WO2009018685A1 - Dispositif et méthode de chiffrement et d'authentification anti-cheval de troie utilisant une clef à usage unique - Google Patents

Dispositif et méthode de chiffrement et d'authentification anti-cheval de troie utilisant une clef à usage unique Download PDF

Info

Publication number
WO2009018685A1
WO2009018685A1 PCT/CN2007/002384 CN2007002384W WO2009018685A1 WO 2009018685 A1 WO2009018685 A1 WO 2009018685A1 CN 2007002384 W CN2007002384 W CN 2007002384W WO 2009018685 A1 WO2009018685 A1 WO 2009018685A1
Authority
WO
WIPO (PCT)
Prior art keywords
authentication
data
server
key
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2007/002384
Other languages
English (en)
Chinese (zh)
Inventor
Kamfu Wong
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to PCT/CN2007/002384 priority Critical patent/WO2009018685A1/fr
Priority to HK11105547.4A priority patent/HK1151402B/xx
Priority to CN200780100187.0A priority patent/CN101933287B/zh
Publication of WO2009018685A1 publication Critical patent/WO2009018685A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash

Definitions

  • the present invention relates to the field of information transmission security, and in particular to an encryption authentication apparatus for authentication and a corresponding authentication method.
  • financial institutions such as banks provide many services that use information technology, such as online banking services, mobile banking services, online securities trading services, etc. These services are generally
  • the user's transaction information is transmitted to the financial institution through the network. After the financial institution verifies the user's transaction information, the corresponding operation is performed according to the information content.
  • Some financial institutions use some two-factor authentication methods to combat hackers, such as using a Token Device, when a user logs into a financial institution's server.
  • the security encoder generates a code.
  • the user In addition to entering the correct user password, the user must enter the correct code to log in to the financial institution's server.
  • These security encoders usually have a built-in key.
  • the security coder When used, the security coder generates a security code by complex algorithm calculation according to factors such as time, and uses the same key in the financial institution's server, according to time. The factor is calculated by the same algorithm to generate a code.
  • the identity of the security coder can be authenticated, and the user password is checked. At the same time, the security code and user password can be authenticated to log in successfully.
  • this two-factor authentication method can improve the problem of network security, there are still some departments. The network security problem has not been properly solved. For example, some hackers use various intrusion methods to place the Trojan horse on the user's computer. When the user connects to the financial institution's server, the Trojan is used to steal the user's data, including the account number. , the account password and the security code entered by the user, etc.
  • Some hackers even create a fake financial institution's website, tricking the user into entering the transaction information on the counterfeit financial institution's website, and then the hacker logs in to the financial institution based on the stolen data. The server, then stealing money from the user's account.
  • the object of the present invention is achieved by using such an encryption authentication device for identity authentication, characterized in that the main structure of the encryption authentication device (1) comprises a main chip (101) and a keyboard (102).
  • various scheduled functions including encrypting data, storing data, Reading the data input by the user through the keyboard (102), displaying the prompt information through the display screen (103), sending the authentication data to the server (4) through the communication interface (104), and encrypting the authentication device
  • the server (4) uses the paired key (B) to decrypt the data and restore the data input by the user, and check the data content, and after verifying, the user's identity authentication is successful, and then the server (4) The corresponding operation is performed according to the data content; and, the main chip (101) further includes a unique device number (105) and a plurality of keys (A) and a plurality of index numbers (C), each index number (C) corresponds to a key (A), and, each index number
  • the encryption authentication device (1) of the present invention uses a disposable key (A) as an encryption and authentication means, and a keyboard (102) is provided on the encryption authentication device (1) for the user to input data. Including the user password, operation instructions, account number and other data, and then encrypt the data with the key (A), and then transmitted to the server (4) via the network (3) through the terminal (2), which is used by the server (4)
  • the key (B) paired with the key (A) decrypts the data and restores the user password, operation instruction, account number and other data, so that even if the data is intercepted by the hacker during the transmission process, the data is encrypted and used.
  • End-of-life key (A) encryption there is no connection between each key (A) and other keys (A), so that the hacker can not crack, plus the data is from the keyboard of the encryption authentication device (1) (102) Input, the encrypted authentication device (1) is physically separated from the user's computer. Even if the hacker uses a Trojan to invade the user's computer, the Trojan can't read the encryption. Means (1) a keyboard on the key input data (102).
  • the server (4) is provided with a plurality of authentication accounts (401), and each authentication account (401) corresponds to an encrypted authentication device (1), and the account is stored in the authentication account (401)
  • Corresponding cryptographic authentication device (1) device number (105) and an account password each authentication account (401) stores multiple keys (B) and multiple index numbers (C), each index number
  • each authentication account (401) corresponds to a key (B)
  • the key (B) in each authentication account (401) is paired with the key ( ⁇ ) in the encrypted authentication device (1) of the account, each The key ( ⁇ ) has a paired key ( ⁇ ), and each pair of paired keys ( ⁇ ) and key ( ⁇ ) have the same index number (C).
  • a plurality of pairs of keys and a plurality of sequential index numbers are generated in a random manner by the server (4) in advance by various methods.
  • each pair of keys is assigned an index number (C), and then each pair of keys is stored together with the assigned index number (C) to the main chip (101) and authentication of the encrypted authentication device (1) Account
  • Another feature of the present invention is that, each time the main chip (101) of the encryption authentication device (1) encrypts the data, an unused key ( ⁇ ) is extracted from the main chip (101) according to a predetermined program. Encryption, and, after the main chip (101) encrypts the data, the key ( ⁇ ) is deleted or discarded or marked as used, so that the key ( ⁇ ) will not be used again by the main chip (101). use. And, each time the server (4) decrypts the data, a key (()) paired with the data is decrypted from the authentication account (401) according to a predetermined program, and the server (4) decrypts the data.
  • the key ( ⁇ ) will be deleted or discarded or marked as used, so that the key ( ⁇ ) will not be used by the server (4) again.
  • using such an encrypted authentication telecommunications system for user identity authentication purposes, particularly for the financial industry including using the aforementioned encryption authentication device (1), terminal (2), network (3), server (4) , wherein the encryption authentication device (1) is independent of the terminal (2) and is disposed separately from the terminal (2), and each encryption authentication device (1) in the system is registered in the server (4) and is respectively
  • the server (4) recognizes that a paired key (A, B) is respectively provided in the encryption authentication device (1) and the server (4), and the encryption process is performed in the encryption authentication device (1), using the key ( A) forming a ciphertext, which is transmitted to the server (4) via the terminal (2) and the network (3), and the server (4) decrypts the ciphertext by using the paired key (B), and the decryption succeeds, and the system is successfully identified. Enter the next scheduled program.
  • the method includes the user logging in to the server (4) by using the terminal (2),
  • the user inputs the account authentication password (1) into the data to be authenticated, and the encrypted authentication device (1) encrypts the data to be authenticated into the ciphertext, and then passes the terminal (2) via the network (3).
  • the ciphertext is transmitted to the server (4), and the server (4) decrypts the ciphertext to restore the data that needs to be authenticated.
  • the server (4) checks that the data to be authenticated is correct, the user's identity authentication is successful, and the server can be logged in (4).
  • the advantage of the encryption authentication device (1) of the present invention is that each key is used only once, and is used up and down, and is not reused, so that the hacker cannot crack the key or data content from the encrypted data, and encrypts
  • the authentication device (1) is provided with a keyboard (102) for the user to input important data. Even if the hacker uses a Trojan horse to invade the user's computer, the hacker cannot steal important data input by the user, and is particularly suitable for applications such as online banking and online transactions.
  • FIG. 1 is a schematic explanatory diagram of the cryptographic authentication apparatus (1) of the present invention.
  • FIG. 2 is a schematic explanatory view showing the outline of another outline of the encryption authentication apparatus (1) of the present invention
  • FIG. 3 is a schematic explanatory diagram of the encryption authentication apparatus (1) having the USB interface (104)
  • FIG. 5 is a block diagram showing an encrypted authentication device (1) having an English keyboard (102);
  • FIG. 5 is a block diagram showing an encrypted authentication device (1) of the present invention
  • Fig. 6 is a schematic explanatory view showing the steps of the encryption authentication device (1) of the present invention and the server (4) in use. '
  • FIG. 1 is a schematic explanatory view of the cryptographic authentication apparatus (1) of the present invention
  • FIG. 2 is a schematic explanatory diagram of another outline of the cryptographic authentication apparatus (1) of the present invention
  • 3 is a schematic explanatory view of the encryption authentication device (1) including the USB interface (104)
  • FIG. 4 is a schematic explanatory view of the encryption authentication device (1) having the English keyboard (102).
  • FIG. 5 is a block diagram showing the structure of the encryption authentication apparatus (1) of the present invention.
  • the main structure of the encryption authentication apparatus (1) shown in the figure includes a main chip (101), a keyboard (102), a display screen (103), a communication interface (104), wherein the main chip (101) is provided with a CPU and a memory, and is connected with other components, and operates according to a predetermined program to implement authentication of the user on the server.
  • (A) Encrypt the data and transmit it to the server (4) through the terminal (2) and the network (3).
  • the server (4) decrypts the data using the paired key (B) to restore the data entered by the user. , and check the content of the data, after verifying that the user's identity is authenticated successfully, then the server
  • the main chip (101) also includes a unique device number ( 105) and a plurality of keys ( A) and a plurality of index numbers (C), each An index number (C) corresponds to a key (A), and each index number (C) is different from each other.
  • the communication interface (104) shown may be a wireless communication device, or a wired communication device, or a Bluetooth device, or an infrared device, or a USB interface, or an SD memory card interface, or a MINI-SD memory.
  • FIG. 6 is a schematic diagram showing the steps of the encryption authentication apparatus (1) and the server (4) in use of the present invention.
  • the server (4) shown in the figure is provided with a plurality of authentication accounts (401).
  • Each authentication account (401) corresponds to an encrypted authentication device (1), and the authentication account (401) stores the device number (105) of the encrypted authentication device (1) corresponding to the account and an account password, and each authentication account (401) stores multiple keys (B) and multiple index numbers (C), Each index number (C) corresponds to a key (B), and the key (B) in each authentication account (401) is paired with the key (A) in the encrypted authentication device (1) of the account.
  • each key (B) has a matching key (A), and each pair of paired keys (A) and keys (B) have the same index number (C).
  • the key (A) and the key (B) are generated in advance by the server (4) in a random manner by various methods.
  • the key (A) is stored in the main chip (101) of the encryption authentication device (1), only the master The chip (101) can have internal access to the key (A) without any external access to secure the key (A).
  • each time the main chip (101) of the encryption authentication device (1) encrypts the data an unused key (A) is extracted from the main chip (101) according to a predetermined program to encrypt the data, and the main chip (101) After encrypting the data, the key (A) is deleted or discarded or marked as used, so that the key (A) is not used again by the main chip (101).
  • each time the server (4) decrypts the data a key paired with the data is extracted from the authentication account (401) according to a predetermined program (B), the data is decrypted, and the server (4) decrypts the data.
  • the key (B) is deleted or discarded or marked as used, so that the key (B) will not be used by the server (4) again. Since the key (A) and the key (B) are used up and down, each key is used only once. When the key (A) in the encryption authentication device (1) is used up, the encryption authentication device is used. (1) If you cannot continue to use it, the user must replace the new encryption authentication device (1). If the encryption authentication device (1) stores 10,000 keys (A) and uses an average of 10 calculations per day, it can be used. 3 years.
  • the key (A) and the key (B) use a one-time password (One Time Pad or Vernam- cipher).
  • the so-called one-time password is a randomly generated secret that is as long as the message.
  • the key, the key and the message are subjected to the "X0R" operation of the bit to generate the ciphertext, and the same key and the appropriate algorithm are applied during the decryption, so that the restored message can be conveniently decrypted due to the key. It is used only once and then discarded, so it cannot be cracked. It is the simplest safe and fast encryption algorithm.
  • the encryption authentication device (1) of the present invention can also adopt other encryption algorithms in addition to the One Time Pad encryption algorithm, and can also achieve the object of the present invention well.
  • the encryption algorithms that can be used include:
  • PKI Public Key Infrastructure
  • the encrypted data content further includes verification data to ensure that the data is not tampered, and the verification data is encrypted.
  • the data is generated by a check algorithm including one of the following:
  • the server (4) uses the same verification algorithm to detect whether the data has been tampered with.
  • the power-on password protection encryption authentication device (1) can also be used without being stolen, that is, the main chip (101) of the encryption authentication device (1) is further provided with a power-on password, each time before using the encryption authentication device (1).
  • the user must enter the correct power-on password through the keyboard (102) in order to perform various operations using the encrypted authentication device (1).
  • the server (4) refers to various types of computer hosts for users to log in, and the server (4) may be an account server of each financial institution, or a bank account system server, or any computer that needs to verify the legality of the user's identity, etc.
  • the terminal device (2) refers to a terminal device connected to the server (4), and may be a terminal device that requires an authenticated user identity, such as a computer, or a computer terminal, or an ATM machine, by the encryption authentication device of the present invention (1) ), the validity of the user identity of the login server (4) can be reliably verified.
  • steps for authenticating by the encrypted authentication device (1) when the user logs in to the server (4) are included, which are steps for authenticating by the encrypted authentication device (1) when the user logs in to the server (4), and the specific steps are as follows:
  • the user uses the terminal (2) to connect to the server (4) via the network (3), enters the account password and other data on the keyboard (102) of the encryption authentication device (1), and encrypts the master in the authentication device (1).
  • the chip (101) calculates the authentication data including the verification data by using a predetermined verification algorithm by the data and device number (105) input by the user, and then extracts an unused key ( ⁇ ) in the main chip (101).
  • the authentication data is encrypted into ciphertext, and the index number (C) corresponding to the key ( ⁇ ) is extracted, and the master chip (101) encrypts the authentication data and deletes or discards or marks the key ( ⁇ ) as use;
  • Encryption authentication device (1) Display the ciphertext together with the index number (C) to the user through the display (103), and then the user enters the login name and the density displayed on the display (103) on the terminal (2).
  • Information such as text content and index number (C);
  • the user enters the login name on the terminal (2), then connects the communication interface (104) of the encrypted authentication device (1) with the terminal (2), and transmits the ciphertext along with the index number (C) via the communication interface (104).
  • the terminal (2) transmits the login name, ciphertext and index number (C) to the server (4) via the network (3);
  • the server (4) finds the user's authentication account (401) from the login name, and extracts the key (B) corresponding to the index number (C) from the authentication account (401) from the index number (C).
  • the decryption restores the authentication data, and the server (4) decrypts the ciphertext and deletes or discards the key (B) as used, and verifies the authentication data and restores the device number through a predetermined verification algorithm (105).
  • the network (3) sends a message to the terminal (2) notifying the user that the server has been successfully logged in (4).
  • the ciphertext in order to facilitate the user to view the content displayed on the display screen (103), the ciphertext can be displayed on the display screen (103) together with the index number (C) in a group of four characters. Separated by a space or "-" between the character group and the character group, it is convenient for the user to view the display content, which can reduce the user's mistake due to the wrong content.
  • the encryption authentication device (1) and the authentication method of the invention are safe and reliable, and the user can input important data through the keyboard (102) on the encryption authentication device (1), even if the hacker uses the Trojan horse program to invade the user's computer, the user can only steal the user at most. In the data entered on the computer keyboard, the hacker is unable to steal important data entered by the user in the encrypted authentication device (1).
  • the implementation of the present invention will bring about great social benefits.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Storage Device Security (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Computer And Data Communications (AREA)

Abstract

L'invention porte sur un dispositif un système et une méthode de chiffrement et d'authentification anti-cheval de Troie comprenant les étapes suivantes: saisie au clavier (102) des informations utilisateur incluant le mot de passe, la somme de la transaction et le numéro du compte. Les informations utilisateur sont chiffrées par la clef (A) puis sont envoyées au serveur (4) via le terminal utilisateur (2) et le réseau (3). Le serveur décrypte les informations reçues avec la clef (B). Comme la clef (A) à usage unique utilisée chaque fois n'a aucune relation avec d'autre clefs (A), les informations sont sûres, même si elles sont obtenu par un pirate informatique lors du processus de transmission. Simultanément, les informations sont introduites au clavier (102) du dispositif de chiffrement et d'authentification (1). Le pirate informatique ne peut donc pas obtenir les informations introduites au clavier (102) du dispositif du chiffrement et d'authentification (1), même si le cheval de Troie a envahi l'ordinateur de l'utilisateur.
PCT/CN2007/002384 2007-08-08 2007-08-08 Dispositif et méthode de chiffrement et d'authentification anti-cheval de troie utilisant une clef à usage unique Ceased WO2009018685A1 (fr)

Priority Applications (3)

Application Number Priority Date Filing Date Title
PCT/CN2007/002384 WO2009018685A1 (fr) 2007-08-08 2007-08-08 Dispositif et méthode de chiffrement et d'authentification anti-cheval de troie utilisant une clef à usage unique
HK11105547.4A HK1151402B (en) 2007-08-08 The device and the method of encrypting and authenticating against trojan horse with one time key
CN200780100187.0A CN101933287B (zh) 2007-08-08 2007-08-08 对抗木马程式用完即弃一次性密钥的加密认证装置和方法

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2007/002384 WO2009018685A1 (fr) 2007-08-08 2007-08-08 Dispositif et méthode de chiffrement et d'authentification anti-cheval de troie utilisant une clef à usage unique

Publications (1)

Publication Number Publication Date
WO2009018685A1 true WO2009018685A1 (fr) 2009-02-12

Family

ID=40340930

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2007/002384 Ceased WO2009018685A1 (fr) 2007-08-08 2007-08-08 Dispositif et méthode de chiffrement et d'authentification anti-cheval de troie utilisant une clef à usage unique

Country Status (2)

Country Link
CN (1) CN101933287B (fr)
WO (1) WO2009018685A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112242013A (zh) * 2019-07-18 2021-01-19 冯成光 应用随机码加密的通讯系统

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105721541B (zh) * 2016-01-13 2018-11-16 大连楼兰科技股份有限公司 远程控制车辆的方法及其系统

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1332425A (zh) * 2000-07-10 2002-01-23 黄金富 采用动态密码的认证付款的方法和相应的电子装置
WO2002045339A1 (fr) * 2000-11-29 2002-06-06 Temasek Polytechnic Systeme et procede ameliores d'autorisation pour securite informatique
CN1427351A (zh) * 2001-12-17 2003-07-02 北京兆日科技有限责任公司 动态电子密码设备及其资源共享系统的用户身份认证方法
CN1588846A (zh) * 2004-09-08 2005-03-02 中国工商银行 一种网络中动态加密装置及其口令认证方法
CN1622508A (zh) * 2004-12-13 2005-06-01 刘云清 基于动态密码表的动态密码生成和认证系统及方法
WO2007051769A1 (fr) * 2005-11-02 2007-05-10 Gemplus Procede de depot securise de donnees numeriques, procede associe de recuperation de donnees numeriques, dispositifs associes pour la mise en œuvre des procedes, et systeme comprenant les dits dispositifs
CN1992592A (zh) * 2005-12-30 2007-07-04 腾讯科技(深圳)有限公司 动态口令认证系统和方法

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FI102235B1 (fi) * 1996-01-24 1998-10-30 Nokia Telecommunications Oy Autentikointiavainten hallinta matkaviestinjärjestelmässä
EP1272948A1 (fr) * 1999-04-12 2003-01-08 Digital Media on Demand, Inc. ( DMOD, Inc.) Systeme de commerce electronique sur
KR20010011667A (ko) * 1999-07-29 2001-02-15 이종우 보안 기능을 갖는 키보드 및 이를 이용한 시스템
CN100589381C (zh) * 2004-12-14 2010-02-10 中兴通讯股份有限公司 一种通信系统中用户身份保密的方法
CN1851740A (zh) * 2006-06-02 2006-10-25 上海华申智能卡应用系统有限公司 基于传统终端交易形式的银行网银业务处理方法
CN1921392B (zh) * 2006-09-19 2015-03-04 飞天诚信科技股份有限公司 一种智能密钥设备

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1332425A (zh) * 2000-07-10 2002-01-23 黄金富 采用动态密码的认证付款的方法和相应的电子装置
WO2002045339A1 (fr) * 2000-11-29 2002-06-06 Temasek Polytechnic Systeme et procede ameliores d'autorisation pour securite informatique
CN1427351A (zh) * 2001-12-17 2003-07-02 北京兆日科技有限责任公司 动态电子密码设备及其资源共享系统的用户身份认证方法
CN1588846A (zh) * 2004-09-08 2005-03-02 中国工商银行 一种网络中动态加密装置及其口令认证方法
CN1622508A (zh) * 2004-12-13 2005-06-01 刘云清 基于动态密码表的动态密码生成和认证系统及方法
WO2007051769A1 (fr) * 2005-11-02 2007-05-10 Gemplus Procede de depot securise de donnees numeriques, procede associe de recuperation de donnees numeriques, dispositifs associes pour la mise en œuvre des procedes, et systeme comprenant les dits dispositifs
CN1992592A (zh) * 2005-12-30 2007-07-04 腾讯科技(深圳)有限公司 动态口令认证系统和方法

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112242013A (zh) * 2019-07-18 2021-01-19 冯成光 应用随机码加密的通讯系统

Also Published As

Publication number Publication date
CN101933287A (zh) 2010-12-29
CN101933287B (zh) 2015-11-25
HK1151402A1 (en) 2012-01-27

Similar Documents

Publication Publication Date Title
CN112425114B (zh) 受公钥-私钥对保护的密码管理器
US8365262B2 (en) Method for automatically generating and filling in login information and system for the same
JP5981610B2 (ja) 電子取引用のネットワーク認証方法
CN101334884B (zh) 提高转账安全性的方法和系统
TWI512524B (zh) 身份驗證系統及方法
CN100566255C (zh) 提高智能密钥设备安全性的方法和系统
CN107925581A (zh) 1:n生物体认证、加密、署名系统
US20140258718A1 (en) Method and system for secure transmission of biometric data
CN106326763A (zh) 获取电子文件的方法及装置
TW201108696A (en) Account identification system, method and peripheral device of performing function thereof
CN115529591B (zh) 基于令牌的认证方法、装置、设备及存储介质
CN101335754B (zh) 一种利用远程服务器进行信息验证的方法
CN101808077B (zh) 信息安全输入处理系统和方法以及智能卡
CN103929308B (zh) 应用于rfid卡的信息验证方法
CN102468962A (zh) 利用个人密码装置的个人身份验证方法及个人密码装置
CN101222334B (zh) 一种采用图片干扰的密码令牌安全认证方法
WO2007121631A1 (fr) Système et procédé de certification bancaire électronique sécurisée
KR101616795B1 (ko) Pki 기반의 개인키 파일 관리 방법 및 그 시스템
CN101547098B (zh) 公共网络数据传输安全认证方法及系统
CN101933315B (zh) 可对抗木马程式采用用完即弃一次性密钥的加密认证键盘
WO2009018685A1 (fr) Dispositif et méthode de chiffrement et d'authentification anti-cheval de troie utilisant une clef à usage unique
WO2011060739A1 (fr) Système et procédé de sécurité
WO2008022559A1 (fr) Dispositif et procédé permettant une utilisation sûre d'un service réseau sans qu'il soit nécessaire de reposer sur la sécurité côté client
WO2023022584A1 (fr) Système et procédé de décentralisation d'identification numérique
CN105681292B (zh) 一种利用安全键盘进行网络交易的办法

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200780100187.0

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07800687

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07800687

Country of ref document: EP

Kind code of ref document: A1