CN113434852A - Password processing method, password verification device, medium and electronic equipment - Google Patents

Password processing method, password verification device, medium and electronic equipment Download PDF

Info

Publication number
CN113434852A
CN113434852A CN202110836379.XA CN202110836379A CN113434852A CN 113434852 A CN113434852 A CN 113434852A CN 202110836379 A CN202110836379 A CN 202110836379A CN 113434852 A CN113434852 A CN 113434852A
Authority
CN
China
Prior art keywords
character string
password
indication information
salt
value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110836379.XA
Other languages
Chinese (zh)
Inventor
王俊杰
胡志鹏
程龙
刘勇成
袁思思
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Netease Hangzhou Network Co Ltd
Original Assignee
Netease Hangzhou Network Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Netease Hangzhou Network Co Ltd filed Critical Netease Hangzhou Network Co Ltd
Priority to CN202110836379.XA priority Critical patent/CN113434852A/en
Publication of CN113434852A publication Critical patent/CN113434852A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Document Processing Apparatus (AREA)

Abstract

The present disclosure relates to the field of computers, and in particular, to a password processing method, a password verification method, a password processing apparatus, a password verification apparatus, a computer-readable storage medium, and an electronic device, where the method includes: acquiring a plaintext password, and encrypting the plaintext password and a salt value generated randomly to obtain a first character string; randomly generating sequence values with the same number as the salt values; filling the salt value to a filling position corresponding to the sequence value in the character string to be filled; filling a plurality of characters to the residual filling positions in the character string to be filled in sequence to obtain a second character string; and generating position indication information according to the plurality of sequence values, and binding the position indication information and the second character string to obtain the encrypted password. Through the technical scheme of the embodiment of the disclosure, the problem of low user password security can be solved.

Description

Password processing method, password verification device, medium and electronic equipment
Technical Field
The present disclosure relates to the field of computers, and in particular, to a password processing method, a password verification method, a password processing apparatus, a password verification apparatus, a computer-readable storage medium, and an electronic device.
Background
With the rapid development of the internet, the requirement of the user on password security is higher and higher, and the password of the user is rarely stored in various systems by directly storing the plaintext password.
In the related art, a one-way hash algorithm is usually adopted to convert a plaintext password into a fixed bit number, and the value obtained by the one-way hash algorithm is irreversible, so that the one-way hash algorithm has better security.
However, with the continuous research of one-way hash algorithms, the user password can be cracked violently through the rainbow table nowadays. The rainbow table is a pre-computed table used for encryption hash function inverse operation, and can be used for cracking the hash value of the password. For some simple passwords, the passwords can be easily reversely deduced from the rainbow table, namely, hidden dangers are hidden for password security of users in a password storage mode in the related technology.
It is to be noted that the information disclosed in the above background section is only for enhancement of understanding of the background of the present disclosure, and thus may include information that does not constitute prior art known to those of ordinary skill in the art.
Disclosure of Invention
The disclosure aims to provide a password processing method and device, a computer readable storage medium and an electronic device, which can solve the problem of low security of a user password.
Additional features and advantages of the disclosure will be set forth in the detailed description which follows, or in part will be obvious from the description, or may be learned by practice of the disclosure.
According to a first aspect of the present disclosure, there is provided a cryptographic processing method, including: acquiring a plaintext password, and encrypting the plaintext password and a salt value generated randomly to obtain a first character string; wherein the first string comprises a plurality of characters; randomly generating sequence values with the same number as the salt values; the maximum value of the sequence values is the sum of the number of the characters in the first character string and the number of the salt values, and the sequence values are different from each other; filling the salt value to a filling position corresponding to the sequence value in the character string to be filled; the character string to be filled comprises a plurality of filling positions, and the number of the filling positions is the sum of the number of the characters in the first character string and the number of the salt values; filling the characters to the rest filling positions in the character string to be filled in sequence to obtain a second character string; and generating position indication information according to the plurality of sequence values, and binding the position indication information and the second character string to obtain an encrypted password.
In an exemplary embodiment of the present disclosure, based on the foregoing scheme, the encrypting the plaintext password and the randomly generated salt value to obtain the first character string includes: and carrying out irreversible encryption on the plaintext password and the salt value generated randomly to obtain a first character string.
In an exemplary embodiment of the present disclosure, based on the foregoing scheme, the irreversible encryption includes MD5 encryption.
In an exemplary embodiment of the present disclosure, based on the foregoing scheme, the generating position indication information according to the plurality of sequence values, and binding the position indication information and the second character string to obtain an encrypted password includes: reversibly encrypting the sequence value to obtain a position indication character string; and splicing the position indication character string and the second character string to obtain an encrypted password.
According to a second aspect of the present disclosure, there is provided a password authentication method, comprising: acquiring an encrypted password obtained by any one of claims 1 to 4, and separating the encrypted password to obtain position indication information and a third character string corresponding to the encrypted password; separating the third character string according to the position indication information to obtain the salt value and a fourth character string; acquiring a password to be verified, and encrypting the password to be verified and the separated salt value to obtain a character string to be verified; and comparing whether the character string to be verified is consistent with the fourth character string, wherein the password to be verified is correct when the character string to be verified is consistent with the fourth character string.
In an exemplary embodiment of the present disclosure, based on the foregoing scheme, the separating the encrypted password to obtain the location indication information and the third string corresponding to the encrypted password includes: acquiring splicing position information for splicing the position indication information and the second character string; and separating the encrypted password according to the splicing position information to obtain position indication information and a third character string corresponding to the encrypted password.
In an exemplary embodiment of the present disclosure, based on the foregoing scheme, the separating the third character string according to the location indication information to obtain the salt value and a fourth character string includes: acquiring a sequence value corresponding to the position indication information; and extracting a salt value corresponding to the sequence value from the third character string, and taking the character string with the salt value extracted as a fourth character string.
According to a third aspect of the present disclosure, there is provided a cryptographic processing apparatus, characterized in that the apparatus includes: the password encryption processing module is used for acquiring a plaintext password and encrypting the plaintext password and a salt value generated randomly to obtain a first character string; wherein the first string comprises a plurality of characters; a sequence value generation module for randomly generating a plurality of different sequence values; wherein the maximum value of the sequence value is the sum of the number of the characters in the first character string and the number of the salt value; the salt value generating module is used for filling the salt value to a filling position corresponding to the sequence value in the character string to be filled; the character string to be filled comprises a plurality of filling positions, and the number of the filling positions is the sum of the number of the characters in the first character string and the number of the salt values; the second character string determining module is used for sequentially filling the characters to the residual filling positions in the character string to be filled to obtain a second character string; and the encrypted password determining module is used for generating position indicating information according to the plurality of sequence values and binding the position indicating information and the second character string to obtain an encrypted password.
According to a fourth aspect of the present disclosure, there is provided a password authentication apparatus, characterized in that the apparatus comprises: an encrypted password obtaining module, configured to obtain an encrypted password obtained according to any one of claims 1 to 4, and separate the encrypted password to obtain location indication information and a third string corresponding to the encrypted password; the salt value separation module is used for separating the third character string according to the position indication information to obtain a salt value and a fourth character string; the password to be verified acquisition module is used for acquiring a password to be verified, and encrypting the password to be verified and the salt value obtained by separation to obtain a character string to be verified; and the character string comparison module is used for comparing whether the character string to be verified is consistent with the fourth character string or not, and when the character string to be verified is consistent with the fourth character string, the password to be verified is correct.
According to a fifth aspect of the present disclosure, there is provided a computer-readable storage medium, on which a computer program is stored, which when executed by a processor, implements a cryptographic processing method as described in the first aspect of the embodiments above or a cryptographic authentication method as described in the second aspect of the embodiments above.
According to a sixth aspect of the present disclosure, there is provided an electronic device comprising:
a processor; and
a memory for storing one or more programs which, when executed by the one or more processors, cause the one or more processors to implement a cryptographic processing method as described in the first aspect of the embodiments above or a cryptographic authentication method as described in the second aspect of the embodiments above.
The technical scheme provided by the embodiment of the disclosure can have the following beneficial effects:
in the password processing method or the password verification method provided by the embodiment of the disclosure, on one hand, a plurality of salt values are added into the password, so that the complexity of the password can be improved, and the cracking difficulty is improved; on the other hand, salt values are randomly distributed in the character string subjected to encryption processing, the salt value position cannot be determined when the password is cracked, the user password is prevented from being cracked violently through a rainbow table, and therefore the security of the user password is improved.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and together with the description, serve to explain the principles of the disclosure. It is to be understood that the drawings in the following description are merely exemplary of the disclosure, and that other drawings may be derived from those drawings by one of ordinary skill in the art without the exercise of inventive faculty. In the drawings:
fig. 1 schematically illustrates a schematic diagram of an exemplary system architecture of a cryptographic processing method or a cryptographic verification method in an exemplary embodiment of the disclosure;
FIG. 2 schematically illustrates a flow diagram of cryptographic processing in an exemplary embodiment of the disclosure;
fig. 3 schematically illustrates a flowchart of splicing a position indication string and a second string to obtain an encrypted password in an exemplary embodiment of the present disclosure;
FIG. 4 schematically illustrates a flow diagram for password authentication in an exemplary embodiment of the present disclosure;
fig. 5 schematically illustrates a flowchart of separating an encrypted password according to splicing position information to obtain position indication information and a third string corresponding to the encrypted password in an exemplary embodiment of the present disclosure;
fig. 6 schematically illustrates a schematic diagram of extracting a salt value corresponding to a sequence value from a third character string and taking the character string after extracting the salt value as a fourth character string in the exemplary embodiment of the disclosure;
fig. 7 is a schematic diagram illustrating a composition of a cryptographic processing apparatus according to an exemplary embodiment of the present disclosure;
FIG. 8 is a schematic diagram illustrating components of a password authentication device according to an exemplary embodiment of the present disclosure;
fig. 9 schematically shows a schematic structural diagram of a computer system of an electronic device suitable for implementing an exemplary embodiment of the present disclosure.
Detailed Description
Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many different forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art. The described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. Furthermore, the described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided to give a thorough understanding of embodiments of the disclosure. One skilled in the relevant art will recognize, however, that the subject matter of the present disclosure can be practiced without one or more of the specific details, or with other methods, components, devices, steps, and so forth. In other instances, well-known structures, methods, devices, implementations, materials, or operations are not shown or described in detail to avoid obscuring aspects of the disclosure.
The block diagrams shown in the figures are functional entities only and do not necessarily correspond to physically separate entities. That is, these functional entities may be implemented in the form of software, or in one or more software-hardened modules, or in different networks and/or processor devices and/or microcontroller devices.
Fig. 1 shows a schematic diagram of an exemplary system architecture to which a password processing method or a password authentication method of an embodiment of the present disclosure may be applied.
As shown in fig. 1, the system architecture 1000 may include one or more of terminal devices 1001, 1002, 1003, a network 1004, and a server 1005. The network 1004 is used to provide a medium for communication links between the terminal devices 1001, 1002, 1003 and the server 1005. Network 1004 may include various connection types, such as wired, wireless communication links, or fiber optic cables, to name a few.
It should be understood that the number of terminal devices, networks, and servers in fig. 1 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation. For example, the server 1005 may be a server cluster composed of a plurality of servers.
A user may use the terminal devices 1001, 1002, 1003 to interact with a server 1005 via a network 1004 to receive or transmit messages or the like. The terminal devices 1001, 1002, 1003 may be various electronic devices having a display screen, including but not limited to smart phones, tablet computers, portable computers, desktop computers, and the like. In addition, the server 1005 may be a server that provides various services.
In one embodiment, the execution subject of the password processing method or the password authentication method of the present disclosure may be the server 1005. Taking the password processing method as an example, the server 1005 may obtain the plaintext passwords sent by the terminal devices 1001, 1002, and 1003, encrypt the plaintext passwords and the salt values generated randomly to obtain first character strings, randomly generate the same number of sequence values as the salt values, fill the salt values to filling positions corresponding to the sequence values in the character strings to be filled, sequentially fill a plurality of characters to remaining filling positions in the character strings to be filled to obtain second character strings, generate position indication information according to the plurality of sequence values, bind the position indication information and the second character strings to obtain encrypted passwords, and then return the obtained encrypted passwords to the terminal devices 1001, 1002, and 1003. Further, the cryptographic processing method of the present disclosure may also be executed by the terminal devices 1001, 1002, 1003, and the like to realize a process of obtaining an encrypted password from a plaintext password and a salt value.
In addition, the implementation process of the cryptographic processing method of the present disclosure may also be implemented by the terminal devices 1001, 1002, 1003 and the server 1005 together. Taking the password processing method as an example, the terminal devices 1001, 1002, and 1003 may obtain a plaintext password and a salt value generated randomly, encrypt the plaintext password and the salt value generated randomly to obtain a first character string, randomly generate sequence values having the same number as the salt value, send a plurality of different obtained sequence values to the server 1005, so that the server 1005 may fill the salt value into a filling position corresponding to the sequence value in the character string to be filled, sequentially fill a plurality of characters into remaining filling positions in the character string to be filled to obtain a second character string, generate position indication information according to the plurality of sequence values, and bind the position indication information and the second character string to obtain an encrypted password.
Referring to fig. 2, a flowchart illustrating a cryptographic processing method in the exemplary embodiment may include the following steps:
step S210: acquiring a plaintext password, and encrypting the plaintext password and a salt value generated randomly to obtain a first character string; wherein the first character string comprises a plurality of characters;
step S220: randomly generating a plurality of different sequence values; the maximum value of the sequence value is the sum of the number of the characters in the first character string and the number of the salt values;
step S230: filling the salt value to a filling position corresponding to the sequence value in the character string to be filled; the character string to be filled comprises a plurality of filling positions, and the number of the filling positions is the sum of the number of the characters in the first character string and the number of the salt values;
step S240: filling a plurality of characters into a character string to be filled in sequence to obtain a second character string;
step S250: and generating position indication information according to the plurality of sequence values, and binding the position indication information and the second character string to obtain the encrypted password.
According to the password processing scheme provided in the exemplary embodiment, a plaintext password may be obtained, a first character string may be obtained by encrypting the plaintext password and a salt value generated at random, a plurality of different sequence values may be generated at random, the salt value is filled into a filling position corresponding to the sequence value in the character string to be filled, a plurality of characters are sequentially filled into remaining filling positions in the character string to be filled to obtain a second character string, position indication information is generated according to the plurality of sequence values, and the position indication information and the second character string are bound to obtain an encrypted password.
Embodiments of the present disclosure. On one hand, the complexity of the password can be improved by adding a plurality of salt values into the password, so that the cracking difficulty is improved; on the other hand, salt values are randomly distributed in the character string subjected to encryption processing, the salt value position cannot be determined when the password is cracked, the user password is prevented from being cracked violently through a rainbow table, and therefore the security of the user password is improved.
Next, steps S210 to S250 of the cryptographic processing method in the present exemplary embodiment will be described in more detail with reference to fig. 2 and the embodiment.
Step S210: acquiring a plaintext password, and encrypting the plaintext password and a salt value generated randomly to obtain a first character string; wherein the first character string comprises a plurality of characters;
in an example embodiment of the present disclosure, a plaintext cipher may be obtained. Specifically, the password refers to a password stored in various systems. For example, the password may include an account password that needs to be input by the social software when logging in, may also include a password when acquiring the administrator right, may also include a password corresponding to the game account number, and the like. The plaintext cipher is a cipher transmitted or stored as plaintext. In particular, when the password is stored or transmitted through the network, the plaintext characters are directly displayed. For example, if the original password is 123456, the plaintext password is 123456, and the ciphertext password corresponding to the plaintext password may be denoted as ×, i.e., the specific content of the original password may be determined by the plaintext password. It should be noted that the present disclosure is not limited to the type of password.
In an example embodiment of the present disclosure, the plurality of salt values may be randomly generated. Specifically, the salt value is a random value, and when the system stores the user password, the salt value can be generated to be combined with the password input by the user. Specifically, a plurality of salt values may be spliced at the head or the tail of the plaintext cipher, or the salt values may be distributed in the plaintext cipher according to a specific rule. It should be noted that, the present disclosure does not specifically limit the specific way of splicing the plaintext cipher and the salt value. After the plaintext password and the salt value are spliced, the plaintext password and the salt value generated randomly can be encrypted to obtain a first character string. Specifically, the plaintext password may be converted into the first string. The encryption process may include irreversible encryption, reversible encryption, and the like.
Specifically, irreversible encryption means that a secret key is not needed in the encryption process, the system directly processes the input plaintext through an encryption algorithm to form a ciphertext, the encrypted data cannot be decrypted, the plaintext is only input again, the same irreversible encryption algorithm is processed again to obtain the same encrypted ciphertext, the same encrypted ciphertext is identified again by the system, and then consistency verification is carried out to decrypt the encrypted ciphertext. For example, the irreversible encryption may employ MD5 Message Digest Algorithm (MD5 Message-Digest Algorithm), and the MD5 Algorithm may transform a password of any length into a 128-bit string; the irreversible encryption may also use a Secure Hash Algorithm (Secure Hash Algorithm), which may calculate a fixed-length string corresponding to a digital message. Specifically, reversible encryption means that a key is required to be used in the encryption process, and the encrypted data can be decrypted through the key. For example, the reversible decryption may employ a data encryption algorithm, an international encryption algorithm, or the like. In the present disclosure, the specific manner of the encryption process is not particularly limited.
Step S220, randomly generating sequence values with the same number as the salt values;
in an example embodiment of the present disclosure, the randomly generated sequence values may be the same number as the salt values. Specifically, the sequence value is a positive integer, and may be used to indicate a position of a certain character in a certain character string. The maximum value of the sequence value is the sum of the number of the characters in the first character string and the number of the salt values, and the number of the sequence values is the same as the number of the salt values. For example, assuming that the number of characters in the first string is 32 and the number of randomly generated salt values is 8, the maximum value that the sequence value can take is 40, for example, the randomly generated sequence values are 1, 3, 5, 7, 9, 11, 13, 15, and the maximum value of each sequence value does not exceed 40; as another example, assuming that the number of characters in the first string is 20 and the number of randomly generated salt values is 5, the maximum value that the sequence value can take is 25. In the present disclosure, the manner of randomly generating a plurality of different sequence values is not particularly limited.
Step S230, filling the salt value to a filling position corresponding to the sequence value in the character string to be filled;
in an example embodiment of the present disclosure, the salt value is padded to a padding position corresponding to the sequence value in the character string to be padded. The character string to be filled comprises a plurality of filling positions, and the number of the filling positions is the sum of the number of the characters in the first character string and the number of the salt values. Specifically, the filling position corresponding to the sequence value refers to a number corresponding to the sequence value, which can be used to indicate the filling position to be filled by the salt value,
