WO2016188401A1 - Appareil, procédé, et système permettant de cacher des données d'identification d'utilisateur - Google Patents

Appareil, procédé, et système permettant de cacher des données d'identification d'utilisateur Download PDF

Info

Publication number
WO2016188401A1
WO2016188401A1 PCT/CN2016/083130 CN2016083130W WO2016188401A1 WO 2016188401 A1 WO2016188401 A1 WO 2016188401A1 CN 2016083130 W CN2016083130 W CN 2016083130W WO 2016188401 A1 WO2016188401 A1 WO 2016188401A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
user
identification
random number
security
Prior art date
Application number
PCT/CN2016/083130
Other languages
English (en)
Chinese (zh)
Inventor
邵通
Original Assignee
邵通
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 邵通 filed Critical 邵通
Priority to CN201680029857.3A priority Critical patent/CN107615797B/zh
Publication of WO2016188401A1 publication Critical patent/WO2016188401A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/037Protecting confidentiality, e.g. by encryption of the control plane, e.g. signalling traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/80Arrangements enabling lawful interception [LI]

Definitions

  • the invention belongs to the field of information security.
  • the present invention relates to an apparatus, method and system for hiding identification data using a one-way function.
  • it relates to an apparatus, method and system for protecting user identification data by using a one-way function to hide user identification data.
  • the website verifies that the username and the corresponding PIN code are correct, and confirms the validity of the user login.
  • the bank's POS payment corresponding to the website login, the user name is equivalent to the bank payment account (PAN), the role of the PIN code is the same; but there are two factors on the surface: the collection account and the transaction amount.
  • the receiving account is actually equivalent to the address of the client computer or the address of a program on the client computer when the user logs in; that is, the address of the POS machine or its unique identifier determines the receiving account in the acquiring system. So in essence, the difference between website login and bank payment is just one more factor: the amount.
  • payment account PIN code
  • current POS current POS (receipt account) and amount.
  • the essence of the payment account and user name is that the server is used to find the corresponding user data item in the user database and the corresponding identity authentication means.
  • identity authentication data matches the identity authentication means and data required by the payment account (user name)
  • the PIN code is: identity authentication data.
  • the identification data matches the authentication data
  • the bank or website performs the corresponding work.
  • other authentication protocols even zero-knowledge authentication protocols, can be used.
  • the essence of the identity authentication protocol is how to form and transmit identity authentication data for the purpose of identity verification. In some banking applications, as long as you provide an accurate bank account without the need to provide a PIN (identity authentication data), you can make appropriate payments, such as fast payment and various consumer cards.
  • APPLE's promoted APPLE_PAY provides a relatively secure solution for protecting PAN by replacing the primary account (PAN, payment account and username) with a token (multiple use) to protect the primary account (PAN).
  • PAN primary account
  • PAN payment account
  • username primary account
  • token multiple use
  • the token can be replaced without replacing the primary account.
  • tokens are also relatively insecure and can be stolen and used. If the protection of the token can be realized, the security of the payment can be greatly enhanced. In fact, for each transaction, the token can actually be seen as a PAN.
  • H represents a hash function or other one-way function for making an encrypted identifier for the data.
  • PAN user name
  • PAN user device hidden input username
  • PAN input payment account
  • the essence of the invention is to use the cryptographic function to generate the identification retrieval data and the identification authentication data according to the user identification data and the random number to form a hidden token. Hide hidden user IDs with hidden tokens.
  • the essence is to use the user identification data (and other data) shared by the security device and the user device as the already assigned key. This makes the system do not require key distribution.
  • PKI technology can also be used to hide user identification data, so that there is no need to assign a key, but it is still necessary to authenticate the public key (PKI is a complex system), otherwise it is vulnerable to "phishing attacks.”
  • a system for hiding user identification data includes: a user device that generates a hidden token that hides user identification data; a device that obtains a hidden token and other data from a user device; The hidden token confirms the identification data; the user device is connected to the using device, and the using device is connected to the security device; the user device calculates the identifier retrieval data by using a one-way function according to the user identification data; the user device uses the cryptographic function according to the random number and the identification data.
  • the identification authentication data is calculated; the identification retrieval data and the identification authentication data form a hidden token, which is transmitted to the security device; the security device retrieves the data according to the identifier of the hidden token, finds the relevant user identification data item, and according to the random number and the hidden token Identify the authentication data and confirm the identification data.
  • the random number in the user device may be time data, or usage count data, or temporarily generated random number, or geographical location information, or identity authentication data, or received random number and combinations thereof.
  • the security device may be a website
  • the usage device may be a terminal such as a computer or a mobile phone
  • the user device may be an application that needs to log in to the website, such as a browser or a mail client.
  • an apparatus for concealing user identification data includes: a one-way function computing device, a random number device, an identification data storage device, a communication device; and a device that hides user identification data is connected to the communication device
  • the other device obtains the user identifier from the identifier data storage device after receiving the request to provide the hidden token command, and uses the one-way function to calculate the identifier search data; obtains the random number from the random number device, and the user device uses the random number and the identifier data.
  • the cryptographic function calculates the identification authentication data; identifies the retrieval data and identifies the authentication data to form a hidden token, and transmits the result to the connected device through the communication device.
  • the random number device may be a device that generates time, or may be a device that stores the number of uses, or may be a true random number generating device, or a geographical location information device, or an identity authentication data device, or a random received by the communication device. Number and combination.
  • the security device may be a website
  • the usage device may be a terminal such as a computer or a mobile phone
  • the user device may be an application that needs to log in to the website, such as a browser or a mail client.
  • a method for hiding user identification data comprising: (Step A) the user device calculates the identification search data using a one-way function according to the user identification data; (Step B) the user device according to the random number And identifying data, using the cryptographic function to calculate the identification authentication data; (step C) identifying the retrieval data and identifying the authentication data to form a hidden token, transmitting to the security device; (step D) the security device retrieving the data according to the identifier of the hidden token, finding The related user identifies the data item, and confirms the identification data according to the identification data of the random number and the hidden token.
  • the data identifying the retrieval data is generated in (Step A), and further includes other data such as identity authentication data.
  • the random number in step B may be time data, or usage time data, or a temporarily generated random number, or Geographic location information, or identity authentication data, or received random numbers and combinations of the above.
  • step C also has the step of using the device to transmit the payment account and the amount to the security device.
  • step D there is a step of the security device converting the user identification data as a primary account (PAN).
  • PAN primary account
  • step B it is also possible (step B) to further generate a symmetric encryption key using the user identification data for encrypting the generated identification authentication data or (and) the identity authentication data.
  • the security device may be a website
  • the usage device may be a terminal such as a computer or a mobile phone
  • the user device may be an application that needs to log in to the website, such as a browser or a mail client.
  • FIG. 1 is a schematic diagram showing a method and system for hiding user identification data in a preferred embodiment 1;
  • FIG. 2 is a schematic diagram showing a method and system for hiding user identification data in the preferred embodiment 2;
  • FIG. 3 is a schematic diagram of an apparatus for hiding user identification data in a preferred embodiment 3;
  • FIG. 4 is a schematic diagram showing a method and system for hiding user identification data in preferred embodiments 4, 5, and 6.
  • F for the payment account (identification data, user name, etc.)
  • T for the payment account F token (alternative data)
  • H for the one-way function
  • S for the collection account
  • M represents the amount
  • PIN represents the personal identification number (identity authentication data)
  • DES represents the symmetric encryption algorithm.
  • the method and system associated with hiding user identification data in this embodiment are as shown in FIG. 1.
  • the system consists of a security device 1, a usage device 3, a network 2, a bank acquirer 5, and a user device 4.
  • User device 4 may also include fingerprint device 41.
  • the security device 1 is connected to the user device 3 via the network 2; the security device 1 is connected to the bank acquiring institution 5 (may also be connected via the network 2); the user device 4 is connected to the user device 3.
  • the usage device 3 comprises: a collection account S; the user device 4 comprises: a token T of the payment account F, a one-way function H; the security device 1 comprises: a user table (F, T, H(T)) and a one-way function H , where F is the payment account (PAN), the token T of the payment account F, and H(T).
  • the steps for establishing the user table and user device token are:
  • the security device enter the payment account F, the security device generates a token T, and transmits the input to the user device 4;
  • the security device 1 establishes user entries of F and T: (F, T, H(T)).
  • the steps for landing payment are:
  • the user device 4 has a random number R and user identification data T, the calculation (H (T), H (T
  • the usage device 3 has a payment account S, obtains the payment amount M, and obtains (H(T), H(T
  • the security device 1 receives (H(T), H(T
  • R) H(T
  • R), it means T1 T;
  • the safety device 1 obtains (M, S, according to (H(T), H(T
  • R), R, M, S), the user table (F, T1, H(T)), and T1 T. F); safety device 1 sending payment data (M, S, F) to the bank acquirer 1;
  • the bank acquirer 5 pays and returns the payment completion information to the security device 1, and then to the use device 3; otherwise, returns the payment error message to the security device 1, and returns to the use device 3 via the network 2.
  • the random number R in step 1 can be generated by the security device 1, transmitted to the use device 3, and then transmitted to the user device 4, which can prevent replay attacks. It is also possible for the user device to generate a time-based (number of times) number, such as (random number + time) as R, as well as to prevent replay attacks. It may also be the geographical location information of the user device 4. R may also contain geographic location information using the device 3.
  • the embodiment is actually the current security improvement method of APPLEPAY.
  • APPLEAY if the device identification data T is stolen using the device 2, the attack can be implemented by forging T. T can be regarded as identification data, but the identification data also needs to be converted to correspond to the real payment identification data (PAN).
  • PAN real payment identification data
  • the user device is used to hide the data input of the payment account identifier or the token, thereby realizing the hiding of the payment account identification data.
  • the payment account identification data can also be regarded as user identification data.
  • the user device in this embodiment may be a contactless IC card, or a contact type IC card, or a mobile phone, or a mobile phone HCE; the communication method may be other connections capable of transmitting information between the user device and the device. Ways such as sound waves, Bluetooth, etc.
  • the PIN code can also be input on the using device for identity authentication.
  • authentication data e.g, two-channel authentication
  • protocols e.g., two-channel authentication
  • the number K can also be an external input from the user device during the interaction, or even a PIN code (identity authentication data).
  • K can be input on the mobile phone and transmitted to the user device; if the hidden token can only be generated from the user device to the use device, but cannot be transmitted back to the mobile phone operating system, the security is safe. More sexual.
  • the embodiment protects the user identification data T, and there is no key distribution process. At the same time, it can achieve the purpose of protection in the process of information exchange. Essentially, the process by which the security device 1 issues the token T is the process of key distribution.
  • the Chinese standard HASH function (SM3) is 256 bits, which is 32 bytes. We can use 64 bits (or 8 bytes) to represent H(T), and another 6 bytes in H(T
  • H(T) The role of H(T) is for the security device 1 to find the data item corresponding to T, so it is called the identifier retrieval data, and H(T
  • the function is to confirm the consistency of the user identification data T in the security device with the T in the user device, so it is called identification authentication data.
  • the identification retrieval data and the identification authentication data constitute a hidden token. If the random number R is generated by the user device, it is apparent that R must be transmitted to the security device for identity authentication; at this time the hidden token also includes the random number R.
  • the random number R may be time data, or usage count data, or temporarily generated random numbers, geographical location information, or received random numbers and combinations thereof.
  • the geographical location information can be used to judge the rationality of the payment according to the user's customary data; further, if the POS also has geographical location information, and is sent to the user device in the form of a challenge number. Then, the security device can determine whether the payment is physically close according to the location information of the using device (POS) and the location information of the user device, determine whether the payment is offline, and whether the device is used for transfer.
  • generating the identification retrieval data and identifying the authentication data are both using a one-way function.
  • a symmetric encryption algorithm DES
  • a symmetric cryptographic algorithm can also be called a cryptographic function, of course, a one-way function. It can also be called a cryptographic function.
  • step of landing payment in embodiment 1 is changed to:
  • the use device 3 has a payment account S, and the payment amount M is obtained and transmitted to the user device 4.
  • the user device 4 has a random number R and a user identification data T, and calculates (H(T), H(T
  • Device 3 transmitted to the security device 1 through the network 2;
  • the safety device 1 receives (H(T), H(T
  • S) H(T
  • S), indicating T1 T;
  • the safety device 1 is based on (H(T), H(T
  • S), R, M, S), user table (F, T1, H(T)) and T1 T, Obtaining (M, S, F); the security device 1 sends payment data (M, S, F) to the bank acquirer 1;
  • the bank acquirer 5 pays and returns the payment completion information to the security device 1, and then to the use device 3; otherwise, returns the payment error message to the security device 1, and returns to the use device 3 via the network 2.
  • symbol in the embodiment indicates that the before and after data are concatenated into one data, that is, a string concatenation.
  • FIG. 2 A second embodiment of the present invention is shown in Fig. 2, which adds an association server 7 for associating identity authentication data with identification data (payment accounts). Transmitting the transaction data with the use device and the security device, the identity authentication data (eg, PIN code) is separately transmitted by the confirmation device and the associated server and the security device, and then the data received by the security device combination constitutes the complete payment data for payment.
  • identity authentication data eg, PIN code
  • a method and system for hiding user identification data is composed of a security device 1, a confirmation device 4, a usage device 3, an association server 7, a network 2, a bank acquirer 6, and a user device 5.
  • the security device 1 is connected to the user device 3 via the network 2; the security device 1 is connected to the association server 7 via the network 2, and the association server 7 is connected to the confirmation device 4 via the network 2; the security device 1 is connected to the bank acquirer 1 (may also Connected via network 2).
  • the user device 5 is connected to the user device 3.
  • the usage device 3 comprises: a payment account S; the user device 5 comprises: a one-way function H, an RSA security public key , a payment account F; the confirmation device 4 comprises: associated data P corresponding to the payment account F; the security device 1 comprises: a single To function H, user table (F, H(F)), fixed number WR, RSA secure private key ; association server 7 includes: user table (H(F
  • the RSA Secure Public Key and the RSA Secure Private Key are a pair of public and private keys.
  • the user device 5 generates a random number K, has a payment account F, and calculates an RSA security public key (F, K);
  • the security device 1 calculates the RSA security private key (RSA security public key (F, K)), obtains F, and establishes a user entry (F, H(F));
  • the security device 1 has a fixed number WR, calculates H(F
  • the user inputs the confirmation device 4 according to the P displayed by the device 3;
  • an entry of the association relationship between the payment account F and the confirmation device 4 is established, and includes two elements (H(F
  • the confirmation device 4 has a P corresponding to the payment account F.
  • the purpose of the association process is to first establish a password association entry (H(F
  • the RSA security public key and the RSA security private key here are a pair of public and private keys, which are only used to establish these entries in this embodiment.
  • the steps to pay are:
  • the user device 5 has a random number R, payment account F, calculation (H (F), H (F
  • the usage device 3 has a payment account S, obtains the payment amount M, and obtains from the user device 5 (H(F), H(F
  • the safety device 1 receives (H(F), H(F
  • R) H(F
  • R), it means F1 F; get (M,S,F);
  • the security device 1 has a fixed number of WR, calculate H (F
  • the confirmation device 4 enters the PIN, and transmits (PIN, P) through the network 2 to the associated server 7;
  • the association server 7 obtains (H(F
  • the security device 1 obtains (M, S, F) matching the PIN according to (H(F
  • the bank acquirer 6 pays and returns the payment completion information to the security device 1, and then to the use device 3; otherwise returns a payment error message to the security device 1, and then the information is returned to the use device 3 via the network 2 or (and ) Confirmation device 4.
  • WR) does not seem to be necessary.
  • the advantage of such processing is that the associated server cannot obtain a "real" F, thus ensuring the security of F in the security device 1, where WR is the number of security devices 1 that are kept secret.
  • the owner of the associated server 7 cannot guess F by modifying F and calculating H(F); more preferably, the security device 1 selects its own unique hash function H. If the confirmation device 4 adopts a more secure cryptosystem such as the H (pin) protection pin method, the association server 7 cannot actually obtain any meaningful data during the processing. This will solve security problems without creating other security issues.
  • the one-way function H of the hidden payment account F and the one-way function H for protecting the account in the associated server can be one. To, can also be inconsistent.
  • the token T can also be used instead of the payment account F to perform the payment process, and of course one more token-to-payment account conversion.
  • the P of the embodiment is data for association, but only the P related to the payment account F in the security device 1 is required to be consistent with the P in the confirmation device 4, that is, P may be a string of data having no other meaning, and is only used for The association of the two parts of data; the confirmation device 4 can hide its own network address transmission (PIN, P) to the security device 1.
  • Embodiment 2 implements a system and method for separately transmitting the hidden payment account F and the dual amount of the amount M and the PIN code to the security device 1, preventing the possibility that the payment account F is intercepted by the criminals, and improving the security of the system.
  • the user device is used to hide the input of the payment account, so that the trouble of inputting the payment account by the manual keyboard is eliminated, and the payment account is also hidden.
  • the payment account here is the user identification data.
  • the login payment process the acquisition and transfer of the amount is removed, which is the login process.
  • the random number R of the user device in the login payment process may be the time of the user device or the data obtained from the using device, or may be the number of challenges generated by the security device 1 by using the device 3, and these technologies may refer to existing dynamics. Passwords guarantee a variety of technologies. The purpose is to make the hidden (H(F), H(F
  • the user device of this embodiment may be a contactless IC card, a contact type IC card, or other connection means capable of transmitting information between the user device and the use device, such as sound waves, Bluetooth, or the like.
  • the security of this embodiment is that the bank card PIN code is entered on the user's own mobile phone (confirmation device) instead of being entered on the use device, and the payment account F is also hidden input. It is apparent that the PIN that the confirmation device 4 transmits to the security device 1 can employ cryptographic techniques. If the verification device 4 executes the RSA security public key (PIN, P), the security device 1 executes the RSA security private key (RSA security public key (PIN, P)), the RSA security private key is not disclosed and is controlled by the security device 1 itself, RSA The secure public key and the RSA secure private key are a pair of public and private keys.
  • the security risk is substantially the same as the loss of the ordinary bank card. It is of course also possible to use a symmetric cryptosystem, which involves a protocol for key distribution. In short, the cryptographic protocol here is to ensure the data security of the transmission process. Of course, it is also possible not to use the identity authentication data such as PIN, but other identity authentication protocols, such as a zero-knowledge identity authentication protocol; then the data transmitted from the confirmation device to the security device is the data that the identity authentication protocol requires to transmit.
  • the associated data P can also be generated by the security device 1 and transmitted to the user device 3 to display the random code P.
  • the confirmation device 4 inputs the random code P in addition to the PIN, so that the transaction data association can also be realized.
  • the advantage is that the security device 1 does not need to store the correspondence between the payment account F and the associated data P.
  • the random code P can also be generated and displayed by the confirmation device 4, input on the use device 3, and transmitted to the security device 1 for association. These display and input steps can also be changed to other near-field data transmission technologies such as two-dimensional code, sound wave, and NFC.
  • the purpose is to have the security device 1 and the validation device 4 have a data P for association.
  • the associated data P is a network address
  • the information can also be included in the address at which the PIN is sent to the secure device 1, so that the PIN can also be encrypted separately without the need to encrypt (PIN, P). Since P is a network address, there is also a step in which the security device 1 transmits the transaction data to the confirmation device 4. This makes it easy for the user to confirm the correctness of the transaction data.
  • data such as M, S, etc. can also be added to the calculation of the identification authentication data for improving security.
  • a third embodiment of the present invention is an embodiment in which the user device 1 is used to implement the hidden output of the payment account F.
  • the apparatus associated with the apparatus for hiding user identification data in this embodiment is as shown in FIG.
  • the device is composed of a one-way function device 11, a random number device 12, a user identification data storage device 13, and a communication device 14.
  • the user identification F is obtained from the user identification data storage device 13
  • the random number R is obtained from the random number device, and is provided to the one-way function device for calculation. (H(F), H(F
  • This embodiment uses the user device 1 to hide the output of the payment account, thereby realizing the hiding of the payment account.
  • the payment account here is the user identification data.
  • the random number R produced by the random number device 12 is such that (H(F), H(F
  • the geographical location information of the user device 1 can also be added, so that it is also necessary to increase the device for obtaining the geographical location on the user device 1.
  • the user device and the confirmation device may be in one physical device, such as a cell phone, watch, PDA, or other device. Logically two devices.
  • the user In the prior art, the user generally declares a username (PAN) and then submits corresponding identity authentication data. For the server, the user first searches for the corresponding data item information in the customer database by using the user name (PAN), and then uses the received identity authentication data and the identity authentication data in the data item to perform identity authentication.
  • PAN user name
  • the user name (PAN) held by the server and the user name (PAN) held by the client itself can be used as a secret.
  • the user name (PAN) can be regarded as the key with the traditional technology authentication on both sides of the same, that is, there are many traditional authentication servers and customers to master the same user name (PAN) authentication technology.
  • this hidden user name (PAN) technology is not limited to any particular website. As long as the website name is entered into the calculation of the one-way function, the hidden input of the user name (PAN) of multiple websites can be realized, provided that the authenticated website has a user name (PAN) consistent with the customer.
  • R) identifies authentication data and may also incorporate other data such as an amount and the like.
  • the method and system associated with hiding user identification data in this embodiment are as shown in FIG. 4 .
  • the system consists of a security device 1, a device 3 and a network 2.
  • the user device 31 is used in the use device 3.
  • the security device 1 and the user device 3 are connected via a network 2.
  • the user device 31 includes: F, a PIN, and a one-way function H; the security device 1 includes a user table (F, H(F), PIN) and a one-way function H. Where F is the primary account (PAN).
  • the user table establishment procedure of the security device 1 is:
  • the security device 1 establishes a user entry: (F, H(F), PIN).
  • the steps to log in are:
  • the user device 31 has a random number R, get F and PIN, calculate (H (F), H (F
  • the security device 1 receives (H(F), H(F
  • PIN1) H(F
  • the random number R in step 1 can be generated by the security device 1, transmitted to the use device 3, and then transmitted to the user device 31, thus preventing replay attacks. It is also possible for the user device to generate a time-based number, such as (random number + time) as R, as well as to prevent replay attacks. It may also be the geographical location information of the user device 31. The random number R may also contain geographic location information using the device 3.
  • the user name and password are input on the device, and the hiding of the user name identification data is realized by the calculation of the one-way function.
  • H(F) is for the security device 1 to find the data item corresponding to F, so it is called the identifier retrieval data
  • PIN) is to confirm the user identification data in the security device.
  • F which is consistent with F in the user device, is called identification authentication data, and he also authenticates the correctness of the PIN.
  • the identification retrieval data and the identification authentication data constitute a hidden token. If the random number R is generated by the user device, it is apparent that R must be transmitted to the security device for identity authentication; at this time the hidden token also includes the random number R.
  • both the security device and the user device may have the same TONKEN and PAN, and both can be used to generate the identification retrieval data and the identification authentication data. That is to say, the data shared by the security device and the user device can be regarded as an identifier to realize a hidden statement of the logo.
  • the essence of this embodiment is the current website registration login process.
  • the website has an attack on a phishing website. Since the device is used to log in to the security device, if there is no key to share the public and secret data, the username and password can only be transmitted to the security device in plaintext. In this way, when the device is mistakenly entered into the phishing website, its username and password are transmitted to the phishing website.
  • One way to deal with phishing websites now is that the user devices are distributed to the using devices by secure devices, so that they can be considered to have key negotiation and then encrypt the interactive data.
  • the second is to sign the login interface of the security device, and use the user device to perform signature authentication to prevent phishing websites.
  • the first solution is essentially the distribution of user devices on every website. Then the security guarantee of the distribution process is a big problem.
  • the essence of the second solution is the correctness of the authentication signature, and it is a set of PKI. It is impossible to distinguish the legality from the website without signature. At the same time, PKI signatures are operated in many markets, and mutual authentication is also a difficult task.
  • the fourth embodiment it is shown that as long as everyone follows the same standard data format and uses the same one-way function, unified login can be achieved.
  • the device used can be a computer used by the user, and the browser can be viewed as a user device.
  • This is the method, device and system of the browser's anti-phishing website. Because when we enter the phishing website, the phishing website can get (H(F), H(F
  • PIN1) H(F
  • the security device may be a website
  • the usage device may be a terminal such as a computer or a mobile phone
  • the user device may be an application that needs to log in to the website, such as a browser or a mail client.
  • the method and system associated with hiding user identification data in this embodiment are as shown in FIG. 4 .
  • the system consists of a security device 1, a device 3 and a network 2.
  • the user device 31 is used in the use device 3.
  • the security device 1 and the user device 3 are connected via a network 2.
  • User device 31 includes: F, PIN, one-way function H, and symmetric cryptographic algorithm DES.
  • the security device 1 includes: a user table (F, H0(F), H(PIN
  • H0(F) represents the first half of H(F) (such as the first 128 bits of SM3)
  • H1(F) represents the last half of H(F) (such as the last 128 bits of SM3).
  • the user table establishment procedure of the security device 1 is:
  • the security device 1 establishes a user entry: (F, H0(F), H(PIN
  • the steps to log in are:
  • the user device 31 has a random number R, obtains F and PIN, and calculates (H0(F), DES H1(F) (F ⁇ R ⁇ PIN), R), and transmits it to the security device 1 through the use device;
  • the security device 1 receives (H0(F), DES H1(F) (F ⁇ R ⁇ PIN), R), according to H0(F), finds the user table to get (F1, H0(F), H(PIN1)
  • SZ) H(PIN
  • the random number R in step 1 can be generated by the security device 1, transmitted to the use device 3, and then transmitted to the user device 31, thus preventing replay attacks. It is also possible for the user device to generate a time-based number, such as (random number + time) as R, as well as to prevent replay attacks. It may also be the geographical location information of the user device 31. The random number R may also contain geographic location information using the device 3.
  • the first half of H(F) is used to identify the data
  • the second half is the key of DES. Obviously it is impossible to get the second half from the first half. But when there is F, it is easy to get these two parts.
  • the core of using a symmetric encryption algorithm is how to obtain the key for encryption and decryption.
  • the core of this patent application is that no key distribution work is performed. Therefore, it can only be realized by using the user names F, PIN and R shared by the security device and the user device.
  • the example uses H1(F), the latter half of H(F). In fact, it can also be implemented using a part of H(F
  • the security device protects the PIN and uses salt to prevent attacks; the different security devices have different salt values and are not disclosed to the user device. So you can't use the PIN data to generate the key, then the following website (security device) is used to protect the user PIN with salt.
  • the security device may be a website
  • the usage device may be a terminal such as a computer or a mobile phone
  • the user device may be an application that needs to log in to the website, such as a browser or a mail client.
  • the method and system associated with hiding user identification data in this embodiment are as shown in FIG. 4 .
  • the system consists of a security device 1, a device 3 and a network 2.
  • the user device 31 is used in the use device 3.
  • the security device 1 and the user device 3 are connected via a network 2.
  • User device 31 includes: F, PIN, one-way function H, and symmetric cryptographic algorithm DES.
  • the security device 1 includes: a user table (F, H0 (F
  • H0(F) represents the first half of H(F) (such as the first 128 bits of SM3)
  • H1(F) represents the last half of H(F) (such as the last 128 bits of SM3).
  • the user table establishment procedure of the security device 1 is:
  • the security device 1 establishes a user entry: (F, H0(F
  • the steps to log in are:
  • the user device 31 has a random number R, obtains F and PIN, calculates (H0(F
  • the security device 1 receives (H0(F
  • SZ)); with R, assuming F1 F, then DES H1(F) (DES H1(F) (F
  • SZ) H(PIN1
  • the random number R in step 1 can be generated by the security device 1, transmitted to the use device 3, and then transmitted to the user device 31, thus preventing replay attacks. It is also possible for the user device to generate a time-based number, such as (random number + time) as R, as well as to prevent replay attacks. It may also be the geographical location information of the user device 31. The random number R may also contain geographic location information using the device 3.
  • the first half of H(F) is used to identify the data
  • the second half is the key of DES. Obviously it is impossible to get the second half from the first half. But when there is F, it is easy to get these two parts. In fact, it is also possible to use a part of H(F
  • the identification retrieval data may not be all data generated by a one-way function. It is also possible to use part of it as an identifier to retrieve data. Which part is used as long as the security device is identical to the user device. It can also be seen from the embodiment that the symmetrically encrypted key can also be constructed with the part identifying the result of the data one-way function to ensure that the security device can securely transmit the identity authentication data (such as PIN) when there is a corresponding user name.
  • identity authentication data such as PIN
  • This embodiment also describes an embodiment in which identity authentication data and identification data are used to collectively generate identification search data.
  • Embodiment 4, 5 or 6 is actually a method of preventing a phishing website from preventing the user's username and password from being obtained by means of phishing.
  • the security device may be a website
  • the usage device may be a terminal such as a computer or a mobile phone
  • the user device may be an application that needs to log in to the website, such as a browser or a mail client.
  • the security device can be directly connected to the bank, or can be connected to the bank acquiring institution through a network, and even the security device is a bank acquiring institution or a bank.
  • password technology should be added to ensure the security of information from security devices to bank acquirers.
  • the data transfer between the devices is not described in the description.
  • the encryption technology and key distribution of the two device communication, the symmetric cryptosystem and the public cryptosystem are all well-known technologies. These embodiments can use these techniques to implement encryption of communications. For the convenience of description, it is not specifically described.
  • Embodiment 2 we use the PIN code input on the confirmation device to indicate the input of the authentication data. But in fact, because the confirmation device is mostly a handheld communication device, it has a strong computing power. Therefore, it is possible to adopt stronger identity authentication protocols and data, such as a zero-knowledge identity authentication protocol.
  • the confirmation device transmits the data required for identity authentication through the connection with the security device or the associated server for association with the payment account, and then collectively constitutes payment data or generates payment data.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Technology Law (AREA)
  • Information Transfer Between Computers (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Storage Device Security (AREA)

Abstract

La présente invention concerne un appareil, un procédé, et un système permettant de cacher des données d'identification d'utilisateur, qui peuvent être utilisés dans les champs tels que l'ouverture d'une session sur un serveur de réseau, l'ouverture d'une session de jeu, un paiement bancaire et des réseaux anti-hameçonnage. Lorsqu'un terminal informatique est utilisé, un compte de paiement (nom d'utilisateur) peut être caché au moyen d'une technologie de masquage par jeton. Le procédé peut être utilisé dans un réseau de paiement, et permet de résoudre simplement et sûrement le problème lié à la protection d'un identifiant d'utilisateur dans un service bancaire, un jeu et d'autres services, via une combinaison à un protocole d'authentification par mot de passe de bonne qualité. Combiné à une technologie d'authentification d'identité à deux voies, le procédé d'authentification d'identité et de paiement sûr et rapide peut être mis en œuvre.
PCT/CN2016/083130 2015-05-25 2016-05-24 Appareil, procédé, et système permettant de cacher des données d'identification d'utilisateur WO2016188401A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201680029857.3A CN107615797B (zh) 2015-05-25 2016-05-24 一种隐藏用户标识数据的装置、方法和系统

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510268747 2015-05-25
CN201510268747.X 2015-05-25

Publications (1)

Publication Number Publication Date
WO2016188401A1 true WO2016188401A1 (fr) 2016-12-01

Family

ID=57392518

Family Applications (2)

Application Number Title Priority Date Filing Date
PCT/CN2016/083130 WO2016188401A1 (fr) 2015-05-25 2016-05-24 Appareil, procédé, et système permettant de cacher des données d'identification d'utilisateur
PCT/CN2016/083135 WO2016188402A1 (fr) 2015-05-25 2016-05-24 Appareil, procédé, et système d'anti-hameçonnage réseau

Family Applications After (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/083135 WO2016188402A1 (fr) 2015-05-25 2016-05-24 Appareil, procédé, et système d'anti-hameçonnage réseau

Country Status (2)

Country Link
CN (2) CN107615797B (fr)
WO (2) WO2016188401A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108805540A (zh) * 2018-05-04 2018-11-13 中电玺客信用服务有限公司 一种支付处理系统、方法和数字对象标识
TWI786252B (zh) * 2018-03-16 2022-12-11 開曼群島商創新先進技術有限公司 支付方法、裝置及設備

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112261005B (zh) * 2020-09-27 2022-12-06 中孚安全技术有限公司 一种Web安全登录密码的隐藏方法及系统
CN115630400B (zh) * 2022-12-21 2023-05-26 中电科网络安全科技股份有限公司 一种去标识化数据的查询方法、装置、设备及存储介质

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004084050A1 (fr) * 2003-03-21 2004-09-30 Koninklijke Philips Electronics N.V. Confidentialite de l'identite d'un utilisateur dans les certificats d'autorisation
CN102075937A (zh) * 2011-01-06 2011-05-25 西安电子科技大学 移动ip注册时实现移动节点身份匿名性的方法
CN102136079A (zh) * 2011-03-07 2011-07-27 中兴通讯股份有限公司 一种读写器与标签卡之间的动态认证方法及实现装置
CN103595710A (zh) * 2013-10-25 2014-02-19 北京交通大学 一种一体化标识网络连接标识生成方法
CN103782538A (zh) * 2011-11-11 2014-05-07 株式会社东芝 认证器

