WO2006002586A1 - A verification mode of the interactive dynamic key instructed by integrating a formula key with graphics - Google Patents

A verification mode of the interactive dynamic key instructed by integrating a formula key with graphics Download PDF

Info

Publication number
WO2006002586A1
WO2006002586A1 PCT/CN2005/000825 CN2005000825W WO2006002586A1 WO 2006002586 A1 WO2006002586 A1 WO 2006002586A1 CN 2005000825 W CN2005000825 W CN 2005000825W WO 2006002586 A1 WO2006002586 A1 WO 2006002586A1
Authority
WO
WIPO (PCT)
Prior art keywords
password
prompt
formula
user
verification
Prior art date
Application number
PCT/CN2005/000825
Other languages
French (fr)
Chinese (zh)
Inventor
Zichen Tan
Original Assignee
Zichen Tan
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zichen Tan filed Critical Zichen Tan
Publication of WO2006002586A1 publication Critical patent/WO2006002586A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords

Definitions

  • the invention relates to an interactive dynamic password verification mode combining a formula password and a graphic prompt. Background technique
  • the object of the present invention is to provide a new mode of a stand-alone, network, or Internet security application field that does not rely on external password generating devices to generate random passwords, that is, an interactive dynamic password verification mode in which a formula password is combined with a graphical prompt.
  • an interactive dynamic password verification mode in which a formula password is combined with a graphical prompt.
  • the modes include:
  • the user presets the formula password; the verification verifier will randomly generate a string of prompts and/or a code list, and calculate the expected password according to the user preset password; the checker will prompt and/or encode
  • the table is sent to the user in a graphical format; after receiving the above prompt, the user sets the password into the personal preset formula to obtain the password, and enters; the verifier corrects the user's input password and the expected password and decides whether to accept the login.
  • the password is verbose or short.
  • the "encoding table" and the “prompt” will be transmitted to the user in a graphical format each time, that is, each time the verification system randomly generates a prompt and/or a codelist, a character prompt will be displayed. And the encoding table becomes the image format, and is appropriately deformed.
  • the interactive dynamic password verification mode of the formula password combined with the graphic prompt runs according to the following process: a.
  • the verification system locks the user account and randomly generates the coding table and/or prompt;
  • the verification system calculates a corresponding expected password according to the code table and/or the prompt and the preset formula password of the user;
  • the verification system converts the above code table and / or prompt into an image format, and will be moderately deformed or complicated;
  • the verification system sends the above picture encrypted to the client;
  • the user obtains the password according to the code table and/or prompt, combined with the preset formula password, and inputs;
  • the client transmits the user input password to the verification system for verification.
  • the verification system checks the received password against the expected password
  • the "formula” in the “formula password” can be versatile, it can be a calculation of the prompt, or it can be
  • the combination of the indicators can be the value of the feature around the prompt (such as the date), can be an empty city meter (no rules only use static passwords), can also be other types of "rules", or for various rules The combination used.
  • the user can choose to input through the keyboard, or directly and quickly click on the input on the coding table of the screen through the mouse.
  • the present invention adopts the above technical solution, it completely abandons any external password generating device, and creatively solves the problem that has long plagued a single machine, a network, the Internet, and related websites.
  • the present invention is a dynamic password generation and verification mode that does not require any external device participation at all. Compared with the prior art, the essential difference is: "Formula password” completely deviates from the original "character password” concept. For the user, after using the formula password system, the user wants to memorize and use the "character” which is no longer a hard one, but “algorithm” and "rule”.
  • the present invention has been designed based on the premise of high practicality. It can be used for stand-alone authentication, LAN authentication, Internet authentication, and even password verification for ATM ATMs. Overall, this mode can be a replacement and enhancement to all "static character password" modes.
  • the invention is not just a “commodity” but a “guidance model”. As with the invention of the "www" URL pattern and the "@” email model, the invention of this guiding model is urgently needed in the future, but the need for this guiding model is urgent. Any related improvements cannot exceed the essence of the basic idea of the present invention.
  • An interactive dynamic password verification mode in which a formula password is combined with a graphical prompt characterized in that: the mode includes:
  • the user presets the formula password; the verification party randomly generates a string of prompts and/or a code list and calculates the expected password; the checker sends the prompt and/or the code table in a graphic format.
  • the user After receiving the above prompt, the user puts the formula into the personal preset formula to obtain the password, and enters; the verifier corrects the user's password and the expected password and decides whether to accept the login.
  • the password is verbose or short, and relatively verbose is preferred.
  • the "encoding table” and the “prompt” will be transmitted to the user in a graphical format each time, that is, each time the verification system randomly generates a prompt and a coding table, the character prompt and encoding will be performed.
  • the table becomes the image format and is appropriately deformed.
  • the interactive dynamic password verification mode of the formula password combined with the graphic prompt runs according to the following process: a.
  • the verification system locks the user account and randomly generates the coding table and/or prompt;
  • the verification system calculates a corresponding expected password according to the code table and/or the prompt and the preset formula password of the user;
  • the verification system converts the above code table and / or prompt into image format, and will be moderately deformed or complicated;
  • the verification system sends the above picture encrypted to the client;
  • the user obtains the password according to the coding table and/or prompt, combined with the preset formula password, and inputs; f. The user end encrypts the user input password and transmits it to the verification system for verification;
  • the verification system checks the received password against the expected password
  • the "formula” in the “formula password” can be versatile, it can be a calculation of the prompt, a combination of the prompts, or a value of the surrounding features (such as a date). It can be an empty city meter (no rules only use static passwords), other types of "rules", or a combination of various rules.
  • the "encoding table” and “prompt” described above will be delivered to the user in a graphical format. That is, each time the verification system randomly generates the prompt and the encoding table, the character prompt and the encoding table are changed to the image format, and the appropriate deformation processing is performed.
  • a user presets a "formula password" as follows - (#1) (#1) (T) (9) (#4+1) (#date)
  • the user receives the following graphical prompt, and the date of the day is June 18th.
  • the user can also preset a simple formula password.
  • a simple formula password E.g:
  • the user can choose to type through the keyboard, or directly and quickly click on the input on the coding table of the screen through the mouse.

Abstract

A verification mode of the interactive dynamic key instructed by integrating a formula key with graphics is characterised in: calculating and obtaining a dynamic and irregular key by the formula key. After user has predetermined a formula key, a random coded tam e and/or a random prompting symbol is transmitted to user whenever user lands the verification system, and user applies the predetermined formula key and calculates and inputs the result according to the prompting symbol and the coded table. After randomly generating a prompting symbol and a coded tame, the verification system transforms the prompting symbol and the coded tame to a picture format and appropriately distorts it. The verification mode of the interactive dynamic key instructed by integrating a formula key with graphics runs according to flows. Among the input mode of the key, user can select keyboard input and conveniently and quickly directly clicking by mouse in the coded table of screen. This invention uses the above-mentioned technique , thereby entirely abandons any outside key generation device, creatively solves the problem puzzling stand-alone, network, the Internet user and the interrelated site in a long term.

Description

公式密码结合图形提示的交互型动态密码校验模式  Interactive dynamic password verification mode with formula password combined with graphical prompt
技术领域 Technical field
本发明涉及公式密码结合图形提示的交互型动态密码校验模式。 背景技术  The invention relates to an interactive dynamic password verification mode combining a formula password and a graphic prompt. Background technique
在互联网安全技术领域, "账号 +静态字符密码"是现今所通用的最基本身份验证 模式, 从登陆单机, 到登陆 Microsoft Windows 2003 Server; 从登陆聊天室, 到登陆网 络银行, 尽皆如此。  In the field of Internet security technology, "account + static character password" is the most basic authentication mode commonly used today, from logging in to the Microsoft Windows 2003 Server; from logging in to the online banking.
上述模式长期以来在安全知识教育的配合下, 发挥了有效的作用。 然而, 随着时 间的推移, X寸解决这一模式下众多无法弥补的漏洞的需求已经愈加紧迫。  The above model has played an effective role in the cooperation of safety knowledge education for a long time. However, as time goes by, the need for X-inch to address the many irreparable vulnerabilities in this model has become even more urgent.
安全知识的教育是相当重要的, 但也是致命的, 因为其违背了安全系统 "7l远不 要将安全基于对自然人的信赖"这一原则。 换言之, "教育" 内容越广泛, 对 "自然 人"的依赖越强, 我们的安全隐患也就越大。 .  The education of safety knowledge is very important, but it is also fatal because it violates the principle that the security system "7l is far from relying on the trust of natural persons". In other words, the more extensive the content of "education", the stronger the dependence on "natural people" and the greater the potential safety hazards. .
事实同样也证实了这一点:  The facts also confirm this:
尽管计算机及网络安全知识教育用户不要选用自己的生日、姓名等容易被猜到的 字符来作为自己的齊码, 但为了记忆方便, 众多用户依然会选用自己熟悉的字符来作 为自己的密码。 采用此类低质量的密码, 为诸如 "联想密码破解法", "字典密码破解 法"等手段提供了可乘之机。  Although computer and network security education users should not use their own birthday, name and other characters that are easily guessed as their own code, but for the convenience of memory, many users will still use their familiar characters as their own password. The use of such low-quality passwords provides opportunities for such things as "Lenovo password cracking" and "dictionary password cracking".
尽管计算机及网络安全知识也教育用户要经常更改密码, 但, 事实上大多数用户 为了怕麻烦而很少.去这么做。 如此一来, 这种静态的密码也就给了诸如 "暴力密码破 解法"等手段提供了机会。  Although computer and network security knowledge also educates users to change passwords frequently, in fact, most users rarely do this to avoid trouble. As a result, this static password provides an opportunity for such means as "violent password breaking".
尽管计算机及网络安全知识谆谆教导用户不要在不信任的计算机上登录敏感网 站, 可这一建议却无法得到所有用户的严格执行。 于是, 一旦在非信任的计算机上登 陆, 诸如键盘监听等间谍软件便能轻而易举地捕获密码。  Although computer and network security knowledge teaches users not to log in to sensitive websites on untrusted computers, this advice cannot be strictly enforced by all users. So, once you land on an untrusted computer, spyware such as keyboard monitoring can easily capture passwords.
此外, 由于互联网通讯使用的是公共线路, 加之无线网络的逐渐普及, 这些种种 也都为密码被中途截获提供了可能。  In addition, because Internet communications use public lines, coupled with the gradual popularity of wireless networks, these are also possible for passwords to be intercepted midway.
事实上, "用户名 +静态字符密码"的今天已是四面楚歌 ......  In fact, "username + static character password" is now embattled...
毫无疑问, 只要密码是静态的, 理论上都可以被破解。 长期以来, 我们不得不依 赖提升密码质量 (即增加密码长度与复杂性)来延迟密码被破解的时间, 可这一扬汤止 沸的做法必将会因为人类记忆力的生理极限而遭遇瓶颈。 而另一方面, 计算机的破解 速度在理论上却是可以无限的。 随着计算机运算速度的突飞猛进, 以往要花 100年才 能破解的密码, 现在 1年就行了, 如果用 365部计算机共同分段破解, 那么就能将破 解时间缩减为只有 1天 -— 毫无疑问, 人类记忆力对抗计算机破解速度的天平将 会毫不留情地向危险的方向慢慢倒去。 There is no doubt that as long as the password is static, it can theoretically be cracked. For a long time, we have to rely on Depending on the quality of the password (ie increasing the length and complexity of the password) to delay the time the password is cracked, this method of boiling will surely encounter bottlenecks due to the physiological limits of human memory. On the other hand, the speed of computer cracking is theoretically unlimited. With the rapid advancement of computer computing speed, passwords that used to take 100 years to crack are now in one year. If you use 365 computers to crack together, you can reduce the crack time to only one day - no doubt The balance of human memory against the speed of computer cracking will slowly retreat in a dangerous direction.
正如上述,静态字符密码有着极大的不安全性。改善这一不安全性的方法有三个: 1、 增加密码长度; 2、 增加密码复杂性; 3、 增加密码更新频率。 不幸的是这三个做 法都受到了用户使用习惯及生理能力的限制, 这要求我们必须发展一个新的机制来解 决这一限制。  As mentioned above, static character passwords are extremely insecure. There are three ways to improve this insecurity: 1. Increase the length of the password; 2. Increase the complexity of the password; 3. Increase the frequency of password update. Unfortunately, all three practices are limited by user habits and physical abilities, which requires us to develop a new mechanism to address this limitation.
