Supercharge Your Innovation With Domain-Expert AI Agents!

Method for updating seeds of dynamic password token

A dynamic password and seed technology, applied in the field of information security, can solve the problems of token security loopholes, inability to update seeds, and no ability to change hardware interfaces, etc., to achieve the effect of increasing security

Active Publication Date: 2011-04-20
FEITIAN TECHNOLOGIES
View PDF3 Cites 38 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Among them, a lot of use includes a challenge-response dynamic password system. This method uses a small intelligent security device with buttons, which can also be called a dynamic password token. The token has a built-in security algorithm, and each token is set There is a unique seed (used to calculate the static parameters of the dynamic password), usually, the token is provided with buttons and a display screen, the buttons are used as an input device to input challenge codes, etc. The seed in the token is confidential and stored in the token and cannot be read out. Hackers cannot crack the user's dynamic password if they cannot obtain the seed.
[0004] However, there are still security holes in such tokens. In general, OTP tokens are produced by security product manufacturers. The manufacturer uses a seed production tool to generate a seed for each token, and writes the unique seed to At the same time, each token is numbered, and the number and the seed correspond to each other. When the dynamic password token is sold to the service provider, the corresponding seed is distributed to the service provider at the same time, and the service provider distributes the token. Authenticate users using
And, usually, the service provider does not have the hardware interface to change the seed in the token, and cannot update the seed, thus creating a security hole

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for updating seeds of dynamic password token
  • Method for updating seeds of dynamic password token
  • Method for updating seeds of dynamic password token

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0055] This embodiment provides a method for updating the seed of the dynamic password token. figure 1 ,Specific steps are as follows:

[0056] Step 101, the user sends a request to update the seed in the dynamic password token to the server through the client;

[0057] In this embodiment, the dynamic password token used by the user is a challenge-response dynamic password token, and input and output devices are placed on the token, preferably, the input device adopts a keyboard, and the output device adopts a display output or an audio broadcast output in the form of;

[0058] The user sends a request to update the seed in the dynamic password token through the client. Specifically, the user accesses the server through the browser installed in the client, and the server returns the function of updating the seed of the dynamic password token through the browser. page, the user enters the number of the OTP token that needs to update the seed, and chooses to update the seed, a...

Embodiment 2

[0087] This embodiment provides a method for updating the seed of the dynamic password token. figure 2 ,Specific steps are as follows:

[0088] Step 201, the user sends a request to the server to update the seed in the dynamic password token through the client;

[0089] In this embodiment, the dynamic password token used by the user is a challenge-response dynamic password token, and input and output devices are placed on the token, preferably, the input device adopts a keyboard, and the output device adopts a display output or an audio broadcast output in the form of;

[0090] The user sends a request to update the seed in the dynamic password token through the client. Specifically, the user accesses the server through the browser installed in the client, and the server returns to the dynamic password token through the browser to update the seed. On the function page, the user enters the number of the OTP token that needs to update the seed, and selects to update the seed,...

Embodiment 3

[0119] This embodiment provides a method for updating the seed of a dynamic password token. The dynamic password token provided by this embodiment stores a plurality of seeds in the dynamic password token, and stores information corresponding to a plurality of seeds. The list, referred to as the seed list in this embodiment, is written when the dynamic password token is produced or initialized. When the dynamic password token leaves the factory, use one of the multiple seeds as the initial seed to perform dynamic password calculation. The seed is defined as the initial seed, and the same seed list is also saved on the server side for the dynamic password token with this number. After the user purchases the dynamic password token, the seed used for calculating the dynamic password can be updated. image 3 , specifically as follows:

[0120] Step 301, the user sends a request to the server to update the seed in the dynamic password token through the client;

[0121] In this emb...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for updating seeds of a dynamic password token. The method comprises the following steps: firstly, a user performs mutual authentication by using a dynamic password token and a server, and seeds in the dynamic password token are updated if legal; the server generates a seed updating identification and transmits the seed updating identification to a client; the dynamic password token uses the seed updating identification to generate a temporary seed and authenticates a dynamic password again by using the temporary seed, and updates the seeds stored inside if the authentication is successful; and the server also updates the seeds to be stored by the dynamic password token. The invention prevents token manufacturers from knowing the condition of seeds in eachtoken by updating seeds in the dynamic password token, therefore the safety is improved.

Description

technical field [0001] The invention relates to the field of information security, in particular to a method for updating the seed of a dynamic password token. Background technique [0002] With the development of network technology, people need to transmit a large number of important information such as transactions on the Internet, but ordinary static password technology is no longer safe, and can be easily intercepted by hackers. Hackers use static passwords to log in to users' legitimate accounts. , Carrying out illegal activities poses a great threat to people's information security. [0003] In recent years, a dynamic password technology has emerged. Through this technology, the feature of one-time encryption can be achieved during the process of user inputting the password. Even if the user's login password is intercepted this time, the password will be invalidated when the user logs in next time. It cannot be used and can no longer pose a threat to users, which grea...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L9/08H04L9/32
Inventor 陆舟于华章
Owner FEITIAN TECHNOLOGIES
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More