CN117370965A - Password-based unlocking security enhancement scheme - Google Patents

Password-based unlocking security enhancement scheme Download PDF

Info

Publication number
CN117370965A
CN117370965A CN202310895612.0A CN202310895612A CN117370965A CN 117370965 A CN117370965 A CN 117370965A CN 202310895612 A CN202310895612 A CN 202310895612A CN 117370965 A CN117370965 A CN 117370965A
Authority
CN
China
Prior art keywords
unlocking
password
scheme
user
digital
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310895612.0A
Other languages
Chinese (zh)
Inventor
刘兆恒
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN202310895612.0A priority Critical patent/CN117370965A/en
Publication of CN117370965A publication Critical patent/CN117370965A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • User Interface Of Digital Computer (AREA)

Abstract

The current screen unlocking scheme mainly comprises a digital password unlocking scheme and a drawing unlocking scheme. Both of these schemes present a significant safety hazard. If someone peeps sideways or the camera is peeped, the password is easily exposed. The fingerprint unlocking, the face recognition and the like generally have higher requirements on hardware and algorithms, and still have the problem of information security. The invention provides a Security-Enhanced (SE) Security Enhanced scheme for screen locking, which provides a screen locking scheme based on a password for unlocking and gesture drawing unlocking respectively, wherein the password for unlocking only exists in the brain of a user. When someone peeps the unlocking process of the user, even if the whole unlocking process of the user is completely seen, the screen locking password still cannot be obtained.

