Method for acquiring dynamic password based on public key architecture-user personal identification card

A user identification and dynamic password technology, applied in the field of network security, can solve the problems of high clock accuracy requirements, the clock cannot be changed arbitrarily, the probability of losing synchronization, etc., to achieve the effect of data synchronization

Inactive Publication Date: 2008-10-01
BEIJING XINLIAN HENGYE COMM TECH
View PDF0 Cites 23 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In the above-mentioned technical scheme of generating a dynamic password by using a dynamic token card, since the basis for synchronization is the international standard time, the SP background server is required to maintain the correct clock very accurately, and the clock must not be changed arbitrarily, so as to avoid synchronization problems and affect All tokens that are authenticated based on this SP background server also have stricter requirements on the manufacturing process of the token card to reduce the probability that the token card and the SP background server will lose synchronization. In addition, for tokens that lose time synchronization At present, remote synchronization can be performed by increasing the inspection window technology (10 minutes or more before and after) to ensure that it can continue to be used, but this method will increase the success probability of brute force attacks and reduce the security of the identity authentication system
[0006] It can be seen that the traditional token card technology has the limitation of requiring too high accuracy of the clock due to the method based on time synchronization

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for acquiring dynamic password based on public key architecture-user personal identification card
  • Method for acquiring dynamic password based on public key architecture-user personal identification card
  • Method for acquiring dynamic password based on public key architecture-user personal identification card

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0047] In order to make the purpose, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments.

[0048] The basic idea of ​​the present invention is to replace the time synchronization technology adopted by the traditional token card in the form of data synchronization. Simply put, when the user opens a specified OTP service, the PKI-SIM card will be used to generate a dynamic password The key and SIM card ID are used as the synchronization information data, and the synchronization information data is encrypted by the SP public key and then passed to the SP background server. The SP background server uses its own private key to decrypt the synchronization information data and obtains the dynamic password. Key and SIM card identification, so as to realize the data synchronization between the PKI-SIM card and the SP background server, a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for obtaining dynamic password based on PKI-SIM card. The method includes: PKI-SIM card judges OPT service whether open or not according with appointed disposable dynamic password, if not open, OPT service is customed to system, PKI-SIM card gives PKI-SIM card mark and secret key from itself to SP background server in course of customing OTP service; after the OPT service opened, PKI-SIM card generates dynamic password by using PKI-SIM card mark and secret key. The invention can avoid many limitations caused by traditional token card technique because of time synchronization by using date synchronization method of PKI-SIM card and SP background server.

Description

technical field [0001] The invention relates to the field of network security, in particular to a method for obtaining a dynamic password based on a public key system-Subscriber Identity Model (PKI-SIM). Background technique [0002] At present, the one-time password method (OTP, One-Time Password) has been widely used in the field of identity authentication because of its advantages of one-time password, effective prevention of replay attack (Replay Attack), and no need for the user's real password to be transmitted on the Internet. . [0003] In the more popular OTP method, the dynamic token card (Token) uses a special hardware-token card, uses a password generation chip to run a special password algorithm, and generates the current password according to the current time. This technology is based on the time synchronization between the token card and the service provider (SP) background server, and generates a consistent dynamic password through calculation. The update ra...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/30H04L9/32
Inventor 邹俊伟
Owner BEIJING XINLIAN HENGYE COMM TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap