技术领域technical field
本发明涉及通信领域,并且更具体地,涉及通信领域中传输密码的方法和装置。The present invention relates to the field of communication, and more particularly, to a method and device for transmitting passwords in the field of communication.
背景技术Background technique
随着网上业务的逐渐增多,密码的安全性备受关注。黑客偷密码、电话骗密码以及其他盗取密码的新奇方式层出不穷,令人防不胜防。保证密码的安全性成为大家共同关注的问题。With the gradual increase of online businesses, the security of passwords has attracted much attention. Hackers stealing passwords, spoofing passwords by phone, and other novel ways to steal passwords emerge in an endless stream, which is hard to guard against. Ensuring the security of passwords has become a common concern of everyone.
目前,在网上银行、第三方支付、电信行业内外应用等多种场合下,通过短信密码和U盾来改善密码的安全性。At present, in various occasions such as online banking, third-party payment, and internal and external applications in the telecommunications industry, SMS passwords and USB shields are used to improve the security of passwords.
在短信密码相关的技术中,短信网关将服务器生成的随机动态密码通过手机短信发送到客户手机上,客户在登陆或交易认证时输入此动态密码。该动态密码一次有效,过期使用失效。虽然通过短信密码可以一定程度提升密码的安全性,但是短信密码是发送给一个手机的,当账号和手机同时泄漏时,用户的财产等就存在风险。此外,短信密码保护的资产只有一个资产责任人,如果需要保护的资产是诸如夫妻共有财产之类的共同财产,那么应该共同所有人共同同意才能动用共同财产,但是在现有的短信密码的机制下,只要有一个人获取到短信密码,就可以动用共同财产,这对其他共同所有人而言是不安全的。In the technology related to SMS password, the SMS gateway sends the random dynamic password generated by the server to the customer's mobile phone through SMS, and the customer enters this dynamic password when logging in or transaction authentication. The dynamic password is valid for one time and becomes invalid when it expires. Although the security of the password can be improved to a certain extent through the SMS password, the SMS password is sent to a mobile phone. When the account number and the mobile phone are leaked at the same time, the user's property and so on are at risk. In addition, there is only one person responsible for the assets protected by SMS passwords. If the assets to be protected are joint property such as the joint property of the husband and wife, the common property should only be used with the consent of the joint owners. However, under the existing SMS password mechanism Under this circumstance, as long as one person obtains the SMS password, the common property can be used, which is not safe for other joint owners.
在U盾相关的技术中,在U盾中主要保存有数字证书和用户私钥。当登陆网银系统时,在电脑上插入USB Key,然后输入PIN(PersonalIdentification Number,个人识别号码)码。如果验证通过,则可以进行相关交易。但是,由于PIN码是在用户电脑上输入的,因此黑客仍然可以通过程序截取用户PIN码,如果用户不及时取走USB Key,那么黑客可以通过截获的PIN码来取得虚假认证,这仍然存在安全隐患。Among the technologies related to the USB-shield, digital certificates and user private keys are mainly stored in the USB-shield. When logging into the online banking system, insert the USB Key into the computer, and then enter the PIN (Personal Identification Number, personal identification number) code. If the verification is passed, related transactions can be carried out. However, because the PIN code is entered on the user's computer, the hacker can still intercept the user's PIN code through the program. If the user does not take the USB Key in time, the hacker can obtain false authentication through the intercepted PIN code, which is still safe. Hidden danger.
发明内容Contents of the invention
本发明实施例提供了传输密码的方法和装置,可以避免在一个用户终端上呈现密码而存在的安全隐患,从而可以提高密码的安全性。The embodiments of the present invention provide a method and device for transmitting passwords, which can avoid potential safety hazards caused by presenting passwords on a user terminal, thereby improving the security of passwords.
第一方面,本发明提供了一种传输密码的方法,包括:获取密码;将所述密码处理成至少两部分内容,其中,所述至少两部分内容互不相同,所述至少两部分内容包括第一码段和第二码段,通过所述第一码段构成的第一码,解密所述第二码段构成的第二码,能够得到所述密码;分别向至少两个用户终端中的每个用户终端发送所述至少两部分内容中的至少一部分内容,以使所述每个用户终端收到的部分内容相互不重合,所述用户终端根据收到的所述至少两部分内容得到所述密码。In a first aspect, the present invention provides a method for transmitting a password, including: obtaining a password; processing the password into at least two parts of content, wherein the at least two parts of content are different from each other, and the at least two parts of content include The first code segment and the second code segment can obtain the password by decrypting the second code formed by the second code segment through the first code formed by the first code segment; Each user terminal sends at least a part of the at least two parts of content, so that the parts of the content received by each user terminal do not overlap each other, and the user terminal obtains according to the received at least two parts of content the password.
第二方面,本发明提供了一种传输密码的方法,包括:获取密码;将所述密码处理成至少两部分内容,其中,所述至少两部分内容互不相同,所述密码分成预定段数的密码段,所述预定段数至少为2段,所述至少两部分内容中的任一部分内容包括所述预定段数的密码段中的至少一段密码段;分别向至少两个用户终端中的每个用户终端发送所述至少两部分内容中的至少一部分内容,其中,所述每个用户终端收到的部分内容相互不重合,以使用户根据所述至少两个用户终端根据收到的所述至少两部分内容得到所述密码。In a second aspect, the present invention provides a method for transmitting a password, including: obtaining a password; processing the password into at least two parts of content, wherein the at least two parts of content are different from each other, and the password is divided into a predetermined number of segments. A password segment, the predetermined number of segments is at least 2 segments, any part of the at least two parts of content includes at least one segment of the password segment of the predetermined number of segments; each user in at least two user terminals The terminal sends at least a part of the at least two parts of content, wherein the parts of the content received by each user terminal do not overlap with each other, so that the user can use the at least two user terminals according to the received at least two parts. Part of the content gets said password.
第三方面,本发明提供了一种用于传输密码的装置,包括:获取模块,用于获取密码;处理模块,用于将所述密码处理成至少两部分内容,其中,所述至少两部分内容互不相同,所述至少两部分内容包括第一码段和第二码段,通过所述第一码段构成的第一码,解密所述第二码段构成的第二码,能够得到所述密码;发送模块,用于分别向至少两个用户终端中的每个用户终端发送所述至少两部分内容中的至少一部分内容,以使所述每个用户终端收到的部分内容相互不重合,所述用户终端根据收到的所述至少两部分内容得到所述密码。In a third aspect, the present invention provides a device for transmitting passwords, including: an acquisition module, configured to acquire passwords; a processing module, configured to process the passwords into at least two parts, wherein the at least two parts The contents are different from each other, the at least two parts of content include a first code segment and a second code segment, and by decrypting the second code formed by the second code segment through the first code formed by the first code segment, it can be obtained The password; a sending module, configured to send at least a part of the at least two parts of content to each of at least two user terminals, so that the parts of the content received by each user terminal are different from each other Coincidentally, the user terminal obtains the password according to the received at least two parts of content.
第四方面,本发明提供了一种用于传输密码的装置,包括:获取模块,用于获取密码;处理模块,用于将所述密码处理成至少两部分内容,其中,所述至少两部分内容互不相同,所述密码分成预定段数的密码段,所述预定段数至少为2段,所述至少两部分内容中的任一部分内容包括所述预定段数的密码段中的至少一段密码段;发送模块,用于分别向至少两个用户终端中的每个用户终端发送所述至少两部分内容中的至少一部分内容,其中所述每个用户终端收到的部分内容相互不重合,以使用户根据所述至少两个用户终端根据收到的所述至少两部分内容得到所述密码。In a fourth aspect, the present invention provides a device for transmitting passwords, including: an acquisition module, configured to acquire passwords; a processing module, configured to process the passwords into at least two parts, wherein the at least two parts The content is different from each other, the password is divided into a predetermined number of code segments, the predetermined number of segments is at least 2 segments, and any part of the at least two parts of content includes at least one of the predetermined number of code segments; A sending module, configured to send at least a part of the at least two parts of content to each of the at least two user terminals, wherein the parts of the content received by each user terminal do not overlap with each other, so that the user Obtaining the password according to the at least two user terminals according to the received at least two parts of content.
基于上述技术方案,通过将密码处理成至少两部分内容,可以将不同部分的内容发送到不同的用户终端,这样可以避免在一个用户终端上呈现完整密码而存在的安全隐患,从而可以提高密码的安全性。Based on the above technical solution, by processing the password into at least two parts, different parts of the content can be sent to different user terminals, which can avoid the potential security risks of presenting a complete password on a user terminal, thereby improving the security of the password. safety.
附图说明Description of drawings
为了更清楚地说明本发明实施例的技术方案,下面将对实施例中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to illustrate the technical solutions of the embodiments of the present invention more clearly, the accompanying drawings used in the embodiments will be briefly introduced below. Obviously, the accompanying drawings in the following description are only some embodiments of the present invention. Those skilled in the art can also obtain other drawings based on these drawings without any creative work.
图1是根据本发明实施例的传输密码的方法的流程图。Fig. 1 is a flowchart of a method for transmitting a password according to an embodiment of the present invention.
图2是利用本发明实施例提供的方法进行密码传输的第一例子的示意图。Fig. 2 is a schematic diagram of a first example of password transmission using the method provided by the embodiment of the present invention.
图3是利用本发明实施例提供的方法进行密码传输的第二例子的示意图。Fig. 3 is a schematic diagram of a second example of password transmission using the method provided by the embodiment of the present invention.
图4是根据本发明实施例的用于传输密码的装置的结构框图。Fig. 4 is a structural block diagram of a device for transmitting passwords according to an embodiment of the present invention.
图5是根据本发明实施例的用于传输密码的另一装置的结构框图。Fig. 5 is a structural block diagram of another device for transmitting passwords according to an embodiment of the present invention.
具体实施方式Detailed ways
下面将结合本发明实施例中的附图,对本发明实施例的技术方案进行清楚、完整地描述,显然,所描述的实施例是本发明的一部分实施例,而不是全部实施例。基于本发明中的所述实施例,本领域技术人员在没有做出创造性劳动的前提下所获得的所有其他实施例,都应属于本发明保护的范围。The following will clearly and completely describe the technical solutions of the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are part of the embodiments of the present invention, not all of them. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative efforts shall fall within the protection scope of the present invention.
首先,结合图1描述根据本发明实施例的传输密码的方法100。First, a method 100 for transmitting a password according to an embodiment of the present invention is described with reference to FIG. 1 .
如图1所示,方法100包括:在S110中,获取密码;在S120中,将密码分成至少两部分内容,至少两部分内容互不相同;在S130中,分别向至少两个用户终端中的每个用户终端发送至少两部分内容中的至少一部分内容,以使每个用户终端收到的部分内容相互不重合,用户终端根据收到的至少两部分内容得到密码。As shown in Figure 1, the method 100 includes: in S110, obtaining a password; in S120, dividing the password into at least two parts, the contents of which are different from each other; in S130, sending the password to at least two user terminals respectively Each user terminal sends at least a part of the at least two parts of content, so that the parts of content received by each user terminal do not overlap with each other, and the user terminal obtains the password according to the received at least two parts of content.
例如,方法100可以由被配置来对密码进行处理并发送处理后得到的各部分的装置执行,该装置可以是独立的网络设备,也可以被集成到现有的网络设备中。在下文中,对密码进行处理并发送的装置也被称为密码处理装置。接下来,详细描述根据本发明实施例的S110至S130。For example, the method 100 may be performed by an apparatus configured to process the password and send the processed parts. The apparatus may be an independent network device or be integrated into an existing network device. Hereinafter, a device that processes and transmits a cipher is also referred to as a cipher processing device. Next, S110 to S130 according to an embodiment of the present invention are described in detail.
在S110中,密码处理装置可以从用于生成密码或存储密码的服务器获取密码,该密码处理装置可以是独立的网络设备或其一部分,也可以被集成在用于生成密码或存储密码的服务器中。该服务器可以在收到用户发送的请求生成密码的请求消息时生成密码并发送给密码处理装置,也可以周期性向密码处理装置发送动态更新的随机密码,还可以在用户请求获取密码时将预先存储的密码发送给密码处理装置。In S110, the password processing device may obtain the password from the server for generating or storing the password, and the password processing device may be an independent network device or a part thereof, or be integrated in the server for generating or storing the password . The server can generate a password and send it to the password processing device when receiving a request message from the user requesting to generate a password, or can periodically send a dynamically updated random password to the password processing device, and can also store it in advance when the user requests to obtain a password. The password is sent to the password processing device.
密码处理装置通过查询预先设置在密码处理装置内的与目标用户相关的信息,可以确定与目标用户对应的至少两个用户终端。用户终端可以包括手机、个人计算机、个人数字助手等。在密码处理装置中,用户终端的表现形式可以是手机号,也可以是IP地址,还可以是能够唯一确定终端的其他形式。当然,目标用户可以不只一个。The cryptographic processing device can determine at least two user terminals corresponding to the target user by querying information related to the target user preset in the cryptographic processing device. User terminals may include cell phones, personal computers, personal digital assistants, and the like. In the cryptographic processing device, the representation form of the user terminal may be a mobile phone number, an IP address, or other forms that can uniquely identify the terminal. Of course, there may be more than one target user.
在S120中,密码处理装置将S110中获取的密码处理成至少两部分内容。密码处理装置可以直接对密码进行拆分,也可以根据加密算法等对密码进行分解。处理后得到的每部分内容包含至少一个字符。In S120, the password processing device processes the password acquired in S110 into at least two parts of content. The password processing device may directly split the password, or may split the password according to an encryption algorithm or the like. Each part of content obtained after processing contains at least one character.
根据本发明的一个实施例,可以将密码分成预定段数的密码段,预定段数至少为2段。这样,在S130中,分别向至少两个用户终端中的每个用户终端发送预定段数的密码段中的至少一段密码段。According to an embodiment of the present invention, the password can be divided into a predetermined number of password segments, and the predetermined number of segments is at least two. In this way, in S130, at least one cipher segment among the predetermined number of cipher segments is sent to each of the at least two user terminals respectively.
拆分后得到的密码段包含密码中的至少一个字符,所有密码段合并在一起可以还原出密码。密码处理装置可以灵活地按顺序拆分密码,每个密码段具有的字符数可以灵活设置。密码段的预定段数可以由密码处理装置灵活设定,但预定段数至少需要为2段,并且需要不小于待发送给的用户终端的个数。The password segment obtained after splitting contains at least one character in the password, and all the password segments can be combined to restore the password. The password processing device can flexibly split the password in order, and the number of characters in each password segment can be flexibly set. The predetermined number of cipher segments can be flexibly set by the cipher processing device, but the predetermined number of segments must be at least 2, and must not be less than the number of user terminals to be sent.
例如,当在S120中将密码分成多个密码段时,可以在S130中分别向至少两个用户终端中的每个用户终端发送预定段数的密码段中的至少一段密码段和该密码段在密码中的位置信息,以使用户终端根据位置信息得到密码。For example, when the password is divided into multiple cipher segments in S120, at least one of the cipher segments of the predetermined number of cipher segments and the cipher segment in the password segment may be sent to each of the at least two user terminals in S130. The location information in , so that the user terminal can obtain the password according to the location information.
密码处理装置除了向用户终端发送密码段之外,还可以向用户终端发送与所收到的密码段相应的位置信息,以使得用户终端基于位置信息可以知道在将密码段组合成密码时收到的密码段所处的排列位置。In addition to sending the cipher segment to the user terminal, the cipher processing device can also send the location information corresponding to the received cipher segment to the user terminal, so that the user terminal can know based on the location information that the cipher segment received when combining the cipher segment into a cipher The arrangement position of the cipher segment.
位置信息可以是密码段在密码中的段数编号,也可以是密码段的起始字符在密码的所有字符中的编号,还可以是本领域技术人员可以想到的其他信息,通过位置信息可以帮助将密码段组合成密码。The location information can be the segment number of the password segment in the password, or the number of the initial character of the password segment in all the characters of the password, or other information that can be thought of by those skilled in the art. The location information can help to place The cipher segments are combined to form a cipher.
再例如,当在S120中将密码分成多个密码段时,可以在S130中根据预定段数的密码段在密码中的位置顺序,分别向至少两个用户终端中的每个用户终端发送预定段数的密码段中的至少一段密码段,以使用户终端根据接收密码段的时间得到密码。For another example, when the password is divided into multiple password segments in S120, in S130, according to the sequence of positions of the password segments of the predetermined number of segments in the password, the passwords of the predetermined number of segments can be sent to each user terminal in at least two user terminals respectively. at least one of the password segments, so that the user terminal obtains the password according to the time of receiving the password segment.
将密码拆分成密码段之后,优先发送位置靠前的密码段,使得用户终端接收密码段的时间与密码段在密码中的位置顺序相对应。例如,当将密码“123456”拆分成“12”、“34”和“56”时,先发送“12”,再发送“34”,接着发送“56”,这样可以使“12”的接收时间早于“34”的接收时间,“34”的接收时间早于“56”的接收时间。用户终端根据接收时间对密码段进行组合,从而还原出密码。After the password is split into cipher segments, the cipher segment at the front is sent first, so that the time when the user terminal receives the cipher segment corresponds to the order of the position of the cipher segment in the cipher. For example, when splitting the password "123456" into "12", "34" and "56", first send "12", then "34", and then "56", so that the reception of "12" The time is earlier than the reception time of "34", and the reception time of "34" is earlier than the reception time of "56". The user terminal combines the cipher segments according to the receiving time, so as to restore the cipher.
此外,也有可能提前对用户终端设置有顺序,密码处理装置拆分出密码段之后,将位置靠前的密码段发送给设置来接收位置靠前的密码段的用户终端,将位置靠后的密码段发送给设置来接收位置靠后的密码段的用户终端。这样,当在用户终端上收到按位置顺序发送的密码段之后,根据用户终端的顺序对密码段进行排列而还原出密码。当然,也有可能不对用户终端设置顺序、也不发送密码段的位置信息,目标用户通过尝试各种对密码段排列的方式,也可以最终得到正确的密码。例如,两个用户终端收到A和B两个密码段,那么密码不是A在前B在后,就是B在前A在后,用户可以通过尝试来得到正确的密码。In addition, it is also possible to set a sequence for the user terminals in advance. After the encryption processing device splits the encryption segments, it sends the encryption segments at the front to the user terminal configured to receive the encryption segments at the front, and the encryption at the rear Segments are sent to user terminals that are set up to receive late-positioned cipher segments. In this way, after receiving the cipher segments sent in order of position on the user terminal, the cipher segments are arranged according to the sequence of the user terminal to restore the password. Of course, it is also possible not to set the sequence for the user terminal, nor to send the location information of the password segment, and the target user can finally obtain the correct password by trying various ways of arranging the password segment. For example, if two user terminals receive two password segments A and B, then the password is either A in front and B in the back, or B in the front and A in the back, and the user can get the correct password by trying.
根据本发明的一个实施例,在S120中,可以将密码处理成至少一段的第一码段和至少一段的第二码段,通过第一码段构成的第一码,解密第二码段构成的第二码,得到密码。According to an embodiment of the present invention, in S120, the password can be processed into at least one first code segment and at least one second code segment, and the first code formed by the first code segment is used to decrypt the second code segment. The second code to get the password.
可以通过预定的加解密算法将密码处理为第一码和第二码,通过第一码解密第二码可以还原出密码。预定的加解密算法可以采用与现有技术中相同的加解密算法,也可以任意设定,加解密算法的具体形式对本发明的保护范围不构成限制。例如,可以将密码处理为作为第一码的规则码和作为第二码的隐码,用规则码解密隐码可以还原出密码。举例来说,当密码是“1234”时,可以将密码处理成隐码“2345”和规则码“1111”,相应的解密算法是隐码减去规则码得到密码。当然,本领域技术人员可以想到,根据隐码和规则码还原出密码还可以采用其他算法,本发明不对算法的具体形式进行任何限定。The password can be processed into a first code and a second code through a predetermined encryption and decryption algorithm, and the password can be recovered by decrypting the second code through the first code. The predetermined encryption and decryption algorithm can adopt the same encryption and decryption algorithm as in the prior art, or can be set arbitrarily. The specific form of the encryption and decryption algorithm does not limit the protection scope of the present invention. For example, the password can be treated as a regular code as the first code and a hidden code as the second code, and the password can be recovered by decrypting the hidden code with the regular code. For example, when the password is "1234", the password can be processed into the hidden code "2345" and the regular code "1111", and the corresponding decryption algorithm is the hidden code minus the regular code to obtain the password. Of course, those skilled in the art can imagine that other algorithms can be used to restore the password according to the hidden code and the regular code, and the present invention does not limit the specific form of the algorithm.
由于用户终端的个数可能大于第一码和第二码这两个字符串的个数,所以为了使每个用户终端可以得到用于构成密码的信息的一部分,需要将第一码和第二码进行分段,以使得每个用户终端可以得到互不相重合的一部分信息。Since the number of user terminals may be greater than the number of the two character strings of the first code and the second code, in order to enable each user terminal to obtain a part of the information used to form the password, it is necessary to combine the first code and the second code The code is segmented so that each user terminal can obtain a part of information that does not overlap with each other.
在S130中,密码处理装置将S120中的至少两部分内容分别发送给至少两个用户终端。每个用户终端可以收到至少一部分内容,任两个用户终端收到的部分内容相互不同。当将每个用户终端收到的部分内容进行组合时,可以构成与S110中的密码相同的完整密码。In S130, the cryptographic processing apparatus sends at least two parts of content in S120 to at least two user terminals respectively. Each user terminal can receive at least a part of the content, and the parts of content received by any two user terminals are different from each other. When the partial content received by each user terminal is combined, a complete password that is the same as the password in S110 can be formed.
例如,假设目标用户具有A、B、C三个用户终端。如果密码处理装置将待向目标用户发送的密码依次分成5段,则密码处理装置可以向A用户终端发送第1段和第2段密码段,向B用户终端发送第3段密码段,向C用户终端发送第4段和第5段密码段。如果密码处理装置将密码段依次分为3段,则可以向A用户终端发送第1段密码段,向B用户终端发送第2段密码段,向C用户终端发送第3段密码段。以3个所有人共有的银行财产为例,三个所有人具有A、B、C三个用户终端,当针对3个所有人共有的银行账户生成动态密码“135792468”时,密码处理装置可以根据用户终端的数量将得到的密码拆分为3部分“135”、“792”、“468”,再将“135”发送到A用户终端,将“792”发送到B用户终端,将“468”发送到C用户终端,这样3个所有人持各自的用户终端才可以得到完整的密码。For example, assume that the target user has three user terminals A, B, and C. If the password processing device divides the password to be sent to the target user into five segments in sequence, the password processing device can send the first segment and the second segment of the password to the A user terminal, send the third segment of the password to the B user terminal, and send the third segment of the password to the C user terminal. The user terminal sends the fourth and fifth cipher segments. If the encryption processing device divides the encryption segment into three segments in turn, then the first encryption segment can be sent to the user terminal A, the second encryption segment can be sent to the user terminal B, and the third encryption segment can be sent to the user terminal C. Taking the bank property shared by three owners as an example, the three owners have three user terminals A, B, and C. When the dynamic password "135792468" is generated for the bank account shared by the three owners, the password processing device can be based on The number of user terminals Split the obtained password into three parts "135", "792" and "468", and then send "135" to user terminal A, send "792" to user terminal B, and send "468" Send it to the C user terminal, so that the three owners can obtain the complete password with their own user terminals.
根据本发明的实施例,用户终端的个数与将密码处理成的部分数可以相同。这样,密码处理装置可以根据用户终端的个数对密码进行处理,使得每个用户终端可以收到密码的一部分。According to an embodiment of the present invention, the number of user terminals may be the same as the number of parts into which the password is processed. In this way, the password processing device can process the password according to the number of user terminals, so that each user terminal can receive a part of the password.
由于将密码的部分信息发送到了不同的用户终端,因此,如果黑客希望获取密码,不仅需要攻破多个用户终端,还要识别密码被处理成的不同部分内容之间的关联性,这提高了黑客获取密码的难度,并增强了用户处保存密码的安全性。Since part of the password information is sent to different user terminals, if a hacker wants to obtain the password, he not only needs to break through multiple user terminals, but also needs to identify the correlation between the different parts of the password processed, which improves the security of the hacker. Difficulty of obtaining passwords and enhancing the security of passwords stored at users.
在S130发送密码的至少两部分内容的过程中,可以使用诸如同一电信网络或同一计算机网络之类的相同传输通道来传输不同部分的内容。更优选的是,可以通过不相同的至少两个传输通道,分别向至少两个用户终端中的每个用户终端发送至少两部分内容中的至少一部分内容。这样,有利于降低在密码的传输过程中截获完整密码的可能性,进一步增强密码的安全性。一个电信网络可以对应一个短信中心,一个电信网络也可以对应一个发送USSD(Unstructured Supplementary Service Data,非结构化补充数据业务)消息的服务器,一个电信网络还可以由一个小区标识来界定。一个计算机网络可以对应一个子网网段内的所有IP地址,也可以对应一个邮件服务器。当然,本领域技术人员还可以想到其他界定电信网络或计算机网络的方式。During the process of sending at least two parts of the password at S130, different parts of the content may be transmitted using the same transmission channel such as the same telecommunication network or the same computer network. More preferably, at least a part of the at least two parts of content may be sent to each of the at least two user terminals through at least two different transmission channels. In this way, it is beneficial to reduce the possibility of intercepting the complete password during the transmission of the password, and further enhance the security of the password. A telecommunication network can correspond to a SMS center, a telecommunication network can also correspond to a server that sends USSD (Unstructured Supplementary Service Data, unstructured supplementary data service) messages, and a telecommunication network can also be defined by a cell identifier. A computer network can correspond to all IP addresses in a subnet segment, and can also correspond to a mail server. Of course, those skilled in the art can also think of other ways to define a telecommunication network or a computer network.
传输密码的至少两部分内容所用的至少两个传输通道中的每一个可以与密码处理装置的一个发送接口相对应,每个发送接口对应一个传输通道。当然,也有可能一个发送接口对应多个传输通道,当密码的某部分内容从该发送接口输出后,通过网络的传输将被送到诸如不同电信网络或不同计算机网络之类的不同传输通道。这样,通过一个传输通道不能截取到完整的密码,从而可以进一步提高密码的安全性,增大在传输过程中截取密码的困难。Each of the at least two transmission channels used to transmit at least two parts of the password may correspond to a sending interface of the cryptographic processing device, and each sending interface corresponds to a transmission channel. Of course, it is also possible that one sending interface corresponds to multiple transmission channels. After a certain part of the password is output from the sending interface, the transmission through the network will be sent to different transmission channels such as different telecommunication networks or different computer networks. In this way, the complete password cannot be intercepted through a transmission channel, thereby further improving the security of the password and increasing the difficulty of intercepting the password during transmission.
例如,可以通过至少两个电信网络,分别向至少两个用户终端中的每个用户终端发送至少两部分内容中的至少一部分内容,其中每个电信网络对应至少一个用户终端,每个用户终端对应至少两个电信网络之一。For example, at least a part of the at least two parts of content may be sent to each of at least two user terminals through at least two telecommunication networks, wherein each telecommunication network corresponds to at least one user terminal, and each user terminal corresponds to One of at least two telecommunications networks.
举例来说,至少两个电信网络可以是至少两个短信中心,密码处理装置将密码拆分为密码段。目标用户具有A、B、C三个用户终端,A、B用户终端接收来自第一短信中心发送的短信而得到密码段,C用户终端接收来自第二短信中心发送的短信而得到密码段。For example, the at least two telecommunication networks may be at least two short message centers, and the password processing device splits the password into password segments. The target user has three user terminals A, B, and C. User terminals A and B receive a short message from the first SMS center to obtain a password segment, and user terminal C receives a short message from the second SMS center to obtain a password segment.
再例如,可以通过至少一个电信网络和至少一个计算机网络,分别向至少两个用户终端中的每个用户终端发送至少两部分内容中的至少一部分内容,其中每个电信网络对应至少一个用户终端,每个计算机网络对应至少一个用户终端,每个用户终端对应至少一个电信网络之一或至少一个计算机网络之一。For another example, at least a part of the at least two parts of content may be sent to each of the at least two user terminals through at least one telecommunication network and at least one computer network, wherein each telecommunication network corresponds to at least one user terminal, Each computer network corresponds to at least one user terminal, and each user terminal corresponds to one of the at least one telecommunications network or one of the at least one computer network.
举例来说,至少一个电信网络可以是至少一个短信中心,至少一个计算机网络可以是至少一个IP子网,密码处理装置将密码拆分为密码段。目标用户具有A、B、C三个用户终端,A、B用户终端接收来自短信中心发送的短信而得到密码段,C用户终端通过计算机网络而接收到密码段。此时,在C用户终端中可以安装有用于接收密码段的客户端,C用户终端通过开启该客户端,可以接收到密码处理装置通过计算机网络推送过来的密码段。For example, at least one telecommunication network may be at least one short message center, at least one computer network may be at least one IP subnet, and the password processing device splits the password into password segments. The target user has three user terminals A, B, and C. User terminals A and B receive a short message from the SMS center to obtain a password segment, and user terminal C receives the password segment through a computer network. At this time, a client for receiving the cipher segment may be installed in the C user terminal, and the C user terminal may receive the cipher segment pushed by the cipher processing device through the computer network by opening the client.
又例如,可以通过至少两个计算机网络,分别向至少两个用户终端中的每个用户终端发送至少两部分内容中的至少一部分内容,其中每个计算机网络对应至少一个用户终端,每个用户终端对应至少两个计算机网络之一。For another example, at least a part of the at least two parts of content may be sent to each of the at least two user terminals through at least two computer networks, wherein each computer network corresponds to at least one user terminal, and each user terminal Corresponds to one of at least two computer networks.
举例来说,密码处理装置将密码拆分为密码段。目标用户具有A、B、C三个用户终端,A用户终端位于网络地址为221.68.0.0的以太网中,B用户终端位于网络地址为69.156.0.0的以太网中,C用户终端位于网络地址为100.64.0.0的以太网中,这三个用户终端可以经由所处的以太网接收密码处理装置拆分得到的密码段。For example, the cryptographic processing device splits the cryptogram into cryptographic segments. The target user has three user terminals A, B, and C. User terminal A is located in the Ethernet with the network address of 221.68.0.0, user terminal B is located in the Ethernet with the network address of 69.156.0.0, and user terminal C is located in the network address of In the Ethernet of 100.64.0.0, the three user terminals can receive the cipher segment obtained by splitting by the cipher processing device via the Ethernet where they are located.
当然,本领域技术人员还可以想到通过其他的传输通道来传输密码的不同部分内容,使得处理密码得到的各部分内容分通道传递到不同的用户终端,通过同一通道很难截取到完整的密码,从而可以进一步增强密码的安全性。Of course, those skilled in the art can also think of transmitting different parts of the password through other transmission channels, so that each part of the content obtained by processing the password is transmitted to different user terminals in separate channels, and it is difficult to intercept the complete password through the same channel. Thereby, the security of the password can be further enhanced.
根据本发明实施例提供的传输密码的方法,通过将密码处理成至少两部分内容,可以将不同部分的内容发送到不同的用户终端,这样可以避免在一个用户终端上呈现完整密码而存在的安全隐患,从而可以提高密码的安全性。此外,由于用户仍然只有一个密码,对原有的机制可以不作改动,从而有利于系统升级。According to the password transmission method provided by the embodiment of the present invention, by processing the password into at least two parts, different parts of the content can be sent to different user terminals, which can avoid the security problem of presenting the complete password on one user terminal. hidden dangers, which can improve the security of passwords. In addition, since the user still only has one password, the original mechanism may not be changed, which facilitates system upgrades.
下面,参考图2和图3所示的示意图描述利用本发明实施例提供的方法进行密码传输的例子。In the following, an example of password transmission using the method provided by the embodiment of the present invention will be described with reference to the schematic diagrams shown in FIG. 2 and FIG. 3 .
在图2所示的第一例子中,密码处理装置从生成密码的服务器得到待发送给目标用户的密码“577345”。生成密码的服务器可以在收到目标用户发送的请求时生成密码而发送给密码处理装置。In the first example shown in FIG. 2, the password processing apparatus obtains the password "577345" to be sent to the target user from the server that generates the password. The server that generates the password may generate the password and send it to the password processing device when receiving the request from the target user.
密码处理装置根据目标用户预先设置的手机号码的个数将密码分为多段,每段密码对应一个手机号码,每个手机号码至少得到一个字符的密码段。在该例中,以两个手机为例进行说明,但不排除目标用户预先设置的手机号码的个数多于两个的情况。The password processing device divides the password into multiple sections according to the number of mobile phone numbers preset by the target user, each section of password corresponds to a mobile phone number, and each mobile phone number obtains a password section of at least one character. In this example, two mobile phones are taken as an example for illustration, but the situation that the number of mobile phone numbers preset by the target user is more than two is not excluded.
从图2可以看到,密码处理装置将密码分成“5773”和“45”两段,通过第一短信发送接口将“5773”这一段发送给第一短信中心,通过第二短信发送接口将“45”这一段发送给第二短信中心。此外,还需要将第一手机号码发送给第一短信中心,将第二手机号码发送给第二短信中心,以使短信中心可以将得到的密码段发送给相应的手机。As can be seen from Figure 2, the password processing device divides the password into two sections of "5773" and "45", sends the section "5773" to the first SMS center through the first SMS sending interface, and sends "5773" to the first SMS center through the second SMS sending interface. 45" this section is sent to the second SMS center. In addition, it is also necessary to send the first mobile phone number to the first short message center, and send the second mobile phone number to the second short message center, so that the short message center can send the obtained password segment to the corresponding mobile phone.
第一短信中心将“5773”这一段发送给第一手机号码对应的第一手机,第二短信中心将“45”这一段发送给第二手机号码对应的第二手机。在第一手机上可以呈现“登陆密码共两段,第一段为5773”,在第二手机上可以呈现“登陆密码共两段,第二段为45”。The first short message center sends the segment "5773" to the first mobile phone corresponding to the first mobile phone number, and the second short message center sends the segment "45" to the second mobile phone corresponding to the second mobile phone number. On the first mobile phone, "the login password has two sections, and the first section is 5773", and on the second mobile phone, "the login password has two sections, and the second section is 45".
这样,目标用户根据短信内容,可以将第一手机和第二手机上收到的密码段按照短信提示的顺序合并起来,从而构成完整的密码。In this way, according to the content of the short message, the target user can combine the password segments received on the first mobile phone and the second mobile phone according to the sequence prompted by the short message to form a complete password.
在图3所示的第二例子中,与第一例子相同,密码处理装置从生成密码的服务器得到待发送给目标用户的密码“577345”,并将密码分成“5773”和“45”两段。In the second example shown in Figure 3, the same as the first example, the password processing device obtains the password "577345" to be sent to the target user from the server that generates the password, and divides the password into two segments of "5773" and "45" .
在第二例子中,密码处理装置通过短信发送接口将“5773”这一段和目标用户的手机号码发送给短信中心,由短信中心将“5773”这一段发送给与该手机号码对应的手机,在手机上可以呈现“登陆密码共两段,第一段为5773”。In the second example, the password processing device sends the section "5773" and the mobile phone number of the target user to the SMS center through the SMS sending interface, and the SMS center sends the section "5773" to the mobile phone corresponding to the mobile phone number. "Login password consists of two paragraphs, the first paragraph is 5773" can be displayed on the mobile phone.
此外,密码处理装置通过网络发送接口将“45”这一段经由计算机网络推送给目标用户具有的个人计算机,推送密码段的通道可以由在个人计算机中安装并启动的客户端与密码处理装置建立。经由该通道将密码段推送给个人计算机之后,该客户端向目标用户呈现密码段信息,例如“登陆密码共两段,第二段为45”。客户端可以是在个人计算机上插入U盘而自动启动的。In addition, the cryptographic processing device pushes the segment "45" to the personal computer owned by the target user via the computer network through the network sending interface, and the channel for pushing the cryptographic segment can be established by the client installed and activated in the personal computer and the cryptographic processing device. After the password segment is pushed to the personal computer through the channel, the client presents the target user with the password segment information, for example, "the login password consists of two segments, and the second segment is 45". The client can be automatically started by inserting a USB flash drive into the personal computer.
