Unlock instant, AI-driven research and patent intelligence for your innovation.

otp generation method, verification method, terminal, server, chip and medium

A security server and server-side technology, applied in user identity/authority verification, encryption device with shift register/memory, digital transmission system, etc., can solve the problem of affecting OTP security and low security guarantee ability of client and verification terminal , Affecting verification security and other issues

Active Publication Date: 2020-12-08
BEIJING SENSESHIELD TECH
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Directly diverting the existing OTP technology to such a scenario will affect the security of OTP
Because the shared key is placed on the client and another client on the user side (hereinafter referred to as the verifier), and compared to the server, the security guarantee capability of the client and the verifier is very low, and the key stored on the client or the verifier If the key is leaked, it will affect the security of the verification

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • otp generation method, verification method, terminal, server, chip and medium
  • otp generation method, verification method, terminal, server, chip and medium
  • otp generation method, verification method, terminal, server, chip and medium

Examples

Experimental program
Comparison scheme
Effect test

no. 1 approach

[0049] figure 1 An application architecture diagram of an embodiment of the method of the present application is shown. The method in this embodiment of the application involves three devices: a client, a verification server (terminal on the user side) and a security server. figure 2 It is a schematic flowchart of the method for generating the OTP of the present application, image 3 It is a schematic flowchart of the OTP verification method of the present application. Refer below Figure 1-3 To describe the scheme of the embodiment of the present application, it should be noted that the method of the present application is not subject to Figure 2-3 Restrictions on the order of steps shown in .

[0050]S101, the client initiates a verification request to the security server.

[0051] S102. The security server uses the first key K1 shared with the verification server in advance to calculate a hash value for the first timestamp, obtains the first hash value mac1, and retu...

no. 2 approach

[0111] Such as Figure 5 As shown, in one embodiment, the method of the present application is applied to OTP (One Time Password, OneTime Password) unlocking of a door lock. The mobile phone APP is the client, the door lock is the authentication server, and the application server of the door lock is the security server.

[0112] When the door lock is produced, a random key is shared between the application server (security server) of the door lock and each door lock (verification server) as the first key K1. When the door lock is installed, the administrator password set by the user is used as the key seed to generate the second key K2.

[0113] The key (first key K1) between the security server and the verification server uses a complex key with a relatively high security level; the key shared between the verification server and the client (the second key K2) is Use a relatively simple key with a relatively low security level, such as a key generated by using the password s...

no. 3 approach

[0118] An embodiment of the present application proposes a user terminal, including a memory, a processor, and a computer program stored on the memory and operable on the processor. The OTP generation method. Specifically, the user terminal may be a mobile phone, a tablet computer, a personal digital assistant (personal digital assistant, PDA), a wearable device, and the like.

[0119] Optionally, the user terminal includes a sender, and the sender initiates a verification request to the security server in a wired or wireless manner, and the processor executes other steps (such as steps S102-S104).

[0120] The embodiment of the present application also proposes a user terminal, including a memory, a processor, and a computer program stored in the memory and operable on the processor. When the processor executes the program, it implements the The OTP verification method described above. The user terminal may be a product in the smart home or security field such as a door loc...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention proposes an OTP generation method, a verification method, a terminal, a server, a chip, and a medium, wherein the cryptographic OTP generation method includes: a client initiates a verification request to a security server; the client receives a first hash from the security server; Column value; wherein, the first hash value is calculated by the security server using a first key pair to the first timestamp, and the first key is a key shared by the security server and the verification server, The first timestamp is used to indicate the time when the client initiates the verification request; the client uses a second key to calculate the first hash value to obtain a second hash value; wherein, The second key is a key shared by the client and the verification server; the client generates an OTP to be verified according to the second hash value. The invention enables both the client and the verifying end to be in the use environment of the user side, and the OTP generating and verifying processes are all safe.

Description

technical field [0001] The present application relates to verification technology, and more specifically, to a method for generating a one-time password OTP, a verification method, a user terminal, a server, a chip and a storage medium. Background technique [0002] One Time Password (OTP for short) refers to a password that can only be used once. Conventional OTP technology involves two interactive ends, one is the client on the user side, and the other is the server on the non-user side. Client and server have a shared secret. The client executes the process of generating the OTP to be verified, and the server executes the process of verifying the OTP to be verified. [0003] In the existing OTP technology, the verification process is completed by the server. However, in some application scenarios, the verification process needs to be implemented by another client on the user side. Directly diverting the existing OTP technology to such a scenario will affect the securi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/08H04L9/06H04L9/32
CPCH04L9/0643H04L9/085H04L9/0863H04L9/3228H04L9/3236
Inventor 刘书深孙吉平念龙龙
Owner BEIJING SENSESHIELD TECH