Data signature authentication method and data signature authentication system

A technology of data signature and authentication method, which is applied in the field of information security and can solve problems such as loss of users, loss or tampering of transaction information and personal information, and deception of the system.

Active Publication Date: 2011-10-19
FEITIAN TECHNOLOGIES
View PDF1 Cites 28 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] In the existing transaction process, for the user, the operations of confirmation or sending information required in the entire transaction process are realized on the client, and both the Internet and the mobile communication network are open systems, so It is possible to be maliciously attacked by third parties such as hackers and fake websites, and there is also the risk of being infected with viruses such as Trojan horses, resulting in the loss or tampering of transaction information and personal information, especially if the client receives during the transaction. In the case of remote control of third-party programs, it is also possible for the client to automatically complete the transaction under the remote control of the third party
[0004] In the prior art, the signature authentication process is generally: the client or the USB Key signs the transaction information and sends it to the background server for authentication. Due to the insecurity of the network, the USB Key will perform transaction information that has been attacked or tampered with by a Trojan horse. The result after the digital signature is sent to the server for verification. Even if the server verification fails, the underlying Trojan horse of the computer may return a successful verification result to the client, confusing the user to conduct transactions; some attackers may even send a package that the server has received , to achieve the purpose of deceiving the system, which will cause huge losses to users

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Data signature authentication method and data signature authentication system
  • Data signature authentication method and data signature authentication system
  • Data signature authentication method and data signature authentication system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0048] Embodiment 1 of the present invention provides a data signature authentication method. Take the user using USB Key to conduct online transactions between the client and the background server as an example. The USB Key connected to the client uses the method provided by the embodiment of the present invention to verify the The transfer data involved in the process and the dynamic password generated by the USB Key are signed to improve the security of online transactions. The key stored in the USB Key corresponds to the key stored in the background server, see figure 1 , the method includes:

[0049] Step 101: the client establishes a connection with the background server, initiates a data transmission request and displays a prompt message, prompting the user to input relevant information;

[0050] Specifically, the relevant information in this embodiment includes account, amount, user name, and password;

[0051] Step 102: the client receives relevant information, form...

Embodiment 2

[0081] Embodiment 2 of the present invention provides another data signature authentication method, wherein, the first dynamic factor and the second dynamic factor are USB Key and the number of times stored in the background server, such as figure 2 shown, including:

[0082] Step 201: the client receives user trigger information, displays prompt information, and prompts the user to input relevant information, such as account, amount, user name, password, etc.;

[0083] Step 202: The client receives relevant information, composes it into a data message to be signed and sends it to the USB Key connected to it;

[0084] Step 203: The USB key analyzes the received data message to be signed to obtain the data to be signed, and obtains key information from the data to be signed according to the pre-agreed rules;

[0085] The data to be signed includes account number, amount, user name, password and other information; specifically, the key information in this embodiment is compose...

Embodiment 3

[0108] Such as image 3 As shown, there is another data signature authentication method provided by Embodiment 3 of the present invention, wherein the first dynamic factor and the second dynamic factor are USB Key and the time factor stored in the background server respectively, including:

[0109] Step 301: The client establishes a connection with the background server, initiates a data transmission request and displays prompt information, prompting the user to input relevant information; specifically, the relevant information in this embodiment includes account, amount, user name, and password;

[0110] Step 302: the client receives relevant information, forms a signature file package and sends it to the background server;

[0111] Step 303: The background server obtains the challenge value from the signature file package according to a preset method and stores it, converts the signature file package into a data message to be signed and sends it and the challenge value to th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a data signature authentication method and a data signature authentication system. The method comprises the following steps that: a universal serial bus (USB) key receives a data message to be signed and analyzes the data message to be signed to obtain data to be signed; the USB key judges whether acknowledge execution information is received within predetermined time; if the acknowledge execution information is received within the predetermined time, the USB key acquires a first dynamic password and processes the first dynamic password and the data to be signed to obtain signed data; if the acknowledge execution information is not received within the predetermined time, the USB key finishes operation; the USB key sends the data to be signed and the signed data to a background server by a client; the background server generates a validation window, wherein the validation window has at least two second dynamic passwords; and the validation window validates the signed data according to the data to be signed and the second dynamic passwords. In the data signature authentication method and the data signature authentication system, by using the dynamic passwords in signature as timestamps, the background server authenticates the dynamic passwords and the data to be signed, so the security of network data transmission is improved, and replay attack resistance is truly realized.

Description

technical field [0001] The invention relates to the field of information security, in particular to a data signature authentication method and system. Background technique [0002] With the rapid development of the Internet, online transactions have become more and more common, but due to the insecurity of the network, people often use smart key devices (ie USB Key) to ensure the security of online transactions. [0003] In the existing transaction process, for the user, the operations of confirmation or sending information required in the entire transaction process are realized on the client, and both the Internet and the mobile communication network are open systems, so It is possible to be maliciously attacked by third parties such as hackers and fake websites, and there is also the risk of being infected with viruses such as Trojan horses, resulting in the loss or tampering of transaction information and personal information, especially if the client receives during the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/32H04L29/06
Inventor 陆舟于华章
Owner FEITIAN TECHNOLOGIES
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap