KR100791485B1 - A Voice One Time Password Security Authentication System and Security Authentication Method Thereof - Google Patents

Abstract

The present invention relates to an OTP security authentication system using a voice signal and a method for authenticating the same, using a start button for initiating the generation of a one time password (OTP) at the terminal side, an event counter and time information at the terminal side. Client-side OTP generating means for generating an OTP of the terminal, client-side encryption means for encrypting the generated OTP unidirectionally and bidirectionally, and OTP-to-speech converting means for converting the encrypted OTP into a voice signal; A client side terminal device provided; And an OTP authentication server configured to receive data transmitted from the terminal device, to use voice recognition means, and to compare and determine whether or not it matches a specified OTP. .

Security authentication, one-time password (OTP), one-time password generation (V-OTP) and authentication using voice signal

Description

A Voice One Time Password Security Authentication System and Security Authentication Method Thereof}

1 is a block diagram showing the configuration of a voice-one time password (V-OTP) generating terminal device according to an embodiment of the present invention;

FIG. 2 is a block diagram showing a configuration in which a unidirectional or bidirectional encryption means is added in the configuration example of FIG. 1;

3 is a block diagram showing the configuration of a V-OTP authentication server according to an embodiment of the present invention;

4 is a block diagram showing a configuration in which a client side generating means and a unidirectional or bidirectional encryption means are added in the configuration example of FIG. 3;

5 is a flowchart illustrating a processing process of a V-OTP generation terminal device according to an embodiment of the present invention;

6 is a flowchart illustrating a processing process of a V-OTP server according to an embodiment of the present invention;

FIG. 7 is a block diagram illustrating a compression method of a voice signal used in a general mobile communication system and a VoIP telephone system, and illustrates an example of a CELP series compression method.

8 is a block diagram illustrating a restoration method of a voice signal used in a general mobile communication system and a VoIP telephone system, and shows an example of a CELP series restoration method.

9 illustrates a configuration of formants having less similarity between voice signals according to an embodiment of the present invention.

10 is a block diagram showing a configuration of an OTP-to-speech unit according to an embodiment of the present invention;

11 is a flowchart illustrating processing of an OTP-to-speech unit according to an embodiment of the present invention;

12 is an exemplary view illustrating an acoustic signal used in data input using a conventional acoustic signal and frequency characteristics thereof;

FIG. 13 is a diagram illustrating an example of a voice signal and a frequency characteristic of which channel distortion is minimized by applying a terminal apparatus and a processing method thereof according to an embodiment of the present invention; FIG.

14 is an exemplary view showing an example of a speech signal sequence and a frequency characteristic of which channel distortion is minimized by applying a terminal apparatus and a processing method thereof according to an embodiment of the present invention;

15 is an exemplary diagram illustrating an example of a voice signal sequence and a frequency characteristic passed through a mobile communication network by applying a terminal apparatus and a processing method thereof according to an embodiment of the present invention.

<Description of the symbols for the main parts of the drawings>

100: V-OTP generation terminal device 101: OTP generation means

102: OTP event counter / real time clock 103: OTP-voice conversion means

104: sound source database (DB) 200: V-OTP authentication server

201: audio input and network matching means 203: voice recognition and encryption interpretation means

202: speech segment detection and feature parameter extraction means 205: OTP generating means

204: voice recognition database 206: OTP comparison means

800: OTP-voice conversion unit 801: formant mapping means

802: bandwidth control means 803: cosine conversion means

804: Sound source information 805: Formant information

The present invention relates to an OTP security authentication system using a voice signal and a security authentication method thereof, and more particularly, to an OTP security authentication system using a voice signal applicable to an audio input device / communication network for a remote authentication service and a security authentication method thereof. will be.

Specifically, the present invention relates to the field of security authentication for access and use in various door locks such as computer login, electronic financial transactions, safes and doors. Password (OTP); hereinafter referred to as OTP) It can improve security and improve convenience by improving security weakness due to forgery, information leakage, hacking, etc. It is a method that can be applied to various fields because it has little influence.

In general, OTP is a response corresponding to a challenge value or a current time to provide a remote authentication service based on a challenge / response method, a time synchronization method, and an event synchronization method in a communication terminal device / service requiring high security. The security of the remote authentication service is greatly improved by applying the One Time Password function generated by the funnel and the event value.

(Prior art)

Conventional letter and number output OTP methods are classified into three types: 1) Challenge-Response, 2) Time-Synchronous, and 3) Event-Synchronous.

All of these methods are used to generate a different password every time, so even if the password used once is leaked, the next used password is generated differently. The three methods differ in that the method of synchronizing the OTP generated randomly in the server of the terminal device and the service device, which is carried by the user, is the same.

First, in the challenge response method, when the user inputs a password, the server sends a random number to the user, and when the user inputs the number to the OTP terminal device carrying the number, an OTP number is generated and the input device connected to the server. If you enter it directly, security authentication succeeds and you can get access and permission. That is, since the terminal and the server know each other at random numbers, the OTP can be synchronized. However, this method is inconvenient for the amblyopia or presbyopia who have weak eyesight to enter the number several times, which makes it difficult to process large-capacity on the server side due to the long authentication time. There are disadvantages.

Next, the time synchronization method is a method of synchronizing the OTP using the time information on the condition that the user terminal device and the server knows the same time. However, this method is vulnerable to interception attacks within the synchronization time unit.

In addition, the event synchronization method is a method of synchronizing the OTP using the number of occurrences that are mutually recognized under the condition that the number of occurrences of the OTP by the user is similar to the number received by the server. However, this method has a disadvantage in that the OTP leaked by hacking within the synchronization event unit is likely to be valid.

In addition, there is a method of generating and inputting a password as a sound. Generally, a tone (single tone, DTMF, etc.) without signal attenuation is used. These methods do not have a problem when the system for transmitting the input sound is linear, such as a wired telephone or an amplifier, but has a high loss in a system that compresses, transmits, and restores at high magnification, such as mobile phones and VoIP optimized for voice signals. It was difficult to apply.

The present invention is to solve the above problems of the prior art, a one-time password security using a voice signal to improve the security by having a means for converting the one-time password to voice regardless of the characteristics of the audio input device or communication network It is to provide an authentication system and its security authentication method.

Another object of the present invention is to provide a one-time password security authentication system and method using a voice signal having the function of generating a client-side one-time password and server-side one-time password to determine whether their output value is matched. will be.

In addition, another object of the present invention is a one-time password security authentication system using a voice signal that can significantly reduce the loss due to transmission and restoration in the mobile phone, VoIP, etc., the system for transmitting the input sound is optimized for the transmission of voice signals and It is to provide a method.

OTP security authentication system using a voice signal to achieve the object of the present invention, OTP (One Time Password) of the terminal by using the start button and the terminal event counter and time information to start OTP generation, OTP Client-side OTP generation means for generating a client, client-side encryption means for encrypting the generated OTP unidirectionally and bi-directionally, and OTP-to-speech conversion means for converting the encrypted OTP into a voice signal; With the client side V-OTP generation terminal 100:
Receiving the data transmitted from the V-OTP generation terminal device 100, using voice recognition means, and comparing and determining whether or not match with a specified OTP, and the V-OTP generation terminal Audio input and network matching means (201) for receiving a voice signal transmitted from the apparatus (100) and for matching a communication network; Voice segment detection and feature parameter extracting means (202) for detecting a header of the OTP signal using the speech signal and recording a continuous speech signal to extract feature parameters for speech recognition; Speech recognition is performed using the voice recognition database 204 on the feature parameter of the extracted voice signal, verifies whether there is a transmission error in the received OTP, and analyzes bidirectionally encrypted information in a code string to identify the terminal. Voice recognition and encryption analysis means 203 for outputting information and OTP; An OTP generating means 205 connected to one side of the voice recognition and encryption analysis means and generating a server-side OTP using terminal specific information, server side event counter and time information received from the voice recognition and encryption analysis means; And comparing and comparing the information provided from the voice recognition and encryption analysis means 203 and the server-side OTP generating means 205 within a unit of time and an event, outputting an authentication result, and outputting the result to the main controller. Providing OTP comparison means (206); It can be achieved by including a: V-OTP authentication server 200 having a.

delete

The client-side OTP generating means may be generated directly by the client-side terminal device, but transmits only source information necessary for generating OTP information to reduce the weight of the terminal, and generates the terminal-side OTP by using the server-side OTP. It may be.

Next, the OTP security authentication method using a voice signal to achieve the object of the present invention, the step of pressing the start button to start OTP generation (S 301); When the start button is pressed, receiving the event counter and time information (S 303), generating a client-side OTP that randomly generates letters and numbers (S 302); A data combination step (S 304) of receiving the unique information of the terminal device (S 305) and combining the alphanumeric information and data; An encryption step (S 306) of generating encrypted letters and numbers by performing one-way and two-way encryption to prevent information leakage of the combined data; Generating a transmission data code string by combining an encrypted code string and an error check code using the encrypted character and numeric information (S 307); Synthesizing a speech signal corresponding to each code of the transmission data generated by the transmission data code string, or extracting from a sound source database to perform OTP-to-speech conversion (S 308); And outputting the generated voice signal (S 310). OTP generation method of the client-side terminal using a voice signal comprising:
Waiting for an authentication start command (S401); Detecting a header of the OTP signal using the voice signal (S402); Extracting feature parameters for speech recognition with respect to the provided signal (S 405); Performing speech recognition on the feature parameter of the extracted speech signal using speech recognition DB (S 407) (S 406); Verifying a transmission error for the recognized OTP information (S408); When a transmission error occurs (S 409, No), requesting the user to notify the transmission error and redialing (S 410); If there is no transmission error (S 409, Yes), deciphering bi-directionally encrypted data from the code string to separate terminal unique information and OTP information (S 411); Generating a server-side OTP (S-OTP) using terminal-specific information, server-side time information, and event information provided by the client-side terminal device (S414); Comparing the client-side OTP and the server-side OTP in time and event units (S 412, S415); Notifying the successful authentication when the information matches according to the comparison result (S416); And notifying whether the authentication failure is notified when the comparison result information does not match, and returning to the authentication start step (S417). Authentication server-side OTP security authentication method for receiving the OTP information converted into a voice signal sequence comprising a: performing an authentication procedure can be achieved by including.

delete

In addition, in the OTP security authentication system using the OTP security authentication method using the voice signal, the OTP-to-speech conversion means 800, means for receiving the OTP code and mapping the unique formant information corresponding to each code ( 801); Means (802) for controlling each mapped formant information with an appropriate bandwidth; And cosine converting means 803 for synthesizing the speech in a cosine transform manner as the sound source information is provided; It is preferable to comprise a.

In the OTP generating method of the client terminal using the voice signal, the step of performing OTP-to-speech conversion,
Receiving an OTP code, receiving unique formant information corresponding to each code (S902), and mapping (S901); Controlling each mapped formant information with an appropriate bandwidth (S 903); Synthesizing a speech signal by a signal generating method of a cosine transform using sound source information for one pitch period (S905) (S904 and S906); Outputting the generated voice signal (S907); And repeating the entire step to the end of the OTP code for all OTP codes (S 908). It can be achieved by providing.
In this case, it is preferable to provide a means for generating the same voice signal by synthesizing and storing the voice signal in advance in units of pitches, instead of directly synthesizing it in the terminal device, and then extracting and continuously connecting the voice signals as necessary.

Preferred embodiments of the above-described configuration of the present invention will be described with reference to the drawings.

(Example)

Hereinafter, exemplary embodiments of the present invention will be described with reference to the accompanying drawings.

1 is a block diagram showing the configuration of a V-OTP (Vo-OTP) generation terminal device according to an embodiment of the present invention, Figure 2 is a configuration example of FIG. FIG. 3 is a block diagram illustrating a configuration of a V-OTP authentication server according to an embodiment of the present invention, and FIG. 4 is a configuration of FIG. 3. In the example, it is a block diagram showing a configuration in which a client-side OTP generating means and a unidirectional or bidirectional encryption means are added.

The OTP generation terminal device according to the present invention can be implemented in the form of a mobile terminal or a credit card having an operating system and hardware capable of engineering operation. These hardware must be manufactured in a form that can not be duplicated, and the security can be maintained only when the built-in technology that destroys embedded information is applied.

1 and 2, the V-OTP generation terminal 100 is an improvement of the conventional use of the event counter and real-time time information, respectively, the time and event counter information from the OTP event counter / real time clock 102 OTP generating means (101) having improved security by providing and synchronizing them, encryption means (101a) capable of encrypting the output information of the OTP generating means (101) in both directions and in both directions, and all audio input devices. And OTP-to-speech converting means 103 for converting the OTP data into a signal which can be transmitted regardless of the characteristics of the communication network.

In detail, when the start button is pressed in the V-OTP generating terminal 100, the OTP generating means 101 uses the pressed time information and event information to generate OTP information and a unique terminal generated from a random number generator or a random number table. Generates information (eg, unique number, etc.), and at the output end thereof, one-way and two-way encryption means 101a are installed to have a security means against leakage. The encrypted OTP information is transmitted to the OTP-to-speech means 103. The OTP-to-speech conversion means 103 generates an error check code for the encrypted and inputted OTP information, converts the code into a code sequence, synthesizes a unique voice signal for each code, or extracts a voice signal sequence from the sound source DB 104. After generating the output through the speaker 105.

3 and 4 is an embodiment of the V-OTP authentication server device according to the present invention, the audio input and communication network matching means 201 for matching with a general telephone network (PSTN) or TCP / IP and VoIP system, And a speech section detecting and feature parameter extracting means 202 for detecting a speech section for the signal received from the input device and detecting a required feature parameter, and a speech recognition and encryption analysis means 203. And the output of the encryption interpretation means 203 to the OTP comparison means 206, while the server-side OTP generation means 205 stores the terminal unique information and the server-side time and the information restored by the voice recognition and encryption analysis means. The server-side OTP information generated by using the event information is provided to the OTP comparison means 206, and compared with the client-side information, the authentication is performed on mutual agreement, and the result is output to the main controller. The.

Specifically, the audio signal input from the audio input and communication network matching means 201 is detected by the voice section detection and feature parameter extraction means 202, and if detected, the header of the voice signal is continuously input. After recording voice signals, feature parameters for voice recognition are extracted for these voice signals. Next, the voice recognition and encryption analysis means 203 performs voice recognition on the extracted feature parameters using the voice recognition database (DB) 204, and then checks a transmission error and, if there is no error, bidirectionally The terminal interprets the password and makes the terminal unique information. The terminal specific information is transmitted to the server side OTP generating means 205.

The server-side OTP generating means 205 generates a server-side OTP using the inputted terminal unique information and server-side real-time time and event information, and transmits it to the OTP comparison means 206. The OTP comparison means 206 receives the terminal OTP and the server-side OTP, checks whether there is a match within an event unit and a time unit, and determines that the authentication succeeds when the match is successful and the authentication fails when the mismatch is performed. Send to the master server. In this way, the main control device / main control service constituted a system capable of maintaining high quality security by determining whether to use the device / service according to the authentication success or failure.

In this case, the OTP generating means installed in the V-OTP generating terminal device 100 may be installed in the V-OTP authentication server 200. In this case, the terminal transmits only source information necessary for generating the OTP, and the server side receives the source information. A configuration capable of generating a terminal side OTP is also possible.

This has been achieved by providing a client side OTP generating means 203a at the rear end of the voice recognition and encryption analysis means 203. By doing so, by doing so, the amount of calculation of the terminal device, which is usually portable, can be reduced, thereby making it possible to reduce the weight and convenience of use of the terminal device. Further, a configuration is achieved in which the client-side OTP generating means 203a and the server-side OTP generating means 205 can be comprehensively managed by the server. The configuration of comparing and determining whether the generated information on both sides is matched by the OTP comparison means 206 is as described above.

Next, a security authentication processing process according to an embodiment of the present invention will be described.

First, FIG. 5 is a flowchart illustrating a processing process of a V-OTP generation terminal device according to an embodiment of the present invention, and FIG. 6 illustrates a processing process of a V-OTP authentication server according to an embodiment of the present invention. It is a flow chart.

First, as shown in FIG. 5, in the V-OTP generation terminal device 100, whether the start button is pressed is checked (S301), and when it is pressed, the OTP event counter / RTC (real time information) S303 is used. Randomly generating the OTP information (S302), combining the generated OTP and the terminal unique information to generate a code string (S304), encrypting the combined code string in one-way and two-way (S306), encryption Generating a transmission data code string by combining the code string and the error check code (S307), synthesizing a corresponding voice signal for each code of the transmission data or extracting from a sound source DB (S309) to perform OTP-to-speech conversion; (S308), and outputting the generated voice signal (S310). In this way, a processor capable of generating a randomly generated OTP in a terminal device, converting the signal into a voice, and transmitting the same to the server side is achieved.

Next, as shown in FIG. 6, when receiving an authentication start command from the main controller / main control service (S401), periodically checking whether an OTP (V-OTP) header signal using a voice signal is received (S402). If the V-OTP header signal is detected among the received signals (403), recording a continuous voice signal (S404), extracting feature parameters for the entire voice signal (S405), the voice recognition DB Performing a voice recognition on the extracted feature parameters (S406), checking a transmission error for the recognized code string (S408 to S409), requesting an error notification and retransmission when an error occurs (S407). S410); If there is no error, deciphering the bidirectionally encrypted data in the code sequence to separate the terminal unique information and the OTP information and transferring the terminal unique information to the server side OTP generating means 205 (S414) (S411); Generating a server-side OTP using terminal-specific information and server-side real-time time and event information (S413); Comparing and determining whether the terminal device side OTP and the server side OTP information coincide within a time unit and an event unit (S412 and S415); If there is a match, authentication success notification (S416), if there is a mismatch authentication failure notification (S417) is configured to have a configuration.

Next, a description will be briefly given of a compression and decompression method of a speech signal generally used. 7 and 8 are examples of a method of compressing and restoring a voice signal used in a general mobile communication system and a VoIP telephone system.

Electronic financial transactions using telephones are widely used for their easy accessibility. In particular, as the mobile communication system is developed, it can be used irrespective of time and place, and thus its use is increasing. The mobile communication system uses a method of compressing (approximately, 30 to 40 times) a voice signal at a high rate in a transmitting terminal device to transmit a plurality of subscribers on a limited communication line and restoring the receiving terminal device.

In the mobile communication network, since it is optimized for a voice signal for high-efficiency compression / restore, there is a problem in that loss is increased for other signals. Therefore, when data is to be transmitted by sound, such as a one-time password using a voice signal, it is necessary to use a signal having characteristics similar to the voice signal to maintain a high degree of transmission.

CELP (Code Excited Linear Prediction) series of voice compression / restore method applied to mobile communication system is based on LP (Line Prediction) / LSP (Line Spectrum Pair) analysis and synthesis method. The LP / LSP method is a method suitable for a natural voice signal, and in the case of a tone without attenuation (for example, a DTMF signal, etc.), there is a problem that it is difficult to accurately transmit a signal with low transmission.

When the sound source signal is g (n), the vocal function is h (n), and the spoken voice signal is v (n), the frequency response V (z) of the voiced sound excluding the non-sound can be expressed as Equation 1 below. .

Where ak is the LP coefficient and represents the vocal tract characteristics and G (z) represents the vocal tract characteristics. The parameter extracted by the LP analysis is a time domain parameter and shows the inverse filter characteristic of the vocal tract. As this parameter is a time domain parameter, the LSP analysis for converting to a parameter in the frequency domain due to the large variation of the voice characteristics due to the error is performed. To perform. LSP parameter is a technology that is widely used in the communication network because it represents the resonance frequency of the voice and does not affect the reconstructed voice in spite of a slight error.

In the mobile communication system using the LP / LSP based codec, the information delivery method using the sound signal can increase the transmission rate only when it is similar to the characteristics of the voice.

In general, the voice signal is composed of three to six formants to distinguish the sound value, but the most important of these is known as three. The voice signal shows pitch components due to periodic vibrations of the gates and the bandwidth due to natural attenuation in saints. In a wired network, the pass frequency band is 300 ~ 3500Hz, so three formants must be kept in the passband. In addition, the similarity between each voice signal should be small to increase the discrimination ability to increase the recognition rate.

Applying the above considerations, the configuration of the audio signal consisting of three formants and having a frequency band within 300 to 3500 Hz and each formant overlaps as shown in FIG.

With the formant structure described above, a low pitch period rather than a short pitch in the LP analysis has high accuracy, so that a signal having a pitch period of about 0.8 msec passes through the mobile communication system.

As in the following Equation 2, the impulse frequency components inputted by the excitation of the gate are resonated in the vocal tract, as shown in Equation 2 below. The voice signal is a convolution of the vocal tract characteristics of the vocal tract characteristics, and can be expressed as in Equation 3 below.

In addition, assuming that the glottal characteristic is an impulse having periodicity, a voice signal in one period may be implemented as follows.

Where A (k) is the amplitude of the spectrum and NF is the Nyquest frequency.

FIG. 9 shows a formant structure of a voice signal for each code designed to have discriminating powers for 12 characters used in a telephone keypad.

FIG. 10 is a block diagram illustrating a configuration of an OTP-to-speech unit according to an embodiment of the present invention, and FIG. 11 is a flowchart of a process of the OTP-to-speech unit according to an embodiment of the present invention.

First, FIG. 10 illustrates an embodiment in which an audio signal having a formant structure of FIG. 9 is generated by Equation 3 as a voice signal suitable for all audio input devices / communication networks by receiving an OTP code.

In the terminal apparatus of the OTP security authentication system using the above-mentioned voice signal, the OTP-to-speech converting means 800 includes: means for receiving an OTP code and mapping unique formant information corresponding to each code (801); Means (802) for controlling each mapped formant information with an appropriate bandwidth; And cosine converting means 803 for synthesizing the speech in a cosine transform manner as the sound source information is provided; It is configured to include.

The cosine converting means 803 is an embodiment for synthesizing a speech signal, and may also be used in other engineering methods.

In addition, in order to reduce the amount of calculation in the terminal device, the same voice signal can be generated by generating the voice signal in the unit of pitch offline, storing the same in the terminal device, and connecting the signals continuously and repeatedly. That is, by synthesizing only one pitch unit in advance and storing the speech signal in the device 804, and repeatedly connecting the speech signal in pitch units if necessary, the same voice signal can be generated.

In Fig. 11, a processing flowchart for the above-described OTP-to-speech method is shown. As shown, receiving the OTP code and maps the unique formant information 902 corresponding to each code (S901); Subsequently, control is performed to maintain appropriate bandwidth for each formant (S903); Next, a speech signal is synthesized through a cosine transform during one pitch period (S904 and S906); Outputting the generated voice signal (S907); And repeating all the above steps to the end of the entire OTP code (S908).

12 is an exemplary view illustrating an acoustic signal used for data input using a conventional acoustic signal and frequency characteristics thereof. 12 illustrates a sound signal used in a data input using a conventional sound signal and frequency characteristics thereof. As can be seen from the frequency characteristic diagram, since it uses a single tone and uses a signal different from that of the voice signal, it can be seen that the signal is difficult to apply in a mobile communication system or a VoIP phone.

In contrast, the results of applying the system and method according to the present invention will be described with reference to FIGS. 13 to 15.

FIG. 13 is an exemplary diagram illustrating an example of a voice signal and a frequency characteristic of which channel distortion is minimized as a voice signal generated by applying a terminal apparatus and a processing method thereof according to an embodiment of the present invention, and FIG. As a voice signal generated by applying the terminal apparatus and the processing method according to an embodiment of the present invention, the channel distortion is an exemplary view showing an example of the voice signal sequence and frequency characteristics, Figure 15 is a terminal according to an embodiment of the present invention It is an exemplary figure which shows the example of the audio signal sequence and the frequency characteristic which passed through the mobile communication network using the apparatus and its processing method.

13 is an embodiment of a voice signal for an arbitrary code generated by the above-described scheme. As can be seen from the frequency characteristics, three formant structures and the shape of the excitation model for each pitch unit can be observed. Referring to the spectrogram shown in FIG. 13, the brighter the image, the stronger the energy intensity. The bright band in the horizontal direction indicates the formant, and the bright band in the vertical direction indicates the excitation point of the gate. As such, since the optimization of the audio signal, the loss of the restored signal can be very small.

Similarly, FIG. 14 is an example of a voice signal sequence for each code generated by the above method, and FIG. 15 shows that the formant structure is maintained as an example of a signal recorded by passing the signal of FIG. 9 through a mobile communication network. Can be.

As a result, as shown and described, regardless of the characteristics of any audio input device or communication network, the transmission is excellent, there is an advantage that can be applied to PCs, landlines, mobile phones, VoIP, and the like.

As described above, according to the system and the method according to the present invention, the following effects can be obtained.

First, the present invention is a voice signal is generated by pressing a button without directly entering the number compared to the conventional OTP of the letter and number output method, so that the input accuracy, convenience, preventing the leakage of OTP, and hacking It has an effect of implementing a one-time password security authentication system and its method.

Second, the present invention takes the advantages of the time synchronization / event synchronization method together, so that hacking is difficult, thereby enhancing the security.

Third, the present invention is excellent in the degree of delivery regardless of the characteristics of any audio input device or communication network has an excellent effect that can be applied to PCs, landlines, mobile phones, VoIP, and the like.

In the above, the present invention has been illustrated and described with reference to specific preferred embodiments, but the present invention is not limited to the above-described embodiments, and the present invention is not limited to the spirit of the present invention. Various changes and modifications will be possible by those who have the same.

Claims (8)

A client-side OTP generating means for generating an OTP (One Time Password) of the terminal by using a start button for starting OTP generation, a terminal-side event counter and time information, and a unidirectional direction of the generated OTP; And a client-side V-OTP generating terminal 100 having client-side encryption means for encrypting in both directions, and an OTP-to-speech converting means for converting the encrypted OTP into a voice signal. Receiving the data transmitted from the V-OTP generation terminal device 100, using voice recognition means, and comparing and determining whether or not match with a specified OTP, and the V-OTP generation terminal Audio input and network matching means (201) for receiving a voice signal transmitted from the apparatus (100) and for matching a communication network; Voice segment detection and feature parameter extracting means (202) for detecting a header of the OTP signal using the speech signal and recording a continuous speech signal to extract feature parameters for speech recognition; Speech recognition is performed using the voice recognition database 204 on the feature parameter of the extracted voice signal, verifies whether there is a transmission error in the received OTP, and analyzes bidirectionally encrypted information in a code string to identify the terminal. Voice recognition and encryption analysis means 203 for outputting information and OTP; An OTP generating means 205 connected to one side of the voice recognition and encryption analysis means and generating a server-side OTP using terminal specific information, server side event counter and time information received from the voice recognition and encryption analysis means; And comparing and comparing the information provided from the voice recognition and encryption analysis means 203 and the server-side OTP generating means 205 within a unit of time and an event, outputting an authentication result, and outputting the result to the main controller. Providing OTP comparison means (206); V-OTP authentication server 200 having a: OTP security authentication system using a voice signal, characterized in that comprises a. delete According to claim 1, The client-side OTP generating means, instead of being installed in the client-side V-OTP generation terminal device 100, the voice recognition and encryption analysis means built in the V-OTP authentication server 200 An OTP security authentication system using a voice signal, characterized in that is installed connected to the rear end of the (203). Pressing a start button to start OTP generation (S 301); When the start button is pressed, receiving the event counter and time information (S 303), generating a client-side OTP that randomly generates letters and numbers (S 302); A data combination step (S 304) of receiving the unique information of the terminal device (S 305) and combining the alphanumeric information and data; An encryption step (S 306) of generating encrypted letters and numbers by performing one-way and two-way encryption to prevent information leakage of the combined data; Generating a transmission data code string by combining an encrypted code string and an error check code using the encrypted character and numeric information (S 307); Synthesizing a speech signal corresponding to each code of the transmission data generated by the transmission data code string, or extracting from a sound source database to perform OTP-to-speech conversion (S 308); And outputting the generated voice signal (S 310). OTP generation method of the client-side terminal using a voice signal comprising: Waiting for an authentication start command (S401); Detecting a header of the OTP signal using the voice signal (S402); Extracting feature parameters for speech recognition with respect to the provided signal (S 405); Performing speech recognition on the feature parameter of the extracted speech signal using speech recognition DB (S 407) (S 406); Verifying a transmission error for the recognized OTP information (S408); When a transmission error occurs (S 409, No), requesting the user to notify the transmission error and redialing (S 410); If there is no transmission error (S 409, Yes), deciphering bi-directionally encrypted data from the code string to separate terminal unique information and OTP information (S 411); Generating a server-side OTP (S-OTP) using terminal-specific information, server-side time information, and event information provided by the client-side terminal device (S414); Comparing the client-side OTP and the server-side OTP in time and event units (S 412, S415); Notifying the successful authentication when the information matches according to the comparison result (S416); And notifying whether the authentication failure is notified when the comparison result information does not match, and returning to the authentication start step (S417). Authentication server-side OTP security authentication method for performing the authentication procedure by receiving the OTP information converted to a voice signal sequence comprising a: OTP security authentication method using a voice signal comprising a. delete In the OTP security authentication system applying the OTP security authentication method using the voice signal described in claim 4, OTP-to-speech means 800, Means for receiving an OTP code and mapping unique formant information corresponding to each code (801); Means (802) for controlling each mapped formant information with an appropriate bandwidth; And Cosine converting means 803 for synthesizing a speech by cosine transforming as the sound source information is provided; OTP security authentication system using a voice signal, characterized in that comprises a. The method of claim 4, wherein In the OTP generation method of the client-side terminal device using the voice signal, performing the OTP-to-speech conversion, Receiving an OTP code, receiving unique formant information corresponding to each code (S902), and mapping (S901); Controlling each mapped formant information with an appropriate bandwidth (S 903); Synthesizing a speech signal by a signal generating method of a cosine transform using sound source information for one pitch period (S905) (S904 and S906); Outputting the generated voice signal (S907); And Repeating the entire step to the end of the OTP code for all OTP codes (S 908); OTP security authentication method using a voice signal characterized in that it comprises a. The method of claim 7, wherein OTP security using a voice signal, characterized in that it comprises a means for generating the same voice signal by synthesizing and storing the voice signal in advance in units of pitch instead of directly synthesizing it in the terminal device, and then extracting and continuously connecting the voice signal if necessary. Authentication method.

Images