A web system design method combining slow hash and dynamic salt
A system design and dynamic technology, applied in the related fields of WEB systems, can solve the problems of increasing risks, lack of user calculation, transmission, storage, verification, and many insecure factors, and achieve the effect of ensuring security and safety irreversibility.
Active Publication Date: 2022-05-10
HANGZHOU QUWEI SCI & TECH
View PDF4 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
This method only filters which clients can log in, and lacks the calculation, transmission, storage, verification and other links of the user login process; and these links are often places with many insecure factors
This method only filters which clients can log in, and lacks the calculation, transmission, storage, verification and other links of the user login process; and these links are often places with many insecure factors
[0003] (2) The user login security authentication method, terminal equipment and storage medium of the anti-collision library. This method mainly stipulates the authentication process and storage method of the password when the user logs in; the authentication process does not distinguish between the first encryption process of the client and the server. Second encryption process
In the storage scheme of the invention, since the salt is fixed, this also increases the risk of being "reversed"
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0019] The present invention will be further described below in conjunction with the accompanying drawings and specific embodiments.
[0020] Such as figure 1 In the described embodiment, a web system design method combining slow hash and dynamic salt specifically includes the following steps:
[0021] (1) According to the input user name, the client first queries the server whether the user name exists, if the user name exists, the login process is performed, and the salt of the user in the user table is returned, which is called the old salt here; oldSalt=getUserSaltAPI (inputUsername)
[0022] The user table refers to a user database table structure with a dynamic salt field, which is used to store user information. The indispensable fields of the database table structure are: username, ciphertext password, and salt.
[0023] If the user name does not exist, the login process ends and the registration process starts. The client first randomly generates a registerSalt, and...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a web system design method combining slow hash and dynamic salt. It specifically includes the following steps: According to the input username, the client first queries the username from the server, and returns the old salt of the user in the user table; after entering the password, the client then uses the public slow HASH algorithm Use the old salt as a parameter to calculate the user's old ciphertext password; at the same time, the client randomly generates a new salt salt, and uses the same process to generate a new ciphertext password; during transmission, the parameter security is guaranteed by the parameter signature algorithm or by relying on the Https protocol; the service The end extracts the old ciphertext and then recalculates the ciphertext with the private HASH algorithm, and searches the user table of the database with the user name; if there is a user in the server, update the password. The invention has the beneficial effects of: ensuring the security of password transmission; ensuring that the user's password is not leaked; and the ciphertext is safe and irreversible.
Description
technical field [0001] The present invention relates to the related technical field of WEB system, in particular to a web system design method combining slow hash and dynamic salt. Background technique [0002] The prior art includes the following: (1) a security authentication method for logging into a Web system, a client and a system, the method is usually that the client first sends an authentication request to the server, and then the server performs a login operation after passing the authentication. This method only filters which clients can log in, and lacks links such as calculation, transmission, storage, and verification in the user login process; and these links are often places with many insecure factors. This method only filters which clients can log in, and lacks links such as calculation, transmission, storage, and verification in the user login process; and these links are often places with many insecure factors. . [0003] (2) The user login security auth...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/08H04L9/40
CPCH04L9/0861H04L9/0891H04L9/0825H04L63/0876
Inventor 高海顾湘余赵东奇
Owner HANGZHOU QUWEI SCI & TECH