88results about How to "Prevent brute force cracking" patented technology

The invention aims to provide open knowledge bases method and equipment for user authentication. The method comprises the following steps of: selecting a problem from the open knowledge base by the network equipment; sending the problem and an answer input frame thereof to the UE (User Equipment) of a user; acquiring a user response to the problem, wherein the user response is input in the answer input frame by the user; and matching and comparing the user response with the answer to the problem so as to acquire a matching result; and feeding back information related to the matching result to the UE. Compared with the prior art, by selecting the user authentication problem from the open knowledge base, the invention effectively avoids brutal computer cracking and relieves the cost pressure of an authentication service provider for maintaining a great amount of data so as to realize a user authentication technology with high security and high reliability in an effective cost mode.

The embodiment of the invention provides a data encryption method, device, equipment and system and a data decryption method, device, equipment and system, and relates to the field of data security. The data encryption method comprises the following steps: receiving an encryption request for encrypting specified data; acquiring an encryption rule corresponding to field information in pre-stored currently-effective privacy version configuration information; and encrypting the specified data according to the searched encryption rule. The specified data is encrypted through the preconfigured currently-effective privacy version configuration information. The problem of low security of encryption and decryption methods provided in the prior art is solved. The effective privacy version configuration information is updated automatically along with time, so that the probability of forced cracking of encrypted data can be lowered to a great extent, and the security during data encryption or decryption can be enhanced greatly.

The invention discloses a login verification method. The method comprises the following steps: if a login request sent by a client is received, obtaining an identity identifier of the client and an account name and a combined password carried in the login request; splitting the combined password to obtain a login password and a check code according to a preset combination rule; verifying the check code according to the identity identifier of the client and a preset check code record; verifying the login password according to the account number and a preset login password database; and if the check code is verified, the login password is verified, determining that the login request is verified, and allowing the client to log in. The invention further discloses a login request method and a secure login system. By adoption of the login verification method, the security of the login mode is greatly improved.

The invention relates to a WiFi Internet surfing connecting authentication method based on asymmetric full-process encryption. The WiFi Internet surfing connecting authentication method includes the steps that a cloud authentication server defines an encryption access strategy for an access controller; the cloud authentication server issues the encryption access strategy to the assigned access controller based on the M-WAPI protocol; the access controller issues the encryption access strategy based on the M-WAPI protocol to a mobile terminal accessing the WiFi for the first time; the mobile terminal sends an encrypted authentication request to the cloud authentication server for authentication through the encryption access strategy, and if authentication is successful, the mobile terminal can access the Internet. The invention further discloses a WiFi Internet surfing connecting authentication system based on the asymmetric full-process encryption. By means of the asymmetric full-process encryption method and system, the mobile terminal can be rapidly connected to legal WiFi hot points, phishing, AP cheating, network hijacking, brute force attacking and the like can be effectively avoided, and it is guaranteed that users can safely use WiFi network resources without worries to protect sensitive information of the users from leakage and stealing.

The invention relates to an electronic encryption label, a false proof label system, and an article false proof system and method. The electronic encryption label comprises an input output interface and an irreversible encryption module, the input output interface is constructed to receive first information, and the irreversible encryption module is constructed to generate an identification token according to the first information and output the token through the input output interface. A specific encryption algorithm on the basis of the electronic encryption label can be one of many known encryption algorithms, the encryption process is irreversible, i.e., information such as an encryption key used in en encryption process cannot be reversely deduced through reverse engineering by means of the identification token. By using such a mode, violent declassification by criminals can be prevented, thus the security of the electronic encryption label can be further improved, the circulation and sale of counterfeit or inferior commodities can be effectively cracked down, and the legitimate interests of consumers and commodity manufacturers can be effectively protected.

The invention discloses an encryption method and system based on a white box. The method comprises the following steps: S100, an application terminal acquires characters input by a user, and implements encryption combination on the characters and white box seeds in accordance with a preset character encryption algorithm and a preset acquisition sequence to obtain a combined password; S200, the application terminal implements encryption operation on the combined password according to a preset password encryption algorithm to obtain an encrypted ciphertext; and S300, a server decrypts the encrypted ciphertext to obtain a user default password. According to the encryption method and system disclosed by the invention, the characters input by the user can be obtained by clicking or touching a software simulation keyboard through a mouse, a white box cryptography is applied to a password keyboard of the application terminal to enable that the characters input by the user are firstly separately encrypted and then integrally encrypted, so that the way of obtaining the password through brute force can be better prevented.

The invention provides a method and system for binding of software and hardware. The method comprises the steps of: obtaining a CPU number and a hard disk number of a client-side of installing the software during installation of the software and encrypting the CPU number and hard disk number to obtain a hardware digital signature; obtaining cryptograph through encrypting the hardware digital signature according to the data parallel table and a combination key; decrypting the cryptograph based on the data parallel table and combination key to obtain the hardware digital signature when the software starts; obtaining the CPU number and hard disk number of the present client-side, encrypting the CPU number and hard disk number to obtain the hardware digital signature of the present client-side, and determining whether the hardware digital signature of the present client-side is consistent with the hardware digital signature obtained through decryption, if yes, then starting the software on the present client-side.

The invention provides a transaction information verification method and a transaction information verification device. The transaction information verification method comprises the following steps: receiving transaction information submitted by a user, and performing digital signature and encryption processing; transmitting encryption transaction information with a digital signature to an electronic bank server, verifying the digital signature and judging the legality of the transaction information through the electronic bank server, and after judging that the digital signature is qualified and the transaction information is legal, generating a transaction verification code according to the transaction information; receiving a transaction verification code and a server electronic signature fed back from the electronic bank server, and verifying the server electronic signature; after the verification is approved, prompting the user to input the verification code in a mode that button lamps are lightened or tuned off or the colors of the button lamps are changed through corresponding buttons according to the transaction verification code; judging whether the verification code input by the user through operation buttons is correct or not; after the verification code is correctly input, generating verification approval information, transmitting to the electronic bank server, and processing the transaction information through the electronic bank server according to the verification approval information, and completing the transaction.

The invention discloses a method and a device for generating a login webpage. The method comprises the steps of receiving a loading request, wherein the loading request is a request for loading a login webpage; allocating a first key to the loading request; allocating an identifier for a field to be displayed of the login webpage according to the first key, wherein a corresponding relation exits between the identifier and the first key; and generating the field to be displayed according to the identifiers so as to realize generation of the login webpage. The method and the device disclosed by the invention solve a technical problem that a password of the login webpage is easy to be forcibly broken in the prior art.

The embodiment of the invention provides an account authentication method and device, and relates to the technical field of information security. The method comprises the steps that after an authentication request which is sent by a user terminal and carries account information of an account to be authenticated is received, the number of times of continuous authentication failure corresponding tothe account to be authenticated is obtained; when the number of times of continuous authentication failures is larger than or equal to a preset verification threshold value, indication information issent to the user terminal, and the indication information is used for indicating input of a verification code; if the verification code sent by the user terminal is received and it is determined thatthe received verification code passes the verification, the to-be-authenticated account IS authenticated according to the account information; and if the verification code sent by the user terminal isnot received or it is determined that the received verification code does not pass the verification, the authentication request is discharded. By adopting the method, the user experience can be improved.

The invention discloses a picture password authentication method and a picture password authentication device. The picture password authentication method comprises the following steps that: initiating an authentication request, wherein the authentication request comprises unique identification related to a user; according to the unique identification, obtaining an authentication picture, and adding a plurality of pictures to form a picture group; requesting the user to select one picture; taking one picture selected by the user as a background picture, and in addition, forming a symbol matrix by alternative symbols during the generation of a picture password; enabling the user to move the symbol matrix in the background picture to move an authentication symbol to a position during the generation of the picture password; and determining whether the user selects a correct background picture or not, determining whether the authentication symbol is moved to the same position during the generation of the picture password or not, if the background pictures are correct, proving that user authentication is successful, and otherwise, proving that authentication fails. The authentication method and the authentication device of the invention are high in reliability, and are unlikely to generate the problems that the password is stolen and leaked and the like.

The invention discloses an authentication method and a device. The method comprises the following steps: intercepting a first authentication request sent to an account authentication server by a business application server, wherein the first authentication request comprises an account and the authentication information; acquiring the target authentication information corresponding to the account from the third-party server; and responding to the first authentication request according to the authentication information and the target authentication information. The technical scheme disclosed by the invention can realize the account authentication based on the third party, and the risk of password leakage is lowered.

The invention provides an in-vehicle network safety communication sending and receiving method and device. The method comprises the steps that a sending end generates a message authentication code according to original message data and a fresh value, and carries out the cutting of the message authentication code to obtain a message authentication code cutting value; and the message authenticationcode cutting value is embedded into the original message data based on the embedding position generated by the CAN ID and the fresh value, and the message authentication code cutting value is splicedwith the fresh value cutting value to obtain a to-be-sent message packet. The receiving end extracts a fresh value cutting value from the message packet, supplements the fresh value cutting value according to a first fresh value of a previous message recorded by the receiving end and a second fresh value of a counter of the receiving end to obtain a complete fresh value, calculates an embedded position according to the fresh value and the CAN ID, and extracts a first message authentication code cutting value and original message data; and a message authentication code is calculated according to the original message data and the fresh value, and cut to obtain a second cutting value for comparing and verifying the legality of the message. The method can effectively prevent the cutting valueof the message authentication code from being violently cracked, and prevent the threat of a replay attack.

A method for authenticating a prover to a verifier, the prover being provided with a proving key paired to a verification key registered with the verifier, wherein the proving key can be obtained by transforming a protected key and a secret (S) using a transformation (E), characterized in that the prover stores the protected key and does not store the corresponding proving key nor the corresponding verification key in clear, with the exception of storage in transient memory.

The invention discloses a method and a system for improving data transmission security. The method comprises the following steps of: connecting a Master end and a Slave end through GPIO (General Purpose Input/Output) and SPI (Serial Peripheral Interface) buses and a data communication bus; pulling down a GPIO (General Purpose Input/Output) signal of the Master end, actively initiating communication by the Master end, and transmitting interaction data and a corresponding check value to the Slave end; transmitting interaction data through a data communication bus, and transmitting a verification value through an SPI bus; enabling the Slave end to judge a transmission result of the data based on the received interaction data and the verification value; and outputting a PWM (Pulse Width Modulation) signal on a GPIO (General Purpose Input/Output) interface of the Slave end, requesting to initiate communication by the Slave end, and informing the Master end of the transmission result. According to the method, the validity of communication data is verified through GPIO and SPI buses, so that the security of data transmission is improved; and meanwhile, the verification value and the interaction data are sent through different buses, so that the security of data transmission is improved.

The invention provides a VPN (Virtual Private Network) connection method based on a blacklist mechanism. The method comprises the following steps: when a request instruction of establishing VPN connection is received, acquiring feature information of a client performing VPN connection, wherein the feature information includes an IP address, a digital certificate summary, a user name and a password; judging whether the IP address, the digital certificate summary and the user name conform to corresponding information in a blacklist or not in sequence; if one of the IP address, the digital certificate summary and the user name conforms to the corresponding information in the blacklist, rejecting the VPN connection; and if all the IP address, the digital certificate summary and the user name do not conform to the corresponding information in the blacklist, and the digital certificate summary and the password are matched with a preset digital certificate summary and a preset password respectively, establishing the VPN connection. Through combination of VPN verification and the blacklist mechanism, hacker behaviors such as flooding attacks and brute force attacks can be prevented effectively.

The invention relates to an image password generation method and an image password generation device. The image password generation method comprises following steps: setting a user-selected image as an authentication image or selecting an authentication image directly from images of a system; setting a background image by means of the authentication image; requiring the user to select a symbol as a backup symbol; setting the symbol selected by the user from the backup symbols as an authentication symbol; generating a symbol matrix using symbols that contain the backup symbol and making the symbol matrix overlap on the background image and protrudingly displaying one authentication symbol; making the user drag the symbol matrix so that the highlighted authentication symbol is located at a desired position in the background picture to generate a picture password. The image password generated by this method is highly reliable.

The invention discloses a login control method and device capable of preventing violent cracking. Violent cracking of a login authentication and authorization system is realized. According to the scheme of the invention, Continuous multiple login operations in the violent cracking process can be controlled based on authentication of all elevator shafts from the first to the Nth in the elevator; and finally, login operation of violent cracking can be limited or login of the violent cracking can be completely forbidden based on long limiting time required by the Nth elevator shaft. Therefore, violent cracking of the login authentication and authorization system can be effectively prevented by utilizing the scheme of the invention; In addition, relevant parameters for authenticating the elevator are configurable; a dynamic login attack prevention function is realized; Meanwhile, compared with a conventional verification mode based on a verification code, a verification picture and the like in the prior art, the method focuses on using an intelligent authentication means based on an authentication elevator at a system end to prevent attacks, a user does not need to execute complex interactive operation, the intelligent degree is high, and the user experience is effectively improved.

The invention discloses a privacy protection method of sensing information virtual service in Internet of Things. Sensor sensing data, a cloud server, a local domain manager, and a user are provided.By aiming at generating of sensing information in a wireless sensing network and during a virtual service process in cloud computation, the data privacy protection strategy of the cloud computation virtual service is divided into two parts: (1) the sensing information is transmitted in the network, and is stored in the cloud server; (2) the sensing data stored in the cloud server is used to provide service for a user. By aiming at each of the safety problems faced by the abovementioned two parts, a safety protection algorithm is provided, and therefore the safety storage algorithm of the sensing information and the safety access algorithm of the data stored in the cloud server are provided.