. For example, when the second position is "broad" and the third position is "day" when the character received by the client and input by the verification object is "2 days broad 3".

In one possible implementation, the character information may also be a serial number character corresponding to at least one character. For example, when the client receives the serial number character "4" corresponding to the character "broad" inputted by the verification object and the serial number character "3" corresponding to the "day", the character information may be "43".

In one possible implementation, the character information may also be a serial number character corresponding to at least one character and location information of the at least one character. For example, when the client receives the serial number character "4" corresponding to the character "broad" input by the verification object, and the serial number character "1" corresponding to the "day", the position information of the at least one character is: the second position is "broad", the third position is "day", and the character information may be "4213", and it is understood that, in the character information, "4" indicates a serial number character of the character "broad", and "2" indicates a position information of the character "broad", 1 indicates a serial number character of the character "day", and "3" indicates a position information of the character "day".

Optionally, when the client detects that the selection of the verification object in the first verification interface is completed, character information is sent to the electronic device. The selection completion operation may be that the client detects that the verification object touches the corresponding control to indicate that the selection is completed, or the selection completion operation may be that the client detects that the last character is completed, which is not limited herein.

S205, if the character information is matched with the target character combination, determining that the client verification is passed.

Wherein client authentication is performed by an authentication object for indicating that an authentication request transmitted through the client is determined to be a person rather than a program (or machine). The character information being matched with the target character combination may mean that the characters in the character information are identical to the characters in the target character combination, for example, the characters included in the character information are "broad" and "day", and if the characters in the target character combination are "broad" and "day", the client verification is passed. The matching of the character information with the target character combination may also mean that the character (or the serial number of the character) in the character information and the position information of the character are the same as the character in the target character combination (or the serial number of the character in the target character combination in the verification information) and the position information of the character, for example, the character in the character information and the position information of the character are "2 days wide 3", and if the character in the target combination is "2 days wide 3", the client passes the verification.

In one possible implementation, if the character information does not match the target character combination, a prompt is sent to the client, where the prompt is used to prompt that verification fails. The verification failure is used for indicating that the verification request of the client fails, and the electronic device can request the client to perform verification again. Optionally, if any character in the character information is different from the character in the target character, the character information is not matched with the target character combination; when the characters in the character information and the characters in the target character combination have position information, any character in the character information is different from the target characters, or the characters in the character information are the same as the characters in the target character information, but the position information of the characters in the character information is different from the position information of the characters in the target character information, the character information and the target character combination are not matched.

In one possible implementation manner, the target character combination (or the serial number character of the character in the target character combination in the verification information) may be stored in a cache area (such as Ehcache) of the electronic device, or the target character combination (or the serial number character of the character in the target character combination in the verification information) and the position information corresponding to the character may be stored in the cache area (such as Ehcache) of the electronic device, so that when the character information is received, the target character combination (or the serial number character of the character in the target character combination in the verification information) and the position information corresponding to the character may be read from the cache area, thereby improving the matching efficiency. Optionally, the verification object information in the verification request may also be stored in a cache area of the electronic device, corresponding to the target character combination (or the serial number character of the character in the target character combination in the verification information), for example, in a key-value (key-value) form. For example, if the character in the target character combination is "broad" and "day", and the verification object information (such as the verification object name) in the verification request is "USER1", the corresponding storage may be: { USER1"," Wide day "}.

Optionally, the data stored in the buffer area during the verification process is deleted from the buffer area after the verification is finished (the verification result of the client is verification passing or verification failing is obtained) no matter whether the client passes the verification, so as to reduce the storage pressure of the buffer area.

Referring to fig. 6, fig. 6 is a flowchart of another client verification method based on cryptographic technology according to an embodiment of the present application. The method provided by the embodiment of the application can be applied to electronic equipment. As shown in fig. 6, the method may include steps S601-S607.

S601, receiving a verification trigger instruction sent by the client, and returning a verification mode selection interface to the client.

The verification trigger instruction may be an instruction for triggering identity verification, where the verification trigger instruction may be a verification trigger instruction sent by the client to the electronic device in response to a login operation of the verification object when the verification object logs in an internet product (such as software, a system, etc.), and the verification trigger instruction may also be a verification trigger instruction sent by the client to the electronic device when the internet product (such as software, a system, etc.) determines that verification object information logged in the client meets a certain condition according to a security mechanism, and if the number of times that the verification object information logged in the client repeatedly performs a certain operation at a certain time threshold is greater than a preset number of times, it indicates that the verification object information logged in the client triggers the security mechanism, and the client sends the verification trigger instruction to the electronic device.

The verification mode selection interface is used for selecting a target verification mode from the verification mode selection interface by the verification object through the client, and comprises at least one verification mode option which is used for corresponding to the verification mode. The verification method may be a character verification method, such as verification by a chinese four-word idiom, or verification by an english word, or verification by a mathematical expression, or verification by a chinese colloquial, which is not limited herein. The type of at least one candidate character string containing the initial character can be determined by selecting the character verification mode, for example, the verification mode is that the character verification is performed through Chinese four-word idioms, and when the initial character which is the Chinese character is obtained, the Chinese four-word idioms containing the initial character are obtained as the candidate character strings; for another example, when the verification mode is to verify through an english word, and an initial character that is an english letter is obtained, the english word that includes the initial character is obtained as a candidate string, and so on, and other possible verification modes are not described here. Optionally, when the client displays the verification manner selection interface, the at least one verification manner may be displayed in a classified manner, for example, the character type of the initial character input according to the requirement is classified, the number of characters of the initial character input is classified, and the like, which is not limited herein. Optionally, the verification mode selection interface may further include some conventional verification mode options, such as, but not limited to, continuing verification through a digital image with an interfering element, or verification through a verification code sent by sms/voice/mail, etc.

For example, referring to fig. 7, fig. 7 is a schematic diagram of an effect of a verification manner selection interface provided by an embodiment of the present application, where, as shown in fig. 7, the verification manner selection interface includes one or more verification manner options, when a client detects a verification manner selection operation in the verification manner selection interface, the client sends a selection instruction for a target verification manner option in at least one verification manner option to an electronic device when the verification manner selection operation is selected as the target verification manner option. The authentication mode selection operation may click an authentication mode option in the authentication mode selection interface for the authentication object in the client, thereby determining the clicked authentication mode option as a target authentication mode option.

S602, receiving a selection instruction which is returned by the client and aims at a target verification mode option in at least one verification mode option, and returning a character verification interface corresponding to the target verification mode option to the client.

The selection instruction for the target verification manner option in the at least one verification manner option may include a target verification manner corresponding to the target verification manner option, and may further include related verification information of the target verification manner, such as a first number of initial characters, location information of the initial characters, a second number of characters in candidate character strings including the initial characters, a third number of characters in a target character combination, a fourth number of characters in a candidate character set, a fifth number of characters and location information of character information returned by the client based on the verification information, and the information needed in the verification process when verification is performed by the target verification manner, which is not limited herein.

In a possible implementation manner, the target verification mode option may also be determined by the client at random, or by the client through verification object information logged in the client, for example, the verification object information indicates that the verification object is a pupil, and if the verification object information indicates that the verification object is a pupil, and the knowledge level is low, the verification may be performed through a simple mathematical expression without selecting a complex english word for verification, thereby implementing personalized verification for the verification object.

The character verification interface is used for receiving initial characters and triggering the client to generate a verification request based on the initial characters. The character verification interface is an interface corresponding to the target verification mode option, and the character verification interface can comprise an initial character input area which is used for receiving initial characters input by a verification object by a client. Alternatively, the initial character input area may include initial character input focuses, where the initial character input focuses may be any fixed position in the initial character input area, and the number of initial character input focuses is the same as the first number of initial characters indicated by the target verification method.

Optionally, when the target verification method indicates that the initial character has position information, the initial character input focus has position information, if the position information of the initial character indicated by the target verification method is preset position information (such as a first position and a second position), the number of the initial character input focuses is the same as the number of the preset position information, if the initial character indicated by the target verification method does not indicate preset position information (such as a first position and a second position), the number of the initial character input focuses is the same as the second number of candidate character strings indicated by the target verification method, and then the verification object can randomly select the initial character input focus with the same number as the first number of the initial character indicated by the target verification method in the character verification interface. Further optionally, in order to facilitate verification of position information (e.g., first position, second position, etc.) of the object recognition initial character input focus, the initial character input focus may be marked in the character verification interface or regularly distributed.

For example, when the target option of the target verification mode option is verified by a chinese four-word idiom, please refer to fig. 8, fig. 8 is a schematic diagram of an effect of a character verification interface according to an embodiment of the present application. As shown in fig. 8, the character verification interface includes an initial character input area 801, which is an initial character input focus, through which a client may receive an initial character input by a verification object, and after the verification object inputs the initial character, the verification object may display a corresponding initial character in the initial character input area.

S603, receiving a verification request sent by the client.

S604, extracting initial characters carried in the verification request, and generating a candidate character set according to the initial characters.

S605, generating verification information based on the candidate character set, and sending the verification information to the client.

S606, character information returned by the client based on the verification information is received.

S607, if the character information is matched with the target character combination, determining that the verification of the client passes.

Step S603 to step S607 may refer to the description related to step S201 to step S205, which will not be described herein.

In one possible implementation, if the character information does not match the target character combination, a prompt is sent to the client, where the prompt is used to prompt that verification fails. Optionally, the prompt information may trigger the client to reenter the initial character or to reselect the verification mode, in other words, after receiving the prompt information that fails to verify, the client displays a character verification interface or a verification mode selection interface, so that the verification object reenters the initial character or reselects the verification mode in the client.

The embodiment of the application receives a verification trigger instruction sent by a client, returns a verification mode selection interface to the client, receives a selection instruction of a target verification mode option returned by the client, returns a character verification interface corresponding to the target verification mode option to the client, receives a verification request which is sent by the client and is generated based on the character verification interface, the verification request carries initial characters, extracts the initial characters carried in the verification request, generates a candidate character set according to the initial characters, generates verification information based on the candidate character set, sends the verification information to the client, receives character information returned by the client based on the verification information, and determines that the client verification passes if the character information is matched with the target character combination. Therefore, corresponding verification information can be generated based on the received characters, and the intelligence in the information verification process is improved.

Based on the above description of the embodiment of the client verification method based on the cryptographic technology, the embodiment of the application also discloses a client verification device based on the cryptographic technology, which may be configured in the electronic device, for example, the device may be a computer program (including program code) running in the electronic device. The apparatus may perform the methods shown in fig. 2 and 6. Referring to fig. 9, the apparatus may operate as follows:

the receiving module 901 is configured to receive a verification request sent by a client, where the verification request carries an initial character;

a processing module 902, configured to extract the initial character carried in the verification request, and generate a candidate character set according to the initial character, where the candidate character set includes a target character combination and an interference character combination;

the processing module 902 is further configured to generate verification information based on the candidate character set, and send the verification information to the client;

the receiving module 901 is further configured to receive character information returned by the client based on the verification information, where the character information includes at least one character;

the processing module 902 is further configured to determine that the client verification passes if the character information matches the target character combination.

In one embodiment, the processing module 902 is configured to, when generating the candidate character set according to the initial character combination, specifically:

acquiring at least one candidate character string containing the initial character;

screening target candidate character strings from the at least one candidate character string based on a preset screening rule, and constructing a target character combination based on each character in the target candidate character strings;

determining an interference character combination according to each character included in the at least one candidate character string, wherein each character in the interference character combination is different from each character in the at least one candidate character string;

and constructing a candidate character set based on the target character combination and the interference character combination.

In one embodiment, the processing module 902 is configured to, when the target candidate string is selected from the at least one candidate string based on a preset filtering rule, specifically:

acquiring historical character information returned by the client of the historical record, wherein the historical character information comprises at least one character returned by the history;

determining each candidate character string of which the history character information is not matched from the at least one candidate character string;

Randomly screening target candidate character strings from candidate character strings which are not matched with the historical character information.

In one embodiment, the verification information is a verification image including the candidate character set, and the processing module 902 is specifically configured to, when generating the verification information based on the candidate character set:

randomly arranging each character in the candidate character set, and generating a character image based on each randomly arranged character;

and randomly adjusting display information of each character in the character image to obtain a verification image, wherein the display information comprises at least one of display size, display font and display definition.

In one embodiment, before the receiving module 901 is configured to receive the authentication request sent by the client, the receiving module 901 is further configured to:

receiving a verification trigger instruction sent by a client, and returning a verification mode selection interface to the client; the verification mode selection interface comprises at least one verification mode option;

receiving a selection instruction which is returned by the client and is aimed at a target verification mode option in the at least one verification mode option, returning a character verification interface corresponding to the target verification mode option to the client, wherein the character verification interface is used for receiving an initial character and triggering the client to generate a verification request based on the initial character.

In one embodiment, after the receiving module 901 is configured to receive the character information returned by the client based on the verification information, the processing module 902 is further configured to:

if the character information is not matched with the target character combination, sending prompt information to the client, wherein the prompt information is used for prompting verification failure and triggering the client to reenter an initial character or reselect a verification mode.

In one embodiment, the processing module 902 is further configured to generate, when at least one candidate character string that includes the initial character is not acquired, character prompt information based on the initial character, where the character prompt information is used to prompt the client to resend a character that is different from the initial character;

and sending character prompt information to the client.

The functional modules in the embodiments of the present application may be integrated into one processing module, or each module may exist alone physically, or two or more modules may be integrated into one module. The integrated modules may be implemented in hardware or in software functional modules, which is not limited by the present application.

The embodiment of the application receives the verification request sent by the client, wherein the verification request carries initial characters, extracts the initial characters carried in the verification request, generates a candidate character set according to the initial characters, generates verification information based on the candidate character set, sends the verification information to the client, receives character information returned by the client based on the verification information, and determines that the client passes the verification if the character information is matched with the target character combination. Therefore, corresponding verification information can be generated based on the received characters, and the intelligence in the information verification process is improved.

Referring to fig. 10 again, a schematic structural diagram of an electronic device according to an embodiment of the present application includes a processor 1001 and a storage device 1002. Optionally, the electronic device may also include a network interface 1003. Optionally, the electronic device may further include a power supply module and other structures. Wherein data can be interacted among the processor 1001, the storage device 1002 and the network interface 1003, the network interface 1003 is controlled by the processor to send and receive messages, the storage device 1002 is used for storing a computer program, the computer program comprises program instructions, and the processor 1001 is used for executing the program instructions stored by the storage device 1002. Wherein the processor 1001 is configured to invoke the program instructions to perform the above method.

The storage device 1002 may include volatile memory (RAM), such as random-access memory (RAM); the storage device 1002 may also include a non-volatile memory (non-volatile memory), such as a flash memory (flash memory), a Solid State Drive (SSD), etc.; the storage device 1002 may also include a combination of the types of memory described above.

The processor 1001 may be a central processing unit 1001 (central processing unit, CPU). In one embodiment, the processor 1001 may also be a graphics processor 1001 (Graphics Processing Unit, GPU). The processor 1001 may be a combination of a CPU and a GPU.

In one embodiment, the storage device 1002 is configured to store program instructions. The processor 1001 may call the program instructions to perform the steps of:

In one embodiment, when the processor 1001 executes the candidate character set generated according to the initial character combination, the specific execution is:

In one embodiment, when the processor 1001 performs the screening of the target candidate string from the at least one candidate string based on the preset screening rule, the specific implementation is:

In one embodiment, the verification information is a verification image including the candidate character set, and when the processor 1001 executes the generation of the verification information based on the candidate character set, the specific implementation is that:

In one embodiment, before the processor 1001 executes the authentication request sent by the receiving client, it may further execute:

In one embodiment, after the processor 1001 executes the receiving the character information returned by the client based on the verification information, the method may further execute:

In one embodiment, the processor 1001 may further execute, when at least one candidate character string including the initial character is not acquired, to generate character prompt information based on the initial character, the character prompt information being for prompting the client to retransmit a character different from the initial character;

and sending character prompt information to the client.

In a specific implementation, the device, the processor 1001, the storage device 1002, etc. described in the embodiments of the present application may perform the implementation described in the foregoing method embodiments, and may also perform the implementation described in the embodiments of the present application, which is not described herein again.

In an embodiment of the present application, there is also provided a computer (readable) storage medium storing a computer program, where the computer program includes program instructions, and when the program instructions are executed by a processor, the program may perform some or all of the steps performed in the foregoing method embodiments. The computer readable storage medium may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function, and the like; the storage data area may store data created from the use of blockchain nodes, and the like. The blockchain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, consensus mechanism, encryption algorithm and the like. The Blockchain (Blockchain), which is essentially a decentralised database, is a string of data blocks that are generated by cryptographic means in association, each data block containing a batch of information of network transactions for verifying the validity of the information (anti-counterfeiting) and generating the next block. The blockchain may include a blockchain underlying platform, a platform product services layer, an application services layer, and the like.

Embodiments of the present application also provide a computer program product or computer program comprising program instructions that may be stored in a computer readable storage medium. The processor of the computer device reads the program instructions from the computer-readable storage medium, and the processor executes the program instructions, so that the computer performs some or all of the steps performed in the above method, which will not be described herein.

References herein to "a plurality" means two or more. "and/or", describes an association relationship of an association object, and indicates that there may be three relationships, for example, a and/or B, and may indicate: a exists alone, A and B exist together, and B exists alone. The character "/" generally indicates that the context-dependent object is an "or" relationship.

Those skilled in the art will appreciate that implementing all or part of the above-described embodiment methods may be accomplished by way of a computer program stored in a computer storage medium, which may be a computer-readable storage medium, which when executed, may comprise the steps of the above-described embodiment methods. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), or the like.

The above disclosure is only a few examples of the present application, and it is not intended to limit the scope of the present application, but it is understood by those skilled in the art that all or a part of the above embodiments may be implemented and equivalent changes may be made in the claims of the present application.

Claims

1. A client authentication method based on cryptographic technology, comprising:

extracting the initial character carried in the verification request, and acquiring at least one candidate character string containing the initial character;

determining each candidate character string which is not matched with the historical character information from the at least one candidate character string;

screening target candidate character strings from candidate character strings which are not matched with the historical character information, and constructing a target character combination based on each character in the target candidate character strings;

Constructing a candidate character set based on the target character combination and the interference character combination, wherein the candidate character set comprises the target character combination and the interference character combination;

2. The method according to claim 1, wherein the verification information is a verification image comprising the candidate character set, and the step of generating the verification information based on the candidate character set specifically comprises:

3. The method according to claim 1 or 2, wherein prior to receiving the authentication request sent by the client, the method further comprises:

4. The method of claim 3, wherein after receiving character information returned by the client based on the verification information, the method further comprises:

5. The method according to claim 1, wherein the method further comprises:

when at least one candidate character string containing the initial character is not acquired, generating character prompt information based on the initial character, wherein the character prompt information is used for prompting the client to resend characters different from the initial character;

And sending character prompt information to the client.

6. A client authentication apparatus based on cryptographic technology, comprising:

the processing module is used for extracting the initial character carried in the verification request and acquiring at least one candidate character string containing the initial character;

7. An electronic device comprising a processor and a storage means, the processor being interconnected with the storage means, wherein the storage means is adapted to store computer program instructions, the processor being configured to execute the program instructions to implement the method of any of claims 1-5.

8. A computer readable storage medium, characterized in that the computer readable storage medium has stored therein computer program instructions for performing the method according to any of claims 1-5 when being executed by a processor.