for example, the number of the first character strings in the above steps is 32, and the number of the randomly generated salt values is 8, then 40 filling positions (a1, a2, A3.. a40) are included in the character string to be filled, and if the sequence value is 1, 3, 5, 7, 9, 11, 13, 15, the salt values generated in the above steps are respectively filled into a1, A3, a5, a7, a9, a11, a13, a 15; for another example, if the number of the first character strings in the above steps is 20 and the number of the salt values generated randomly is 5, then 25 filling positions (a1, a2, A3.. a25) are included in the character string to be filled, and if the sequence values are 7, 9, 11, 13, and 15, then the salt values generated in the above steps are respectively filled into a7, a9, a11, a13, and a 15.
Step S240, filling a plurality of characters to the residual filling positions in the character string to be filled in sequence to obtain a second character string;
in an example embodiment of the present disclosure, a plurality of characters corresponding to a first character string may be sequentially filled to remaining filling positions in a character string to be filled to obtain a second character string. Specifically, after the character strings to be filled with a plurality of salt values are obtained through the above steps, the characters of the first character string may be sequentially filled to the remaining filling positions in the character strings to be filled. Specifically, the remaining filling positions in the character string to be filled refer to filling positions in the character string to be filled, where the maximum value of the sequence values in the character string to be filled is the sum of the number of the characters in the first character string and the number of the sequence values, and the remaining filling positions are left after filling the filling positions in the character string to be filled, which correspond to the sequence values, with salt values in the above steps. The characters in the first character string can be sequentially filled to the remaining filling positions in the character string to be filled to obtain a second character string.
For example, the character string to be filled includes 40 filling positions (a1, a2, A3.. a40), the generated salt values are respectively filled into a1, A3, A5, a7, a9, a11, a13 and a15 in the above steps, then a2, A4, A6, A8, a10, a12, a14 and a 16-a 40 are the remaining filling positions in the character string to be filled, at this time, the characters in the first character string may be sequentially filled into a2, A4, A6, A8, a10, a12, a14 and a 16-a 40 to obtain the second character string; for another example, the character string to be filled includes 25 filling positions (a1, a2, A3.. a40), and the salt values generated in the above steps are respectively filled into a7, a9, a11, a13, and a15, so that a1 to A6, A8, a10, a12, a14, and a16 to a40 are the remaining filling positions in the character string to be filled, and at this time, the characters in the first character string may be sequentially filled into a1 to A6, A8, a10, a12, a14, a16 to a40 to obtain the second character string.
And step S250, generating position indication information according to the plurality of sequence values, and binding the position indication information and the second character string to obtain an encrypted password.
In an example embodiment of the present disclosure, the position indication information may be generated from a plurality of sequence values. Specifically, the position indication information may be used to indicate a filling position of the salt value in the second character string. For example, the location indication information may be generated by reversibly encrypting the sequence value. In the present disclosure, the manner of generating the position indication information from the plurality of sequence values is not particularly limited.
In an example embodiment of the present disclosure, after the position indication information is obtained through the above steps, the position indication information may be bound with the second character string to obtain the encrypted password. Specifically, the position indication information and the second character string may be spliced to obtain an encrypted password; or, a mapping relationship between the position indication information and the second character string may be configured, that is, the position indication information having the mapping relationship and the second character string are encrypted passwords, the position indication information corresponding to the second character string may be determined according to the mapping relationship between the position indication information and the second character string, and the salt value in the second character string may be obtained through the position indication information. It should be noted that, in the present disclosure, a manner of binding the position indication information and the second character string to obtain the encrypted password is not particularly limited.
In an example embodiment of the present disclosure, the reversible encryption may be performed on the sequence value to obtain a position indication string, and the position indication string and the second string may be spliced to obtain an encrypted password. Referring to fig. 3, splicing the position indication character string and the second character string to obtain the encrypted password may include the following steps S310 to S320:
step S310, reversible encryption is carried out on the sequence value to obtain a position indication character string;
in an example embodiment of the present disclosure, the sequence value may be reversibly encrypted to obtain a location indication string. Specifically, reversible encryption means that a key is required to be used in the encryption process, and the encrypted data can be decrypted through the key. It should be noted that the present disclosure is not limited to the specific manner of reversible encryption.
And step S320, splicing the position indication character string and the second character string to obtain an encrypted password.
In an example embodiment of the present disclosure, after reversibly encrypting the sequence value to obtain the position indication string, the position indication string may be spliced with the second string to obtain the encrypted password. Specifically, the position indication character string obtained by reversibly encrypting the sequence value may be spliced at any position of the second character string, for example, the position indication character string obtained by reversibly encrypting the sequence value may be spliced at the front end of the second character string, the position indication character string obtained by reversibly encrypting the sequence value may be spliced at the rear end of the second character string, or the position indication character string obtained by reversibly encrypting the sequence value may be spliced between any two filling positions in the second character string. In addition, the present disclosure does not specifically limit the position where the position indication character string is spliced with the second character string.
Through the steps S310 to S320, the sequence value can be reversibly encrypted to obtain the position indication character string, and the position indication character string and the second character string are spliced to obtain the encrypted password.
Referring to fig. 4, a flowchart illustrating a password authentication method in the present exemplary embodiment may include the following steps:
step S410, obtaining the encrypted password obtained in any one of the above embodiments, and separating the encrypted password to obtain the position indication information and the third string corresponding to the encrypted password;
step S420, separating the third character string according to the position indication information to obtain a salt value and a fourth character string;
step S430, acquiring a password to be verified, and encrypting the password to be verified and the separated salt value to obtain a character string to be verified;
step S440, comparing whether the character string to be verified is consistent with the fourth character string, and when the character string to be verified is consistent with the fourth character string, the password to be verified is correct.
According to the password authentication scheme provided in the exemplary embodiment, the encrypted password obtained in any one of the above embodiments may be obtained, the encrypted password is separated to obtain the position indication information and the third character string corresponding to the encrypted password, the third character string is separated to obtain the salt value and the fourth character string according to the position indication information, the password to be authenticated is obtained, the password to be authenticated and the salt value obtained by separation are encrypted to obtain the character string to be authenticated, whether the character string to be authenticated and the fourth character string are consistent or not is compared, and when the character string to be authenticated and the fourth character string are consistent, it is determined that the password to be authenticated is correct.
Next, steps S410 to S440 of the password authentication method in the present exemplary embodiment will be described in more detail with reference to fig. 4 and the embodiment.
Step S410, obtaining the encrypted password obtained in any one of the above embodiments, and separating the encrypted password to obtain the position indication information and the third string corresponding to the encrypted password;
in an example embodiment of the present disclosure, the encrypted password obtained in any one of the above embodiments may be obtained, and the location indication information and the third string corresponding to the encrypted password are obtained by separating the encrypted password. Specifically, a separation rule may be set, and the position indication information and the third string corresponding to the encrypted password may be obtained by separating the encrypted password according to the separation rule.
For example, the position indication information is 5 character strings, and the position indication information is spliced at the rear end of the third character string, at this time, the separation rule may be to separate 5 character strings after the encryption password, the obtained 5 character strings are the position indication information, and the remaining part is the third character string; for another example, the position indication information is a character string with 8 numbers, and the position indication information is spliced between the 4 th character and the 5 th character in the third character string, in this case, the separation rule may be to separate the character string between the 4 th character and the 5 th character in the third character string of the encrypted password, the obtained 8 character strings are the position indication information, and the remaining part is the third character string. It should be noted that, in the present disclosure, a specific manner of separating the encrypted password to obtain the position indication information and the third string corresponding to the encrypted password is not particularly limited.
In an example embodiment of the present disclosure, splicing position information for splicing the position indication information and the second character string may be obtained, and the encrypted password is separated according to the splicing position information to obtain the position indication information and the third character string corresponding to the encrypted password. Referring to fig. 5, the separating the encrypted password according to the splicing position information to obtain the position indication information and the third string corresponding to the encrypted password may include the following steps S510 to S520:
step S510, acquiring splicing position information for splicing the position indication information and the second character string;
