Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Secured logon method for variable secret key encryption under HTTP

A technology of secure login and key encryption, which is applied in the field of secure login with variable key encryption, can solve the problems of counterfeit security and easy leakage of passwords, and achieve the effect of security guarantee

Inactive Publication Date: 2015-04-29
中復保有限公司
View PDF3 Cites 26 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] In order to achieve a more secure and reliable login verification and solve the technical problems of low security such as passwords are easily leaked or forged during login verification in the prior art, the present invention provides a secure login method with variable key encryption under the HTTP protocol. In the way of variable key encryption, the key and data are dynamically changed, and the illegal third party cannot calculate the password data used for the current login, which greatly improves the security

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Secured logon method for variable secret key encryption under HTTP
  • Secured logon method for variable secret key encryption under HTTP
  • Secured logon method for variable secret key encryption under HTTP

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0023] In the present embodiment, the secure login method of variable key encryption under the HTTP protocol comprises the following steps:

[0024] 1) For the login verification request initiated by the client, the server generates a temporary key according to the login verification request, sends the temporary key back to the client, and caches the temporary key in the server cache with the client IP address as the key value.

[0025] see figure 1 , when the client initiates a login verification request, the server receives the request and obtains the IP address (IP) of the client that initiated the current login verification request session as the first parameter for generating the temporary key, and at the same time obtains the current login verification request Timestamp data (Ts) at that time, as the second parameter to generate the temporary key, through the key generation algorithm K=GetKey(IP,Ts), get a temporary key K processed by base64 encoding, and then the tempor...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a secured logon method for variable secret key encryption under an HTTP. The method includes the following steps that a server terminal generates a temporary secret key K according to a login authentication request of a client terminal, and the temporary secret key is sent back to the client terminal and cached at the client terminal; the client terminal generates user information abstract data Hp1 according to a clear-text password and the temporary secret key in an encryption mode; whether the temporary secret key K with the IP being a key value exists or not is inquired by the server terminal according to the login authentication request, and if not, it is judged that the login authentication fails; if yes, a user password of the server terminal is inquired, server terminal information abstract data Hp2 are generated according to the user password of the server terminal and the temporary secret key, the Hp2 is compared with the Hp1, and whether the login authentication fails or succeeds is judged. According to the secured logon method, the secret key and the data are both dynamic, an illegal third party cannot calculate the password data used by current login, and therefore the technical problem that the security is low due to the fact that the passwords are likely to be leaked or forged during login authentication in the prior art can be solved.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a secure login method for variable key encryption under the HTTP protocol. Background technique [0002] The HTTP protocol transmits data in plain text. Usually, when processing user login, the client encrypts passwords and other high-level security information through some Hash algorithms and then transmits them to the server. The server receives the encrypted data and saves it in the database. The data encrypted by the same Hash algorithm is compared to complete a login verification. Although this method also encrypts the password, the encryption algorithm on the client side and the server side are the same, and the transmission process is also in plain text, just like wearing a dress for the password, and this dress is used every time you log in. They are not changed. In this way, the security of login is compromised. Contents of the invention [0003] In ord...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/0457H04L67/10
Inventor 傅志山
Owner 中復保有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com