KR102319664B1 - Electronic device blocking rsa and method for operating thereof - Google Patents

Abstract

According to one embodiment, an electronic device comprises a communication circuit and a processor. The processor receives a first signal containing a first code from an external device through the communication circuit, generates a plurality of codes for comparison corresponding to each of a plurality of time points related to a first time point which is a reception time point of the first signal based on reception of the first signal, determines that the first signal is valid when the first code contained in the first signal exists among the plurality of codes for comparison, and determines that the first signal is invalid when the first code contained in the first signal does not exist among the plurality of codes for comparison.

Description

Electronic device for preventing RSA and operating method thereof

Various embodiments relate to an electronic device for preventing a relay station attack (RSA) and a method of operating the same.

A smart key is currently used to operate a locking device in a vehicle. The smart key supports various functions and may remotely transmit a communication signal corresponding to each of the various functions to the vehicle. The vehicle may receive a communication signal from the smart key, analyze information of the received communication signal, and perform a corresponding function. For example, current smart keys and/or vehicles provide functions such as unlocking, locking, and opening/closing of a vehicle's locking device.

When the user with the smart key approaches the vehicle, the vehicle may recognize that the smart key enters the proximity range. For example, the vehicle may transmit a search signal periodically (or aperiodically). The smart key may transmit a response signal in response to the search signal to the vehicle. The vehicle may recognize that the smart key enters the proximity range according to the reception of the response signal. Accordingly, the vehicle may automatically enter the open mode, or may unlock the vehicle door lock when a touch on the handle of the vehicle is confirmed. Accordingly, even if the user approaches the vehicle without directly manipulating the smart key, the control of the vehicle may be automatically performed.

As described above, even if the user does not directly manipulate the smart key, there is a possibility that the function of the vehicle is automatically performed according to transmission and reception of a communication signal between the vehicle and the smart key. The above technique assumes that transmission and reception of a communication signal can be performed only when both devices are close to each other. That is, when both devices are far apart, a communication signal may not be transmitted/received, or a reception strength (eg, RSSI) of the communication signal may be less than or equal to a threshold reception strength, and in this case, the vehicle function is not controlled. However, in RSA, which has recently become a problem, as a plurality of relay devices relay communication signals, it may be possible to remotely control vehicle functions by an unauthorized person.

An electronic device and an operating method thereof according to various embodiments generate codes corresponding to each of a plurality of time points associated with a reception time of a communication signal, and according to whether a code included in a communication signal exists among the generated codes It is possible to determine whether the communication signal is valid.

According to an embodiment, an electronic device includes a communication circuit, and a processor, wherein the processor receives a first signal including a first code from an external device through the communication circuit, and the first signal generates a plurality of comparison codes corresponding to each of a plurality of time points associated with a first time point that is a reception time point of the first signal, and includes in the first signal among the plurality of comparison codes If the first code is present, it is determined that the first signal is valid, and when the first code included in the first signal does not exist among the plurality of comparison codes, the first signal is may be considered invalid.

According to an embodiment of the present disclosure, a method of operating an electronic device includes receiving a first signal including a first code from an external device, and based on the reception of the first signal, a first signal reception time point generating a plurality of comparison codes corresponding to each of a plurality of time points associated with a first time point; when the first code included in the first signal among the plurality of comparison codes exists, the first signal may include an operation of determining that is valid, and an operation of determining that the first signal is invalid when the first code included in the first signal among the plurality of comparison codes does not exist. .

According to various embodiments, codes corresponding to each of the plurality of time points associated with the reception time of the communication signal are generated, and the validity of the communication signal is determined according to whether a code included in the communication signal among the generated codes exists. An electronic device and a method of operating the same may be provided. Accordingly, remote control by a person who does not have the same authority as the RSA may not be possible.

1 is a view for explaining a process of RSA according to a comparative example for comparison with various embodiments.
2 illustrates an authentication method according to a comparative example for comparison with various embodiments.
3A is a flowchart illustrating operations of an electronic device and a vehicle according to various embodiments of the present disclosure;
3B is an example of a code generated by a vehicle and/or an electronic device according to various embodiments of the present disclosure;
4A is a flowchart illustrating operations of an electronic device and a vehicle according to various embodiments of the present disclosure;
4B is a flowchart illustrating operations of an electronic device and a vehicle according to various embodiments of the present disclosure;
5 is a block diagram of an electronic device and a vehicle according to various embodiments of the present disclosure;
6A is a flowchart illustrating an operation of an electronic device and/or a vehicle according to various embodiments of the present disclosure;
6B to 6D illustrate viewpoints managed by a vehicle and/or an electronic device according to various embodiments.
7 is a view for explaining a door lock system and an electronic device according to various embodiments.
8 is a diagram for describing an election management system and an electronic device according to various embodiments of the present disclosure;
9 is a view for explaining a payment device and an electronic device according to various embodiments of the present disclosure;
10A is a diagram for describing communication between internal devices of an electronic device according to various embodiments of the present disclosure;
10B is a diagram for describing operations of a plurality of internal devices in one electronic device according to various embodiments of the present disclosure;
11 is a diagram for describing communication between a central server and electronic devices according to various embodiments of the present disclosure;
12 is a flowchart illustrating an operation of a central server according to various embodiments of the present disclosure;
13 is a flowchart illustrating a method of generating a unique code according to various embodiments of the present invention.
14 is a flowchart illustrating a code generation method according to various embodiments of the present invention.
15 is a flowchart illustrating a code generation method according to various embodiments of the present invention.
16 is a flowchart illustrating an offset determination process according to various embodiments of the present invention.
17 is a flowchart of a method for determining a character set according to various embodiments of the present disclosure;
18 is a flowchart of a method for determining a character set according to various embodiments of the present disclosure;

Hereinafter, exemplary embodiments according to the present invention will be described in detail with reference to the contents described in the accompanying drawings. However, the present invention is not limited or limited by the exemplary embodiments. The same reference numerals provided in the respective drawings indicate members that perform substantially the same functions.

1 is a view for explaining a process of RSA according to a comparative example for comparison with various embodiments.

According to the comparative example, the vehicle 1 may be set to perform a corresponding function by using the information included in the communication signal from the smart key within the first range 5 . Here, the vehicle 1 may mean a general vehicle, or computing means (eg, at least one of a processor, mini-computer, FPGA, or control circuit) in a general vehicle, storage means (eg, memory, etc.), or at least a part of communication means. For example, when a device capable of generating a communication signal transmits a communication signal, as the distance between the device and the vehicle 1 increases, the reception strength of the communication signal in the vehicle 1 may decrease. For example, the vehicle 1 may determine whether the external device approaches within the first range 5 according to the reception strength of the communication signal from the external device. According to the comparative example, when the communication signal within the first range 5 is confirmed, the vehicle 1 may determine that the smart key exists and perform a function designated by the communication signal.

On the other hand, the problem caused by RSA is emerging. For RSA, two or more relay devices (2,3) are required. First, as a first operation, the vehicle 1 may transmit a communication signal periodically or aperiodically. For example, it is assumed that the first relay device 2 is disposed within the first range 5 , so that the first relay device 2 can receive a communication signal from the vehicle 1 . . It is assumed that the communication signal contains a challenge value. The first relay device 2 may transmit the received communication signal to the second relay device 3 . The corresponding communication signal may also include a challenge value. The second relay device 3 may transmit the received communication signal to the smart key 4 . The corresponding communication signal may also include a challenge value. For example, one non-authorized person possesses the first relay device 2 and is located near the vehicle 1, and the other non-authorized person possesses the second relay device 3 and the smart key 4 It is assumed that it is located near one user. At this time, since the second relay device 3 is located near the smart key 4 , the smart key 4 may receive a communication signal from the second relay device 3 . The smart key 4 may generate a response value corresponding to the challenge value included in the communication signal, and may generate a communication signal including the response value. The second relay device 3 may receive a communication signal including a response value, and may transmit it to the first relay device 2 . The first relay device 2 may receive a communication signal including a response value, and may transmit it to the vehicle 1 . The vehicle 1 may receive a communication signal including a response value, and may complete authentication by using the response value included in the communication signal, and perform a function corresponding thereto (eg, opening the vehicle door). can be done

As described above, the authentication method according to the exchange of a communication signal with the smart key 4 simply disposed within a specific range 5 is very vulnerable to RSA.

2 illustrates an authentication method according to a comparative example for comparison with various embodiments.

According to the comparative example, the vehicle 1 may transmit a communication signal to the smart key 4 , and the smart key 4 may transmit a communication signal to the vehicle 1 in response thereto. It is assumed that Δt1 is required for transmission of a communication signal from the vehicle 1 to the smart key 4 and Δt2 is required for transmission of a communication signal from the smart key 4 to the vehicle 1 . In addition, the vehicle determines whether the smart key 4 is close to the vehicle 1 according to whether the sum of Δt1 and Δt2 and the time required for signal processing in the smart key 4 is within a threshold time. can do. If the sum of Δt1 and Δt2 and the time required for signal processing in the smart key 4 is within the threshold time, the vehicle 1 determines that the smart key 4 is close to the vehicle 1. and a function designated by the smart key 4 can be performed.

If the smart key 4 is relatively far from the vehicle 1, Δt3 is required to transmit a communication signal from the vehicle 1 to the smart key 4, and the smart key 4 to the vehicle 1 It may take Δt4 to transmit a communication signal to The vehicle can determine whether the smart key 4 is close to the vehicle 1 according to whether the sum of Δt1 and Δt2 and the time required for signal processing in the smart key 4 is within the threshold time. have. If the sum of Δt3 and Δt4 and the time required for signal processing in the smart key 4 exceeds the threshold time, the vehicle 1 determines that the smart key 4 is not close to the vehicle 1. It is determined that it is, and the function designated by the smart key 4 may not be performed.

On the other hand, for accurate determination, accurate measurement of the required time is required, and there is also a possibility that the processing time by the smart key 4 may be manipulated. In particular, authentication can be performed only when two-way communication signal exchange is performed, and authentication cannot be performed by one-way communication signal transmission.

3A is a flowchart illustrating operations of an electronic device and a vehicle according to various embodiments of the present disclosure; The embodiment of FIG. 3A will be described in more detail with reference to FIG. 3B. 3B is an example of a code generated by a vehicle and/or an electronic device according to various embodiments of the present disclosure; The electronic device 101 in FIG. 3A , or the electronic device 101 according to various embodiments of the present disclosure, is, for example, a smart key or an electronic device (eg, a terminal) supporting the function of the smart key. , smart phone, PDA, wearable device, etc.), and there is no limitation on the type. Meanwhile, the method of operating the electronic device 101 illustrated in FIG. 3A may be applied not only to the smart key but also to various fields, which will be described later in more detail.

According to various embodiments, the vehicle 300 may generate a code in operation 301 . For example, vehicle 300 may generate code 331 , as in FIG. 3B . The vehicle 300 may generate the code 331 using the first time point at a first time point (eg, t=t _{1 -(ni)Δt in FIG. 3B ).} Here, t ₁ may be a reception time in the electronic device 101 of a communication signal transmitted by the vehicle 300 , which will be described later. Here, as will be described later, the number of codes 341 , 342 , ..., 343 , ..., 344 generated by the electronic device 101 may be n+1. i may be an integer greater than or equal to 0. For example, the vehicle 300 may generate the code 331 by applying the seed value and the first time point to an OTP (one time password) generation algorithm. However, the method of generating the code 331 is merely exemplary, and there is no limitation as long as it is a method of generating a code using information on at least one time point. Alternatively, the vehicle 300 may generate the code 331 based on an algorithm that is unique and guaranteed to be random, and the detailed algorithm will be described with reference to FIGS. 13 to 18 . As described above, the vehicle 300 may generate the code 331 using the first time point at a first time _{point (eg, t=t 1 -(ni)Δt in FIG. 3B ).} .

According to various embodiments, in operation 303 , the vehicle 300 may transmit a signal including the code 331 . In operation 305 , the electronic device 101 receives a plurality of time points (eg, t=t ₁ -( _{in FIG. 3B ) associated with the signal reception time t 1 based on the signal reception including the code 331 .} ni)Δt, i may generate a plurality of comparison codes (eg, 341,342,...,343,...,344 in FIG. 3B ) corresponding to each of 0 to n). For example, as shown in FIG. 3B , the electronic device 101 _{applies the seed value and each of n+1 time points t=t 1} -(ni)Δt (i is 0 to n) to the code generation algorithm. Accordingly, a plurality of comparison codes 341, 342, ..., 343, ..., 344 may be generated. For example, the electronic device 101 _{applies the seed value and the time point of t 1} -nΔt to the code generation algorithm to generate the zeroth generation code 341 , and the seed value and t ₁ -(n-1)Δt The first generation code 342 is generated by applying the time point of to the code generation algorithm, and the i+1th generation code 343 is generated by applying the _{seed value and the time point of t 1 -(ni)Δt to the code generation algorithm.} Then, the nth generation code 344 may be generated by applying the seed value and _{the time point of t 1 to the code generation algorithm.} For example, the seed values stored in each of the electronic device 101 and the vehicle 300 may be the same. Here, the time interval Δt is not limited. Meanwhile, a time of ΔT ₁ may be taken from a time when the code 331 is generated to a time t _{1 when the electronic device 101 receives a signal.} Accordingly, in one example, the electronic device 101 generates codes 341,342,...,343,..., 344 with respect to time points in the past as the time point _{t 1 at which the signal is received.} can do. Meanwhile, in another example, the electronic device 101 may generate codes for future time points as well as past time points of the time point _{t 1 at which the signal is received, with reference to FIGS. 6A to 6D ,} It will be described in more detail.

On the other hand, based on a time corresponding to a distance at which the vehicle 300 and the electronic device 101 can be determined to be close, the number of codes (eg, n+1) and the time interval Δt are to be set. can For example, if the distance at which the vehicle 300 and the electronic device 101 can be determined to be close is a, the time corresponding to the corresponding distance a may be b. In one example, b may be a value obtained by dividing a by c (speed of light), but there is no limitation. If time is b, (n+1) and Δt may be set so that the product of (n+1) and Δt satisfies b. (n+1) and/or Δt may be default values, but may be values calculated and changed by the electronic device 101 according to implementation. As b becomes larger, the range determined to be effective may be widened, and as b becomes smaller, the range determined to be effective may be narrowed. Accordingly, (n+1) and Δt may be appropriately set according to the type of service applied.

According to various embodiments, in operation 307 , the electronic device 101 includes a code 331 included in a signal among the plurality of comparison codes 341 , 342 , ..., 343 , ..., 344 . You can decide whether to do it or not. In the example of FIGS. 3A and 3B , the electronic device 101 sets the codes 341,342,...,343,...,344 with the same seed value with respect to time points in the past from the time point _{t 1 at which the signal is received.} ) can be created. Accordingly, if the distance between the electronic device 101 and the vehicle 300 is within a range that can be determined to be close, one of the codes 341,342,...,343,...,344 is the vehicle. It may be the same as the code 331 transmitted by 300 . If the distance between the electronic device 101 and the vehicle 300 is outside a range that can be determined to be close, the vehicle 300 is transmitted among the codes 341 , 342 , ..., 343 , ..., 344 . There may not be a code identical to one code 331 . Accordingly, if it is determined that the code 331 included in the signal exists among the plurality of comparison codes 341,342,...,343,...,344 (307-Yes), the electronic device 101 ), in operation 309 , it may be determined that the signal is valid. If it is determined that the code 331 included in the signal does not exist among the plurality of comparison codes 341,342,...,343,...,344 (309-No), the electronic device 101 ), in operation 311 , it may be determined that the signal is invalid.

As described above, the electronic device 101 may determine whether the signal from the vehicle 300 is valid. In particular, even if the measurement accuracy of the transmission/reception time point is somewhat lower, since the validity is determined according to the generation and comparison of codes with respect to the past time points, accurate authentication may be possible. In addition, authentication may be possible even by transmitting a one-way communication signal. In addition, since the generated code is transmitted through an algorithm rather than a time stamp, manipulation by an unauthorized person is impossible.

4A is a flowchart illustrating operations of an electronic device and a vehicle according to various embodiments of the present disclosure;

According to various embodiments, the electronic device 101 may generate a code in operation 401 . The electronic device 101 may generate a code at a first time point using the first time point. For example, the electronic device 101 may generate a code by applying the seed value and the first time point to the OTP generation algorithm. However, there is no limitation on the manner in which the electronic device 101 generates a code. As described above, the electronic device 101 may generate a code at a first time point using the first time point.

According to various embodiments, in operation 403 , the electronic device 101 may transmit a signal including a code. In operation 405 , the vehicle 300 may generate a plurality of comparison codes corresponding to each of the plurality of time points associated with the signal reception time, based on the reception of the signal including the code. For example, the vehicle 300 may generate a plurality of comparison codes by applying the seed value and each of the plurality of time points to the code generation algorithm. For example, the seed values stored in each of the electronic device 101 and the vehicle 300 may be the same. Meanwhile, a time of ΔT ₂ may be taken from a time when the code is generated to a time t _{1 at which the vehicle 300 receives a signal.} Accordingly, in one example, the vehicle 300 may generate codes with respect to time points in the past as a time point at which a signal is received. Meanwhile, in another example, the vehicle 300 may generate codes for future time points as well as past time points at the time of receiving the signal, which will be described in more detail with reference to FIGS. 6A to 6D . do. Meanwhile, the number of codes and a time interval between time points in the past may be set based on a time corresponding to a distance at which the vehicle 300 and the electronic device 101 may be determined to be close.

According to various embodiments, in operation 407 , the vehicle 300 may determine whether a code included in a signal among a plurality of comparison codes exists. The vehicle 300 may generate codes with the same seed value for time points in the past from the point in time when the signal is received. Accordingly, if the distance between the electronic device 101 and the vehicle 300 is within a range that can be determined to be close, one of the codes may be the same as the code transmitted by the electronic device 101 . If the distance between the electronic device 101 and the vehicle 300 is outside a range that can be determined to be close, among the codes, there may be no code identical to the code transmitted by the electronic device 101 . Accordingly, if it is determined that a code included in the signal exists among the plurality of comparison codes ( 407 - Yes), the electronic device 101 may determine that the signal is valid in operation 409 . If it is determined that the code included in the signal does not exist among the plurality of comparison codes ( 409 - NO), the electronic device 101 may determine that the signal is invalid in operation 411 .

As described above, the vehicle 300 may determine whether the signal from the electronic device 101 is valid. In particular, even if the measurement accuracy of the transmission/reception time point is somewhat lower, since the validity is determined according to the generation and comparison of codes with respect to the past time points, accurate authentication may be possible. In addition, authentication may be possible even by transmitting a one-way communication signal. In addition, since the generated code is transmitted through an algorithm rather than a time stamp, manipulation by an unauthorized person is impossible. In the embodiment of FIG. 4A , the electronic device 101 may transmit a signal to the vehicle 300 in a state in which the signal from the vehicle 300 is not received. The vehicle 300 may at least constantly monitor whether a signal is received. Meanwhile, in another embodiment, the electronic device 101 may receive a signal from the vehicle and transmit a signal including a code in response to the reception of the signal. Meanwhile, in another embodiment, the electronic device 101 may receive a signal including a code from a vehicle, and when authentication is successful based on the code, in response to it, the electronic device 101 may transmit a signal including the code, This will be described in detail with reference to FIG. 4B.

4B is a flowchart illustrating operations of an electronic device and a vehicle according to various embodiments of the present disclosure;

According to various embodiments, in operation 421 , the electronic device 101 may receive a first signal including the first code from the vehicle 300 . In operation 423 , the electronic device 101 may generate a plurality of comparison codes corresponding to each of the plurality of time points associated with the first signal reception time, based on the reception of the first signal. For example, as described with reference to FIGS. 3A and 3B , the electronic device 101 may generate a plurality of comparison codes corresponding to each of a plurality of past time points based on the reception time of the first signal. However, as will be described later in more detail, it is also possible to generate a plurality of comparison codes corresponding to past time points, reception time points, and future time points. For example, the electronic device 101 may generate a plurality of comparison codes by applying the seed value shared with the vehicle 300 and each of the plurality of time points to a code generation algorithm.

According to various embodiments, in operation 425 , the electronic device 101 may determine whether a code included in a signal exists among a plurality of comparison codes. If it is determined that a code included in the signal exists among the plurality of comparison codes (425-Yes), the electronic device 101 may determine that the signal is valid in operation 427 . Thereafter, the electronic device 101 may generate the second code in operation 429 . The electronic device 101 may generate the second code by applying the seed value shared with the vehicle 300 and an arbitrary time point to the code generation algorithm. In operation 431 , the electronic device 101 may transmit a second signal including the second code to the vehicle 300 . Among the plurality of comparison codes, if it is not determined that a code included in the signal exists (425-No), the electronic device 101 may determine that the signal is invalid in operation 433 . Thereafter, the vehicle 300 may generate a plurality of comparison codes corresponding to each of the plurality of time points associated with the second signal reception time based on the reception of the second signal including the second code. For example, the vehicle 300 may generate a plurality of comparison codes corresponding to each of a plurality of past time points based on the reception time of the second signal, but will be described later in more detail. It is also possible to generate a plurality of codes for comparison corresponding to each other, a reception time point, and future time points. For example, the vehicle 300 may generate a plurality of comparison codes by applying a seed value shared with the electronic device 101 and each of a plurality of time points to a code generation algorithm. The vehicle 300 may determine whether a code included in a signal exists among a plurality of comparison codes. If it is determined that a code included in the second signal exists among the plurality of comparison codes, the vehicle 300 may determine that the signal is valid. If it is not determined that there is a code included in the second signal among the plurality of comparison codes, the vehicle 300 may determine that the signal is invalid.

5 is a block diagram of an electronic device and a vehicle according to various embodiments of the present disclosure;

According to various embodiments, the electronic device 101 may include at least one of a processor 501 , a communication circuit 502 , and a memory 503 . According to various embodiments, the vehicle 300 may include at least one of a processor 511 , a communication circuit 512 , and a memory 513 .

According to various embodiments, at least one of the processor 501 or the processor 511 stores a CPU, a ROM in which a control program for control is stored, and signals or data input from the outside, or the electronic device 101 . It may include at least one of RAM used as a storage area for a work performed in the . The CPU may include single core, dual core, triple core, or quad core. The CPU, ROM and RAM may be interconnected through an internal bus.

According to various embodiments, at least one of the memory 503 or the memory 513 may include both the ROM and the RAM, and a program or algorithm for generating a code to be described in more detail later, a seed, a unique code, etc. information can be stored. At least one of the memory 503 and the memory 513 may be implemented as at least one of a volatile memory or a non-volatile memory, and there is no limitation in the implementation form.

According to various embodiments, at least one of the communication circuit 502 and the communication circuit 512 may transmit/receive data through communication. There is no limitation on the manner of communication performed in the communication circuit 502 or the communication circuit 512 . For example, the communication circuit 502 or the communication circuit 512 may transmit/receive data according to a radio frequency (RF) method or a low frequency (LF) method used in a general vehicle smart key. The communication circuit 502 or the communication circuit 512 may be used without limitation as long as it is a communication method capable of transmitting and receiving data in addition to the method used in a general vehicle smart key. For example, the communication circuit 502 or the communication circuit 512 may be configured not only for short-range communication (eg, Bluetooth, NFC, Zigbee, UWB, etc.), but also for D2D-based wireless communication (eg, in LTE or 5G). of D2D communication) may be used.

According to various embodiments, the processor 501 and/or the processor 511 receives a first signal including a first code from an external device through the communication circuit 502 and/or the communication circuit 512 . and, based on the reception of the first signal, generate a plurality of comparison codes corresponding to each of a plurality of time points associated with a first time point, which is a reception time point of the first signal, and among the plurality of comparison codes, When the first code included in the first signal is present, it is determined that the first signal is valid, and the first code included in the first signal among the plurality of comparison codes does not exist , it may be set to determine that the first signal is invalid.

According to various embodiments, the memory 503 and/or the memory 513 may store a seed value and a code generation algorithm for generating a code using information associated with the seed value and the time point. The processor 501 and/or the processor 511 is configured to, as at least part of the operation of generating the plurality of comparison codes, based on applying the seed value and each of the plurality of time points to the code generation algorithm. It can be set to generate each of the codes.

According to various embodiments, when it is determined that the first signal is valid, the processor 501 and/or the processor 511 applies the seed value and the second time point to the code generation algorithm to generate a second code. and transmit a second signal including the second code to the external device through the communication circuit 502 and/or the communication circuit 512 .

According to various embodiments, memory 503 and/or memory 513 may store a first seed value for generating a one-time password, a first unique code assigned to the user, and a character set. The processor 501 and/or the processor 511 generates, as at least part of the operation of generating the plurality of comparison codes, a plurality of first OTPs using the first seed value and each of the plurality of time points; , by mapping each of the plurality of first OTPs and the operation result of the first unique code to the character set to generate a plurality of first sub codes, and mapping the plurality of first OTPs to the character set to create a plurality of The second sub-codes may be generated, and each of the plurality of codes may be generated using each of the plurality of first sub-codes and each of the plurality of second sub-codes.

According to various embodiments, the plurality of time points may include at least a part of the first time point or at least one past time point before the reception time of the first signal. Alternatively, according to various embodiments, the plurality of time points may be selected from among the first time point, at least one past time point before the reception time of the first signal, or at least one future time point after the reception time of the first signal It may include at least a portion.

6A is a flowchart illustrating an operation of an electronic device and/or a vehicle according to various embodiments of the present disclosure; The embodiment of FIG. 6A will be described in more detail with reference to FIGS. 6B to 6D. 6B to 6D illustrate viewpoints managed by a vehicle and/or an electronic device according to various embodiments.

According to various embodiments, the electronic device 101 may receive a signal including a code from the vehicle 300 in operation 601 . Meanwhile, those skilled in the art know that the operation method according to the embodiment of FIG. 6A may be performed by the vehicle 300 , and in this case, the vehicle 300 may receive a signal including a code from the electronic device 101 . will understand In operation 603 , the electronic device 101 may generate a plurality of comparison codes corresponding to a plurality of time points before and after a signal reception time, based on reception of a signal including a code. For example, referring to FIG. 6B , the vehicle 300 may manage a plurality of viewpoints 631 , 632 , 633 , 634 , 635 , 636 and 637 . The electronic device 101 may manage a plurality of viewpoints 641 , 642 , 643 , 644 , 645 , 646 , and 647 . The electronic device 101 and the vehicle 300 may manage time points based on the included clock generator (eg, LCO). For example, in FIG. 6B , viewpoints 641,642,643,644,645,646,647 of the electronic device 101 and viewpoints 631,632,633,634,635,636,637 of the vehicle 300 may be synchronized. In this case, the vehicle 300 may generate a code at the third time point 633 and transmit a signal including the code to the electronic device 101 . For example, it is assumed that two units of time are required for signal transmission and/or processing. The electronic device 101 may receive a signal at a fifth time point 645 . For example, the electronic device 101 may generate codes corresponding to at least some of past time points (eg, 641 , 642 , 643 , 644 ) based on the fifth time point 645 . The electronic device 101 may generate a code corresponding to the third time point 643 and check that the generated code is the same as the code included in the signal. As shown in FIG. 6B , if the electronic device 101 and the vehicle 300 are synchronized, even if the electronic device 101 generates a code only for past time points based on the signal reception time, there is a problem in authentication. none.

Meanwhile, referring to FIG. 6C , the electronic device 101 and the vehicle 300 may not be synchronized. For example, there may be a difference between the viewpoints of the electronic device 101 and the viewpoints of the vehicle 300 by 4 units. For example, a fifth viewpoint 635 managed by the vehicle 300 may correspond to a first viewpoint 641 managed by the electronic device 101 . In this case, the vehicle 300 may generate a code at the third time point 633 and transmit a signal including the code to the electronic device 101 . For example, it is assumed that two units of time are required for signal transmission and/or processing. The electronic device 101 may receive a signal at a first time point 641 . For example, if the electronic device 101 generates codes corresponding to time points in the past with the first time point 641 as a starting point, the electronic device 101 cannot generate a code corresponding to the third time point 633 . In this case, the electronic device 101 may authenticate the code included in the received signal only after generating a code corresponding to the third time point 643 which is a future time point of the first time point 641 which is the reception time point. Accordingly, since there is a possibility that the clocks of the electronic device 101 and the vehicle 300 may not be synchronized, the electronic device 101 generates codes for not only past times of the signal reception time, but also the reception time and future times. You can also create

Meanwhile, referring to FIG. 6D , the electronic device 101 and the vehicle 300 may not be synchronized. For example, there may be a difference between the viewpoints of the electronic device 101 and the viewpoints of the vehicle 300 in two units. For example, a first viewpoint 631 managed by the vehicle 300 may correspond to a third viewpoint 643 managed by the electronic device 101 . In this case, the vehicle 300 may generate a code at the third time point 633 and transmit a signal including the code to the electronic device 101 . For example, it is assumed that two units of time are required for signal transmission and/or processing. The electronic device 101 may receive a signal at a seventh time point 647 . If the number of codes generated by the electronic device 101 is set to four irrespective of whether or not synchronization is performed, the electronic device 101 performs the seventh time point 647 , the sixth time point 646 , and the fifth time point ( 645 ) and a code corresponding to each of the fourth time points 644 may be generated. Accordingly, even when the distance between the electronic device 101 and the vehicle 300 is a distance corresponding to two viewpoints that are smaller than the four preset viewpoints, the electronic device 101 may determine the authentication failure. In various examples, the number of codes generated by the electronic device 101 may be set in consideration of not only a time corresponding to a distance that can guarantee authentication, but also a time difference in the case of not being synchronized.

According to various embodiments of the present disclosure, in operation 605 , the electronic device 101 may determine whether a code included in a signal exists among a plurality of comparison codes corresponding to a plurality of time points before and after a signal reception time. . When there is a code included in the signal among the plurality of comparison codes (605 - Yes), the electronic device 101 may determine that the signal is valid in operation 607 . If there is no code included in the signal among the plurality of comparison codes (605 - NO), the electronic device 101 may determine that the signal is invalid in operation 609 .

7 is a view for explaining a door lock system and an electronic device according to various embodiments.

According to various embodiments, the electronic device 101 may communicate with the door lock system 701 . The door lock system 701 may include, for example, at least some of the components 511 , 512 , and 513 of the vehicle 300 of FIG. 5 . The door lock system 701 may perform door opening based on a command within a predetermined distance D, but may be set to ignore a command outside the predetermined distance D.

For example, when the electronic device 101 enters within a predetermined distance D from the door lock system 701 , the electronic device 101 may transmit a signal 712 including the code 711 . As described above, in one example, the electronic device 101 transmits a signal based on the satisfaction of at least one event (eg, reception of a user input) unrelated to reception of a signal from the door lock system 701 . can In another example, the electronic device 101 may transmit a signal in response to receiving a signal from the door lock system 701 . In another example, the electronic device 101 may transmit a signal when authentication is successful based on a code included in the signal from the door lock system 701 . The door lock system 701 may generate a plurality of codes 720 respectively corresponding to a plurality of time points associated with the reception time of the signal 712 . The number of the plurality of codes 720 may be set, for example, based on the distance D, but there is no limitation. The door lock system 701 may perform door opening when the code 711 included in the signal 712 is present among the plurality of codes 720 . The door lock system 701 may prevent the door from being opened when there is a code 711 included in the signal 712 among the plurality of codes 720 . As described above, only when the electronic device 101 is located within a predetermined distance D from the door lock system 701 , the door lock system 701 may open the door. In addition, the door lock system 701 may be prevented from opening the door by the above-described RSA.

8 is a diagram for describing an election management system and an electronic device according to various embodiments of the present disclosure;

According to various embodiments, the electronic device 101 may communicate with the election management system 801 . The election management system 801 may include, for example, at least some of the components 511 , 512 , and 513 of the vehicle 300 of FIG. 5 . The election management system 801 may determine that the generated voting data within a certain distance (D) is valid, but may be set to ignore the generated voting data outside a certain distance (D).

For example, within a predetermined distance D from the election management system 801 , the electronic device 101 may transmit a signal 811 including a code 811a and voting data 811b. For example, the electronic device 101 may display a UI 810 for voting, and may generate voting data 811b based on a user input through the UI 810 . The election management system 801 may generate a plurality of codes 820 respectively corresponding to a plurality of time points associated with the reception time of the signal 811 . The number of the plurality of codes 820 may be set, for example, based on the distance D, but there is no limitation. The election management system 801 may determine that the voting data 811b is valid when there is a code 811a included in the signal 811 among the plurality of codes 820 . On the other hand, as will be described in more detail later, the electronic device 101 according to various embodiments may generate a code 811a with guaranteed randomness and guaranteed uniqueness at the same time. In this case, the election management system 801 not only determines whether the electronic device 101 generating the code 811a is located within a predetermined distance D, but also performs user authentication based on the code 811a. You may. For example, a seed value may be assigned to each individual voting group, and accordingly, the code 811a may be different for each individual voting group and may be used for voter authentication. On the other hand, to ensure secret voting, the election management system 801 may manage the code 811a and the data 811b separately after authentication is performed. As described above, manipulation of election results based on the RSA can be prevented.

9 is a view for explaining a payment device and an electronic device according to various embodiments of the present disclosure;

According to various embodiments, the electronic device 101 may communicate with the offline payment device 900 . The payment device 900 may include, for example, at least some of the components 511 , 512 , and 513 of the vehicle 300 of FIG. 5 . The payment device 900 may determine that the payment data generated within the predetermined distance D is valid, but may be set to ignore the payment data generated outside the predetermined distance D.

For example, the electronic device 101 may display a UI 910 for payment, and the UI 910 may include an approval button 911 and a rejection button 912 . If the approval button 911 is selected, the electronic device 101 may generate payment data 932b. The payment data 932b may include, for example, information related to a payment target and price information, but there is no limitation on the information included. The electronic device 101 may generate a code 932a. The electronic device 101 may transmit a signal 933 including a code 932a and payment data 932b. Based on the reception of the signal 933 , the payment device 900 may include a plurality of codes 931 corresponding to each of a plurality of times associated with the reception time of the signal 933 . If the electronic device 101 is separated from the payment device 900 by a certain distance D or more, the codes 931 may not include the code 932a generated by the electronic device 101 . In this case, the payment device 900 may be set not to process the payment data 932b.

Meanwhile, in a state where the electronic device 101 is located within a predetermined distance D from the payment device 900 , the electronic device 101 may generate a code 942a and payment data 942b . The electronic device 101 may transmit a signal 943 including a code 942a and payment data 942b. Based on the reception of the signal 943 , the payment device 900 may include a plurality of codes 941 corresponding to each of a plurality of times associated with the reception time of the signal 943 . The payment device 900 may confirm that a code 942a included in the signal 943 among the plurality of codes 941 exists. In this case, the payment device 900 may process the payment data 942b. For example, the payment device 900 may approve a payment corresponding to the payment data 942b or request payment approval from the central server. Accordingly, payment with security guaranteed in an offline environment may be performed. In particular, the disadvantage of operating only in an extremely short distance of the existing NFC payment can be compensated. In addition, the disadvantage that an additional coil is required to be disposed in the electronic device 101 for MST can be compensated. In addition, the operating method according to various embodiments is not limited to the communication method. Accordingly, the communication circuit already included in the electronic device 101 may be used.

10A is a diagram for describing communication between internal devices of an electronic device according to various embodiments of the present disclosure; The embodiment of FIG. 10A will be described with reference to FIG. 10B. 10B is a diagram for describing operations of a plurality of internal devices in one electronic device according to various embodiments of the present disclosure;

According to various embodiments, the electronic device 1000 may include a first internal device 1001 and a second internal device 1003 . The first internal device 1001 and the second internal device 1002 may transmit/receive data through various interfaces such as GPIO, MIPI, I2C, SPI, and UART. Data from the first internal device 1001 may be used by the second internal device 1002 . However, the external device 1010 may access the second internal device 1002 through the hacking 1002, modulating data from the first internal device 1001, or using a different value to the second internal device ( 1002) can also be entered. Referring to FIG. 10B , in operation 1021 , the first internal device 1001 may generate a code 1004a for verification, including data 1004b for transmission as well as a code 1004a for verification. A signal 1003 may be transmitted to the second internal device 1002 . In operation 1023 , the second internal device 1002 may receive the signal 1003 including the code 1004a. When receiving the signal 1003 , the second internal device 1002 may generate codes corresponding to each of a plurality of time points associated with the reception time of the signal 1003 in operation 1025 . For example, the number of codes to be generated may be set based on a physical distance between the first internal device 1001 and the second internal device 1002 . In operation 1027 , the second internal device 1002 may determine whether a code 1004 included in the signal 1003 exists among a plurality of codes. If, among the plurality of codes, the code 1004a included in the signal 1003 exists (1027-Yes), in operation 1029, the second internal device 1002 determines that the signal 1003 is valid. can The second internal device 1002 may process the data 1004b. If, among the plurality of codes, the code 1004a included in the signal 1003 does not exist (1027 - NO), in operation 1031 , the second internal device 1002 determines that the signal 1003 is invalid. can be judged as The second internal device 1002 may not process the data 1004b. Meanwhile, when generating and/or comparing codes for verification is performed on all data, the amount of computation may increase, so that the electronic device 1000 operates the method described with reference to FIGS. 10A and 10B for data requiring security. may be performed, but this is exemplary and the operation method may be performed on all data.

11 is a diagram for describing communication between a central server and electronic devices according to various embodiments of the present disclosure; The embodiment of FIG. 11 will be described with reference to FIG. 12 . 12 is a flowchart illustrating an operation of a central server according to various embodiments of the present disclosure;

According to various embodiments, the central server 1140 may transmit/receive data to/from the plurality of electronic devices 1111 , 1121 , and 1131 . For example, the first electronic device 1111 may perform wireless communication through the base station 1112 . The base station 1112 may communicate with the central server 1140 through, for example, the first proxy 1114 and the second proxy 1113 . For example, the second electronic device 1121 may communicate with the central server 1140 through the third proxy 1122 . Similarly, a plurality of relay devices may be disposed between the third electronic device 1131 and the central server 1140 . Accordingly, even if the first electronic device 1111 , the second electronic device 1121 , and the third electronic device 1131 transmit data at the same time, the time point at which the central server 1140 is reached is different depending on the communication environment. can do. For example, when the central server 1140 provides a service such as a concert reservation, even if the user of the first electronic device 1111 transmits data first, the central server 1140 may arrive later according to the arrival time. is likely to arrive at For example, although the time t1 at which the first electronic device 1111 transmits the data 1101 is earlier than the other time points t2 and t3, the time at which the first electronic device 1111 reaches the central server 1140 is the most It may be late.

Meanwhile, the electronic devices 1111 , 1121 , and 1131 may generate the codes 1101a , 1123a , and 1132a using the generation time of the data 1101b , 1123b , and 1132b . The electronic devices 1111 , 1121 , and 1131 transmit signals 1101 , 1123 , 1132 including data 1101b , 1123b and 1132b and codes 1101a , 1123a and 1132a to the central server 1140 . can do.

According to various embodiments, as shown in FIG. 12 , the central server 1140 may receive a plurality of signals each including a code in operation 1201 . In operation 1203 , the central server 1140 may check the execution time (or generation time) of each of the plurality of signals based on the code. For example, the central server 1140 may generate signals corresponding to a plurality of time points associated with a signal reception time, and may identify a time point corresponding to the corresponding code among the generated codes. The central server 1140 may perform an operation corresponding to the execution time in operation 1205 . The central server 1140 may determine the priority among the electronic devices 1111 , 1121 , and 1131 based on an execution time (or a signal generation time) rather than a reception time of the signals. For example, the central server 1140 may give a high priority to the electronic device 1111 based on the execution time of a specific operation (eg, the data transmission time), not the data reception time. .

13 is a flowchart illustrating a method of generating a unique code according to various embodiments of the present invention.

In the embodiment of FIG. 13 , the electronic device 101 may be an electronic device that generates a unique code, and the external device 200 may be an electronic device that generates a unique code and verifies the verification-requested unique code. The external device 200 may be an electronic device that manages a service using a unique code. For example, the external device 200 may be, for example, the above-described vehicle, a door lock system, an election management system, a payment device, or a central server, but is not limited thereto. In addition, although it is illustrated in FIG. 13 that the external device 200 receives the code check request, as described above, the electronic device 101 may also receive the code check request.

In operation 1310 , the electronic device 101 may share the first unique code and the first seed with the external device 200 . In one embodiment, the external device 200 sends the first unique code to the electronic device 101 when a first user who uses the electronic device 101 joins the system (or downloads an application). and the first seed. Alternatively, the external device 200 may transmit the first unique code and information for displaying the first seed to another electronic device. For example, the first user may request a subscription to the external device 200 through the electronic device 101 or another electronic device. The external device 200 may provide a first unique code and a first seed to the first user (or application) in response to a subscription request. The external device 200 may transmit the first unique code to the electronic device 101 or another electronic device. The external device 200 may also grant the first seed to the first user. The first seed may be given to the first user for time-based one-time password generation. The external device 200 may transmit the first seed to the electronic device 101 or another electronic device. In one embodiment, the external device 200 may transmit a QR code image including the first unique code and the first seed to the electronic device 101 or another electronic device. The first user may photograph a QR code displayed on another electronic device with the electronic device 101 , and accordingly, the electronic device 101 may obtain a first unique code and a first seed.

In operation 1320 , the electronic device 101 may generate a first one time password (OTP) using the first seed and the first time information. That is, at a first time point, the electronic device 101 may generate a first OTP using the first time information and the first seed corresponding to the first time point. In addition, at the second time point, the electronic device 101 may generate the second OTP using the second time information corresponding to the second time point and the first seed. The electronic device 101 may dynamically change and generate the OTP according to the passage of time.

In operation 1330, the electronic device 101 may generate a first code using the first OTP and the first unique code. A process in which the electronic device 101 generates a random and unique first code using the first OTP and the first unique code will be described later in more detail. Since the first code is generated using both the first OTP and the first unique code, the randomness and dynamic changeability of the first OTP and the uniqueness of the first unique code can be guaranteed, so it can be both random and unique . The randomness and uniqueness of the first code will also be described later in more detail.

In operation 1340 , the external device 200 may generate a first OTP using the first seed and first time information. The external device 200 may generate the same first OTP as that generated by the electronic device 101 using the first time information and the first seed corresponding to the first time at the first time point. The external device 200 may also generate the same second OTP that the electronic device 101 generated at the second time point by using the first seed and second time information corresponding to the second time point at the second time point. That is, the external device 200 may also generate the OTP while dynamically changing it. Meanwhile, as described above, the external device 200 may generate a plurality of codes.

In operation 1350 , the external device 200 may generate a first code using the first OTP and the first unique code. The method in which the external device 200 generates the first code using the first OTP and the first unique code is different from the method in which the electronic device 101 generates the first code using the first OTP and the first unique code. may be the same. Accordingly, the first code generated by the external device 200 and the first code generated by the electronic device 101 may be the same.

In operation 1360 , the external device 200 may receive a code check request. The external device 200 may receive a code check request from the electronic device 101 .

In operation 1370 , the external device 200 may determine whether the code in the code check request is the same as the first code generated by the external device 200 . As described above, the external device 200 may generate a plurality of codes and determine whether there is a code identical to the first code. If the code in the code check request is the same as the first code generated by the external device 200 , in operation 1080 , the external device 200 may determine that the code is appropriate. If the code in the code check request is different from the first code generated by the external device 200 , in operation 1390 , the external device 200 may determine that the code is inappropriate. The external device 200 may or may not perform additional services, such as user login or e-commerce payment, depending on whether the code is suitable or not.

14 is a flowchart illustrating a code generation method according to various embodiments of the present invention.

In operation 1410 , the electronic device 101 may obtain a first unique code and a different first seed for each user. The first seed may be provided to the first user by the external device 200 . Meanwhile, the first unique code is a character string based on an ASCII code, and may be a combination of an alphabet, a number, and a special character. The first unique code may be a code selected from elements of a preset character set. For example, the external device 200 may generate a first unique code for the first user using an algorithm for generating a unique code from a character set, and transmit it to the electronic device 101 . The external device 200 may generate a unique code for another user, and the unique code assigned to each user may be different.

