CN1870497A - Once hidden password without peeping and generation algorithm of identification character: hide-and-seek - Google Patents
Once hidden password without peeping and generation algorithm of identification character: hide-and-seek Download PDFInfo
- Publication number
- CN1870497A CN1870497A CN 200510026060 CN200510026060A CN1870497A CN 1870497 A CN1870497 A CN 1870497A CN 200510026060 CN200510026060 CN 200510026060 CN 200510026060 A CN200510026060 A CN 200510026060A CN 1870497 A CN1870497 A CN 1870497A
- Authority
- CN
- China
- Prior art keywords
- password
- user identifier
- outside
- annexation
- internal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
This invention relates to an authentication process system for password and user ID of the security system, which is a generation method of hide-and-seek for hidden passwords and ID used once composed of three parts: outside password or user ID, internal password or user ID and the relation function of the two f(x), in which, the outside part is composed of specific images, pictures and randomly generated character strings related to the positions on the display screen to build up authentication input character strings.
Description
Technical field
The present invention relates to the password of security system and privacy lock and the authentication processing system of user identifier, is the generating algorithm of a kind of authentication with password (password) and user identifier (ID).Have disposable use, used the stealth hide-and-seek formula password promptly lost and the feature of user identifier, especially have and in face of other people, openly and legally directly to enter password or user identifier, needn't worry to be spied upon and the characteristics of divulging a secret by other people.
" hide-and-seek " is a kind of authenticate password that can be applicable to various security systems and privacy lock of novelty and the generating algorithm of user identifier.
Background technology
Verification System and certificate scheme or algorithm that operational security system of many kinds and privacy lock are arranged at present.
As everyone knows, existing the simplest, be widely used most, be to use password and the user identifier security certification system of (character strings such as letter and number by English or other civilian kinds are formed).This system needs the user to import oneself user identifier and password symbol string when authentication.The process of input user identifier and password is the easiest being spied upon by other people and cause stealing secret information and decrypted.Just be close at ATM as Citibank NA and post up a placard, other people spy upon password that the user imports etc. to warn the user who is withdrawing the money to note the criminal of preventing.
In addition, utilize the RM of mechanical part, as dispose the security certification system such as the magnetic card of similar key function, the Verification System of usb key etc. because have tangible key, is easy to lose for the user, keeping inconvenience.Just in case lose,, easily understood and stolen secret information as untimely change password.
The common ground of above-mentioned two kinds of Verification Systems is that user identifier and password are changeless, and the user can repeatedly use same user identifier and password.Therefore, the user identifier of such fixed and password are very easily to decipher because of being stolen.For this reason, people change the password of oneself continually and set, in the hope of maintaining secrecy.But user identifier can't as password that works optionally the change, the danger that is stolen still exists.In general, present most user's use is formed with character strings such as English (or other literary compositions are planted) letter and numbers, and changeless user identifier is easy to be spied upon by other people and cause being stolen secret information.
The 3rd, utilize biological RM, such as fingerprint, palmmprint, the iris on eyeground and retina, vocal print etc., they all have and are difficult for forgeing or losing, and anti-counterfeiting performance is good, is difficult for forging or stolen, really reaches and can " with oneself " carry.But these security certification systems have higher specification requirement for relevant technical equipment, and cost is also high, promote to be difficult for.And after having used biological recognition methods, non-can't the authentication to many permissions in person brought inconvenience by the system that the agent authenticates.
Summary of the invention
In order to overcome the weak point of existing security certification system, hide-and-seek algorithm of the present invention is based on the disguised and human identification of human psychology activity, memory capability and mode, with internal password or user identifier, outside password or user identifier and both annexations, this three aspect organically combines, and has founded the generating algorithm of a kind of authentication that is used for various security systems and privacy lock of novelty with password or user identifier: " hide-and-seek ".
Internal password or user identifier are to be hidden in image, among the objects such as photo or location place.Internal password or user identifier are real password or user identifier.Outside password or user identifier are with the input medium that solves internal password or user identifier.Outside password or user identifier are that basis is presented at specific image, and character string sequences such as the English that generates at random on the objects such as photo or location place (or other literary compositions are planted) letter and number are formed.A kind of annexation is arranged between inside and outside password or the user identifier, and can with computing function f (x) relation of simple corresponding relation (as having or not of, object ordering) or general meaning (as, the conversion of using character boundary to write, the computing function of narrow sense) define.
The present invention is owing to the algorithm that constitutes password or user identifier character string sequence is all remembered in user's brain, and it is each all relevant with random number as the character string sequence of importing usefulness, just it is discardable having produced with crossing, and the objective effect that other people steal a glance at is not afraid of in disposable use.
The present invention is the basic principle according to password or user identifier, password or user identifier is divided into three following parts: internal password or user identifier; Outside password or user identifier; Annexation between inside and outside password or the user identifier.
Internal password or user identifier are used specific image, objects such as photo or location place.The effect of internal password or user identifier is to be used for setting real password or user identifier.
Outside password or user identifier are by being presented at specific image, and character string sequences such as English at random (or other literary compositions are planted) letter and number on the objects such as photo or location place are formed.The effect of outside password or user identifier is the input medium of internal password or user identifier.
Between inside and outside password or the user identifier annexation is arranged.This annexation can be simple corresponding relation, as having or not of the ordering between the object etc.; Also can add computing function f (x) in the annexation.The definition of computing function f (x) is general meaning, comprises the computing function relation of narrow sense, and the transformation relation on letter symbol is handled is as the capital and small letter conversion of English alphabet.Generate disposable outside password or user identifier according to the annexation that configures in advance and internal password or user identifier.
The decrypted probability of the present invention is relevant with following factors.
A) what of character kind are the character string sequence length that generates at random of input usefulness use;
B) as the image of internal password or user identifier, the number of objects such as photo or location place;
C) be used for screening the camouflage image of internal password or user identifier, the number of objects such as photo or location place;
D) character string and the image that generates at random, the time that objects such as photo or location place are shown simultaneously;
E) annexation between inside and outside password or the user identifier, as having or not of the ordering of object, the complexity that has that it's too late of computing function f (x).
Can adjust above-mentioned factors according to the needs of the height of confidentiality degree.
Final input need be through handling ordering and annexation as the object of internal password or user identifier with the formation of password or user identifier character string sequence.And object ordering and annexation processing exist with ... the user and set in advance.Annexation between internal password or user identifier and inside and outside password or the user identifier is all remembered among user's brain.The present invention has successfully strengthened randomness, anti-spying upon, and the ability of confidentiality reaches simple, low cost, general and function that dual-purpose is strong.
" hide-and-seek " of the present invention algorithm is based on disguised and human identification, memory capability and the mode thereof of human psychology activity.Internal password or user identifier are to confirm by the user is middle at heart.Outside password or User Recognition symbol are according to internal password or user identifier, have the character string of annexation and generation at random to constitute between inside and outside password or the user identifier.And the generation of outside password or user identifier is also calculated in the heart by the user and is constituted.Disposable use password of the present invention and user identifier are hidden dexterously really password or the annexation between user identifier and inside and outside password or the user identifier, and success has realized simply that again difficult quilt separates brokenly, is not afraid of the disposable password and the user identifier of being spied upon.
The RM that the present invention is based on human brain thinking has its following feature:
1) with specific image, objects such as photo or location place are as internal password or user identifier.The effect of internal password or user identifier is to be used for setting real password or user identifier.
2) outside password or user identifier are by being presented at specific image, and character string sequences such as English at random (or other literary compositions are planted) letter and number on the objects such as photo or location place are formed.The effect of outside password or user identifier is the input medium of internal password or user identifier.
3) between inside and outside password or the user identifier annexation is arranged.This annexation can be simple corresponding relation, as having or not of the ordering between the object etc.; Also can add computing function f (x) in the annexation.The definition of computing function f (x) is general meaning, comprises the computing function relation of narrow sense, and the transformation relation on letter symbol is handled is as the capital and small letter conversion of English alphabet.Generate disposable outside password or user identifier according to the annexation that configures in advance and internal password or user identifier.
4) the decrypted probability of the present invention is relevant with following factors.
A) what of character kind are the character string sequence length that generates at random of input usefulness use;
B) as the image of internal password or user identifier, the number of objects such as photo or location place;
C) be used for screening the camouflage image of internal password or user identifier, the number of objects such as photo or location place;
D) character string and the image that generates at random, the time that objects such as photo or location place are shown simultaneously;
E) annexation between inside and outside password or the user identifier, as having or not of the ordering of object, the complexity that has that it's too late of computing function f (x).
Can adjust above-mentioned factors according to the needs of the height of confidentiality degree.
5) " hide-and-seek " of the present invention algorithm is based on disguised and human identification, memory capability and the mode thereof of human psychology activity.Internal password or user identifier are to confirm by the user is middle at heart.Outside password or User Recognition symbol are according to internal password or user identifier, have the character string of annexation and generation at random to constitute between inside and outside password or the user identifier.And the generation of outside password or user identifier is also calculated in the heart by the user and is constituted.
Password or user identifier really that disposable use password of the present invention and user identifier are hidden dexterously
And the annexation between inside and outside password or the user identifier, and success realized simply that again difficult quilt separates brokenly, is not afraid of the disposable password and the user identifier of being spied upon.
Description of drawings
The present invention is further described below in conjunction with drawings and Examples.With the password is example, and user identifier can be adopted to use the same method and be handled.
Fig. 1 is the setting picture of internal password of the present invention.
Fig. 2 is the setting picture of the annexation of outside password (aware password) and internal password (unaware password).
Fig. 3 is in the standby, all pictures that move at random that show on the display screen.
Fig. 4 is the generation picture of authenticate password.
Fig. 5 is the picture of password authentication.
Embodiment
The meaning of " 7:8:10 " is with the 7th, 8 among Fig. 1, and the image of 10 sequence numbers is defined as relevant with internal password, is used for the authentication of password, and formally registers on record.
It among Fig. 2 the setting picture of the annexation of outside password (aware password) and internal password (unaware password).
A. " calculate (Func) " this be set at " 0 " and mean the calculating of not carrying out any relevant annexation, directly with on the display screen the shown the 7th, the random character string sequence of 10,8 sequence number images is as the raw material of the input character string sequence of constructing outside password.
B. " order of image (Order) " this is set at " 1; 7:10:8 ", mean that by the 7th, 8 the image sequence of 10 sequence numbers is constructed the input character string sequence of outside password.
C. " attribute (Express) of expression character "." A0:0A " means when setting outside password, is that an English alphabet adds a numerical character or a numerical character adds an English alphabet.
Among Fig. 3, mixed in together as effective image and other camouflage images of internal password, in the mode of random site, dynamically be displayed on to show and shield.
Among Fig. 4, the word length that every width of cloth image is endowed to produce at random is the English numeric string of 2 (this example is 2).According to setting in advance, these images that are used (this example is 9 pieces), and the shown position of image are all pressed mode at random in the process of authentication, be configured on the display screen.
The internal password that the user sets according to oneself in advance (specific image, specific annexations such as image sequence) is sought out these objects and is reached and 2 the character string that is presented on these objects in all figure that dynamically show.According to setting in advance, the user need not carry out any function calculation, by setting image sequence, generates in the heart and confesses that card gets final product with the disposable outside password of input.
Among Fig. 5, the user will generate the outside password of using for current authentication: i6c77B in the heart, be input to appointed positions and wait for authentication processing.If the authentication processing failure will turn back to Fig. 3.
As Fig. 3, on display screen, show new all pictures.
Claims (5)
1. the present invention is the basic principle according to password or user identifier, password or user identifier is divided into three following parts: internal password or user identifier; Outside password or user identifier; Annexation between inside and outside password or the user identifier.The present invention has founded a kind of authenticate password of various security systems and privacy lock and generating algorithm of user identifier of being widely used in.That is the generating algorithm of disposable implicit form password (password) and user identifier (ID): " hide-and-seek " algorithm.
Its feature 1 is: with specific image, objects such as photo or location place are as internal password or user identifier.The effect of internal password or user identifier is to be used for setting real password or user identifier.
Its feature 2 is: outside password or user identifier are by being presented at specific image, and character string sequences such as English at random (or other literary compositions are planted) letter and number on the objects such as photo or location place are formed.The effect of outside password or user identifier is the input medium of internal password or user identifier.
Its feature 3 is: between inside and outside password or the user identifier annexation is arranged.This annexation can be simple corresponding relation, as having or not of the ordering between the object etc.; Also can add computing function f (x) in the annexation.The definition of computing function f (x) is general meaning, comprises the computing function relation of narrow sense, and the transformation relation on letter symbol is handled is as the capital and small letter conversion of English alphabet.Generate disposable outside password or user identifier according to the annexation that configures in advance and internal password or user identifier.
Its feature 4 is: the decrypted probability of the present invention is relevant with following factors.
A) what of character kind are the character string sequence length that generates at random of input usefulness use;
B) as the image of internal password or user identifier, the number of objects such as photo or location place;
C) be used for screening the camouflage image of internal password or user identifier, the number of objects such as photo or location place;
D) character string and the image that generates at random, the time that objects such as photo or location place are shown simultaneously;
E) annexation between inside and outside password or the user identifier, as having or not of the ordering of object, the complexity that has that it's too late of computing function f (x).
Can adjust above-mentioned factors according to the needs of the height of confidentiality degree.
Its feature 5 is: " hide-and-seek " of the present invention algorithm is based on disguised and human identification, memory capability and the mode thereof of human psychology activity.Internal password or user identifier are to confirm by the user is middle at heart.Outside password or User Recognition symbol are according to internal password or user identifier, and annexation between inside and outside password or the user identifier and the character string that produces at random constitute.And the generation of outside password or user identifier is also calculated in the heart by the user and is constituted.Disposable use password of the present invention and user identifier are hidden dexterously really password or the annexation between user identifier and inside and outside password or the user identifier, and success has realized simply that again difficult quilt separates brokenly, is not afraid of the disposable password and the user identifier of being spied upon.