in an example embodiment of the present disclosure, concatenation position information for concatenating the position indication information and the second character string may be acquired. Specifically, the splicing position information may be used to indicate a splicing position of the position indication information and the second character string. For example, the splicing position information may be splicing position indication information at the front end of the second character string; or, the splicing position information may be splicing position indication information at the rear end of the second character string; alternatively, the concatenation position information may be concatenation position indication information between certain two characters in the second character string. It should be noted that, the specific content of the splicing position information in the present disclosure is not particularly limited.
And step S520, separating the encrypted password according to the splicing position information to obtain position indication information corresponding to the encrypted password and a third character string.
In an example embodiment of the present disclosure, after the splicing position information that splices the position indication information and the second character string is acquired, the encrypted password may be separated according to the splicing position information to obtain the position indication information and the third character string corresponding to the encrypted password. For example, the obtained encryption passwords are B1, B2, B3.. B9, and B10, the splicing position information obtained by splicing the position indication information and the second character string is the splicing position indication information at the front end of the second character string, and the number of the position indication information is 3, then the position indication information corresponding to the encryption password is B1, B2, and B3, and the third character string corresponding to the encryption password is B4, B5, B6, B7, B8, B9, and B10. It should be noted that, the present disclosure does not specifically limit the specific manner of separating the encrypted password according to the splicing position information.
Through the steps S510 to S520, the splicing position information for splicing the position indication information and the second character string can be obtained, and the encrypted password is separated according to the splicing position information to obtain the position indication information corresponding to the encrypted password and the third character string.
Step S420, separating the third character string according to the position indication information to obtain a salt value and a fourth character string;
in an example embodiment of the present disclosure, after the splicing position information for splicing the position indication character string and the second character string is obtained through the above steps, the third character string may be separated according to the position indication information to obtain a salt value and a fourth character string. Specifically, the concatenation position information may be used to indicate a position of the salt in the third string, and the salt may be found in the third string according to the concatenation position information and separated to obtain the salt and the fourth string. Note that, the present disclosure is not limited to a specific manner of separating the salt value from the third string according to the position indication information.
In an example embodiment of the present disclosure, a sequence value corresponding to the position indication information may be acquired, a salt value corresponding to the sequence value is proposed from the third character string, and the character string after the salt value is proposed is taken as the fourth character string. Referring to fig. 6, extracting a salt corresponding to the sequence value from the third string, and using the string with the salt extracted as the fourth string, may include the following steps S610 to S620:
step S610, acquiring a sequence value corresponding to the position indication information;
in an example embodiment of the present disclosure, a sequence value corresponding to the position indication information may be acquired. Specifically, the position indication information may be obtained by reversibly encrypting a plurality of sequence values. At this time, the position indication information may be decrypted to obtain a sequence value corresponding to the position indication information. It should be noted that, in the present disclosure, a specific manner of obtaining the sequence value corresponding to the position indication information is not particularly limited.
Step S620, a salt corresponding to the sequence value is extracted from the third character string, and the character string with the salt extracted is used as a fourth character string.
In an example embodiment of the present disclosure, after the sequence value corresponding to the position indication information is acquired, a salt value corresponding to the sequence value may be proposed from the third character string, and the character string after the salt value is proposed may be used as the fourth character string. Specifically, the salt value is a random value, and when the system stores the user password, the salt value can be generated to be combined with the password input by the user. When the password is verified, a salt value randomly generated in the password processing process needs to be added, so that a salt value corresponding to the sequence value needs to be provided from the third character string. Wherein, the salt value corresponding to the sequence value is the salt value corresponding to the filling position represented by the number of the sequence value. For example, if the sequence values obtained through the above steps are 1, 3, 5, 7, and 9, and the third character string obtained through the above steps is C1, C2, C3... C18, C19, and C20, then the character strings corresponding to C1, C3, C5, C7, and C9 may be extracted, that is, the contents corresponding to C1, C3, C5, C7, and C9 are salt values, and the C2, C4, C6, C8, C10.. C20 after the salt values are extracted may be used as a fourth character string. It should be noted that the specific manner of extracting the salt value from the third string is not specifically limited in the present disclosure.
Through the steps S610 to S620, the sequence value corresponding to the position indication information may be acquired, the salt value corresponding to the sequence value is extracted from the third character string, and the character string with the salt value extracted is used as the fourth character string.
Step S420, acquiring a password to be verified, and encrypting the password to be verified and the separated salt value to obtain a character string to be verified;
in an example embodiment of the present disclosure, a password to be authenticated may be obtained. Specifically, the password to be authenticated refers to a password input by the user and used for operations such as login and authorization, and if the password to be authenticated is correct, the operations such as login and authorization can be performed. It should be noted that the present disclosure is not limited to the specific type of password to be authenticated.
In an example embodiment of the present disclosure, after the password to be verified is obtained, the password to be verified and the salt value obtained by the separation in the above steps may be encrypted to obtain a character string to be verified. Specifically, the encryption process may include irreversible encryption and reversible encryption. Specifically, irreversible encryption means that a secret key is not needed in the encryption process, the system directly processes the input plaintext through an encryption algorithm to form a ciphertext, the encrypted data cannot be decrypted, the plaintext is only input again, the same irreversible encryption algorithm is processed again to obtain the same encrypted ciphertext, the same encrypted ciphertext is identified again by the system, and then consistency verification is carried out to decrypt the encrypted ciphertext. Reversible encryption means that a key is required to be used in the encryption process, and the encrypted data can be decrypted through the key. It should be noted that the encryption method for encrypting the password to be authenticated to obtain the character string to be authenticated needs to be the same as the encryption method for encrypting the plaintext password and the randomly generated salt value in the above password processing scheme.
Step S440, comparing whether the character string to be verified is consistent with the fourth character string, and when the character string to be verified is consistent with the fourth character string, the password to be verified is correct.
In an example embodiment of the present disclosure, after the to-be-verified character string obtained through the encryption processing is obtained through the above steps, whether the to-be-verified character string is consistent with the fourth character string may be compared. Specifically, if the character string to be verified is consistent with the fourth character string, it is indicated that the password to be verified corresponding to the character string to be verified is the same as the plaintext password corresponding to the fourth character string before the encryption processing, and therefore, the input password to be verified is correct, and at this time, operations such as login and authorization can be performed.
According to the password processing method provided in the exemplary embodiment, a plaintext password may be obtained, the plaintext password and a salt value generated randomly are encrypted to obtain a first character string, a sequence value with the same number as the salt value is generated randomly, the salt value is filled in a filling position corresponding to the sequence value in the character string to be filled, a plurality of characters are sequentially filled in remaining filling positions in the character string to be filled to obtain a second character string, position indication information is generated according to the plurality of sequence values, and the position indication information and the second character string are bound to obtain an encrypted password.
According to the password authentication method provided in the present exemplary embodiment, the encrypted password obtained in any one of the above schemes is obtained, the encrypted password is separated to obtain the position indication information and the third character string corresponding to the encrypted password, the third character string is separated to obtain the salt value and the fourth character string according to the position indication information, the password to be authenticated is obtained, the password to be authenticated and the salt value obtained by separation are encrypted to obtain the character string to be authenticated, whether the character string to be authenticated and the fourth character string are consistent or not is compared, and when the character string to be authenticated and the fourth character string are consistent, the password to be authenticated is correct.
Embodiments of the present disclosure. On one hand, the complexity of the password can be improved by adding a plurality of salt values into the password, so that the cracking difficulty is improved; on the other hand, salt values are randomly distributed in the character string subjected to encryption processing, the salt value position cannot be determined when the password is cracked, the user password is prevented from being cracked violently through a rainbow table, and therefore the security of the user password is improved.
It is noted that the above-mentioned figures are merely schematic illustrations of processes involved in methods according to exemplary embodiments of the present disclosure, and are not intended to be limiting. It will be readily understood that the processes shown in the above figures are not intended to indicate or limit the chronological order of the processes. In addition, it is also readily understood that these processes may be performed synchronously or asynchronously, e.g., in multiple modules.
In addition, in an exemplary embodiment of the disclosure, a password processing apparatus is also provided. Referring to fig. 7, a cryptographic processing apparatus 700 includes: a password encryption processing module 710, a sequence value generating module 720, a salt value generating module 730, a second character string determining module 740, and an encryption password determining module 750.
