KR101749304B1 - Method and server for improving security of password authentication - Google Patents

Method and server for improving security of password authentication Download PDF

Info

Publication number
KR101749304B1
KR101749304B1 KR1020160027191A KR20160027191A KR101749304B1 KR 101749304 B1 KR101749304 B1 KR 101749304B1 KR 1020160027191 A KR1020160027191 A KR 1020160027191A KR 20160027191 A KR20160027191 A KR 20160027191A KR 101749304 B1 KR101749304 B1 KR 101749304B1
Authority
KR
South Korea
Prior art keywords
user terminal
string
password
input
user
Prior art date
Application number
KR1020160027191A
Other languages
Korean (ko)
Inventor
장진달
김창오
김용진
Original Assignee
쿠팡 주식회사
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 쿠팡 주식회사 filed Critical 쿠팡 주식회사
Priority to KR1020160027191A priority Critical patent/KR101749304B1/en
Application granted granted Critical
Publication of KR101749304B1 publication Critical patent/KR101749304B1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

According to an embodiment of the present invention, there is provided an authentication method for performing a password authentication process consisting of N digits, the authentication method comprising the steps of: (a) performing N character string mapping indicating a mapping relationship between each numeric value, Creating a table; (b) transmitting the N character string mapping tables to a user terminal; (c) receiving, from the user terminal, N strings each mapped in the N string mapping tables for N numeric values input by the user in order; And (d) extracting the numerical value entered by the user from the received string.

Description

METHOD AND SERVER FOR IMPROVING SECURITY OF PASSWORD AUTHENTICATION [0002]

The present invention relates to a password authentication security improvement method and server, and more particularly, to a method and server for improving security of password authentication by mapping different strings according to an input order.

With the development of the Internet infrastructure and the financial transaction infrastructure, user authentication has become a very important issue for financial transactions and website access.

In particular, phishing has recently been used as a means of obtaining phishing, such as obtaining personal financial transaction information (for example, an authentication number or credit card number, account information, etc.) (Pharming) which steals personal information such as personal ID, password, account information, etc., from a user's keyboard or the like (For example, a personal ID, a password, account information, etc.) to be hacked by a user, and the like are becoming a problem, and a safer and more efficient method for financial transactions is sought.

On the other hand, in a recent customer wireless terminal, in order to authenticate the validity of the financial transaction in a predetermined financial transaction (payment and / or bill delivery, etc.) in connection with the connected financial transaction means, Procedures are in progress.

However, due to the nature of the information and communication technology, the password for the financial transaction transmitted through the network may be hacked, stolen, lost or abused, thereby preventing hacking, theft or loss for a safer and more reliable financial transaction, It is necessary to improve the security so that the password can not be easily guessed and stolen even if it is stolen or lost.

SUMMARY OF THE INVENTION The present invention has been made to solve the above-mentioned problems of the conventional art, and it is an object of the present invention to prevent an easy password leakage due to hacking or the like by mapping each numeric value of a password to a character string in accordance with an input sequence.

It is another object of the present invention to further enhance security by transmitting and receiving an encrypted string between a user terminal and an authentication server.

Yet another object of the present invention is to prevent a leakage of mapping information in advance by generating a new mapping table every time a password authentication request is made.

According to another aspect of the present invention, there is provided an authentication method for performing a password authentication process comprising N (N is a natural number) number, comprising the steps of: (a) Generating N character string mapping tables representing mapping relationships between each numeric value that can be configured and an arbitrary string; (b) transmitting the N character string mapping tables to a user terminal; (c) receiving, from the user terminal, N strings each mapped in the N string mapping tables for N numeric values input by the user in order; And (d) extracting the numerical value entered by the user from the received string.

The step (b) comprises transmitting one string mapping table before each numerical value is entered by the user.

And encrypting all the strings in the string mapping table after step (a), wherein (b) transmits N encrypted string mapping tables to the user terminal, and (c) And N encrypted strings respectively mapped in the N encrypted string mapping tables are received from the user terminal.

And (c) decrypting the encrypted character string after the step (c).

In the step (d), a character string received from the user terminal is converted into a corresponding numerical value according to the N character string mapping table in consideration of a user input sequence, and a value input to the user terminal is extracted A password authentication security method is provided.

Before the step (b), randomly combining one or more characters to generate the strings.

And configuring a keypad array in which the numeric values are randomly arranged after the step (a), and transmitting the keypad array to the user terminal.

According to another embodiment of the present invention, there is provided an authentication server for performing a password authentication process comprising N (N is a natural number) number, wherein each of the numeric values configurable by the password is mapped to an arbitrary string A character string mapping table generation unit for generating N character string mapping tables indicating a relationship and transmitting N encrypted string mapping tables to a user terminal; A string encryption unit for encrypting a string of the N character string mapping tables; A communication unit for receiving, from the user terminal, an encryption string corresponding to a value input to the user terminal according to the encrypted string mapping information; A character string decryption unit for decrypting the encrypted character string received from the user terminal; And an input value extracting unit for extracting a value input to the user terminal from the character string received from the user terminal.

And a user information DB in which user information including card information of a user and a password set by the user are stored.

And an authentication unit that determines whether a value input to the user terminal extracted from the input value extracting unit matches the pre-stored password.

According to the embodiment of the present invention, the numerical value of the password is mapped to the character string by reflecting the input order, so that even if one mapping information is leaked by hacking or the like, information on the entire password can be prevented from being leaked.

According to an embodiment of the present invention, security can be further enhanced by encrypting a string transmitted and received between the user terminal and the authentication server.

According to an embodiment of the present invention, a new mapping table may be generated every time a password authentication request is made so that mapping information is not leaked in advance.

It should be understood that the effects of the present invention are not limited to the above effects and include all effects that can be deduced from the detailed description of the present invention or the configuration of the invention described in the claims.

1 is a configuration diagram of a password authentication security system according to an embodiment of the present invention.
2 is a block diagram illustrating a configuration of an authentication server according to an embodiment of the present invention.
FIG. 3 is a flowchart illustrating a password authentication security improvement method according to an exemplary embodiment of the present invention. Referring to FIG.
4 is a flowchart illustrating a password authentication security improvement method according to another embodiment of the present invention, according to the flow of time.
FIG. 5 is a table showing a table in which a numerical value according to an input order is mapped to a character string according to an embodiment of the present invention.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, the present invention will be described with reference to the accompanying drawings. The present invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. In order to clearly illustrate the present invention, parts not related to the description are omitted, and similar parts are denoted by like reference characters throughout the specification.

Throughout the specification, when a part is referred to as being "connected" to another part, it includes not only "directly connected" but also "indirectly connected" . Also, when an element is referred to as "comprising ", it means that it can include other elements, not excluding other elements unless specifically stated otherwise.

Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings.

1 is a configuration diagram of a password authentication security system according to an embodiment of the present invention.

Referring to FIG. 1, the password authentication security system may include a user terminal 100 and an authentication server 200 that can communicate with each other through a communication network.

First, the communication network can be configured without regard to its communication mode such as wired and wireless. A local area network (LAN), a metropolitan area network (MAN), a wide area network (WAN), and the like. Preferably, the communication network according to one embodiment may be implemented as a WWW (World Wide Web).

The user terminal 100 can be connected to an external server such as the authentication server 200 through a network such as a mobile phone, a smart phone, a PDA (Personal Digital Assistant), a PMP (Portable Multimedia Player), a tablet PC, And may be connected to an external server such as the authentication server 200 through a network such as a desktop PC, a tablet PC, a laptop PC, and an IPTV including a set-top box. Lt; / RTI > communication device.

According to the embodiment of the present invention, when the user terminal 100 requires a password to be input when using electronic commerce or the like, the user terminal 100 may request the authentication server 200 to perform password authentication.

The authentication server 200 according to an exemplary embodiment of the present invention performs authentication of a password input to the user terminal 100.

The authentication server 200 maps each numeric value constituting the password to randomly configured strings (hereinafter referred to as " string mapping "). The string mapping according to the embodiment of the present invention, They are mapped to different strings.

That is, even the same numeric value is mapped to a different character string depending on how many digits are located in the order of constructing the password.

The authentication server 200 according to an exemplary embodiment may generate a mapping table for the mapping information and transmit the mapping table to the user terminal 100. When a password authentication request is received from the user terminal 100, A mapping table can be created.

In addition, the authentication server 200 may configure the keypad array of the password input screen provided to the user in the user terminal 100 differently for each password authentication process.

That is, when a password authentication request is received from the user terminal 100, the authentication server 200 may randomly configure the keypad arrangement positions of the numeric values and transmit the keypad arrangement positions to the user terminal 100.

In addition, the authentication server 200 according to an exemplary embodiment can not only encrypt each character string generated by mapping with a numeric value, but also decrypt the encrypted character string when receiving the encrypted character string.

2 is a block diagram illustrating a configuration of an authentication server 200 according to an embodiment of the present invention.

2, the authentication server 200 includes a keypad array generator 210, a string mapping table generator 220, a string encryption unit 230, a character string decryption unit 240, an input value extraction unit 250, A user information DB 260, an authentication unit 270, a control unit 280, and a communication unit 290.

The keypad array generating unit 210 according to an embodiment may provide an arrangement of keypads provided by the user terminal 100 when a password is input.

The keypad array means that the numeric values 0 to 9 are arranged on the keypad of the screen of the user terminal 100 for inputting the password. The keypad array generation unit 210 according to the embodiment of the present invention may arrange such keypad array It can be configured at random without depending on a certain rule.

The keypad array generating unit 210 according to the embodiment can select various types of keypads in which more than ten coordinate values can be generated in relation to the shape of the keypad provided to the user terminal 100. [

Depending on the shape of the keypad, the types of coordinates that can place each numerical value in the keypad array generation unit 210 are different, and the presence or absence of a blank on the keypad may also be changed.

For example, when the keypad of row 3 to row 4 is selected, each numeric value can be placed in the coordinates from (1,1) to (3,4), and includes two spaces, while the keypad of row 5 x 2 If you choose a shape, you will place each numeric value in the coordinates from (1,1) to (5,2), and there will be no blank space.

The keypad array generating unit 210 according to an exemplary embodiment may newly configure the keypad array each time a password authentication request is received from the user terminal 100. [

The character string mapping table generator 220 according to an embodiment maps each of the numeric values 0 to 9 to different strings. Each numeric value can be mapped to a randomly constructed string of a plurality of characters, with different strings mapped to different numerical values.

According to one embodiment, the string mapping table generation unit 220 can newly generate mapping information of a numeric value and a character string each time a password authentication request is received from the user terminal 100, Each combination of strings can be configured as a new combination.

According to the embodiment of the present invention, the string mapping table generation unit 220 may map different strings according to the input order, that is, how many digits of the password are input, even if the same numeric value is used.

For example, if the number 2 is in the first position of the password, the mapped string will be 'sdfsfsdf', but if it comes in the second position, it can be mapped to 'sdfsfs'. Therefore, when the password is composed of four digits, mapping information for a numerical sequence of 0 to 9 will be generated by 40 = 10 × 4, and if the password is composed of 6 digits, 10 × 6 = 60 mapping information will be generated .

Generally, if the password is composed of N numeric values (N is a natural number), that is, N digits, the character string mapping table generation unit 220 generates N character string mapping tables, Each string mapping table for the input sequence will consist of different strings even if they have the same numeric value.

According to another embodiment of the present invention, the N character mapping tables may be transmitted to the user terminal at the time of requesting the password authentication. Alternatively, the N character mapping tables may be sequentially transmitted one by one, .

As described above, according to the embodiment of the present invention, by configuring different mapping information according to the input order of each numeric value, even if a certain number of mapping strings are leaked out, the entire password can not be extracted, Security can be improved.

The string mapping table generation unit 220 provides the generated string mapping table to the user terminal 100 as described above.

At this time, according to the embodiment of the present invention, when receiving the password authentication request from the user terminal 100, the entire string mapping table generated may be transmitted to the user terminal 100, and in accordance with another embodiment of the present invention, When receiving the password authentication request, only the mapping table for the first input sequence (hereinafter, referred to as 'first mapping information') is transmitted. If there is input of the first position of the password, the mapping table for the second input (Third mapping information) when a second password is input, and sequentially transmit the mapping information according to a password input, such as transmitting a third mapping table (third mapping information).

The string encryption unit 230 encrypts the strings corresponding to the respective numeric values generated by the string mapping table generation unit 220.

The string encryption unit 230 according to an embodiment can encrypt each string using an encryption algorithm such as DES, 3DES, or AES.

When the authentication server 200 transmits the numeric value and the mapping information of the character string to the user terminal 100, the character string encryption unit 230 encrypts all the strings mapped so that the string combinations are not exposed, You can transfer a string mapping table.

Accordingly, when there is an input of a password in the user terminal 100, as an input numerical value mapping information, what is received by the authentication server 200 becomes an encrypted character string.

Since the string combination is made up of an encrypted string in the password authentication process between the user terminal 100 and the authentication server 200, the type of the string combination is not exposed, so that the probability of inferring the password .

DES (Data Encryption Standard) cipher algorithm is a typical symmetric cipher system, which is a block cipher system which can make a 64-bit plain text into a 64-bit cipher text by using a 56-bit secret key. It is a scheme that repeats DES three times in a proposed way as an alternative to the vulnerability caused by having a short key length of bits. The Advanced Encryption Standard (AES) is one of the symmetric encryption schemes, and is an encryption algorithm specified by the international standard. The symmetric encryption scheme refers to an encryption algorithm or scheme that uses the key used in the encryption process and the key used in the process of decrypting the password.

The character string decryption unit 240 decrypts the encrypted character string received from the user terminal 100.

By decoding the string encrypted by the string decoder 240, when the string combination becomes available, the input value of the user terminal 100 can be extracted from the string combination.

The input value extracting unit 250 according to an embodiment receives the decoded character string from the character string decoding unit 240 and converts the decoded character string into an input order and a numerical value corresponding to the character string, Can be extracted.

The input value extractor 250 may convert a character string to a numerical value by receiving a character string mapping table from the character string mapping table generator 220. [

According to the embodiment of the present invention, since the string is mapped by reflecting the number of digits constituting the password, that is, the input order, the input value extracting unit 250 extracts a character string The input value is extracted through the mapping table.

The user information DB 260 stores user basic information using a password authentication security system according to an embodiment of the present invention and a password previously registered by the user. The user basic information stored in the user information DB 260 according to one embodiment may include information related to settlement such as user's personal information and card information owned by the user.

The authentication unit 270 according to an exemplary embodiment may receive the input value extracted from the input value extraction unit 250 and check whether the input value matches the registered password stored in the user information DB 260. [

If it is confirmed that the value input to the user terminal 100 by the authentication unit 270 matches the registration password of the user, the authentication server 200 transmits the password authentication completion information to the user terminal 100, And when the value input to the user terminal 100 does not match the registered password of the user, the password authentication failure information is transmitted to prevent the payment.

The controller 280 according to an embodiment includes a keypad array generator 210, a string mapping table generator 220, a string encryption unit 230, a string decoder 240, an input value extractor 250, The information DB 260, the authentication unit 270, and the communication unit 290. [0100] That is, the control unit 280 according to the present invention includes a keypad array generating unit 210, a character mapping table generating unit 220, a character string encrypting unit 230, a character string decrypting unit 240, an input value extracting unit 250, The user information DB 260, the authentication unit 270, and the communication unit 290, respectively.

The communication unit 290 according to one embodiment enables communication between the authentication server 200 and an external device. Specifically, the authentication server 200 enables communication with the user terminal 100.

FIG. 3 is a flowchart illustrating a password authentication security improvement method according to an exemplary embodiment of the present invention. Referring to FIG.

First, when the user terminal 100 transmits a password authentication request to the authentication server 200 (S310), the authentication server 200 generates a character string mapping table for matching a numeric value and a randomly configured character string of one or more characters (S320).

The authentication server 200 according to an exemplary embodiment may also perform a random combination generation process of a string when requesting a password authentication.

The strings that are mapped to different numbers are configured differently, and even in the case of the same numeric value, the character string mapped to each numeric value is mapped to a different character string according to the input order of the digits constituting the password.

Thereafter, the authentication server 200 encrypts each string of the string mapping table through an encryption algorithm (S330).

The authentication server 200 transmits the keypad array in which the numeric values are randomly arranged and the encryption string mapping table to the user terminal 100 in operation S340.

When the password input screen where each numeric value is located is displayed according to the keypad array received from the user terminal 100, the password is inputted by the user (S350).

In step S360, the user terminal 100 transmits an encryption string matching the inputted numeric value to the authentication server 200 according to the encryption string mapping table received in step S340.

The authentication server 200 decrypts the received encryption string (S370), traces back the string mapping table generated in S320, extracts the numerical value corresponding to the decoded string and the input order of the numerical value, The value input to the controller 100 can be known (S380).

The authentication server 200 checks whether the extracted input value matches the previously registered password of the user (S390), and transmits the matching result, that is, the password authentication result, to the user terminal 100 (S400).

If the input value matches the registration password, the user terminal 100 proceeds with the payment process. If the input value does not match, the user terminal 100 requests the password re-input or stops the payment process.

4 is a flowchart illustrating a password authentication security improvement method according to another embodiment of the present invention, according to the flow of time.

When the user terminal 100 transmits a password authentication request to the authentication server 200 at step S410, the authentication server 200 generates a character string mapping table for matching a numeric value and a random character string of at least one character ).

At this time, the authentication server 200 may also perform the random combination generation process of the string when requesting the password authentication.

Strings mapped to different numbers are configured differently, and even in the case of the same numeric value, a character string mapped to each numeric value is mapped to a different character string according to the input order.

The authentication server 200 encrypts each string of the generated string mapping table through an encryption algorithm (S430).

The authentication server 200 according to the embodiment of FIG. 4 transmits a keypad array in which an array of numerical values is randomly arranged and the encryption string mapping table to the user terminal 100. At this time, Instead of transmitting the entire table, only the first encryption string mapping table corresponding to the first place of the password input order is transmitted (S440).

When a password input screen in which each numeric value is located according to the keypad array received from the authentication server 200 is displayed on the user terminal 100, a first input for inputting the first digit of the password is performed by the user at step S450.

In step S460, the user terminal 100 transmits a first encryption string matching the password first digit value of the first input to the authentication server 200 according to the received first encryption string mapping table.

When the first encryption string is received, the authentication server 200 transmits a second encryption string mapping table corresponding to the next input sequence to the user terminal 100 (S470).

If the second input corresponding to the second secret number is performed in step S480, the user terminal 100 transmits the second encryption string matching the second encryption string mapping table to the authentication server 200 in step S490.

When the second encryption string is received, the authentication server 200 transmits the third encryption string mapping table (S500). In the user terminal 100 receiving the third encryption string, the third input is performed (S510) And transmits the third encryption string based on the mapping table to the authentication server 200 (S520).

Although FIG. 4 shows a case where the password is composed of three digits for convenience of explanation, the password according to the embodiment of the present invention may be composed of two or more numerical values without regard to the number of digits.

Therefore, if the password is four digits, the process of S440 to S460 is repeated four times. If the password is six digits, the above process may be repeated six times.

When all the numeric values of the password are input and all the encryption strings to be mapped are transmitted, the authentication server 200 decrypts the received encryption string (S530), and performs an input value extraction step and a password matching check process as shown in FIG. 3 .

FIG. 5 is a table showing a table in which a numerical value according to an input order is mapped to a character string according to an embodiment of the present invention.

Referring to FIG. 5, it can be seen that a mapping string for a numerical value of 0 to 9 is shown.

The mapping of such a string is performed according to the input order for each place of the password, and in the case of FIG. 5, a string mapping table for the six-digit password is shown.

For example, as shown in the right user input numeric value table of FIG. 5, when the password is set to '133242', a numeric value of 1 corresponding to the first input order is 'dsfsfsfe' The mapping string for the numeric value 3 is 'sgsgsg', the numeric value 3 for the third input sequence is 'sdfspord', the numeric value 2 for the fourth input sequence is 'dfsgsgg', the numeric value 4 for the fifth input sequence is 'sgsgsdg' , The numeric value 2 of the sixth input sequence corresponds to 'sdfsfs'.

As described above, even in the case of the same numerical value, the numerical value 3 and the numerical value 2 in the above example, different strings are mapped to different strings if they correspond to different input sequences.

Therefore, the authentication server 200 receiving the character string from the user terminal 100 extracts the input value by searching the numeric value mapped to the character string in consideration of the input order.

As described above, according to the embodiment of the present invention, a different character string is mapped according to the input order, whereby the password can be prevented from being leaked by hacking or the like, and the security of the password authentication can be improved.

It will be understood by those skilled in the art that the foregoing description of the present invention is for illustrative purposes only and that those of ordinary skill in the art can readily understand that various changes and modifications may be made without departing from the spirit or essential characteristics of the present invention. will be. It is therefore to be understood that the above-described embodiments are illustrative in all aspects and not restrictive. For example, each component described as a single entity may be distributed and implemented, and components described as being distributed may also be implemented in a combined form.

The scope of the present invention is defined by the appended claims, and all changes or modifications derived from the meaning and scope of the claims and their equivalents should be construed as being included within the scope of the present invention.

100: User terminal
200: authentication server
210: Keypad array generating unit
220: String mapping table creation unit
230: string encryption unit
240: String decoding unit
250: input value extracting unit
260: User information DB
270:
280:
290:

Claims (10)

A password authentication security method for performing a password authentication process comprising N (N is a natural number) digits of an authentication server,
(a) a mapping table indicating a mapping relationship between each numeric value and each string that can constitute each digit of the password, wherein the mapping table has N strings Generating a mapping table;
(b) transmitting the N character string mapping tables to a user terminal;
(c) receiving from the user terminal, N strings mapped in each of the N character mapping tables, for N numeric values input by the user in order; And
(d) extracting the numerical value entered by the user from the received string.
The method according to claim 1,
The step (b)
And transmitting one string mapping table before a numerical value of each digit constituting the password is input by a user.
The method according to claim 1,
After the step (a)
Further comprising encrypting all strings in the string mapping table,
In the step (b), N encrypted string mapping tables are transmitted to the user terminal,
Wherein the step (c) comprises receiving, from the user terminal, N encrypted strings respectively mapped in the N encrypted string mapping tables.
The method of claim 3,
After the step (c)
And decrypting the encrypted string.
The method according to claim 1,
The step (d)
Wherein the character string received from the user terminal is converted into a numeric value corresponding to the N character string mapping table in consideration of a user input sequence and a value input to the user terminal is extracted.
The method according to claim 1,
Before the step (b)
Randomly combining one or more characters to generate the strings.
The method according to claim 1,
After the step (a)
Configuring a keypad array in which the numeric values are randomly arranged, and transmitting the keypad array to the user terminal.
An authentication server for performing a password authentication process comprising N (N is a natural number) digits,
A mapping table that indicates a mapping relationship between each of the numeric values that can constitute each digit of the password and an arbitrary character string and includes N character mapping tables having different mapping relationships between the numeric values and the character strings per digit of the password, And transmits N encrypted string mapping tables to the user terminal;
A communication unit for receiving, from the user terminal, N strings mapped in each of the N character mapping tables for N numeric values sequentially input to the user terminal; And
And an input value extracting unit for extracting a value input to the user terminal from a character string received from the user terminal.
9. The method of claim 8,
And a user information DB storing user information including card information of a user and a password set by the user.
10. The method of claim 9,
And an authentication unit that determines whether a value input to the user terminal extracted from the input value extracting unit matches the pre-stored password.
KR1020160027191A 2016-03-07 2016-03-07 Method and server for improving security of password authentication KR101749304B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020160027191A KR101749304B1 (en) 2016-03-07 2016-03-07 Method and server for improving security of password authentication

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020160027191A KR101749304B1 (en) 2016-03-07 2016-03-07 Method and server for improving security of password authentication

Publications (1)

Publication Number Publication Date
KR101749304B1 true KR101749304B1 (en) 2017-06-20

Family

ID=59281542

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020160027191A KR101749304B1 (en) 2016-03-07 2016-03-07 Method and server for improving security of password authentication

Country Status (1)

Country Link
KR (1) KR101749304B1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111262645A (en) * 2019-10-21 2020-06-09 上海百事通信息技术股份有限公司 Data transmission method, device, storage medium and terminal
CN113779554A (en) * 2021-09-01 2021-12-10 中国银行股份有限公司 Information encryption transmission method, device and related equipment

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111262645A (en) * 2019-10-21 2020-06-09 上海百事通信息技术股份有限公司 Data transmission method, device, storage medium and terminal
CN111262645B (en) * 2019-10-21 2023-07-18 上海百事通信息技术股份有限公司 Data transmission method, device, storage medium and terminal
CN113779554A (en) * 2021-09-01 2021-12-10 中国银行股份有限公司 Information encryption transmission method, device and related equipment

Similar Documents

Publication Publication Date Title
US11516201B2 (en) Encryption and decryption techniques using shuffle function
US11882220B2 (en) Multi-tenant data protection in a centralized network environment
US9258296B2 (en) System and method for generating a strong multi factor personalized server key from a simple user password
US20180198774A1 (en) Method for authenticating a user via a non-secure terminal
CN107733656A (en) A kind of cipher authentication method and device
EP3407565B1 (en) Device authentication
Nyang et al. Keylogging-resistant visual authentication protocols
EP3230917B1 (en) System and method for enabling secure authentication
US20160127134A1 (en) User authentication system and method
US9768959B2 (en) Computer security system and method to protect against keystroke logging
KR101754017B1 (en) Method and server for improving security of password authentication by double mapping
JP6701359B2 (en) Dynamic graphical password-based network registration method and system
CN111047305A (en) Private key storage and mnemonic method for encrypted digital currency wallet based on digital watermarking technology
ES2758706T3 (en) Methods and systems for the secure transmission of identification information through public networks
KR101749304B1 (en) Method and server for improving security of password authentication
KR101832815B1 (en) Method and server for improving security of password authentication by real-time mapping
US10445510B2 (en) Data checking apparatus and method using same
KR100828558B1 (en) The financial system and the method which create a variable height arrangement
KR101808313B1 (en) Method of encrypting data
US20200084035A1 (en) Transmission and reception system, transmission device, reception device, method, and computer program
CN114640526B (en) Commercial cipher algorithm-based web application data encryption technology implementation method and system
EP3979556B1 (en) Electronic communication device for performing an authentication operation
KR101684905B1 (en) User authentication device for multi-authenticating by using fingerprint, security key and wireless tag
Sarang et al. A Secured Two-Factor Authentication Protocol for One-Time Money Account
JP2015230724A (en) Transaction system

Legal Events

Date Code Title Description
E701 Decision to grant or registration of patent right
GRNT Written decision to grant