TW201007494A - Dynamic password system using a dynamic virtual keyboard and method thereof - Google Patents

Dynamic password system using a dynamic virtual keyboard and method thereof Download PDF

Info

Publication number
TW201007494A
TW201007494A TW97130914A TW97130914A TW201007494A TW 201007494 A TW201007494 A TW 201007494A TW 97130914 A TW97130914 A TW 97130914A TW 97130914 A TW97130914 A TW 97130914A TW 201007494 A TW201007494 A TW 201007494A
Authority
TW
Taiwan
Prior art keywords
virtual keyboard
dynamic
password
dynamic virtual
coordinate
Prior art date
Application number
TW97130914A
Other languages
Chinese (zh)
Other versions
TWI361363B (en
Inventor
ben-yi Zhang
ke-hua Xu
bao-zhong Zhang
geng-hao Zhang
Guang-Yao Zhang
Original Assignee
Chunghwa Telecom Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chunghwa Telecom Co Ltd filed Critical Chunghwa Telecom Co Ltd
Priority to TW97130914A priority Critical patent/TW201007494A/en
Publication of TW201007494A publication Critical patent/TW201007494A/en
Application granted granted Critical
Publication of TWI361363B publication Critical patent/TWI361363B/zh

Links

Landscapes

  • User Interface Of Digital Computer (AREA)
  • Input From Keyboards Or The Like (AREA)

Abstract

Disclosed is a dynamic password system using a dynamic virtual keyboard and method thereof, including a dynamic virtual keyboard table generating module, a password and coordinate conversion module, a coordinate concordance module, a random number seed generating module and an input and output interface of the dynamic virtual keyboard. When an IC card is implemented by a user to decrypt or authenticate, the random number seed generating module in the IC card would generate a random number seed and transmits it to the dynamic virtual keyboard table generating module and a user computer. The dynamic virtual keyboard table generating module in the user compute randomly generates a virtual keyboard table and forwards it to the input and output interface of the dynamic virtual keyboard to be displayed on a user screen. By adopting the above method, this invention can completely resist password relay attacks, where the registering password is different each time by memorizing the input coordinate of the password and the dynamic virtual keyboard. As such, even if the password is intercepted by a malicious user, he/she cannot possibly use the same password to pass the authentication in the subsequent registration process.

Description

201007494 九、發明說明: 【發明所屬之技術領域】 本發明係關於一種使用動態虛擬鍵盤之動態密碼系統及 其方法’特別為一種利用動態虛擬鍵盤的密碼輸入方法與ic 卡認證的整合應用》 【先前技術】 現有的1C卡在使用的時候需要先插入讀卡機,之後再輸 入PIN碼,並與1C卡内部所存放的PIN碼做比對。但是這 樣做會有一個安全性問題存在,若是密碼在傳送過程中被竊 聽,安全問題就會產生疑慮,恐導致身分被冒用、胡亂簽章, 甚至是錢財都有被盜領的可能。 由此可見,上述執行身分認證所需鍵入的PIN碼為唯一 的缺點,而巫待加以改良。 本案發明人鑑於上述習用方式所衍生的各項缺點,乃亟 思加以改良創新’並經過多年苦心研究後,终於研發完成本 件動態虛擬鍵盤之動態密碼設計架構,可以讓使用者使用幾 乎跟以前一樣的方式進行認證動作,在保留便利性的前提下 達到安全性目標。 【發明内容】 本發明之目的即在於提供一種可藉由軟體搭配動態密碼 系統,將可提高使用者使用IC卡時的安全性,且由於本發 明的系統使得PIN碼有一:欠性密竭(〇ne Time Passw〇rd)的特 5 201007494 -性,所以就算鍵人PIN碼時被竊聽,也不用害怕被惡意使用 者冒用身分。 可達成上述發明目的之使用冑態虛擬鍵盤之動態密瑪系 統及其方法係利用虛擬鍵盤打亂的技術將鍵盤上的字母、符 號位置做重新排列,當IC卡使用者要鍵入piN碼時,使用 者記得的不是PIN碼是由哪些字母、符號組成,而是記得虛 擬鍵盤上的座標。由於每一次要認證使用者時的虛擬鍵盤都 0 會重新產生,子母、符號位置也都經過重新排列,故使用者 每次輸入的PIN碼值都會不同,可藉此使得piN碼有(〇此 Time Password)的特性。本發明的架構組成包括:動態虛擬 鍵盤表產生模組、座標比對模組、密碼與座標轉換模組、亂 數seed產生模組以及動態虛擬鍵盤的輸入與輸出介面。本發 明可以完全避免掉密碼重送攻擊(Replay Attack),藉由記憶 密碼的輸入座標以及動態的虛擬鍵盤,達到每次登入密碼都 參不同的效果。這樣就算密碼被惡意使用者竊聽,對方也無法 在下次的登入使用該組密碼來通過驗證。 【實施方式】 請參閱·圖一所示’為本發明之使用動態虚擬鍵盤之動態 密碼系統及其方法之架構圖,其包括有: 一 1C卡1,該1C卡1係供使用者進行加解密或簽驗章, 其内主要包括有一亂數seed產生模組11、動態虛擬鍵盤表 產生模組12、密碼與座標轉換模組13及座標比對模組14 ; 6 201007494 ' 一亂數seed產生模組11,其係接收使用者進行加解密或 簽驗章之訊號後’將會立即執行運算以產生亂數seed,並將 亂數seed同時傳送至動態虛擬鍵盤表產生模組η及使用者 電腦2接收;該亂數seed產生模組11係會亂數產生鍵盤文 數字與符號值,並會隨每次1C卡認證而改變其排列順序; 一動態虛擬鍵盤表產生模组12,其係接收亂數see(j產生 模組所傳送的亂數seed,藉由亂數產生一虛擬鍵盤表,再將 φ 此虚擬鍵盤表傳送至密碼與座標轉換模組13,以利密碼與座 標轉之作業執行; 农碼與座標轉換模組13,其係接從虛擬鍵盤3鍵入之 動態密碼’以及由動態虛擬鍵盤表產生模組12從seed產生 的動態虛擬鍵盤表資訊轉換成動態密碼代表的座標,再交由 座標比對模組11來進行密碼正確性比對; 一座標比對模組14’其係接收密碼與座標轉換模組13 ❷所傳送的ΡΙΝ碼座標,該座標比對模組14會將PIN碼座標 與1C卡1内所存放的piN碼座標進行相比對; 一使用者電腦2,該使用者電腦2係與1C卡1相互連結, 其内主要^括有一動態虛擬鍵盤表產生模組21及動態虛擬 鍵盤輪入與輸出介面22; 一動態虛擬鍵盤表產生模組21,其係接收亂數 seed產生 模組11所傳送的亂數seed ’藉由亂數以產生一虛擬鍵盤表, 7 201007494 ' 並將虛擬鍵盤表交予動態虛擬鍵盤輸入與輸出介面22於榮 幕上顯示一虛擬鍵盤3;該虛擬鍵盤3上係可具有座標行列 值及亂數產生之鍵盤文數字與符號值; 一動態虛擬鍵盤輸入與輸出介面22,其係將動態虛擬鍵 盤表產生模組21所產生的虛擬鍵盤表,將其轉化為一虛擬 鍵盤3並顯示於使用者電腦3的螢幕上,以供使用者根據他 所記住的座標位置,將PIN碼的座標在鍵入於螢幕上,並回 Ο傳至1€卡1内的密碼與座標轉換模組13接收;該動態虛擬 鍵盤輸入與輸出介面22產生之動態虛擬鍵盤3係可顯示於 手持式電腦、桌上型電腦或移動式行動設備等; 藉由上述構成之架構,即形成本發明之使用動態虛擬鍵 盤之動態密碼系統及其方法;當使用者有需要使用卡i 來做加解密或簽驗章的動作時,1(:卡1中的亂數seed產生 模組11會立即執行運算,並將seed傳送至動態虛擬鍵盤表 ® 產生模組12及使用者電腦2中,由使用者電腦2中的動態 虛擬鍵盤表產生模組21亂數產生一個虛擬鍵盤表’再交予 動態虛擬鍵盤輸入與輸出介面22將虛擬鍵盤表轉化為一虚 擬鍵盤3^顯示在使用者電腦2的螢幕上。接下來使用者根 據他所記住的座標位置在螢幕上鍵入piN碼,並回傳至IC 卡1内部晶片做處理4C卡1收到使用者鍵入的PIN碼後則 將之送至#碼與座標轉換模組丨3,配合1C卡1内的動態虚 201007494 擬鍵盤表產生模組12給予的資訊,將這次輸入的piN碼的 座標加以解析出來,再將該座標傳送至座標比對模組14與 ic卡1内部存放的PIN碼座標相比對,若相同則通過身分認 證’若不同,則駁回身分認證、 請參閱圖二所示’為本發明使用動態虛擬鍵盤之動態密 碼系統及其方法之實施示意圖’其中該1C卡1為具有本發 明提出的創新的動態密碼設計架構,當其被使用做為加解密 Ο或簽驗章時’會將產生的亂數seed傳送至使用者電腦裡2, 以之產生一個虛擬鍵盤3,供使用者鍵入動態密瑪,並回傳 至之1C卡1做比對。其中該虛擬鍵盤3是由座標31及鍵盤 符號32所級成’座標31之橫軸位於虛擬鍵盤3之上方,座 標31之縱軸位於虛擬鍵盤3之左方,中間則為虛擬鍵盤3 之鍵盤符號。 #參Μ圖三所示,為本發明使用動態虛擬鍵盤之動態密 ®竭系統及其方法之密碼與座標轉換圖,其係由密碼與座標轉 換模組13將使用者電腦2從虛擬鍵盤3鍵入之動態密碼及 由動態虛擬鍵盤表產生模組12從seed產生的動態虛擬鍵盤 表資訊轉彳奐成動態密碼代表的座標,再交由座標比對模組14 來進行密碼正確性比對。 本發明所提供之使用動態虛擬鍵盤之動態密碼系統及其 方法·’與其他習用技術相互比較時,更具有下列之優點: 201007494 ι·本發明係在於提供一種可提高安全性。創新動態密碼 架構使得PIN碼有一次性密碼(〇ne Time passw〇rd)的特性, 就算PIN碼被竊聽,惡意使用者也無法使用該piN碼再次登 入〇 2.本發明係在於提供一種使用依然方便。不用為了達到 一次性密碼的功效而需使用額外的硬體或者傳輸。 上列詳細s兒明係針對本發明之一可行實施例之具號說 %明,惟該實施例並非用以限制本發明之專利範圍,凡未脫離 本發明技藝精神所為之等效實施或變更,均應包含於本案之 專利範圍中。 綜上所述’本案不但在技術思想上確屬創新,並能較習 用方式增進上述多項功效,應已充分符合新穎性及進步性之 法定發明專利要件,爰依法提出申請,懇請貴局核准本件 發明專利申請案,以勵發明,至感德便。 鲁 【圖式簡單說明】 請參閱以下有關本發明一較佳實施例之詳細說明及其附 圖’將可進一步瞭解本發明之技術内容及其目的功效;有關 該實施例之附圖為: 圖一為本發明使用動態虛擬鍵盤之動態密碼系統及其方 法之架構圖; 圖二為該使用動態虛擬鍵盤之動態密碼系統及其方法之 實施示意圖;以及 10 201007494 圖三為該使用動態虛擬鍵盤之動態密碼系統及其方法之 密碼與座標轉換視圖。 【主要元件符號說明】 1 1C卡 11亂數seed產生模組 12動態虛擬鍵盤表產生模組 13密碼與座標轉換模組 14座標比對模組 2使用者電腦 21動態虛擬鍵盤表產生模組 22動態虛擬鍵盤輸入與輸出介面 3虛擬鍵盤 31座標 32鍵盤符號 11201007494 IX. Description of the Invention: [Technical Field] The present invention relates to a dynamic cryptosystem using a dynamic virtual keyboard and a method thereof, particularly for an integrated application of a password input method using a dynamic virtual keyboard and an ic card authentication. Prior Art The existing 1C card needs to be inserted into the card reader before use, and then the PIN code is input and compared with the PIN code stored inside the 1C card. However, there is a security problem in this way. If the password is eavesdropped during the transmission process, the security problem will cause doubts, which may lead to the fraudulent use of the identity, the random signature, and even the possibility that the money will be stolen. It can be seen that the above-mentioned PIN code required to perform the identity authentication is the only shortcoming, and the witch is to be improved. In view of the shortcomings derived from the above-mentioned conventional methods, the inventor of the present invention has improved and innovated in the past, and after years of painstaking research, finally developed the dynamic password design framework of the dynamic virtual keyboard of this piece, which allows the user to use almost as before. In the same way, the authentication action is carried out, and the security goal is achieved while preserving convenience. SUMMARY OF THE INVENTION It is an object of the present invention to provide a software collocation dynamic password system that can improve the security of a user when using an IC card, and the PIN code has a lack of deficiencies due to the system of the present invention ( 〇ne Time Passw〇rd) special 5 201007494 - sex, so even if the key PIN code is eavesdropped, do not have to fear being used by malicious users. The dynamic megama system using the virtual keyboard and the method thereof can achieve the above object of the invention, and the method of using the virtual keyboard to confuse the letters and symbols on the keyboard is rearranged. When the IC card user wants to input the piN code, What the user remembers is not what letters and symbols the PIN code is composed of, but the coordinates on the virtual keyboard. Since the virtual keyboard is regenerated every time the user is authenticated, the position of the parent and the symbol are also rearranged. Therefore, the value of the PIN code input by the user will be different each time, so that the piN code is available. The characteristics of this Time Password). The architecture of the present invention comprises: a dynamic virtual keyboard table generation module, a coordinate comparison module, a password and coordinate conversion module, a random number generation module, and an input and output interface of a dynamic virtual keyboard. The present invention completely avoids the Replay Attack, and by inputting the input coordinates of the password and the dynamic virtual keyboard, each login password has a different effect. In this way, even if the password is eavesdropped by a malicious user, the other party cannot use the password to verify the next login. [Embodiment] Please refer to FIG. 1 for the architecture diagram of the dynamic cryptosystem using the dynamic virtual keyboard and the method thereof, which includes: a 1C card 1 for the user to add Decryption or signature verification, which mainly includes a random number generation module 11, a dynamic virtual keyboard table generation module 12, a password and coordinate conversion module 13 and a coordinate comparison module 14; 6 201007494 ' A random numbered The generating module 11 receives the signal of the user for encryption, decryption or verification, and will immediately perform an operation to generate a random number, and simultaneously transmit the random number to the dynamic virtual keyboard table to generate the module η and use The computer 2 receives; the random number generation module 11 will randomly generate keyboard text numbers and symbol values, and will change its arrangement order with each 1C card authentication; a dynamic virtual keyboard table generation module 12, The system receives the random number see (j generates the random number seed transmitted by the module, generates a virtual keyboard table by random numbers, and transmits the virtual keyboard table to the password and coordinate conversion module 13 to facilitate the password and coordinate conversion. Job execution; farm code The coordinate conversion module 13 is connected to the dynamic password typed from the virtual keyboard 3 and the dynamic virtual keyboard table information generated by the dynamic virtual keyboard table generation module 12 from the seed is converted into a coordinate represented by the dynamic password, and then converted to a coordinate ratio. The module 11 is used for password correctness comparison; a standard alignment module 14' receives the password coordinates transmitted by the coordinate and coordinate conversion module 13 ,, and the coordinate comparison module 14 will PIN code coordinates. Comparing with the piN code coordinates stored in the 1C card 1; a user computer 2, the user computer 2 and the 1C card 1 are connected to each other, and a dynamic virtual keyboard table generating module 21 is mainly included therein. Dynamic virtual keyboard wheeling and output interface 22; a dynamic virtual keyboard table generating module 21, which receives the random number set transmitted by the random number seed generating module 11 'by generating random numbers to generate a virtual keyboard table, 7 201007494 And assigning a virtual keyboard table to the dynamic virtual keyboard input and output interface 22 to display a virtual keyboard 3 on the screen; the virtual keyboard 3 can have a coordinate row value and a random number generated keyboard text number and symbol value; The dynamic virtual keyboard input and output interface 22 is a virtual keyboard table generated by the dynamic virtual keyboard table generating module 21, which is converted into a virtual keyboard 3 and displayed on the screen of the user computer 3 for the user. According to the coordinates of the coordinates he remembers, the coordinates of the PIN code are entered on the screen, and the password is transmitted to the coordinate conversion module 13 in the 1€ card 1; the dynamic virtual keyboard input and output interface 22 is generated. The dynamic virtual keyboard 3 can be displayed on a handheld computer, a desktop computer or a mobile mobile device, etc.; by the above-structured structure, the dynamic cryptosystem using the dynamic virtual keyboard of the present invention and the method thereof are formed; When there is a need to use the card i for the purpose of encryption, decryption or signature verification, 1 (the random number generation module 11 in the card 1 immediately performs the operation and transmits the seed to the dynamic virtual keyboard table® generation module 12 And in the user computer 2, the dynamic virtual keyboard table generation module 21 in the user computer 2 generates a virtual keyboard table in random numbers and then passes to the dynamic virtual keyboard input and output interface 22 to be virtualized. Tray table into a virtual keyboard displayed on the user 3 ^ 2 of the computer screen. Next, the user types the piN code on the screen according to the coordinate position he remembers, and returns it to the internal chip of the IC card 1 to process the 4C card. After receiving the PIN code typed by the user, the user sends it to the #码 and coordinates. The conversion module 丨3 cooperates with the dynamic virtual 201007494 pseudo-keyboard table in the 1C card 1 to generate the information given by the module 12, parses the coordinate of the input piN code, and transmits the coordinate to the coordinate comparison module 14 Compared with the PIN code coordinates stored inside the ic card 1, if they are the same, the identity authentication is passed. If the difference is different, the identity authentication is rejected. Please refer to the dynamic password system and the method for using the dynamic virtual keyboard according to the present invention. The implementation diagram 'where the 1C card 1 is an innovative dynamic password design architecture proposed by the present invention, when it is used as an encryption/decryption or signature check, the generated random number will be transmitted to the user's computer. 