Description

Password-based unlocking security enhancement scheme
Technical Field
The invention relates to the technical field of computers, in particular to various intelligent devices, including but not limited to touch screen mobile devices.
Background
Lock screen refers to a security function that is enabled on a computer, mobile device, or other electronic device to prevent unauthorized access and operation. When the device locks the screen, the user must perform authentication to unlock and gain access to the device and its contents.
The main current screen locking schemes are digital password unlocking and drawing unlocking schemes. The digital password unlocking means that a user inputs a preset digital password on the device to unlock. The drawing unlocking scheme refers to a screen locking mode in which a specific pattern is drawn on a screen of a device by using a finger to unlock the device. Both schemes have a great potential safety hazard in information security.
Besides the two screen locking schemes, fingerprint unlocking, face recognition and the like are also common screen locking schemes at present. These methods generally have higher requirements on hardware and algorithms, and still have the problem of information security.
Disclosure of Invention
The patent provides a decoding method based on a password, wherein the password consists of a password and a plain code. And randomly generating a plain code during decoding, and dynamically generating an actual password based on the combination of a preset password and the plain code to perform decoding.
Meanwhile, the patent provides a security enhancement scheme for digital coded screen locking and gesture drawing screen locking schemes of the current mainstream based on a password method. Even if someone peeps all the unlocking processes of the user from the side, the screen locking password still cannot be obtained. And the unlocking mode is efficient and concise, and is convenient for the user to operate. This scheme is called a SE (Security-Enhanced) Security enhancement scheme for lock screens.
The main idea of the SE screen locking scheme is to hide the unlocking password in a password mode. The screen locking passwords displayed each time are randomly generated, and if a peeper only sees a certain unlocking password, the screen locking passwords generated next time are different, so that the peeper cannot unlock by using the current password next time. Only by combining the randomly generated plain code with the secret code, the actual unlocking password can be obtained. Specific embodiments are described below.
Aiming at the unlocking of the digital password, the patent is realized by combining a table and digital calculation and two passwords. The invention realizes the simple demo of a digital password unlocking scheme. Each demo contains two parts, one is a password setting interface and the other is an unlocking interface for display.
As in fig. 1, is a password setup interface of the demo. The top half of the figure is a table in which numbers are randomly generated each time the lock is unlocked. The actual password is a randomly generated value in the bit each time the lock is unlocked, bearing in mind a particular location in the table. The lower part of the figure is a digital formula generator, and a user can design a formula secret code according to own wish. X in the formula generator is a randomly generated plain code in the upper half part, when unlocking, the randomly generated number is put into the formula for calculation, and the generated result is the final unlocking password.
FIG. 2 is an unlocking interface of the demo, wherein the upper half of the diagram is a digital table, and the numbers in the table are randomly generated. The user can find the actual plain code according to the self-set position. And carrying the unlocking password into a formula to calculate the actual final unlocking password. The digital nine-square lattice at the lower half part is the area for inputting the password by the user, and the unlocking mode is consistent with the traditional digital unlocking mode. ( In the final commercial version, the form of the digital table is not constrained by rectangular tables. For example, from the viewpoint of interface beautification, the theme can be set, and the form and the background of the table can be combined, so long as the table can be positioned, for example, a plurality of password areas are distributed at four corners of the interface, as shown in fig. 3. )
Aiming at gesture drawing unlocking, the method is realized by combining a conventional gesture drawing password and a randomly generated position password. The invention also aims at the drawing unlocking scheme, and realizes a simple demo.
Fig. 4 and 5 show the password setting interface of the demo. The drawing has a large size requirement on the interface, and is therefore arranged in two interfaces. Illustrated in fig. 4 is a conventional gesture drawing interface on which a user may draw his own unlocking gesture. It should be noted that there is an arrow pattern in the figure in addition to the basic grid. The arrow indicates the drawing direction of the combination and the relative position of the gesture. The position of the arrow in the actual decoding process is randomly generated, and when the screen is unlocked, a plurality of arrows exist in the interface, and a user needs to find the arrow which is actually effective according to the second password, and draw an unlocking gesture according to the direction and the position of the arrow. (there are several confusing false arrows in actual unlocking, the number of arrows user can configure when setting the password.)
A second combination is shown in fig. 5, the interface being similar in style to fig. 4, for assisting the user in finding the actual effective arrow when unlocking. The user can draw the secret code on the interface, and when the user unlocks, only the arrow drawn with the secret code is the arrow which is actually effective.
FIG. 6 is an unlock interface for a gesture plot with a pattern randomly generated along grid lines in addition to the basic grid. The user needs to find the actual effective arrow in the randomly generated pattern according to the arrow, and draw an unlocking gesture unlocking screen. Because the multiple arrows are staggered together, even if the user sees a gesture for unlocking the user, it is difficult to find the relative position of the gesture and the active arrow. I.e. the original plain code becomes the secret code.
Drawings
FIG. 1 is a password setup interface diagram of a digital unlocking scheme
FIG. 2 is an unlocking interface diagram of a digital unlocking scheme
FIG. 3 is a non-rectangular clear area sample graph of a digital unlocking scheme
FIG. 4 is an unlock gesture setup interface diagram of a gesture unlock scheme
FIG. 5 is a password setup interface diagram of a gesture unlocking scheme
FIG. 6 is a random unlock interface diagram of a gesture unlock scheme
FIG. 7 is an illustration of a password setup interface after password setup for a digital unlocking scheme
FIG. 8 is an illustration of an unlocking success for the password of FIG. 7
FIG. 9 is an illustration of a password setting interface after password setting by a gesture unlocking scheme
FIG. 10 is a diagram of gesture settings after password setup for a gesture unlocking scheme
FIG. 11 is an illustration of an unlocking success for the password of FIGS. 9 and 10
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in detail with reference to the accompanying drawings and specific embodiments. The embodiments show a complete set of operation examples for the two unlocking schemes, respectively. In the example, the password is set first, and then the unlocking is performed in the lock screen interface.
For the unlocking of the digital code, fig. 7 corresponds to fig. 1 before, and shows an example of the setting of the digital code interface. In this example, the user has selected the number of the fourth row and the second column in the top half of the table. As shown in the figure, the current value of the position is 15, and the value of the position is randomly generated when the lock is actually unlocked. (the position selected by the user when setting the password is marked with a red frame, and there is no red frame when the user actually unlocks.) the lower half of the graph, the user designs a formula: (x+1) x 2. Currently, the selected value in the table is 15, so that 15 is brought into x in the formula, resulting in the current actual password being 32. (in the logic of this demo, the password calculated by the user-designed formula is rounded down if it is a decimal place.)
Fig. 8 shows an unlocked interface, according to the arrangement in fig. 7, we find the number 3 in the fourth row and the second column of the table, bringing 3 into the previous formula, and the final password is 8. And the unlocking can be correctly performed by inputting 8 into the unlocked nine-grid. ( The unlocking can be realized by inputting the correct value in the demo without an additional confirmation key. In the actual commercial version, whether a confirmation key is needed or not is judged according to the requirement )
For gesture drawing unlocking, fig. 9 corresponds to fig. 4 before, and a password of a gesture unlocking judgment arrow is displayed. As shown, the combination has a small arrow added to the arrow. Fig. 10 corresponds to fig. 5 before, and a gesture password is set in the interface.
FIG. 11 shows the corresponding unlock interface, knowing that the correct arrow is the top right arrow, based on the previously set combination, with the slide gesture in the corresponding position. (it is added that the currently set unlocking gesture uses a simplest straight line, and a slightly complex design is preferable when actually setting.) in a scenario where multiple arrows are staggered, even if a peeper sees the unlocking process of the user, it is difficult to find the correspondence between the gesture and the correct arrow. Meanwhile, we expect that in the formal commercial version, the user can select the number of arrows according to his own setting.
Summarizing, the present patent provides a security enhancement scheme for currently popular digital password unlocking and gesture drawing unlocking schemes, respectively. By setting the password, the safety of user assets and personal information is enhanced, and the information safety problem caused by peeping in the unlocking process of the user is avoided. Meanwhile, because the passwords are randomly generated each time, the problem that the passwords of the user are cracked by a hacker through the exhaustion mode or the passwords are identified through the residual fingerprints on the screen is avoided.
Compared with the traditional digital password unlocking and gesture drawing unlocking scheme, the method and the device enhance safety. Meanwhile, the unlocking mode is simpler than the traditional mode. The traditional digital unlocking generally needs to set at least 6-bit passwords, and each unlocking is troublesome. Conventional gesture unlocking, while unlocking applications are generally not limited, is not typically followed by a too simple password that the user would set. The above aims to prevent the password from being easily broken, but the protection effect is very weak, and only a peeper can be basically prevented from just randomly failing to see the input of the user glance sideways at. If the scheme of this patent is adopted, the user can set up simpler unblock password, and the effect of protection is multiplied simultaneously, has blocked the possibility of peeping from the logic.
Meanwhile, through practical verification, whether the method of calculating a digital formula or finding a password pattern in a graph is adopted, although the method is slightly blocked in the first decoding, the password set by the user is more sensitive after multiple times of decoding, and the actual password is analyzed more quickly.
Compared with fingerprint unlocking, face recognition and the like, the method has lower requirements on hardware. Besides the functions of an operating system, the fingerprint unlocking and the face recognition have additional requirements on hardware and ai algorithm, and the scheme of the patent only needs basic system functions. Meanwhile, fingerprint unlocking and face recognition have security risks according to the prior art, and if a hacker obtains fingerprint information and face data of a user, the fingerprint unlocking and face recognition can be cracked by a hacker means. The unlocking password of the patent only exists in the brain of the user, and can not be cracked as long as the user does not actively speak the password.
However, fingerprint unlocking and face recognition can basically meet the safety requirements for common individual users. After all, the average person does not have a professional hacker to crack the personal information. The pen user considers that, in general, the personal mobile phone computer and the like are better to ensure personal safety by adopting a mode of combining fingerprint unlocking, face recognition and the unlocking scheme of the patent. If the user needs to unlock within five minutes after the screen is locked, a fingerprint unlocking and face recognition scheme is adopted, and after all, the user does not need to input a password. If the unlocking is not performed for more than five minutes, the scheme provided by the patent is needed to be adopted for unlocking.
For special people, if the security information is particularly important, the scheme provided by the patent is preferably directly adopted, and meanwhile, more complicated passwords are set. In addition, in the subsequent commercial version, the unlocking interface can increase the function of refreshing the interface, and the user can unlock through refreshing and selecting the random interface with more confusion.