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7751584B2 (en) * 2003-11-14 2010-07-06 Intel Corporation Method to provide transparent information in binary drivers via steganographic techniques
US7434050B2 (en) * 2003-12-11 2008-10-07 International Business Machines Corporation Efficient method for providing secure remote access
US7970143B2 (en) * 2005-08-05 2011-06-28 Hewlett-Packard Development Company, L.P. System, method and apparatus to obtain a key for encryption/decryption/data recovery from an enterprise cryptography key management system
CN101471770B (zh) * 2007-12-24 2011-08-03 毛华 问答式双向身份、交易确认方法
CN101667255B (zh) * 2008-09-04 2011-12-21 华为技术有限公司 一种射频识别的安全认证方法、装置及系统
CN102143190B (zh) * 2011-05-11 2015-05-20 江汉大学 一种安全登陆方法和装置
CN102195782A (zh) * 2011-06-07 2011-09-21 吉林大学 身份与口令相融合的邮件系统双向身份认证方法
CN103139136B (zh) * 2011-11-22 2016-06-08 阿里巴巴集团控股有限公司 一种密码的管理方法和设备
US20130226812A1 (en) * 2012-02-24 2013-08-29 Mads Landrok Cloud proxy secured mobile payments
CN102624740B (zh) * 2012-03-30 2016-05-11 北京奇虎科技有限公司 一种数据交互方法及客户端、服务器
CN103415011B (zh) * 2013-08-05 2015-12-23 浙江工商大学 车载自组织网络的基于智能卡安全认证方法
CN104408623A (zh) * 2014-10-11 2015-03-11 福建升腾资讯有限公司 一种适用于支付产品的身份认证方法

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004084050A1 (fr) * 2003-03-21 2004-09-30 Koninklijke Philips Electronics N.V. Confidentialite de l'identite d'un utilisateur dans les certificats d'autorisation
CN102075937A (zh) * 2011-01-06 2011-05-25 西安电子科技大学 移动ip注册时实现移动节点身份匿名性的方法
CN102136079A (zh) * 2011-03-07 2011-07-27 中兴通讯股份有限公司 一种读写器与标签卡之间的动态认证方法及实现装置
CN103782538A (zh) * 2011-11-11 2014-05-07 株式会社东芝 认证器
CN103595710A (zh) * 2013-10-25 2014-02-19 北京交通大学 一种一体化标识网络连接标识生成方法

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI786252B (zh) * 2018-03-16 2022-12-11 開曼群島商創新先進技術有限公司 支付方法、裝置及設備
CN108805540A (zh) * 2018-05-04 2018-11-13 中电玺客信用服务有限公司 一种支付处理系统、方法和数字对象标识
CN108805540B (zh) * 2018-05-04 2021-10-29 中电信用服务有限公司 一种支付处理系统、方法和数字对象标识

Also Published As

Publication number Publication date
CN107615704B (zh) 2021-06-25
CN107615704A (zh) 2018-01-19
CN107615797B (zh) 2021-01-26
WO2016188402A1 (fr) 2016-12-01
CN107615797A (zh) 2018-01-19

Similar Documents

Publication Publication Date Title
JP5066827B2 (ja) 移動装置を用いる認証サービスのための方法及び装置
RU2710897C2 (ru) Способы безопасного генерирования криптограмм
US20170249633A1 (en) One-Time Use Password Systems And Methods
US8539569B2 (en) Systems and methods for facilitating user authentication over a network
US9338163B2 (en) Method using a single authentication device to authenticate a user to a service provider among a plurality of service providers and device for performing such a method
US8924714B2 (en) Authentication with an untrusted root
US9258296B2 (en) System and method for generating a strong multi factor personalized server key from a simple user password
US8214890B2 (en) Login authentication using a trusted device
US20090172402A1 (en) Multi-factor authentication and certification system for electronic transactions
GB2434724A (en) Secure transactions using authentication tokens based on a device "fingerprint" derived from its physical parameters
KR20130107188A (ko) 사운드 코드를 이용한 인증 서버 및 인증방법
JP2013514556A (ja) 安全に取引を処理するための方法及びシステム
WO2019229761A1 (fr) Carte à puce virtuelle pour opérations bancaires et paiements
US9654466B1 (en) Methods and systems for electronic transactions using dynamic password authentication
WO2016188401A1 (fr) Appareil, procédé, et système permettant de cacher des données d'identification d'utilisateur
US20190333062A1 (en) Secure authentication and transaction system and method
Mishra et al. An anonymous biometric‐based remote user‐authenticated key agreement scheme for multimedia systems
TWI786039B (zh) 線下支付方法、終端設備、後臺支付裝置及線下支付系統
WO2015110043A1 (fr) Dispositif, système et procédé de sélection de validation d'identité sur deux canaux
CN114565382A (zh) 一种交易账户匿名支付方法及系统
CN101425901A (zh) 一种在处理终端中用于对用户身份验证的控制方法及装置
CN106415636B (zh) 一种隐藏用户标识数据的装置、方法和系统
Sudhakar et al. Secured mutual authentication between two entities
WO2015110039A1 (fr) Procédé et système pour entrer un compte de paiement à l'aide de données publiques de carte
WO2015110037A1 (fr) Procédé et système d'authentification d'identité à double canal

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16799289

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16799289

Country of ref document: EP

Kind code of ref document: A1