In operation 1420 , the electronic device 101 may generate the first OTP using the first seed and the first time information. The first OTP may be composed of, for example, a number.

In operation 1430 , the electronic device 101 may generate a numeric code corresponding to the first unique code by mapping the first unique code to a preset character set.

For example, the electronic device 101 may set { '0', '1', '2', ... , '9', ,'A', 'B', … , 'Z' } is assumed. In addition, it is assumed that the electronic device 101 obtains “AX83Z0” as the first unique code. In an embodiment, the electronic device 101 may convert each digit of the first unique code into a numeric code by checking an index of each digit of the first unique code in the character set. For example, the electronic device 101 may convert the unique code of “A” into a numeric code of “10” by confirming that “A”, which is the first digit of the first code, is the 11th index in the character set. . This may result from the starting point of the numeric code being zero. In the same manner, the electronic device 101 may convert the unique code of “X” to “33” by confirming that “X” is the 34th index in the character set. The electronic device 101 may convert the first unique code “AX83Z0” into a numeric code of {10,33,8,3,35,0}.

In operation 1440, the electronic device 101 may sum the first OTP and the numeric code. For example, when the first OTP is “382901”, each digit of the first OTP may be summed with each digit of the converted numeric code. That is, the electronic device 100 may sum the numeric code of {10,33,8,3,35,0} with the first OTP of {3,8,2,9,0,1}, {13 ,41,10,12,35,1} can be obtained. On the other hand, when the total number of elements of the character set, for example, exceeds 36 among the summation results, the electronic device 101 performs a mod operation on the total number of elements in the character set for the result of the summation. can be replaced with In this case, the electronic device 101 may replace "41" with "5", which is a result of performing the mode operation of 36 on "41". Accordingly, the electronic device 101 will be described later. The sum of {13,5,10,12,35,1} can be obtained. In another embodiment of the present invention, an offset may be applied when generating the summation result.

In operation 1450 , the electronic device 101 may generate a first sub-code by mapping the summation result to a character set. For example, the electronic device 101 may interpret each number of {13,5,10,12,35,1} as an index and obtain a corresponding character from the character set. That is, the electronic device 101 may obtain "D" corresponding to the index of '13' as the first character of the first subcode. The electronic device 100 may obtain "5" corresponding to the index of '5' as the second character of the first subcode. According to the above-described method, the electronic device 101 may obtain the first sub-code of “D5ACY1”.

In operation 1460, the electronic device 101 may generate a second sub-code by mapping the first OTP to a character set. For example, the electronic device 101 interprets each digit of the first OTP of {3,8,2,9,0,1} as an index, and the character of the second subcode corresponding to each digit Each digit of can be created. For example, the electronic device 101 may obtain the character of '3' corresponding to the number of '3' and may obtain the character of '8' corresponding to the number of '8'. Accordingly, the electronic device 101 may acquire the second sub-code of “382901”. In another embodiment of the present invention, the result of applying an offset to each digit of a number may be mapped to a character set to obtain the second sub-code, which will be described in more detail later.

In operation 1470, the electronic device 101 may generate a first code including the first sub-code and the second sub-code. The electronic device 101 may generate a first code of, for example, “D5ACY1382901” by concatenating the first sub-code and the second sub-code. As described above, "D5ACY1", which is the first sub-code of the first code, is set by the summation of dynamically and randomly generated OTPs and unique codes. Dynamic and randomness is guaranteed while uniqueness is guaranteed by the unique code. can be However, since codes having the same summing result may be generated with a low probability, the electronic device 101 according to various embodiments of the present invention may generate the first code, which is a unique code, by concatenating the second sub-code.

15 is a flowchart illustrating a code generation method according to various embodiments of the present invention.

In operation 1510 , the electronic device 101 may obtain a first unique code and a different first seed for each user. As described above, the electronic device 101 receives the first unique code and the first seed from the external device 200 or receives the first unique code and the first seed by photographing a QR code displayed on another electronic device. can do. The first seed may be a seed for OTP generation granted by the server to the first user.

In operation 1520 , the electronic device 101 may generate the first OTP by using the first seed and the first time information. In operation 1530 , the electronic device 101 may generate a numeric code corresponding to the first unique code by mapping the first unique code to a character set. For example, similar to the embodiment of FIG. 3 , the electronic device 101 may obtain a first unique code of “AX83Z0”, and at a first time point, first time information corresponding to the first time point and the first time information A first OTP of “382901” may be generated using one seed. The electronic device 101 has preset { '0', '1', '2', ... , '9', ,'A', 'B', … , 'Z' } may be mapped to the first unique code to convert the first unique code "AX83Z0" into a numeric code of {10,33,8,3,35,0}.

In operation 1540 , the electronic device 101 may sum the first OTP and the numeric code. For example, when the first OTP is “382901”, each digit of the first OTP may be summed with each digit of the converted numeric code. That is, the electronic device 100 may sum the numeric code of {10,33,8,3,35,0} with the first OTP of {3,8,2,9,0,1}, {13 ,41,10,12,35,1} can be obtained. In operation 1550 , the electronic device 101 may apply an offset to the summing result. The electronic device 101 may set the offset to, for example, 18. The electronic device 101 may add an offset of 18 to every digit of the summation result. In addition, similarly to FIG. 3 , the first electronic device may obtain a result of calculating the size of the character set on the summation result to which the offset is applied. Accordingly, the electronic device 101 may obtain {31,23,28,30,17,19}, which is the summing result to which the offset is applied.

In operation 1560, the electronic device 101 may generate the first sub-code by mapping the offset-applied summing result to the character set. The electronic device 101 may interpret '31', which is the offset applied summing result, as an index in the character set, and obtain 'V', which is the 31st character. The electronic device 101 may sequentially convert '23', '28', '30', '17', and '19' into characters, thereby generating the first sub-code of "VNSUHJ". have.

In operation 1570 , the electronic device 101 may apply an offset to the first OTP. Accordingly, by adding the offset 18 to each number of the first OTP of {3,8,2,9,0,1}, the first OTP to which the offset of {21,26,20,27,18} is applied is generated. can

In operation 1580 , the electronic device 101 may generate a second sub-code by mapping the offset-applied first OTP to a character set. That is, the electronic device 101 may interpret each number of {21,26,20,27,18} of the first OTP to which the offset is applied as an index in the character set to generate the second subcode. For example, the electronic device 101 may obtain 'L', which is the 21st character in the character set, based on '21', which is the first number of the first OTP to which the offset is applied. In the above-described manner, the electronic device 101 may generate the second sub-code of “LQKRIJ” from {21,26,20,27,18} of the first OTP to which the offset is applied.

In operation 1590, the electronic device 101 may generate a first code including the first sub-code and the second sub-code. The electronic device 101 may generate a first code of, for example, “D5ACY1LQKRIJ” by concatenating the first sub-code and the second sub-code. As described above, "D5ACY1", which is the first sub-code of the first code, is set by the summation of dynamically and randomly generated OTPs and unique codes. Dynamic and randomness is guaranteed while uniqueness is guaranteed by the unique code. can be However, since codes having the same summing result may be generated with a low probability, the electronic device 101 according to various embodiments of the present invention may generate the first code, which is a unique code, by concatenating the second sub-code.

Hereinafter, the above-described code generation process will be described through an algorithm.

- Justice

-C : A character set whose elements are different characters expressed in ASCII codes.

The given character set is called C, and C is composed of different characters (uppercase and lowercase letters, special characters, and numbers) expressed in ASCII codes. For example, if C consists of only numbers, then C = { '0', '1', '2', '3', '4', '5', '6', '7', '8', ' 9' }, and the same number is not duplicated. Also, if it consists of numbers and uppercase letters, C = { ‘0’, … ,’9’, ‘A’, … 'Z' }. A character set C given in the same way can be composed of various forms. Also, elements of C may be shuffled within the same set. For example, a character set consisting of only numbers C = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9 If ' } is shuffled then C = { '8', '0', '7', '3', '1', '9', '6', '2', '4', '5' } can be together

-S : the number of elements in the given character set C

-C(n) : nth element of C (0 <= n < number of C characters)

Define the nth element of C as C(n), where n is an integer such that 0 <= n < S. That is, n means an index of an element included in C. If we have a digit-only character set C = { '8', '0', '7', '3', '1', '9', '6', '2', '4', '5' } , 0 <= n < 10, C(0) = '8', C(9) = '5'.

-IndexOf(c) : the index in C of the given character c

Given character set C = { '8', '0', '7', '3', '1', '9', '6', '2', '4', '5' }, IndexOf( '8') = 0, IndexOf('5') = 9.

-U : A string representing a randomly generated unique user ID composed of the characters contained in C

Given a character set C = { '8', '0', '7', '3', '1', '9', '6', '2', '4', '5' } then U is It is expressed as '0382', '7192'.