目标用户通过查看手机短信和客户端上的内容可以将收到的密码段组合成完整的密码。The target user can combine the received password segments into a complete password by checking the text messages on the mobile phone and the content on the client.
本发明实施例提供的传输密码的方法可以适用于共同财产的监管,例如对公司帐户的监管。当需要从公司帐户提取现金或转帐时,登陆密码会发到不同的相关责任人的手机上,只有全部监管人员的手机上的短信收集齐全,才可以获取完整的密码,以实现登陆。收集密码的过程中,相关责任人均已知道此次行为,从而可以保证对共同财产使用的安全性。The password transmission method provided by the embodiment of the present invention can be applied to the supervision of common property, such as the supervision of company accounts. When it is necessary to withdraw cash or transfer funds from the company account, the login password will be sent to the mobile phones of different responsible persons. Only when all the short messages on the mobile phones of all supervisors are collected can the complete password be obtained to realize the login. In the process of collecting passwords, the relevant responsible persons have already known this behavior, so as to ensure the security of the use of common property.
本发明实施例提供的传输密码的方法还可以适用于对安全性有较高要求的个人密码的保护方案。例如,可以将获取密码处理后的部分内容的客户端软件放在U盘中,当需要接收密码时,插入U盘,运行客户端程序。由于包含多个用户终端,因此单独攻击一个用户终端不能有效获取到密码,即使攻破多个用户终端,也需要识别出不同部分内容之间的相互顺序才能组合成密码,这加大了截取密码的难度。The password transmission method provided by the embodiment of the present invention can also be applied to a protection scheme for a personal password that has higher security requirements. For example, the client software that obtains part of the password-processed content can be placed in a USB flash drive, and when the password needs to be received, the USB flash drive is inserted to run the client program. Since multiple user terminals are involved, a single attack on a user terminal cannot effectively obtain the password. Even if multiple user terminals are broken, it is necessary to identify the mutual order of different parts of the content before they can be combined into a password, which increases the difficulty of intercepting the password. difficulty.
上面描述了根据本发明实施例的传输密码的方法,下面参考图4和图5描述根据本发明实施例的用于传输密码的装置的结构框图。The method for transmitting a password according to an embodiment of the present invention has been described above, and the structural block diagram of an apparatus for transmitting a password according to an embodiment of the present invention will be described below with reference to FIG. 4 and FIG. 5 .
图4是根据本发明实施例的用于传输密码的装置400的结构框图。Fig. 4 is a structural block diagram of an apparatus 400 for transmitting passwords according to an embodiment of the present invention.
装置400可以是独立的网络设备,也可以被集成到现有的网络设备中。装置400包括获取模块410、处理模块420和发送模块430,获取模块410可以通过输入接口实现,处理模块420可以通过处理器实现,发送模块430可以通过输出接口实现。获取模块410用于获取密码。处理模块420用于将密码处理成至少两部分内容,至少两部分内容互不相同。发送模块430用于分别向至少两个用户终端中的每个用户终端发送至少两部分内容中的至少一部分内容,以使每个用户终端收到的部分内容相互不重合,用户终端根据收到的至少两部分内容得到密码。The apparatus 400 may be an independent network device, or be integrated into an existing network device. The apparatus 400 includes an acquisition module 410, a processing module 420, and a sending module 430. The acquisition module 410 can be realized through an input interface, the processing module 420 can be realized through a processor, and the sending module 430 can be realized through an output interface. The acquiring module 410 is used for acquiring passwords. The processing module 420 is used to process the password into at least two parts of content, at least two parts of content are different from each other. The sending module 430 is configured to send at least a part of the at least two parts of content to each of the at least two user terminals, so that the parts of the content received by each user terminal do not overlap with each other, and the user terminal according to the received At least two parts of the content get the password.
获取模块410、处理模块420和发送模块430的上述和其他操作和/或功能可以参考上述方法100中的S110至S130步骤以及其他相关部分的描述,为了避免重复,在此不再赘述。For the above and other operations and/or functions of the acquisition module 410, the processing module 420, and the sending module 430, reference may be made to the description of steps S110 to S130 and other relevant parts in the method 100 above, and details are not repeated here to avoid repetition.
根据本发明实施例提供的用于传输密码的装置,通过将密码处理成至少两部分内容,可以将不同部分的内容发送到不同的用户终端,这样可以避免在一个用户终端上呈现完整密码而存在的安全隐患,从而可以提高密码的安全性。此外,由于用户仍然只有一个密码,对原有的机制可以不作改动,从而有利于系统升级。According to the device for transmitting passwords provided by the embodiments of the present invention, by processing the passwords into at least two parts, different parts of the content can be sent to different user terminals, which can avoid presenting the complete password on a user terminal and exist potential security risks, which can improve the security of passwords. In addition, since the user still only has one password, the original mechanism may not be changed, which facilitates system upgrades.
图5是根据本发明实施例的用于传输密码的装置500的结构框图。Fig. 5 is a structural block diagram of an apparatus 500 for transmitting passwords according to an embodiment of the present invention.
装置500的获取模块510、处理模块520和发送模块530与装置400的获取模块410、处理模块420和发送模块430基本相同。The obtaining module 510 , processing module 520 and sending module 530 of the device 500 are basically the same as the obtaining module 410 , processing module 420 and sending module 430 of the device 400 .
根据本发明的一个实施例,处理模块520可以用于将密码分成预定段数的密码段,预定段数至少为2段。在该情况下,发送模块530可以用于分别向至少两个用户终端中的每个用户终端发送预定段数的密码段中的至少一段密码段。此外,根据本发明的一个实施例,发送模块530还可以用于分别向至少两个用户终端中的每个用户终端发送预定段数的密码段中的至少一段密码段和该密码段在密码中的位置信息,以使用户终端根据位置信息得到密码。根据本发明的一个实施例,发送模块530还可以用于根据预定段数的密码段在密码中的位置顺序,分别向至少两个用户终端中的每个用户终端发送预定段数的密码段中的至少一段密码段,以使用户终端根据接收密码段的时间得到密码。According to an embodiment of the present invention, the processing module 520 may be used to divide the password into a predetermined number of password segments, and the predetermined number of segments is at least 2. In this case, the sending module 530 may be configured to respectively send at least one of the predetermined number of cipher segments to each of the at least two user terminals. In addition, according to an embodiment of the present invention, the sending module 530 can also be configured to respectively send at least one of the predetermined number of password segments and the password segment of the password segment to each of the at least two user terminals. Location information, so that the user terminal obtains the password according to the location information. According to an embodiment of the present invention, the sending module 530 may also be configured to send at least one of the predetermined number of cipher segments to each of the at least two user terminals according to the position order of the predetermined number of cipher segments in the cipher. A cipher segment, so that the user terminal can obtain the password according to the time of receiving the cipher segment.
根据本发明的一个实施例,处理模块520可以用于将密码处理成至少一段的第一码段和至少一段的第二码段,通过第一码段构成的第一码,解密第二码段构成的第二码,得到密码。According to an embodiment of the present invention, the processing module 520 can be used to process the password into at least one first code segment and at least one second code segment, and decrypt the second code segment through the first code formed by the first code segment Form the second code to obtain the password.
根据本发明的实施例,发送模块530可以用于通过不相同的至少两个传输通道,分别向至少两个用户终端中的每个用户终端发送至少两部分内容中的至少一部分内容。According to an embodiment of the present invention, the sending module 530 may be configured to send at least a part of the at least two parts of content to each of the at least two user terminals through at least two different transmission channels.
例如,发送模块530可以包括第一发送单元532、第二发送单元534和第三发送单元536中的至少一项。第一发送单元532用于通过至少两个电信网络,分别向至少两个用户终端中的每个用户终端发送至少两部分内容中的至少一部分内容,其中每个电信网络对应至少一个用户终端,每个用户终端对应至少两个电信网络之一。第二发送单元534用于通过至少一个电信网络和至少一个计算机网络,分别向至少两个用户终端中的每个用户终端发送至少两部分内容中的至少一部分内容,其中每个电信网络对应至少一个用户终端,每个计算机网络对应至少一个用户终端,每个用户终端对应至少一个电信网络之一或至少一个计算机网络之一。第三发送单元536用于通过至少两个计算机网络,分别向至少两个用户终端中的每个用户终端发送至少两部分内容中的至少一部分内容,其中每个计算机网络对应至少一个用户终端,每个用户终端对应至少两个计算机网络之一。For example, the sending module 530 may include at least one of a first sending unit 532 , a second sending unit 534 and a third sending unit 536 . The first sending unit 532 is configured to send at least a part of the at least two parts of content to each of the at least two user terminals through at least two telecommunication networks, wherein each telecommunication network corresponds to at least one user terminal, and each Each user terminal corresponds to one of at least two telecommunications networks. The second sending unit 534 is configured to respectively send at least a part of the at least two parts of content to each of the at least two user terminals through at least one telecommunication network and at least one computer network, wherein each telecommunication network corresponds to at least one Each computer network corresponds to at least one user terminal, and each user terminal corresponds to one of at least one telecommunication network or one of at least one computer network. The third sending unit 536 is configured to send at least a part of the at least two parts of content to each of the at least two user terminals through at least two computer networks, wherein each computer network corresponds to at least one user terminal, and each Each user terminal corresponds to one of at least two computer networks.
根据本发明的实施例,用户终端的个数可以与将密码处理成的部分数相同。According to an embodiment of the present invention, the number of user terminals may be the same as the number of parts into which the password is processed.
处理模块520、发送模块530、第一发送单元532、第二发送单元534和第三发送单元536的上述和其他操作和/或功能可以参考方法100的S120和S130步骤以及其他相关部分的描述,为了避免重复,不再赘述。For the above and other operations and/or functions of the processing module 520, the sending module 530, the first sending unit 532, the second sending unit 534, and the third sending unit 536, reference may be made to the descriptions of steps S120 and S130 of the method 100 and other relevant parts, In order to avoid repetition, no more details are given here.
根据本发明实施例提供的用于传输密码的装置,由于经由不相同的传输通道来传递密码处理后得到的不同部分内容,使得通过一个传输通道不能截取到处理密码得到的所有部分内容,这样可以进一步提高密码的安全性,增大在传输过程中截取密码的困难。According to the device for transmitting passwords provided by the embodiments of the present invention, since different parts of content obtained after password processing are transmitted through different transmission channels, it is impossible to intercept all parts of content obtained by processing passwords through one transmission channel, which can Further improve the security of the password and increase the difficulty of intercepting the password during transmission.
可以将本发明实施例提供的用于传输密码的装置应用到现有的网络设备上,也可以将用于传输密码的装置作为一个新的网络设备。在网络设备中包括获取模块、处理模块和发送模块。获取模块可以由输入接口实现,处理模块可以由处理器实现,发送模块可以由多个输出接口实现。例如发送模块可以包括多个短信中心连接接口,每个短信中心连接接口可以连接到短信中心,具有将处理密码得到的部分内容发送到短信中心、再使短信中心将部分内容转发到相应手机的能力。再例如,发送模块可以包括网络连接接口,网络连接接口可以连接到计算机网络,具有将密码段发送到计算机网络、以通过计算机网络将密码段转发到相应个人计算机安装的客户端的能力。The device for transmitting a password provided by the embodiment of the present invention can be applied to an existing network device, or the device for transmitting a password can be used as a new network device. The network device includes an acquisition module, a processing module and a sending module. The acquiring module can be realized by an input interface, the processing module can be realized by a processor, and the sending module can be realized by multiple output interfaces. For example, the sending module may include multiple short message center connection interfaces, and each short message center connection interface may be connected to the short message center, and has the ability to send part of the content obtained by processing the password to the short message center, and then make the short message center forward part of the content to the corresponding mobile phone . For another example, the sending module may include a network connection interface, and the network connection interface may be connected to a computer network, and has the ability to send the cipher segment to the computer network, so as to forward the cipher segment to the client installed on the corresponding personal computer through the computer network.
本领域技术人员可以意识到,结合本文中所公开的实施例中描述的各方法步骤和单元,能够以电子硬件、计算机软件或者二者的结合来实现,为了清楚地说明硬件和软件的可互换性,在上述说明中已经按照功能一般性地描述了各实施例的步骤及组成。这些功能究竟以硬件还是软件方式来执行,取决于技术方案的特定应用和设计约束条件。本领域技术人员可以对每个特定的应用使用不同方法来实现所描述的功能,但是这种实现不应认为超出本发明的范围。Those skilled in the art can realize that, in combination with the method steps and units described in the embodiments disclosed herein, they can be realized by electronic hardware, computer software or a combination of the two. In order to clearly illustrate the interchangeability of hardware and software Alternatively, in the above description, the steps and components of each embodiment have been generally described in terms of functions. Whether these functions are executed by hardware or software depends on the specific application and design constraints of the technical solution. Those skilled in the art may implement the described functionality using different methods for each particular application, but such implementation should not be considered as exceeding the scope of the present invention.
结合本文中所公开的实施例描述的方法步骤可以用硬件、处理器执行的软件程序、或者二者的结合来实施。软件程序可以置于随机存取存储器(RAM)、内存、只读存储器(ROM)、电可编程ROM、电可擦除可编程ROM、寄存器、硬盘、可移动磁盘、CD-ROM或技术领域内所公知的任意其它形式的存储介质中。The method steps described in connection with the embodiments disclosed herein may be implemented by hardware, software programs executed by a processor, or a combination of both. The software program may reside in random access memory (RAM), internal memory, read-only memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, removable disk, CD-ROM or technical field Any other known storage medium.
尽管已示出和描述了本发明的一些实施例,但本领域技术人员应该理解,在不脱离本发明的原理和精神的情况下,可对这些实施例进行各种修改,这样的修改应落入本发明的范围内。Although some embodiments of the present invention have been shown and described, it should be understood by those skilled in the art that various modifications can be made to these embodiments without departing from the principles and spirit of the invention, and such modifications shall fall within into the scope of the present invention.
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110258909.3ACN102271035B (en) | 2011-09-02 | 2011-09-02 | Password transmission method and device |
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110258909.3ACN102271035B (en) | 2011-09-02 | 2011-09-02 | Password transmission method and device |
| Publication Number | Publication Date |
|---|---|
| CN102271035A CN102271035A (en) | 2011-12-07 |
| CN102271035Btrue CN102271035B (en) | 2014-12-24 |
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110258909.3AExpired - Fee RelatedCN102271035B (en) | 2011-09-02 | 2011-09-02 | Password transmission method and device |
| Country | Link |
|---|---|
| CN (1) | CN102271035B (en) |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103220140A (en)* | 2012-01-18 | 2013-07-24 | 华为终端有限公司 | Encryption and decryption method, encryption and decryption device and electronic equipment |
| CN102957688B (en)* | 2012-08-16 | 2016-05-04 | 中国商用飞机有限责任公司 | password input and verification method and device |
| CN102811228B (en)* | 2012-08-31 | 2016-07-06 | 中国联合网络通信集团有限公司 | Network login method, equipment and system |
| CN103501292B (en)* | 2013-09-24 | 2017-05-17 | 长沙裕邦软件开发有限公司 | Method and system for achieving data safety protection by using standby mobile phone |
| CN104683301B (en)* | 2013-11-28 | 2020-01-10 | 腾讯科技(深圳)有限公司 | Password storage method and device |
| CN105991519B (en)* | 2015-01-29 | 2019-11-08 | 阿里巴巴集团控股有限公司 | A kind of method, apparatus and system verifying identifying code |
| CN106161338A (en)* | 2015-03-26 | 2016-11-23 | 阿里巴巴集团控股有限公司 | For verifying the method and device of user identity |
| CN105404818A (en)* | 2015-10-28 | 2016-03-16 | 上海斐讯数据通信技术有限公司 | Information storage method and system, information acquisition method and system, main terminal and auxiliary terminal |
| CN107154921A (en) | 2016-03-03 | 2017-09-12 | 阿里巴巴集团控股有限公司 | The authorization method and device of condominium account, the authentication method of condominium account and device |
| CN107085788A (en)* | 2017-04-20 | 2017-08-22 | 中国电子技术标准化研究院 | A new secure payment method |
| CN107743306B (en)* | 2017-11-20 | 2021-08-24 | 上海动联信息技术股份有限公司 | Intelligent POS machine WIFI setting method based on multi-password control and intelligent POS machine |
| CN108256344B (en)* | 2018-01-22 | 2019-10-22 | 商客通尚景科技江苏有限公司 | A kind of SaaS enterprise platform Database Systems and attaching method thereof |
| CN108848503B (en)* | 2018-06-14 | 2019-03-26 | 王佳骏 | A kind of smart home dynamic encryption means of communication and system transmitted using merogenesis |
| CN109088729B (en)* | 2018-09-28 | 2021-03-26 | 北京金山安全软件有限公司 | Key storage method and device |
| CN111726320B (en)* | 2019-03-19 | 2022-08-30 | 阿里巴巴集团控股有限公司 | Data processing method, device and equipment |
| CN110660147A (en)* | 2019-09-27 | 2020-01-07 | 江苏亨通问天量子信息研究院有限公司 | Multi-party matched unlocking safe and unlocking method thereof |
| CN112235247A (en)* | 2020-09-16 | 2021-01-15 | 湖南三湘银行股份有限公司 | Mobile terminal, terminal banking business security authentication method and system |
| CN112446990A (en)* | 2020-10-30 | 2021-03-05 | 重庆电子工程职业学院 | Intelligent lock system |
| CN113345139A (en)* | 2021-06-03 | 2021-09-03 | 珠海优特物联科技有限公司 | Unlocking method, intelligent lock cylinder and intelligent lock system |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101236590A (en)* | 2008-03-07 | 2008-08-06 | 北京邮电大学 | A Realization Method of Software Segmentation Protection Based on Threshold Cryptosystem |
| CN101604366A (en)* | 2009-07-13 | 2009-12-16 | 中山爱科数字科技有限公司 | A kind of password separate dynamic verification method and system |
| CN101719197A (en)* | 2008-10-10 | 2010-06-02 | 姜凌 | Password authentification method |
| CN102025506A (en)* | 2010-12-20 | 2011-04-20 | 中国联合网络通信集团有限公司 | User authentication method and device |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JPH11215115A (en)* | 1998-01-26 | 1999-08-06 | Nippon Telegr & Teleph Corp <Ntt> | Cryptographic broadcast communication method, its apparatus and program recording medium |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101236590A (en)* | 2008-03-07 | 2008-08-06 | 北京邮电大学 | A Realization Method of Software Segmentation Protection Based on Threshold Cryptosystem |
| CN101719197A (en)* | 2008-10-10 | 2010-06-02 | 姜凌 | Password authentification method |
| CN101604366A (en)* | 2009-07-13 | 2009-12-16 | 中山爱科数字科技有限公司 | A kind of password separate dynamic verification method and system |
| CN102025506A (en)* | 2010-12-20 | 2011-04-20 | 中国联合网络通信集团有限公司 | User authentication method and device |
| Publication number | Publication date |
|---|---|
| CN102271035A (en) | 2011-12-07 |
| Publication | Publication Date | Title |
|---|---|---|
| CN102271035B (en) | Password transmission method and device | |
| US11677729B2 (en) | Secure multi-party protocol | |
| CN111130803B (en) | Method, system and device for digital signature | |
| US9537861B2 (en) | Method of mutual verification between a client and a server | |
| CN101051904B (en) | Method for landing by account number cipher for protecting network application sequence | |
| US20160080157A1 (en) | Network authentication method for secure electronic transactions | |
| EP2999189A1 (en) | Network authentication method for secure electronic transactions | |
| CN106027501B (en) | A kind of system and method for being traded safety certification in a mobile device | |
| CN105577612B (en) | Identity authentication method, third-party server, merchant server and user terminal | |
| CN106537432A (en) | Method and device for securing access to wallets in which cryptocurrencies are stored | |
| CN109272314B (en) | A secure communication method and system based on two-party collaborative signature calculation | |
| CN112437044B (en) | Instant messaging method and device | |
| US20180262471A1 (en) | Identity verification and authentication method and system | |
| CN111178884A (en) | Information processing method, device, equipment and readable storage medium | |
| CN112966287B (en) | Method, system, device and computer readable medium for acquiring user data | |
| CN114640524B (en) | Method, apparatus, device and medium for processing transaction replay attack | |
| CN103368918A (en) | Method, device and system for dynamic password authentication | |
| CN110572392A (en) | Identity authentication method based on HyperLegger network | |
| CN114745115A (en) | An information transmission method, device, computer equipment and storage medium | |
| CN105635103A (en) | Network authentication method using card device | |
| CN113411347B (en) | Transaction message processing method and processing device | |
| CN111212017A (en) | Intelligent terminal-oriented safe transmission method and system | |
| CN115580411A (en) | Method, server and client for security verification of token leakage | |
| CN113572717B (en) | Communication connection establishment method, washing and protecting equipment and server | |
| KR101443849B1 (en) | Security management method for authentication message |
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | Effective date of registration:20180427 Address after:London, England Patentee after:GW partnership Co.,Ltd. Address before:518129 Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen Patentee before:HUAWEI TECHNOLOGIES Co.,Ltd. Effective date of registration:20180427 Address after:California, USA Patentee after:Global innovation polymerization LLC Address before:London, England Patentee before:GW partnership Co.,Ltd. | |
| TR01 | Transfer of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee | Granted publication date:20141224 Termination date:20210902 | |
| CF01 | Termination of patent right due to non-payment of annual fee |