WO2010003283A1 - Network interaction method, system and safety apparatus thereof - Google Patents

Network interaction method, system and safety apparatus thereof Download PDF

Info

Publication number
WO2010003283A1
WO2010003283A1 PCT/CN2008/071568 CN2008071568W WO2010003283A1 WO 2010003283 A1 WO2010003283 A1 WO 2010003283A1 CN 2008071568 W CN2008071568 W CN 2008071568W WO 2010003283 A1 WO2010003283 A1 WO 2010003283A1
Authority
WO
WIPO (PCT)
Prior art keywords
operation content
unit
client
verification ciphertext
security device
Prior art date
Application number
PCT/CN2008/071568
Other languages
French (fr)
Chinese (zh)
Inventor
许剑卓
陶佳
龚志杰
戴英侠
熊蜀吉
Original Assignee
Xu Jianzhuo
Tao Jia
Gong Zhijie
Dai Yingxia
Xiong Shuji
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xu Jianzhuo, Tao Jia, Gong Zhijie, Dai Yingxia, Xiong Shuji filed Critical Xu Jianzhuo
Priority to PCT/CN2008/071568 priority Critical patent/WO2010003283A1/en
Publication of WO2010003283A1 publication Critical patent/WO2010003283A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic

Definitions

  • the invention relates to a network interaction technology between a client and a network server, in particular to a network interaction method, a system and a security device thereof for preventing a Trojan from attacking by means of tampering and forgery when a Trojan exists.
  • the security focus of network communication lies in the identity authentication and information encryption of the interaction process.
  • security technologies for example, fingerprint authentication technology for identity authentication, e-Cert technology, and the like.
  • encryption algorithms such as AES, 3DES.
  • the application of these technologies creates a rigorous cryptosystem that protects the entire interaction process. Although it is easy to intercept this information over the network, it is difficult to know and tamper with its contents because it does not know the key. In general, directly cracking a cryptosystem is not worth the loss. Therefore, the attacker takes the vulnerability of finding the system and attacks.
  • the common attack method is to use Trojans to steal and tamper with sensitive information.
  • This method of attack differs from direct cracking in that it steals authentication information or tampers with interactive content as an attack, bypassing the protection of the password system.
  • the initial system login uses a static password, so the Trojan only needs to monitor the keyboard to steal the user login password.
  • the application of soft keyboard, random verification code, dynamic password authentication technology and e-Cert and other security technologies make this type of Trojan attack difficult to work, it is difficult to achieve the purpose of attack by simply intercepting information. . Therefore, the technology using the Trojan attack in the related art has gradually turned into tampering or falsifying communication content. The manner in which Trojans falsify or falsify communication contents will be described below with reference to the drawings.
  • Figure 1 is a flow chart of normal operation between the client and the server.
  • the client operating system receives the operation content input by the user through the mouse or the keyboard (see step 11), the operating system The operation content is delivered to the client software (see step 12), the client software encrypts the operation content (see step 13), and then passes the encrypted operation content to the server (see step 14).
  • step 12 the operating system transmits the user's operation content to the client software
  • the Trojans can attack this link, bypassing the protection of existing security technologies. That is, the Trojan can be used to host the client host, intercept the user operation, and tamper with the operation content; some Trojans even pretend that the client actively completes the operation scheduled by the attacker, so that the client host of the Trojan is implanted, and the user operates the content. It is difficult to pass to the client software safely.
  • Example 1 is a flow chart of the Trojan monitoring keyboard and mouse.
  • the Trojan When the Trojan is implanted on the client host, monitor the keyboard and mouse, and get the operation content before the client software. Some attackers will add a shell based on the real client software, and then trick the user into downloading.
  • the design idea of the modified client software is the same as this example, the only difference is that the method of intercepting the mouse keyboard is different).
  • the operation content received by the client software is tampering or forged operation content. No matter how advanced the security technology used in step 25 is, it cannot achieve a defense effect.
  • FIG. 3 is a flow chart of the Trojan forgery operation content, the virtual user operating the mouse and the keyboard. As shown in Figure 3, it is difficult for the client software to determine whether the real user is operating or whether the Trojan is operating.
  • Example 3 is a flow chart of the Trojan embedding client software intercepting the user's operation content.
  • the Trojan also uses the method of embedding the client software to intercept and tamper with the user's operation content, thereby achieving illegal purposes.
  • Type Use anti-virus software to kill Trojans.
  • anti-virus software is the most effective means of removing viruses and Trojans, it does not guarantee that there is no Trojan in the operating system on the client. The most important reason is that the new Trojans are appearing and spreading too fast. For example, new Trojans appear every day, and it is difficult for anti-virus software to remove Trojans before the virus database is upgraded.
  • Web applications such as e-mail, MSN and QQ communication tools and BBS forums make Trojans spread very fast; many users have anti-virus installed on their hosts.
  • Software but ignores the virus database update, anti-virus software automatically updates the virus interval is too long; Trojan can forge user operations, proactively turn off the protection of anti-virus software, and even cause anti-virus software to lose functionality.
  • a soft keyboard is a technology that provides a password for entering with a mouse. Specifically, a random keyboard is formed on the screen, and then the keyboard is clicked to complete the password input. Because the password input is done by the mouse, it is difficult for the Trojan to steal the keyboard message and steal the password.
  • a verification code is a technique for preventing brute force.
  • a string of characters displayed by the picture is provided on the login interface, and then the user is required to input the characters.
  • the server When logging in, the server first verifies that these characters are correct (some systems are self-verified by the client software, and the defense effect is much worse). Because the characters displayed in the picture are generally distorted, and they are all reflected in the background of irregular lines. Therefore, these characters are difficult to be automatically recognized from the picture by the program. If used properly, the Trojan has a certain defense effect. . For example, if this technology is extended to critical business operations and supported by captcha technology, the spoofing behavior of the trojan will be greatly limited by forging the content of the operation.
  • the client software embedding Trojan scanning module actually integrates a Trojan killing tool into the client software. Its principle of killing Trojans is the same as anti-virus software, and can be seen as a streamlined version of its anti-virus software.
  • e-Cert technology and dynamic password technology can defend against the attacking behavior of Trojans that steal user passwords.
  • Figure 5 is a flow diagram of normal interaction between the client and the server.
  • Figure 6 is a flow chart of the Trojan implanted in the client preemptively obtaining the content of the operation by the client software, then tampering with the content of the operation and then sending it to the client software. As shown in Figure 6, during the entire interaction, the Trojan completely bypasses the protection of the cryptosystem formed by various security technologies.
  • Figure 7 is a flow chart of using a firewall to defend against Trojans.
  • the Trojan's theft of the username and password must be passed to the attacker, and then the attacker can use the stolen username and password to impersonate the legitimate user to log in to the system to complete the illegal purpose. Therefore, the stolen username password must be sent to the attacker via the network through the Trojan to complete the attack process completely.
  • the communication process between the Trojan and the outside world is blocked, thereby blocking the attack process and recovering the loss.
  • the object of the present invention is to provide a network interaction method, which uses a security device to let a user determine whether the operation content is correct, and if it is correct, processes the operation content to prevent the Trojan from tampering or forging the operation content to achieve the purpose of attack, thereby Provide a more secure solution, improve the security level of network application systems, and expand the scope of network applications.
  • the object of the present invention is also to provide a network interaction system, which uses the security device to process the operation content to prevent the Trojan from tampering or forging the operation content to achieve the purpose of attack, thereby providing a more secure solution and improving ⁇
  • the security level of the network application system has expanded the scope of network applications.
  • Another object of the present invention is to provide a network interaction system, which uses a security device to confirm the correctness of operation content and process the operation content, so as to prevent the Trojan from tampering or forging the operation content to achieve the purpose of attack, thereby Provides a more secure solution, increases the security level of network application systems, and expands the scope of network applications.
  • the object of the present invention is also to provide a security device, which can display the operation content, so that the user can confirm whether the operation content is correct through the display, and if it is correct, the operation content is processed to prevent the Trojan from tampering or forging. The way the content is manipulated achieves the purpose of the attack.
  • the object of the present invention is to provide a network interaction method, which uses a security device to input operation content, so as to prevent the Trojan from tampering or forging the operation content to achieve the purpose of attack, thereby providing a more secure solution and improving the network application.
  • the security level of the system expands the range of network applications.
  • the solution has improved the security level of network application systems and expanded the scope of network applications.
  • the present invention provides a network interaction method, the method includes: a client receiving an operation content input by a user; a security device acquiring the operation content; and the security device processing the operation content to generate Verifying the ciphertext of the verification; the client obtains the verification ciphertext; the client sends the operation content and the verification ciphertext to the server through the network.
  • the present invention further provides a network interaction system, the system further comprising a client and a security device;
  • a client configured to receive an operation content input by a user
  • a security device configured to acquire the operation content, process the operation content, generate and display a verification ciphertext
  • the client is further configured to obtain the verification ciphertext, and send the operation content and the verification ciphertext to the server through a network.
  • the present invention provides a security device, the security device comprising: an input unit, the input unit is configured to input the operation content by a client user; and the processing unit is configured to input the The operation content is processed to generate a verification ciphertext for verification;
  • the present invention further provides a network interaction system, which includes a client and a security device;
  • a client configured to receive the operation content input by the user, and transmit the operation content to the security device, and receive the verification ciphertext transmitted by the security device, and send the operation content and the verification ciphertext to The server;
  • a security device configured to receive the operation content transmitted by the client, display the operation content, and determine whether the client user confirms the operation content, and if the determination result is yes, the security device performs the operation
  • the content is processed, a verification ciphertext for verification is generated, and the generated verification ciphertext is transmitted to the client.
  • the present invention further provides a security device, the security device comprising: a receiving unit, the receiving unit is configured to receive the operation content transmitted by a client, and a display unit, the display unit is configured to display the Operational content;
  • a judging unit configured to determine whether the client user confirms the operation content; and the processing unit, if the judgment result of the judging unit is yes, the processing unit is configured to process the operation content, generate Verification ciphertext for verification;
  • a sending unit configured to transmit the verification ciphertext to the client.
  • the present invention provides a network interaction method, the method comprising: obtaining, by a security device, operation content; the security device processing the operation content, generating a verification ciphertext for verification; the security The device transmits the operation content and the verification ciphertext to the client; the client sends the operation content and the verification ciphertext to the server.
  • the present invention further provides a network interaction system, the system includes a server, and the system further includes a client and a security device;
  • the security device is configured to receive an operation content input by a user, process the operation content, generate a verification ciphertext for verification, and transmit the operation content and the verification ciphertext to the client ;
  • the client is configured to receive the operation content and the verification ciphertext transmitted by the security device, and send the operation content and the verification ciphertext to the server through a network.
  • the present invention further provides a security device, the security device comprising: an input unit, the input unit is configured to input the operation content by a client user; and the processing unit is configured to input the The operation content is processed to generate a verification ciphertext for verification; And a sending unit, configured to send the operation content and the verification ciphertext to the client.
  • the present invention has an advantageous effect in that the present invention encrypts the operation content using the security device or displays the operation content using the security device, so that the Trojan cannot intercept and tamper the content before the security device displays the content, otherwise the user can detect it. Therefore, the Trojan can only perform blocking attacks at most, and cannot attack with a simple bypass. Blocking attacks can cause users to use the application system at the most, without causing direct loss to the user. There is no benefit to the attacker, thus avoiding user losses, providing a more secure solution and improving the network application system.
  • the level of security has expanded the range of network applications.
  • Figure 1 is a flow chart of normal operation between the client and the server
  • FIG. 2 is a flow chart showing the operation of the Trojan tampering operation content implanted in the client host
  • 3 is a flow chart showing the operation of the Trojan forgery operation content implanted in the client host
  • Figure 4 is a flow chart showing the operation of the Trojan tampering operation content embedded in the client software
  • Figure 5 is a flow chart of normal interaction between the client and the server
  • 6 is an interactive flow chart of tampering with the content of the operation by the Trojan implanted in the client;
  • Figure 7 is a flow chart of using a firewall to defend against Trojans
  • FIG. 8 is a schematic structural diagram of a network interaction system according to Embodiment 1 of the present invention.
  • Figure 9 is a schematic view showing the structure of the security device of Figure 8.
  • Figure 10 is a schematic diagram of the structure of the client in Figure 8.
  • Figure 11 is a schematic view showing the structure of the server in Figure 8.
  • FIG. 12 is a schematic structural diagram of a network interaction system according to Embodiment 2 of the present invention.
  • Figure 13 is a schematic view showing the structure of the security device of Figure 12;
  • Figure 14 is a schematic view showing the structure of the client in Figure 12;
  • FIG. 15 is a schematic structural diagram of a network interaction system according to Embodiment 3 of the present invention.
  • Figure 16 is a schematic view showing the structure of the security device of Figure 15;
  • Figure 17 is a schematic view showing the structure of the client in Figure 15; 18 is a flow chart of a network interaction according to Embodiment 4 of the present invention;
  • Figure 19 is a flow diagram of one embodiment of steps 1807 and 1807 of Figure 18;
  • Figure 20 is a flow diagram of another embodiment of steps 1807 and 1807 of Figure 18;
  • Figure 21 is a representation of steps 1811 and 1812 of Figure 18
  • Figure 22 is a flow chart of another embodiment of steps 1811 and 1812 of Figure 18;
  • Figure 23 is a flow chart of network interaction of Embodiment 5 of the present invention;
  • Figure 24 is a flow chart of the network interaction of the sixth embodiment.
  • BEST MODE FOR CARRYING OUT THE INVENTION In order to make the objects, technical solutions and advantages of the present invention more comprehensible, the present invention will be further described in detail below with reference to the embodiments and drawings. The illustrative embodiments of the present invention and the description thereof are intended to explain the present invention, but are not intended to limit the invention.
  • the invention provides a network interaction method, system and security device thereof.
  • the system includes a server 803, and the system further includes a client 801 and a security device 802; wherein the client 801 is configured to receive operation content input by the user;
  • the device 802 is configured to acquire the operation content, process the operation content, generate a verification ciphertext for verification, and display the verification ciphertext;
  • the client 801 is further configured to acquire the school generated by the security device 802.
  • the ciphertext is verified, and the operation content and the verification ciphertext are sent to the server through the network.
  • Figure 9 is a schematic diagram showing the structure of the security device of Figure 8.
  • the security device includes: an input unit 901, a processing unit 902, a conversion unit 904, and a display unit 903; wherein the input unit 901 is configured to input operation content for a client user; the processing unit 902 is configured to The operation content input by the input unit 901 is processed to generate a verification ciphertext for verification; the conversion unit 904 is configured to convert the verification ciphertext into an inputtable character; the display unit 903 is configured to display the converted ciphertext Verify the ciphertext.
  • the operations of the input unit 901, the processing unit 902, and the display unit 903 are controlled by the CPU.
  • the processing unit 902 can process the operation content in the following manner: using an encryption key, according to a certain encryption protocol and an encryption algorithm The operation is performed to generate a verification ciphertext for encryption.
  • the conversion unit 904 converts the generated verification ciphertext into a character that can be input by using a certain character conversion rule. But it is not limited to this.
  • the security device 802 can be disconnected from the client 801.
  • the user 801 uses the input unit 901 of the security device 802 to input the operation content, and the user can also display the conversion of the display unit 903 of the security device 802.
  • the latter verification ciphertext is input to the client 801.
  • Figure 10 is a schematic diagram of the structure of the client in Figure 8. As shown in FIG. 10, the client 801 includes a first input unit 1001 and a first sending unit 1003;
  • the first input unit 1001 is configured to input the operation content and the verification ciphertext by the client user; the first sending unit 1003 is configured to transmit the operation content and the verification ciphertext transmitted by the first input unit 1001 to the server 803.
  • FIG. 11 is a block diagram showing the structure of the server of Figure 8.
  • the server 803 includes a second receiving unit 1101 determining unit 1103, an operating unit 1104, and a second sending unit 1105.
  • the second receiving unit 1101 is configured to receive the operation content and checksum transmitted by the client 801.
  • the ciphering unit 1103 is configured to determine whether the operation content matches the verification ciphertext; when the determination result of the determination unit 1103 is YES, the operation unit 1104 is configured to perform a corresponding operation according to the acquired operation content;
  • the two transmitting unit 1105 is configured to transmit the operation result to the client 801.
  • the client 801 may further include a first encryption unit 1002 for encrypting the operation content and the verification ciphertext, and then encrypting by the first sending unit 1003.
  • the subsequent operation content and the verification ciphertext are transmitted to the server 803, which further ensures the security of the transmitted data.
  • the server 803 further includes a second decryption unit 1102, configured to decrypt the received encrypted operation content and the verified ciphertext to obtain the operation content and the school. Check the ciphertext.
  • the determining unit 1103 determines whether the operation content and the verification ciphertext match, that is, the legality of the data is determined, and the following manner may be adopted: the determining unit 1103 processes the received operation content, and the processing is performed on the security device.
  • the processing performed in 802 is the same, that is, the same encryption algorithm and encryption protocol as the security device 802 are used to generate the verification ciphertext, and then the generated verification ciphertext is performed with the verification ciphertext received from the client 801 through the network.
  • the server 803 finds that the operation content does not match the verification ciphertext, and the attacker does not know the encryption key used by the security device, thereby preventing the attacker from constructing the operation content and verifying the ciphertext. Further ensure network interaction security.
  • the client 801 further includes a first receiving unit 1004 and a first display unit.
  • the first receiving unit 1004 is configured to receive an operation result transmitted by the server 803.
  • the first display unit 1006 is configured to display the operation result.
  • the server 803 can encrypt the operation result before returning the operation result to the client 801. After the client 801 receives the operation result, the operation result is decrypted and displayed. Therefore, the server 803 further includes a second encryption element 1106, the second encryption element 1106 is used to encrypt the operation result, and the encrypted operation result is transmitted to the second sending unit 1105;
  • the client 801 further includes a first decryption unit 1005 for decrypting the encrypted operation result and then sending it to the second display unit 1006 for display.
  • the system can complete the input and encryption processing of the operation content by using the security device 802.
  • the Trojan can modify or forge the operation content in the plaintext form on the client, it cannot prevent the user from inputting the correct operation content on the security device. It is also impossible to enter tampering or forgery of the operation content on the security device. Therefore, the verification ciphertext corresponding to the falsified or forged operation content cannot be obtained. Therefore, the verification cannot be passed on the server. Therefore, it can avoid unnecessary loss to the user and ensure the security of the network interaction, thereby providing a more secure solution, improving the security level of various network application systems, and expanding the network application range.
  • the security device 802 can be used alone or integrated on an existing portable device, such as the security device 802 implemented by a mobile phone.
  • the present invention also provides a network interaction system, as shown in FIG. 12, the system includes a server.
  • the client 1201 is configured to receive the operation content input by the user, and transmit the operation content to the security device 1202, and receive the verification ciphertext transmitted by the security device 1202, and send the operation content and the verification ciphertext to the server. 1203;
  • the security device 1202 is configured to receive the operation content transmitted by the client 1201, display the operation content, determine whether the client user confirms the operation content, and if the determination result is yes, the security device
  • the full device 1202 processes the operation content, generates a verification ciphertext for verification, and transmits the generated verification ciphertext to the client 1201.
  • the Trojan modifies or falsifies the operation content before the security device 1202 obtains the operation content
  • the user can detect and block the operation content that the user confirms (the operation content is already inside the security device 1202, the Trojan cannot be modified) And matching with the encrypted ciphertext returned by the security device 1202, because the trojan cannot obtain the matching ciphertext, the trojan cannot return the ciphertext after the security device 1202 returns. Modify the content of the operation. Therefore, unnecessary loss to the user can be avoided, and the security of the network interaction is ensured.
  • the security device 1202 and the client 1201 are connected to each other, and information can be transmitted by wire or wirelessly.
  • FIG. 13 is a schematic illustration of the configuration of the security device of Figure 12.
  • the security device 1202 includes a receiving unit 1301, a display unit 1302, a determining unit 1303, a processing unit 1304, and a sending unit 1305.
  • the receiving unit 1301 is configured to receive an operation content transmitted by the client 1201.
  • the unit 1302 is configured to display the operation content.
  • the determining unit 1303 is configured to determine whether the client user confirms the operation content. If the determination result of the determination unit 1303 is YES, the processing unit 1304 is configured to process the operation content.
  • a verification ciphertext is generated for verification; the sending unit 1305 is configured to transmit the verification ciphertext to the client 1201.
  • the security device 1202 further includes an input unit 1306, which can also be used for the user to input information confirming the content of the operation.
  • the security device 1202 receives the operation content transmitted by the client 1201, the operation content is displayed. At this time, the user can confirm whether the operation content is incorrect according to the display of the display unit 1302 of the security device 1202. If the error is determined, the confirmation unit 1306 of the security device 1202 can confirm the operation. If the determination unit 1303 determines that the user has confirmed the operation content, the processing unit 1304 of the security device 1202 processes the operation content. The processing result is transmitted to the client 1201. If the user confirms that the operation content is incorrect, the cancel button set in the input unit 1306 is passed. Therefore, if the Trojan modifies or falsifies the operation content before the security device 1202 obtains the operation content, the user can detect and block it.
  • Figure 14 is a block diagram showing the structure of the client in Figure 12. As shown in FIG. 14, the client includes a first input unit 1401, a first sending unit 1402, and a first receiving unit 1403;
  • the first input unit 1401 is configured to input, by the client user, the operation content; the first sending unit 1402 is configured to send the operation content to the security device 1202; the first receiving unit 1403 is configured to receive the security device 1202 to transmit the verification ciphertext; and the first sending unit 1402 is further configured to use the operation content and the verification ciphertext Transfer to server 1203.
  • the client 801 may further include a first encryption unit 1404 for encrypting the operation content and the verification ciphertext, and then encrypting by the first sending unit 1402.
  • the subsequent operation content and the verification ciphertext are transmitted to the server 1203, which further ensures the security of the transmitted data.
  • the configuration of the server 1203 is similar to that of the embodiment 1, as shown in FIG. 12, and details are not described herein again.
  • the client 1201 may further include a first decryption unit 1405 and a first display unit 1406, and its function is similar to that of Embodiment 1, and details are not described herein again.
  • the Trojan modifies or falsifies the operation content before the security device 1202 obtains the operation content, the user can detect and block the content; and the operation content confirmed by the user is matched with the encryption process returned by the security device 1202. After the ciphertext is verified, the Trojan cannot modify the operation content after the security device 1202 returns the verification ciphertext. Otherwise, the server 1203 may find that the operation content does not match the verification ciphertext and the operation content. The attacker does not know the encryption key used by the security device 1202, so the operation content and the verification ciphertext pair cannot be constructed by itself, thereby ensuring security.
  • the security device 1202 can be used alone or integrated in an existing portable device, such as a USB encryption device for electronic certificate calculation or a human biometric authentication device, such as fingerprint authentication and iris authentication.
  • a human biometric authentication device such as fingerprint authentication and iris authentication.
  • the security device 1202 displays the operation content and the user confirms
  • the human biometric authentication device can be used to confirm the operation content, for example, using human biometrics such as fingerprints and irises.
  • the input unit 1306 in the security device 1202 can be a key input unit, a human biometric authentication unit, or the like.
  • the present invention also provides a network interaction system, as shown in FIG. 15, the system includes a server.
  • the security device 1502 is configured to receive the operation content input by the user, process the operation content, generate a verification ciphertext for verification, and transmit the operation content and the verification ciphertext to the client 1501; the client The terminal 1501 is configured to receive the operation content and the verification ciphertext transmitted by the security device 1502, and send the operation content and the verification ciphertext to the server 1503 through the network.
  • the system can complete the input and encryption processing of the operation content by using the security device 1502, that is, the user does not need to input the operation content on the client human-machine interface, which is referred to herein as full hardware input. Since the user does not input the operation content on the client, the Trojan can not invade the security device content.
  • the Trojan can only intercept the operation content in the clear text output by the security device, but the Trojan cannot obtain the verification corresponding to the tampering or forged operation content. Ciphertext, so it cannot pass the test on the server. This avoids unnecessary losses to the user, thereby providing a more secure solution, improving the security level of various network application systems, and expanding the scope of network applications.
  • Figure 16 is a block diagram showing the construction of the security device of Figure 15.
  • the security device 1502 includes: an input unit 1601, a processing unit 1602, and a sending unit 1603;
  • the input unit 1601 is configured to input the operation content by the client user; the processing unit 1602 is configured to process the input operation content to generate a verification ciphertext for verification; the sending unit is configured to use the operation content and The verification ciphertext is sent to the client 1501.
  • Figure 17 is a block diagram showing the configuration of the client in Figure 15. As shown in FIG. 17, the client 1501 includes a first receiving unit 1701 and a first sending unit 1702;
  • the first receiving unit 1701 is configured to receive the operation content and the verification ciphertext transmitted by the security device 1502.
  • the first sending unit 1702 is configured to transmit the operation content and the verification ciphertext to the server 1503.
  • the client 1501 further includes a first encryption unit 1703, where the first encryption unit 1703 is configured to encrypt the operation content and the verification ciphertext; and the first-transmission unit 1702 encrypts the encrypted content.
  • the operation content and the verification ciphertext are transmitted to the server 1503.
  • the configuration of the server 1503 is similar to that of the embodiment 1, as shown in FIG. 12, and details are not described herein again.
  • the client 1501 may further include a first decryption unit 1704 and a first display unit 1705, and its function is similar to that of Embodiment 1, and details are not described herein again.
  • the security device 1202 may be used alone or integrated on an existing portable device, such as a USB encryption device for electronic certificate computing, or a mobile phone.
  • the system implements full hardware input by using the security device 1502. Since the user does not input the operation content on the client, the Trojan can not invade the security device content. Therefore, the Trojan can only intercept the operation content in the clear text output by the security device, but the Trojan cannot obtain the verification corresponding to the tampering or forged operation content. Ciphertext, so it cannot pass the test on the server. This avoids unnecessary losses to the user, thus providing a more secure solution and improving each The security level of the network application system expands the scope of network applications.
  • the present invention also provides a network interaction method, the method comprising: a client receiving an operation content input by a user; the security device acquiring the operation content; the security device processing the operation content, generating a verification ciphertext for verification The client obtains the verification ciphertext; the client sends the operation content and the verification ciphertext to the server.
  • the method uses a security device to input the operation content and encrypt the operation content to prevent the Trojan from tampering or forging the operation content to achieve the attack purpose, thereby providing a more secure solution and improving the network application system.
  • the level of security has expanded the range of network applications.
  • Step 1801 The user operates on the human-machine interface of the client 801, and the operation content can be input through an input unit of the client 801, such as a keyboard or a mouse;
  • Step 1802 the client 801 receives the operation content of the user
  • Step 1803 the user inputs the operation content through the input unit of the security device 802.
  • Step 1804 the security device 802 generates a verification ciphertext for verification by using a certain encryption algorithm and an encryption protocol, and converts to a certain character conversion rule according to a certain character conversion rule. Characters can be input, and the converted check ciphertext is displayed on the display unit of the security device 802;
  • Step 1805 the user inputs the converted ciphertext displayed by the security device 802 into the client 801;
  • Step 1806 the client 801 transmits the operation content and the verification ciphertext to the server through the network.
  • Step 1807 the server 803 receives the operation content and the verification ciphertext transmitted by the client 801.
  • Step 1808 the server 803 verifies the legality of the data, that is, verifies whether the operation content and the check ciphertext match, by using the following manner authenticating:
  • the server 803 processes the received operation content by using the same encryption algorithm and encryption protocol as the security device 802, generates a verification ciphertext, and then compares the generated verification ciphertext with the received verification ciphertext. It is judged whether the generated verification ciphertext is the same as the received verification ciphertext, and if the same, the data is judged to be legal, and the received verification ciphertext matches the operation content, so that it is known whether the operation content is tampered with by the Trojan. If the generated verification ciphertext is different from the received verification ciphertext, it is considered that there is a Trojan tampering with the operation content, and it is judged that the data is illegal, and no processing is returned to the client.
  • Steps 1809 and 1810 if the judgment is legal, the server 803 specifies the content according to the operation content. Operation, producing an operation result;
  • Step 1811 the server 803 sends the operation result to the client 801 through the network;
  • Step 1812 the client 801 receives the operation result transmitted by the server 803.
  • step 1813 the client 801 displays the result of the operation.
  • the security device 802 is not connected to the client 801 and can be implemented by using a mobile phone.
  • the system performs the input and encryption processing of the operation content by using the security device 802.
  • the server 803 verifies the validity of the operation content and the verification ciphertext, so that the server 803 finds whether the operation content and the verification ciphertext are attacks.
  • the user constructs itself to ensure the security of network interaction, thus providing a more secure solution, improving the security level of various network application systems, and expanding the scope of network applications.
  • Figure 19 is a flow diagram of one embodiment of steps 1806 and 1807 of the present invention. As shown in Figure 19, the specific implementation is as follows:
  • Step 1901 the client 801 can encapsulate the operation content and the verification ciphertext into a communication package according to a public and customized network protocol.
  • Step 1902 the client 801 transmits the communication packet to the server 803 through the network;
  • Step 1903 After receiving the communication packet, the server 803 uses the same communication protocol as the client 801 to parse the communication packet to obtain the operation content and the verification ciphertext.
  • the operation content and the verification ciphertext may be encrypted, and then encrypted. Then transfer.
  • decryption is performed first, and then step 1807 is performed.
  • Step 2001 the client 801 uses the operation content and the verification ciphertext as part of the input information of one or more cryptosystems, participates in the operation of the cryptosystem, and obtains the encrypted ciphertext after the operation; in step 2002, the client 801 follows a public or customized network protocol that encapsulates the encrypted ciphertext into a communication package;
  • step 2003 the client 801 transmits the communication packet to the server 803 through the network.
  • step 2004, after receiving the communication packet the server 803 analyzes the received communication packet by using the same communication protocol as the client 801. , obtaining the encrypted ciphertext;
  • step 2005 the server 803 performs an inverse operation on the encrypted ciphertext corresponding to the client 801 to obtain the operation content and the verification ciphertext.
  • 21 is a flow diagram of one embodiment of steps 1811 and 1812 of the present invention. As shown in FIG. 21, the specific implementation is as follows:
  • Step 2101 the server 803 encapsulates the operation result into a communication package according to a public and customized network protocol.
  • Step 2102 the server 803 transmits the communication packet to the client 801 through the network;
  • Step 2103 After receiving the communication packet, the client 801 uses the same communication protocol as the server 803 to parse the communication packet to obtain an operation result.
  • the server 803 encrypts the operation result before transmitting the operation result to the client 801; accordingly, the client 801 receives the operation. After the result, the result of the operation is decrypted and then displayed.
  • the specific implementation is as shown in Figure 22:
  • Step 2201 The server 803 uses the operation result as part of the input information of one or more cryptosystems, participates in the operation of the cryptosystem, and obtains the encrypted ciphertext after the operation;
  • Step 2202 the server 803 encapsulates the encrypted ciphertext into a communication packet according to a public or customized network protocol.
  • Step 2203 the server 803 transmits the communication packet to the client 801 through the network;
  • Step 2204 after receiving the communication packet, the client 801 parses the received communication packet by using the same communication protocol as the server 803. , obtaining the encrypted ciphertext;
  • Step 2205 The client 801 performs an inverse operation on the encrypted ciphertext corresponding to the server 803 to obtain the operation result.
  • the security device to process the operation content, the verification ciphertext for verification is generated, and the validity check is performed by the server, so that the Trojan can not tamper with and forge the operation content, and once the operation content is falsified, be found. Therefore, the Trojan can only perform blocking attacks at most, and cannot attack with a simple bypass. Blocking attacks can cause users to use the application system at the most, without causing direct loss to the user, and there is no benefit to the attacker.
  • Step 2301 The user operates on the human-machine interface of the client 1201, and the operation content can be input through an input unit of the client 1201, such as a keyboard or a mouse;
  • Step 2302 the client 1201 receives the operation content of the user, and then transmits the operation content to the security device 1202;
  • Step 2303 the display unit of the security device 1202 displays the content of the operation;
  • Step 2304 the security device 1202 checks whether the content of the operation is incorrect according to the display, and if the determination is correct, the input unit of the security device 1202 confirms, after confirming
  • the security device 1202 generates a verification ciphertext for verification by using a certain encryption algorithm and an encryption protocol, and transmits the verification ciphertext to the client 1201; in addition, it can also be performed by a human biometric method such as a fingerprint or an iris. confirm;
  • Step 2305 the client 1201 transmits the operation content and the verification ciphertext to the server 1203; the steps 2306 to 2012 are similar to the steps 1807 to 1813 in FIG. 18, and are not described herein again.
  • the client 1201 transmits the verification ciphertext and the operation content to the server 803.
  • the server 803 can transmit the operation result to the client 801 in a manner as shown in Figs.
  • the Trojan modifies or falsifies the operation content before the security device 1202 obtains the operation content, the user can detect and block the content; and the operation content confirmed by the user is matched with the encryption process returned by the security device 1202. After the ciphertext is verified, the Trojan cannot modify the operation content after the security device 1202 returns the verification ciphertext. Otherwise, the server 1203 may find that the operation content does not match the verification ciphertext and the operation content. The attacker does not know the encryption key used by the security device 1202, so the operation content and the verification ciphertext pair cannot be constructed by itself, thereby ensuring security.
  • Step 2401 The user inputs the operation content through the input unit of the security device 1502.
  • Step 2402 the security device 1502 generates a verification ciphertext for verification by using a certain encryption algorithm and an encryption protocol.
  • Step 2403 the security device 1502 transmits the verification ciphertext and the operation content to the client 1501;
  • Step 2404 the client 1501 transmits the operation content and the verification ciphertext to the server 1503; the steps 2405 to 2411 are similar to the steps 1807 to 1813 in FIG. 18, and are not described herein again.
  • the client 1201 transmits the verification ciphertext and the operation content to the server 803.
  • the server 803 transmits the operation result to the client 801.
  • the above network interaction system and method are applicable to various application systems involving network interaction, such as online banking, securities trading, online game electronic equipment trading, enterprise key business systems, e-commerce and network payment.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

A network interaction method, system and safety apparatus thereof are provided, the method includes the following steps: a user terminal receives the operation content inputted by a user; a safety apparatus obtains the operation content; the safety apparatus processes the operation content, generates the verify cryptograph for verification; the user terminal obtains the verify cryptograph; the user terminal sends the operation content and the verify cryptograph to a server. The method can prevents Trojan horses from achieving its assailant purpose in manner of tampering or fabricating the operation content, thereby a safer solution is provided, the safety level of the network application system is improved, and the network application field is extended.

Description

网络交互方法、 系统及其安全设备 技术领域  Network interaction method, system and security device thereof
本发明关于客户端和网络服务器之间的网络交互技术,特别关于客户端 存在木马时防止木马用篡改和伪造的方式进行攻击的一种网络交互方法、系 统及其安全设备。 背景技术 由于网络的便捷性, 基于网络的应用系统, 如网络银行、 证券、 网络游 戏等在生产生活中占据越来越重要的地位。但是也正因为网络的特性,使得 网络通讯的安全性成为重要课题。  The invention relates to a network interaction technology between a client and a network server, in particular to a network interaction method, a system and a security device thereof for preventing a Trojan from attacking by means of tampering and forgery when a Trojan exists. BACKGROUND OF THE INVENTION Due to the convenience of networks, network-based application systems, such as online banking, securities, and online games, are playing an increasingly important role in production and life. However, due to the characteristics of the network, the security of network communication has become an important issue.
网络通讯的安全焦点在于交互过程的身份鉴别和信息加密。在这一过程 中有各种安全技术可供选择。例如用于身份认证的指纹鉴别技术、电子证书 技术等。有诸如 AES、 3DES之类的加密算法。这些技术的应用构筑了严密的 密码系统,保护了整个交互过程的安全。虽然可以很轻易地通过网络截获这 些信息, 但是因为不知道密钥, 因此难以知晓和篡改其内容。一般来说直接 破解一个密码系统, 都是得不偿失的, 因此, 攻击者都采取寻找系统的脆弱 点, 加以攻击。  The security focus of network communication lies in the identity authentication and information encryption of the interaction process. There are a variety of security technologies to choose from during this process. For example, fingerprint authentication technology for identity authentication, e-Cert technology, and the like. There are encryption algorithms such as AES, 3DES. The application of these technologies creates a rigorous cryptosystem that protects the entire interaction process. Although it is easy to intercept this information over the network, it is difficult to know and tamper with its contents because it does not know the key. In general, directly cracking a cryptosystem is not worth the loss. Therefore, the attacker takes the vulnerability of finding the system and attacks.
目前,常用的攻击方法是采用木马窃取和篡改敏感信息。这种攻击方法 与直接破解有所不同, 以盗窃认证信息或篡改交互内容为攻击亍 ·段,绕过密 码系统的保护。  Currently, the common attack method is to use Trojans to steal and tamper with sensitive information. This method of attack differs from direct cracking in that it steals authentication information or tampers with interactive content as an attack, bypassing the protection of the password system.
最初的系统登录采用静态口令, 因此,木马仅仅需要监控键盘即可盗窃 用户登录口令。 在这种情况下, 为了防止木马的攻击, 应用软键盘、 随机验 证码、动态口令身份认证技术和电子证书等安全技术,使得这类木马攻击难 以奏效, 难以仅凭单纯的截获信息达到攻击目的。 因此, 在相关技术中采用 木马攻击的技术逐渐转变为篡改或伪造通讯内容。以下参照附图对木马篡改 或伪造通讯内容的方式进行说明。  The initial system login uses a static password, so the Trojan only needs to monitor the keyboard to steal the user login password. In this case, in order to prevent Trojan attacks, the application of soft keyboard, random verification code, dynamic password authentication technology and e-Cert and other security technologies make this type of Trojan attack difficult to work, it is difficult to achieve the purpose of attack by simply intercepting information. . Therefore, the technology using the Trojan attack in the related art has gradually turned into tampering or falsifying communication content. The manner in which Trojans falsify or falsify communication contents will be described below with reference to the drawings.
图 1为客户端和服务器之间正常操作的流程图。如图 1所示,客户端操 作系统接收用户通过鼠标或键盘输入的操作内容(见步骤 11 ), 该操作系统 将操作内容传递给客户端软件(见步骤 12), 该客户端软件对该操作内容进 行加密(见步骤 13 ), 然后将加密后的操作内容传递至服务器(见步骤 14)。 Figure 1 is a flow chart of normal operation between the client and the server. As shown in FIG. 1, the client operating system receives the operation content input by the user through the mouse or the keyboard (see step 11), the operating system The operation content is delivered to the client software (see step 12), the client software encrypts the operation content (see step 13), and then passes the encrypted operation content to the server (see step 14).
由上述可知, 步骤 12 "操作系统把用户的操作内容传给客户端软件" 是一个脆弱环节。 木马可以攻击这个环节, 从而绕开现有安全技术的保护。 即木马能左右被植入的客户端主机, 截获用户操作, 并篡改操作内容; 有些 木马甚至伪装成客户端主动完成攻击者预定的操作,这样,植入木马的客户 端主机, 用户操作内容就难以安全的传给客户端软件。  It can be seen from the above that step 12 "the operating system transmits the user's operation content to the client software" is a vulnerable link. Trojans can attack this link, bypassing the protection of existing security technologies. That is, the Trojan can be used to host the client host, intercept the user operation, and tamper with the operation content; some Trojans even pretend that the client actively completes the operation scheduled by the attacker, so that the client host of the Trojan is implanted, and the user operates the content. It is difficult to pass to the client software safely.
例 1,图 2是木马监控键盘和鼠标的流程图。当木马植入客户端主机后, 监控键盘和鼠标,可以抢先于客户端软件之前获得操作内容(有的攻击者会 在真正的客户端软件基础上增加 ·个壳,然后诱骗用户下载使用。这种改装 后的客户端软件的设计思想与本例相同,区别的只是截获鼠标键盘的方法不 同)。 如图 2所示, 客户端软件接收的操作内容是篡改或伪造的操作内容, 无论步骤 25采用的安全技术有多先进, 都不能起到防御效果。  Example 1, Figure 2 is a flow chart of the Trojan monitoring keyboard and mouse. When the Trojan is implanted on the client host, monitor the keyboard and mouse, and get the operation content before the client software. Some attackers will add a shell based on the real client software, and then trick the user into downloading. The design idea of the modified client software is the same as this example, the only difference is that the method of intercepting the mouse keyboard is different). As shown in Figure 2, the operation content received by the client software is tampering or forged operation content. No matter how advanced the security technology used in step 25 is, it cannot achieve a defense effect.
例 2, 图 3是木马伪造操作内容、 虚拟用户操作鼠标和键盘的流程图。 如图 3所示, 客户端软件很难判断是真实用户在操作, 还是木马在操作。  Example 2, Figure 3 is a flow chart of the Trojan forgery operation content, the virtual user operating the mouse and the keyboard. As shown in Figure 3, it is difficult for the client software to determine whether the real user is operating or whether the Trojan is operating.
例 3, 图 4是木马嵌入客户端软件截获篡改用户的操作内容的流程图。 对于一些操作复杂的客户端软件 (例如网络游戏客户端软件), 木马也会采 用嵌入客户端软件的方式来截获篡改用户的操作内容, 从而达到非法目的。  Example 3, Figure 4 is a flow chart of the Trojan embedding client software intercepting the user's operation content. For some complex client software (such as online game client software), the Trojan also uses the method of embedding the client software to intercept and tamper with the user's operation content, thereby achieving illegal purposes.
由上述可知, 为了清除木马、 保护系统, 通常采用的方案有以下几种: 第 ·种:使用杀毒软件来查杀木马。虽然使用杀毒软件是清除病毒和木 马的最有效的手段,但是其不能保证客户端上操作系统中完全没有木马。最 重要的原因就是目前新的木马出现和传播速度太快。例如,每天都有新木马 出现, 在病毒库升级前杀毒软件难以清除木马; 电子邮件、 MSN和 QQ类通 讯工具和 BBS论坛等网络应用使得木马散播速度极快;很多用户的主机上安 装了杀毒软件,但却忽视了病毒库的更新,杀毒软件自动更新病毒间隔时间 过长; 木马可以伪造用户操作, 主动关闭杀毒软件的保护, 甚至造成杀毒软 件丧失功能。  It can be seen from the above that in order to remove Trojans and protection systems, the following commonly used schemes are as follows: Type: Use anti-virus software to kill Trojans. Although the use of anti-virus software is the most effective means of removing viruses and Trojans, it does not guarantee that there is no Trojan in the operating system on the client. The most important reason is that the new Trojans are appearing and spreading too fast. For example, new Trojans appear every day, and it is difficult for anti-virus software to remove Trojans before the virus database is upgraded. Web applications such as e-mail, MSN and QQ communication tools and BBS forums make Trojans spread very fast; many users have anti-virus installed on their hosts. Software, but ignores the virus database update, anti-virus software automatically updates the virus interval is too long; Trojan can forge user operations, proactively turn off the protection of anti-virus software, and even cause anti-virus software to lose functionality.
并且对于敏感的、具有经济价值的攻击目标, 木马只要得手一次, 就可 以造成极大损失。 因此我们需要另外寻找方法, 以彻底解决木马的威胁。 第二种: 采用各类认证、加密安全产品。 针对客户端本地的安全, 目前 这些安全技术仅仅有软键盘、验证码或客户端软件内嵌木马扫描模块等不多 的几种技术。 其中, And for sensitive, economically valuable targets, the Trojan can cause great losses as long as it succeeds. Therefore, we need to find another way to completely solve the threat of Trojans. Second: Adopt various types of authentication and encryption security products. For the local security of the client, at present, these security technologies only have a few technologies such as a soft keyboard, a verification code or a client software embedding Trojan scanning module. among them,
软键盘是提供用鼠标进行输入口令的技术。具体的说,就是在屏幕上形 成一个顺序随机的键盘, 然后用鼠标点击这个键盘, 完成口令的输入。 因为 口令输入由鼠标完成, 因此, 使得以截获键盘消息为手段、盗窃口令为目的 的木马难以发挥作用。  A soft keyboard is a technology that provides a password for entering with a mouse. Specifically, a random keyboard is formed on the screen, and then the keyboard is clicked to complete the password input. Because the password input is done by the mouse, it is difficult for the Trojan to steal the keyboard message and steal the password.
验证码是一种防止暴力破解的技术,在登录的界面上提供一个由图片显 示的一串字符, 然后要求用户输入这些字符。在进行登录操作时, 服务端首 先验证这些字符是否正确(有些系统是客户端软件自己验证, 防御效果就差 了很多)。 因为图片显示的字符一般会进行扭曲处理, 而且都在不规则的线 条组成的背景映衬卜, 因此, 这些字符很难用程序自动从图片内识别出来, 若使用得当,对木马有一定的防御效果。例如这种技术如果扩展到关键业务 的操作也有验证码技术做支持, 以伪造操作内容,虚拟用户操作为手段的木 马的攻击行为就会受到很大限制。  A verification code is a technique for preventing brute force. A string of characters displayed by the picture is provided on the login interface, and then the user is required to input the characters. When logging in, the server first verifies that these characters are correct (some systems are self-verified by the client software, and the defense effect is much worse). Because the characters displayed in the picture are generally distorted, and they are all reflected in the background of irregular lines. Therefore, these characters are difficult to be automatically recognized from the picture by the program. If used properly, the Trojan has a certain defense effect. . For example, if this technology is extended to critical business operations and supported by captcha technology, the spoofing behavior of the trojan will be greatly limited by forging the content of the operation.
客户端软件内嵌木马扫描模块实际上是把一个木马专杀工具,集成到客 户端软件中。其查杀木马的原理与杀毒软件相同,可以把它看作一个具有针 对性的杀毒软件的精简版。  The client software embedding Trojan scanning module actually integrates a Trojan killing tool into the client software. Its principle of killing Trojans is the same as anti-virus software, and can be seen as a streamlined version of its anti-virus software.
另外, 电子证书技术、动态口令技术都可以防御以盗窃用户口令为主的 木马的攻击行为。  In addition, e-Cert technology and dynamic password technology can defend against the attacking behavior of Trojans that steal user passwords.
但是, 上述技术大都针对用户的登录过程, 具有一定的防御效果。对于 用户操作时的安全问题, 则难以防御,尤其对于以截获篡改用户操作内容为 主要攻击手段的木马, 防御效果欠佳。 以下举例说明。  However, most of the above technologies are directed to the user's login process and have a certain defense effect. For the security problem when the user operates, it is difficult to defend, especially for the Trojan that intercepts the user's operation content as the main attack means, the defense effect is not good. The following examples are given.
图 5是客户端和服务器之间正常交互的流程图。图 6是植入客户端的木 马抢先于客户端软件获得操作内容,然后篡改该操作内容,再发送给客户端 软件的流程图。如图 6所示, 在整个交互过程中, 木马完全绕过了各种安全 技术所形成的密码系统的保护。  Figure 5 is a flow diagram of normal interaction between the client and the server. Figure 6 is a flow chart of the Trojan implanted in the client preemptively obtaining the content of the operation by the client software, then tampering with the content of the operation and then sending it to the client software. As shown in Figure 6, during the entire interaction, the Trojan completely bypasses the protection of the cryptosystem formed by various security technologies.
第三种: 安装防火墙在客户端上,通过设置防火墙策略来阻止非授权的 网络访问。 图 7是采用防火墙对木马进行防御的流程图。其中,木马盗窃到用户名 和口令必须传递给攻击者,然后由攻击者利用盗窃到的用户名和口令冒充合 法用户登录系统, 才能完成非法目的。 因此, 盗窃到的用户名口令必须由木 马通过网络发送给攻击者,才能彻底完成攻击流程。在配置合理的防火墙策 略时, 木马与外界的通讯过程被阻挡, 从而阻断攻击流程, 挽回损失。 Third: Install the firewall on the client to prevent unauthorized network access by setting a firewall policy. Figure 7 is a flow chart of using a firewall to defend against Trojans. Among them, the Trojan's theft of the username and password must be passed to the attacker, and then the attacker can use the stolen username and password to impersonate the legitimate user to log in to the system to complete the illegal purpose. Therefore, the stolen username password must be sent to the attacker via the network through the Trojan to complete the attack process completely. When a reasonable firewall policy is configured, the communication process between the Trojan and the outside world is blocked, thereby blocking the attack process and recovering the loss.
但是, 用个人版防火墙防御木马攻击, 有很大的局限性, 其主要缺点如 下: 完全无法防御以截获篡改或伪造用户操作内容为主要攻击手段的木马; 缺省的防火墙策略过于宽松、漏洞很多; 防火墙的配置需要专业知识, 非普 通用户可以完成; 木马可以通过改变通讯端口、嵌入或冒用授权程序进行网 络通讯; 木马可以伪造用户操作, 主动关闭个人防火墙的保护, 甚至造成个 人版防火墙丧失功能。  However, using the personal version of the firewall to defend against Trojan attacks has many limitations. The main disadvantages are as follows: Trojans that are completely unable to defend against tampering or forgery of user operations are the main means of attack; The default firewall policy is too loose and has many loopholes. The configuration of the firewall requires professional knowledge, which can be completed by non-ordinary users; Trojans can communicate by changing the communication port, embedding or fraudulently using the authorized program; Trojans can forge user operations, proactively turn off the protection of personal firewalls, and even cause personal firewalls to be lost. Features.
申请号为 200610149618. X、 公开号为 CN 1965401A的发明专利申请, 揭示了一种互联网接入系统和接入方法, 现将其内容合并于此。 发明内容  An invention patent application having the application number of 200610149618. X, the disclosure of which is incorporated herein by reference. Summary of the invention
本发明的目的在于提供一种网络交互方法,该方法使用安全设备让用户 确定操作内容是否正确,若正确则对操作内容进行处理, 以阻止木马用篡改 或伪造操作内容的方式达到攻击目的,从而提供更为安全的解决方案,提高 了网络应用系统的安全等级, 扩大了网络应用范围。  The object of the present invention is to provide a network interaction method, which uses a security device to let a user determine whether the operation content is correct, and if it is correct, processes the operation content to prevent the Trojan from tampering or forging the operation content to achieve the purpose of attack, thereby Provide a more secure solution, improve the security level of network application systems, and expand the scope of network applications.
本发明的目的还在于提供一种网络交互系统,该系统通过使用安全设备 对操作内容进行处理,以阻止木马用篡改或伪造操作内容的方式达到攻击目 的, 从而提供更为安全的解决方案, 提高丫网络应用系统的安全等级, 扩大 了网络应用范围。  The object of the present invention is also to provide a network interaction system, which uses the security device to process the operation content to prevent the Trojan from tampering or forging the operation content to achieve the purpose of attack, thereby providing a more secure solution and improving安全 The security level of the network application system has expanded the scope of network applications.
本发明的目的还在于提供一种安全设备,该安全设备可对操作内容进行 处理,使得该操作内容不在客户端输入, 以阻止木马用篡改或伪造操作内容 的方式达到攻击目的。  It is also an object of the present invention to provide a security device that processes the content of the operation such that the content of the operation is not entered by the client to prevent the Trojan from tampering or forging the content of the operation for attack purposes.
本发明的目的还在于提供一种网络交互系统,该系统通过使用安全设备 对操作内容正确与否进行确认且对操作内容进行处理,以阻止木马用篡改或 伪造操作内容的方式达到攻击目的,从而提供了更为安全的解决方案,提高 了网络应用系统的安全等级, 扩大了网络应用范围。 本发明的目的还在于提供一种安全设备,该安全设备可对操作内容进行 显示,使得用户可通过该显示确认操作内容是否正确,若正确则对操作内容 进行处理, 以阻止木马用篡改或伪造操作内容的方式达到攻击目的。 Another object of the present invention is to provide a network interaction system, which uses a security device to confirm the correctness of operation content and process the operation content, so as to prevent the Trojan from tampering or forging the operation content to achieve the purpose of attack, thereby Provides a more secure solution, increases the security level of network application systems, and expands the scope of network applications. The object of the present invention is also to provide a security device, which can display the operation content, so that the user can confirm whether the operation content is correct through the display, and if it is correct, the operation content is processed to prevent the Trojan from tampering or forging. The way the content is manipulated achieves the purpose of the attack.
本发明的目的在于提供一种网络交互方法,该方法使用安全设备输入操 作内容, 以阻止木马用篡改或伪造操作内容的方式达到攻击目的,从而提供 了更为安全的解决方案,提高了网络应用系统的安全等级,扩大了网络应用 范围。  The object of the present invention is to provide a network interaction method, which uses a security device to input operation content, so as to prevent the Trojan from tampering or forging the operation content to achieve the purpose of attack, thereby providing a more secure solution and improving the network application. The security level of the system expands the range of network applications.
本发明的目的还在于提供 ·种网络交互系统,该系统通过使用安全设备 输入操作内容并对操作内容进行处理,以阻止木马用篡改或伪造操作内容的 方式达到攻击目的,从而提供了更为安全的解决方案,提高了网络应用系统 的安全等级, 扩大了网络应用范围。  It is also an object of the present invention to provide a network interaction system that provides security by inputting operational content and processing the operation content by using a security device to prevent the Trojan from tampering or forging the operation content to achieve an attacking purpose. The solution has improved the security level of network application systems and expanded the scope of network applications.
本发明的目的还在于提供一种安全设备, 该安全设备可输入操作内容, 并对操作内容进行处理,使得该操作内容不在客户端输入, 以阻止木马用篡 改或伪造操作内容的方式达到攻击目的。  It is also an object of the present invention to provide a security device that can input an operation content and process the operation content such that the operation content is not input by the client, so as to prevent the Trojan from tampering or forging the operation content to achieve the purpose of attack. .
为实现上述目的, 本发明提供一种网络交互方法, 该方法包括: 客户端 接收用户输入的操作内容; 安全设备获取所述操作内容; 所述安全设备对所 述操作内容进行处理,产生用于校验的校验密文;所述客户端获取所述校验 密文; 所述客户端将所述操作内容和校验密文通过网络发送至服务器。  In order to achieve the above object, the present invention provides a network interaction method, the method includes: a client receiving an operation content input by a user; a security device acquiring the operation content; and the security device processing the operation content to generate Verifying the ciphertext of the verification; the client obtains the verification ciphertext; the client sends the operation content and the verification ciphertext to the server through the network.
为实现上述目的,本发明还提供一种网络交互系统,该系统还包括客户 端和安全设备; 其中,  To achieve the above object, the present invention further provides a network interaction system, the system further comprising a client and a security device; wherein
客户端, 用于接收用户输入的操作内容;  a client, configured to receive an operation content input by a user;
安全设备, 用于获取所述操作内容, 对所述操作内容进行处理, 产生并 显示校验密文;  a security device, configured to acquire the operation content, process the operation content, generate and display a verification ciphertext;
并且所述客户端还用于获取所述校验密文,并将所述操作内容和校验密 文通过网络发送至服务器。  And the client is further configured to obtain the verification ciphertext, and send the operation content and the verification ciphertext to the server through a network.
为实现上述目的, 本发明提供一种安全设备, 该安全设备包括: 输入单元, 所述输入单元用于供客户端用户输入所述操作内容; 处理单元,所述处理单元用于对输入的所述操作内容进行处理,产生用 于校验的校验密文;  To achieve the above object, the present invention provides a security device, the security device comprising: an input unit, the input unit is configured to input the operation content by a client user; and the processing unit is configured to input the The operation content is processed to generate a verification ciphertext for verification;
转换单元, 所述转换单元用于将所述校验密文转换为可输入字符; 显示单元, 所述显示单元用于显示转换后的所述校验密文。 为实现上述目的,本发明还提供一种网络交互系统,该系统包括客户端 和安全设备; 其中, a conversion unit, configured to convert the verification ciphertext into an inputtable character; a display unit, wherein the display unit is configured to display the converted verification ciphertext. In order to achieve the above object, the present invention further provides a network interaction system, which includes a client and a security device;
客户端,用于接收用户输入的操作内容,并将所述操作内容传送至所述 安全设备,并且接收所述安全设备传送的校验密文,将所述操作内容和校验 密文发送至所述服务器;  a client, configured to receive the operation content input by the user, and transmit the operation content to the security device, and receive the verification ciphertext transmitted by the security device, and send the operation content and the verification ciphertext to The server;
安全设备,用于接收所述客户端传送的所述操作内容,显示所述操作内 容, 并判断客户端用户是否确认所述操作内容, 若判断结果为是, 则所述安 全设备对所述操作内容进行处理,产生用于校验的校验密文,并将产生的校 验密文传送至所述客户端。  a security device, configured to receive the operation content transmitted by the client, display the operation content, and determine whether the client user confirms the operation content, and if the determination result is yes, the security device performs the operation The content is processed, a verification ciphertext for verification is generated, and the generated verification ciphertext is transmitted to the client.
为实现上述目的, 本发明还提供一种安全设备, 该安全设备包括: 接收单元, 所述接收单元用于接收客户端传送的所述操作内容; 显示单元, 所述显示单元用于显示所述操作内容;  In order to achieve the above object, the present invention further provides a security device, the security device comprising: a receiving unit, the receiving unit is configured to receive the operation content transmitted by a client, and a display unit, the display unit is configured to display the Operational content;
判断单元, 所述判断单元用于判断客户端用户是否确认所述操作内容; 处理单元,若所述判断单元的判断结果为是,则所述处理单元用于对所 述操作内容进行处理, 产生用于校验的校验密文;  a judging unit, configured to determine whether the client user confirms the operation content; and the processing unit, if the judgment result of the judging unit is yes, the processing unit is configured to process the operation content, generate Verification ciphertext for verification;
发送单元, 所述发送单元用于将所述校验密文传送至所述客户端。  a sending unit, configured to transmit the verification ciphertext to the client.
为实现上述目的, 本发明提供一种网络交互方法, 该方法包括: 安全设 备获取操作内容; 所述安全设备对所述操作内容进行处理,产生用于校验的 校验密文;所述安全设备将所述操作内容和校验密文传送至所述客户端; 所 述客户端将所述操作内容和校验密文发送至服务器。  To achieve the above objective, the present invention provides a network interaction method, the method comprising: obtaining, by a security device, operation content; the security device processing the operation content, generating a verification ciphertext for verification; the security The device transmits the operation content and the verification ciphertext to the client; the client sends the operation content and the verification ciphertext to the server.
为实现上述目的,本发明还提供 ·种网络交互系统,该系统包括服务器, 该系统还包括客户端和安全设备; 其中,  In order to achieve the above object, the present invention further provides a network interaction system, the system includes a server, and the system further includes a client and a security device;
所述安全设备,用于接收用户输入的操作内容,对所述操作内容进行处 理,产生用于校验的校验密文,并将所述操作内容和校验密文传送至所述客 户端;  The security device is configured to receive an operation content input by a user, process the operation content, generate a verification ciphertext for verification, and transmit the operation content and the verification ciphertext to the client ;
所述客户端, 用于接收所述安全设备传送的所述操作内容和校验密文, 并将所述操作内容和校验密文通过网络发送至所述服务器。  The client is configured to receive the operation content and the verification ciphertext transmitted by the security device, and send the operation content and the verification ciphertext to the server through a network.
为实现上述目的, 本发明还提供一种安全设备, 该安全设备包括: 输入单元, 所述输入单元用于供客户端用户输入所述操作内容; 处理单元,所述处理单元用于对输入的所述操作内容进行处理,产生用 于校验的校验密文; 发送单元,所述发送单元用于将所述操作内容和校验密文发送至所述客 户端。 To achieve the above object, the present invention further provides a security device, the security device comprising: an input unit, the input unit is configured to input the operation content by a client user; and the processing unit is configured to input the The operation content is processed to generate a verification ciphertext for verification; And a sending unit, configured to send the operation content and the verification ciphertext to the client.
本发明的有益效果在于,本发明使用安全设备对操作内容进行加密、或 使用安全设备对操作内容进行显示,使得木马不能在安全设备显示内容之前 进行截获篡改, 否则用户即可发觉。 因此, 木马最多只能进行阻断性攻击, 而不能用简单绕过的方式攻击得手。而阻断性攻击最多造成用户不能使用应 用系统, 不会造成用户直接的损失, 对于攻击者来说并没有收益, 从而避免 用户的损失,提供了更为安全的解决方案,提高了网络应用系统的安全等级, 扩大了网络应用范围。 附图说明 此处所说明的附图用来提供对本发明的进一步理解,构成本申请的一部 分, 并不构成对本发明的限定。 在附图中  The present invention has an advantageous effect in that the present invention encrypts the operation content using the security device or displays the operation content using the security device, so that the Trojan cannot intercept and tamper the content before the security device displays the content, otherwise the user can detect it. Therefore, the Trojan can only perform blocking attacks at most, and cannot attack with a simple bypass. Blocking attacks can cause users to use the application system at the most, without causing direct loss to the user. There is no benefit to the attacker, thus avoiding user losses, providing a more secure solution and improving the network application system. The level of security has expanded the range of network applications. BRIEF DESCRIPTION OF THE DRAWINGS The accompanying drawings, which are incorporated in the claims In the drawing
图 1是客户端和服务器之间正常操作的流程图;  Figure 1 is a flow chart of normal operation between the client and the server;
图 2是植入客户端主机的木马篡改操作内容的操作流程图;  2 is a flow chart showing the operation of the Trojan tampering operation content implanted in the client host;
图 3是植入客户端主机的木马伪造操作内容的操作流程图;  3 is a flow chart showing the operation of the Trojan forgery operation content implanted in the client host;
图 4是嵌入客户端软件的木马篡改操作内容的操作流程图;  Figure 4 is a flow chart showing the operation of the Trojan tampering operation content embedded in the client software;
图 5是客户端和服务器之间正常交互的流程图;  Figure 5 is a flow chart of normal interaction between the client and the server;
图 6是植入客户端的木马篡改该操作内容的交互流程图;  6 is an interactive flow chart of tampering with the content of the operation by the Trojan implanted in the client;
图 7是采用防火墙对木马进行防御的流程图;  Figure 7 is a flow chart of using a firewall to defend against Trojans;
图 8是本发明实施例 1的网络交互系统构成示意图;  8 is a schematic structural diagram of a network interaction system according to Embodiment 1 of the present invention;
图 9是图 8中安全设备构成示意图;  Figure 9 is a schematic view showing the structure of the security device of Figure 8;
图 10是图 8中客户端构成示意图;  Figure 10 is a schematic diagram of the structure of the client in Figure 8;
图 11是图 8中服务器构成示意图;  Figure 11 is a schematic view showing the structure of the server in Figure 8;
图 12是本发明实施例 2的网络交互系统构成示意图;  12 is a schematic structural diagram of a network interaction system according to Embodiment 2 of the present invention;
图 13是图 12中安全设备构成示意图;  Figure 13 is a schematic view showing the structure of the security device of Figure 12;
图 14是图 12中客户端构成示意图;  Figure 14 is a schematic view showing the structure of the client in Figure 12;
图 15是本发明实施例 3的网络交互系统构成示意图;  15 is a schematic structural diagram of a network interaction system according to Embodiment 3 of the present invention;
图 16是图 15中安全设备构成示意图;  Figure 16 is a schematic view showing the structure of the security device of Figure 15;
图 17是图 15中客户端构成示意图; 图 18是本发明实施例 4的一个网络交互流程图; Figure 17 is a schematic view showing the structure of the client in Figure 15; 18 is a flow chart of a network interaction according to Embodiment 4 of the present invention;
图 19是图 18中步骤 1807和 1807的 个具体实施方式的流程图; 图 20是图 18中步骤 1807和 1807的另一个具体实施方式的流程图; 图 21是图 18中步骤 1811和 1812的一个具体实施方式的流程图; 图 22是图 18中步骤 1811和 1812的另一个具体实施方式的流程图; 图 23是本发明实施例 5的网络交互流程图;  Figure 19 is a flow diagram of one embodiment of steps 1807 and 1807 of Figure 18; Figure 20 is a flow diagram of another embodiment of steps 1807 and 1807 of Figure 18; Figure 21 is a representation of steps 1811 and 1812 of Figure 18 Figure 22 is a flow chart of another embodiment of steps 1811 and 1812 of Figure 18; Figure 23 is a flow chart of network interaction of Embodiment 5 of the present invention;
图 24是实施例 6的网络交互流程图。 具体实施方式 为使本发明的目的、技术方案和优点更加清楚明白, 下面结合实施方式 和附图, 对本发明做进一步详细说明。在此, 本发明的示意性实施方式及其 说明用于解释本发明, 但并不作为对本发明的限定。  Figure 24 is a flow chart of the network interaction of the sixth embodiment. BEST MODE FOR CARRYING OUT THE INVENTION In order to make the objects, technical solutions and advantages of the present invention more comprehensible, the present invention will be further described in detail below with reference to the embodiments and drawings. The illustrative embodiments of the present invention and the description thereof are intended to explain the present invention, but are not intended to limit the invention.
本发明提供一种网络交互方法、系统及其安全设备。 以下参照附图对本 发明的具体实施方式进行详细说明。  The invention provides a network interaction method, system and security device thereof. DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings.
实施例 1  Example 1
本发明一种网络交互系统, 如图 8所示, 该系统包括服务器 803, 此外 该系统还包括客户端 801和安全设备 802; 其中, 该客户端 801用于接收用 户输入的操作内容; 该安全设备 802用于获取所述操作内容,对该操作内容 进行处理, 产生用于校验的校验密文, 并显示校验密文; 该客户端 801还用 于获取该安全设备 802产生的校验密文,并将操作内容和校验密文通过网络 发送至服务器。  The network interaction system of the present invention, as shown in FIG. 8, the system includes a server 803, and the system further includes a client 801 and a security device 802; wherein the client 801 is configured to receive operation content input by the user; The device 802 is configured to acquire the operation content, process the operation content, generate a verification ciphertext for verification, and display the verification ciphertext; the client 801 is further configured to acquire the school generated by the security device 802. The ciphertext is verified, and the operation content and the verification ciphertext are sent to the server through the network.
图 9是图 8中安全设备构成示意图。如图 9所示, 该安全设备包括: 输 入单元 901、 处理单元 902、 转换单元 904和显示单元 903; 其中, 该输入 单元 901用于供客户端用户输入操作内容;该处理单元 902用于对输入单元 901输入的操作内容进行处理, 产生用于校验的校验密文; 该转换单元 904 用于将该校验密文转换为可输入字符;该显示单元 903用于显示转换后的该 校验密文。  Figure 9 is a schematic diagram showing the structure of the security device of Figure 8. As shown in FIG. 9, the security device includes: an input unit 901, a processing unit 902, a conversion unit 904, and a display unit 903; wherein the input unit 901 is configured to input operation content for a client user; the processing unit 902 is configured to The operation content input by the input unit 901 is processed to generate a verification ciphertext for verification; the conversion unit 904 is configured to convert the verification ciphertext into an inputtable character; the display unit 903 is configured to display the converted ciphertext Verify the ciphertext.
在本实施方式中, 通过中央处理器 CPU对输入单元 901、 处理单元 902 和显示单元 903的工作进行控制。其中,处理单元 902对操作内容进行处理 可采用如下方式: 使用加密密钥,按照一定的加密协议和加密算法对操作内 容进行运算处理, 产生用于加密的校验密文。 In the present embodiment, the operations of the input unit 901, the processing unit 902, and the display unit 903 are controlled by the CPU. The processing unit 902 can process the operation content in the following manner: using an encryption key, according to a certain encryption protocol and an encryption algorithm The operation is performed to generate a verification ciphertext for encryption.
在本实施方式中,转换单元 904采用一定的字符变换规则将产生的校验 密文进行转换, 转换为可输入字符, 且可。 但不限于此。  In the present embodiment, the conversion unit 904 converts the generated verification ciphertext into a character that can be input by using a certain character conversion rule. But it is not limited to this.
由上述可知, 上述安全设备 802可与客户端 801不连接, 通过客户端 801用户利用安全设备 802的输入单元 901输入操作内容, 并且该用户还可 将该安全设备 802 的显示单元 903显示的转换后的校验密文输入该客户端 801。  As can be seen from the above, the security device 802 can be disconnected from the client 801. The user 801 uses the input unit 901 of the security device 802 to input the operation content, and the user can also display the conversion of the display unit 903 of the security device 802. The latter verification ciphertext is input to the client 801.
图 10是图 8中客户端构成示意图。如图 10所示,该客户端 801包括第 一输入单元 1001和第一发送单元 1003; 其中,  Figure 10 is a schematic diagram of the structure of the client in Figure 8. As shown in FIG. 10, the client 801 includes a first input unit 1001 and a first sending unit 1003;
该第一输入 元 1001用于供客户端用户输入该操作内容和校验密文; 该第 发送单元 1003用于将该第 输入单元 1001传送的操作内容和校验密 文传送至服务器 803。  The first input unit 1001 is configured to input the operation content and the verification ciphertext by the client user; the first sending unit 1003 is configured to transmit the operation content and the verification ciphertext transmitted by the first input unit 1001 to the server 803.
图 11是图 8中服务器构成示意图。如图 11所示,该服务器 803包括第 二接收单元 1101判断单元 1103、 操作单元 1104和第二发送单元 1105; 其中, 该第二接收单元 1101用于接收客户端 801传送的操作内容和校 验密文; 该判断单元 1103用于判断该操作内容与校验密文是否匹配; 当判 断单元 1103的判断结果为是时,该操作单元 1104用于根据获取的操作内容 进行相应的操作; 该第二发送单元 1105用于将操作结果传送至客户端 801。  Figure 11 is a block diagram showing the structure of the server of Figure 8. As shown in FIG. 11, the server 803 includes a second receiving unit 1101 determining unit 1103, an operating unit 1104, and a second sending unit 1105. The second receiving unit 1101 is configured to receive the operation content and checksum transmitted by the client 801. The ciphering unit 1103 is configured to determine whether the operation content matches the verification ciphertext; when the determination result of the determination unit 1103 is YES, the operation unit 1104 is configured to perform a corresponding operation according to the acquired operation content; The two transmitting unit 1105 is configured to transmit the operation result to the client 801.
此外, 如图 10所示, 该客户端 801还可包括第一加密单元 1002, 该第 —加密单元 1002用于将该操作内容和校验密文进行加密, 然后通过第一发 送单元 1003将加密后的操作内容和校验密文传送至服务器 803, 这样可进 一步保证传输数据的安全性。 相应地, 如图 11所示, 该服务器 803还包括 第二解密单元 1102, 该第二解密单元 1102用于对接收的加密的操作内容和 校验密文进行解密, 以获取该操作内容和校验密文。  In addition, as shown in FIG. 10, the client 801 may further include a first encryption unit 1002 for encrypting the operation content and the verification ciphertext, and then encrypting by the first sending unit 1003. The subsequent operation content and the verification ciphertext are transmitted to the server 803, which further ensures the security of the transmitted data. Correspondingly, as shown in FIG. 11, the server 803 further includes a second decryption unit 1102, configured to decrypt the received encrypted operation content and the verified ciphertext to obtain the operation content and the school. Check the ciphertext.
该判断单元 1103判断操作内容和校验密文是否匹配, 即对数据的合法 性进行判断, 可采用如下方式: 该判断单元 1103对接收到的操作内容进行 处理,且该处理与在该安全设备 802中进行的处理相同, 即采用与安全设备 802相同的加密算法和加密协议处理, 产生校验密文, 然后将产生的校验密 文与通过网络从客户端 801接收的校验密文进行比较,判断产生的校验密文 与接收到的校验密文是否相同,若相同则该操作内容合法,校验密文与操作 内容匹配, 未被木马篡改或伪造; 否则认为有木马, 定为非法数据返回客户 端 801。 The determining unit 1103 determines whether the operation content and the verification ciphertext match, that is, the legality of the data is determined, and the following manner may be adopted: the determining unit 1103 processes the received operation content, and the processing is performed on the security device. The processing performed in 802 is the same, that is, the same encryption algorithm and encryption protocol as the security device 802 are used to generate the verification ciphertext, and then the generated verification ciphertext is performed with the verification ciphertext received from the client 801 through the network. Comparing, judging whether the generated verification ciphertext is the same as the received verification ciphertext, if the same, the operation content is legal, and the verification ciphertext matches the operation content, and is not tampered or forged by the Trojan; otherwise, it is considered that there is a Trojan, Returning customers for illegal data End 801.
因此, 通过上述方式使得服务器 803发现操作内容与校验密文不匹配, 而攻击者并不知道安全设备所使用加密密钥, 因此,使得攻击者无法自行构 造操作内容和校验密文, 从而进一步保证网络交互安全性。  Therefore, in the above manner, the server 803 finds that the operation content does not match the verification ciphertext, and the attacker does not know the encryption key used by the security device, thereby preventing the attacker from constructing the operation content and verifying the ciphertext. Further ensure network interaction security.
如图 10所示, 客户端 801还包括第一接收单元 1004和第一显示单元 As shown in FIG. 10, the client 801 further includes a first receiving unit 1004 and a first display unit.
1006; 其中, 该第一接收单元 1004用于接收服务器 803传送的操作结果; 该第一显示单元 1006用于显示上述操作结果。 1006. The first receiving unit 1004 is configured to receive an operation result transmitted by the server 803. The first display unit 1006 is configured to display the operation result.
此外,该服务器 803在将操作结果返回至客户端 801之前,还可对该操 作结果进行加密; 当客户端 801接收到该操作结果后,对该操作结果进行解 密后显示。 因此, 该服务器 803还包括第二加密 元 1106, 该第二加密 元 1106用于对该操作结果进行加密, 并将加密后的所述操作结果传送至第 二发送单元 1105;  In addition, the server 803 can encrypt the operation result before returning the operation result to the client 801. After the client 801 receives the operation result, the operation result is decrypted and displayed. Therefore, the server 803 further includes a second encryption element 1106, the second encryption element 1106 is used to encrypt the operation result, and the encrypted operation result is transmitted to the second sending unit 1105;
相应地, 客户端 801还包括第一解密单元 1005, 该第一解密单元 1005 用于对加密后的操作结果进行解密,然后送至第二显示单元 1006进行显示。  Correspondingly, the client 801 further includes a first decryption unit 1005 for decrypting the encrypted operation result and then sending it to the second display unit 1006 for display.
由上述可知, 该系统通过使用安全设备 802, 可完成操作内容的输入和 加密处理,木马虽然可以在客户端修改或伪造明文形式的操作内容,但是无 法阻止用户在安全设备上输入正确的操作内容,也无法在安全设备上自行输 入篡改或伪造的操作内容。因此无法得到与被篡改或伪造的操作内容对应的 校验密文。所以在服务器上不能校验通过。 因此, 可避免给用户带来不必要 的损失, 保证了网络交互的安全性, 从而提供了更为安全的解决方案, 提高 了各种网络应用系统的安全等级, 扩大了网络应用范围。  It can be seen from the above that the system can complete the input and encryption processing of the operation content by using the security device 802. Although the Trojan can modify or forge the operation content in the plaintext form on the client, it cannot prevent the user from inputting the correct operation content on the security device. It is also impossible to enter tampering or forgery of the operation content on the security device. Therefore, the verification ciphertext corresponding to the falsified or forged operation content cannot be obtained. Therefore, the verification cannot be passed on the server. Therefore, it can avoid unnecessary loss to the user and ensure the security of the network interaction, thereby providing a more secure solution, improving the security level of various network application systems, and expanding the network application range.
上述实施方式中,安全设备 802可单独使用,也可集成在现有的便携设 备上使用, 如该安全设备 802采用手机实现。  In the above embodiment, the security device 802 can be used alone or integrated on an existing portable device, such as the security device 802 implemented by a mobile phone.
实施例 2  Example 2
本发明还提供一种网络交互系统, 如图 12 所示, 该系统包括服务器 The present invention also provides a network interaction system, as shown in FIG. 12, the system includes a server.
1203, 还包括客户端 1201和安全设备 1202; 其中, 1203, further comprising a client 1201 and a security device 1202; wherein
客户端 1201, 用于接收用户输入的操作内容, 并将该操作内容传送至 该安全设备 1202, 并且接收该安全设备 1202传送的校验密文, 将该操作内 容和校验密文发送至服务器 1203;  The client 1201 is configured to receive the operation content input by the user, and transmit the operation content to the security device 1202, and receive the verification ciphertext transmitted by the security device 1202, and send the operation content and the verification ciphertext to the server. 1203;
安全设备 1202, 用于接收该客户端 1201传送的该操作内容, 并显示该 操作内容, 判断客户端用户是否确认该操作内容, 若判断结果为是, 则该安 全设备 1202对该操作内容进行处理, 产生用于校验的校验密文, 并将产生 的校验密文传送至该客户端 1201。 The security device 1202 is configured to receive the operation content transmitted by the client 1201, display the operation content, determine whether the client user confirms the operation content, and if the determination result is yes, the security device The full device 1202 processes the operation content, generates a verification ciphertext for verification, and transmits the generated verification ciphertext to the client 1201.
由上述可知, 如果木马在安全设备 1202获取操作内容前修改或伪造操 作内容, 则用户可以发觉并加以阻止; 而用户加以确认的操作内容(这时操 作内容已经处于安全设备 1202内部, 木马无法修改) , 与之匹配的是安全 设备 1202返回的加密处理后的校验密文, 因为木马无法获得与之匹配的校 验密文, 因此, 木马不能在安全设备 1202返回校验密文后, 再修改操作内 容。 因此, 可避免给用户带来不必要的损失, 保证了网络交互的安全性。  It can be seen from the above that if the Trojan modifies or falsifies the operation content before the security device 1202 obtains the operation content, the user can detect and block the operation content that the user confirms (the operation content is already inside the security device 1202, the Trojan cannot be modified) And matching with the encrypted ciphertext returned by the security device 1202, because the trojan cannot obtain the matching ciphertext, the trojan cannot return the ciphertext after the security device 1202 returns. Modify the content of the operation. Therefore, unnecessary loss to the user can be avoided, and the security of the network interaction is ensured.
与实施例 1不同, 在本实施方式中, 该安全设备 1202与客户端 1201 相互连接, 可通过有线或无线的方式传送信息。  Different from Embodiment 1, in the present embodiment, the security device 1202 and the client 1201 are connected to each other, and information can be transmitted by wire or wirelessly.
图 13是图 12中安全设备的构成不意图。如图 13所不,该安全设备 1202 包括接收单元 1301、 显示单元 1302、 判断单元 1303、 处理单元 1304和发 送单元 1305; 其中, 该接收单元 1301用于接收客户端 1201传送的操作内 容; 该显示单元 1302用于显示该操作内容; 该判断单元 1303用于判断客户 端用户是否确认该操作内容; 若该判断单元 1303的判断结果为是, 则该处 理单元 1304用于对该操作内容进行处理, 产生用于校验的校验密文; 该发 送单元 1305用于将该校验密文传送至该客户端 1201。  Figure 13 is a schematic illustration of the configuration of the security device of Figure 12. As shown in FIG. 13, the security device 1202 includes a receiving unit 1301, a display unit 1302, a determining unit 1303, a processing unit 1304, and a sending unit 1305. The receiving unit 1301 is configured to receive an operation content transmitted by the client 1201. The unit 1302 is configured to display the operation content. The determining unit 1303 is configured to determine whether the client user confirms the operation content. If the determination result of the determination unit 1303 is YES, the processing unit 1304 is configured to process the operation content. A verification ciphertext is generated for verification; the sending unit 1305 is configured to transmit the verification ciphertext to the client 1201.
此外, 该安全设备 1202还包括输入单元 1306, 该输入单元 1306还可 用于供用户输入确认该操作内容的信息。  In addition, the security device 1202 further includes an input unit 1306, which can also be used for the user to input information confirming the content of the operation.
由上述可知, 当安全设备 1202接收到客户端 1201传送的操作内容后, 将该操作内容进行显示,此时用户可根据安全设备 1202显示单元 1302的显 示确认该操作内容是否有误, 若操作内容无误, 则可通过该安全设备 1202 的输入单元 1306中设置的确认按键进行确认,若判断单元 1303判断该用户 已经确认该操作内容,则该安全设备 1202的处理单元 1304对该操作内容进 行处理, 并将处理结果传送至客户端 1201。 若用户确认该操作内容有误时, 则通过输入单元 1306中设置的取消按键。 因此, 如果木马在安全设备 1202 获取操作内容前修改或伪造操作内容, 则用户可以发觉并加以阻止。  It can be seen from the above that after the security device 1202 receives the operation content transmitted by the client 1201, the operation content is displayed. At this time, the user can confirm whether the operation content is incorrect according to the display of the display unit 1302 of the security device 1202. If the error is determined, the confirmation unit 1306 of the security device 1202 can confirm the operation. If the determination unit 1303 determines that the user has confirmed the operation content, the processing unit 1304 of the security device 1202 processes the operation content. The processing result is transmitted to the client 1201. If the user confirms that the operation content is incorrect, the cancel button set in the input unit 1306 is passed. Therefore, if the Trojan modifies or falsifies the operation content before the security device 1202 obtains the operation content, the user can detect and block it.
图 14是图 12中客户端构成示意图。 如图 14所示, 该客户端包括第一 输入单元 1401、 第一发送单元 1402、 第一接收单元 1403; 其中,  Figure 14 is a block diagram showing the structure of the client in Figure 12. As shown in FIG. 14, the client includes a first input unit 1401, a first sending unit 1402, and a first receiving unit 1403;
该第 -输入单元 1401用于供客户端用户输入操作内容; 该第 -发送单元 1402用于将该操作内容发送至安全设备 1202; 该第一接收单元 1403用于接 收该安全设备 1202传送校验密文; 并且该第一发送单元 1402还用于将操作 内容和校验密文传送至服务器 1203。 The first input unit 1401 is configured to input, by the client user, the operation content; the first sending unit 1402 is configured to send the operation content to the security device 1202; the first receiving unit 1403 is configured to receive the security device 1202 to transmit the verification ciphertext; and the first sending unit 1402 is further configured to use the operation content and the verification ciphertext Transfer to server 1203.
此外, 如图 14所示, 该客户端 801还可包括第一加密单元 1404, 该第 一加密单元 1404用于将该操作内容和校验密文进行加密, 然后通过第一发 送单元 1402将加密后的操作内容和校验密文传送至服务器 1203, 这样可进 一步保证传输数据的安全性。  In addition, as shown in FIG. 14, the client 801 may further include a first encryption unit 1404 for encrypting the operation content and the verification ciphertext, and then encrypting by the first sending unit 1402. The subsequent operation content and the verification ciphertext are transmitted to the server 1203, which further ensures the security of the transmitted data.
该服务器 1203的构成与实施例 1类似, 如图 12所述, 此处不再赘述。 相应地, 客户端 1201 还可包括第一解密单元 1405 和第一显示单元 1406, 其作用与实施例 1类似, 此处不再赘述。  The configuration of the server 1203 is similar to that of the embodiment 1, as shown in FIG. 12, and details are not described herein again. Correspondingly, the client 1201 may further include a first decryption unit 1405 and a first display unit 1406, and its function is similar to that of Embodiment 1, and details are not described herein again.
由上述可知, 如果木马在安全设备 1202获取操作内容前修改或伪造操 作内容, 则用户可以发觉并加以阻止; 而用户加以确认的操作内容, 与之匹 配的是安全设备 1202返回的加密处理后的校验密文, 木马不能在安全设备 1202返回校验密文后, 再修改操作内容, 否则在服务器 1203会发现操作内 容与校验密文与操作内容不匹配。 攻击者不知道安全设备 1202所使用加密 密钥, 因此无法自行构造操作内容和校验密文对, 从而保证了安全性。  It can be seen from the above that if the Trojan modifies or falsifies the operation content before the security device 1202 obtains the operation content, the user can detect and block the content; and the operation content confirmed by the user is matched with the encryption process returned by the security device 1202. After the ciphertext is verified, the Trojan cannot modify the operation content after the security device 1202 returns the verification ciphertext. Otherwise, the server 1203 may find that the operation content does not match the verification ciphertext and the operation content. The attacker does not know the encryption key used by the security device 1202, so the operation content and the verification ciphertext pair cannot be constructed by itself, thereby ensuring security.
上述实施方式中, 安全设备 1202可单独使用, 也可集成在现有的便携 设备上使用,如采用用于电子证书运算的 USB加密设备、或者采用人体生物 特征认证设备, 如指纹认证、 虹膜认证的设备等实现, 在这种情况下, 安全 设备 1202显示操作内容后且用户进行确认时, 可使用人体生物特征认证设 备对操作内容进行确认,如使用指纹、虹膜等人体生物特征进行确认。因此, 安全设备 1202中的输入单元 1306可为键输入单元、人体生物特征认证单元 等。  In the above embodiment, the security device 1202 can be used alone or integrated in an existing portable device, such as a USB encryption device for electronic certificate calculation or a human biometric authentication device, such as fingerprint authentication and iris authentication. The device or the like is implemented. In this case, after the security device 1202 displays the operation content and the user confirms, the human biometric authentication device can be used to confirm the operation content, for example, using human biometrics such as fingerprints and irises. Accordingly, the input unit 1306 in the security device 1202 can be a key input unit, a human biometric authentication unit, or the like.
实施例 3  Example 3
本发明还提供一种网络交互系统, 如图 15 所示, 该系统包括服务器 The present invention also provides a network interaction system, as shown in FIG. 15, the system includes a server.
1503, 还包括客户端 1501和安全设备 1502; 其中, 1503, further comprising a client 1501 and a security device 1502; wherein
该安全设备 1502用于接收用户输入的操作内容, 对该操作内容进行处 理,产生用于校验的校验密文,并将该操作内容和校验密文传送至该客户端 1501;该客户端 1501用于接收该安全设备 1502传送的该操作内容和校验密 文, 并将该操作内容和校验密文通过网络发送至该服务器 1503。 由上述可知, 该系统通过使用安全设备 1502, 可完成操作内容的输入 和加密处理, 即用户不需要在客户端人机界面上输入操作内容,这里我们称 之为全硬件输入。 由于用户不在客户端上输入操作内容,木马也无法入侵安 全设备内容, 因此, 木马只能截获安全设备输出的明文形式的操作内容, 但 是木马无法获得与被篡改或伪造的操作内容对应的校验密文,因此在服务器 上不能通过检验。这样就避免给用户带来不必要的损失,从而提供了更为安 全的解决方案,提高了各种网络应用系统的安全等级,扩大了网络应用范围。 The security device 1502 is configured to receive the operation content input by the user, process the operation content, generate a verification ciphertext for verification, and transmit the operation content and the verification ciphertext to the client 1501; the client The terminal 1501 is configured to receive the operation content and the verification ciphertext transmitted by the security device 1502, and send the operation content and the verification ciphertext to the server 1503 through the network. It can be seen from the above that the system can complete the input and encryption processing of the operation content by using the security device 1502, that is, the user does not need to input the operation content on the client human-machine interface, which is referred to herein as full hardware input. Since the user does not input the operation content on the client, the Trojan can not invade the security device content. Therefore, the Trojan can only intercept the operation content in the clear text output by the security device, but the Trojan cannot obtain the verification corresponding to the tampering or forged operation content. Ciphertext, so it cannot pass the test on the server. This avoids unnecessary losses to the user, thereby providing a more secure solution, improving the security level of various network application systems, and expanding the scope of network applications.
图 16是图 15中安全设备构成示意图。 如图 16所示, 该安全设备 1502 包括: 输入单元 1601、 处理单元 1602和发送单元 1603; 其中,  Figure 16 is a block diagram showing the construction of the security device of Figure 15. As shown in FIG. 16, the security device 1502 includes: an input unit 1601, a processing unit 1602, and a sending unit 1603;
该输入单元 1601 用于供客户端用户输入操作内容; 该处理单元 1602 用于对输入的该操作内容进行处理,产生用于校验的校验密文; 该发送单元 用于将该操作内容和校验密文发送至该客户端 1501。  The input unit 1601 is configured to input the operation content by the client user; the processing unit 1602 is configured to process the input operation content to generate a verification ciphertext for verification; the sending unit is configured to use the operation content and The verification ciphertext is sent to the client 1501.
图 17是图 15中客户端的构成示意图。 如图 17所示, 该客户端 1501 包括第一接收单元 1701和第一发送单元 1702; 其中,  Figure 17 is a block diagram showing the configuration of the client in Figure 15. As shown in FIG. 17, the client 1501 includes a first receiving unit 1701 and a first sending unit 1702;
该第一接收单元 1701用于接收该安全设备 1502传送的该操作内容和校 验密文; 该第 -发送单元 1702用于将该操作内容和校验密文传送至该服务 器 1503。  The first receiving unit 1701 is configured to receive the operation content and the verification ciphertext transmitted by the security device 1502. The first sending unit 1702 is configured to transmit the operation content and the verification ciphertext to the server 1503.
如图 17所示, 该客户端 1501还包括第一加密单元 1703, 该第一加密 单元 1703 用于将该操作内容和校验密文进行加密; 并且该第 -发送单元 1702将加密后的该操作内容和校验密文传送至该服务器 1503。  As shown in FIG. 17, the client 1501 further includes a first encryption unit 1703, where the first encryption unit 1703 is configured to encrypt the operation content and the verification ciphertext; and the first-transmission unit 1702 encrypts the encrypted content. The operation content and the verification ciphertext are transmitted to the server 1503.
该服务器 1503的构成与实施例 1类似, 如图 12所述, 此处不再赘述。 相应地, 客户端 1501 还可包括第一解密单元 1704 和第一显示单元 1705, 其作用与实施例 1类似, 此处不再赘述。  The configuration of the server 1503 is similar to that of the embodiment 1, as shown in FIG. 12, and details are not described herein again. Correspondingly, the client 1501 may further include a first decryption unit 1704 and a first display unit 1705, and its function is similar to that of Embodiment 1, and details are not described herein again.
上述实施方式中, 安全设备 1202可单独使用, 也可集成在现有的便携 设备上使用, 如采用用于电子证书运算的 USB加密设备、 或者手机等实现。  In the above embodiment, the security device 1202 may be used alone or integrated on an existing portable device, such as a USB encryption device for electronic certificate computing, or a mobile phone.
由上述可知, 该系统通过使用安全设备 1502实现全硬件输入。 由于用 户不在客户端上输入操作内容, 木马也无法入侵安全设备内容, 因此, 木马 只能截获安全设备输出的明文形式的操作内容,但是木马无法获得与被篡改 或伪造的操作内容对应的校验密文, 因此在服务器上不能通过检验。这样就 避免给用户带来不必要的损失,从而提供了更加安全的解决方案,提高了各 种网络应用系统的安全等级, 扩大了网络应用范围。 As can be seen from the above, the system implements full hardware input by using the security device 1502. Since the user does not input the operation content on the client, the Trojan can not invade the security device content. Therefore, the Trojan can only intercept the operation content in the clear text output by the security device, but the Trojan cannot obtain the verification corresponding to the tampering or forged operation content. Ciphertext, so it cannot pass the test on the server. This avoids unnecessary losses to the user, thus providing a more secure solution and improving each The security level of the network application system expands the scope of network applications.
实施例 4  Example 4
本发明还提供一种网络交互方法,该方法包括:客户端接收用户输入的 操作内容; 安全设备获取该操作内容; 该安全设备对该操作内容进行处理, 产生用于校验的校验密文; 该客户端获取该校验密文; 该客户端将该操作内 容和校验密文发送至服务器。  The present invention also provides a network interaction method, the method comprising: a client receiving an operation content input by a user; the security device acquiring the operation content; the security device processing the operation content, generating a verification ciphertext for verification The client obtains the verification ciphertext; the client sends the operation content and the verification ciphertext to the server.
由上述可知, 该方法使用安全设备输入操作内容且对操作内容进行加 密, 以阻止木马用篡改或伪造操作内容的方式达到攻击目的,从而提供了更 为安全的解决方案,提高了网络应用系统的安全等级,扩大了网络应用范围。  It can be seen from the above that the method uses a security device to input the operation content and encrypt the operation content to prevent the Trojan from tampering or forging the operation content to achieve the attack purpose, thereby providing a more secure solution and improving the network application system. The level of security has expanded the range of network applications.
以下结合附图 8、 18对该方法进行详细说明。  The method will be described in detail below with reference to Figs.
步骤 1801, 用户在客户端 801的人机界面上进行操作, 可通过该客户 端 801的输入单元, 如键盘或鼠标输入操作内容;  Step 1801: The user operates on the human-machine interface of the client 801, and the operation content can be input through an input unit of the client 801, such as a keyboard or a mouse;
步骤 1802, 该客户端 801接收该用户的操作内容;  Step 1802, the client 801 receives the operation content of the user;
步骤 1803, 用户通过安全设备 802的输入单元输入该操作内容; 步骤 1804, 该安全设备 802用一定的加密算法和加密协议产生用于校 验的校验密文,并按照一定字符转换规则转换为可输入字符,并将转换后的 该校验密文显示在该安全设备 802的显示单元上;  Step 1803, the user inputs the operation content through the input unit of the security device 802. Step 1804, the security device 802 generates a verification ciphertext for verification by using a certain encryption algorithm and an encryption protocol, and converts to a certain character conversion rule according to a certain character conversion rule. Characters can be input, and the converted check ciphertext is displayed on the display unit of the security device 802;
步骤 1805, 用户将安全设备 802显示的转换后的该校验密文输入客户 端 801 ;  Step 1805, the user inputs the converted ciphertext displayed by the security device 802 into the client 801;
步骤 1806, 客户端 801将操作内容和校验密文通过网络传送至服务器 Step 1806, the client 801 transmits the operation content and the verification ciphertext to the server through the network.
803; 803;
步骤 1807, 该服务器 803接收客户端 801传送的操作内容和校验密文; 步骤 1808, 该服务器 803验证数据的合法性, 即验证该操作内容和校 验数密文是否匹配, 可通过如下方式进行验证:  Step 1807, the server 803 receives the operation content and the verification ciphertext transmitted by the client 801. Step 1808, the server 803 verifies the legality of the data, that is, verifies whether the operation content and the check ciphertext match, by using the following manner authenticating:
服务器 803采用与该安全设备 802中相同的加密算法和加密协议对接收 到的操作内容进行处理,产生校验密文,然后将产生的该校验密文和接收的 校验密文进行比较,判断产生的校验密文与接收的校验密文是否相同,若相 同则判断该数据合法, 接收到的校验密文和操作内容匹配, 这样, 可知该操 作内容是否被木马篡改。若产生的校验密文和接收到的校验密文不同,则认 为有木马篡改操作内容,在判断该数据非法,不作任何处理返回客户端 80丄。  The server 803 processes the received operation content by using the same encryption algorithm and encryption protocol as the security device 802, generates a verification ciphertext, and then compares the generated verification ciphertext with the received verification ciphertext. It is judged whether the generated verification ciphertext is the same as the received verification ciphertext, and if the same, the data is judged to be legal, and the received verification ciphertext matches the operation content, so that it is known whether the operation content is tampered with by the Trojan. If the generated verification ciphertext is different from the received verification ciphertext, it is considered that there is a Trojan tampering with the operation content, and it is judged that the data is illegal, and no processing is returned to the client.
步骤 1809、 1810, 若判断合法, 则服务器 803根据操作内容进行指定 的操作, 产生操作结果; Steps 1809 and 1810, if the judgment is legal, the server 803 specifies the content according to the operation content. Operation, producing an operation result;
步骤 1811, 服务器 803将操作结果通过网络发送至客户端 801 ;  Step 1811, the server 803 sends the operation result to the client 801 through the network;
步骤 1812, 该客户端 801接收服务器 803传送的操作结果;  Step 1812, the client 801 receives the operation result transmitted by the server 803.
步骤 1813, 该客户端 801将该操作结果进行显示。  In step 1813, the client 801 displays the result of the operation.
上述实施方式中,安全设备 802与客户端 801不连接,可采用手机实现。 该系统通过使用安全设备 802,完成操作内容的输入和加密处理,服务器 803 通过对操作内容和校验密文的合法性进行校验,可使得服务器 803发现操作 内容与校验密文是否为攻击者自行构造, 从而进 ·步保证网络交互安全性, 从而提供了更为安全的解决方案,提高了各种网络应用系统的安全等级,扩 大了网络应用范围。  In the above embodiment, the security device 802 is not connected to the client 801 and can be implemented by using a mobile phone. The system performs the input and encryption processing of the operation content by using the security device 802. The server 803 verifies the validity of the operation content and the verification ciphertext, so that the server 803 finds whether the operation content and the verification ciphertext are attacks. The user constructs itself to ensure the security of network interaction, thus providing a more secure solution, improving the security level of various network application systems, and expanding the scope of network applications.
图 19是本发明步骤 1806和 1807的 个实施方式流程图。如图 19所不, 具体实施方式如下:  Figure 19 is a flow diagram of one embodiment of steps 1806 and 1807 of the present invention. As shown in Figure 19, the specific implementation is as follows:
步骤 1901, 该客户端 801可按照公开和自定义的网络协议, 将操作内 容和校验密文封装成通讯包;  Step 1901, the client 801 can encapsulate the operation content and the verification ciphertext into a communication package according to a public and customized network protocol.
步骤 1902, 该客户端 801将该通讯包通过网络传送至服务器 803;  Step 1902, the client 801 transmits the communication packet to the server 803 through the network;
步骤 1903, 该服务器 803接收到该通讯包后, 采用与客户端 801相同 的通讯协议, 将该通讯包进行解析, 以获得操作内容和校验密文。  Step 1903: After receiving the communication packet, the server 803 uses the same communication protocol as the client 801 to parse the communication packet to obtain the operation content and the verification ciphertext.
在本实施方式中,为了更进一步提高网络数据传输的安全性,还可在步 骤 1806将操作内容和校验密文传送至服务器 803之前, 将该操作内容和校 验密文进行加密, 加密后再进行传输。相应地, 在服务器 803接收该操作内 容和校验密文后, 先进行解密, 然后再执行步骤 1807。 其中, 具体实施方 式如图 20所示:  In this embodiment, in order to further improve the security of network data transmission, before the operation content and the verification ciphertext are transmitted to the server 803 in step 1806, the operation content and the verification ciphertext may be encrypted, and then encrypted. Then transfer. Correspondingly, after the server 803 receives the operation content and the verification ciphertext, decryption is performed first, and then step 1807 is performed. Among them, the specific implementation method is shown in Figure 20:
步骤 2001, 客户端 801将操作内容和校验密文作为一个或多个密码系 统的输入信息的 ·部分, 参与密码系统的运算, 得到运算后的加密密文; 步骤 2002, 该客户端 801按照公开或自定义的网络协议, 将该加密密 文封装成通讯包;  Step 2001, the client 801 uses the operation content and the verification ciphertext as part of the input information of one or more cryptosystems, participates in the operation of the cryptosystem, and obtains the encrypted ciphertext after the operation; in step 2002, the client 801 follows a public or customized network protocol that encapsulates the encrypted ciphertext into a communication package;
步骤 2003, 该客户端 801将该通讯包通过网络传送至该服务器 803; 步骤 2004, 该服务器 803接收到该通讯包之后, 采用与客户端 801相 同的通讯协议, 将接收到的通讯包进行解析, 得到该加密密文;  In step 2003, the client 801 transmits the communication packet to the server 803 through the network. In step 2004, after receiving the communication packet, the server 803 analyzes the received communication packet by using the same communication protocol as the client 801. , obtaining the encrypted ciphertext;
步骤 2005, 该服务器 803对该加密密文进行对应于该客户端 801的逆 运算, 得到该操作内容和校验密文。 图 21是本发明步骤 1811和 1812的一个实施方式流程图。如图 21所示, 具体实施方式如下: In step 2005, the server 803 performs an inverse operation on the encrypted ciphertext corresponding to the client 801 to obtain the operation content and the verification ciphertext. 21 is a flow diagram of one embodiment of steps 1811 and 1812 of the present invention. As shown in FIG. 21, the specific implementation is as follows:
步骤 2101, 该服务器 803按照公开和自定义的网络协议, 将操作结果 封装成通讯包;  Step 2101, the server 803 encapsulates the operation result into a communication package according to a public and customized network protocol.
步骤 2102, 该服务器 803将该通讯包通过网络传送至客户端 801 ;  Step 2102, the server 803 transmits the communication packet to the client 801 through the network;
步骤 2103, 该客户端 801接收到该通讯包后, 采用与服务器 803相同 的通讯协议, 将该通讯包进行解析, 以获得操作结果。  Step 2103: After receiving the communication packet, the client 801 uses the same communication protocol as the server 803 to parse the communication packet to obtain an operation result.
在本实施方式中,为了更进 ·步提高网络数据传输的安全性,在服务器 803在将操作结果传送至客户端 801之前,先对操作结果进行加密;相应地, 在客户端 801接收该操作结果后, 对该操作结果进行解密后再显示。 其中, 具体实施方式如图 22所不:  In the present embodiment, in order to further improve the security of the network data transmission, the server 803 encrypts the operation result before transmitting the operation result to the client 801; accordingly, the client 801 receives the operation. After the result, the result of the operation is decrypted and then displayed. Among them, the specific implementation is as shown in Figure 22:
步骤 2201, 服务器 803将操作结果作为一个或多个密码系统的输入信 息的一部分, 参与密码系统的运算, 得到运算后的加密密文;  Step 2201: The server 803 uses the operation result as part of the input information of one or more cryptosystems, participates in the operation of the cryptosystem, and obtains the encrypted ciphertext after the operation;
步骤 2202, 该服务器 803按照公开或自定义的网络协议, 将该加密密 文封装成通讯包;  Step 2202, the server 803 encapsulates the encrypted ciphertext into a communication packet according to a public or customized network protocol.
步骤 2203, 该服务器 803将该通讯包通过网络传送至该客户端 801 ; 步骤 2204, 该客户端 801接收到该通讯包之后, 采用与服务器 803相 同的通讯协议, 将接收到的通讯包进行解析, 得到该加密密文;  Step 2203, the server 803 transmits the communication packet to the client 801 through the network; Step 2204, after receiving the communication packet, the client 801 parses the received communication packet by using the same communication protocol as the server 803. , obtaining the encrypted ciphertext;
步骤 2205, 该客户端 801对该加密密文进行对应于该服务器 803的逆 运算, 得到该操作结果。  Step 2205: The client 801 performs an inverse operation on the encrypted ciphertext corresponding to the server 803 to obtain the operation result.
由上述可知,通过使用安全设备对操作内容进行处理,产生用于校验的 校验密文,通过服务器进行合法性校验,使得木马不能篡改、伪造操作内容, 一但篡改操作内容, 即可被发现。 因此, 木马最多只能进行阻断性攻击, 而 不能用简单绕过的方式攻击得手。而阻断性攻击最多造成用户不能使用应用 系统, 不会造成用户直接的损失, 对于攻击者来说并没有收益。  It can be seen from the above that by using the security device to process the operation content, the verification ciphertext for verification is generated, and the validity check is performed by the server, so that the Trojan can not tamper with and forge the operation content, and once the operation content is falsified, be found. Therefore, the Trojan can only perform blocking attacks at most, and cannot attack with a simple bypass. Blocking attacks can cause users to use the application system at the most, without causing direct loss to the user, and there is no benefit to the attacker.
实施例 5  Example 5
以下结合附图 12、 23对本发明网络交互方法进行详细说明。  The network interaction method of the present invention will be described in detail below with reference to FIGS. 12 and 23.
步骤 2301, 用户在客户端 1201的人机界面上进行操作, 可通过该客户 端 1201的输入单元, 如键盘或鼠标输入操作内容;  Step 2301: The user operates on the human-machine interface of the client 1201, and the operation content can be input through an input unit of the client 1201, such as a keyboard or a mouse;
步骤 2302, 该客户端 1201接收该用户的操作内容, 然后将该操作内容 传送至安全设备 1202; 步骤 2303, 安全设备 1202的显示单元对该操作内容进行显示; 步骤 2304, 该安全设备 1202根据显示检查操作内容是否有误, 若判断 无误,则通过该安全设备 1202的输入单元进行确认,确认后该安全设备 1202 用一定的加密算法和加密协议产生用于校验的校验密文,并将该校验密文传 送至客户端 1201 ; 此外, 还可通过指纹、 虹膜等人体生物特征方式进行确 认; Step 2302, the client 1201 receives the operation content of the user, and then transmits the operation content to the security device 1202; Step 2303, the display unit of the security device 1202 displays the content of the operation; Step 2304, the security device 1202 checks whether the content of the operation is incorrect according to the display, and if the determination is correct, the input unit of the security device 1202 confirms, after confirming The security device 1202 generates a verification ciphertext for verification by using a certain encryption algorithm and an encryption protocol, and transmits the verification ciphertext to the client 1201; in addition, it can also be performed by a human biometric method such as a fingerprint or an iris. confirm;
步骤 2305, 客户端 1201将操作内容和校验密文传送至服务器 1203; 步骤 2306至步骤 2012与图 18中的步骤 1807〜1813类似,此处不再赘 述。  Step 2305, the client 1201 transmits the operation content and the verification ciphertext to the server 1203; the steps 2306 to 2012 are similar to the steps 1807 to 1813 in FIG. 18, and are not described herein again.
此外, 可采用如图 19、 20所示的方式, 客户端 1201将校验密文和操作 内容传送至服务器 803。 可采用如图 21、 22所不的方式, 服务器 803将操 作结果传送至客户端 801。  Further, in a manner as shown in Figs. 19 and 20, the client 1201 transmits the verification ciphertext and the operation content to the server 803. The server 803 can transmit the operation result to the client 801 in a manner as shown in Figs.
由上述可知, 如果木马在安全设备 1202获取操作内容前修改或伪造操 作内容, 则用户可以发觉并加以阻止; 而用户加以确认的操作内容, 与之匹 配的是安全设备 1202返回的加密处理后的校验密文, 木马不能在安全设备 1202返回校验密文后, 再修改操作内容, 否则在服务器 1203会发现操作内 容与校验密文与操作内容不匹配。 攻击者不知道安全设备 1202所使用加密 密钥, 因此无法自行构造操作内容和校验密文对, 从而保证了安全性。  It can be seen from the above that if the Trojan modifies or falsifies the operation content before the security device 1202 obtains the operation content, the user can detect and block the content; and the operation content confirmed by the user is matched with the encryption process returned by the security device 1202. After the ciphertext is verified, the Trojan cannot modify the operation content after the security device 1202 returns the verification ciphertext. Otherwise, the server 1203 may find that the operation content does not match the verification ciphertext and the operation content. The attacker does not know the encryption key used by the security device 1202, so the operation content and the verification ciphertext pair cannot be constructed by itself, thereby ensuring security.
实施例 6  Example 6
以下结合附图 15、 24对本发明网络交互方法进行详细说明。  The network interaction method of the present invention will be described in detail below with reference to FIGS.
步骤 2401, 用户通过安全设备 1502的输入单元输入操作内容; 步骤 2402, 该安全设备 1502用一定的加密算法和加密协议产生用于校 验的校验密文;  Step 2401: The user inputs the operation content through the input unit of the security device 1502. Step 2402, the security device 1502 generates a verification ciphertext for verification by using a certain encryption algorithm and an encryption protocol.
步骤 2403, 该安全设备 1502 将该校验密文和操作内容传送至客户端 1501;  Step 2403, the security device 1502 transmits the verification ciphertext and the operation content to the client 1501;
步骤 2404, 客户端 1501将操作内容和校验密文传送至服务器 1503; 步骤 2405至步骤 2411与图 18中的步骤 1807〜1813类似,此处不再赘 述。  Step 2404, the client 1501 transmits the operation content and the verification ciphertext to the server 1503; the steps 2405 to 2411 are similar to the steps 1807 to 1813 in FIG. 18, and are not described herein again.
此外, 可采用如图 19、 20所示的方式, 客户端 1201将校验密文和操作 内容传送至服务器 803。 可采用如图 21、 22所示的方式, 服务器 803将操 作结果传送至客户端 801。 由上述可知, 通过使用安全设备, 可完成操作内容的输入, 即用户不需 要在客户端人机界面上输入操作内容,这里我们称之为全硬件输入。 由于用 户不在客户端上输入操作内容, 木马也无法入侵安全设备内容, 因此, 木马 只能截获安全设备输出的明文形式的操作内容,但是木马无法获得与被篡改 或伪造的操作内容对应的校验密文, 因此在服务器上不能通过检验。这样就 避免给用户带来不必要的损失,从而提供了更为安全的解决方案,提高了各 种网络应用系统的安全等级, 扩大了网络应用范围。 Further, in a manner as shown in FIGS. 19 and 20, the client 1201 transmits the verification ciphertext and the operation content to the server 803. In the manner shown in Figs. 21 and 22, the server 803 transmits the operation result to the client 801. It can be seen from the above that by using the security device, the input of the operation content can be completed, that is, the user does not need to input the operation content on the client human-machine interface, which we call the full hardware input here. Since the user does not input the operation content on the client, the Trojan can not invade the security device content. Therefore, the Trojan can only intercept the operation content in the clear text output by the security device, but the Trojan cannot obtain the verification corresponding to the tampering or forged operation content. Ciphertext, so it cannot pass the test on the server. This avoids unnecessary losses to the user, thereby providing a more secure solution, improving the security level of various network application systems, and expanding the scope of network applications.
上述网络交互系统和方法适用于各种涉及到网络交互的应用系统,例如 网上银行、 证券交易、 网游电子装备交易、 企业的关键业务系统、 电子商务 与网络支付等各个领域。  The above network interaction system and method are applicable to various application systems involving network interaction, such as online banking, securities trading, online game electronic equipment trading, enterprise key business systems, e-commerce and network payment.
以上所述的具体实施方式,对本发明的目的、技术方案和有益效果进行 丫进 ·步详细说明,所应理解的是, 以上所述仅为本发明的具体实施方式而 已, 并不用于限定本发明的保护范围, 凡在本发明的精神和原则之内, 所做 的任何修改、 等同替换、 改进等, 均应包含在本发明的保护范围之内。  The specific embodiments of the present invention have been described in detail with reference to the preferred embodiments of the present invention. It is to be understood that the foregoing description is only The scope of the invention is to be construed as being included within the scope of the present invention. Any modifications, equivalent substitutions, improvements, etc., are intended to be included within the scope of the present invention.

Claims

权 利 要 求 书 Claim
1.一种网络交互方法, 其特征在于, 所述方法包括: A network interaction method, the method comprising:
客户端接收用户输入的操作内容;  The client receives the operation content input by the user;
安全设备获取所述操作内容;  The security device obtains the operation content;
所述安全设备对所述操作内容进行处理, 产生用于校验的校验密文; 所述客户端获取所述校验密文;  The security device processes the operation content to generate a verification ciphertext for verification; the client obtains the verification ciphertext;
所述客户端将所述操作内容和校验密文发送至服务器。  The client sends the operation content and the verification ciphertext to the server.
2.根据权利要求 1所述的方法,其特征在于,所述安全设备获取所述操 作内容, 包括: 所述用户将所述操作内容输入所述安全设备;  The method according to claim 1, wherein the obtaining, by the security device, the operating content comprises: the user inputting the operating content into the security device;
并且在产生所述校验密文后, 还包括:  And after generating the verification ciphertext, the method further includes:
将所述校验密文转换为可输入字符;  Converting the verification ciphertext into an inputtable character;
显示转换后的所述校验密文。  The converted ciphertext after the conversion is displayed.
3.根据权利要求 2所述的方法,其特征在于,所述客户端获取所述校验 密文, 包括: 所述用户将转换后的所述校验密文输入所述客户端。  The method according to claim 2, wherein the obtaining, by the client, the verification ciphertext comprises: the user inputting the converted verification ciphertext to the client.
4.根据权利要求 1所述的方法,其特征在于,所述安全设备获取所述操 作内容, 包括: 所述客户端将所述操作内容传送至所述安全设备, 以使所述 安全设备获取所述操作内容。  The method according to claim 1, wherein the obtaining, by the security device, the operation content comprises: the client transmitting the operation content to the security device, so that the security device acquires The operation content.
5.根据权利要求 4所述的方法,其特征在于,所述安全设备获取所述操 作内容后, 还包括:  The method according to claim 4, wherein after the security device obtains the operation content, the method further includes:
显示所述操作内容;  Displaying the operation content;
判断所述用户是否确认所述操作内容,若判断结果为是,则所述安全设 备对所述操作内容进行处理, 产生所述校验密文。  Determining whether the user confirms the operation content, and if the determination result is yes, the security device processes the operation content to generate the verification ciphertext.
6.根据权利要求 5所述的方法,其特征在于,所述客户端获取所述校验 密文, 包括: 所述安全设备将所述校验密文送至所述客户端。  The method according to claim 5, wherein the obtaining, by the client, the verification ciphertext comprises: the security device sending the verification ciphertext to the client.
7.根据权利要求 1所述的方法, 其特征在于, 所述方法还包括: 所述服务器接收所述操作内容和校验密文;  The method according to claim 1, wherein the method further comprises: the server receiving the operation content and verifying a ciphertext;
判断所述操作内容与校验密文是否匹配;  Determining whether the operation content matches the verification ciphertext;
若判断结果为是, 则所述服务器根据所述操作内容进行相应的操作; 将操作结果传送至所述客户端。  If the determination result is yes, the server performs a corresponding operation according to the operation content; and transmits the operation result to the client.
8.根据权利要求 7所述的方法,其特征在于,所述客户端将所述操作内 容和校验密文发送至服务器之前,还包括:所述客户端对所述操作内容和校 验密文进行加密; 8. The method of claim 7, wherein the client will be within the operation Before the ciphertext is sent to the server, the method further includes: the client encrypting the operation content and the verification ciphertext;
并且,在所述服务器接收加密的所述操作内容和校验密文之后,还包括: 所述服务器对加密的所述操作内容和校验密文进行解密。  And after the server receives the encrypted operation content and the verification ciphertext, the method further includes: the server decrypting the encrypted operation content and the verification ciphertext.
9.根据权利要求 7所述的方法, 其特征在于, 所述方法还包括: 所述客户端接收所述操作结果;  The method according to claim 7, wherein the method further comprises: the client receiving the operation result;
将所述操作结果进行显示。  The result of the operation is displayed.
10.根据权利要求 9所述的方法, 其特征在于, 在所述服务器将操作结 果传送至所述客户端之前, 还包括: 对所述操作结果进行加密;  The method according to claim 9, wherein before the server transmits the operation result to the client, the method further comprises: encrypting the operation result;
则所述客户端在将所述操作结果进行显示之前,还包括:对所述加密后 的操作结果进行解密。  And before the displaying the operation result, the client further includes: decrypting the encrypted operation result.
11.一种网络交互系统, 所述系统包括服务器, 其特征在于, 所述系统 还包括客户端和安全设备; 其中,  A network interaction system, the system includes a server, wherein the system further includes a client and a security device;
所述客户端, 用于接收用户输入的操作内容;  The client is configured to receive an operation content input by a user;
所述安全设备, 用于获取所述操作内容, 对所述操作内容进行处理, 产 生用于校验的校验密文, 并显示所述校验密文;  The security device is configured to acquire the operation content, process the operation content, generate a verification ciphertext for verification, and display the verification ciphertext;
并且所述客户端还用于获取所述校验密文,并将所述操作内容和校验密 文通过网络发送至所述服务器。  And the client is further configured to obtain the verification ciphertext, and send the operation content and the verification ciphertext to the server through a network.
12.根据权利要求 11所述的系统, 其特征在于, 所述安全设备包括: 输入单元, 所述输入单元用于供客户端用户输入所述操作内容; 处理单元,所述处理单元用于对输入的所述操作内容进行处理,产生所 述校验密文;  The system according to claim 11, wherein the security device comprises: an input unit, wherein the input unit is configured to input the operation content by a client user; and the processing unit is configured to use The input operation content is processed to generate the verification ciphertext;
转换单元, 所述转换单元用于将所述校验密文转换为可输入字符; 显示单元, 所述显示单元用于显示转换后的所述校验密文。  a conversion unit, configured to convert the verification ciphertext into an inputtable character; a display unit, wherein the display unit is configured to display the converted verification ciphertext.
13.根据权利要求 11所述的系统, 其特征在于, 所述客户端包括: 第一输入单元,所述第一输入单元用于供客户端用户输入所述操作内容 和所述校验密文;  The system according to claim 11, wherein the client comprises: a first input unit, wherein the first input unit is configured to input, by the client user, the operation content and the verification ciphertext ;
第一发送单元,所述第一发送单元用于将所述操作内容和校验密文传送 至所述服务器。  And a first sending unit, configured to transmit the operation content and the verification ciphertext to the server.
14.根据权利要求 13所述的系统,其特征在于,所述客户端还包括第一 加密单元, 所述第一加密单元用于将所述操作内容和校验密文进行加密; 并且所述第一发送单元用于将加密后的所述操作内容和校验密文传送 至所述服务器。 The system according to claim 13, wherein the client further comprises a first encryption unit, wherein the first encryption unit is configured to encrypt the operation content and the verification ciphertext; And the first sending unit is configured to transmit the encrypted operation content and the verification ciphertext to the server.
15.根据权利要求 13所述系统, 其特征在于, 所述服务器包括: 第二接收单元,所述第二接收单元用于接收所述客户端传送的操作内容 和校验密文;  The system according to claim 13, wherein the server comprises: a second receiving unit, wherein the second receiving unit is configured to receive an operation content and a verification ciphertext transmitted by the client;
判断单元,所述判断单元用于判断获取的所述操作内容与校验密文是否 匹配;  a judging unit, configured to determine whether the obtained operation content matches the verification ciphertext;
操作单元, 当所述判断单元的判断结果为是时, 所述操作单元用于根据 获取的所述操作内容进行相应的操作;  An operation unit, when the determination result of the determination unit is YES, the operation unit is configured to perform a corresponding operation according to the obtained operation content;
第二发送 元, 所述第二发送 元用于将操作结果传送至所述客户端。 a second transmitting element, the second transmitting element is configured to transmit an operation result to the client.
16.根据权利要求 14所述的系统, 其特征在于, 所述服务器包括: 第二接收单元,所述第二接收单元用于接收所述客户端传送的加密的操 作内容和校验密文; The system according to claim 14, wherein the server comprises: a second receiving unit, wherein the second receiving unit is configured to receive the encrypted operation content and the verification ciphertext transmitted by the client;
第二解密单元,所述第二解密单元用于对加密的操作内容和校验密文进 行解密, 以获取所述操作内容和校验密文;  a second decryption unit, configured to decrypt the encrypted operation content and the verification ciphertext to obtain the operation content and the verification ciphertext;
判断单元,所述判断单元用于判断解密单元所获取的所述操作内容与校 验密文是否匹配;  a judging unit, configured to determine whether the operation content acquired by the decryption unit matches the verification ciphertext;
操作单元, 当所述判断单元的判断结果为是时, 所述操作单元用于根据 获取的所述操作内容进行相应的操作;  An operation unit, when the determination result of the determination unit is YES, the operation unit is configured to perform a corresponding operation according to the obtained operation content;
第二发送单元, 所述第二发送单元用于将操作结果传送至所述客户端。 a second sending unit, configured to transmit an operation result to the client.
17.根据权利要求 15或 16所述的系统, 其特征在于, 所述客户端还包 括: The system according to claim 15 or 16, wherein the client further comprises:
第一接收单元, 所述第一接收单元用于接收所述服务器传送的操作结果; 第 ·显示单元, 所述第 ·显示单元用于显示所述操作结果。  a first receiving unit, configured to receive an operation result transmitted by the server; and a display unit, wherein the first display unit is configured to display the operation result.
18.根据权利要求 17所述的系统,其特征在于,所述服务器还包括第二 加密单元,所述第二加密单元用于对所述操作结果进行加密,并将加密后的 所述操作结果传送至所述第二发送单元;  The system according to claim 17, wherein the server further comprises a second encryption unit, the second encryption unit is configured to encrypt the operation result, and the encrypted operation result is obtained. Transmitting to the second transmitting unit;
所述客户端还包括第一解密单元,所述第一解密单元用于对加密后的操 作结果进行解密。  The client also includes a first decryption unit for decrypting the encrypted operation result.
19.—种安全设备, 其特征在于, 所述安全设备包括:  19. A security device, characterized in that the security device comprises:
输入单元, 所述输入单元用于供客户端用户输入所述操作内容; 处理单元,所述处理单元用于对输入的所述操作内容进行处理,产生用 于校验的校验密文; An input unit, configured to input, by the client user, the operation content; a processing unit, configured to process the input operation content, and generate a verification ciphertext for verification;
转换单元, 所述转换单元用于将所述校验密文转换为可输入字符; 显示单元, 所述显示单元用于显示转换后的所述校验密文。  a conversion unit, configured to convert the verification ciphertext into an inputtable character; a display unit, wherein the display unit is configured to display the converted verification ciphertext.
20.—种网络交互系统, 所述系统包括服务器, 其特征在于, 所述系统 还包括客户端和安全设备; 其中,  20. A network interaction system, the system comprising a server, wherein the system further comprises a client and a security device;
所述客户端,用于接收用户输入的操作内容,并将所述操作内容传送至 所述安全设备,并且接收所述安全设备传送的校验密文,将所述操作内容和 校验密文发送至所述服务器;  The client is configured to receive an operation content input by a user, and transmit the operation content to the security device, and receive a verification ciphertext transmitted by the security device, and the operation content and the verification ciphertext Sent to the server;
安全设备,用于接收所述客户端传送的所述操作内容,显示所述操作内 容, 并判断客户端用户是否确认所述操作内容, 若判断结果为是, 则所述安 全设备对所述操作内容进行处理,产生校验密文,并将产生的校验密文传送 至所述客户端。  a security device, configured to receive the operation content transmitted by the client, display the operation content, and determine whether the client user confirms the operation content, and if the determination result is yes, the security device performs the operation The content is processed, a verification ciphertext is generated, and the generated verification ciphertext is transmitted to the client.
21.根据权利要求 20所述的系统, 其特征在于, 所述安全设备包括: 接收单元, 所述接收单元用于接收所述客户端传送的所述操作内容; 显示单元, 所述显示单元用于显示所述操作内容;  The system according to claim 20, wherein the security device comprises: a receiving unit, the receiving unit is configured to receive the operation content transmitted by the client, and a display unit, where the display unit is used Displaying the operation content;
判断单元, 所述判断单元用于判断客户端用户是否确认所述操作内容; 处理单元,若所述判断单元的判断结果为是,则所述处理单元用于对所述操 作内容进行处理, 产生用于校验的校验密文;  a judging unit, configured to determine whether the client user confirms the operation content; and the processing unit, if the judgment result of the judging unit is yes, the processing unit is configured to process the operation content, generate Verification ciphertext for verification;
发送单元, 所述发送单元用于将所述校验密文传送至所述客户端。  a sending unit, configured to transmit the verification ciphertext to the client.
22.根据权利要求 20所述的系统, 其特征在于, 所述客户端包括: 第一输入单元, 所述第一输入单元用于供客户端用户输入所述操作内容; 第一发送单元,所述第一发送单元用于将所述操作内容发送至所述安全 设备; 并且还用于将所述操作内容和校验密文传送至服务器;  The system according to claim 20, wherein the client comprises: a first input unit, wherein the first input unit is configured to input, by the client user, the operation content; The first sending unit is configured to send the operation content to the security device; and is further configured to transmit the operation content and the verification ciphertext to a server;
第一接收单元, 所述第一接收单元用于接收所述安全设备传送校验密文。 The first receiving unit is configured to receive, by the security device, the verification ciphertext.
23.根据权利要求 22所述的系统,其特征在于,所述客户端还包括第一 加密单元, 所述第一加密单元用于将所述操作内容和校验密文进行加密; 并且所述第一发送单元用于将加密的操作内容和校验密文传送至服务 器。 The system according to claim 22, wherein the client further comprises a first encryption unit, the first encryption unit is configured to encrypt the operation content and the verification ciphertext; The first sending unit is configured to transmit the encrypted operation content and the verification ciphertext to the server.
24.根据权利要求 22所述的系统, 其特征在于, 所述服务器包括: 第二接收单元,所述第二接收单元用于接收所述客户端传送的操作内容 和校验密文; The system according to claim 22, wherein the server comprises: a second receiving unit, wherein the second receiving unit is configured to receive operation content transmitted by the client And verifying ciphertext;
判断单元, 所述判断单元用于判断所述操作内容与校验密文是否匹配; 操作单元, 当所述判断单元的判断结果为是时, 所述操作单元用于根据 获取的所述操作内容进行相应的操作;  a judging unit, configured to determine whether the operation content matches the verification ciphertext; and an operation unit, when the judgment result of the judging unit is YES, the operation unit is configured to use the acquired operation content Perform the corresponding operations;
第二发送单元, 所述第二发送单元用于将操作结果传送至所述客户端。 a second sending unit, configured to transmit an operation result to the client.
25.根据权利要求 23所述系统, 其特征在于, 所述服务器包括: 第二接收单元,所述第二接收单元用于接收所述客户端传送的加密的操 作内容和校验密文; The system according to claim 23, wherein the server comprises: a second receiving unit, wherein the second receiving unit is configured to receive the encrypted operating content and the verified ciphertext transmitted by the client;
第二解密单元,所述第二解密单元用于对接收的加密的操作内容和校验 密文进行解密, 以获取所述操作内容和校验密文;  a second decryption unit, configured to decrypt the received encrypted operation content and the verification ciphertext to obtain the operation content and the verification ciphertext;
判断单元,所述判断单元用于判断解密单元所获取的所述操作内容与校 验密文是否匹配;  a judging unit, configured to determine whether the operation content acquired by the decryption unit matches the verification ciphertext;
操作单元, 当所述判断单元的判断结果为是时, 所述操作单元用于根据 获取的所述操作内容进行相应的操作;  An operation unit, when the determination result of the determination unit is YES, the operation unit is configured to perform a corresponding operation according to the obtained operation content;
第二发送单元, 所述第二发送单元用于将操作结果传送至所述客户端。 a second sending unit, configured to transmit an operation result to the client.
26.根据权利要求 24或 25所述的系统, 其特征在于, 所述第一接收单 元还用于接收所述服务器传送的操作结果; The system according to claim 24 or 25, wherein the first receiving unit is further configured to receive an operation result transmitted by the server;
并且所述客户端还包括第一显示单元,所述第一显示单元用于显示所述 操作结果。  And the client further includes a first display unit, the first display unit is configured to display the operation result.
27.根据权利要求 26所述的系统,其特征在于,所述服务器还包括第二 加密单元,所述第二加密单元用于对所述操作结果进行加密,并将加密后的 所述操作结果传送至所述第二发送单元;  The system according to claim 26, wherein the server further comprises a second encryption unit, the second encryption unit is configured to encrypt the operation result, and the encrypted operation result is obtained. Transmitting to the second transmitting unit;
所述客户端还包括第一解密单元,所述第一解密单元用于对加密后的操 作结果进行解密。  The client also includes a first decryption unit for decrypting the encrypted operation result.
28.—种安全设备, 其特征在于, 所述安全设备包括:  28. A security device, characterized in that the security device comprises:
接收单元, 所述接收单元用于接收客户端传送的所述操作内容; 显示单元, 所述显示单元用于显示所述操作内容;  a receiving unit, configured to receive the operation content transmitted by the client; a display unit, the display unit is configured to display the operation content;
判断单元, 所述判断单元用于判断客户端用户是否确认所述操作内容; 处理单元,若所述判断单元的判断结果为是,则所述处理单元用于对所 述操作内容进行处理, 产生用于校验的校验密文;  a judging unit, configured to determine whether the client user confirms the operation content; and the processing unit, if the judgment result of the judging unit is yes, the processing unit is configured to process the operation content, generate Verification ciphertext for verification;
发送单元, 所述发送单元用于将所述校验密文传送至所述客户端。 a sending unit, configured to transmit the verification ciphertext to the client.
29.根据权利要求 28所述的安全设备,其特征在于,所述安全设备还包 括输入单元,所述输入单元用于供用户输入确认该操作内容的信息; 或者输 入所述操作内容。 The security device according to claim 28, wherein the security device further comprises an input unit for inputting information for confirming the content of the operation by the user; or inputting the content of the operation.
30.—种网络交互方法, 其特征在于, 所述方法包括:  30. A network interaction method, the method comprising:
安全设备获取操作内容;  The security device obtains the operation content;
所述安全设备对所述操作内容进行处理, 产生用于校验的校验密文; 所述安全设备将所述操作内容和校验密文传送至所述客户端; 所述客户端将所述操作内容和校验密文发送至服务器。  The security device processes the operation content to generate a verification ciphertext for verification; the security device transmits the operation content and the verification ciphertext to the client; The operation content and the verification ciphertext are sent to the server.
31.根据权利要求 30所述的方法,其特征在于,所述安全设备获取操作 内容, 包括: 所述用户将所述操作内容输入所述安全设备。  The method according to claim 30, wherein the obtaining, by the security device, the content of the operation comprises: the user inputting the content of the operation into the security device.
32.根据权利要求 31所述的方法, 其特征在于, 所述方法还包括: 所述服务器接收所述操作内容和校验密文;  The method according to claim 31, wherein the method further comprises: the server receiving the operation content and verifying a ciphertext;
判断所述操作内容与校验密文是否匹配;  Determining whether the operation content matches the verification ciphertext;
若判断结果为是, 则所述服务器根据所述操作内容进行相应的操作; 将操作结果传送至所述客户端。  If the determination result is yes, the server performs a corresponding operation according to the operation content; and transmits the operation result to the client.
33.根据权利要求 32所述的方法,其特征在于,所述客户端将所述操作 内容和校验密文发送至服务器, 包括:  The method according to claim 32, wherein the sending, by the client, the operation content and the verification ciphertext to the server comprises:
所述客户端对所述操作内容和校验密文进行加密;  The client encrypts the operation content and the verification ciphertext;
将加密后的所述操作内容和校验密文传送至所述服务器;  Transmitting the encrypted operation content and the verification ciphertext to the server;
并且,在所述服务器接收加密的所述操作内容和校验密文之后,还包括: 所述服务器对加密的所述操作内容和校验密文进行解密。  And after the server receives the encrypted operation content and the verification ciphertext, the method further includes: the server decrypting the encrypted operation content and the verification ciphertext.
34.根据权利要求 32所述的方法, 其特征在于, 所述方法还包括: 所述客户端接收所述操作结果;  The method according to claim 32, wherein the method further comprises: the client receiving the operation result;
将所述操作结果进行显示。  The result of the operation is displayed.
35.根据权利要求 34所述的方法,其特征在于,所述将操作结果传送至 所述客户端, 包括:  The method according to claim 34, wherein the transmitting the operation result to the client comprises:
对所述操作结果进行加密;  Encrypting the result of the operation;
将加密后的所述操作结果传送至所述客户端;  Transmitting the encrypted operation result to the client;
则所述客户端在将所述操作结果进行显示之前,还包括:对所述加密后 的操作结果进行解密。  And before the displaying the operation result, the client further includes: decrypting the encrypted operation result.
36.—种网络交互系统, 所述系统包括服务器, 其特征在于, 所述系统 还包括客户端和安全设备; 其中, 36. A network interaction system, the system comprising a server, wherein the system Also includes a client and a security device;
所述安全设备,用于接收用户输入的操作内容,对所述操作内容进行处 理,产生用于校验的校验密文,并将所述操作内容和校验密文传送至所述客 户端;  The security device is configured to receive an operation content input by a user, process the operation content, generate a verification ciphertext for verification, and transmit the operation content and the verification ciphertext to the client ;
所述客户端, 用于接收所述安全设备传送的所述操作内容和校验密文, 并将所述操作内容和校验密文通过网络发送至所述服务器。  The client is configured to receive the operation content and the verification ciphertext transmitted by the security device, and send the operation content and the verification ciphertext to the server through a network.
37.根据权利要求 36所述的系统, 其特征在于, 所述安全设备包括: 输入单元, 所述输入单元用于供客户端用户输入所述操作内容; 处理单元,所述处理单元用于对输入的所述操作内容进行处理,产生所 述校验密文;  The system according to claim 36, wherein the security device comprises: an input unit, the input unit is configured to input the operation content by a client user; and the processing unit is configured to use The input operation content is processed to generate the verification ciphertext;
发送单元,所述发送单元用于将所述操作内容和校验密文发送至所述客 户端。  And a sending unit, configured to send the operation content and the verification ciphertext to the client.
38.根据权利要求 36所述的系统, 其特征在于, 所述客户端包括: 第一接收单元,所述第一接收单元用于接收所述安全设备传送的所述操 作内容和所述校验密文;  The system according to claim 36, wherein the client comprises: a first receiving unit, the first receiving unit is configured to receive the operation content and the verification transmitted by the security device Cipher text
第一发送单元,所述第一发送单元用于将所述操作内容和校验密文传送 至所述服务器。  And a first sending unit, configured to transmit the operation content and the verification ciphertext to the server.
39.根据权利要求 38所述的系统,其特征在于,所述客户端还包括第一 加密单元, 所述第一加密单元用于将所述操作内容和校验密文进行加密; 并且所述第一发送单元用于将加密后的所述操作内容和校验密文传送 至所述服务器。  The system according to claim 38, wherein the client further comprises a first encryption unit, the first encryption unit is configured to encrypt the operation content and the verification ciphertext; The first sending unit is configured to transmit the encrypted operation content and the verification ciphertext to the server.
40.根据权利要求 38所述系统, 其特征在于, 所述服务器包括: 第二接收单元,所述第二接收单元用于接收所述客户端传送的操作内容 和校验密文;  The system according to claim 38, wherein the server comprises: a second receiving unit, wherein the second receiving unit is configured to receive an operation content and a verification ciphertext transmitted by the client;
判断单元,所述判断单元用于判断获取的所述操作内容与校验密文是否 匹配;  a judging unit, configured to determine whether the obtained operation content matches the verification ciphertext;
操作单元, 当所述判断单元的判断结果为是时, 所述操作单元用于根据 获取的所述操作内容进行相应的操作;  An operation unit, when the determination result of the determination unit is YES, the operation unit is configured to perform a corresponding operation according to the obtained operation content;
第二发送单元, 所述第二发送单元用于将操作结果传送至所述客户端。  a second sending unit, configured to transmit an operation result to the client.
41.根据权利要求 39所述的系统, 其特征在于, 所述服务器包括: 第二接收单元,所述第二接收单元用于接收所述客户端传送的加密的操 作内容和校验密文; The system according to claim 39, wherein the server comprises: a second receiving unit, wherein the second receiving unit is configured to receive an encrypted operation transmitted by the client Make content and verify ciphertext;
第二解密单元,所述第二解密单元用于对加密的操作内容和校验密文进 行解密, 以获取所述操作内容和校验密文;  a second decryption unit, configured to decrypt the encrypted operation content and the verification ciphertext to obtain the operation content and the verification ciphertext;
判断单元,所述判断单元用于判断解密单元所获取的所述操作内容与校 验密文是否匹配;  a judging unit, configured to determine whether the operation content acquired by the decryption unit matches the verification ciphertext;
操作单元, 当所述判断单元的判断结果为是时, 所述操作单元用于根据 获取的所述操作内容进行相应的操作;  An operation unit, when the determination result of the determination unit is YES, the operation unit is configured to perform a corresponding operation according to the obtained operation content;
第二发送单元, 所述第二发送单元用于将操作结果传送至所述客户端。 a second sending unit, configured to transmit an operation result to the client.
42.根据权利要求 40或 41所述的系统, 其特征在于, 所述第一接收单 元还用于接收所述服务器传送的操作结果; The system according to claim 40 or 41, wherein the first receiving unit is further configured to receive an operation result transmitted by the server;
所述客户端还包括第 ·显不单元,所述第 ·显不单元用于显不所述操作 结果。  The client further includes a first display unit, and the first display unit is configured to display the operation result.
43.根据权利要求 42所述的系统,其特征在于,所述服务器还包括第二 加密单元,所述第二加密单元用于对所述操作结果进行加密,并将加密后的 所述操作结果传送至所述第二发送单元;  43. The system according to claim 42, wherein the server further comprises a second encryption unit, the second encryption unit is configured to encrypt the operation result, and the encrypted operation result is obtained. Transmitting to the second transmitting unit;
所述客户端还包括第一解密单元,所述第一解密单元用于对加密后的操 作结果进行解密。  The client also includes a first decryption unit for decrypting the encrypted operation result.
44.一种安全设备, 其特征在于, 所述安全设备包括:  44. A security device, wherein the security device comprises:
输入单元, 所述输入单元用于供客户端用户输入所述操作内容; 处理单元,所述处理单元用于对输入的所述操作内容进行处理,产生用 于校验的校验密文;  An input unit, the input unit is configured to input the operation content by a client user, and the processing unit is configured to process the input operation content to generate a verification ciphertext for verification;
发送单元,所述发送单元用于将所述操作内容和校验密文发送至所述客 户端。  And a sending unit, configured to send the operation content and the verification ciphertext to the client.
PCT/CN2008/071568 2008-07-07 2008-07-07 Network interaction method, system and safety apparatus thereof WO2010003283A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2008/071568 WO2010003283A1 (en) 2008-07-07 2008-07-07 Network interaction method, system and safety apparatus thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2008/071568 WO2010003283A1 (en) 2008-07-07 2008-07-07 Network interaction method, system and safety apparatus thereof

Publications (1)

Publication Number Publication Date
WO2010003283A1 true WO2010003283A1 (en) 2010-01-14

Family

ID=41506651

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2008/071568 WO2010003283A1 (en) 2008-07-07 2008-07-07 Network interaction method, system and safety apparatus thereof

Country Status (1)

Country Link
WO (1) WO2010003283A1 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1432148A (en) * 2000-05-31 2003-07-23 格姆普拉斯公司 Method for protection against fraudulent modification of data sent to secure electronic medium
CN1703002A (en) * 2005-07-05 2005-11-30 江苏乐希科技有限公司 Portable one-time dynamic password generator and security authentication system using the same
CN101013944A (en) * 2007-02-02 2007-08-08 刘天飚 Method and apparatus for inputting/displaying/transmitting user information using USB key

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1432148A (en) * 2000-05-31 2003-07-23 格姆普拉斯公司 Method for protection against fraudulent modification of data sent to secure electronic medium
CN1703002A (en) * 2005-07-05 2005-11-30 江苏乐希科技有限公司 Portable one-time dynamic password generator and security authentication system using the same
CN101013944A (en) * 2007-02-02 2007-08-08 刘天飚 Method and apparatus for inputting/displaying/transmitting user information using USB key

Similar Documents

Publication Publication Date Title
US20190281028A1 (en) System and method for decentralized authentication using a distributed transaction-based state machine
US8302170B2 (en) Method for enhancing network application security
JP5981610B2 (en) Network authentication method for electronic transactions
US8037295B2 (en) Hardware-bonded credential manager method and system
Claessens et al. On the security of today’s online electronic banking systems
Jesudoss et al. A survey on authentication attacks and countermeasures in a distributed environment
US8869238B2 (en) Authentication using a turing test to block automated attacks
Mannan et al. Leveraging personal devices for stronger password authentication from untrusted computers
CN107547494B (en) System and method for secure online authentication
US20090019528A1 (en) Method for realizing network access authentication
US20090055642A1 (en) Method, system and computer program for protecting user credentials against security attacks
US20080022085A1 (en) Server-client computer network system for carrying out cryptographic operations, and method of carrying out cryptographic operations in such a computer network system
EP2936369A1 (en) Verification of password using a keyboard with a secure password entry mode
WO2008118966A1 (en) System and method for user authentication with exposed and hidden keys
US20110202772A1 (en) Networked computer identity encryption and verification
WO2009065154A2 (en) Method of and apparatus for protecting private data entry within secure web sessions
CN111464532A (en) Information encryption method and system
CN116743470A (en) Service data encryption processing method and device
Sidheeq et al. Utilizing trusted platform module to mitigate botnet attacks
JP4409497B2 (en) How to send confidential information
Raddum et al. Security analysis of mobile phones used as OTP generators
Latze Stronger Authentication in E-Commerce-How to protect even naıve Users against Phishing, Pharming, and MITM attacks
US20220407693A1 (en) Method and device for secure communication
Karthiga et al. Enhancing performance of user authentication protocol with resist to password reuse attacks
WO2010003283A1 (en) Network interaction method, system and safety apparatus thereof

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08783691

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 08783691

Country of ref document: EP

Kind code of ref document: A1