Claims (8)

1. A decoding scheme based on ciphers is characterized in that a plain code is randomly generated during decoding, and an actual password is dynamically generated based on combination of a preset cipher and a plain code for decoding.
2. Based on the password principle in claim 1, the invention provides an enhancement scheme of the digital lock screen, which is characterized in that safety enhancement is performed on the basis of a traditional digital decoding scheme, and the information leakage risk of a user is reduced.
3. The digital cipher decoding scheme of claim 2 wherein the location-based cipher information is used as a cipher in the randomly generated tabular data.
4. The digital cipher decoding scheme of claim 2, wherein the secret code is a mathematical formula.
5. Based on the password principle in the claim 1, the invention provides an enhanced scheme of gesture screen locking, which is characterized in that safety enhancement is performed on the basis of a traditional digital decoding scheme, and the risk of information leakage of a user is reduced.
6. The gesture passcode decoding scheme of claim 5 wherein passcode patterns are hidden in a grid as passcodes in randomly generated patterns.
7. The gesture passcode decoding scheme of claim 5 wherein the arrows of random position and orientation are generated in the grid as a guide to find passcodes and a guide to draw gestures.
8. A plurality of ciphers are combined together as a decoding condition based on the ciphered principle in claim 1.
CN202310895612.0A 2023-07-20 2023-07-20 Password-based unlocking security enhancement scheme Pending CN117370965A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310895612.0A CN117370965A (en) 2023-07-20 2023-07-20 Password-based unlocking security enhancement scheme

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310895612.0A CN117370965A (en) 2023-07-20 2023-07-20 Password-based unlocking security enhancement scheme

Publications (1)

Publication Number Publication Date
CN117370965A true CN117370965A (en) 2024-01-09

Family

ID=89388111

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310895612.0A Pending CN117370965A (en) 2023-07-20 2023-07-20 Password-based unlocking security enhancement scheme

Country Status (1)

Country Link
CN (1) CN117370965A (en)

Similar Documents

Publication Publication Date Title
Jansen Authenticating mobile device users through image selection
KR101228088B1 (en) System and method for inputing password
EP3304395B1 (en) Encoding methods and systems
JP6435342B2 (en) Touch terminal and password generation method using touch terminal
US20100199100A1 (en) Secure Access by a User to a Resource
CN106407756A (en) Unlocking method and device
Ferbrache Passwords are broken–the future shape of biometrics
Lin et al. Graphical passwords using images with random tracks of geometric shapes
Hoanca et al. Screen oriented technique for reducing the incidence of shoulder surfing.
WO2019137489A1 (en) Password input method, device, and computer-readable storage medium
Salman et al. A graphical PIN entry system with shoulder surfing resistance
Ali et al. Developing and evaluating a gestural and tactile mobile interface to support user authentication
CN117370965A (en) Password-based unlocking security enhancement scheme
KR20130117371A (en) Method to unlock screen and perform secret task by finger tapping for touch screen devices
KR20130126780A (en) A melody based lock and unlock method in mobile terminal
Amruth et al. Android smudge attack prevention techniques
US20170155635A1 (en) Password Generation System and Its Associated Method of Operation
Awang et al. A pattern-based password authentication scheme for minimizing shoulder surfing attack
Rani et al. A Novel Session Password Security Technique using Textual Color and Images
KR102332007B1 (en) System that authenticates users with a character pattern password
US20240095331A1 (en) Apparatus, system and method for secure data entry
Seong Security Analysis of Partially Hidden Password Systems Resistant to Shoulder Surfing Attacks
Jeon et al. An enhanced simple pin input technique resisting shoulder surfing and smudge attacks
KR20210068710A (en) Access to media, information, server, etc. using random number and user algorithm
CN114730336A (en) Improved system and method for secure data entry and authentication

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination