CN1142654C - Method for realizing network accreditation by encipher clobber generating - Google Patents

Method for realizing network accreditation by encipher clobber generating Download PDF

Info

Publication number
CN1142654C
CN1142654C CNB021002908A CN02100290A CN1142654C CN 1142654 C CN1142654 C CN 1142654C CN B021002908 A CNB021002908 A CN B021002908A CN 02100290 A CN02100290 A CN 02100290A CN 1142654 C CN1142654 C CN 1142654C
Authority
CN
China
Prior art keywords
user
cipher machine
random number
key
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB021002908A
Other languages
Chinese (zh)
Other versions
CN1359210A (en
Inventor
胡祥义
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CNB021002908A priority Critical patent/CN1142654C/en
Publication of CN1359210A publication Critical patent/CN1359210A/en
Application granted granted Critical
Publication of CN1142654C publication Critical patent/CN1142654C/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

The present invention relates to a method for realizing network identity accreditation by encryption chaos. A pair of identical cipher machines are designed by a computer and information encoding and network technology to be respectively arranged at a computer terminal of a user and a network server terminal. A finite random number is generated by the encryption of the cipher machine of the user terminal to be transmitted to a network server by a network, and random numbers are produced by an encryption operating mode of one code at one step; a string of finite encryption random numbers, a group of cipher key index codes and a user number are transmitted on a network line; random numbers with the same length are produced by the same cipher keys by the cipher machine of the server terminal; two groups of random numbers are compared, and accordingly, the network identity accreditation is realized.

Description

Adopt the system of encryption to act foolishly and realize the method for network ID authentication
Technical field:
The present invention relates to information security field, be based on the network ID authentication of DSE arithmetic, be to place the cipher machine of an identical establishment respectively with webserver two ends specifically at subscriber computer, after making disorderly by the encryption of user side cipher machine, with user number, index sign indicating number and the random number of basic key BK are transferred to the webserver in the lump, cipher machine by this end is decrypted system disorderly with same key, random number with the contrast two ends is realized authentication, simultaneously, the index sign indicating number by change at random basic key BK guarantees that each system of encrypting disorderly can both reach one-time pad.The network ID authentication product of this technology manufacturing can be used for fields such as government department, bank, security, insurance and other business web sites.
Background technology:
At present, the network ID authentication product of some information security manufacturers produce all is to adopt the mode of contrast user number and password to realize authentication both at home and abroad, this identification authentication mode is very dangerous, because, what transmit to the circuit of network server end at user side is " bright information ", " bright information " that " hacker " can steal on the circuit enters server, simultaneously, the user password word is shorter, password is made up of 6~10 bit digital, and most of user generally seldom changes for convenience, and this provides the advantage that breaks through webserver guard system also for " hacker ".In addition, brought into use the authentication of CA pattern in the world in recent years, this technology is based on the network ID authentication of asymmetric cryptosystem, not only the ca authentication center to be set up, also certificate management center and KMC etc., the system management complexity of this technology will be set up, daily key distribution is loaded down with trivial details, system sets up and has high input, and especially also will hand over service charge every year, causes the universal difficulty of this technology bigger.
Summary of the invention:
The present networks identity identifying method adopts computer, information coding and network technology to design the cipher machine of a pair of identical establishment, places subscriber computer end and network server end respectively, by comparing the random number that the two ends cipher machine generates, realizes authentication.All processes realizes that by soft, combination of hardware mode or pure software mode concrete grammar is as follows:
1, the random number of this identity identifying method is generated by cipher machine, and it is all different to satisfy the random number of at every turn encrypting generation, and the length of random number is L, is made up of numeral or English alphabet, and wherein: L=20~30, variable quantity is: 10 20~10 30Or 26 20~26 30
2, cipher machine uses two kinds of key cryptosystems, that is: user key UK and basic key BK, and UK is made up of 6~10 numerals, user oneself setting, and replaceable, simultaneously, on the webserver, to put on record, its variable quantity is 10 6~10 10BK is made up of 50~60 numerals or English alphabet, and its variable quantity is 10 50~10 60Or 26 50~26 60, in cipher machine, fixedly deposit 10 groups of different BK element B K Ij(wherein: i=0~9, j=0~9), BK IjBe made up of 5~6 bit digital or English alphabet, every group has 10 different Bk IjElement during encryption, is got one according to the index sign indicating number respectively from these 10 groups of BK elements, form a BK for totally 10.
3, cipher machine uses basic key index sign indicating number to choose BK, and its index sign indicating number is made up of 10 numerals, and variable quantity is 10 10, the index sign indicating number is a public information, is produced at random by cipher machine when encrypting, that is: K at every turn 0K 1K 9Select BK, its method is, in these 10 numerals of index sign indicating number, and the corresponding Bk of N bit digital IjIn N group Bk Ij(wherein: N=0~9, i=0~9, j=0~9), each digital numerical value M is to organizing Bk IjFigure place M, wherein: M=0~9, that is: the BK that is selected is: BK 0 K 0 BK 1 K 1 . . . BK 9 K 9 .
4, user number is to be set by the webserver, and the user and the webserver are put on record respectively, and are public information.
5, the user side cipher machine with basic key BK and user key UK in conjunction with (comparing UK with BK falls short of as the cipher machine initial state, repeating 5~10 times uses), generate random number by encrypting the random logical circuit of system, and the index sign indicating number of itself and user number and basic key BK together passed to the webserver, the server end cipher machine takes out user key UK and basic key BK by the index sign indicating number of user number and basic key BK, and in conjunction with (comparing UK with BK falls short of as the initial state of cipher machine, repeating 5~10 times uses), generate random number by the random logical circuit of deciphering system, again the random number in two ends is compared, if identical then be validated user, otherwise, be the disabled user.
Description of drawings:
Fig. 1: the system of encrypting is disorderly carried out flow for authenticating ID figure
Fig. 2: the random flow chart of user side password encryption system
Fig. 3: the random flow chart of server end password to decipher system
Embodiment:
Performing step below in conjunction with the description of drawings identity identifying method:
Fig. 1: illustrate that subscriber computer utilizes the cipher machine of this end to encrypt system disorderly, give the webserver by Network Transmission in the lump with index sign indicating number and the random number of user number, basic key BK, the cipher machine of the webserver by this end with same secret key decryption system disorderly compares the random number of two ends generation and realizes authentication.
Fig. 2: cipher machine that subscriber computer controls this end random system of system with user key UK input cipher machine is described, and produce the index sign indicating number of basic key BK immediately by encryption control system, select BK by the index sign indicating number again, with its random system of input system, UK and BK in conjunction with generating initial state, produce random number L through the random logical circuit of system in the random system of system 1, BK index sign indicating number and random number L that subscriber computer produces user number, cipher machine 1Give the webserver by Network Transmission in the lump.
Fig. 3: receive the information that request that the user sends lands (that is: the index sign indicating number of user number, basic key BK, random number L at the webserver 1) after, control the cipher machine of this end its information is verified, at first the user key UK that backs up in the user number corresponding server is taken out, and the decryption system by cipher machine, the BK of basic key index sign indicating number correspondence is selected, again both are sent into the random system of system and generate random number L 2, at last to random number L 1With random number L 2Compare, determine whether to be validated user, if L 1Equal L 2Explanation is a validated user, then lands success, otherwise, land failure.

Claims (4)

1, adopting the system of encryption to act foolishly and realize the method for network ID authentication, is to utilize computer, information coding and network technology to realize that implementation step is as follows:
Form encrypted component or use software with feedback shift register and gate circuit, design a pair of identical cipher machine and place subscriber computer and webserver two ends respectively, subscriber computer is encrypted system disorderly with this end cipher machine, give the webserver by Network Transmission in the lump with the random number that generates, index sign indicating number and the user number of basic key BK, the cipher machine that server will be held with identical secret key decryption system disorderly, again the random number of random number that generates and user side transmission is compared, identical then is validated user, otherwise, be the disabled user.
2, require described network authentication method according to right 1, it is characterized in that:
The subscriber computer end to the random number in the network server end transmission information be by the user side cipher machine by user key UK and basic key BK in conjunction with initial state as the cipher machine feedback shift register, generate through the random logical circuit of the system of encrypting, random number is made up of L numeral or English alphabet, wherein: L=20~30, variable quantity are 10 20~10 30Or 26 20~26 30
3, require described network authentication method according to right 1, it is characterized in that:
After the webserver receives the index sign indicating number and random number of user number that the subscriber computer end sends, basic key BK, the user key UK that has backed up in server of user number correspondence is taken out, and use the cipher machine of this end to select BK according to the index sign indicating number, both are in conjunction with the initial state as this end cipher machine feedback shift register, generate random number through the random logical circuit of deciphering system, the random number that its length and the user side cipher machine that receives generate is with long.
4, require described network authentication method according to right 1, it is characterized in that:
(1) the user key UK of cipher machine is made up of U numeral, and wherein: U=6~10, variable quantity are 10 6~10 10, compare user key UK with basic key BK and fall short of, repeat 5~10 times and use;
(2) the basic key BK of cipher machine is made up of B numeral or English alphabet, and wherein: B=50~60, variable quantity are 10 50~10 60Or 26 50~26 60, the cipher machine internal fixation is deposited 10 groups of different BK element B K Ij, wherein: BK IjForm i=0~9, j=0~9, every group of totally 10 different Bk by 5~6 numerals or English alphabet Ij, when encrypting, from 10 groups of Bk at every turn IjIn respectively get 1, totally 10 Bk IjForm a BK, participate in the system of encrypting disorderly;
(3) the index sign indicating number of the basic key BK of cipher machine is made up of 10 bit digital, that is: K 0K 1K 9, variable quantity is 10 10, produce at random by encryption system, be used to select Bk IjForm BK, its method is, in these 10 numerals of index sign indicating number, and the corresponding Bk of N bit digital IjIn N group Bk Ij, wherein: N=0~9, i=0~9, j=0~9, each digital numerical value M is to organizing Bk IjFigure place M, wherein: M=0~9 that is: are selected BK and are: BK 0 K 0 BK 1 K 1 . . . BK 9 K 9 .
CNB021002908A 2002-01-18 2002-01-18 Method for realizing network accreditation by encipher clobber generating Expired - Fee Related CN1142654C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB021002908A CN1142654C (en) 2002-01-18 2002-01-18 Method for realizing network accreditation by encipher clobber generating

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB021002908A CN1142654C (en) 2002-01-18 2002-01-18 Method for realizing network accreditation by encipher clobber generating

Publications (2)

Publication Number Publication Date
CN1359210A CN1359210A (en) 2002-07-17
CN1142654C true CN1142654C (en) 2004-03-17

Family

ID=4739285

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB021002908A Expired - Fee Related CN1142654C (en) 2002-01-18 2002-01-18 Method for realizing network accreditation by encipher clobber generating

Country Status (1)

Country Link
CN (1) CN1142654C (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20150064647A (en) * 2013-12-03 2015-06-11 삼성전자주식회사 Method for protecting contents and terminal for providing contents protection function

Also Published As

Publication number Publication date
CN1359210A (en) 2002-07-17

Similar Documents

Publication Publication Date Title
CN100432889C (en) System and method providing disconnected authentication
CN111555872B (en) Communication data processing method, device, computer system and storage medium
US20040101142A1 (en) Method and system for an integrated protection system of data distributed processing in computer networks and system for carrying out said method
EP2361462B1 (en) Method for generating an encryption/decryption key
KR20200012845A (en) Progressive Key Encryption Algorithm
CN1659821A (en) Method for secure data exchange between two devices
WO2001039429A1 (en) Integrity check values (icv) based on pseudorandom binary matrices
CN1864364A (en) Security token
WO1999059286A1 (en) Private key validity and validation
CN101399666A (en) Safety control method and system for digital certificate of file
CN110224812A (en) A kind of method and equipment that the electronic signature mobile client calculated based on Secure is communicated with Collaboration Server
CN103427987A (en) Data encryption method, data verification method and electronic device
CN109756893A (en) A kind of intelligent perception Internet of Things anonymous authentication method based on chaotic maps
CN1516388A (en) Network accreditation method based no symmetric cryptosystem
WO2001084766A2 (en) System and method for encryption using transparent keys
CN109218013A (en) Cover the binary data communication encryption method on plaintext symbol boundary
Shoukat et al. A survey about latest trends and research issues of cryptographic elements
CN100431297C (en) Method for preventing user's pin from illegal use by double verification protocol
CN1142654C (en) Method for realizing network accreditation by encipher clobber generating
CN1949196A (en) Method, device and system for storage data in portable device safely
Rajasekar et al. Introduction to Classical Cryptography
Elganzoury et al. A new secure one-time password algorithm for mobile applications
CN109787773B (en) Anti-quantum computation signcryption method and system based on private key pool and Elgamal
WO2002011359A9 (en) Method of encryption
CN114244509A (en) Method for carrying out SM2 one-time pad bidirectional authentication unlocking by using mobile terminal

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
DD01 Delivery of document by public notice

Addressee: Hu Xiangyi

Document name: Notification to Pay the Fees

DD01 Delivery of document by public notice

Addressee: Hu Xiangyi

Document name: Notification of Termination of Patent Right

DD01 Delivery of document by public notice

Addressee: Hu Xiangyi

Document name: Notification of Decision on Request for Restoration of Right

DD01 Delivery of document by public notice

Addressee: Hu Xiangyi

Document name: Review of business letter

EE01 Entry into force of recordation of patent licensing contract

Assignee: Beijing jin'aobo Digital Information Technology Co., Ltd.

Assignor: Hu Xiangyi

Contract record no.: 2012990000025

Denomination of invention: Method for realizing network accreditation by encipher clobber generating

Granted publication date: 20040317

License type: Exclusive License

Open date: 20020717

Record date: 20120120

DD01 Delivery of document by public notice

Addressee: Hu Xiangyi

Document name: Notification to Pay the Fees

DD01 Delivery of document by public notice

Addressee: Hu Xiangyi

Document name: Notification of Termination of Patent Right

C17 Cessation of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20040317

Termination date: 20130118