Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Dynamic token working method and dynamic token working system

A technology of dynamic tokens and working methods, which is applied in transmission systems, digital transmission systems, user identity/authority verification, etc., can solve problems such as increasing the difficulty of deriving the working principle of dynamic tokens for criminals, and achieves the goal of being difficult to crack, The effect of increasing difficulty and ensuring safety

Active Publication Date: 2015-02-04
CHINA CONSTRUCTION BANK
View PDF8 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In view of this, the object of the present invention is to provide a dynamic token working method and system to solve the problem that the existing challenge / response dynamic token working mechanism and process are relatively simple, and to increase the work of lawbreakers to deduce the dynamic token. The difficulty of the principle, thereby ensuring the security of user accounts

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Dynamic token working method and dynamic token working system
  • Dynamic token working method and dynamic token working system
  • Dynamic token working method and dynamic token working system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0058] This embodiment one discloses a dynamic token working method, refer to figure 1 , the method may include the following steps:

[0059] S101: Receive a login response code generation request from a user, where the login response code generation request includes a login challenge code.

[0060] Before using the dynamic token for the first time, the user needs to activate the dynamic token, that is, each step of the present invention needs to be based on the preprocessing of activating the dynamic token.

[0061] When activating the dynamic token, the authentication server generates an activation code, and then the user manually enters the activation code generated by the server into the dynamic token. The activation code generation algorithm is as follows:

[0062] ActiveCode=ChallengeRand|Truncate_SM3(SM3(Seed|ChallengeRand))) (1)

[0063] In formula (1), ActiveCode represents a 12-digit activation code; ChallengeRand represents a 6-digit decimal random number, which n...

Embodiment 2

[0114] In the second embodiment, refer to figure 2 , the method may also include the following steps:

[0115] S105: After the token is turned on, receive the personal identification password PIN code input by the user, and verify the correctness of the entered PIN code. If the number of incorrectly entered PIN codes reaches the set value, the token will be locked and the token will be displayed. Lock reminder and unlock request code;

[0116] S106: Receive the unlock code input by the user and unlock it. The unlock code is generated by the authentication server according to the formula PUK=Truncate_SM3(SM3(Puk_Seed|Puk_Request)), where Truncate_SM3 represents the SM3 truncation algorithm, PUK represents the unlock code, and Puk_Request represents the unlock request code.

[0117] Specifically, this embodiment expands the calculation key to three: a login key, a signature key, and an unlock key. Therefore, while pre-defining the login key and signature key, the unlock key ...

Embodiment 3

[0132] Embodiment 3 discloses a dynamic token working system, which corresponds to the dynamic token working methods disclosed in Embodiment 1 and Embodiment 2.

[0133] First, corresponding to Embodiment 1, refer to Figure 4 , the system includes a first receiving module 100 , a first processing module 200 , a second receiving module 300 and a second processing module 400 .

[0134] The first receiving module 100 is configured to receive a user's login response code generation request, where the login response code generation request includes a login challenge code.

[0135] The first processing module 200 is configured to process the login challenge code, the pre-generated login key in the dynamic token and the current real-time time to obtain a login response code, the login key is when the dynamic token is activated , which is generated based on its built-in seed key, login purpose code, and activation code provided by the authentication server.

[0136] Wherein, the fi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention a dynamic token working method and a dynamic token working system. The authentication requirements of users are divided into two categories in advance, namely login authentication requirements and signature authentication requirements during signature in the transaction processes (after login); after the dynamic token is activated successfully, the dynamic token generates corresponding login private keys and signature private keys for the two categories of the authentication requirements in advance. Subsequently, when a user has the transaction requirement and needs login or signature authentication, the dynamic token generates a corresponding login answer-back code or a signature answer-back code for the user according to the login private key or the signature private key in combination with a challenge code input by the user at the moment. Obviously, according to the dynamic token working method, different calculation private keys are set for different authentication requirements of the users, and therefore, the private keys of the dynamic token are not easy to break, and the working mechanism and the working flow of the dynamic token are safer; besides, dual authentication during the transactions of the users is realized, the difficulty for lawbreakers to reversely infer the working principle of the dynamic token is improved, and the security of user accounts is guaranteed.

Description

technical field [0001] The invention belongs to the technical field of security authentication of a banking system, and in particular relates to a dynamic token working method and system. Background technique [0002] A dynamic token is a terminal used to generate a dynamic password. A dynamic password is a safe and convenient account anti-theft technology, which can effectively protect the security of login authentication during transactions. [0003] From a technical point of view, dynamic tokens can be divided into three types, time synchronization type, event synchronization type and challenge / response type. At present, the working methods of challenge / response dynamic tokens are all based on the OATH (Oath) algorithm standard, combined with the challenge code input by the user and the seed secret key built into the token, the corresponding response code is calculated to achieve login authentication during transactions . It can be seen that the working mechanism and pr...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L9/32
CPCH04L63/0815H04L9/0869H04L9/3213H04L9/3247H04L63/0807
Inventor 董思廖敏飞李文鹏吴孟晴刘丽娟许腾
Owner CHINA CONSTRUCTION BANK
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com