另一方面我们也看到, 即使密码质量得到了提高, 但密码还是有被截获的可 能。 但正如二次世界大战中的情报战一样, 密电如果被敌军截获并不可怕。 因为任何 密电都需要经过机密的解密过程才能被解读。 同样, 当我们的密码越来容易被他人所 截获的时候, 这也要求我们必须创造一个新的模式来提高当密码被截获后的反破解能 力。  On the other hand, we also see that even if the quality of the password is improved, the password is still intercepted. But like the intelligence warfare in the Second World War, it is not terrible if the secret electricity is intercepted by the enemy. Because any secret electricity needs to be decrypted through a confidential decryption process. Similarly, when our passwords are more easily intercepted by others, this also requires us to create a new model to improve the anti-hacking ability when the password is intercepted.
面对以上静态密码所处的种种尴尬境地与新要求, 人们自然联想到 "动态密码", 诚然, 所谓"动态密码"并不是新话题, 市面上也有相当数目的各种此类产品。但是, 所有这些现有技术及产品,都是依靠一个外界的密码生成设备来产生随机密码 (如:动 态密码卡, 动态密码接受机, 甚至手机短信等)。对于用户而言, 所需要记忆、使用的 仍然是静态字符, 所以此类模式还是属于 "字符密码"的延伸, 而只是在验证的时候 将一个指定的静态字符变成另外一个指定的静态字符而已, 其思维其实并没有跳出 "字符密码"模式的框框。 ' 现有技术的种种弊端将严重限制明日的计算机及网络安全。 这种 "限制"并非是 来自技术本身, 而是来自思想的停滞。 就如同打仗不仅要靠装备, 更要靠战法一样。 当今的计算机安全技术已经发展得很快了。 然而, 作为一般用户的普罗大众, 其应用 模式却被迫停留在 80年代 "字符密码"的冷兵器时期, 这无疑才是我们当今最大的 瓶颈。  In the face of all the embarrassing situations and new requirements of the above static passwords, people naturally associate with "dynamic passwords". It is true that the so-called "dynamic passwords" are not new topics, and there are a considerable number of such products on the market. However, all of these prior art and products rely on an external password generation device to generate random passwords (eg, dynamic password cards, dynamic password receivers, and even cell phone text messages). For the user, the memory that needs to be remembered and used is still static characters, so this mode is still an extension of the "character password", but only a specified static character is changed to another specified static character when verifying. The mind does not actually jump out of the "character password" mode box. 'The drawbacks of the prior art will severely limit the security of computers and networks tomorrow. This "restriction" is not from the technology itself, but from the stagnation of ideas. Just like snoring is not only dependent on equipment, but also on warfare. Today's computer security technology has evolved very quickly. However, as a general user of the general public, its application mode was forced to stay in the cold weapon period of the "character code" in the 1980s, which is undoubtedly the biggest bottleneck of ours today.
在分析人类的记忆生理特征后, 我们可以发现: 简单逛完一遍超市后, 顾客可能 无法记住所有感兴趣商品的价格, 然而却可以容易地回忆出商品所摆放的位置。 这是 因为人类的强项在于逻辑思考, 而非记忆。 对于人类来说, 通常记忆逻辑规则会比记 忆生硬的字符来得更容易, 事实上, 我们也的确是在用记忆规则的方法来记忆我们身 边的绝大多数事物。 After analyzing the memory physiology of humans, we can find that: After simply visiting the supermarket, the customer may not be able to remember the price of all the goods of interest, but can easily recall the location of the goods. This is because human strength lies in logical thinking, not memory. For humans, usually the rules of memory logic will be better than Recalling hard characters is easier. In fact, we are also using memory rules to remember most things around us.
例如: 记忆本发明者的手机号码: " 13809237751 ", 通常并非通过死记硬背, 而 是通过技巧。 " 1380"是电讯公司给定的起始号码, "9"需要记忆, "23 "为连号, "775"为本发明者出生年月, " 1 "重复第一位数字。  For example: Remember the inventor's mobile number: "13809237751", usually not through rote memorization, but through skill. "1380" is the starting number given by the telecommunications company. "9" requires memory, "23" is the serial number, "775" is the year of birth of the inventor, and "1" repeats the first digit.
再如, 日常我们忘记某件事情, 但只需少许提示我们便能 "想起来"。 这是因为 我们将 "提示"套入了我们脑海中所记住的规则, 所以才得出了我们 "想起来"的结 果。 所有这些例子都说明了人类善于记忆规则而并非硬性数据字符的特性。  For another example, we forget something on a daily basis, but we can "think" with a little hint. This is because we put the "tips" into the rules we remember in our minds, so we get the result of our "thinking". All of these examples illustrate the nature of human beings who are good at memorizing rules and not hard data characters.
既然人类在生理上具有善于记忆规则的特点。 因此, 发明者提出了如下用 "密码 规则"即 "公式密码" ¾代 "字符密码"的发明构思。 本发明内容  Since human beings are physiologically good at memorizing rules. Therefore, the inventors have proposed the following inventive concept of "character code", that is, "former password" 3⁄4 generation "character code". The content of the present invention
本发明的目的是: 提供一种不依赖外界的密码生成设备来产生随机密码的单机, 网络, 或互联网安全应用领域的全新模式, 即公式密码结合图形提示的交互型动态密 码校验模式。事实上, 本发明的发明者首创并应用了以 "公式密码"取代"字符密码" 的概念。  The object of the present invention is to provide a new mode of a stand-alone, network, or Internet security application field that does not rely on external password generating devices to generate random passwords, that is, an interactive dynamic password verification mode in which a formula password is combined with a graphical prompt. In fact, the inventors of the present invention pioneered and applied the concept of replacing "character ciphers" with "formula ciphers".
本发明的上述目的是采用如下技术方案予以实现的: _  The above object of the present invention is achieved by the following technical solutions:
公式密码结合图形提示的交互型动态密码校验模式, 其特征在于:  The interactive dynamic password verification mode of the formula password combined with the graphical prompt is characterized by:
所述模式包括:  The modes include:
A. 由用户记忆 "公式密码"而非 "字符密码";  A. The user remembers the "formula password" instead of the "character password";
B. 使用和生产 "交互型"劫态密码;  B. Use and production of "interactive" robbery passwords;
C.采用将 "随机提示符"与 /或 "随机编码表"套入 "公式密码"而生成动态密码; C. Generate a dynamic password by nesting the "random prompt" and / or "random code table" into the "formula password";
D. 使用变形图片而非字符来传递提示符与 /或编码表; D. Use a distorted picture instead of a character to pass the prompt and / or code table;
E. 将 "公式密码"与 "图形提示"相结合。  E. Combine "formula password" with "graphic hint".
根据本发明,用户预设公式密码;验证吋校验方会随机产生一串提示符与 /或一 个编码表,并根据用户预设密码计算出期待密码;校验方将提示符与 /或编码表以图 形格式发送给用户; 用户收到以上提示后, 将之套入个人预设的公式而得出密码, 并 输入; 验证方将用户输入密码与期待密码校对并决定是否接受登陆。  According to the present invention, the user presets the formula password; the verification verifier will randomly generate a string of prompts and/or a code list, and calculate the expected password according to the user preset password; the checker will prompt and/or encode The table is sent to the user in a graphical format; after receiving the above prompt, the user sets the password into the personal preset formula to obtain the password, and enters; the verifier corrects the user's input password and the expected password and decides whether to accept the login.
通过公式密码来计算获得云: ¾态的、 且无规则的密码, 其运作模式为: 用户在预设 了公式密码后,每次登陆验证系统都将会被发送一个随机的编码表与 /或一串随机的 提示符,而用户则需要依据提示符与 /或编码表,套用预设的公式密码来计算出结果 并输入。 Calculate the cloud by formula password: 3⁄4 state, and irregular password, its operation mode is: After the user presets the formula password, each login verification system will be sent a random code list and / or a string of random The prompt, and the user needs to use the preset formula password according to the prompt and / or code table to calculate the result and enter.
所述密码为冗长或简短的。  The password is verbose or short.
所述的 "编码表" 以及 "提示符" 每次都将会以图形的格式传送给用户, 即, 每次验证系统随机产生了提示符与 /或编码表后,都会将字符性的提示符与编码表变 为图片格式, 并作适当变形处理。  The "encoding table" and the "prompt" will be transmitted to the user in a graphical format each time, that is, each time the verification system randomly generates a prompt and/or a codelist, a character prompt will be displayed. And the encoding table becomes the image format, and is appropriately deformed.
公式密码结合图形提示的交互型动态密码校验模式依据以下流程运行: a. 验证系统锁定用户账号后随机产生编码表与 /或提示符;  The interactive dynamic password verification mode of the formula password combined with the graphic prompt runs according to the following process: a. The verification system locks the user account and randomly generates the coding table and/or prompt;
b. 验证系统根据编码表 与 /或 提示符及用户预设的公式密码计算出对应的期待密 码; b. The verification system calculates a corresponding expected password according to the code table and/or the prompt and the preset formula password of the user;
c. 验证系统将上述编码表 与 /或提示符转化为图片格式, 并将做适度变形或复杂化 处理; c. The verification system converts the above code table and / or prompt into an image format, and will be moderately deformed or complicated;
验证系统将上述图片加密发送给用户端;  The verification system sends the above picture encrypted to the client;
e. 用户根据编码表与 /或提示符, 结合预设的公式密码得出密码, 并输入; e. The user obtains the password according to the code table and/or prompt, combined with the preset formula password, and inputs;
用户端将用户输入密码加密传送给验证系统请求验证; .  The client transmits the user input password to the verification system for verification.
g. 验证系统将收到的密码与期待密码相核对; g. The verification system checks the received password against the expected password;
h. 如果符合, 则通过认证; 如果不符合, 则拒绝登陆。 h. If it is, pass the authentication; if it does not, it will refuse to log in.
所述 "公式密码"中 "公式"可以是多样性的, 它可以是对提示符的计算、 可以 是对提  The "formula" in the "formula password" can be versatile, it can be a calculation of the prompt, or it can be
示符的组合、 可以是抛开提示符对身边特征的取值(如日期), 可以是空城计 (不设 规则只用静态密码), 也可以是其它类型的 "规则", 或对各种规则的组合使用。 The combination of the indicators can be the value of the feature around the prompt (such as the date), can be an empty city meter (no rules only use static passwords), can also be other types of "rules", or for various rules The combination used.
在密码输入方式上, 用户可以选择通过键盘输入, 也可以通过鼠标方便快捷地在 屏幕的编码表上直接点击输入。  In the password input mode, the user can choose to input through the keyboard, or directly and quickly click on the input on the coding table of the screen through the mouse.
由于本发明采用了上述技术方案, 从而完全摒弃了任何外界的密码生成设备, 创 造性地解决了长期以来困扰单机、 网络、 互联网及其相关网站的难题。  Since the present invention adopts the above technical solution, it completely abandons any external password generating device, and creatively solves the problem that has long plagued a single machine, a network, the Internet, and related websites.
本发明是完全不需要依赖任何外界设备参与的动态密码产生及校验模式。 与现有 技术相比, 其本质上的不同是: "公式密码"完全脱离了原有的 "字符密码"概念。 对于用户来说,使用公式密码系统后,用户所要记忆、使用的已是不再是硬梆梆的 "字 符", 而是 "算法"和 "规则"。  The present invention is a dynamic password generation and verification mode that does not require any external device participation at all. Compared with the prior art, the essential difference is: "Formula password" completely deviates from the original "character password" concept. For the user, after using the formula password system, the user wants to memorize and use the "character" which is no longer a hard one, but "algorithm" and "rule".
简单地说, 两者的区别就如同是 "单词"与 "语法"的区别一样。 一个是靠随机 翻字典抽单词的办法来组成不同的 "静态"'句子; 另外一个则是可以抛开对字典的依 赖, 随处随地通过语法规则来构造、 组合真正的 "动态"的句子。 Simply put, the difference between the two is like the difference between "word" and "grammar". One is by random The dictionary is used to draw words to form different "static"sentences; the other is to abandon the dependence on the dictionary, constructing and combining real "dynamic" sentences everywhere through grammatical rules.
迄今为止, '本发明并没有在任何形式的媒介上被他人提出过, 属于安全领域的全 新技术。  So far, 'the invention has not been proposed by others in any form of media, and is a new technology in the field of security.
本发明是基于高度实用性的前提而设计的。它可以应用在单机验证、局域网验证、 互联网验证, 甚至于 ATM银行自动柜员机的密码验证上。 总体而言, 这一模式可以 是对所有 "静态字符密码"模式的取代与提高。  The present invention has been designed based on the premise of high practicality. It can be used for stand-alone authentication, LAN authentication, Internet authentication, and even password verification for ATM ATMs. Overall, this mode can be a replacement and enhancement to all "static character password" modes.
实现 "交互型动态密码校验模式"所需要涉及的所有技术及操作都是在事实上可 行的。 现行的验证系统可以在不明显增加额外投资的前提下, 用这一模式取代旧有的 "静态字符密码"模式; 同时, 普通用户也可以在不增加分毫额外购置及不增加生理 记忆负荷的情况下得益于这一模式。  All the techniques and operations involved in implementing the "Interactive Dynamic Password Verification Mode" are virtually workable. The current verification system can replace the old "static character password" mode with this mode without significantly increasing the additional investment. At the same time, ordinary users can also increase the additional purchase without increasing the physiological memory load. Benefit from this model.
本发明的重要实用性意义体现在其未雨绸缪的前瞻性上。  The important practical significance of the present invention is reflected in its proactive nature.
本发明并不仅仅只是一个 "商品", 而是一个"指导性模式"。 如同对 "www"网址 的模式与" @ "电子邮件的模式的发明一样, 这一指导性模式的发明尽管在未来还需要 进行不断地改进, 但对这一指导性模式的需求却是紧迫的, 任何相关的改进都无法逾 越本发明基本构思的精华。  The invention is not just a "commodity" but a "guidance model". As with the invention of the "www" URL pattern and the "@" email model, the invention of this guiding model is urgently needed in the future, but the need for this guiding model is urgent. Any related improvements cannot exceed the essence of the basic idea of the present invention.
毫无疑问, 本发明具有如下优点:  Undoubtedly, the present invention has the following advantages:
1 )用 "公式密码"创造动态密码, 既使用户所输入密码被监听或截获, 监听者 /截获 者也无法得知下一个密码是什么;  1) Create a dynamic password with "Formula Password". Even if the password entered by the user is intercepted or intercepted, the listener/catcher cannot know what the next password is.
2) 由于经过编码的密码是动态且随机无规律的, 所以, 无论攻击者使用暴力密码破 解法还是联想密码破解法, 都将很难达到其预期目的。  2) Since the encoded password is dynamic and random, it will be difficult for the attacker to achieve its intended purpose regardless of whether the attacker uses the brute force password or the association password cracking method.
3 )利用 "公式密码"模式, 用户只需要记住简单的规则就可以创造出冗长复杂的高质 量密码, 事半功倍。 . ―  3) With the "Formula Password" mode, users only need to remember simple rules to create lengthy and complex high-quality passwords, with less effort. . ―
4) 同时采用提示符与编码表, 可以在不明显增加用户使用难度的情况下, 将密码的 多样性加乘, '使规律更难以被捕捉。  4) Simultaneous use of the prompt and coding table can multiply the diversity of the password without significantly increasing the difficulty of the user. 'It is more difficult to capture the law.
5)将 "公式密码"结合随机的 "图片提示"的模式将可以令安全性能更加加强。 因 为采用随机模糊化的图片字符作为提示工具后, 即便提示图片被攻击者全部截获, 攻击者的计  5) Combining the "formula password" with a random "picture hint" mode will make the security performance even stronger. Because the randomly blurred picture characters are used as the prompting tool, even if the prompt picture is completely intercepted by the attacker, the attacker's calculation
算机也很难分析出图片内容, 更无从分析公式密码。 而人工分析的破解速度则远 远无法实质危害安全。 ' 6)避免对外界任何形式密码生成设备的依赖, 同时也避免因此类设备被盗、 被抢、 被毁、 丢失、 失灵等可能引发的潜在隐患。 It is also difficult for the computer to analyze the picture content, and it is even more difficult to analyze the formula password. The speed of manual analysis is far from being able to seriously harm security. ' 6) Avoid relying on any form of password-generating equipment from outside, and avoid potential hidden dangers such as theft, looting, destruction, loss, failure, etc. of such equipment.
"交互型动态密码"这一概念的提出, 是对现有 "静态字符密码"模式的大胆颠 覆, 同时也是对现有必须依赖外部设备才能生产动态密码的解脱。 正如申请人在背景 技术中所坦述的, 现有 "用户名 +静态字符密码"模式有着众多绝症般的缺陷, 随着 时间的推移, 终究会有一天消亡。 而 "通过公式密码结合图形提示"所产生的 "交互 型动态密码"可以有效地减少对用户记忆力的强求, 也避免了对外部设备的依赖。 用 "公式密码"取代 "静态密码"可以大幅提升安全性及抗破解能力; 可以显著增强一 旦信息 /密码被截获后的反分析能力。  The concept of "interactive dynamic password" is a bold subversion of the existing "static character password" mode, and it is also a relief from the existing need to rely on external devices to produce dynamic passwords. As the applicant has stated in the background art, the existing "username + static character password" mode has many terminally flawed defects, and over time, one day it will die. The "interactive dynamic password" generated by "combination of formula passwords combined with graphical prompts" can effectively reduce the memory of users and avoid the dependence on external devices. Replacing a "static password" with a "formula password" can greatly improve security and crack resistance; it can significantly enhance the anti-analysis capability once the information/password is intercepted.
与现有的技术相比, "公式密码结合图形提示的交互型动态密码校验模式"可以 在保留原来传统字符密码验证模式的便利性前提下 (即,全天候随处使用,无需任何外 界协助), 取得革命性的进步。 具体实施方式  Compared with the existing technology, the "analog dynamic password verification mode of formula password combined with graphic prompt" can be used under the premise of preserving the convenience of the original traditional character password verification mode (ie, all-weather use everywhere, without any external assistance). Make revolutionary progress. detailed description
以下结合具体实施方式详述本发明  The present invention is described in detail below in conjunction with specific embodiments.
公式密码结合图形提示的交互型动态密码校验模式, 其特征在于- 所述模式包括:  An interactive dynamic password verification mode in which a formula password is combined with a graphical prompt, characterized in that: the mode includes:
A. 由用户记忆 "公式密码"而非 "字符密码";  A. The user remembers the "formula password" instead of the "character password";
B. 使用和生产 "交互型"动态密码;  B. Use and production of "interactive" dynamic passwords;
C.釆用将 "随机提示符"与 /或 "随机编码表"套入 "公式密码"而生成动态密码; C. Generate a dynamic password by nesting the "random prompt" and / or "random code table" into the "formula password";
D.使用变形图片而非字符来传递提示符与 /或编码表; D. Use a distorted picture instead of a character to pass the prompt and / or code table;
E.将 "公式密码"与 "图形提示"相结合。  E. Combine "formula password" with "graphical hints".
根据本发明,用户预设公式密码;验证时校验方会随机产生一串提示符与 /或一个 编码表, 并计算出期待密码; 校验方将提示符与 /或编码表以图形格式发送给用户; 用户收到以上提示后, 将之套入个人预设的公式而得出密码, 并输入; 验证方将用户 输入密码与期待密码校对并决定是否接受登陆。  According to the present invention, the user presets the formula password; the verification party randomly generates a string of prompts and/or a code list and calculates the expected password; the checker sends the prompt and/or the code table in a graphic format. To the user; after receiving the above prompt, the user puts the formula into the personal preset formula to obtain the password, and enters; the verifier corrects the user's password and the expected password and decides whether to accept the login.
所述密码为冗长或简短的, 相对而言, 以冗长为最佳。  The password is verbose or short, and relatively verbose is preferred.
所述的 "编码表" 以及 "提示符" 每次都将会以图形的格式传送给用户, 即, 每次验证系统随机产生了提示符与编码表后, 都会将字符性的提示符与编码表变为图 片格式, 并作适当变形处理。 公式密码结合图形提示的交互型动态密码校验模式依据以下流程运行: a. 验证系统锁定用户账号后随机产生编码表与 /或提示符; The "encoding table" and the "prompt" will be transmitted to the user in a graphical format each time, that is, each time the verification system randomly generates a prompt and a coding table, the character prompt and encoding will be performed. The table becomes the image format and is appropriately deformed. The interactive dynamic password verification mode of the formula password combined with the graphic prompt runs according to the following process: a. The verification system locks the user account and randomly generates the coding table and/or prompt;
b. 验证系统根据编码表 与 /或 提示符及用户预设的公式密码计算出对应的期待密 码;  b. The verification system calculates a corresponding expected password according to the code table and/or the prompt and the preset formula password of the user;
c 验证系统将上述编码表与 /或提示符转化为图片格式, 并将做适度变形或复杂化 处理;  c The verification system converts the above code table and / or prompt into image format, and will be moderately deformed or complicated;
d. 验证系统将上述图片加密发送给用户端;  d. The verification system sends the above picture encrypted to the client;
e. 用户根据编码表与 /或提示符, 结合预设的公式密码得出密码, 并输入; f. 用户端将用户输入密码加密传送给验证系统请求验证;  e. The user obtains the password according to the coding table and/or prompt, combined with the preset formula password, and inputs; f. The user end encrypts the user input password and transmits it to the verification system for verification;
g. 验证系统将收到的密码与期待密码相核对;  g. The verification system checks the received password against the expected password;
h. 如果符合, 则通过认证; 如果不符合, 则拒绝登陆。  h. If it is, pass the authentication; if it does not, it will refuse to log in.
所述 "公式密码"中 "公式"可以是多样性的, 它可以是对提示符的计算、 可以 是对提示符的组合、 可以是抛开提示符对身边特征的取值 (如日期), 可以是空城计 (不设规则只用静态密码),也可以是其它类型的 "规则",或对各种规则的组合使用。  The "formula" in the "formula password" can be versatile, it can be a calculation of the prompt, a combination of the prompts, or a value of the surrounding features (such as a date). It can be an empty city meter (no rules only use static passwords), other types of "rules", or a combination of various rules.
为了增加安全性, 以上所述的 "编码表" 以及 "提示符"都将会以图形的格式传 送给用户。 即, 每次验证系统随机产生了提示符与编码表后, 都会将字符性的提示符 与编码表变为图片格式, 并作适当变形处理。  For added security, the "encoding table" and "prompt" described above will be delivered to the user in a graphical format. That is, each time the verification system randomly generates the prompt and the encoding table, the character prompt and the encoding table are changed to the image format, and the appropriate deformation processing is performed.
例如, 某用户预设了 "公式密码" 如下- (#1 ) (#1) (T) (9) (#4+1) (#date)  For example, a user presets a "formula password" as follows - (#1) (#1) (T) (9) (#4+1) (#date)
其意义为:  Its meaning is:
Figure imgf000009_0001
假设用户收到以下图形化的提示符, 且当天的日期为 6月 18日,
Figure imgf000009_0001
Suppose the user receives the following graphical prompt, and the date of the day is June 18th.
G D 4 9 则通过对上述规则的计算 /组合, 可得到如下结果: GD 4 9 Through the calculation/combination of the above rules, the following results can be obtained:
G G T 9 0 1 8  G G T 9 0 1 8
假设用户还同时收到了如下的编码表:  Suppose the user also receives the following code table:
Figure imgf000010_0001
Figure imgf000010_0001
则, 用户此次需要提交验证的密码就应当依据上表的对应关系改变成为:  Then, the password that the user needs to submit the verification at this time should be changed according to the corresponding relationship in the above table:
N e N e 7 q 7 q. I D E I Z c 可见, 只需要一个并不复杂的规则就可以简单地获得一个 14位的高质量密码。 同理,用户同样也可以预设更复杂的组合运算关系以获得更加安全的登陆。例如- N e N e 7 q 7 q. I D E I Z c It is obvious that a 14-bit high quality password can be obtained simply by an uncomplicated rule. Similarly, users can also preset more complex combined computing relationships for a more secure login. E.g-
(#1) (#4) (#3+2) (#3+3) (#2) (#date * 2) (#date +2) (P) (e) (t) 这将会是一个长达约 20位字符的动态密码, 里面混合有反复、 加法、 乘法、 日 期、 调位、 静态字符等多种措施, 几乎没有被破解的可能。 (#1) (#4) (#3+2) (#3+3) (#2) (#date * 2) (#date +2) (P) (e) (t) This will be a Dynamic passwords of up to about 20 characters, mixed with repetition, addition, multiplication, date, positioning, static characters, etc., almost no possibility of being cracked.
同时, 用户也可以预设较简单的公式密码。 例如:  At the same time, the user can also preset a simple formula password. E.g:
(1) (2) (#1) (#2)  (1) (2) (#1) (#2)
依据上述的编码表与提示符, 可迅速得到此公式密码所对应的密码应当为- According to the above code table and prompt, you can quickly get the password corresponding to this formula password should be -
I 1 4 N e 2 Y I 1 4 N e 2 Y
尽管原来的公式密码极度简单, 但生产出来的密码却有着较高的质量。 并且, 由 于此密码在每次登陆中都是无规则动态变化的, 所以想对其进行捕捉或破解仍然存在 着相当大的难度。  Although the original formula password is extremely simple, the generated password has a higher quality. Moreover, since the password is dynamically changed in each login, it is still quite difficult to capture or crack it.
在密码输入方式上, 用户可以选择通过键盘敲入, 也可以通过鼠标方便快捷地在 屏幕的编码表上直接点击输入。  In the password input mode, the user can choose to type through the keyboard, or directly and quickly click on the input on the coding table of the screen through the mouse.
注: 以上所举例子, 采用了 "公式密码"结合 "提示符"以及 "编码表"的较复 杂做法。 用户也可以采用将 "公式密码"结合 "提示符", 或将普通 "字符密码"结 合 "编^表"的较简单方式来获得较为低质量的动态密码。 .  Note: The above example uses the more complicated approach of "formula password" combined with "prompt" and "code table". Users can also use a simpler way to combine "formula passwords" with "prompts" or combine common "character passwords" with "programs" to get lower quality dynamic passwords. .

Claims

权 利 要 求 Rights request
1、 公式密码结合图形提示的交互型动态密码校验模式, 其特征在于: 1. The interactive password-based dynamic password verification mode of the formula password combined with the graphic prompt is characterized by:
所述模式包括: The modes include:
A. 由用户记忆. "公式密码";  A. Remembered by the user. "Formula password";
B. 使用和生产 "交互型"动态密码;  B. Use and production of "interactive" dynamic passwords;
C.采用将 "随机提示符"与 /或 "随机编码表"套入 "公式密码"而生成动态密码; C. Generate a dynamic password by nesting the "random prompt" and / or "random code table" into the "formula password";
D. 使用变形图片而非字符来传递提示符与 /或编码表; D. Use a distorted picture instead of a character to pass the prompt and / or code table;
E.将 "公式密码"与 "图形提示"相结合。  E. Combine "formula password" with "graphical hints".
2、 根据权利要求 1所述的公式密码结合图形提示的交互型动态密码校验模式,其特征 在于: 用户预设公式密码; 验证时校验方会随机产生一串提示符与 /或一个编码表, 并 计算出期待密码;校验方将提示符与 /或编码表以图形格式发送给用户;用户收到以上 提示后, 将之套入个人预设的公式而得出密码, 并输入; 验证方将用户输入密码与期 待密码校对并决定是否接受登陆。 .  2. The interactive dynamic password verification mode of the formula password combined with the graphic prompt according to claim 1, wherein: the user presets the formula password; the verification party randomly generates a prompt and/or an encoding during verification. Table, and calculate the expected password; the verifier sends the prompt and/or the code table to the user in a graphical format; after receiving the above prompt, the user puts the formula into the personal preset formula to obtain the password, and inputs; The verifier corrects the user's password and expects the password and decides whether to accept the login. .
3、 根据权利要求 1所述的公式密码结合图形提示的交互型动态密码校验模式, 其特 征在于: 所述密码可为冗长的或简短的。  3. The interactive dynamic cryptographic check mode of the formula cipher combined with the graphical cues according to claim 1, wherein: the password can be verbose or short.
4、 根据权利要求 1所述的公式密码结合图形提示的交互型动态密码校验模式, 其特 征在于: 所述的 "编码表"以及"提示符 "每次都将会以图形的格式传送给用户, 艮卩, 每次验证系统随机产生了提示符与 /或编码表后,都会将字符性的提示符与编码表变为 图片格式。 ~  4. The interactive dynamic password verification mode of the formula password combined with the graphic prompt according to claim 1, wherein: the "encoding table" and the "prompt" are transmitted in a graphic format each time. User, 艮卩, each time the verification system randomly generates a prompt and/or codelist, the character prompt and the encoding table are changed to the image format. ~
5、 根据权利要求 1所述的公式密码结合图形提示的交互型动态密码校验模式, 其特 征在于:每次验证系统随机产生了提示符与 /或编码表后,都会将字符性的提示符与编 码表变为图片格式, 并作适当变形处理。  5. The interactive dynamic password verification mode of the formula password combined with the graphic prompt according to claim 1, wherein each time the verification system randomly generates a prompt and/or a code table, a character prompt is displayed. And the encoding table becomes the image format, and is appropriately deformed.
6、 根据权利要求 1所述的公式密码结合图形提示的交互型动态密码校验模式, 其特 征在于: 所述公式密码结合图形提示的交互型动态密码校验模式依据以下流程运行: 验证系统锁定用户账号后随机产生编码表与提示符;  6. The interactive dynamic password verification mode according to claim 1, wherein the formula password combined with the graphical prompt interactive dynamic password verification mode is operated according to the following process: verifying system locking The code table and the prompt are randomly generated after the user account;
验证系统根据编码表与 /或提示符及用户预设的公式密码计算出对应的期待 密码;  The verification system calculates a corresponding expected password according to the code table and/or the prompt and the formula password preset by the user;
验证系统将上述编码表与 /或提示符转化为图片格式,并将做适度变形或复杂化处 理; The verification system converts the above code table and/or prompt into a picture format and will make a moderate deformation or complication Reason
验证系统将上述图片加密发送给用户端;  The verification system sends the above picture encrypted to the client;
用户根据编码表与 /或提示符, 结合预设的公式密码得出密码, 并输入; ' 用户端将用户输入密码加密传送给验证系统请求验证;  The user obtains the password according to the coding table and/or prompt, combined with the preset formula password, and inputs; 'The client encrypts the user input password and transmits it to the verification system to request verification;
验证系统将收到的密码与期待密码相核对;  The verification system checks the received password against the expected password;
如果符合, 则通过认证; 如果不符合, 则拒绝登陆。  If it is, pass the authentication; if it does not, it will refuse to log in.
7、 根据权利要求 1所述的公式密码结合图形提示的交互型动态密码校验模式, 其特 征在于: 所述 "公式密码"中 "公式"可以是多样性的, 它可以是对提示符的计算、 可以是对提示符的组合、 可以是抛开提示符对身边特征的取值 (如日期), 可以是空 城计(不设规则只用静态密码), 也可以是其它类型的 "规则", 或对各种规则的组合 使用。  7. The interactive dynamic password verification mode of the formula password combined with the graphic prompt according to claim 1, wherein: the "formula" in the "formula password" can be diverse, and it can be a prompt. The calculation can be a combination of the prompts, the value of the features around the prompt (such as the date), the empty city meter (without rules, only static passwords), or other types of "rules". Or use a combination of various rules.
8、 根据权利要求 1所述的公式密码结合图形提示的交互型动态密码校验模式, 其特 征在于: 在密码输入方式上, 用户可以选择通过键盘输入, 也可以通过鼠标方便快捷 地在屏幕的编码表上直接点击输入。 '  8. The interactive dynamic password verification mode of the formula password combined with the graphic prompt according to claim 1, wherein: in the password input mode, the user can select the keyboard input, or the mouse can be conveniently and quickly displayed on the screen. Click on the input directly on the code list. '
PCT/CN2005/000825 2004-07-01 2005-06-09 A verification mode of the interactive dynamic key instructed by integrating a formula key with graphics WO2006002586A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN200410027928.5 2004-07-01
CN 200410027928 CN1716852B (en) 2004-07-01 2004-07-01 Formula cipher combined graph prompting interactive dynamic cipher checking mode

Publications (1)

Publication Number Publication Date
WO2006002586A1 true WO2006002586A1 (en) 2006-01-12

Family

ID=35782464

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2005/000825 WO2006002586A1 (en) 2004-07-01 2005-06-09 A verification mode of the interactive dynamic key instructed by integrating a formula key with graphics

Country Status (2)

Country Link
CN (1) CN1716852B (en)
WO (1) WO2006002586A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110286777A (en) * 2019-06-26 2019-09-27 西南民族大学 A kind of full-automatic keyboard operation device of electromechanical based on machine vision
CN115150186A (en) * 2022-07-27 2022-10-04 张瑜 Verification code verification method, system, electronic equipment and storage medium

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1921392B (en) * 2006-09-19 2015-03-04 飞天诚信科技股份有限公司 Intelligent key equipment
CN101179381B (en) * 2006-11-07 2010-11-03 阿里巴巴集团控股有限公司 Method and device for validating information
CN102594560A (en) * 2012-02-09 2012-07-18 赵淦森 Identity authentication method and authentication server based on one-time passwords
CN102904722A (en) * 2012-09-21 2013-01-30 张仁平 Network validation method and system jointed by semanteme and image elements
CN103944889B (en) * 2014-04-04 2017-04-05 联动优势科技有限公司 A kind of method and certificate server of network user's online identity certification
CN104410494A (en) * 2014-11-15 2015-03-11 韩素平 A customizing pre-generating multi-password authentication system
CN105812135A (en) * 2014-12-30 2016-07-27 中国移动通信集团公司 Dynamic password authentication method and system
CN105024826A (en) * 2015-08-06 2015-11-04 上海莱升信息科技有限公司 Dynamic password verification method
CN106960150A (en) * 2016-05-27 2017-07-18 杨仲辉 The interface creating method of application program

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1995010148A1 (en) * 1993-10-05 1995-04-13 Arithmetica, Inc. Multistream encryption system for secure communication
GB2377348A (en) * 2001-07-04 2003-01-08 Digital Video Networks Ltd Security unit for encrypted signal transmission
US20030228018A1 (en) * 2002-06-07 2003-12-11 General Instrument Corporation Seamless switching between multiple pre-encrypted video files
US20040030908A1 (en) * 2002-08-08 2004-02-12 Paul Lin Method and system for controlling access to data stored on a data storage device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1995010148A1 (en) * 1993-10-05 1995-04-13 Arithmetica, Inc. Multistream encryption system for secure communication
GB2377348A (en) * 2001-07-04 2003-01-08 Digital Video Networks Ltd Security unit for encrypted signal transmission
US20030228018A1 (en) * 2002-06-07 2003-12-11 General Instrument Corporation Seamless switching between multiple pre-encrypted video files
US20040030908A1 (en) * 2002-08-08 2004-02-12 Paul Lin Method and system for controlling access to data stored on a data storage device

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110286777A (en) * 2019-06-26 2019-09-27 西南民族大学 A kind of full-automatic keyboard operation device of electromechanical based on machine vision
CN115150186A (en) * 2022-07-27 2022-10-04 张瑜 Verification code verification method, system, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN1716852B (en) 2010-05-05
CN1716852A (en) 2006-01-04

Similar Documents

Publication Publication Date Title
WO2006002586A1 (en) A verification mode of the interactive dynamic key instructed by integrating a formula key with graphics
US10708251B2 (en) Portable authentication and encryption device and system
Tan et al. Can unicorns help users compare crypto key fingerprints?
Swenson Modern cryptanalysis: techniques for advanced code breaking
US7139916B2 (en) Method and system for monitoring user interaction with a computer
US20070271465A1 (en) Method of Authentication by Challenge-Response and Picturized-Text Recognition
WO2013117019A1 (en) Method and device for system login based on dynamic password generated autonomously by user
CN101291227A (en) Password inputting method, device and system
US20210279341A1 (en) Cryptographic security system, method, and program product using data partitioning
Mackie et al. A novel hybrid password authentication scheme based on text and image
CN107819723A (en) Login authentication and login password modification authentication method, terminal and server
Mandal et al. A mathematical model for secret message passing using Steganography
Nielson et al. Practical Cryptography in Python: Learning Correct Cryptography by Example
CN102238150A (en) Form registration method and server
AU2011100338A4 (en) Method and /or device for managing authentication data
CN101159547A (en) Dynamic secret method of text information input, output and transmission
CN107944303A (en) A kind of smart mobile phone cipher-code input method and device
KR101964271B1 (en) Method and server for authenticating user based on font information
KR101152610B1 (en) The Method of Virtual Keyboard
WO2000062458A2 (en) Methods and appliances for encryption system varying dynamically depending upon variables and its applications
Hertzum Minimal-feedback hints for remembering passwords
Akter Sharna et al. Image Based Password Authentication System
Ariffin et al. Text and Image: A new hybrid authentication Scheme
CN112765580B (en) Method and system for protecting and preventing repudiation of examination questions in online examination
Bindra Invisible communication through portable document file (pdf) format

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KM KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NG NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

DPEN Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed from 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

WWW Wipo information: withdrawn in national office

Country of ref document: DE

122 Ep: pct application non-entry in european phase