A method and device for key distribution, dynamic password generation and authentication

A dynamic password and key generation technology, applied in the field of information security, can solve the problems of inconvenient operation, easy to read SQLite files by other applications, and easy to make mistakes.

Active Publication Date: 2019-09-13
FEITIAN TECHNOLOGIES
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] In the prior art, there are the following drawbacks in the method of issuing keys and generating dynamic passwords during identity authentication: the mobile terminal or dynamic token directly downloads the seed key from the seed key management system, and the seed key is It is easy to be intercepted by malicious programs, and there is a risk of leaking the seed key; the SQLite file in the mobile terminal is easy to be read by other applications, and there is a risk of leaking the seed key in the storage method; After the dynamic password is generated, the user needs to manually input the dynamic password into the webpage or the client of the mobile terminal, which is inconvenient to operate, prone to errors, and poor in security; when using the dynamic token to download and save the seed key, a mobile terminal is required. Combined with dynamic tokens, compared with only using mobile terminals, the authentication cost is higher, and it is inconvenient to carry

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and device for key distribution, dynamic password generation and authentication
  • A method and device for key distribution, dynamic password generation and authentication
  • A method and device for key distribution, dynamic password generation and authentication

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0111] This embodiment provides a method for issuing keys, such as figure 1 shown, including:

[0112] Step 101: the client obtains the user name and password, sends the user name and password to the operation management platform, and saves the user name.

[0113] Specifically, the client obtains the user name and password input by the user, and sends the user name and password to the operation management platform.

[0114] For example, when the client user opens the client in the mobile terminal, the client displays the user name and password input window, when the user enters the user name and password in the corresponding input window, and clicks the login or confirmation button, the client obtains the user name and password , and send the user name and password to the operation management platform.

[0115] Before step 101 is executed, it also includes installing a client on the mobile terminal. Specifically, the mobile terminal installs the client after downloading the...

Embodiment 2

[0159] This embodiment provides a key delivery method, which is applied to a system composed of a mobile terminal, an operation management platform, a security management platform, and a dynamic password management platform, wherein the mobile terminal includes a client and a security domain, such as figure 2 shown, including:

[0160] Step 201: the client obtains the user name and password, and sends the user name and password to the operation management platform.

[0161] Specifically, the client obtains the user name and password input by the user, and sends the user name and password to the operation management platform.

[0162] For example, when the user opens the client in the mobile terminal, the mobile terminal displays the user name and password input window, when the user enters the user name and password in the corresponding input window and clicks the login or confirmation button, the client obtains the user name and password, and The user name and password are ...

Embodiment 3

[0237] The invention provides a method for generating and authenticating a dynamic password, such as image 3 As shown in , it is a flow chart of generating a dynamic password when the client logs in and authenticating the generated dynamic password, including the following steps:

[0238] Step 301: The client obtains the user name and password, establishes a secure channel with the security domain, and sends a request for generating a dynamic password including a token identifier to the security domain through the secure channel.

[0239] Specifically, step 301 specifically includes:

[0240] Step 3011: The user opens the client terminal in the mobile terminal, and the client application interface is displayed on the mobile terminal, and an input window for user name and password is displayed on the client application interface.

[0241] Step 3012: The user enters the user name and password respectively through the user name input window and the password input window, clicks...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses methods and devices for key distribution, dynamic password generation and authentication, and belongs to the field of information security. The key distribution method comprises that a client sends a key distribution request including a user name to an operation management platform; the client receives a key generation factor and a token identifier from the operation management platform; the client calls a built-in algorithm for calculating a seed key, generates the seed key according to the key generation factor and the token identifier, and saves the token identifier; and the client establishes a security channel with a security domain, and writes the seed key and the token identifier into the security domain via the security channel. According to the methods and the devices, the client downloads the key generation factor from a server platform, and calculates the seed key by using the key generation factor, so that divulgence of the seed key is avoided in the key distribution process; a dynamic token is not needed when a dynamic password is calculated, so that the authentication cost is reduced; and the methods and the devices are convenient to operate, unlikely to go wrong and good in security.

Description

technical field [0001] The present invention relates to the field of information security, in particular to a method and device for key distribution, dynamic password generation and authentication. Background technique [0002] With the rapid development of electronic information, the application of mobile devices (also called mobile terminals) in electronic transactions and system login has become increasingly popular due to their characteristics of portability and flexible operation. In order to improve security, a dynamic password is usually used for identity authentication when using a mobile terminal for electronic transactions or system login. The generation of a dynamic password requires an inherent calculation factor, which is called a seed key. Whether the seed key is safe directly affects the security of electronic transactions or system login. In the prior art, the method of key delivery is usually that the mobile terminal directly downloads the seed key from th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L9/08
Inventor 陆舟于华章
Owner FEITIAN TECHNOLOGIES
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap