CN106506158B - A kind of encryption method and system based on whitepack - Google Patents

Abstract

The invention discloses a kind of encryption method and system based on whitepack, method include the character that the application terminal S100 obtains user's input, and character and whitepack seed are carried out encrypted combination according to preset character Encryption Algorithm and preset acquisition order, obtain combination pin；Combination pin is carried out cryptographic calculation according to preset cipher encryption algorithm by the application terminal S200, obtains encrypted cipher text；The encrypted cipher text is decrypted S300 server, obtains user preset password.In the present invention, software simulating keyboard is clicked or touched by mouse, obtains the character of user's input, whitepack cryptographic technique is applied on the code keyboard of application terminal, the character that user inputs first separately is encrypted, then whole encryption, can prevent Brute Force from obtaining password well.

Description

A kind of encryption method and system based on whitepack

Technical field

The present invention relates to information security fields, more particularly to a kind of encryption method and system based on whitepack.

Background technique

In recent years, with the development of mobile Internet, intelligent terminal, big data, cloud computing etc., mobile Internet is from one kind The environment of change of technique for people's lives.The implementation of system is flowed freely with securities account, security are opened an account, trade, serviced Link has realized networking.The mobile trend of internet finance is increasingly deep in securities industry, and more and more investors are logical The mobile terminals such as mobile phone, tablet computer are crossed to trade.Middle card association data show that last year stock trader's operational line accounting continues to mention Rise, accounting of opening an account on the net by 2014 50% be increased to 2015 92%；Online transaction number accounting by 2014 79. 28% is increased to 84 in 2015.43%.These are opened an account on the net in web transaction data, and almost ninety percent from mobile terminal Internet behavior.Large-scale financial institution, third party's on-line payment website become the main object of phishing, these counterfeit nets of hacker Standing or forge shopping website inveigles user to log in and trade, and user account password is stolen, to cause user's economic loss.Mobile phone The development of terminal traffic proposes challenge to the security reliability that it is traded, right especially for the privacy protection of customer information Information is stolen in process of exchange, is all the huge challenge that we face.

In the prior art, stock exchange platform is mostly used in mobile phone terminal at present: user name+static password+Digital verification code As login mode, by increasing the safety of account or password using soft keyboard, soft keyboard is by software simulating keyboard It is the password of wooden horse record keyboard input in order to prevent, generally in some banks by mouse click or touch-screen input character Website on require input account number and the place of password to be readily seen that.But existing software simulating keyboard safety is not enough Height, still remains the risks such as data decryptor, data cutout, and when transaction directly inputs password and trades, and still remains safety Risk is highly prone to hit the attack such as library, phishing, and user is easily stolen when inputting trading password, brings pole to user Huge economic loss, therefore it is badly in need of a kind of input safety for guaranteeing trading password based on the safety approach of mobile terminal.

Summary of the invention

The present invention provides a kind of encryption method and system based on whitepack, the purpose is to encrypt password one by one, then Using whitepack algorithm for encryption password, encryption seed leakage in transmission is prevented.

Technical solution provided by the invention is as follows:

A kind of encryption method based on whitepack, comprising steps of

The application terminal S100 obtains the character of user's input, and the character and whitepack seed are encrypted according to preset character Algorithm and preset acquisition order carry out encrypted combination, obtain combination pin；Application terminal described in S200 is by the combination pin Cryptographic calculation is carried out according to preset cipher encryption algorithm, obtains encrypted cipher text；S300 server carries out the encrypted cipher text Decryption, obtains the user preset password.

In the present invention, pass through a kind of whitepack cryptographic technique (encryption technology that algorithm secret key is fused in algorithm) safety Keyboard is protected, keyboard can be the physical keyboard that computer uses, the software simulating keyboard being also possible on application terminal.Using end Software simulating keyboard on end is clicked by mouse or touch screen, obtains the character of user's input, and the character of input is passed through word The double-encryption of Encryption Algorithm and cipher encryption algorithm is accorded with, obtained ciphertext is sent to server, can prevent wooden horse from recording key The password of disk input or illegal user carry out data decryptor, data cutout, to greatly ensure user's economic security.This In the operation times of character Encryption Algorithm and the operation times of cipher encryption algorithm be at least once.Whitepack cryptographic technique is used In can be very good to prevent Brute Force on the code keyboard of application terminal.The character that the present invention inputs user first separately adds Close, then whole encryption can prevent that (dump function is backup file, will be entire in particular moment by memory dump well The some portion of content record of storage device or storage device is in another storage device) attack acquisition password.Here whitepack kind Son is used to the one-to-one character string of indication plug unit ID, is stored encrypted in plug-in unit.

Further, the step S100 is comprising steps of application terminal described in S110 is obtained according to preset acquisition order The character of user's input；Application terminal described in S120 obtains the user related information of itself, and according to the user related information In conjunction with generating random number character string；Application terminal described in S130 carries out the character string described in encryption generation according to whitepack algorithm Whitepack seed；The character that application terminal described in S140 will acquire is according to the preset character Encryption Algorithm, in conjunction with described Whitepack seed, one-to-one carry out operation, obtains encrypted characters；Application terminal described in S150 will be obtained according to preset acquisition order The encrypted characters arranged, obtain the combination pin；

Wherein, the user related information include user's phone number information, it is identity information, any one in address information Kind is a variety of, and the random number is generated by the application terminal and the server sync.

In the present invention, according to time sequencing, the character of user's input is obtained, according to character Encryption Algorithm to collected word Symbol and the whitepack seed generated are encrypted one by one, accordingly even when illegal user is encrypted according to the mode for hitting library or fishing Treated combination pin, but illegal user cannot learn how whitepack seed generates, if illegal user basis The combination pin of acquisition is logged in, and due to combination pin ≠ user preset password, causes illegal user cannot be by illegally obtaining The combination pin obtained carries out Account Logon, transaction payment, greatly protects the economic security and personal secrets of user.Wherein give birth to It can be any one or more in international Encryption Algorithm or domestic Encryption Algorithm at the algorithm that whitepack seed uses.Generation group Close password algorithm be XOR operation or symmetry algorithm etc. any one can inverse calculation.

Further, the step S200 is comprising steps of application terminal described in S210 obtains the hardware relevant information of itself, Encryption key is generated according to the hardware relevant information combination challenge code；Application terminal described in S220 is according to preset password encryption The combination pin is carried out cryptographic calculation and obtains encrypted cipher text by algorithm in conjunction with the encryption key；Application terminal described in S230 The encrypted cipher text is sent to the server；

Wherein, the hardware relevant information includes screen parameter, size, material, memory size, external memory capacity, CPU Any one or more in energy, camera pixel, terminal models, application terminal IMEI, application terminal MAC Address, it is described to choose Code of fighting is generated by the server and/or the application terminal.

