Summary of the invention
The present invention provides it is a kind of suitable for smart phone etc. include SIM card electronic device based on SIM card informationUser password information method for secure storing and a kind of code management device.It is being supplied to user's Password Management clothes easy to useWhile business, encrypted message storage file and SIM card unique identification are subjected to " hard binding ", allowed in this way even if someone's maliceEncrypted message storage file is obtained, can not also crack this document to obtain related clear data encrypted message.Meanwhile close using thisWhen code manager, also to check whether the SIM card of current smart phone is effective first, be allowed in this way when user's lost mobile phoneAfterwards, the ineffectivity of the code management device on lost mobile phone can be ensured by reporting the loss the SIM card of oneself in time, to reachProtect the safety of itself encrypted message.
Specifically, The technical solution adopted by the invention is as follows:
A kind of user password information method for secure storing based on SIM card information, is suitable for inclusion in the electronic device of SIM card(such as smart phone), includes the following steps:
1) validity of SIM card in the electronic device is checked;
2) for effective SIM card, the unique identification information of SIM card is extracted;
3) encrypted message of the unique identification information of SIM card and the Internet resources of user is bound;
4) binding result that step 3) generates is locally stored.
Further, step 3) is encrypted when binding the encrypted message of the unique identification information of SIM card and userOperation generates ciphertext password, and network resource identifier and corresponding ciphertext code data is carried out write-in file operation, is formedEncrypted message file simultaneously stores.
Further, in the user password of user query Internet resources, pass through encrypted message file checking user firstWhether the network resource identifier of input is effective, and it is right to extract network resource identifier institute from encrypted message file if effectivelyThe ciphertext password answered;Then the unique identifier for extracting SIM card carries out solution binding solution to ciphertext password using the unique identifierClose operation obtains clear-text passwords, and the clear-text passwords is returned to user query interface.
A kind of code management device based on SIM card information using the above method, is suitable for inclusion in the electronic device of SIM card(such as smart phone), as shown in Figure 1, including password acquisition module, Password Management module, cryptographic binding module and password unbundlingsThe workflow of cover half block, each module is as follows:
(1) check whether current SIM card is effective
Whether whether the SIM card that the Password Management module check of code management device is current can be used, i.e., can be in mobile networkOn communicated.If it is valid, normally entering code management device;Otherwise prompt user's SIM card is illegal, cannot use password pipeManage device.
(2) the Internet resources encrypted message of user is collected
The identifier for each Internet resources that user needs to record by the interface input of code management device is used with correspondingFamily password, these information are arranged by password acquisition module and are sent to Password Management module with certain format.
(3) user bound Internet resources encrypted message
After Password Management module receives password relevant information data, the code data of wherein each Internet resources is extracted, it willThese code datas pass to cryptographic binding module.
Cryptographic binding module receives after binding data, extracts the unique identification information of current smart phone SIM card, soBinding cryptographic operation is carried out using the unique identification information and code data afterwards, generates ciphertext password.Then cryptographic binding moduleCiphertext password is returned into Password Management module.
(4) encrypted message file is generated
Password Management module is according to the format of encrypted message file by network resource identifier and corresponding ciphertext password numberAccording to write-in file operation is carried out, encrypted message file is formed, is then locally stored.Fig. 2 is encrypted message text of the inventionThe topology example figure of part.
(5) user password of Internet resources is inquired
User's legal entrance code management device, inputs network resource identifier, and Password Management module passes through message in cipher firstWhether effective the file checking identifier is ceased, if in vain, directly returning to inquiry failure prompt information;Otherwise, from message in cipherIt ceases and extracts ciphertext password corresponding to network resource identifier in file, the ciphertext password is then sent to password unbundlings cover halfBlock.
After password solution binding module receives ciphertext password, the SIM card unique identifier of current smart phone is extracted first,Solution binding decryption oprerations are carried out to ciphertext password using the unique identifier, clear-text passwords is obtained, then returns the clear-text passwordsBack to Password Management module.
Clear-text passwords information is returned to user query interface by Password Management module.
(6) update of encrypted message file
User's legal entrance code management device increases, deletes, modification Internet resources password record.
Increase operation
Password Management module issues acquisition to password acquisition module, and new Internet resources are acquired by password acquisition moduleThen the new new-added item of Password Management is sent to Password Management module by identifier and corresponding user password;
After Password Management module receives the new new-added item of Password Management, first according to the encrypted message file checking being locally storedWhether newly-increased network resource identifier is legal.After legitimacy passes through, the corresponding clear-text passwords of the network resource identifier is sent outGive cryptographic binding module;
Cryptographic binding module extracts the unique identification information of current smart phone SIM card, then by the unique identification informationBinding cryptographic operation is carried out with clear-text passwords, ciphertext password is generated, ciphertext password is then returned into Password Management module;
Password Management module believes newly-increased network resource identifier, ciphertext password etc. according to the format of encrypted message fileExisting encrypted message file is written in breath, and is locally stored.
Delete operation
After Password Management module receives the delete operation of Password Management, the password that user is chosen deletes item, by closeThe corresponding code data of search and orientation of code message file, forms new encrypted message file after being deleted.
Modification operation
After Password Management module receives the modification operation of Password Management, is issued to password acquisition module and acquire new passwordManagement item instruction, and by searching for encrypted message document alignment secret data item to be replaced, then password acquisition module is sentThe new password data come are sent to cryptographic binding module, request the bindings of SIM card;
Cryptographic binding module extracts the unique identification information of current smart phone SIM card, then by the unique identification informationBinding cryptographic operation is carried out with clear-text passwords, ciphertext code data is generated, ciphertext code data is then returned into Password ManagementModule;
Password Management module replaces old ciphertext code data using new ciphertext code data, and forms new message in cipherCease file.
(7) export and importing of encrypted message file
User can make a backup store encrypted message file from being exported in other media in mobile phone.Due to user'sInternet resources encrypted message be all with SIM card information " hard binding ", therefore be not required to worry the peace of derived encrypted message fileQuan Xing.
The encrypted message file of backup can also be imported into mobile phone by user from other media, due to this document be withSIM card binding, as long as SIM card is constant, what the encrypted message file imported can be convenient is used.It is more hand-off as userMachine operates the normal use for not influencing encrypted message file.
(8) deletion certainly of encrypted message file
In order to further ensure the safety of encrypted message file, can force check current SIM card it is invalid when, it is closeCode management software automatically deletes the local password message file on mobile phone, to prevent illegal user to Cryptogram Information DataIt obtains.
Further, of the invention with better effect to make, there can also be following additional technical feature:
(1) Password Management software can not save the direct password of Internet resources, but save prompt information, further plusThe safety of big encrypted message;
(2) encrypted message file can be carried out to segmentation stand alone type " hard binding " encryption, guarantee the use of each Internet resourcesThe binding encryption key that family password uses all is independent from each other to each other, can be further improved the peace of code management device in this wayQuan Xing.Because user is usually to look at the user password of some Internet resources using code management device every time, unified key addsSolve the risk that secret meeting increases user password leakage.Therefore the encrypted messages of each Internet resources is carried out independent encryption and decryption can be intoThe disclosure risk of one step reduction privacy of user data;
(3) unique identifier of SIM card can be written in encrypted message file with ciphertext form, can be thus expiredThe encrypted message file that old SIM card is bound is updated to the binding using new SIM card after the legal replacement SIM card of user by foot.ButWhile bringing user's ease for use, the safety of encrypted message file is also reduced to a certain extent.Mobile phone can be usedUser Identity symbol (such as subscriber phone number) or stronger PIN code SIM card unique identifier is carried out at encryptionReason, to make up security risk brought by above-mentioned bindings again;
(4) different degrees of software can be set to code management device using password, to the password sensitive information of user intoOne step enhances security protection;
(5) unique identifier of SIM card can be freestanding, be also possible to knockdown.As long as meet uniqueness andValidity, can Internet resources encrypted message to user carry out " hard binding ".In practical applications, it can extract multipleEffective unique information of SIM card, is combined encapsulation, ultimately generates a unique identifier and is tied up with encrypted message fileIt is fixed.In addition, for a machine plurality of SIM cards situation one or more SIM card can be selected according to the actual use situation of user" hard binding " operation is carried out simultaneously.
The beneficial effects of the present invention are: firstly, the Internet resources encrypted message of user and the SIM card information of smart phoneIt carries out hardware binding and has ensured user password letter well while providing easy-to-use Password management services for userThe safety of breath;Secondly, by checking whether the SIM card of current smart phone is effective, to ensure that the safety of code management device makesWith further protection user password information data;Further, encrypted message file and SIM card are bound, and replace mobile phone in userIn the case where, the use of existing Password Management is not influenced, the ease for use of user is improved;Finally, to the Internet resources password of userInformation carries out segmentation separate bind operation, can further strengthen the safety of encrypted message and crack difficulty.
Embodiment 1:
Embodiment 1 provided by the invention is to use the IMSI of SIM card newly-increased as the code management device of unique identification informationPassword Management item flow scheme.Specifically includes the following steps:
(1) validity of SIM card is checked
User inputs code management device and uses password, into code management device software.
Code management device check current phone SIM card mobile network whether successful connection, it is successful then carry out next step;It is noThen, the encrypted message file that access mobile phone is locally stored directly is deleted if file exists.Then return " SIM card is illegal,It is not available current password manager software!" etc. prompt informations;
(2) Internet resources Password Management information is increased newly
After mobile phone user's legal entrance code management device, pass through the new user network of the newly-increased interface typing of code management deviceResource identifier NewWebsiteID and corresponding user password NewWebsitePW.After user's confirmation, code management device is firstThe encrypted message file being locally stored is obtained, if it is not, directly carrying out in next step;
Code management device accesses the inquiry table of encrypted message file, checks whether current new network resource identifier has been deposited?.If existing, prompt informations such as " current network resources password have been set " are returned;Otherwise, it carries out in next step;
(3) Internet resources encrypted message is bound
Code management device is that newly-increased Password Management item generates management ID first, and then the IMSI of reading SIM card, uses IMSIBinding encryption is carried out to newly-increased Internet resources password NewWebsitePW, obtains cryptographic binding encrypted result NewCipherPW:
NewCipherPW=E (NewWebsitePW, IMSI);
(4) new encrypted message file is generated
Code management device is by newly-increased Password Management item information: management ID, NewWebsiteID and NewCipherPW are written toEncrypted message file, and carry out the local of encrypted message file and save.
Embodiment 2:
Embodiment 2 provided by the invention is that the IMSI of SIM card is used to inquire as the code management device of unique identification informationThe flow scheme of Password Management item.Specifically includes the following steps:
(1) validity of SIM card is checked
User inputs code management device and uses password, into code management device software.
Code management device check current phone SIM card mobile network whether successful connection, it is successful then carry out next step;It is noThen, the encrypted message file that access mobile phone is locally stored directly is deleted if file exists.Then return " SIM card is illegal,It is not available current password manager software!" etc. prompt informations;
(2) network resource identifier to be checked is inputted
After user's legal entrance code management device, the network resource identifier WebsiteID to be inquired is inputted.
Code management device obtains the encrypted message file being locally stored, and therefrom inquires WebsiteID, if inquiry is lostIt loses, then the prompt informations such as returns to " without this Password Management item ";Successful inquiring carries out in next step;
(3) Internet resources encrypted message is obtained
Code management device reads corresponding Internet resources cryptographic binding result according to network resource identifier WebsiteIDCipherPW。
The IMSI of code management device reading SIM card carries out solution binding decryption oprerations to CipherPW using IMSI, obtains closeThe solution binding result WebsitePW of code information:
WebsitePW=D (CipherPW, IMSI).
WebsitePW is returned to user query interface by code management device.
As can be seen that the present invention has the effect that from above-described embodiment
1. code management device " ties up the encrypted message of user network resource and the progress of the unique identification information of SIM card firmlyIt is fixed ", both facilitated user effectively to manage oneself Internet resources password, while providing more the sensitive information data of userThe safeguard measure of safety;
2. inspection of the code management device to SIM card validity can be further improved the peace to user password information accessGuarantor's measure, reading of the illegal user to user password information after effectivelying prevent user mobile phone to lose;
3. the binding of encrypted message and SIM card does not influence the replacement of user mobile phone, it can preferably meet user in realityApplication in life;
4. code management device be segmented stand alone type binding to the encrypted message of each Internet resources and can further strengthenThe safety of user password information data, increase illegal user cracks difficulty.
The above embodiments are merely illustrative of the technical solutions of the present invention rather than is limited, the ordinary skill of this fieldPersonnel can be with modification or equivalent replacement of the technical solution of the present invention are made, without departing from the spirit and scope of the present invention, thisThe protection scope of invention should be subject to described in claims.