2, to generate a virtual keyboard 3, for the user to type dynamic mima, and return to the 1C card 1 for comparison. The virtual keyboard 3 is defined by the coordinates 31 and the keyboard symbol 32. The horizontal axis of the coordinate 31 is located above the virtual keyboard 3. The vertical axis of the coordinate 31 is located to the left of the virtual keyboard 3, and the middle is the keyboard of the virtual keyboard 3. symbol. As shown in FIG. 3, the password and coordinate conversion diagram of the dynamic virtual keyboard system and the method thereof using the dynamic virtual keyboard of the present invention are performed by the password and coordinate conversion module 13 to the user computer 2 from the virtual keyboard 3. The dynamic password entered and the dynamic virtual keyboard table information generated by the dynamic virtual keyboard table generation module 12 from the seed are converted into coordinates represented by the dynamic password, and then passed to the coordinate comparison module 14 for password correctness comparison. The dynamic cryptosystem and the method thereof using the dynamic virtual keyboard provided by the present invention have the following advantages when compared with other conventional techniques: 201007494 ι The present invention provides an improvement in security. The innovative dynamic password structure makes the PIN code have the characteristics of one-time password (〇ne Time passw〇rd). Even if the PIN code is eavesdropped, the malicious user cannot use the piN code to log in again. 2. The present invention provides a use still. Convenience. There is no need to use additional hardware or transmission in order to achieve the power of a one-time password. The above detailed description of the present invention is not intended to limit the scope of the invention, and is not intended to limit the scope of the invention. , should be included in the scope of the patent in this case. To sum up, 'this case is not only innovative in terms of technical thinking, but also can enhance the above-mentioned multiple functions in a more conventional way. It should fully comply with the statutory invention patent requirements of novelty and progressiveness, and apply in accordance with the law. I urge you to approve this article. Invention patent application, in order to invent invention, to the sense of virtue. BRIEF DESCRIPTION OF THE DRAWINGS The following is a detailed description of a preferred embodiment of the present invention and its accompanying drawings, which will be further understood, 1 is a structural diagram of a dynamic cryptosystem and a method thereof using a dynamic virtual keyboard; FIG. 2 is a schematic diagram of implementation of a dynamic cryptosystem using a dynamic virtual keyboard and a method thereof; and 10 201007494 FIG. 3 is a dynamic virtual keyboard A password and coordinate conversion view of a dynamic cryptosystem and its methods. [Main component symbol description] 1 1C card 11 random number seed generation module 12 dynamic virtual keyboard table generation module 13 password and coordinate conversion module 14 coordinate comparison module 2 user computer 21 dynamic virtual keyboard table generation module 22 Dynamic virtual keyboard input and output interface 3 virtual keyboard 31 coordinates 32 keyboard symbol 11

Claims (1)

201007494 十、申請專利範圍: i· 一種使用動態虛擬鍵盤之動態密碼系統,其包括有: 一 ic卡’該IC卡係供使用者進行加解密或簽驗章,其 内主要包括有一亂數seed產生模組、動態虛擬鍵盤表產 生模組、密碼與座標轉換模組及座標比對模組; 一亂數seed產生模組,其係接收使用者進行加解密或簽 驗章之訊號後’將會立即執行運算以產生亂數seed,並 φ 將亂數seed同時傳送至動態虛擬鍵盤表產生模組及使用 者電腦接收; 一動態虛擬鍵盤表產生模組,其係接收亂數seed產生模 組所傳送的亂數seed,藉由亂數產生一虛擬鍵盤表,再 將此虛擬鍵盤表傳送至密碼與座標轉換模組,以利密碼 與座標之作業執行; 一密碼與座標轉換模組,其係接收虛擬鍵盤鍵入之動態 • 密碼,以及由動態虛擬鍵盤表產生模組從seed產生的動 態虛擬鍵盤表資訊轉換成動態密碼代表的座標,再交由 座標比對模組來進行密碼正確性比對; 一座標比對模組,其係接收密碼與座標轉換模組所傳送 的PIN碼座標,該座標比對模組會將piN碼座標與IC 卡内所存放的PIN碼座標進行相比對; 一使用者電腦,該使用者電腦係與1C卡相互連結,其内 主要包括有一動態虛擬鍵盤表產生模組及動態虛擬鍵盤 12 201007494 輸入與輸出介面; 一動態虛擬鍵盤表產生模組,其係接收亂數seed產生模 组所傳送的亂數seed,藉由亂數以產生一虛擬鍵盤表, 並將虛擬鍵盤表交予動態虚擬鍵盤輸入與輸出介面; 一動態虛擬鍵盤輸入與輸出介面,其係將動態虛擬鍵盤 表產生模組所產生的虛擬鍵盤表,將其顯示於使用者電 腦的螢幕上,以供使用者根據他所記住的座標位置,將 O pin碼的座標在鍵入於螢幕上,並回傳至ic卡内的密碼 與座標轉換模組接收。 2. 如申請專利範圍第1項所述之使用動態虛擬鍵盤之動態 密碼系統,其中該虛擬鍵盤上係可具有座標行列值及亂 數產生之鍵盤文數字與符號值。 3. 如申請專利範圍第1項所述之使用動態虛擬鍵盤之動態 密碼系統,其中該亂數seed產生模組係會亂數產生鍵盤 • 文數字與符號值,並會隨每次1C卡認證而改變其排列順 序。 4·如申請專利範圍第,項所述之使用動態虛擬鍵盤之動態 密碼系統,其中該動態虛擬鍵盤輸入與輸出介面產生之 動態虛擬鍵盤係可顯示於手持式電腦、桌上型電臞或移 動式行動設備等。 5. 一種使用動態虛擬鍵盤之動態密碼方法,該化卡身分認 13 201007494 證之步驟包括有: 步驟一:使用者使用ic卡來做加解密或簽驗章的動作 時’ IC卡中的亂數seed產生模組會立即執行運算產生亂 數 seed ; 步驟二:再將亂數seed傳送至動態虛擬鍵盤表產生模组 及使用者電腦; 步驟二:使用者電腦的動態虛擬鍵盤表產生模組亂數產 φ 生一個虛擬鍵盤表,再交予動態虛擬鍵盤輸入與輸出介 面將虛擬鍵盤顯示在使用者的螢幕上; 步驟四:使用者根據他所記住的座標位置在螢幕上鍵入 PIN碼’並回傳到ic卡内部晶片做處理; 步驟五.IC卡收到使用者鍵入的PIN碼後則將之送入密 碼與座標轉換模組’配合IC卡内的動態虛擬鍵盤表產生 模組給予的資訊,將這次輸入的piN碼的座標解析出來; • 步驟六:將該座標傳至座標比對模組與1C卡内部存放的 PIN碼座標相比對,若相同則通過身分認證,若不同, 則駁回身分認證。201007494 X. Patent application scope: i· A dynamic password system using a dynamic virtual keyboard, which includes: an ic card 'The IC card is for users to encrypt or decrypt or sign the seal, which mainly includes a random number Generate module, dynamic virtual keyboard table generation module, password and coordinate conversion module and coordinate comparison module; a random number seed generation module, which receives the user's signal for encryption, decryption or signature verification The operation will be executed immediately to generate a random number seed, and φ will transmit the random number to the dynamic virtual keyboard table generation module and the user computer to receive; a dynamic virtual keyboard table generation module, which receives the random number seed generation module The transmitted random number is generated by a random number to generate a virtual keyboard table, and then the virtual keyboard table is transmitted to the password and coordinate conversion module to perform the operation of the password and the coordinate; a password and coordinate conversion module, Receiving the dynamic password input of the virtual keyboard, and the dynamic virtual keyboard table information generated by the dynamic virtual keyboard table generation module from the seed is converted into dynamic secret The coordinate of the representative is then compared with the coordinate comparison module for the correctness of the password; a standard comparison module, which receives the PIN code coordinates transmitted by the password and the coordinate conversion module, and the coordinate comparison module will Comparing the piN code coordinates with the PIN code coordinates stored in the IC card; a user computer, the user computer and the 1C card are interconnected, and the main computer includes a dynamic virtual keyboard table generating module and dynamic virtual Keyboard 12 201007494 input and output interface; a dynamic virtual keyboard table generating module, which receives the random number generated by the random number generation module, generates a virtual keyboard table by random numbers, and submits the virtual keyboard table The dynamic virtual keyboard input and output interface; a dynamic virtual keyboard input and output interface, which is a virtual virtual keyboard table generated by the virtual keyboard table generated by the module, displayed on the screen of the user's computer for the user According to the coordinates of the coordinates he remembers, the coordinate of the O pin code is entered on the screen and transmitted back to the password in the ic card and received by the coordinate conversion module. 2. The dynamic cryptographic system using a dynamic virtual keyboard as recited in claim 1, wherein the virtual keyboard has a coordinate row value and a hash number and a symbol value generated by the random number. 3. The dynamic cryptosystem using a dynamic virtual keyboard as described in claim 1 of the patent scope, wherein the random number generation module generates a keyboard number and a symbol value, and will be authenticated with each 1C card. And change the order of their arrangement. 4. The dynamic cryptosystem using a dynamic virtual keyboard as described in the patent application scope, wherein the dynamic virtual keyboard generated by the dynamic virtual keyboard input and output interface can be displayed on a handheld computer, a desktop computer or a mobile device. Mobile devices, etc. 5. A dynamic password method using a dynamic virtual keyboard, the steps of the card recognition 13 201007494 include: Step 1: When the user uses the ic card to do the encryption or decryption or the signature check action, the mess in the IC card The number of seed generation modules will immediately execute the operation to generate random numbers. Step 2: Transfer the random number to the dynamic virtual keyboard table to generate the module and the user's computer; Step 2: Dynamic virtual keyboard table generation module of the user's computer Randomly generate a virtual keyboard table, and then submit it to the dynamic virtual keyboard input and output interface to display the virtual keyboard on the user's screen; Step 4: The user types the PIN code on the screen according to the coordinate position he remembers' And return to the internal chip of the ic card for processing; Step 5. After receiving the PIN code entered by the user, the IC card sends it to the password and the coordinate conversion module to cooperate with the dynamic virtual keyboard table generation module in the IC card. Information, the coordinate of the input piN code is parsed; • Step 6: The coordinate is transmitted to the coordinate comparison module compared with the PIN code coordinate stored inside the 1C card. Yes, if they are the same, they will pass the identity certification. If they are different, they will be rejected.
TW97130914A 2008-08-14 2008-08-14 Dynamic password system using a dynamic virtual keyboard and method thereof TW201007494A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW97130914A TW201007494A (en) 2008-08-14 2008-08-14 Dynamic password system using a dynamic virtual keyboard and method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW97130914A TW201007494A (en) 2008-08-14 2008-08-14 Dynamic password system using a dynamic virtual keyboard and method thereof

Publications (2)

Publication Number Publication Date
TW201007494A true TW201007494A (en) 2010-02-16
TWI361363B TWI361363B (en) 2012-04-01

Family

ID=44827081

Family Applications (1)

Application Number Title Priority Date Filing Date
TW97130914A TW201007494A (en) 2008-08-14 2008-08-14 Dynamic password system using a dynamic virtual keyboard and method thereof

Country Status (1)

Country Link
TW (1) TW201007494A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3767502A1 (en) * 2019-07-17 2021-01-20 UBS Business Solutions AG Secure storing and processing of data

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105224858A (en) * 2014-06-05 2016-01-06 阿里巴巴集团控股有限公司 A kind of interface for password input display packing and system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3767502A1 (en) * 2019-07-17 2021-01-20 UBS Business Solutions AG Secure storing and processing of data
US11347411B2 (en) 2019-07-17 2022-05-31 Ubs Business Solutions Ag Secure storing and processing of data

Also Published As

Publication number Publication date
TWI361363B (en) 2012-04-01

Similar Documents

Publication Publication Date Title
Kim et al. A method of risk assessment for multi-factor authentication
US10592651B2 (en) Visual image authentication
CN102075522B (en) Secure certification and transaction method with combination of digital certificate and one-time password
US20190050554A1 (en) Logo image and advertising authentication
CN101848090B (en) Authentication device and system and method using same for on-line identity authentication and transaction
US20160269393A1 (en) Protecting passwords and biometrics against back-end security breaches
CN102035654B (en) Identity authentication method, identity authentication equipment, server and identity authentication-based encryption method
WO2015188426A1 (en) Method, device, system, and related device for identity authentication
WO2015188424A1 (en) Key storage device and method for using same
WO2008095346A1 (en) Electronic signature method and electronic signature tool
CN101340294A (en) Cipher keyboard apparatus and implementing method thereof
CN110620763B (en) Mobile identity authentication method and system based on mobile terminal APP
KR101879758B1 (en) Method for Generating User Digital Certificate for Individual User Terminal and for Authenticating Using the Same Digital Certificate
US11909734B2 (en) Methods and systems for authenticating identity
CN102710611A (en) Network security authentication method and system
SG175860A1 (en) Methods of robust multi-factor authentication and authorization and systems thereof
Jang et al. Biometric Enabled Portable Trusted Computing Platform
Liou et al. On improving feasibility and security measures of online authentication.
TW201007494A (en) Dynamic password system using a dynamic virtual keyboard and method thereof
CN101547098B (en) Method and system for security certification of public network data transmission
CN2914498Y (en) Information security device based on universal serial bus human-computer interaction type device
US20230419325A1 (en) Method for processing an operation involving secret data, terminal, system and corresponding computer program
KR20180129302A (en) Method for executing of security keyboard, apparatus and system for executing the method
Xie et al. VOAuth: A solution to protect OAuth against phishing
KR101152610B1 (en) The Method of Virtual Keyboard

Legal Events

Date Code Title Description
MM4A Annulment or lapse of patent due to non-payment of fees