It is close to combining using cipher encryption algorithm for information such as the account passwords that further ensures user in the present invention Code is encrypted to obtain encrypted cipher text, and encrypted cipher text is transferred to server by application terminal, wherein generates the mode of encryption key It is that the hash algorithms such as SM3, MD5 carry out obtaining for operation, it is well known that SM3 is one-way hash function, cannot be released from result Challenge code and user's hardware information, accordingly even when illegal user is in transmission process, by hit library in the way of or exhaustion side Any back door such as formula obtains encrypted cipher text, crack user using which kind of algorithm and encryption key, but cannot The hardware relevant information for knowing user, protects the information security of user.Due to that cannot know random number, and then it cannot know user Password causes illegal user that cannot carry out account by ill-gotten combination pin due to combination pin ≠ user preset password Family login, transaction payment, greatly protect the economic security and personal secrets of user.Clients different simultaneously uses different Algorithm, make algorithm crack difficulty increase, greatly protect the economic security and personal secrets of user.

Further, the step S300 is obtained comprising steps of the encrypted cipher text is decrypted in server described in S310 To certification combination pin；Whether certification combination pin and the combination pin described in server authentication described in S320 are consistent, if Execute step S330；Otherwise, step S360 is executed；Server described in S330 is a pair of according to the preset character Encryption Algorithm One progress operation obtains decryption character, and the decryption character is arranged according to the preset acquisition order, obtains user and recognizes Demonstrate,prove password；Whether user authentication password described in server authentication described in S340 and the user preset password are consistent, if executing Step S350；Otherwise, step S360 is executed；The output of server described in S350 obtains the user preset password successful information； The output of server described in S360 obtains the user preset password failure information.

In the present invention, because illegal user cannot know that random number, random number only have server and user to know according to assorted What algorithm obtained, therefore even if illegal user, legitimate user is forged according to illegal ways such as exhaustions and learns encrypted cipher text, in turn Obtain combination pin camouflage legitimate user want to log in, but cannot know the pre-set character Encryption Algorithm of user with And the random number generated, it cannot know whitepack seed, it is suitable further according to the time since whitepack seed and user password carry out operation Sequence combination just obtains combination pin, even if illegal user obtains combination pin, but cannot be extrapolated according to combination pin User preset password, i.e. combination pin ≠ user preset password are illegally stepped on when to not can be carried out transferring account with mobile phone and payment transaction The account of land legitimate user greatly protects the economic security and personal secrets of user.

Further, comprising steps of server described in S400 is pre- according to the user of acquisition after the step S360 If password successful information, the user preset password is saved；Server described in S500 is pre- according to the user of acquisition If password failure information, alarm prompt is issued to the application terminal；Application terminal described in S510 is mentioned according to the alarm Show information, judges whether to need to re-execute password encryption certification, if executing step S100；Otherwise, step S520 is executed； Application terminal described in S520 releases contacting between server.

In the present invention, password is inputted if it is legitimate user, then server obtains certification group according to a series of operation Password is closed, verifying is consistent with the password that user has been saved in advance, then server can judge that user passes through password Certification.The password of mistake is accidentally had input if it is legitimate user, then application terminal issues alarm prompt, legal use Family judges whether it is oneself input error, if it is can so re-enter password, carries out cipher authentication again.If it is Illegal user has input combination pin, but illegal user cannot obtain user preset password according to the combination pin inverse operation, Therefore application terminal issues alarm prompt, and legitimate user judges whether it is oneself input error, if not so applying Terminal releases contacting between server, such as the application software such as wechat or Alipay freeze user account, avoid Criminal may take advantage of the occasion to get information in mobile-phone payment treasured or wechat, cause the loss of legitimate user.

Further, comprising steps of S010 presets the character Encryption Algorithm, described close before the step S100 Code encryption algorithm, the acquisition order；Wherein, the character Encryption Algorithm and the cipher encryption algorithm are all made of symmetrical calculation Method；The acquisition order is the time sequencing or time backward of user inputs character.

In the present invention, before the server and the application terminal carry out data communication, user is practical according to itself Situation is arranged character Encryption Algorithm, cipher encryption algorithm and acquisition order, and algorithm includes International Algorithmic and domestic algorithm, such as DES algorithm, TDEA algorithm, Blowfish algorithm, RC5 algorithm, SM serial algorithm.In this way, different users uses different calculations Method and different acquisition orders make algorithm crack difficulty increase, increase safety.

The password encryption system based on whitepack that the present invention also provides a kind of, comprising: application terminal and server；The application Terminal and the server communication connection；

The application terminal obtains the character of user's input, the character and whitepack seed is added according to preset character Close algorithm and preset acquisition order carry out encrypted combination, obtain combination pin；The application terminal, by the combination pin root Cryptographic calculation is carried out according to preset cipher encryption algorithm, obtains encrypted cipher text；The server, server is by the encrypted cipher text It is decrypted, obtains the user preset password.

In the present invention, the software simulating keyboard on application terminal is clicked by mouse or touch screen, software simulation here Keypad character includes numerical character and alphabetic character, and wherein keypad character is that random alignment occurs, and prevents wooden horse from passing through in this way The input point of record screen steals input information, and after the character for obtaining user's input, the character of input is calculated by character encryption The double-encryption of method and cipher encryption algorithm, obtained ciphertext are sent to server, as encrypted transmission, have effectively taken precautions against keyboard The risks such as hook, data decryptor, data cutout, to greatly ensure user's economic security.Here character Encryption Algorithm The operation times of operation times and cipher encryption algorithm are at least once.

Further, the application terminal includes: to obtain module, whitepack seed generation module, the first encrypting module and group Mold block；The acquisition module and the whitepack seed generation module communication connection；The whitepack seed generation module with it is described First encrypting module communication connection；First encrypting module and the composite module communication connection；

The acquisition module obtains the character of user's input according to preset acquisition order；And obtain the application terminal The user related information of itself；

The whitepack seed generation module, according to the user related information combination generating random number character string；And according to The character string is carried out encryption and generates the whitepack seed by whitepack algorithm；First encrypting module, the word that will acquire Symbol is according to the preset character Encryption Algorithm, and in conjunction with the whitepack seed, one-to-one carry out operation obtains encrypted characters；Institute Composite module is stated, the encrypted characters of acquisition are arranged according to preset acquisition order, obtain the combination pin；

Wherein, the user related information include user's phone number information, it is identity information, any one in address information Kind is a variety of, and the random number is generated by the application terminal and the server sync.

In the present invention, the algorithm that generation whitepack seed uses can be times in international Encryption Algorithm or domestic Encryption Algorithm It anticipates one or more.Generate combination pin algorithm be XOR operation or symmetry algorithm etc. any one can inverse calculation. The character of user's input is obtained, it is suitable according to the time according to character Encryption Algorithm to the whitepack seed of collected character and generation Sequence one encrypts one one by one, accordingly even when after illegal user obtains encryption according to the mode for hitting library or fishing Combination pin, but illegal user cannot learn how whitepack seed generates, if illegal user is only according to acquisition Combination pin is logged in, and due to combination pin ≠ user preset password, causes illegal user cannot be by ill-gotten group It closes password and carries out Account Logon, transaction payment, the character that user inputs first separately is encrypted, then whole encryption, it can be well It prevents from attacking by memory dump file and obtains password, increase the economic security and personal secrets of user.

Further, the application terminal further include: whitepack key production module, the second encrypting module and sending module； The whitepack key production module is connect with the acquisition module communication；Second encrypting module and the whitepack key generate Module communication connection；The sending module and the second encrypting module communication connection；

The acquisition module also obtains the hardware relevant information of the application terminal；The whitepack key production module, root Encryption key is generated according to the hardware relevant information combination challenge code；Second encrypting module, according to preset password encryption The combination pin is carried out cryptographic calculation and obtains encrypted cipher text by algorithm in conjunction with the encryption key；The sending module, will The encrypted cipher text is sent to the server；

In the present invention, hardware relevant information includes screen parameter, size, material, memory size, external memory capacity, CPU Any one or more in energy, camera pixel, terminal models, application terminal IMEI, application terminal MAC Address.Wherein, it is The information such as the further account password for ensureing user, encrypt legal encrypted characters using cipher encryption algorithm and are added Encrypted cipher text is transferred to server by ciphertext, application terminal, accordingly even when illegal user is in transmission process, using hitting library Any back door such as mode or the mode of exhaustion cracks user using which kind of algorithm and encryption key, but cannot obtain Know the moment random number, and then cannot know combination pin, thus by way of double-encryption safety protect combination Password, and different user uses different algorithms in different clients, and algorithm is made to crack difficulty increase.Lead to illegal user Cannot by ill-gotten user password carry out Account Logon, transaction payment, greatly protect user economic security and Personal secrets.Wherein, the mode for generating encryption key is that the hash algorithms such as SM3, MD5 carry out obtaining for operation, it is well known that SM3 is one-way hash function, and challenge code and user's hardware information cannot be released from result, protects the information security of user significantly.

Further, the server includes: deciphering module, judgment module and control module；The deciphering module and institute State sending module communication connection；The judgment module and the deciphering module communication connection；The control module and the judgement Module communication connection；

The deciphering module is decrypted according to encrypted cipher text described in the decryption round key pair, and it is close to obtain certification combination Code；The authentication module, verifies the certification combination pin and whether the combination pin is consistent；The control module, also when Authenticate combination pin it is consistent with the combination pin when, according to the whitepack seed, in conjunction with the preset character Encryption Algorithm, One-to-one progress operation obtains decryption character, and the decryption character is arranged according to the preset acquisition order, is used Family authentication password；The control module, also when authenticating combination pin and the combination pin is inconsistent, output obtains the use Family preset password failure information；Whether the authentication module also verifies the user authentication password and the user preset password Unanimously；The control module, also when the user authentication password is consistent with the user preset password, output obtains the use Family preset password successful information；The control module, also when the user authentication password and the user preset password are inconsistent When, output obtains the user preset password failure information.

In the present invention, because illegal user can not get random number, even from the illegal ways such as exhaustion puppet It makes legitimate user and obtains the encrypted cipher text that user is transferred to server in cryptographic authentication process, carry out camouflage legitimate user and step on Record, but cannot know the random number of the pre-set character Encryption Algorithm of user and generation, and then cannot know whitepack Seed just obtains combination pin further according to time sequencing combination, even if illegally since whitepack seed and user password carry out operation User obtains combination pin, but user preset password cannot be extrapolated according to combination pin, i.e., due to obtaining in this way Combination pin ≠ user preset password, thus cannot carry out transferring account with mobile phone and when payment transaction successful log legitimate user account Family greatly protects the economic security and personal secrets of user.

Further, the server further include: preserving module and alarm module；The preserving module and the control mould Block communication connection；The alarm module and the control module communication connection；

The application terminal further includes judgment module and management module, and the judgment module and alarm module communication connect It connects；The management module and the judgment module communication connection；

The preserving module, according to the user preset password successful information of acquisition, by the user preset password into Row saves；The alarm module issues alarm prompt to described according to the user preset password failure information of acquisition Application terminal；The judgment module judges whether to need to re-execute password encryption certification according to the alarm prompt； The management module re-enters password and carries out password encryption verification process when needing to re-execute cryptographic process；Institute Management module is stated, when not needing to re-execute cryptographic process, releases contacting between server.

In the present invention, correct password is had input if it is legitimate user, then server is obtained according to a series of operation To user preset password, verifying is consistent with the password that user has been saved in advance, then server can judge user Pass through cipher authentication.The password of mistake is accidentally had input if it is legitimate user, then application terminal issues alarm prompt letter Breath, legitimate user judges whether it is oneself input error, if it is can so re-enter password, carries out password again and recognizes Card.Combination pin is obtained according to back door if it is illegal user and is inputted, but illegal user is unable to inverse operation and is used Family preset password, can only obtain combination pin, and due to combination pin ≠ user preset password, application terminal issues alarm and mentions Show information, legitimate user judges whether it is oneself input error, releases between server if not so application terminal Connection, such as the application software such as wechat or Alipay freeze user account, avoid some criminals that from may taking advantage of the occasion in hand Information is got in machine Alipay or wechat, causes the loss of legitimate user.

Further, the application terminal further include: setup module, the setup module and the acquisition module communication connect It connects；The setup module presets character Encryption Algorithm, cipher encryption algorithm and acquisition order；Wherein, the character encryption Algorithm and the cipher encryption algorithm are all made of symmetry algorithm；The acquisition order be user inputs character time sequencing or when Between backward.

In the present invention, before the server and the application terminal carry out data communication, user is practical according to itself Character Encryption Algorithm, cipher encryption algorithm and acquisition order is arranged in situation, in this way, different users can be according to their own needs Using different algorithmic rules, so that algorithm is cracked difficulty increase, increase safety.

Compared with prior art, the present invention provides a kind of encryption method and system based on whitepack, at least brings with next Kind technical effect:

1, whitepack cryptographic technique is applied to can be very good to prevent Brute Force on the code keyboard of application terminal.

2, the character that user inputs first separately is encrypted, then whole encryption, can prevent from attacking by cache file well Hit acquisition password.

3, different users uses different algorithmic rules, so that algorithm is cracked difficulty increase, increases safety.

Detailed description of the invention

Below by clearly understandable mode, preferred embodiment is described with reference to the drawings, to a kind of encryption based on whitepack Characteristic, technical characteristic, advantage and its implementation of method and system are further described.

Fig. 1 is a kind of flow chart of encryption method one embodiment based on whitepack of the present invention；

Fig. 2 is a kind of flow chart of encryption method another embodiment based on whitepack of the present invention；

Fig. 3 is a kind of flow chart of encryption method another embodiment based on whitepack of the present invention；

Fig. 4 is a kind of structure chart of password encryption system one embodiment based on whitepack of the present invention；

Fig. 5 is a kind of structure chart of password encryption system another embodiment based on whitepack of the present invention；

Fig. 6 is a kind of structure chart of password encryption system another embodiment based on whitepack of the present invention；

Fig. 7 is a kind of flow chart of encryption method another embodiment based on whitepack of the present invention；

Fig. 8 is a kind of structure chart of encryption method another embodiment based on whitepack of the present invention.

Specific embodiment

In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, Detailed description of the invention will be compareed below A specific embodiment of the invention.It should be evident that drawings in the following description are only some embodiments of the invention, for For those of ordinary skill in the art, without creative efforts, it can also be obtained according to these attached drawings other Attached drawing, and obtain other embodiments.

To make simplified form, part related to the present invention is only schematically shown in each figure, they are not represented Its practical structures as product.In addition, there is identical structure or function in some figures so that simplified form is easy to understand Component only symbolically depicts one of those, or has only marked one of those.Herein, "one" is not only indicated " only this ", can also indicate the situation of " more than one ".

Shown in referring to Fig.1, the present invention provides a kind of one embodiment of encryption method based on whitepack, comprising:

The application terminal S100 obtains the character of user's input, and the character and whitepack seed are encrypted according to preset character Algorithm and preset acquisition order carry out encrypted combination, obtain combination pin；

The combination pin is carried out cryptographic calculation according to preset cipher encryption algorithm by application terminal described in S200, is obtained Encrypted cipher text；

The encrypted cipher text is decrypted S300 server, obtains the user preset password.

Specifically, in the present embodiment, keypad character includes numerical character and alphabetic character, and keypad character is with symbol picture Display.Software simulating keyboard on application terminal is clicked by mouse or touch screen, the character of user's input is obtained, by input Double-encryption of the character Jing Guo character Encryption Algorithm and cipher encryption algorithm, obtained ciphertext are sent to server, can prevent Wooden horse records the password of keyboard input or illegal user carries out data decryptor, data cutout, to greatly ensure user Economic security.Here the operation times of character Encryption Algorithm and the operation times of cipher encryption algorithm are at least once.By whitepack Cryptographic technique applies to can be very good to prevent Brute Force on the code keyboard of application terminal.The word that the present invention inputs user Symbol first separately encrypts, then whole encryption, can prevent from attacking acquisition password by memory dump well.

Referring to shown in Fig. 2, the present invention provides a kind of another embodiment of encryption method based on whitepack, comprising:

Application terminal described in S110 obtains the character of user's input according to preset acquisition order；

Application terminal described in S120 obtains the user related information of itself, and is combined at random according to the user related information Number generates character string；

The character string is carried out encryption according to whitepack algorithm and generates the whitepack seed by application terminal described in S130；

The character that application terminal described in S140 will acquire is according to the preset character Encryption Algorithm, in conjunction with described white Box seed, one-to-one carry out operation, obtains encrypted characters；

Application terminal described in S150 arranges the encrypted characters of acquisition according to preset acquisition order, obtains institute State combination pin；

Application terminal described in S210 obtains the hardware relevant information of itself, according to the hardware relevant information combination challenge code Generate encryption key；

Application terminal described in S220 according to preset cipher encryption algorithm by the combination pin, it is close in conjunction with the encryption Key carries out cryptographic calculation and obtains encrypted cipher text；

The encrypted cipher text is sent to the server by application terminal described in S230；

The encrypted cipher text is decrypted in server described in S310, obtains certification combination pin；

Whether certification combination pin and the combination pin described in server authentication described in S320 are consistent, if executing step S330；Otherwise, step S360 is executed；

For server described in S330 according to the preset character Encryption Algorithm, one-to-one progress operation obtains decryption character, And arrange the decryption character according to the preset acquisition order, obtain user authentication password；

Whether user authentication password described in server authentication described in S340 and the user preset password are consistent, if executing Step S350；Otherwise, step S360 is executed；

The output of server described in S350 obtains the user preset password successful information；

The output of server described in S360 obtains the user preset password failure information.

In the present embodiment, user related information includes user's phone number information, identity information, appointing in address information It anticipates one or more.Hardware relevant information includes screen parameter, size, material, memory size, external memory capacity, cpu performance, takes the photograph As any one or more in head portrait element, terminal models, application terminal IMEI, application terminal MAC Address.

Specifically, in the present embodiment, wherein generating the algorithm that whitepack seed uses can be international Encryption Algorithm or state Any one or more in interior Encryption Algorithm.

Generate combination pin algorithm be XOR operation or symmetry algorithm etc. any one can inverse calculation.

The algorithm for generating encryption key is that the hash algorithms such as SM3, MD5 carry out operation and obtain, it is well known that SM3 is One-way hash function cannot release challenge code and user's hardware information from result.

The algorithm for generating encrypted cipher text is according to the symmetrical reversible algorithm such as SM4, DES.

In the present embodiment, according to chronological order, the character of user's input is obtained, according to character Encryption Algorithm to adopting The symmetry operation that the character collected and the whitepack seed of generation carry out even-times encrypts one by one, such as carries out the exclusive or fortune of even-times It calculates, illustrates below: if according to the user related information of user itself the such as birthday 0216, when user needs to input password When being verified, the algorithm that server and mobile phone terminal are selected all in accordance with user generates identical random number at random, which is 1567, user information 0216 and generating random number character string 02161567, pre-set whitepack algorithm is for example by Serial No. 0123456789 one-to-one correspondence is converted to whitepack ID -8639701524, this is mutually converted to character string 0123456789 8639701524 method is a kind of whitepack algorithm that user selects in advance.The whitepack algorithm so selected in advance according to user is raw It is 58616714 at whitepack seed, the binary system of whitepack seed 58616714 is expressed as 0101,1000,0110,0001, 0110,0111,0001,0100.So user inputs password 41382165, and user inputs the binary system difference of password 41382165 It is expressed as 0100,0001,0011,1000,0010,0001,0110,0101.The two of password and whitepack seed that user is inputted System carries out XOR operation, i.e. 0100 ⊕ 0101=1001,0001 ⊕ 1000=1001 ... ... according to one-to-one respectively one by one, 0101 ⊕ 0100=1001, being expressed as the encrypted characters that hexadecimal obtains is respectively 9,9,9,9,8,8,7,9 according to user The combination pin that the chronological order of input 41382165 obtains is exactly 99998879.Here server is according to application terminal It is close to carry out operation generation encryption for the challenge code that the type information and server of hardware relevant information such as user mobile phone generate Combination pin 99998879 is encrypted to obtain encrypted cipher text according to encryption key in this way by key, and application terminal is by encrypted cipher text It is sent to server, the encrypted cipher text that then server will obtain is carried out according to the matched decruption key of encryption key Decryption obtains combination pin, and combination pin progress inverse operation is further obtained the preset password 41382165 of user's input.This In because the random number of algorithm and generation that server is used with application terminal is consistent, random number be by application terminal and Server is generated according to identical algorithm and identical trigger condition, therefore the random number one that server and application terminal generate It causes, but issues process between the random number server generated and application terminal and without transmission, so in transmission process Illegal user cannot obtain random number, and then cannot obtain whitepack seed.Since whitepack seed is transported with user password It calculates, combination pin is just obtained further according to time sequencing combination, even if illegal user obtains combination pin, but cannot basis Combination pin extrapolates user preset password, i.e., therefore only and the application terminal of server binding and server know that the two makes Algorithm and random number.Accordingly even when according to the mode for hitting library or fishing to obtain the encryption after encryption close by illegal user Text, but illegal user cannot obtain whitepack seed, therefore even if combination pin be obtained by way of Brute Force 99998879, but the pre-set user password of user's input cannot be obtained according to combination pin backstepping operation, i.e., because combining close Code ≠ user preset password leads to illegal user not if illegal user only logs according to the combination pin illegally obtained Account Logon, transaction payment can be illegally carried out, the economic security and personal secrets of user are greatly protected.Wherein, it generates and adds The mode of key is that the hash algorithms such as SM3, MD5 carry out obtaining for operation, it is well known that SM3 is one-way hash function, no Challenge code and user's hardware information can be released from result, accordingly even when illegal user is in transmission process, by hit library in the way of Or any back door such as mode of exhaustion obtains encrypted cipher text, carries out cracking user using which kind of algorithm and encrypt close Key, but cannot know the hardware relevant information of user, protect the information security of user.Meanwhile different clients uses Different algorithms makes algorithm crack difficulty increase, and challenge code can be server generation, is also possible to application terminal generation, but It is the challenge code generally generated by application terminal such as mobile phone, randomness is not high, and is easy to be cut when to server transport It takes, safety is not high, preferentially generates challenge code using server here, and challenge code can be according to time factor and/or event The factor generates.In this way illegal user cannot carry out transferring account with mobile phone and when payment transaction successful log legitimate user account, Greatly protect the economic security and personal secrets of user.

For array:

1. taking hardware ID, mobile phone IMEI code can be taken in the present embodiment.

2. taking current time information T, unit is millisecond.

3. calculating EK (H (ID)+EK (T))；

3.1 wherein, and the unidirectional hash function H (ID) of the safety calculated first by hash algorithm computing hardware ID leads to Encryption Algorithm encryption times information EK (T) is crossed, H (ID) and EK (T) is re-encrypted to get to EK (H (ID)+EK (T)), result is turned Turn to a several r1 between 0-9；

3.2 take the number a1 that the position r1 is arranged in 0-9 ordered series of numbers (10 numbers in keypad character)；

3.3 wherein 0-9 ordered series of numbers remove a1, remain 9 numbers, continue the 3.2nd step, as a result switch to the number r2 between 0-8, then again Access column (9 numbers) are arranged in the number of the position r2, are continued with this.

4. can be taken off sequence: a1, a2, a3 ....

Citing, it is assumed that the sequence that above-mentioned steps obtain is digital random sequence: 412357698, then it represents that, the 4th number Keypad character puts the 1st, and the 1st numeric keypad character puts the 2nd ..., and the 8th numeric keypad character puts the 9th.To count The keypad character random alignment of word.

For alphanumeric arrangement: same array first takes the number between 0-25, then successively takes 26 times, such as letter Random sequence: 23213145310 ..., then it represents that the 23rd alphabetic keypad character puts the 1st, the 2nd alphabetic keypad character picture Put the 2nd ..., therefore not to repeat here.

It is given birth at random by Encryption Algorithm such as SOTP algorithm, DES, 3DES, RC2, RC4, IDEA, RSA, SM series application terminal At random number, SOTP algorithm has disclosed in 201410532214.3 patent of application number.

Referring to shown in Fig. 3, the present invention provides a kind of another embodiment of encryption method based on whitepack, comprising:

S010 presets the character Encryption Algorithm, the cipher encryption algorithm, the acquisition order；

The application terminal S100 obtains the character of user's input, and the character and whitepack seed are encrypted according to preset character Algorithm and preset acquisition order carry out encrypted combination, obtain combination pin；

The combination pin is carried out cryptographic calculation according to preset cipher encryption algorithm by application terminal described in S200, is obtained Encrypted cipher text；

The encrypted cipher text is decrypted in server described in S310, obtains certification combination pin；

Whether certification combination pin and the combination pin described in server authentication described in S320 are consistent, if executing step S330；Otherwise, step S360 is executed；

For server described in S330 according to the preset character Encryption Algorithm, one-to-one progress operation obtains decryption character, And arrange the decryption character according to the preset acquisition order, obtain user authentication password；

Whether user authentication password described in server authentication described in S340 and the user preset password are consistent, if executing Step S350；Otherwise, step S360 is executed；

The output of server described in S350 obtains the user preset password successful information；

The output of server described in S360 obtains the user preset password failure information；

Server described in S400 according to the user preset password successful information of acquisition, by the user preset password into Row saves；

Server described in S500 issues alarm prompt to institute according to the user preset password failure information of acquisition State application terminal；

Application terminal described in S510 judges whether that needing to re-execute password encryption recognizes according to the alarm prompt Card, if executing step S100；Otherwise, step S520 is executed；

Application terminal described in S520 releases contacting between server.

Specifically, in the present embodiment, before the server and the application terminal carry out data communication, Yong Hugen According to own actual situation setting character Encryption Algorithm, cipher encryption algorithm and acquisition order, in this way, different users is using different Algorithmic rule, make algorithm crack difficulty increase, increase safety.Correct password is had input if it is legitimate user, then Server obtains user preset password according to a series of operation, and verifying is consistent with the password that user has been saved in advance, So server can judge that user passes through cipher authentication.The password of mistake is accidentally had input if it is legitimate user, that Application terminal issues alarm prompt, and legitimate user judges whether it is oneself input error, if it is can so weigh New input password, carries out cipher authentication again.Combination pin is had input if it is illegal user, but illegal user cannot basis The combination pin inverse operation obtains user preset password, therefore application terminal issues alarm prompt, and legitimate user's judgement is No is oneself input error, releases contacting between server, such as wechat or payment if not so application terminal The application software such as treasured freeze user account, and by the relation broken between application software and server, subsequent user can again again The relationship of binding between the two, being effectively prevented from some criminals may take advantage of the occasion to obtain in mobile-phone payment treasured or wechat To information, the loss of legitimate user is caused.Before the server and the application terminal carry out data communication, user according to Character Encryption Algorithm, cipher encryption algorithm and acquisition order is arranged in own actual situation, and algorithm includes International Algorithmic and domestic calculation Method, such as DES algorithm, TDEA algorithm, Blowfish algorithm, RC5 algorithm, SM serial algorithm.In this way, different users is not using Same algorithm and different acquisition orders make algorithm crack difficulty increase, increase safety.

Referring to shown in Fig. 4, the present invention provides a kind of one embodiment of password encryption system 1000 based on whitepack, packet It includes:

Application terminal 1100 and server 1200；The application terminal 1100 and 1200 communication connection of server；

The application terminal 1100 obtains the character of user's input, by the character and whitepack seed according to preset word It accords with Encryption Algorithm and preset acquisition order carries out encrypted combination, obtain combination pin；

The combination pin is carried out cryptographic calculation according to preset cipher encryption algorithm, obtained by the application terminal 1100 To encrypted cipher text；

The server 1200, the encrypted cipher text is decrypted, and obtains the user preset password.

In the present invention, the software simulating keyboard on application terminal 1100 is clicked by mouse or touch screen, software here Simulating keyboard character includes numerical character and alphabetic character, and wherein keypad character is that random alignment occurs, and prevents wooden horse in this way Input point by recording screen steals input information, and after the character for obtaining user's input, the character of input is added by character The double-encryption of close algorithm and cipher encryption algorithm, obtained ciphertext are sent to server 1200, as encrypted transmission, effectively anti- The risks such as model keyboard hook, data decryptor, data cutout, to greatly ensure user's economic security.Here character adds The operation times of close algorithm and the operation times of cipher encryption algorithm are at least once.

Referring to Figure 5, the present invention provides a kind of another embodiment of password encryption system 1000 based on whitepack, institute Stating application terminal 1100 includes: to obtain module 1110, whitepack seed generation module 1120, the first encrypting module 1130, combination die Block 1140, whitepack key production module 1150, the second encrypting module 1160 and sending module 1170；

The acquisition module 1110 and 1120 communication connection of whitepack seed generation module；The whitepack seed generates mould Block 1120 and 1130 communication connection of the first encrypting module；First encrypting module 1130 and the composite module 1140 are logical News connection；；The whitepack key production module 1150 and 1110 communication connection of acquisition module；Second encrypting module 1160 with 1150 communication connection of whitepack key production module；The sending module 1170 and second encrypting module 1160 Communication connection；

The server 1200 includes: deciphering module 1210, judgment module 1180 and control module 1230；The decryption mould Block 1210 and 1170 communication connection of sending module；The judgment module 1180 and 1210 communication connection of deciphering module； The control module 1230 and 1180 communication connection of judgment module；

The acquisition module 1110 obtains the character of user's input according to preset acquisition order；And obtain the application The user related information of terminal 1100 itself；

The whitepack seed generation module 1120, according to the user related information combination generating random number character string；And The character string is subjected to encryption according to whitepack algorithm and generates the whitepack seed；

First encrypting module 1130, the character that will acquire according to the preset character Encryption Algorithm, in conjunction with The whitepack seed, one-to-one carry out operation, obtains encrypted characters；

The encrypted characters of acquisition are arranged according to preset acquisition order, are obtained by the composite module 1140 The combination pin；

The acquisition module 1110, also obtains the hardware relevant information of the application terminal 1100；

The whitepack key production module 1150 generates encryption key according to the hardware relevant information combination challenge code；

Second encrypting module 1160 adds according to preset cipher encryption algorithm by the combination pin in conjunction with described Key carries out cryptographic calculation and obtains encrypted cipher text；

The encrypted cipher text is sent to the server 1200 by the sending module 1170；

The deciphering module 1210 is decrypted according to encrypted cipher text described in the decryption round key pair, obtains certification group Close password；

The authentication module 1220, verifies the certification combination pin and whether the combination pin is consistent；

The control module 1230, also when certification combination pin is consistent with the combination pin, according to described preset Character Encryption Algorithm, one-to-one progress operation obtain decryption character, and the decryption character is suitable according to the preset acquisition Sequence arrangement, obtains user authentication password；

The control module 1230, also when authenticating combination pin and the combination pin is inconsistent, described in output acquisition User preset password failure information；

The authentication module 1220, also verifies the user authentication password and whether the user preset password is consistent；

The control module 1230, also when the user authentication password is consistent with the user preset password, output is obtained Obtain the user preset password successful information；

The control module 1230, also when the user authentication password and the user preset password are inconsistent, output Obtain the user preset password failure information.

Specifically, in the embodiment of the present invention, such as according to chronological order, the character of user's input is obtained, according to word Symbol Encryption Algorithm encrypts collected character and the whitepack seed of generation one by one, wherein in order to further ensure user The information such as account password, legal encrypted characters are encrypted using cipher encryption algorithm to obtain encrypted cipher text, application terminal Encrypted cipher text is transferred to server 1200 by 1100, accordingly even when illegal user is in transmission process, by hit library in the way of or Any back doors such as the mode of person's exhaustion crack acquisition encrypted cipher text, but cannot know random number and then cannot know use Family preset password, safe protects user preset password, while different clients uses different algorithms, cracks algorithm Difficulty increases, and further protects combination pin.Even if illegal user very it is severe obtain encryption after encrypted cipher text from And crack encrypted cipher text and obtain combination pin, but wherein generate whitepack seed use algorithm can be international Encryption Algorithm or Any one or more in domestic Encryption Algorithm.The algorithm for generating combination pin is that XOR operation or symmetry algorithm etc. are any One kind can inverse calculation.The algorithm used and random only both is known with the application terminal of server binding and server Number, i.e., only they know the whitepack seed used, accordingly even when illegal user is added according to the mode for hitting library or fishing Close treated encrypted cipher text, but illegal user cannot obtain whitepack seed, therefore even if be obtained by way of Brute Force To combination pin, but the user preset password of user's input, illegal user's root cannot be obtained according to combination pin backstepping operation It is logged according to the combination pin of acquisition, i.e., because of combination pin ≠ user preset password, causes illegal user cannot be by non- The user password that method obtains carries out Account Logon, transaction payment, greatly protects the economic security and personal secrets of user.

Wherein, the user related information include user's phone number information, it is identity information, any one in address information Kind is a variety of, and the random number is generated by the application terminal and the server sync.Hardware relevant information includes screen ginseng Number, size, material, memory size, external memory capacity, cpu performance, camera pixel, terminal models, application terminal IMEI, application Any one or more in terminal MAC address.

Referring to shown in Fig. 6, the present invention provides a kind of another embodiment of password encryption system 1000 based on whitepack, institute State server 1200 further include: preserving module 1250 and alarm module 1260；The preserving module 1250 and the control module 1230 communication connections；The alarm module 1260 and 1230 communication connection of control module；It also wraps the application terminal 1100 Include judgment module 1180 and management module 1190, the judgment module 1180 and 1260 communication connection of alarm module；It is described Management module 1190 and 1180 communication connection of judgment module；

The preserving module 1250, it is according to the user preset password successful information of acquisition, the user preset is close Code is saved；

The alarm module 1260 issues alarm prompt according to the user preset password failure information of acquisition To the application terminal 1100；

The judgment module 1180 judges whether that needing to re-execute password encryption recognizes according to the alarm prompt Card；

The management module 1190 is re-entered password progress password and is added when needing to re-execute cryptographic process Close verification process；

The management module 1190 releases between server 1200 when not needing to re-execute cryptographic process Connection；

The further application terminal 1100 further include: setup module 1101, the setup module 1101 are obtained with described Modulus block communication connection；

The setup module 1101, presets character Encryption Algorithm, cipher encryption algorithm and acquisition order；

Wherein, the character Encryption Algorithm and the cipher encryption algorithm are all made of symmetry algorithm；The acquisition order is The time sequencing or time backward of user inputs character.

In the present invention, before the server 1200 carries out data communication with the application terminal 1100, user according to Character Encryption Algorithm, cipher encryption algorithm and acquisition order is arranged in own actual situation, and algorithm includes International Algorithmic and domestic calculation Method, such as DES algorithm, TDEA algorithm, Blowfish algorithm, RC5 algorithm, SM serial algorithm.In this way, different users is not using Same algorithm and different acquisition orders make algorithm crack difficulty increase, increase safety.It is had input just if it is legitimate user True password, then server 1200 obtains user preset password according to a series of operation, verifying has been protected in advance with user The password deposited is consistent, then server 1200 can judge that user passes through cipher authentication.It is not small if it is legitimate user The heart has input the password of mistake, then application terminal 1100 issues alarm prompt, legitimate user judges whether it is that oneself is defeated Enter mistake, if it is can so re-enter password, carries out cipher authentication again.Combination is had input if it is illegal user Password, but illegal user cannot obtain user preset password according to the combination pin inverse operation, therefore application terminal 1100 is sent out Alarm prompt out, legitimate user judge whether it is oneself input error, if not so application terminal 1100 release with Connection between server 1200, such as the application software such as wechat or Alipay freeze user account, avoid some illegal points Son may take advantage of the occasion to get information in mobile-phone payment treasured or wechat, cause the loss of legitimate user.

Referring to shown in Fig. 7, the present invention provides an a kind of example of encryption method based on whitepack, comprising:

1, wherein simple bit arithmetic, such as stream encryption: by the first character of the first character of user's input and seed Exclusive or is accorded with, when input second character and second character exclusive or of whitepack seed, and so on；

2, the rule of combined ciphering character is the sequence inputted according to user；

3, the generation of whitepack seed is some information such as cell-phone number of 100 information of mobile phone and user that are passed to according to user Deng one character string of generating random number that combining cipher card generates, then according to the whitepack mother algorithm for encryption text string generation one The whitepack seed of a fixation；

4, the generation of whitepack key is that the hardware information of the challenge code and mobile phone 100 that are generated according to server is close using whitepack The encryption interface ciphering of code technology generates the seed that an encryption key is encrypted as SM4；

5, refer to the server 200 of distal end from the background.

In the present embodiment, present invention mainly solves general safety keyboards to be easy by Malware interception, decryption.Base It is as shown in Figure 7 and Figure 8 in the code keyboard process of whitepack cryptographic technique invention, the character that the keyboard on the screen of application terminal generates Type is random, and the position that character occurs is random, can prevent wooden horse from stealing input information by recording the input point of screen in this way. Since the system keyboard of mobile phone 100 is easy to monitor stealing passwords by the external world, the system keyboard provided currently on the market uses public affairs more The Encryption Algorithm opened, and the generation of encryption seed is generally generated by mobile phone 100, randomness is not high, and passes to server 200 It is easy to be intercepted when defeated, safety is not high, and the present invention uses whitepack algorithm, and safe protects seed, while different clients End uses different algorithms, and algorithm is made to crack difficulty increase.Code keyboard is integrated in bank mobile phone 100APP, hand is being carried out Machine 100 calls the code keyboard to carry out Password Input verifying when transferring accounts with payment transaction.Whitepack cryptographic technique is applied to move It can be very good to prevent Brute Force on the code keyboard at end.Integrally encryption is anti-well after the number that user inputs separately is encrypted Only 100 memory dump of mobile phone attack obtains password.The password that user inputs is encrypted one by one, obtains group according to chronological order Encrypted characters are closed, whitepack algorithm for encryption password is then used, prevent encryption seed leakage in transmission.It certainly, here include still Be not limited to XOR operation, as long as symmetrically can inverse operation, then only needing calculation times is that even-times is just able to carry out backstepping and goes out The user preset password of user's input.

It should be noted that above-described embodiment can be freely combined as needed.The above is only of the invention preferred Embodiment, it is noted that for those skilled in the art, in the premise for not departing from the principle of the invention Under, several improvements and modifications can also be made, these modifications and embellishments should also be considered as the scope of protection of the present invention.

Claims (12)

1. a kind of encryption method based on whitepack, which is characterized in that comprising steps of

The application terminal S100 obtains the character of user's input；

The character that application terminal described in S140 will acquire is a pair of in conjunction with whitepack seed according to preset character Encryption Algorithm One carries out operation, obtains encrypted characters；

Application terminal described in S150 arranges the encrypted characters of acquisition according to preset acquisition order, obtains combining close Code；

The combination pin is carried out cryptographic calculation according to preset cipher encryption algorithm by application terminal described in S200, is encrypted Ciphertext；

The encrypted cipher text is decrypted S300 server, obtains user preset password.

2. the encryption method according to claim 1 based on whitepack, which is characterized in that the step S100 comprising steps of

Application terminal described in S110 obtains the character of user's input according to preset acquisition order；

After the step S110, before S140 comprising steps of

Application terminal described in S120 obtains the user related information of itself, and raw according to the user related information combination random number At character string；

The character string is carried out encryption according to whitepack algorithm and generates the whitepack seed by application terminal described in S130；

Wherein, the user related information include user's phone number information, identity information, in address information any one or A variety of, the random number is generated by the application terminal and the server sync.

3. the encryption method according to claim 1 based on whitepack, which is characterized in that the step S200 comprising steps of

Application terminal described in S210 obtains the hardware relevant information of itself, is generated according to the hardware relevant information combination challenge code Encryption key；

Application terminal described in S220 according to preset cipher encryption algorithm by the combination pin, in conjunction with the encryption key, into Row cryptographic calculation obtains encrypted cipher text；

The encrypted cipher text is sent to the server by application terminal described in S230；

Wherein, the hardware relevant information includes screen parameter, size, material, memory size, external memory capacity, cpu performance, takes the photograph As any one or more in head portrait element, terminal models, application terminal IMEI, application terminal MAC Address, the challenge code by The server and/or the application terminal generate.

4. the encryption method according to claim 1 based on whitepack, which is characterized in that the step S300 comprising steps of

The encrypted cipher text is decrypted in server described in S310, obtains certification combination pin；

Whether certification combination pin and the combination pin described in server authentication described in S320 are consistent, if executing step S330；Otherwise, step S360 is executed；

For server described in S330 according to the preset character Encryption Algorithm, one-to-one progress operation obtains decryption character, and will The decryption character is arranged according to the preset acquisition order, obtains user authentication password；

Whether user authentication password described in server authentication described in S340 and the user preset password are consistent, if executing step S350；Otherwise, step S360 is executed；

The output of server described in S350 obtains the user preset password successful information；

The output of server described in S360 obtains the user preset password failure information.

5. the encryption method according to claim 4 based on whitepack, which is characterized in that include step after the step S360 It is rapid:

Server described in S400 protects the user preset password according to the user preset password successful information of acquisition It deposits；

Server described in S500 issues alarm prompt and answers to described according to the user preset password failure information of acquisition Use terminal；

Application terminal described in S510 judges whether that needing to re-execute password encryption authenticates according to the alarm prompt, if It is to execute step S100；Otherwise, step S520 is executed；

Application terminal described in S520 releases contacting between server.

6. -5 any encryption method based on whitepack according to claim 1, which is characterized in that before the step S100 Comprising steps of

S010 presets the character Encryption Algorithm, the cipher encryption algorithm, the acquisition order；

Wherein, the character Encryption Algorithm and the cipher encryption algorithm are all made of symmetry algorithm；The acquisition order is user Input the time sequencing or time backward of character.

7. a kind of password encryption system based on whitepack characterized by comprising application terminal and server；The application is eventually End and the server communication connection；

The application terminal obtains the character of user's input, and the character that will acquire is according to preset character Encryption Algorithm, knot Whitepack seed is closed, one-to-one carry out operation obtains encrypted characters, according to preset acquisition order by the encrypted characters of acquisition It is arranged, obtains combination pin；

The combination pin is carried out cryptographic calculation according to preset cipher encryption algorithm, obtains encrypting close by the application terminal Text；

The encrypted cipher text is decrypted for the server, server, obtains user preset password.

8. the password encryption system according to claim 7 based on whitepack, which is characterized in that the application terminal includes: Obtain module, whitepack seed generation module, the first encrypting module and composite module；The acquisition module and the whitepack seed are raw It is connected at module communication；The whitepack seed generation module and the first encrypting module communication connection；The first encryption mould Block and the composite module communication connection；

The acquisition module obtains the character of user's input according to preset acquisition order；And obtain the application terminal itself User related information；

The whitepack seed generation module, according to the user related information combination generating random number character string；And according to whitepack The character string is carried out encryption and generates the whitepack seed by algorithm；

First encrypting module, the character that will acquire is according to the preset character Encryption Algorithm, in conjunction with the whitepack Seed, one-to-one carry out operation, obtains encrypted characters；

The encrypted characters of acquisition are arranged according to preset acquisition order, obtain the combination by the composite module Password；

Wherein, the user related information include user's phone number information, identity information, in address information any one or A variety of, the random number is generated by the application terminal and the server sync.

9. the password encryption system according to claim 8 based on whitepack, which is characterized in that also wrap the application terminal It includes: whitepack key production module, the second encrypting module and sending module；The whitepack key production module and the acquisition module Communication connection；Second encrypting module and the whitepack key production module communication connection；The sending module and described the Two encrypting module communication connections；

The acquisition module also obtains the hardware relevant information of the application terminal；

The whitepack key production module generates encryption key according to the hardware relevant information combination challenge code；

Second encrypting module, according to preset cipher encryption algorithm by the combination pin, in conjunction with the encryption key, into Row cryptographic calculation obtains encrypted cipher text；

The encrypted cipher text is sent to the server by the sending module；

Wherein, the hardware relevant information includes screen parameter, size, material, memory size, external memory capacity, cpu performance, takes the photograph As any one or more in head portrait element, terminal models, application terminal IMEI, application terminal MAC Address, the challenge code by The server and/or the application terminal generate.

10. the password encryption system according to claim 9 based on whitepack, which is characterized in that the server includes: solution Close module, authentication module and control module；The deciphering module and the sending module communication connection；The authentication module and institute State deciphering module communication connection；The control module and the authentication module communication connection；

The encrypted cipher text is decrypted in the deciphering module, obtains certification combination pin；

The authentication module, verifies the certification combination pin and whether the combination pin is consistent；

The control module encrypts also when certification combination pin is consistent with the combination pin according to the preset character Algorithm, one-to-one progress operation obtains decryption character, and the decryption character is arranged according to the preset acquisition order, obtains To user authentication password；

The control module, also when authenticating combination pin and the combination pin is inconsistent, output obtains the user preset Password failure information；

The authentication module, also verifies the user authentication password and whether the user preset password is consistent；

The control module, also when the user authentication password is consistent with the user preset password, output obtains the use Family preset password successful information；

The control module, also when the user authentication password and the user preset password are inconsistent, described in output acquisition User preset password failure information.

11. the password encryption system according to claim 10 based on whitepack, which is characterized in that the server also wraps It includes: preserving module and alarm module；The preserving module and the control module communication connection；The alarm module and the control Molding block communication connection；

The application terminal further includes judgment module and management module, the judgment module and the alarm module communication connection； The management module and the judgment module communication connection；

The preserving module protects the user preset password according to the user preset password successful information of acquisition It deposits；

The alarm module issues alarm prompt and answers to described according to the user preset password failure information of acquisition Use terminal；

The judgment module judges whether to need to re-execute password encryption certification according to the alarm prompt；

The management module is re-entered password progress password encryption and was authenticated when needing to re-execute cryptographic process Journey；

The management module releases contacting between server when not needing to re-execute cryptographic process.

12. according to any password encryption system based on whitepack of claim 8-11, which is characterized in that the application is eventually End further include: setup module, the setup module are connect with the acquisition module communication；

The setup module presets character Encryption Algorithm, cipher encryption algorithm and acquisition order；

Wherein, the character Encryption Algorithm and the cipher encryption algorithm are all made of symmetry algorithm；The acquisition order is user Input the time sequencing or time backward of character.