2. the generating algorithm of password according to claim 1 or user identifier, image, objects such as photo or location place, mode is arranged arbitrarily in the process of authentication.The number of object; Number as the object of password or user identifier; The collocation form of object moves and time of staying etc., all can set as required.
3. the generating algorithm of password according to claim 1 or user identifier is characterized in that: internal password or user identifier are real password or user identifier.Internal password or user identifier are to be hidden in image, among the objects such as photo or location place; Outside password or user identifier are with the input mode that solves internal password or user identifier.Outside password or user identifier are to generate according to being presented at as character string that generates at random on internal password or the user identifier object and the annexation between inside and outside password or the user identifier.The present invention does not limit the character kind of use and the length of character string.
4. the generating algorithm of password according to claim 1 or user identifier, the user is at all images that dynamically show, seek out related object thing in the object such as photo or location place, and extract the corresponding random string of these objects out as own internal password or user identifier.The user generates the disposable outside password or the user identifier that can supply current authentication to use in the heart again according to inside and outside password of setting or the annexation between the user identifier in advance.
5. the generating algorithm of password according to claim 1 or user identifier, the annexation between inside and outside password or the user identifier comprises following factors:
A) ordering of object has or not;
B) annexation between inside and outside password or the user identifier.
When the computing function f of one of annexation between inside and outside password or the user identifier (x) was 0, the connection between expression inside and outside password or the user identifier need not calculated.According to having or not of random string on the object that is presented at internal password or user identifier and ordering, outside password or user identifier can be generated.This is the simplest a kind of of annexation.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200510026060 CN1870497A (en) | 2005-05-23 | 2005-05-23 | Once hidden password without peeping and generation algorithm of identification character: hide-and-seek |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200510026060 CN1870497A (en) | 2005-05-23 | 2005-05-23 | Once hidden password without peeping and generation algorithm of identification character: hide-and-seek |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN1870497A true CN1870497A (en) | 2006-11-29 |
Family
ID=37444056
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200510026060 Pending CN1870497A (en) | 2005-05-23 | 2005-05-23 | Once hidden password without peeping and generation algorithm of identification character: hide-and-seek |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1870497A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8392975B1 (en) * | 2008-05-29 | 2013-03-05 | Google Inc. | Method and system for image-based user authentication |
-
2005
- 2005-05-23 CN CN 200510026060 patent/CN1870497A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8392975B1 (en) * | 2008-05-29 | 2013-03-05 | Google Inc. | Method and system for image-based user authentication |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Yang et al. | Biometrics for internet-of-things security: A review | |
| Jain et al. | Biometrics: Trust, but verify | |
| US10572648B2 (en) | Fraud resistant passcode entry system | |
| Weiss et al. | PassShapes: utilizing stroke based authentication to increase password memorability | |
| Kim et al. | CCTV video processing metadata security scheme using character order preserving-transformation in the emerging multimedia | |
| US6957341B2 (en) | Method and system for secure computational outsourcing and disguise | |
| Chavan et al. | Signature based authentication using contrast enhanced hierarchical visual cryptography | |
| Yang et al. | A cancelable iris-and steganography-based user authentication system for the internet of things | |
| Lin et al. | Graphical passwords using images with random tracks of geometric shapes | |
| Ye et al. | A feedback chaotic image encryption scheme based on both bit-level and pixel-level | |
| Gandhi et al. | Study on security of online voting system using biometrics and steganography | |
| Mohammed et al. | Efficient and flexible multi-factor authentication protocol based on fuzzy extractor of administrator’s fingerprint and smart mobile device | |
| CN107231240A (en) | A kind of higher dual identity recognition methods of security | |
| Renaud | A visuo-biometric authentication mechanism for older users | |
| Rao et al. | Fingerprint based authentication application using visual cryptography methods (improved id card) | |
| Chiu et al. | Authentication with what you see and remember in the internet of things | |
| Manisha et al. | CBRC: a novel approach for cancelable biometric template generation using random permutation and Chinese Remainder Theorem | |
| Patel et al. | Survey on Graphical Password Authentication System | |
| Alhumyani et al. | Efficient generation of cancelable face templates based on quantum image Hilbert permutation | |
| Ghouzali et al. | Cancelable multimodal biometrics based on chaotic maps | |
| CN1870497A (en) | Once hidden password without peeping and generation algorithm of identification character: hide-and-seek | |
| CN110516425A (en) | A kind of privacy sharing method and system | |
| Elngar et al. | Data protection and privacy in healthcare: research and innovations | |
| Huang et al. | Intellectual property protection for FPGA designs using the public key cryptography | |
| Chergui et al. | Can a chaos system provide secure communication over insecure networks?—Online automatic teller machine services as a case study |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |