User authentication method having strengthened integrity and security

Abstract

The present invention relates to a user authentication method having strengthened integrity and security, the user authentication method according to the present invention comprising: a first step for, when a user registration process begins, a user terminal generating a first common authentication key by executing a primary transformation, and providing the first common authentication key, encrypted by executing a secondary transformation, to an authentication server, and the authentication server registering the encrypted first common authentication key; a second step for the authenticationserver generating a first server authentication key, and generating a first server authentication data by means of an OTP arithmetic operation on the first server authentication key; a third step for,when an authentication process begins, the user terminal generating a second common authentication key by executing a primary transformation, and then generating an encrypted second common authentication key by executing a secondary transformation, and generating a first user authentication key and generating a first user authentication data by means of an OTP arithmetic operation on the first user authentication key; and a fourth step for authenticating a user in accordance with whether the first server authentication data and first user authentication data match, or for authenticating the authentication server by determining the authenticity of the authentication server.

Description

technical field [0001] The present invention relates to a user authentication method that strengthens integrity and security, and more specifically, relates to a method that cuts off personal information leakage from the source on an open network, avoids the danger of hacker attacks, strengthens security, and can verify transmitted data Integrity, user authentication method with enhanced integrity and security User authentication method. Background technique [0002] In modern society, compared with face-to-face contact, financial transactions through an online environment or businesses requiring various user authentications are becoming common. Compared with face-to-face contact, online user authentication needs to be accessed more carefully. In most cases, various security programs or control programs including ActiveX and keyboard security programs are required to be installed in user terminals, and electronic certificates or security cards, OTP devices and other securit...

AI Technical Summary

Problems solved by technology

[0004] However, when a user trades with multiple financial institutions, it is necessary to have multiple OTP authentication devices provided by each financial institution. Therefore, consumers need to separately purchase OTP authentication devices from each financial institution, and there is a need to hold multiple OTP authentication devices. Inconvenience of the authentication device, and the inconvenience of having to search for an authentication device for a specific financial institution one by one among multiple OTP authentication devices

[0005] In addition, since the user cannot change the inherent key of the OTP device at will, when the OTP device i

Images