The password encryption processing module is used for acquiring a plaintext password and encrypting the plaintext password and a salt value generated randomly to obtain a first character string; wherein the first character string comprises a plurality of characters; a sequence value generation module for randomly generating a plurality of different sequence values; the maximum value of the sequence value is the sum of the number of the characters in the first character string and the number of the salt values; the salt value generating module is used for filling the salt value to a filling position corresponding to the sequence value in the character string to be filled; the character string to be filled comprises a plurality of filling positions, and the number of the filling positions is the sum of the number of the characters in the first character string and the number of the salt values; the second character string determining module is used for sequentially filling a plurality of characters to the residual filling positions in the character string to be filled to obtain a second character string; and the encrypted password determining module is used for generating position indicating information according to the plurality of sequence values and binding the position indicating information and the second character string to obtain the encrypted password.
In an exemplary embodiment of the present disclosure, based on the foregoing scheme, the apparatus further includes: and the irreversible encryption unit is used for carrying out irreversible encryption on the plaintext password and the salt value generated randomly to obtain a first character string.
In an exemplary embodiment of the present disclosure, the irreversible encryption includes MD5 encryption based on the foregoing scheme.
In an exemplary embodiment of the present disclosure, based on the foregoing scheme, generating the position indication information according to a plurality of sequence values, and binding the position indication information and the second character string to obtain the encrypted password, includes: the position indication character string determining unit is used for reversibly encrypting the sequence value to obtain a position indication character string; and the character string splicing unit is used for splicing the position indication character string and the second character string to obtain the encrypted password.
In an exemplary embodiment of the present disclosure, a password authentication apparatus is also provided. Referring to fig. 8, a password authentication apparatus 800 includes: the password verification system comprises an encryption password acquisition module 810, a salt value separation module 820, a password to be verified acquisition module 830 and a character string comparison module 840.
The encryption password acquisition module is used for acquiring the encryption password obtained in any scheme, and separating the encryption password to obtain position indication information and a third character string corresponding to the encryption password; the salt value separation module is used for separating the third character string according to the position indication information to obtain a salt value and a fourth character string; the password to be verified acquisition module is used for acquiring a password to be verified, and encrypting the password to be verified and the salt value obtained by separation to obtain a character string to be verified; and the character string comparison module is used for comparing whether the character string to be verified is consistent with the fourth character string or not, and the password to be verified is correct when the character string to be verified is consistent with the fourth character string.
In an exemplary embodiment of the present disclosure, based on the foregoing scheme, the device further includes: a splicing position information obtaining unit for obtaining splicing position information for splicing the position indication information and the second character string; and the encrypted password separation unit is used for separating the encrypted password according to the splicing position information to obtain the position indication information and the third character string corresponding to the encrypted password.
In an exemplary embodiment of the present disclosure, based on the foregoing scheme, the separating the third character string according to the position indication information to obtain the salt value and the fourth character string includes: a sequence value acquisition unit, configured to acquire a sequence value corresponding to the position indication information; and the salt value extraction unit is used for extracting the salt value corresponding to the sequence value from the third character string, and taking the character string after the salt value extraction as a fourth character string.
For details that are not disclosed in the embodiments of the present disclosure, please refer to the embodiments of the password processing method or the password verification method described above in the present disclosure for details that are not disclosed in the embodiments of the present disclosure.
It should be noted that although in the above detailed description several modules or units of the device for action execution are mentioned, such a division is not mandatory. Indeed, the features and functionality of two or more modules or units described above may be embodied in one module or unit, according to embodiments of the present disclosure. Conversely, the features and functions of one module or unit described above may be further divided into embodiments by a plurality of modules or units.
In addition, in an exemplary embodiment of the present disclosure, an electronic device capable of implementing the virtual light control method of the virtual studio is also provided.
As will be appreciated by one skilled in the art, aspects of the present disclosure may be embodied as a system, method or program product. Accordingly, various aspects of the present disclosure may be embodied in the form of: an entirely hardware embodiment, an entirely software embodiment (including firmware, microcode, etc.) or an embodiment combining hardware and software aspects that may all generally be referred to herein as a "circuit," module "or" system.
An electronic device 900 according to such an embodiment of the disclosure is described below with reference to fig. 9. The electronic device 900 shown in fig. 9 is only an example and should not bring any limitations to the functionality or scope of use of the embodiments of the present disclosure.
As shown in fig. 9, the electronic device 900 is embodied in the form of a general purpose computing device. Components of electronic device 900 may include, but are not limited to: the at least one processing unit 910, the at least one storage unit 920, a bus 930 connecting different system components (including the storage unit 920 and the processing unit 910), and a display unit 940.
Where the storage unit stores program code, the program code may be executed by the processing unit 910 to cause the processing unit 910 to perform the steps according to various exemplary embodiments of the present disclosure described in the above-mentioned "exemplary methods" section of this specification. For example, the processing unit 910 may perform step S210 as shown in fig. 2: acquiring a plaintext password, and encrypting the plaintext password and a salt value generated randomly to obtain a first character string; wherein the first character string comprises a plurality of characters; step S220: randomly generating a plurality of different sequence values; the maximum value of the sequence value is the sum of the number of the characters in the first character string and the number of the salt values; step S230: filling the salt value to a filling position corresponding to the sequence value in the character string to be filled; the character string to be filled comprises a plurality of filling positions, and the number of the filling positions is the sum of the number of the characters in the first character string and the number of the salt values; step S240: filling a plurality of characters into a character string to be filled in sequence to obtain a second character string; step S250: and generating position indication information according to the plurality of sequence values, and binding the position indication information and the second character string to obtain the encrypted password.
As another example, the processing unit 910 may execute step S410 shown in fig. 4, obtain the encrypted password obtained in any one of the above embodiments, and separate the encrypted password to obtain the location indication information and the third string corresponding to the encrypted password; step S420, separating the third character string according to the position indication information to obtain a salt value and a fourth character string; step S430, acquiring a password to be verified, and encrypting the password to be verified and the separated salt value to obtain a character string to be verified; step S440, comparing whether the character string to be verified is consistent with the fourth character string, and when the character string to be verified is consistent with the fourth character string, the password to be verified is correct.
As another example, the electronic device may implement the various steps shown in fig. 2 or fig. 4.
The storage unit 920 may include readable media in the form of volatile memory units, such as a random access memory unit (RAM)921 and/or a cache memory unit 922, and may further include a read only memory unit (ROM) 923.
Storage unit 920 may also include a program/utility 924 having a set (at least one) of program modules 925, such program modules 925 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment.
Bus 930 can be any of several types of bus structures including a memory unit bus or memory unit controller, a peripheral bus, an accelerated graphics port, a processing unit, or a local bus using any of a variety of bus architectures.
The electronic device 900 may also communicate with one or more external devices 970 (e.g., keyboard, pointing device, bluetooth device, etc.), with one or more devices that enable a user to interact with the electronic device 900, and/or with any devices (e.g., router, modem, etc.) that enable the electronic device 900 to communicate with one or more other computing devices. Such communication may occur via input/output (I/O) interface 950. Also, the electronic device 900 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN) and/or a public network, such as the Internet) via the network adapter 960. As shown, the network adapter 960 communicates with the other modules of the electronic device 900 via the bus 930. It should be appreciated that although not shown, other hardware and/or software modules may be used in conjunction with the electronic device 900, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to enable a computing device (which may be a personal computer, a server, a terminal device, or a network device, etc.) to execute the method according to the embodiments of the present disclosure.
In an exemplary embodiment of the present disclosure, there is also provided a computer-readable storage medium having stored thereon a program product capable of implementing the above-described method of the present specification. In some possible embodiments, various aspects of the disclosure may also be implemented in the form of a program product comprising program code for causing a terminal device to perform the steps according to various exemplary embodiments of the disclosure described in the above-mentioned "exemplary methods" section of this specification, when the program product is run on the terminal device.
A computer readable signal medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations for the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider).
Furthermore, the above-described figures are merely schematic illustrations of processes included in methods according to exemplary embodiments of the present disclosure, and are not intended to be limiting. It will be readily understood that the processes shown in the above figures are not intended to indicate or limit the chronological order of the processes. In addition, it is also readily understood that these processes may be performed synchronously or asynchronously, e.g., in multiple modules.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This application is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.

