Mobile terminal third-party application security authentication method and device
A mobile terminal and application security technology, applied in the field of secure communication, can solve the problems of low security verification strength, inability to judge illegal modification of installation packages, etc., and achieve the effect of ensuring reliability and high strength
Active Publication Date: 2019-03-15
SHENZHEN SINOSUN TECH
View PDF3 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
When the user verifies the installation package, it is impossible to judge whether the downloaded and installed installation package has been illegally modified by a tamperer. The security verification strength of the above-mentioned installation package verification method is very low.
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0047] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.
[0048] In one embodiment, such as figure 1 As shown, a mobile terminal third-party application security authentication method is provided, the method comprising:
[0049] Step S102: Download the installation package of the third-party application.
[0050] The mobile terminal can download the installation package of the third-party application on the network server through the Internet, or can download the installation package of the third-party application in the APP of the manufacturer's application market corresponding to the mobile terminal.
[0051] Step S104: Obtain the public key carried i...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention relates to a safe authentication method and device of a third-party application at a mobile terminal. The method comprises the following steps: downloading a third-party application installation package; acquiring a public key carried in the installation package and a signature value of the installation package of the third-party application, wherein the signature value is a signature value of a server private key to an authorized public key of the installation package; acquiring a pre-stored server public key of the mobile terminal; using the signature value and the server public key to verify whether the public key carried in the third-party application installation package is the authorized public key, if the public key carried in the third-party application installation package is the authorized public key, installing the installation package. Through the adoption of the method disclosed by the invention, the mobile terminal authenticates the public key carried in the installation package so as to guarantee that the public key of the downloaded installation package is not modified, and a signature algorithm is used for verifying the signature, the signature of the authorized public key cannot be counterfeited even if an attacker can acquire the server public key due to the privacy of the server private key for the signature, the reliability of the verification is guaranteed.
Description
technical field [0001] The invention relates to the technical field of secure communication, in particular to a third-party application security authentication method and device for a mobile terminal. Background technique [0002] When a third party releases an application installation package, it usually generates a public-private key digital certificate through a standard JAVA tool, uses the private key to sign the program, and packages the verified public key certificate into the installation package. When the user installs the installation package file, the public key certificate that comes with the installation package is used to verify the legitimacy of the installation package and the integrity of the file. [0003] In the above-mentioned verification method of the validity of the installation package, the attacker who intends to tamper with the installation package replaces the official public and private keys by adding modified files after the installation package i...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/32H04L29/06G06F21/51
CPCG06F21/51H04L9/3236H04L9/3249H04L63/123
Inventor 任朝荣陈泽含黄鹏乔椿
Owner SHENZHEN SINOSUN TECH