Method for identity authentication based on map information

By generating enhanced text passwords by selecting locations and zoom levels on a map, the problems of low password security and difficulty for users to remember passwords in existing technologies are solved, thereby improving compatibility and security.

CN117009935BActive Publication Date: 2026-07-03SHANGHAI JIAOTONG UNIV

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
SHANGHAI JIAOTONG UNIV
Filing Date
2023-08-09
Publication Date
2026-07-03

Smart Images

  • Figure CN117009935B_ABST
    Figure CN117009935B_ABST
Patent Text Reader

Abstract

A kind of identity authentication password generation system based on map information, through the position selected by user from map and the zoom level parameter of map currently selected by user as map information, after obtaining auxiliary data by quantization calculation, enhanced text password is generated by hash operation;Login stage is calculated by auxiliary data and the map information selected by user to obtain login text password, by comparing login text password and enhanced text password.The present application realizes authentication by using the position point information on map, expands the password space of user, after quantization processing, the robustness of generated text password is guaranteed by using coordinate offset and auxiliary data etc., and the availability of system is improved.At the same time, the present application uses the public interface information of map, so it has good scalability, can be compatible with the use of multiple map plug-ins, including OpenStreetMap, GaoDe map, Baidu map, BingMap etc.mainstream map at home and abroad, enriches the selection space of user, increases availability while also improving security.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to a technology in the field of information security, specifically an identity authentication method based on map information. Background Technology

[0002] Existing password enhancement technologies include setting more complex password strategies, randomly generating complex passwords, and using password management software. These methods have many limitations, such as being easily forgotten, increasing the user's memory burden, relying on third-party software for security, and being highly dependent on the user's memory. In addition, some scholars have proposed using images as passwords to help users remember them; however, this method is difficult to integrate with most existing text-based password systems and is therefore rarely used. Summary of the Invention

[0003] This invention addresses the problems of low password security and difficulty in remembering passwords in existing password generation technologies. It proposes a map-based identity authentication password generation system. By utilizing location points on a map, the system expands the user's password space. After quantification, coordinate offset and auxiliary data are applied to ensure the robustness of the generated text password, improving system usability. Furthermore, this invention utilizes public map interface information, thus possessing good scalability and compatibility with multiple map plugins, including mainstream domestic and international maps such as OpenStreetMap, Gaode Maps, Baidu Maps, and Bing Maps, enriching user choices and enhancing both usability and security. By applying this invention, users can more easily remember their passwords, thereby increasing password strength and protecting user information security. It is also easy to deploy and compatible with traditional text passwords.

[0004] This invention is achieved through the following technical solution:

[0005] This invention relates to an identity authentication method based on map information. The method uses the location selected by the user on the map and the user's current zoom level on the map as map information. After quantification calculation to obtain auxiliary data, an enhanced text password is generated through hash operation. During the login phase, the login text password is calculated by comparing the auxiliary data with the map information selected by the user. Authentication is achieved by comparing the login text password and the enhanced text password.

[0006] The quantization mentioned above refers to determining the quantization scale based on the scaling level parameter. Where: the current map zoom level is Z, and the zoom level when the user view is zoomed in to the finest detail is Z. max When the user view is zoomed out to its widest extent, the zoom level is Z. min The basic value of the quantization scale is

[0007] The basic value of the quantization scale A constant parameter determined based on the actual situation. The larger the value, the stronger the availability, but the lower the security. Conversely, the smaller the value, the lower the availability, but the higher the security.

[0008] The aforementioned quantization calculation refers to dividing the location selected by the user on the map and the user's current zoom level on the map into several sub-areas of size 1. The grid has a corresponding index number. When a user selects a grid as a password, the index number of the quantization grid where that location is located is calculated, which is the quantization result.

[0009] The index number I = [I x I y ],in: During the registration phase, the user selects a location [XY], and the quantification scale is...

[0010] The auxiliary data ρ = [ρ x ρ y ],in: The user selected the location [XY] during registration, and the quantization scale was...

[0011] The comparison refers to comparing the index number I calculated from the location [XY] selected by the user during registration with the index number I' calculated from the location [X'Y'] selected by the user during login. x′ I y′ A comparison between ], where: The auxiliary data is ρ = [ρ x ρ y ],

[0012] The generation of a specific text password refers to the fact that the position [XY] selected by the user during registration and the position [X' Y'] selected by the user during login are both within the error tolerance range. After the above index calculation, the calculated results of I and I' are the same.

[0013] The aforementioned error tolerance, and the above The choice is related. The larger the value, the higher the error tolerance.

[0014] The hash operation described above calculates the text password P using the generated index value I, where P = Hash(I), and the text password is obtained. The hash calculation selects various hash digest algorithms such as SHA2.

[0015] This invention relates to a system for implementing the above method, comprising: a location coordinate picking unit, a quantization index calculation unit, and a text password generation unit, wherein: the location coordinate picking unit provides a user interface; after the user selects a corresponding location, the selected location is converted into location coordinates and passed to the quantization index calculation unit along with the zoom level; the quantization index calculation unit determines the quantization scale based on a predefined quantization scale base value and the zoom level, and calculates the quantized index value, which is then passed to the text password generation unit; the text password generation unit performs a hash operation on the index value and inserts the generated text password into a text password box, thus completing the map-based identity authentication password generation system.

[0016] Technical effect

[0017] This invention achieves secure authentication by accurately converting selected points on a map into text passwords. While maintaining compatibility with existing text password-based authentication systems, it significantly expands the password space. By employing a quantitative processing method, it improves user usability and reduces the system's false rejection rate. The operation is very simple; users only need to remember one or more selected location information on the map to complete the text password generation task and thus complete identity authentication. Attached Figure Description

[0018] Figure 1 This is a flowchart of the registration phase of the present invention;

[0019] Figure 2 This is a flowchart of the login phase of the present invention;

[0020] Figure 3 This is a schematic diagram illustrating the quantization process in an example.

[0021] Figure 4 and Figure 5 This is a schematic diagram illustrating the effect of an example. Detailed Implementation

[0022] This embodiment relates to a method for generating authentication passwords based on map information. After processing the location information selected by the user on the map, a text password based on the user's selected geographic location information is obtained for user authentication. Specifically, the method includes:

[0023] like Figure 1 As shown, the registration phase specifically includes:

[0024] Step 1: Display the user interface. Use CKEditor5 as the text password input box. The user can click on the text password input box to display this plugin above the input box.

[0025] Step 2: Load the required map. Based on the map service provider selected by the user, load the corresponding map through the corresponding JavaScript API and display it to the user. Specifically, a window will pop up on the page where the invention is to be used. The map displayed in the window is 550px wide and 300px high.

[0026] Step 3: The user inputs the geographical location information on the map. The user zooms and pans the map to find the location they want to set as the password. Clicking on the map will pop up some information about the location. After the user confirms the selected location, the map's built-in interface is used to obtain the location information input by the user and the view zoom level Z when the user input this location information. The location information is represented as [Lat, Lng], which is the latitude and longitude of the location currently selected by the user.

[0027] Step 4: Calculate the grid size based on the view zoom level Z. in: To quantify the scale for subsequent steps, Z is a constant, and in this example, it is set to 0.0003. max This refers to the maximum zoom level of the map, Z. mi n refers to the minimum map zoom level, and Z refers to the zoom level when the user selects a location; the value of Z ranges from Z... max With Z min Between, and Z max With Z min The value of depends on the specific implementation of the map provider. This article uses the OpenStreetMap map Z. max With Z min The values ​​are 18 and 0 respectively.

[0028] After obtaining the quantization scale, according to Figure 3 The principle shown applies to the map obtained in step 3. The size is quantized into several grids, starting from 0 degrees east longitude and 90 degrees north latitude.

[0029] In this embodiment The value is 0.0003, and can be increased or decreased as needed for specific applications. The value of Z max The value of Z min The value is map-dependent and is set using, but not limited to, OpenStreetMap, i.e., Z. max With Z min The values ​​are 18 and 0 respectively.

[0030] Step 5: Calculate auxiliary data ρ = [ρ x ρ y It is stored on a local or remote server and loaded during login, wherein:

[0031] The auxiliary data will not expose any user password information. After processing with the auxiliary data, the location selected by the user will be processed as the center of the grid. It is impossible for the user to select the exact same location when logging in as when registering. After this processing, the user only needs to select a nearby location to generate the same text password, thus ensuring the robustness of the present invention.

[0032] Step 6: Calculate the index value I = [I x I y ],in:

[0033] Step 7: Hash the calculated index value I to generate the text password P = SHA256(I), and use CKEditor5 to display the generated text password in the password input box.

[0034] Step 8: Determine if the user has finished the operation. If the user stops generating the password, the process ends here. If the user continues to add, repeat steps 3 to 7 until the user completes the generation of the text password.

[0035] like Figure 2 As shown, the login phase specifically includes:

[0036] Steps a and b are the same as steps 1 and 2 in the registration phase;

[0037] Step c: The user selects the location on the map used when logging in. The location information selected by the user is recorded as [Lat', Lng']. At this time, the zoom level Z will be loaded directly. The purpose of this approach is to consider that there are many view zoom levels. The location selected by the user can be remembered, but the view when the location is selected is difficult to remember. Therefore, the parameter is directly stored and loaded to improve usability.

[0038] Step d is the same as step 4 in the registration phase;

[0039] Step e: Load auxiliary data. Load the auxiliary data ρ generated during the registration phase from the server or local machine. x ρ y ];

[0040] Step f: Calculate the index value I'. From step c, we know that the location selected by the user during login is [Lat; Lng']. From step d, we know that the quantization scale is... From step e, we know that the auxiliary data is ρ = [ρ x ρ y The index to be calculated is I′=[I] x′ I y′ ],but

[0041] Steps g and h are the same as steps 7 and 8 in the registration phase. When the location selected by the user is substantially the same as the location at the time of registration, the user is considered a legitimate user. The scope of the "substantially the same" determination means that the location selected by the current user is within a quantized grid scale centered on the time of registration. Within a grid with sides equal to the specified length, if the generated text password is the same as the one used during registration, the user can be authenticated successfully. Otherwise, the user is considered an unauthorized user and authentication will fail.

[0042] Through specific practical experiments, using OpenStreetMap as the map and quantizing the basic scale values, Under a specific environment setting with a value of 0.0003, the user applied the above method for authentication, and the authentication experiment results are as follows: the false rejection rate (FR) was 5%, and the false acceptance rate (FA) was 0%. Furthermore, theoretical analysis shows that when the map is adjusted to its maximum zoom level (i.e., the most detailed location), the text password generated for each location selected for authentication in this example is equivalent to a 6-character text password consisting of letters, numbers, and special symbols. Moreover, brute-force attacks using existing password cracking tools were ineffective against the method described in this example, significantly improving the security of authentication.

[0043] Compared with existing technologies, this method is easier for users to remember. Compared with traditional password authentication, it provides richer information such as images and geographical locations, which are easier for the human brain to remember. Therefore, the false rejection rate is lower, and legitimate users can more easily complete the authentication. In addition, this method has high security. Through theoretical analysis, the password space of this method is equivalent to the password space of 6 letters + numbers + symbols. Furthermore, it is difficult to crack the system using this method using traditional methods.

[0044] The above-described specific implementations can be partially adjusted by those skilled in the art in different ways without departing from the principles and purpose of the present invention. The scope of protection of the present invention is defined by the claims and is not limited to the above-described specific implementations. All implementation schemes within the scope of the claims are bound by the present invention.

Claims

1. A map information-based identity authentication method characterized by comprising: Using the location selected by the user on the map and the user's current zoom level as map information, auxiliary data is obtained through quantification calculation, and then enhanced text password is generated through hash operation. During the login phase, the login text password is calculated using auxiliary data and the map information selected by the user, and authentication is achieved by comparing the login text password with the enhanced text password. The quantization mentioned above refers to determining the quantization scale based on the scaling level parameter. Where: the current map zoom level is Z, and the zoom level when the user view is zoomed to the finest setting is Z. When the user view is zoomed out to its widest extent, the zoom level is [missing information]. The basic value of the quantization scale is ; The aforementioned quantization calculation refers to dividing the location selected by the user on the map and the user's current zoom level on the map into several units of size 1. The grid has a corresponding index number. When a user selects a grid as a password, the index number of the quantization grid where that location is located is calculated, which is the quantization result. The index number I = [ ],in: = , = During the registration phase, the user selects a location [XY], and the quantification scale is... ; The aforementioned auxiliary data = [ ],in: , The user selected the location [XY] during registration, and the quantization scale was... .

2. The identity authentication method based on map information according to claim 1, characterized in that, The basic value of the quantization scale It is a constant parameter determined based on the actual situation. The larger the value, the stronger the availability, but the lower the security. Conversely, the smaller the value, the lower the availability, but the higher the security.

3. The identity authentication method based on map information according to claim 1, characterized in that, The comparison refers to comparing the index number I calculated from the location [XY] selected by the user during registration with the index number I' calculated from the location [X'Y'] selected by the user during login. A comparison between ], where: = , = Auxiliary data is = [ ].

4. The identity authentication method based on map information according to claim 1, characterized in that, The hash operation is performed by calculating the text password P using the generated index value I, P = Hash(I), to obtain the text password, wherein the hash calculation uses the SHA2 hash digest algorithm.

5. A system for implementing the map-based identity authentication method according to any one of claims 1-4, characterized in that, include: The system comprises a location coordinate picking unit, a quantization index calculation unit, and a text password generation unit. The location coordinate picking unit provides a user interface. After the user selects a location, the selected location is converted into location coordinates and passed to the quantization index calculation unit along with the zoom level. The quantization index calculation unit determines the quantization scale based on the predefined quantization scale base value and the zoom level, calculates the quantized index value, and passes it to the text password generation unit. The text password generation unit performs a hash operation on the index value and inserts the generated text password into the text password box, thus completing the map-based identity authentication password generation system.