-U(n) : nth character of U (0 <= n < number of characters in U)

Given U = ‘0382’, n is an integer such that 0 <= n < 4, U(2) = ‘8’, U(3) = ‘2’.

-T : TOTP code

For example, the random 6-digit TOTP code becomes '839023' and '659921'.

-T(n) : nth position number in TOTP code (0 <= n < TOTP digit)

For example, when the generated TOTP code is ‘839023’, T(0) = 8, T(5) = 3.

-N : length of random code ( N >= 1 )

-R : random code

-algorithm

It is described in a form similar to that of the programming language C++.

String generate_random_id ( C, U, N, T )

{

string preId;

string postId;

int offset = 18; // arbitrarily

for (n = 0; n < N; n++)

{

int d = numOf(T(n)); // Convert T(n) ASCII code to number, ‘3’ -> 3, ‘9’ -> 9

int x = IndexOf(U(n));

preId += C ( (d + x + offset) % S ); // Append to the character created in the previous step.

postId += C ( T(n) + offset);

}

return (preId + postId); // Append the created two characters to make the final R.

}

-simulation

if,

N = 6,

C = { ‘0’, … , ‘9’, ‘A’, … , ‘Z’} ,

S = 10 + 26 = 36

U = ‘AX83Z0’ and

If T = ‘382901’,

0 <= n < 36, (0 ... 35)

IndexOf(U) = { 10, 33, 8, 3, 35, 0 } becomes,

numOf(T) = { 3, 8, 2, 9, 0, 1 } becomes,

If you perform an operation on each digit,

preId[0] = C ( ( 3 + 10 + 18 ) % 36 ) = C ( 31 % 36 ) = C ( 31 ) = 'V'

110preId[1] = C ( ( 8 + 33 + 18 ) % 36 ) = C ( 59 % 36 ) = C ( 23 ) = 'N'

preId[2] = C ( ( 2 + 8 + 18 ) % 36 ) = C ( 28 % 36 ) = C ( 28 ) = 'S'

preId[3] = C ( ( 9 + 3 + 18 ) % 36 ) = C ( 30 % 36 ) = C ( 30 ) = 'U'

preId[4] = C ( ( 0 + 35 + 18 ) % 36 ) = C ( 53 % 36 ) = C ( 17 ) = 'H'

preId[5] = C ( 1 + 0 + 18 ) % 36 ) = C ( 19 % 36 ) = C ( 19 ) = 'J'

ego,

postId[0] = C ( ( 3 + 18 ) % 36 ) = C ( 21 ) = 'L'

postId[1] = C ( ( 8 + 18 ) % 36 ) = C ( 26 ) = 'Q'

postId[2] = C ( ( 2 + 18 ) % 36 ) = C ( 20 ) = 'K'

postId[3] = C ( ( 9 + 18 ) % 36 ) = C ( 27 ) = 'R'

postId[4] = C ( ( 0 + 18 ) % 36 ) = C ( 18 ) = 'I'

postId[5] = C ( ( 1 + 18 ) % 36 ) = C ( 19 ) = 'J'

become this,

R = generate_random_id(C, U, N, T) and R = ‘VNSUHJ LQKRIJ’.

-Simulation 2 - In case of different IDs at the same time

Same as above, N = 6, C = { ‘0’, … , ‘9’, ‘A’, … , ‘Z’}, set S = 10 + 26 = 36 .

Instead, U = ‘B05EFA’,

If T = ‘382901’ as above,

0 <= n < 36, (0 ... 35)

IndexOf(U) = { 11, 0, 6, 14, 15, 10 } becomes,

numOf(T) = { 3, 8, 2, 9, 0, 1 } becomes,

If you perform an operation on each digit,

preId[0] = C ( ( 3 + 11 + 18 ) % 36 ) = C ( 32 % 36 ) = C ( 31 ) = 'W'

133preId[1] = C ( ( 8 + 0 + 18 ) % 36 ) = C ( 26 % 36 ) = C ( 26 ) = 'Q'

preId[2] = C ( ( 2 + 6 + 18 ) % 36 ) = C ( 26 % 36 ) = C ( 26 ) = 'Q'

preId[3] = C ( ( 9 + 14 + 18 ) % 36 ) = C ( 41 % 36 ) = C ( 5 ) = '5'

preId[4] = C ( ( 0 + 15 + 18 ) % 36 ) = C ( 33 % 36 ) = C ( 33 ) = 'X'

preId[5] = C ( 1 + 10 + 18 ) % 36 ) = C ( 29 % 36 ) = C ( 29 ) = 'T'

ego,

postId[0] = C ( ( 3 + 18 ) % 36 ) = C ( 21 ) = 'L'

postId[1] = C ( ( 8 + 18 ) % 36 ) = C ( 26 ) = 'Q'

postId[2] = C ( ( 2 + 18 ) % 36 ) = C ( 20 ) = 'K'

postId[3] = C ( ( 9 + 18 ) % 36 ) = C ( 27 ) = 'R'

postId[4] = C ( ( 0 + 18 ) % 36 ) = C ( 18 ) = 'I'

postId[5] = C ( ( 1 + 18 ) % 36 ) = C ( 19 ) = 'J'

become this,

R = generate_random_id(C, U, N, T) and R = ‘WQQ5XT LQKRIJ’.

Therefore, even if the same OTP occurs at the same time, different random codes have different results.

16 is a flowchart illustrating an offset determination process according to various embodiments of the present invention.

In operation 1610 , the electronic device 101 may obtain the same second seed for all users. Here, the second seed may be, for example, a seed value for generating a time-based one-time password, and may be different from the first seed. In operation 1620, the electronic device 101 may generate a second OTP based on the second seed and the first time information, and in operation 1630 may determine an offset to be used in FIG. 4 using the second OTP. For example, the electronic device 101 may set the offset as a result value of a mode operation on the number of elements in the character set to the offset generated using the second seed. The second seed may be the same not only for the first user but also for all users subscribed to the system, and accordingly, the offset generated at the first time point may be the same for all users, so that the uniqueness of the generated code can be continuously guaranteed. have.

17 is a flowchart of a method for determining a character set according to various embodiments of the present disclosure;

In operation 1710, the electronic device 101 may obtain the same second seed for all users. Here, the second seed may be, for example, a seed value for generating a time-based one-time password, and may be different from the first seed.

In operation 1720, the electronic device 101 may generate a second OTP using the second seed and the first time information. In operation 1730, the electronic device 101 may determine a character set using the second OTP. For example, the electronic device 101 may initially acquire a basic character set, and may determine a character set to be used for code generation by transforming the basic character set based on the second OTP.

18 is a flowchart of a method for determining a character set according to various embodiments of the present disclosure;

In operation 1810 , the electronic device 101 may acquire a basic character set. For example, the electronic device 101 is { '0', '1', '2', ... , you can get the default character set of '9' }. The number of elements in the basic character set may be 10.

In operation 1820, the electronic device 101 may generate a second OTP using the second seed and the first time information. In various embodiments of the present disclosure, the electronic device 101 may generate the second OTP using the hOTP algorithm. For example, it is assumed that the electronic device 101 generates the second OTP of 123456.

In operation 1830 , the electronic device 101 may perform a mod operation on the size of the second OTP and the character set to obtain an operation result value. In operation 1840 , the electronic device 101 may swap positions of two characters of the basic character set using the operation result value. For example, the electronic device 101 may obtain 6, which is a mode operation result for 123456. The electronic device 101 may interpret the operation result of 6 as an index of the character set, and may swap the 6th character of the character set with the 0th character.

In operation 1850, the electronic device 101 sequentially performs swapping on all characters to obtain a character set obtained by shuffling a basic character set. For example, the electronic device 101 interprets the OPT generation, mode operation, and operation result value as an index with respect to the first character of the character set, and performs swapping with the first character and the character corresponding to the index, as described above. The process may be performed for all of the second to ninth characters.

In operation 1860, the electronic device 101 may generate the first code using the shuffled character set.

As described above, the character set can be dynamically changed, and if only the seed is shared, the same character set can be generated for all users, so that the uniqueness of the generated code can be continuously guaranteed as described above.

Hereinafter, the algorithm of the above-described character set shuffling method will be described.

1. Let the basic character set C = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9'} .

2. Set the Global Key and use it as the seed of OTP.

3. Repeat the following as much as the size of the character set S to make a random character set.

1) To change the position of C(n), create one HOTP and calculate Mod with the set size.

2) If HOTP is 123456, 6 is obtained by calculating Mod with the character set size of 10.

3) The obtained 6 means the index of C, and the number corresponding to C[6] is replaced with the C[0]th character that is currently being replaced. That is, swapping.

4) Repeat steps 1, 2, 3 9 more times until C[9].

5) When the above calculation is completed, a shuffled character set is displayed, and a random ID can be generated using this set.

Simulation - Shuffling Character Sets

The character set C = {0, 1, 2, 3, 4, 5, 6, 7, 8, 9}, the size of C is S = 10, 0 <= n < 10.

Let O be the modular value of the HOTP generated in each step by S, and

O(0) = 1111 2222 % 10,

O(1) = 3333 4444 % 10,

O(2) = 5555 6666 % 10,

O(3) = 7777 8888 % 10,

O(4) = 9999 0000 % 10,

O(5) = 1111 2222 % 10,

O(6) = 3333 4444 % 10,

O(7) = 5555 6666 % 10,

O(8) = 7777 8888 % 10,

Assume that O(9) = 9999 0000 % 10.

1) C[0] = 0 shuffle

Since O[0] = 11112222 % 10 = 2, we swap by sending C[2] to C[0] and C[0] to C[2]. So the character set is C = {2, 1, 0, 3, 4, 5, 6, 7, 8, 9}.

2) C[1] = 1 shuffle

Since O[1] = 33334444 % 10 = 4, we swap by sending C[4] to C[1] and C[1] to C[4]. So the character set is C = {2, 4, 0, 3, 1, 5, 6, 7, 8, 9}.

3) C[2] = 0 shuffle

Since O[2] = 55556666 % 10 = 6, we swap by sending C[6] to C[2] and C[2] to C[6]. So the character set is C = {2, 4, 6, 3, 1, 5, 0, 7, 8, 9}.

4) C[3] = 1 shuffle

Since O[3] = 77778888 % 10 = 8, we swap by sending C[8] to C[3] and C[3] to C[8]. So the character set is C = {2, 4, 6, 8, 1, 5, 0, 7, 3, 9}.

5) C[4] = 4 shuffle

Since O[4] = 99990000 % 10 = 0, we swap by sending C[0] to C[4] and C[4] to C[0]. So the character set is C = {1, 4, 6, 8, 2, 5, 0, 7, 3, 9}.

6) C[5] = 5 shuffle

Since O[5] = 1111 2222 % 10 = 2, we swap by sending C[2] to C[5] and C[5] to C[2]. So the character set is C = {1, 4, 5, 8, 2, 6, 0, 7, 3, 9}.

7) C[6] = 0 shuffle

Since O[6] = 3333 4444 % 10 = 4, we swap by sending C[4] to C[6] and C[6] to C[4]. So the character set is C = {1, 4, 5, 8, 0, 6, 2, 7, 3, 9}.

8) C[7] = 7 shuffle

O[7] = 5555 6666% 10 = 6, so we swap by sending C[6] to C[7] and sending C[7] to C[6]. So the character set is C = {1, 4, 5, 8, 0, 6, 7, 2, 3, 9}.

9) C[8] = 3 shuffle

O[8] = 7777 8888% 10 = 8, so we swap by sending C[8] to C[8] and C[8] to C[8]. So the character set is C = {1, 4, 5, 8, 0, 6, 7, 2, 3, 9}.

10) C[9] = 9 shuffle

Since O[9] = 9999 0000 % 10 = 0, we swap by sending C[0] to C[9] and C[9] to C[0]. So the character set is C = {9, 4, 5, 8, 0, 6, 7, 2, 3, 1}.

So the shuffled character set is C = {'9', '4', '5', '8', '0', '6', '7', '2', '3', '1'} , and a random code is generated once using this shuffling character set.

It will be appreciated that the embodiments of the present invention can be realized in the form of hardware, software, or a combination of hardware and software. Any such software, for example, whether erasable or rewritable, may contain a volatile or non-volatile storage device such as a ROM, or a memory such as, for example, RAM, a memory chip, device or integrated circuit. , or, for example, an optically or magnetically recordable storage medium such as a CD, DVD, magnetic disk or magnetic tape, and at the same time may be stored in a machine (eg, computer) readable storage medium. The graphic screen updating method of the present invention may be implemented by a computer or a mobile terminal including a control unit and a memory, wherein the memory is a machine suitable for storing a program or programs including instructions for implementing embodiments of the present invention. It will be appreciated that this is an example of a readable storage medium. Accordingly, the present invention includes a program including code for implementing an apparatus or method described in any claim of the present specification, and a machine (computer, etc.) readable storage medium storing such a program. Further, such a program may be transmitted electronically over any medium, such as a communication signal transmitted over a wired or wireless connection, and the present invention suitably includes the equivalent thereof.

Also, the device may receive and store the program from a program providing device connected by wire or wirelessly. The program providing device includes a program including instructions for the graphic processing device to perform a preset content protection method, a memory for storing information necessary for the content protection method, and wired or wireless communication with the graphic processing device. It may include a communication unit for performing the execution, and a control unit for automatically transmitting a corresponding program to the transceiver at a request of the graphic processing device or automatically.

Claims (18)

In an electronic device,
communication circuitry, and
A processor, comprising:
receiving a first signal including one first code from an external device through the communication circuit;
Based on the reception of the first signal, generating a plurality of comparison codes corresponding to each of a plurality of time points associated with a first time point, which is a reception time point of the first signal,
If the first code included in the first signal among the plurality of comparison codes exists, it is determined that the first signal is valid,
If the first code included in the first signal among the plurality of comparison codes does not exist, it is set to determine that the first signal is invalid,
The electronic device further includes a memory for storing a seed value and a code generation algorithm for generating a code using information associated with the seed value and time,
the processor is configured to generate each of the plurality of codes based on applying the seed value and each of the plurality of time points to the code generation algorithm as at least part of the operation of generating the plurality of codes for comparison, ,
When it is determined that the first signal is valid, the processor generates a second code based on applying the seed value and the second time point to the code generation algorithm, and transmits the second code through the communication circuit. An electronic device further configured to transmit a second signal including a second signal to the external device. delete delete The method of claim 1,
The external device is
Based on the reception of the second signal, generating a plurality of other comparison codes corresponding to each of a plurality of other times associated with the reception time of the second signal,
If the second code included in the second signal is present among the plurality of other comparison codes, it is determined that the second signal is valid,
an electronic device configured to determine that the second signal is invalid when the second code included in the second signal does not exist among the plurality of other comparison codes. The method of claim 1,
the memory stores the seed value for generating a one-time password, a first unique code given to a user, and a character set;
The processor, as at least part of the operation of generating the plurality of comparison codes,
generating a plurality of first OTPs using the seed value and each of the plurality of time points;
mapping each of the plurality of first OTPs and an operation result of the first unique code to the character set to generate a plurality of first sub codes,
generating a plurality of second sub codes by mapping the plurality of first OTPs to the character set;
An electronic device configured to generate each of the plurality of codes by using each of the plurality of first sub-codes and each of the plurality of second sub-codes. delete delete The method of claim 1,
The plurality of time points are
The electronic device including at least a part of the first time point or at least one past time point before the reception time of the first signal. The method of claim 1,
The plurality of time points are
The electronic device including at least a part of the first time point, at least one past time point before the reception time of the first signal, or at least one future time point after the reception time of the first signal. A method of operating an electronic device, comprising:
receiving, from an external device, a first signal including one first code;
generating, based on the reception of the first signal, a plurality of comparison codes corresponding to each of a plurality of time points associated with a first time point, which is a reception time point of the first signal;
determining that the first signal is valid when the first code included in the first signal among the plurality of comparison codes exists; and
Determining that the first signal is invalid when the first code included in the first signal among the plurality of comparison codes does not exist
including,
The operation of generating the plurality of comparison codes includes:
generating each of the plurality of codes based on applying the seed value stored in the electronic device and each of the plurality of time points to a code generation algorithm for generating a code using information associated with the seed value and the time point;
The method of operating the electronic device comprises:
generating a second code based on applying the seed value and the second time point to the code generation algorithm when it is determined that the first signal is valid; and
Transmitting a second signal including the second code to the external device
The method of operating an electronic device further comprising a. delete delete 11. The method of claim 10,
The external device is
Based on the reception of the second signal, generating a plurality of other comparison codes corresponding to each of a plurality of other times associated with the reception time of the second signal,
If the second code included in the second signal is present among the plurality of other comparison codes, it is determined that the second signal is valid,
When the second code included in the second signal does not exist among the plurality of other comparison codes, the method of operating an electronic device is configured to determine that the second signal is invalid. 11. The method of claim 10,
The operation of generating the plurality of comparison codes includes:
generating a plurality of first OTPs using the seed value and each of the plurality of time points;
generating a plurality of first sub-codes by mapping each of the plurality of first OTPs and an operation result of the first unique code to a character set stored in the electronic device;
mapping the plurality of first OTPs to the character set to generate a plurality of second sub codes; and
generating each of the plurality of codes by using each of the plurality of first sub-codes and each of the plurality of second sub-codes;
A method of operating an electronic device comprising a. delete delete 11. The method of claim 10,
The plurality of time points are
The method of operating an electronic device including at least a portion of the first time point or at least one past time point before the reception time of the first signal. 11. The method of claim 10,
The plurality of time points are
The method of operating an electronic device including at least a part of the first time point, at least one past time point before the reception time of the first signal, or at least one future time point after the reception time of the first signal.

Images