Claims (11)

1. A cryptographic processing method, the method comprising:
acquiring a plaintext password, and encrypting the plaintext password and a salt value generated randomly to obtain a first character string; wherein the first string comprises a plurality of characters;
randomly generating sequence values with the same number as the salt values; the maximum value of the sequence values is the sum of the number of the characters in the first character string and the number of the salt values, and the sequence values are different from each other;
filling the salt value to a filling position corresponding to the sequence value in the character string to be filled; the character string to be filled comprises a plurality of filling positions, and the number of the filling positions is the sum of the number of the characters in the first character string and the number of the salt values;
filling the characters to the rest filling positions in the character string to be filled in sequence to obtain a second character string;
and generating position indication information according to the plurality of sequence values, and binding the position indication information and the second character string to obtain an encrypted password.
2. The method of claim 1, wherein the encrypting the plaintext cipher and the randomly generated salt value to obtain a first string comprises:
and carrying out irreversible encryption on the plaintext password and the salt value generated randomly to obtain a first character string.
3. The method of claim 2, wherein the irreversible encryption comprises MD5 encryption.
4. The method according to claim 1, wherein generating the position indication information according to the plurality of sequence values, and binding the position indication information and the second character string to obtain an encrypted password comprises:
reversibly encrypting the sequence value to obtain a position indication character string;
and splicing the position indication character string and the second character string to obtain an encrypted password.
5. A method of password authentication, the method comprising:
acquiring an encrypted password obtained by any one of claims 1 to 4, and separating the encrypted password to obtain position indication information and a third character string corresponding to the encrypted password;
separating the third character string according to the position indication information to obtain the salt value and a fourth character string;
acquiring a password to be verified, and encrypting the password to be verified and the separated salt value to obtain a character string to be verified;
and comparing whether the character string to be verified is consistent with the fourth character string, wherein the password to be verified is correct when the character string to be verified is consistent with the fourth character string.
6. The method according to claim 5, wherein the separating the encrypted password to obtain the location indication information and the third string corresponding to the encrypted password comprises:
acquiring splicing position information for splicing the position indication information and the second character string;
and separating the encrypted password according to the splicing position information to obtain position indication information and a third character string corresponding to the encrypted password.
7. The method of claim 5, wherein the separating the third string according to the position indication information to obtain the salt value and a fourth string comprises:
acquiring a sequence value corresponding to the position indication information;
and extracting a salt value corresponding to the sequence value from the third character string, and taking the character string with the salt value extracted as a fourth character string.
8. A cryptographic processing apparatus, the apparatus comprising:
the password encryption processing module is used for acquiring a plaintext password and encrypting the plaintext password and a salt value generated randomly to obtain a first character string; wherein the first string comprises a plurality of characters;
a sequence value generation module for randomly generating a plurality of different sequence values; wherein the maximum value of the sequence value is the sum of the number of the characters in the first character string and the number of the salt value;
the salt value generating module is used for filling the salt value to a filling position corresponding to the sequence value in the character string to be filled; the character string to be filled comprises a plurality of filling positions, and the number of the filling positions is the sum of the number of the characters in the first character string and the number of the salt values;
the second character string determining module is used for sequentially filling the characters to the residual filling positions in the character string to be filled to obtain a second character string;
and the encrypted password determining module is used for generating position indicating information according to the plurality of sequence values and binding the position indicating information and the second character string to obtain an encrypted password.
9. A password authentication apparatus, the apparatus comprising:
an encrypted password obtaining module, configured to obtain an encrypted password obtained according to any one of claims 1 to 4, and separate the encrypted password to obtain location indication information and a third string corresponding to the encrypted password;
the salt value separation module is used for separating the third character string according to the position indication information to obtain a salt value and a fourth character string;
the password to be verified acquisition module is used for acquiring a password to be verified, and encrypting the password to be verified and the salt value obtained by separation to obtain a character string to be verified;
and the character string comparison module is used for comparing whether the character string to be verified is consistent with the fourth character string or not, and when the character string to be verified is consistent with the fourth character string, the password to be verified is correct.
10. A computer-readable storage medium, on which a computer program is stored, which program, when being executed by a processor, carries out the method according to any one of claims 1 to 7.
11. An electronic device, comprising:
a processor; and
memory for storing one or more programs which, when executed by the one or more processors, cause the one or more processors to implement the method of any of claims 1-7.
CN202110836379.XA 2021-07-23 2021-07-23 Password processing method, password verification device, medium and electronic equipment Pending CN113434852A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110836379.XA CN113434852A (en) 2021-07-23 2021-07-23 Password processing method, password verification device, medium and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110836379.XA CN113434852A (en) 2021-07-23 2021-07-23 Password processing method, password verification device, medium and electronic equipment

