[go: up one dir, main page]

CN102419805B - Terminal equipment and method for encrypting user information - Google Patents

Terminal equipment and method for encrypting user information Download PDF

Info

Publication number
CN102419805B
CN102419805B CN201110373961.3A CN201110373961A CN102419805B CN 102419805 B CN102419805 B CN 102419805B CN 201110373961 A CN201110373961 A CN 201110373961A CN 102419805 B CN102419805 B CN 102419805B
Authority
CN
China
Prior art keywords
information
user
encryption
input
terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201110373961.3A
Other languages
Chinese (zh)
Other versions
CN102419805A (en
Inventor
唐贵杰
韩辰
雷春雪
李春雨
谢群
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ningbo Youth Excellent Product Sharing Technology Co ltd
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CN201110373961.3A priority Critical patent/CN102419805B/en
Publication of CN102419805A publication Critical patent/CN102419805A/en
Application granted granted Critical
Publication of CN102419805B publication Critical patent/CN102419805B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Mobile Radio Communication Systems (AREA)
  • Telephone Function (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention discloses terminal equipment and a method for encrypting user information. The terminal equipment comprises an encryption chip and a terminal main body, wherein the terminal main body is used for acquiring the biological information and private information of a user; and the encryption chip is used for encrypting the private information of the user by using biological identification information as a key and using an encryption algorithm, sending encrypted information to the terminal main body, and storing the encrypted information. By adoption of the technical scheme, a mobile internet device (MID) can change a display policy according to different external lighting environments, so that the satisfaction of visual sensory of the user is improved, and the performance of products is improved. A hardware solution of the encryption chip is superior to a software method in terms of both speed and performance. By adoption of a biological identification technology, the user does not need to memorize any password; and operation processes of encryption, decryption, display and input are finished inside the encryption chip without adoption of a mobile phone, so that information leakage caused by a virus or Trojan in the mobile phone is avoided.

Description

一种终端设备及其用户信息加密方法A terminal device and user information encryption method thereof

技术领域technical field

本发明涉及通信技术领域,更具体地,涉及一种终端设备及其用户信息加密方法。The present invention relates to the technical field of communication, and more specifically, to a terminal device and a user information encryption method thereof.

背景技术Background technique

人们生活在现代社会,每天都会和不同类型的密码打交道,工作电脑的开机密码,银行信用卡的密码,个人电子邮箱的登录密码,各种注册网站的密码,网络银行的密码,证券交易密码等等,可以说我们生活在一个被密码包围的环境。虽然每种密码的长度、位数、种类各不相同。但是任何一种密码泄露或丢失都会造成用户的巨大损失。People live in modern society and deal with different types of passwords every day, such as power-on passwords of work computers, passwords of bank credit cards, login passwords of personal e-mails, passwords of various registration websites, passwords of online banking, securities trading passwords, etc. , it can be said that we live in an environment surrounded by passwords. Although the length, number of digits, and types of each password are different. But any kind of password disclosure or loss will cause huge losses to users.

目前大部分用户都采用一些对自己比较特别的数字或名称作为密码,例如生日、电话号码、身份证号、名字等。而且很多人为了使密码简单容易记忆,都会采用同一密码来应对不同的应用,例如多张银行卡共用一个密码等等。从密码学的角度,以上种种建立密码的方式都会带来巨大的隐患。别有用心的人很容易通过穷举,字典攻击的方法破解强度较弱的密码,获得用户的机密信息,窃取用户的财产和个人隐私。因此,用户密码最好采用不易被破解和猜测到的数字或名称,且各种密码最好不要相同或相近似,如此,才能更有效的保护用户密码,但这样,又带来一个问题,那就是用户面对如此繁杂且多的密码往往可能会忘记。At present, most users use some numbers or names that are special to themselves as passwords, such as birthdays, phone numbers, ID numbers, names, etc. Moreover, in order to make the password simple and easy to remember, many people use the same password to deal with different applications, for example, multiple bank cards share one password and so on. From the perspective of cryptography, the above methods of establishing passwords will bring huge hidden dangers. People with ulterior motives can easily crack weaker passwords through exhaustive and dictionary attacks, obtain the user's confidential information, and steal the user's property and personal privacy. Therefore, it is best to use a number or name that is not easy to be cracked and guessed for the user password, and it is best not to have the same or similar passwords, so that the user password can be more effectively protected, but this brings another problem, that That is, users may often forget such complex and numerous passwords.

发明内容Contents of the invention

为弥补上述不足,本发明提出一种终端设备,所述终端设备包括加密芯片和终端主体;In order to make up for the above deficiencies, the present invention proposes a terminal device, which includes an encryption chip and a terminal body;

所述终端主体采集用户生物信息和用户私密信息;The terminal body collects user biometric information and user private information;

所述加密芯片对所述用户私密信息以所述生物识别信息为密钥通过加密算法加密,并将加密后的信息发送给终端主体存储。The encryption chip encrypts the user's private information using the biometric information as a key through an encryption algorithm, and sends the encrypted information to the terminal body for storage.

进一步地,当用户需要解密其用户私密信息时,可再次输入相同的用户生物信息,加密芯片以该用户生物信息为密钥解密所述加密信息并解密出用户私密信息。Further, when the user needs to decrypt the user's private information, he can input the same user's biological information again, and the encryption chip uses the user's biological information as a key to decrypt the encrypted information and decrypt the user's private information.

进一步地,所述加密芯片包含终端屏幕控制模块、加密算法模块、与终端主芯片通信的模块、输入控制模块和生物识别信息输入模块;Further, the encryption chip includes a terminal screen control module, an encryption algorithm module, a module communicating with the terminal main chip, an input control module, and a biometric information input module;

所述终端屏幕控制模块用于将私密信息输出到终端显示屏上;The terminal screen control module is used to output private information to the terminal display screen;

所述加密算法模块用于对用户私密信息加密;The encryption algorithm module is used to encrypt user private information;

所述与终端主芯片通信的模块用于和终端主芯片通信;The module communicating with the terminal main chip is used to communicate with the terminal main chip;

所述输入控制模块用于控制信息输入和接收信息输入;The input control module is used to control information input and receive information input;

所述生物识别信息输入模块用于采集生物信息并识别生物信息。The biometric information input module is used for collecting biometric information and identifying biometric information.

进一步地,所述加密算法是AES、DES、RSA、MD5之一种或组合。Further, the encryption algorithm is one or a combination of AES, DES, RSA, and MD5.

进一步地,所述用户生物信息是指纹信息、虹膜信息、面部信息、静脉信息、耳纹信息之一种或组合。Further, the user biometric information is one or a combination of fingerprint information, iris information, facial information, vein information, and earprint information.

本发明提出一种用户信息加密方法,所述加密方法包括:用户终端主体采集用户生物信息和用户私密信息;通过加密芯片对所述用户私密信息以所述生物识别信息为密钥采用加密算法加密,并将加密后的信息发送给终端主体存储。The present invention proposes a user information encryption method, the encryption method comprising: the user terminal body collects user biological information and user private information; uses an encryption chip to encrypt the user private information with the biometric information as a key using an encryption algorithm , and send the encrypted information to the terminal subject for storage.

进一步地,当用户需要解密其用户私密信息时,可再次输入相同的用户生物信息,加密芯片以该用户生物信息作为密钥解密所述加密信息并解密出用户私密信息。Further, when the user needs to decrypt the user's private information, he can input the same user's biological information again, and the encryption chip uses the user's biological information as a key to decrypt the encrypted information and decrypt the user's private information.

进一步地,所述加密芯片包含终端屏幕控制模块、加密算法模块、与终端主芯片通信的模块、输入控制模块和生物识别信息输入模块;Further, the encryption chip includes a terminal screen control module, an encryption algorithm module, a module communicating with the terminal main chip, an input control module, and a biometric information input module;

所述终端屏幕控制模块用于将私密信息输出到终端显示屏上;The terminal screen control module is used to output private information to the terminal display screen;

所述加密算法模块用于对用户私密信息加密;The encryption algorithm module is used to encrypt user private information;

所述与终端芯片的通信模块用于和终端主芯片通信;The communication module with the terminal chip is used to communicate with the terminal main chip;

所述输入控制模块用于控制信息输入和接受信息输入;The input control module is used to control information input and accept information input;

所述生物识别信息输入模块用于采集生物信息并识别生物信息。The biometric information input module is used for collecting biometric information and identifying biometric information.

进一步地,所述加密算法是AES、DES、RSA、MD5之一种或组合。Further, the encryption algorithm is one or a combination of AES, DES, RSA, and MD5.

进一步地,所述用户生物信息是指纹信息、虹膜信息、面部信息、静脉信息、耳纹信息之一种或组合。Further, the user biometric information is one or a combination of fingerprint information, iris information, facial information, vein information, and earprint information.

综上所述,采用本发明具有如下有益效果:In summary, adopting the present invention has the following beneficial effects:

采用加密芯片的硬件解决方案,速度和性能都优于软件方法;采用生物识别技术,不需要用户记忆任何密码;所有加密,解密,显示,输入等操作过程的都在加密芯片内部完成,不需要通过手机,避免了手机中病毒或者木马导致的信息泄露。The hardware solution using encryption chips is superior to software methods in speed and performance; using biometric technology, users do not need to memorize any passwords; all encryption, decryption, display, input and other operations are completed inside the encryption chip, no need Through the mobile phone, information leakage caused by viruses or Trojan horses in the mobile phone is avoided.

附图说明Description of drawings

图1是本发明实施例终端设备结构示意图;FIG. 1 is a schematic structural diagram of a terminal device according to an embodiment of the present invention;

图2是本发明实施例用户信息加密方法流程图;Fig. 2 is a flowchart of a method for encrypting user information according to an embodiment of the present invention;

图3是本发明实施例用户信息解密方法流程图。Fig. 3 is a flowchart of a method for decrypting user information according to an embodiment of the present invention.

具体实施方式Detailed ways

本发明克服现有技术中存在的加密和解密过程都依赖于手机中的软件运行,如果用户的手机被植入病毒和木马程序,就可以监视用户手机内存中的信息,窃取用户输入的密码(密钥)或者解密后输出的密码,给用户造成重大的财产经济损失。The present invention overcomes that the encryption and decryption processes existing in the prior art all depend on the software operation in the mobile phone. If the user's mobile phone is implanted with viruses and Trojan horse programs, it can monitor the information in the user's mobile phone memory and steal the password input by the user ( key) or the password output after decryption, causing significant property and economic losses to the user.

本发明包含加密芯片和终端主体两部分。加密芯片内置的加密算法可以是AES(Advanced Encryption Standard)、DES(Data Encryption Standard)、RSA(Rivest Shamir and Adleman)、MD5(Message Digest Algorithm)等多种加密方法之一种或组合,本发明只是以AES128算法为例进行说明。The invention includes two parts, an encryption chip and a terminal body. The encryption algorithm built into the encryption chip can be one or a combination of various encryption methods such as AES (Advanced Encryption Standard), DES (Data Encryption Standard), RSA (Rivest Shamir and Adleman), MD5 (Message Digest Algorithm), and the present invention only The AES128 algorithm is used as an example for illustration.

AES加密算法的密钥为生物信息识别模块提取的,与用户身份构成唯一识别的一段特征码。应当注意的是生物信息识别模块采用的生物信息识别方法可以是指纹识别、虹膜识别、面部识别、静脉识别、耳纹识别等多种方法之一种或组合,本发明只是以指纹识别为例进行说明。The key of the AES encryption algorithm is extracted by the biometric information identification module, and constitutes a unique identification code with the user's identity. It should be noted that the biological information identification method adopted by the biological information identification module can be one or a combination of various methods such as fingerprint identification, iris identification, face identification, vein identification, and earprint identification. The present invention only takes fingerprint identification as an example. illustrate.

加密芯片目前通过FPGA实现,包含五个模块:手机屏幕控制模块、AES加密算法模块、与手机主芯片通信的模块、键盘控制模块和生物识别信息输入模块。The encryption chip is currently implemented through FPGA and includes five modules: a mobile phone screen control module, an AES encryption algorithm module, a module communicating with the main chip of the mobile phone, a keyboard control module, and a biometric information input module.

AES加密算法通过FPGA内部编程的硬件电路实现,AES加密算法的密钥为用户输入的唯一的生物识别信息。为了不经过手机部分,所以用户输入生物识别信息输入到加密芯片内部,同样出于安全原因,输出解密后的密码也不需要经过手机主控程序,直接通过加密芯片内的手机屏幕控制模块输出到手机显示屏上。The AES encryption algorithm is realized by the hardware circuit programmed inside the FPGA, and the key of the AES encryption algorithm is the unique biometric information input by the user. In order not to go through the mobile phone part, the user enters the biometric information into the encryption chip. Also for security reasons, the decrypted password does not need to go through the mobile phone main control program, and is directly output to the mobile phone screen control module in the encryption chip. on the phone display.

下面结合附图和具体实施例对本发明技术方案做进一步详细描述。下面实施例中,本发明终端设备以手机为例进行说明。The technical solutions of the present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments. In the following embodiments, the terminal device of the present invention is described by taking a mobile phone as an example.

如图1所示,本发明实施例终端设备结构示意图,所述终端设备由手机主体和加密芯片两部分组成,其中显示屏和键盘属于手机主体部分,就是通常采用的显示屏和键盘,通过相应的信号线经由加密芯片连接到手机主芯片,正常工作时加密芯片相当于通路作用,不会对手机的正常输入和显示造成影响。手机主芯片通过通信接口与加密芯片进行信息交换。As shown in Figure 1, the schematic diagram of the structure of the terminal device according to the embodiment of the present invention, the terminal device is composed of two parts: the main body of the mobile phone and the encryption chip. The signal line of the mobile phone is connected to the main chip of the mobile phone through the encryption chip. During normal operation, the encryption chip acts as a channel and will not affect the normal input and display of the mobile phone. The main chip of the mobile phone exchanges information with the encryption chip through the communication interface.

加密芯片目前通过FPGA实现,包含五个模块:手机屏幕控制模块、AES加密算法模块、与手机主芯片的通信模块、键盘控制模块和生物识别信息输入模块。The encryption chip is currently implemented through FPGA and includes five modules: mobile phone screen control module, AES encryption algorithm module, communication module with the main chip of the mobile phone, keyboard control module and biometric information input module.

所述手机屏幕控制模块用于将输出密码输出到手机显示屏上。The mobile phone screen control module is used to output the output password to the mobile phone display screen.

所述AES加密算法模块用于对用户信息加密。The AES encryption algorithm module is used to encrypt user information.

所述与手机主芯片的通信模块用于和手机主芯片通信。The communication module with the main chip of the mobile phone is used for communicating with the main chip of the mobile phone.

所述键盘控制模块用于控制键盘输入和接受键盘输入。The keyboard control module is used for controlling keyboard input and accepting keyboard input.

所述生物识别信息输入模块用于采集生物信息并识别生物信息。The biometric information input module is used for collecting biometric information and identifying biometric information.

请参考图2所示,是本发明实施例用户信息加密方法流程图,其包括如下步骤:Please refer to Fig. 2, which is a flowchart of a user information encryption method according to an embodiment of the present invention, which includes the following steps:

S201:首先提示用户输入需要建立密码的明细信息;S201: first prompting the user to input detailed information for establishing a password;

例如用户需要建立一个招商银行卡的密码信息,输入“招商银行卡”。For example, the user needs to create a password information of a China Merchants Bank card, and enter "China Merchants Bank Card".

S202:手机通过通信接口通知加密芯片进入加密状态,并提示用户输入唯一密码(密钥);S202: The mobile phone notifies the encryption chip to enter the encryption state through the communication interface, and prompts the user to input a unique password (key);

S203:加密芯片断开手机与键盘的连接;S203: The encryption chip disconnects the connection between the mobile phone and the keyboard;

S204:用户输入生物识别信息,例如指纹信息;S204: The user inputs biometric information, such as fingerprint information;

S205:加密芯片向手机主芯片发出信息,通知手机显示屏显示提示用户输入密码;S205: the encryption chip sends a message to the main chip of the mobile phone, notifying the display screen of the mobile phone to prompt the user to enter the password;

S206:加密芯片将用户输入的密码进行加密处理;S206: The encryption chip encrypts the password input by the user;

S207:加密处理后的信息发送给手机芯片与明细信息一一对应存储。S207: The encrypted information is sent to the mobile phone chip and stored in one-to-one correspondence with the detailed information.

在上述步骤中,手机提示用户进行指纹识别信息的输入工作,同时加密芯片切断键盘等输入装置与手机的连接,通常键盘与主芯片的通信这时用户可以输入相应的密码,通常银行卡的密码为6位数字。每位数字占用空间为一个字节(8比特)完成输入后6个数字就储存在加密芯片内部,需要用户输入两次,以便确认密码输入无误。6个数字占有48比特的空间,AES加密算法需要至少输入128比特数据,所以要想对48比特的数据进行加密,需要对密码数据进行填充。填充的方式可选为全零或其他规定好的方式。通常各类密码占用空间都小于16字节(128比特),所以本发明只需要进行一次AES算法即可完成对一个密码的加密过程。加密芯片将加密后的数据通过通信接口发送给手机,并与用户输入的密码信息“招商银行卡”一一对应储存。需要说明的是如果用户需要输入字母数字混合的密码处理方式,首先需要说明的是手机默认的输入模式为数字方式,这时手机需要通过通信接口通知加密芯片,如果按下键盘的某个键,则输入模式切换为字母方式;然后加密芯片对键盘输入的信息进行判定,如果切换键被键入,则加密芯片不拦截键盘输入,保证输入方式切换为字母方式,如果其他按键被输入则加密芯片截取相应的输入信息,并保存。通过鉴别切换键的方法可以控制加密芯片识别用户输入的是字母还是数字,并将其对应的信息保存在加密芯片内,每次成功输入一个密码后,加密芯片都会通过通信接口,提示手机显示应经输入了多少位密码。用户完成密码输入后,再经过AES算法加密后发送给手机。In the above steps, the mobile phone prompts the user to input fingerprint identification information, and at the same time, the encryption chip cuts off the connection between the keyboard and other input devices and the mobile phone. Usually, the keyboard communicates with the main chip. At this time, the user can enter the corresponding password, usually the password of the bank card. is a 6-digit number. Each number occupies a space of one byte (8 bits). After the input is completed, the 6 numbers are stored in the encryption chip, and the user needs to input twice to confirm that the password is entered correctly. 6 numbers occupy 48 bits of space, and the AES encryption algorithm needs to input at least 128 bits of data, so if you want to encrypt 48 bits of data, you need to fill the password data. The padding method can be all zeros or other specified methods. Usually all kinds of passwords occupy less than 16 bytes (128 bits), so the present invention only needs to perform the AES algorithm once to complete the encryption process of a password. The encryption chip sends the encrypted data to the mobile phone through the communication interface, and stores them in one-to-one correspondence with the password information "China Merchants Bank Card" entered by the user. What needs to be explained is that if the user needs to input a mixed alphanumeric password, the first thing to explain is that the default input mode of the mobile phone is digital. At this time, the mobile phone needs to notify the encryption chip through the communication interface. If a key on the keyboard is pressed, Then the input mode is switched to the letter mode; then the encryption chip judges the information input by the keyboard, if the switch key is typed, the encryption chip does not intercept the keyboard input to ensure that the input mode is switched to the letter mode, and if other keys are input, the encryption chip intercepts Enter the information accordingly and save it. By identifying the switch key, the encryption chip can be controlled to identify whether the user input is a letter or a number, and the corresponding information is stored in the encryption chip. After each successful input of a password, the encryption chip will prompt the mobile phone to display the corresponding information through the communication interface. How many digits of the password have been entered. After the user completes the password input, it is encrypted by the AES algorithm and sent to the mobile phone.

请参看图3所示,是本发明实施例用户信息解密方法流程图,其包括如下步骤:Please refer to Fig. 3, which is a flowchart of a method for decrypting user information according to an embodiment of the present invention, which includes the following steps:

S301:手机提示用户选择需要查询密码的明细信息;S301: The mobile phone prompts the user to select the detailed information for which the password needs to be inquired;

S302:手机通过通信接口将与明细信息对应的加密信息发送给加密芯片,并通知其进入解密状态,并提示用户输入唯一密码(密钥);S302: The mobile phone sends the encrypted information corresponding to the detailed information to the encryption chip through the communication interface, and notifies it to enter the decryption state, and prompts the user to input a unique password (key);

S303:用户输入生物识别信息;S303: The user inputs biometric information;

S304:加密芯片利用用户输入的密钥和手机发送的加密信息进行解密操作;S304: The encryption chip uses the key input by the user and the encrypted information sent by the mobile phone to perform a decryption operation;

S305:加密芯片断开手机与屏幕的连接;S305: The encryption chip disconnects the mobile phone from the screen;

S306:加密芯片将解密后的密码显示到手机屏幕。S306: The encryption chip displays the decrypted password on the screen of the mobile phone.

上述流程中,首先需要用户选择需要输出密码的明细信息,然后将与用户所选择明细信息对应的加密信息通过通信接口发送给加密芯片,同时通过手机显示屏提示用户输入指纹识别信息,在接收到用户输入的指纹识别信息后,加密芯片对从手机输入的加密信息进行解密(密钥为用户输入的指纹识别信息)。并中断手机显示屏与手机的电气信号连接,由加密芯片接管对手机显示屏的控制,将解密后的密码显示到手机显示屏上。可以设置通过显示时间,比如显示1分钟后,加密芯片退出对显示屏的控制,并清空相应的储存密码明文的储存器,返回到再次接收手机发送加密信息的状态。显示密码明文时,因为原始密码可能因为位数不足而经过填充处理,需要用户判断如果出现连续的零并以零收尾的部分密码明文信息,不是用户输入的密码信息。In the above process, the user first needs to select the detailed information that needs to output the password, and then sends the encrypted information corresponding to the detailed information selected by the user to the encryption chip through the communication interface, and at the same time prompts the user to enter the fingerprint identification information through the mobile phone display screen. After the fingerprint identification information input by the user, the encryption chip decrypts the encrypted information input from the mobile phone (the key is the fingerprint identification information input by the user). And interrupt the electrical signal connection between the display screen of the mobile phone and the mobile phone, the encryption chip takes over the control of the display screen of the mobile phone, and displays the decrypted password on the display screen of the mobile phone. The display time can be set, for example, after displaying for 1 minute, the encryption chip exits the control of the display screen, clears the corresponding memory for storing password plaintext, and returns to the state of receiving encrypted information sent by the mobile phone again. When displaying the plaintext of the password, because the original password may be filled due to insufficient digits, the user needs to judge that if there are consecutive zeros and part of the plaintext password ending with a zero, it is not the password information entered by the user.

需要注意的是前面举例说明都是以带有全键盘输入的手机为例,如果用户使用的是触控屏手机,则触控屏与手机的连接类似键盘与手机的连接,实现原理也类似,只不过需要加密芯片对触控屏的数据进行解析,如果按下触控屏的某个区域,则输入模式切换为字母方式;加密芯片通过对输入的触控屏区域信息进行判定,如果切换键区域被触发,则加密芯片不拦截键盘输入,保证输入方式切换为字母方式,如果其他按键被输入则加密芯片截取相应的输入信息,并保存。通过鉴别切换键触发区域的方法可以控制加密芯片识别用户输入的是字母还是数字,并将其对应的信息保存在加密芯片内,完成密码输入后,再经过AES算法加密后发送给手机。It should be noted that the preceding examples all take mobile phones with full keyboard input as examples. If the user is using a touch screen mobile phone, the connection between the touch screen and the mobile phone is similar to the connection between the keyboard and the mobile phone, and the implementation principle is also similar. It’s just that the encryption chip is needed to analyze the data of the touch screen. If a certain area of the touch screen is pressed, the input mode will switch to the letter mode; the encryption chip judges the input touch screen area information. When the area is triggered, the encryption chip does not intercept the keyboard input, and ensures that the input mode is switched to the letter mode. If other keys are input, the encryption chip intercepts the corresponding input information and saves it. By identifying the trigger area of the switch key, the encryption chip can be controlled to identify whether the user input is a letter or a number, and the corresponding information is stored in the encryption chip. After completing the password input, it is encrypted by the AES algorithm and sent to the mobile phone.

该设计方案综合使用指纹识别技术,AES加密算法提供了很高的安全标准,加密解密过程依赖于硬件加密芯片实现,没有通过手机软件进行,保证了所有密码信息明文不进入手机内存或相关外部存储器,不会被手机植入的木马程序或病毒窃取。The design scheme comprehensively uses fingerprint identification technology, and the AES encryption algorithm provides a high security standard. The encryption and decryption process depends on the hardware encryption chip, and is not carried out through mobile phone software, which ensures that all password information in plain text does not enter the mobile phone memory or related external memory. , will not be stolen by Trojan horse programs or viruses implanted in mobile phones.

本发明还可有多种实施方式,在不背离本发明精神及其实质的情况,熟悉本领域的技术人员当然可根据本发明做出各种相应的更改或变化,但凡在本发明的精神和原则之内所作的任何修改、等同替换、改进,均应包含在本发明的保护范围之内。The present invention also can have multiple embodiments, without departing from the spirit and essence of the present invention, those skilled in the art can of course make various corresponding changes or changes according to the present invention, as long as the spirit and essence of the present invention Any modification, equivalent replacement, and improvement made within the principles shall be included in the protection scope of the present invention.

Claims (10)

1. a terminal device, is characterized in that, described terminal device comprises encryption chip and terminal body;
Described terminal body prompting user inputs managing detailed catalogue corresponding to the user's private information that need encrypt, and wherein, described terminal body comprises terminal master chip and keyboard;
Described terminal body notifies that described encryption chip enters encrypted state, and points out user to input user biological information;
The connection of described encryption chip disconnected end master chip and keyboard;
Described encryption chip gathers the user biological information of user's input;
Described terminal body prompting user inputs the user's private information that need encrypt, and described encryption chip gathers described user's private information of user's input;
Described encryption chip to described user's private information with user biological information for key is encrypted by cryptographic algorithm, and by encryption after information send to terminal body to store.
2. terminal device as claimed in claim 1, it is characterized in that, when user needs to decipher its user's private information, again input identical user biological information, encryption chip with this user biological information for described in secret key decryption encryption after information and decrypt user's private information.
3. terminal device as claimed in claim 1, it is characterized in that, described encryption chip comprises terminal screen control module, enciphering algorithm module, the module communicated with terminal master chip, input control module and biometric information load module;
Described terminal screen control module is for outputting to terminal display screen by user's private information;
Described enciphering algorithm module is used for encrypting user's private information;
The described module communicated with terminal master chip is for communicating with terminal master chip;
Described input control module is used for control information input and the input of the information of reception;
Described biometric information load module is for gathering user biological information and identifying user biological information.
4. terminal device as claimed in claim 1, is characterized in that, described cryptographic algorithm is one or the combination of AES, DES, RSA, MD5.
5. terminal device as claimed in claim 1, is characterized in that, described user biological information is finger print information, one of iris information, facial information, venous information, ear line information or combine.
6. a user profile encryption method, is characterized in that, described encryption method comprises:
Terminal body prompting user inputs managing detailed catalogue corresponding to the user's private information that need encrypt, and wherein, described terminal body comprises terminal master chip and keyboard;
Described terminal body notice encryption chip enters encrypted state, and points out user to input user biological information;
The connection of described encryption chip disconnected end master chip and keyboard;
Described encryption chip gathers the user biological information of user's input;
Described terminal body prompting user inputs the user's private information that need encrypt, and described encryption chip gathers described user's private information of user's input;
By encryption chip to described user's private information with user biological information for key adopt cryptographic algorithm encryption, and by encryption after information send to terminal body to store.
7. method as claimed in claim 6, it is characterized in that, when user needs to decipher its user's private information, again input identical user biological information, encryption chip using this user biological information as described in secret key decryption encryption after information and decrypt user's private information.
8. method as claimed in claim 6, it is characterized in that, described encryption chip comprises terminal screen control module, enciphering algorithm module, the module communicated with terminal master chip, input control module and biometric information load module;
Described terminal screen control module is for outputting to terminal display screen by user's private information;
Described enciphering algorithm module is used for encrypting user's private information;
The described module communicated with terminal master chip is for communicating with terminal master chip;
Described input control module is used for control information input and input of receiving information;
Described biometric information load module is for gathering user biological information and identifying user biological information.
9. method as claimed in claim 6, is characterized in that, described cryptographic algorithm is one or the combination of AES, DES, RSA, MD5.
10. method as claimed in claim 6, is characterized in that, described user biological information is finger print information, one of iris information, facial information, venous information, ear line information or combine.
CN201110373961.3A 2011-11-22 2011-11-22 Terminal equipment and method for encrypting user information Active CN102419805B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201110373961.3A CN102419805B (en) 2011-11-22 2011-11-22 Terminal equipment and method for encrypting user information

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201110373961.3A CN102419805B (en) 2011-11-22 2011-11-22 Terminal equipment and method for encrypting user information

Publications (2)

Publication Number Publication Date
CN102419805A CN102419805A (en) 2012-04-18
CN102419805B true CN102419805B (en) 2015-05-20

Family

ID=45944212

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201110373961.3A Active CN102419805B (en) 2011-11-22 2011-11-22 Terminal equipment and method for encrypting user information

Country Status (1)

Country Link
CN (1) CN102419805B (en)

Families Citing this family (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI488067B (en) * 2012-11-29 2015-06-11 Chi Pei Wang A method and a device for preventing the computer device from being screened on the screen
CN103559453B (en) * 2013-05-23 2017-10-10 深圳市中易通安全芯科技有限公司 A kind of data in mobile phone hardware encryption protecting method and system
CN103699847A (en) * 2013-11-29 2014-04-02 上海合合信息科技发展有限公司 Fingerprint encryption method and device, and encrypted shooting method and device
US9455833B2 (en) * 2014-04-28 2016-09-27 Nxp B.V. Behavioral fingerprint in a white-box implementation
CN103929312A (en) * 2014-04-29 2014-07-16 深圳市中兴移动通信有限公司 Mobile terminal and method and system for protecting individual information of mobile terminal
CN105450597B (en) * 2014-08-14 2019-06-07 阿里巴巴集团控股有限公司 A kind of information transferring method and device
CN105656870B (en) * 2015-06-29 2019-03-08 宇龙计算机通信科技(深圳)有限公司 A kind of data transmission method, apparatus and system
CN105760730A (en) * 2015-07-15 2016-07-13 石家庄蜗牛科技有限公司 System for mobile control and information protection through external iris recognition device
CN105760732A (en) * 2016-01-29 2016-07-13 宇龙计算机通信科技(深圳)有限公司 Authentication method, device and system
CN106100851B (en) * 2016-06-21 2019-06-25 李师华 Password management system, intelligent wristwatch and its cipher management method
CN106209381B (en) * 2016-07-12 2019-04-26 深圳市中易通安全芯科技有限公司 A kind of photo encipher-decipher method and its system
CN106612347A (en) * 2016-08-12 2017-05-03 成都为远信安电子科技有限公司 Mobile phone fingerprint module scheme with secure encryption function
CN106210962B (en) * 2016-09-22 2017-08-22 会听声学科技(北京)有限公司 A kind of ear line acoustic characteristic ONLINE RECOGNITION method and system designed suitable for noise cancelling headphone
CN107590383A (en) * 2017-08-30 2018-01-16 浙江九州量子信息技术股份有限公司 A kind of main password protecting System and method for based on SOC
CN113762971A (en) * 2021-05-17 2021-12-07 腾讯科技(深圳)有限公司 Data encryption method and device, computer equipment and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1893713A (en) * 2005-07-05 2007-01-10 索尼爱立信移动通信日本株式会社 Mobile terminal device, program and method for biometric encrypted personal identification number
CN101236591A (en) * 2007-01-31 2008-08-06 联想(北京)有限公司 Method, terminal and safe chip for guaranteeing critical data safety
CN102123027A (en) * 2011-03-15 2011-07-13 钱袋网(北京)信息技术有限公司 Information security processing method and mobile terminal

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003006168A (en) * 2001-06-25 2003-01-10 Ntt Docomo Inc Method for authenticating mobile terminal and mobile terminal
CN1822013A (en) * 2006-03-14 2006-08-23 上海一维科技有限公司 Finger print biological identifying engine system and its identifying method based on credible platform module
CN101000703A (en) * 2006-11-30 2007-07-18 上海麦柯信息技术有限公司 Electronic payment terminal capable of ensuring confidentiality and integrity of information transmission
JP4656458B1 (en) * 2009-11-09 2011-03-23 Necインフロンティア株式会社 Handy terminal and payment method by handy terminal
CN102147662A (en) * 2011-03-14 2011-08-10 张龙其 Input terminal with keyboard and encryption module

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1893713A (en) * 2005-07-05 2007-01-10 索尼爱立信移动通信日本株式会社 Mobile terminal device, program and method for biometric encrypted personal identification number
CN101236591A (en) * 2007-01-31 2008-08-06 联想(北京)有限公司 Method, terminal and safe chip for guaranteeing critical data safety
CN102123027A (en) * 2011-03-15 2011-07-13 钱袋网(北京)信息技术有限公司 Information security processing method and mobile terminal

Also Published As

Publication number Publication date
CN102419805A (en) 2012-04-18

Similar Documents

Publication Publication Date Title
CN102419805B (en) Terminal equipment and method for encrypting user information
Nyang et al. Keylogging-resistant visual authentication protocols
Sabzevar et al. Universal multi-factor authentication using graphical passwords
US10938792B2 (en) Layered encryption for end to end communication
WO2018133686A1 (en) Method and device for password protection, and storage medium
US8700908B2 (en) System and method for managing secure information within a hybrid portable computing device
CN108769027B (en) Secure communication method, device, mobile terminal and storage medium
CN106464488A (en) Information transmission method and mobile device
CN113420309B (en) Lightweight data protection system based on national secret algorithm
CN103905188B (en) Utilize the method and intelligent cipher key equipment of intelligent cipher key equipment generation dynamic password
CN105812332A (en) Data protection method
CN103763091B (en) A kind of application program encryption and decryption method and encryption, decryption device
CN104331653A (en) Fingerprint decryption method and fingerprint decryption device
CN103929306A (en) Intelligent secret key device and information management method of intelligent secret key device
WO2018205456A1 (en) Password input method, computer device, and storage medium
CN105005731A (en) Data encryption and decryption methods and mobile terminal
CN106100850A (en) Intelligent and safe chip signing messages transmission method based on Quick Response Code and system
CN110084054A (en) A kind of data privacy device, method, electronic equipment and storage medium
CN104468937A (en) Data encryption and decryption methods and devices for mobile terminal and protection system
CN110771190A (en) Controlling access to data
CN105761066A (en) Bank card password protection method and system
CN103036681A (en) Password safety keyboard device and system
CN105426727B (en) Fingerprint decryption method and mobile terminal
CN104144174B (en) Protect method, user equipment and the server of privacy of user data
CN104915583A (en) Interface decryption processing method and mobile terminal

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20201229

Address after: 251700 He Fang Xiang Liu Yao Huo Cun, Huimin County, Binzhou City, Shandong Province

Patentee after: Shandong Huimin Jinxiu Textile Co.,Ltd.

Address before: 518057 Ministry of justice, Zhongxing building, South Science and technology road, Nanshan District hi tech Industrial Park, Shenzhen, Guangdong

Patentee before: ZTE Corp.

TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20220301

Address after: 315400 building e, No. 959, Chengxin Road, Panhuo street, Yinzhou District, Ningbo City, Zhejiang Province

Patentee after: Ningbo youth excellent product sharing technology Co.,Ltd.

Address before: 251700 He Fang Xiang Liu Yao Huo Cun, Huimin County, Binzhou City, Shandong Province

Patentee before: Shandong Huimin Jinxiu Textile Co.,Ltd.

TR01 Transfer of patent right