201214188 六、發明說明: 【發明所屬之技術領域】 。本U提供-種資訊安全方法及相_置,尤指一種用於一硬體 鎖裝置的認證方法及其相關硬體鎖裝置。 【先前技術】 在電一腦網路中’一般資料傳輸,認證或是軟體在使用時通常使用 帳戶、密碼歧硬_ (KeyPfQ)的方式或鋪,來·使用者是 否為正當授權的使用者。常見的方式使用者可向硬體鎖公司申請一 硬=裝置,如-權仗(TQken)的硬觀置,並透過特定網頁啟動 並^又疋對特疋帳戶的保護。每當使用者欲存取被保護的帳戶,軟體 或特定主機時(如登人特定網域或登人特定網路商店的帳戶)時, 使用者預先輸人使崎臟與_,接著要求使时插人硬體鎖裝 置來驗雜號,密碼及硬_是^正_,如果正確麟可使用此軟 體,帳號或資料。 在前述使用者認證方式中,一般都是由主機作最後決定,決定是 否認證通過。細’這_髓模式仍崎在著驗。比如,駭客 可以透過竊聽軟體,監聽主機端以破解使用者輪入等資訊。 【發明内容】 因此,本發明触一種硬體鎖裝置的認證方法,以予員防認證相關 201214188 資訊被竊取 本發明揭露-_於—硬體鎖裝制認證方法,其包含有從一主 機接收第一费碼觸發因子;根據該第一密碼觸發因子,產生一第 一:次性密碼;同時傳送該第—次性密碼與—第二密碼觸發因子 至該主機;從該主機接收對應於該第二密碼觸發因子的一第二一欠 性密碼’根據該第二—次性密碼,判斷關於該硬 含 以及傳送關證結果至魅機。 咖、、,°果’ 。本發明另揭露-種硬體鎖裝置,其包含有—密碼產生單元、一判 斷早疋、-接收單元及一傳送單元。該密碼產生單元用來根 一密碼觸發因子,產;iA乐 成从始第一性密碼。該判斷單元用來根據對 應;-第二密碼觸發因子的一第二一次性密碼,判斷關於該硬 =賴二接收單元用來從一主機接收-第-密碼觸發因子 "一碼。該傳送單元用來_傳送該第--次性密碼 與該第二密_發因子至該域,以及傳送·證結果至該主機〔 【實施方式】 請參考第1圖,第!圖為本發明實施例一認證流程ι〇之示音圖。 :程:來實現一主機12與一具備硬體鎖㈤雜 (Token) 14_認證’其包含下列步驟: 步驟綱.··主機1_杖14間完紐用者密碼登入流程。 步驟110 .域12傳送—密碼觸發因子ai至權杖μ。 201214188 步驟120 :權杖Μ根據密碼觸發因子A1,產生一一次性密碼 OTP1 〇 步驟130 :權杖14同時傳送一次性密碼οτρί與一密碼觸發因 子A2至主機12。 步驟140 :主機12根據密碼觸發因子A2,產生一一次性密碼 OTP2。 步驟150 :主機12傳送一次性密碼0ΤΡ2至權杖14。 步驟160 :權杖14根據一次性密碼0TP2,判斷關於權杖14的 一認證結果。 步驟170 :權杖14傳送認證結果至主機12。 根據認證流程1〇,權杖14可自動輸入使用者帳號與密碼至主機 12以完成使用者密碼登入流程。接著,主機12與權杖進行一雙 向的一次性密碼認證流程。首先,主機12傳送密碼觸發因子A1至 權杖14,而權杖14據此產生對應的一次性密碼〇τρι。於回傳一次 性密碼ΟΤΡ1時,權杖14也同時傳送密碼觸發因子Α2給主機12, 以進行下一個密碼認證流程。密碼觸發因子Α2與第一次密碼認證 流程間的關係可以是主機12與權杖14事先協議(預設)好的。主 機12根據密碼觸發因子Α2,產生對應的一次性密碼〇τρ2,並回 報給權杖14作認證確認。若—次性密碼〇Τρ2符合權杖μ所需求 的密碼,則權杖14判斷認證成功,反之則判斷認證失敗。最後,權 杖14將認證結果傳給主機12,告知認證成功或失敗。在認證成功 的情況下,使用者可以成功登入欲存取的目標,如網域或網頁。由 201214188 上可知,在認證流程ίο中,主機12與權杖 挑戰/回應(Chaiienge/Res_e) 之間進行了兩次採用 且最後判斷職成摘轉碼縣流程, 14的5忍姐流程,讓破解機率大幅降低。 在認證流程10中,密碼觸發因子A1 «^ai-pBra -2. 、,m ^ 2可為一組隨機產生的201214188 VI. Description of the invention: [Technical field to which the invention pertains]. This U provides an information security method and phase, especially an authentication method for a hardware lock device and its associated hardware lock device. [Prior Art] In the electric-brain network, 'general data transmission, authentication or software is usually used in the form of account, password _ (KeyPfQ) or shop, whether the user is a legitimate authorized user . In a common way, the user can apply to the hardware lock company for a hard device, such as a TQken, and activate it through a specific web page and protect the special account. Whenever a user wants to access a protected account, software or a specific host (such as logging into a specific domain or logging into a specific online store account), the user pre-empts the person to make the smudge and _, then asks to make When inserting a hard lock device to check the number, password and hard _ is ^ positive _, if the correct Lin can use this software, account or data. In the foregoing user authentication method, it is generally determined by the host to determine whether the authentication is passed. The fine 'this _ marrow mode is still in the test. For example, hackers can use the eavesdropping software to listen to the host to crack information such as user rounds. SUMMARY OF THE INVENTION Accordingly, the present invention is directed to an authentication method for a hard-lock device to protect against authentication-related 201214188 information. The present invention discloses a method for authentication of a hard-locking system, which includes receiving from a host. a first fee code triggering factor; generating a first: secondary password according to the first password triggering factor; simultaneously transmitting the first-order password and the second password triggering factor to the host; receiving, corresponding to the host from the host A second owe password of the second cryptographic trigger factor is determined according to the second-order password, and the result of the transmission is transmitted to the enchantment. Coffee, ,, ° fruit. The invention further discloses a hardware lock device comprising a cryptographic generating unit, a decision early, a receiving unit and a transmitting unit. The password generating unit is used to generate a password triggering factor; iA is derived from the first first password. The determining unit is configured to determine, according to a second one-time password of the second password triggering factor, that the hard-receiving receiving unit is configured to receive a ---password triggering factor from a host. The transmitting unit is configured to transmit the first-order password and the second-level password to the domain, and transmit the certificate result to the host. [Embodiment] Please refer to Figure 1, the first! The figure is a sound diagram of the authentication process ι〇 in the first embodiment of the present invention. : Cheng: To implement a host 12 and a hardware lock (5) Token 14_Authentication', which includes the following steps: Step Outline: · Host 1_ Staff 14 Complete the user password login process. Step 110. Domain 12 Transfer - Password Trigger Factor ai to Scepter μ. 201214188 Step 120: The token 产生 generates a one-time password OTP1 according to the password trigger factor A1. Step 130: The token 14 simultaneously transmits a one-time password οτρί and a password triggering factor A2 to the host 12. Step 140: The host 12 generates a one-time password OTP2 according to the password triggering factor A2. Step 150: The host 12 transmits the one-time password 0ΤΡ2 to the token 14. Step 160: The token 14 determines an authentication result regarding the token 14 based on the one-time password 0TP2. Step 170: The token 14 transmits the authentication result to the host 12. According to the authentication process, the token 14 can automatically input the user account and password to the host 12 to complete the user password login process. Next, the host 12 and the token perform a two-way one-time password authentication process. First, the host 12 transmits a password trigger factor A1 to the token 14, and the token 14 accordingly generates a corresponding one-time password 〇τρι. When the password ΟΤΡ1 is returned, the token 14 also transmits the password trigger factor Α2 to the host 12 for the next password authentication process. The relationship between the password trigger factor Α2 and the first password authentication process may be that the host 12 and the token 14 are previously agreed (preset). The host machine 12 generates a corresponding one-time password 〇τρ2 according to the password trigger factor Α2, and returns it to the token 14 for authentication confirmation. If the secondary password 〇Τρ2 meets the password required by the token μ, the token 14 determines that the authentication is successful, otherwise the authentication fails. Finally, the token 14 passes the authentication result to the host 12 to inform the success or failure of the authentication. In the case of successful authentication, the user can successfully log in to the target to be accessed, such as a domain or web page. As can be seen from 201214188, in the authentication process ίο, the host 12 and the scepter challenge/response (Chaiienge/Res_e) have been used twice and finally judged the job to be transferred to the county process, 14 of the 5 sister process, let The chance of cracking is greatly reduced. In the authentication process 10, the password triggering factor A1 «^ai-pBra -2. , m ^ 2 can be randomly generated.
=:!二計時性或計時性的-次性密碼認證 流程。換句魏,主機12與權杖14可將密石馬觸發因子A 套入相同的加密演算法,以分_—組密碼,再比對兩組密碼是 否相同,並於兩組密碼相同時,進行下—步驟(如峨認證結果或 另-次的㈣認證流程例如,主機12_—演算法及密碼觸發 因子A2產生-次性密碼0ΤΡ2。權杖14於接收到—次性密碼〇τρ2 時,也利用相同演算法及密碼觸發时八2產生—組一次性密碼, 若產生的-次性密碼與-次性密碼〇ΤΡ2相符時,則權杖Μ判斷認 證成功’反之則判斷認證失敗。同樣地’主機12判斷權杖丨4所產 生的一次性密碼ΟΤΡ1是否正確也是利用同樣的方式。此外,一次 性密碼ΟΤΡ1及ΟΤΡ2可根據一散列訊息認證一次性密碼 (Hash-based Message Authentication Code One Time Password » HOTP)演算法所產生。 請參考第2圖,第2圖為本發明實施例一權杖2〇之示意圖。權 杖20用來實現認證流程1〇中的權杖14,且包含一連接介面、 201214188 接收單元2io傳送單;^ 22〇、一密碼產生單元2如及一判斷翠 7G 24〇。接收單兀21〇及傳送單元22〇透過連接介面細與一主機 (如第1圖的主機12)進行訊號交換。連接介面勘可為通用序列 匯流排(Uni觀alSerialBus,聰)、—線列印終端⑴此㈣=:! Two timed or timed-sub-password authentication process. In other words, the host 12 and the scepter 14 can insert the pebbles triggering factor A into the same encryption algorithm to divide the _-group password, and then compare whether the two sets of passwords are the same, and when the two sets of passwords are the same, Performing the following steps (such as the authentication result or the other (four) authentication process, for example, the host 12_-the algorithm and the password triggering factor A2 generate the secondary password 0ΤΡ2. When the token 14 receives the secondary password 〇τρ2, Also using the same algorithm and password triggering, the 8-2 generation-group one-time password, if the generated-secondary password matches the-secondary password 〇ΤΡ2, then the token determines that the authentication is successful. Otherwise, the authentication fails. The same way is used to determine whether the one-time password 产生1 generated by the token 4 is correct. In addition, the one-time passwords ΟΤΡ1 and ΟΤΡ2 can authenticate a one-time password according to a hash message (Hash-based Message Authentication Code One) The Time Password » HOTP) algorithm is generated. Please refer to FIG. 2 , which is a schematic diagram of a scepter 2 为本 according to an embodiment of the present invention. The scepter 20 is used to implement the scepter 14 in the authentication process. And including a connection interface, 201214188 receiving unit 2io transfer order; ^ 22 〇, a password generating unit 2 and a judging 7G 24 〇. The receiving unit 21 〇 and the transmitting unit 22 细 through the connection interface and a host (such as The host 12) of Figure 1 performs signal exchange. The connection interface can be a universal serial bus (Uni view alSerialBus, Cong), - line print terminal (1) (4)
Tergal、LPT)或RS_232科面,赠雜2()齡射使用相同 的通訊協定或傳輸資料加密方式來交換資料。t接收單元細透過 連接介面200接收密碼觸發因子A1時,密碼產生單元23〇根據密 碼觸發,利用與主機相同的加密演算法產生一次性密碼 肩算法了為進階式加密規範(AdvancedEncryption Standard AES) ’冑^:法《其他加豸演#法。此外,權杖μ可包含 多種預設的密碼觸發因子’如製造商於權杖2()出廠前儲存多組密碼 觸發因子於權杖2〇的非揮發性記憶體(未示於圖中)中,當每次需 要密碼觸發因子時,權杖20再隨機選出-組密碼觸發因子;或是當 每人的要⑥碼觸發因子時,權杖2G隨機產生—組密碼觸發因子。所 產生的密碼觸發因子A2再伴隨所產生的—次性密碼 0TP1同時由 f送單元22G傳送至主機。判斷單元根據主機鎖回覆的一次性 达I 0TP2判斷關於權杖2〇 (或使用者)的一認證結果Au—順, 其再由傳送單疋22〇傳送至主機。由於權杖Μ可用來實現認證流程 中的權杖Μ ’因此詳細的認證流程請參考第j圖說明,於此不費 述。 因此本發明讓由認證端(如主機)與被認證端(如權仗)進行 '續兩人的-人性进碼認證流程,並由被認證端確定最終的認證結 201214188 果,以預防認證過程中的一次性密碼被竊取。 以上所述僅為本發明之較佳實施例,凡依本發明申請專利範圍 所做之均等變化與修飾,皆應屬本發明之涵蓋範圍。 【圖式簡單說明】 第1圖為本發明實施例一認證流程之示意圖。 第2圖為本發明實施例一權杖之示意圖。 【主要元件符號說明】 10 認證流程 100、110、120、130、140、150、160、170 步驟 12 主機 14 權杖 A1、A2 密碼觸發因子 φ OTP1 ' OTP2 一次性密碼 AU_RES 認證結果Tergal, LPT) or RS_232 face, gift 2 () age shot using the same communication protocol or transmission data encryption to exchange data. When the receiving unit finely receives the cryptographic triggering factor A1 through the connection interface 200, the cryptographic generating unit 23 触发 generates a one-time cryptographic shoulder algorithm based on the same cryptographic algorithm as the host to generate an advanced cryptographic specification (Advanced Encryption Standard AES). '胄^: The law "other additions to the show #法. In addition, the scepter μ can include a plurality of preset cryptographic trigger factors, such as non-volatile memory (not shown in the figure) where the manufacturer stores multiple sets of cryptographic trigger factors on the scepter 2 at the factory before the scepter 2 (). In the case, each time the password triggering factor is required, the token 20 randomly selects the group password triggering factor; or when the perpetrator has a 6-yard triggering factor, the token 2G randomly generates a group password triggering factor. The generated cryptographic triggering factor A2 is accompanied by the generated secondary-password 0TP1 which is simultaneously transmitted by the f-sending unit 22G to the host. The judging unit judges an authentication result Au-shun with respect to the token 2 (or the user) according to the one-time I 0TP2 of the host lock reply, which is then transmitted to the host by the delivery unit 22〇. Since the scepter can be used to implement the scepter in the certification process, the detailed certification process is described in the figure j, which is not mentioned here. Therefore, the present invention allows the authentication end (such as the host) and the authenticated end (such as the right) to perform the 'continuation two-person-passive authentication process, and the authenticated end determines the final authentication end 201214188 to prevent the authentication process. The one-time password in the account was stolen. The above are only the preferred embodiments of the present invention, and all changes and modifications made to the scope of the present invention should fall within the scope of the present invention. BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 is a schematic diagram of an authentication process according to an embodiment of the present invention. Figure 2 is a schematic view of a token of the embodiment of the present invention. [Main component symbol description] 10 Authentication process 100, 110, 120, 130, 140, 150, 160, 170 Step 12 Host 14 Scepter A1, A2 Password trigger factor φ OTP1 ' OTP2 One-time password AU_RES Authentication result