Publications (1)

Publication Number Publication Date
CN113434852A true CN113434852A (en) 2021-09-24

Family

ID=77761757

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110836379.XA Pending CN113434852A (en) 2021-07-23 2021-07-23 Password processing method, password verification device, medium and electronic equipment

Country Status (1)

Country Link
CN (1) CN113434852A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114884656A (en) * 2022-05-06 2022-08-09 中国银行股份有限公司 Encryption, decryption and password sending method and device
CN115022007A (en) * 2022-05-30 2022-09-06 中国银行股份有限公司 Data processing method and device, electronic equipment and storage medium
CN115086008A (en) * 2022-06-13 2022-09-20 北京信长城科技发展有限公司 Method and device for realizing password security protection, storage medium and electronic equipment
CN117238065A (en) * 2023-11-10 2023-12-15 深圳市每开创新科技有限公司 Unlocking method, passive electronic lock, electronic device and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107733656A (en) * 2017-10-23 2018-02-23 北京深思数盾科技股份有限公司 A kind of cipher authentication method and device
CN108462574A (en) * 2018-02-12 2018-08-28 广东睿江云计算股份有限公司 A kind of lightweight cipher encrypting method and system
CN110312054A (en) * 2019-06-28 2019-10-08 浙江大华技术股份有限公司 Encipher-decipher method and relevant apparatus, the storage medium of image
CN110351077A (en) * 2019-05-30 2019-10-18 平安科技(深圳)有限公司 Method, apparatus, computer equipment and the storage medium of data encryption

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107733656A (en) * 2017-10-23 2018-02-23 北京深思数盾科技股份有限公司 A kind of cipher authentication method and device
CN108462574A (en) * 2018-02-12 2018-08-28 广东睿江云计算股份有限公司 A kind of lightweight cipher encrypting method and system
CN110351077A (en) * 2019-05-30 2019-10-18 平安科技(深圳)有限公司 Method, apparatus, computer equipment and the storage medium of data encryption
CN110312054A (en) * 2019-06-28 2019-10-08 浙江大华技术股份有限公司 Encipher-decipher method and relevant apparatus, the storage medium of image

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114884656A (en) * 2022-05-06 2022-08-09 中国银行股份有限公司 Encryption, decryption and password sending method and device
CN115022007A (en) * 2022-05-30 2022-09-06 中国银行股份有限公司 Data processing method and device, electronic equipment and storage medium
CN115022007B (en) * 2022-05-30 2024-03-01 中国银行股份有限公司 Data processing method, device, electronic equipment and storage medium
CN115086008A (en) * 2022-06-13 2022-09-20 北京信长城科技发展有限公司 Method and device for realizing password security protection, storage medium and electronic equipment
CN115086008B (en) * 2022-06-13 2024-02-09 北京信长城科技发展有限公司 Method and device for realizing password security protection, storage medium and electronic equipment
CN117238065A (en) * 2023-11-10 2023-12-15 深圳市每开创新科技有限公司 Unlocking method, passive electronic lock, electronic device and storage medium
CN117238065B (en) * 2023-11-10 2024-03-26 深圳市每开创新科技有限公司 Unlocking method, passive electronic lock, electronic device and storage medium

Similar Documents

Publication Publication Date Title
CN109150499B (en) Method and device for dynamically encrypting data, computer equipment and storage medium
CN113434852A (en) Password processing method, password verification device, medium and electronic equipment
CN111131278B (en) Data processing method and device, computer storage medium and electronic equipment
US10608813B1 (en) Layered encryption for long-lived data
JP2017504856A (en) Data transfer optimization
CN110084599B (en) Key processing method, device, equipment and storage medium
CN110138739B (en) Data information encryption method and device, computer equipment and storage medium
USRE47324E1 (en) Data encryption systems and methods
US10476663B1 (en) Layered encryption of short-lived data
CN111193725B (en) Configuration-based combined login method and device and computer equipment
US9641328B1 (en) Generation of public-private key pairs
CN112784284B (en) Encryption processing system, encryption processing method, and recording medium
CN111814166B (en) Data encryption method and device and electronic equipment
CN110417724A (en) Application program logs in method, system, server and the terminal of state joint authentication
CN114448605A (en) Encrypted ciphertext verification method, system, equipment and computer readable storage medium
CN113946863A (en) Data encryption storage method, system, equipment and storage medium
CN117240625A (en) Tamper-resistant data processing method and device and electronic equipment
CN109711178B (en) Key value pair storage method, device, equipment and storage medium
US11356254B1 (en) Encryption using indexed data from large data pads
CN110414269B (en) Processing method, related device, storage medium and system of application installation package
CN101938478A (en) Set-top box browser, set-top box and method thereof
CN116132041A (en) Key processing method and device, storage medium and electronic equipment
CN115396179A (en) Data transmission method, device, medium and equipment based on block chain
CN113343269B (en) Encryption method and device
CN115086428B (en) Network request sending method and device and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20210924