[go: up one dir, main page]

CN108599944A - A kind of identifying code short message transparent encryption method based on handset identities - Google Patents

A kind of identifying code short message transparent encryption method based on handset identities Download PDF

Info

Publication number
CN108599944A
CN108599944A CN201810417920.1A CN201810417920A CN108599944A CN 108599944 A CN108599944 A CN 108599944A CN 201810417920 A CN201810417920 A CN 201810417920A CN 108599944 A CN108599944 A CN 108599944A
Authority
CN
China
Prior art keywords
user
identifying code
mobile phone
short message
identity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810417920.1A
Other languages
Chinese (zh)
Inventor
彭长根
刘波涛
吴睿雪
谢明明
丁红发
李雪松
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guizhou University
Original Assignee
Guizhou University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guizhou University filed Critical Guizhou University
Priority to CN201810417920.1A priority Critical patent/CN108599944A/en
Publication of CN108599944A publication Critical patent/CN108599944A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/12Messaging; Mailboxes; Announcements
    • H04W4/14Short messaging services, e.g. short message services [SMS] or unstructured supplementary service data [USSD]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses the identifying code short message transparent encryption methods based on handset identities, and the method comprising the steps of, and user is sent by website or APP and obtains identifying code request first;It accesses after server acquisition user's request of quotient, generates random verification code;The server triggers module request trusted party PKG of quotient is accessed, operation will be encrypted to generating ground identifying code;User mobile phone is sent to short message mode for encrypted identifying code, mobile phone terminal trigger module asks PKG, PKG certification users to return to corresponding user by safe lane according to user identifier identity text string generation private key, and by private key;User mobile phone opens short message application, and trigger module will be stored in encrypted identifying code short message in mobile phone and be decrypted automatically;User fills in the verification code information of decryption on webpage, or directly replicates, pastes in APP applications;On webpage or APP applies the identifying code filled in the middle to be proved to be successful, then verifies digital content after deleting decryption immediately.The identifying code short message transparent encryption method based on handset identities with technology in realization, have the advantages that safety and efficient, good user experience with it is at low cost.

Description

一种基于手机身份的验证码短信透明加密方法A method for transparent encryption of verification code text messages based on mobile phone identity

技术领域technical field

本发明涉及一种基于手机身份的验证码短信透明加密方法与技术,属于信息安全领域。The invention relates to a mobile phone identity-based verification code short message transparent encryption method and technology, belonging to the field of information security.

背景技术Background technique

手机验证码短信是通过发送短信方式,将验证码信息传到用户手机。目前大型网站都使用手机验证码短信功能;通过手机验证码保护交易安全性,验证用户的正确性。某些验证码接入商提供手机短信验证码服务,各网站通过接口发送请求到接入商的服务器,服务器发送随机数字或字母到手机中,由接入商的服务器统一做验证码的验证。Mobile phone verification code SMS is to transmit the verification code information to the user's mobile phone by sending a text message. At present, large websites all use the mobile phone verification code SMS function; the mobile phone verification code is used to protect the transaction security and verify the correctness of the user. Some verification code access providers provide mobile phone SMS verification code services. Each website sends a request to the access provider's server through the interface, and the server sends random numbers or letters to the mobile phone, and the access provider's server uniformly performs verification code verification.

手机验证码短信已经成为我们生活的一部分,为我们提供方便的同时也存在一定的安全风险。如今,几乎每个人的手机号都绑定了各种账号,例如支付宝、微信及各种银行卡等重要的账号,这些账号是跟个人资金财产息息相关。然而,这些账号绑定手机号码,主要作用是无外乎是通过短信进行二次验证。另外,利用短信验证码验证来注册会员,大大降低了非法注册、烂注册的数据。最近出现一种语音验证码,但语音验证码相比短信验证码,用户体验不是很好,需要用户进行记忆;而在手机APP上填写验证码时,验证码短信可以直接复制、粘贴操作。手机验证码短信验证方式具有成本低,简单便捷的优点,从而这种方式被广泛使用,并且将来手机验证码短信也是不会褪去历史舞台。但与此同时,人们也为其安全性而担忧。Mobile phone verification code text messages have become a part of our lives, and while providing us with convenience, there are also certain security risks. Nowadays, almost everyone's mobile phone number is bound to various accounts, such as Alipay, WeChat and various bank cards and other important accounts, which are closely related to personal funds and properties. However, these accounts are bound to mobile phone numbers, and the main function is nothing more than secondary verification through SMS. In addition, using SMS verification code verification to register members greatly reduces the data of illegal registration and bad registration. Recently, a voice verification code has appeared, but compared with SMS verification codes, the user experience of voice verification codes is not very good, and users need to memorize them; when filling in the verification code on the mobile APP, the verification code text message can be directly copied and pasted. The mobile phone verification code text message verification method has the advantages of low cost, simplicity and convenience, so this method is widely used, and the mobile phone verification code text message will not fade away from the stage of history in the future. But at the same time, people are also worried about its safety.

手机短信验证正在遭遇什么样的威胁呢:What kind of threat is SMS verification facing?

情形一,在智能手机的时代,手机短信验证方式受到最大的威胁,就是来自于智能手机平台上的木马链接,让用户在不知情的情况下下载安装木马,当木马安装在手机之内就会将用户的涉及财产的应用账号密码重置,并拦截短信验证码,实现重置用户的账号。并且像这类的木马由于编写实现简单,早已形成一个非常完整的产业链,所以木马成了手机短信验证码最大的威胁。Scenario 1: In the era of smartphones, the biggest threat to SMS verification is the Trojan link on the smartphone platform, allowing users to download and install the Trojan without knowing it. When the Trojan is installed in the phone, it will Reset the user's application account password related to property, and intercept the SMS verification code to reset the user's account. And this kind of Trojan horse has already formed a very complete industrial chain because of its simple writing and implementation, so Trojan horses have become the biggest threat to mobile phone SMS verification codes.

情形二,通过无线电监听,利用伪基站对用户手机进行监听。这样的方式通过监听空中短信,也包括GSM监听,获取短信内容然后进行盗窃活动,这种方法可以与短信木马相辅相成,又能单独作案。In the second case, the user's mobile phone is monitored by using a pseudo base station through radio monitoring. In this way, by listening to short messages in the air, including GSM monitoring, to obtain the content of short messages and then carry out theft activities, this method can complement each other with SMS Trojan horses, and can also commit crimes alone.

情形三,通过补卡、克隆卡得到一个与用户相同的手机号,来接收用户的验证码短信,重置用户的各种账号,然后盗窃财产。由于现在手机号码都需要进行实名制,然而这一类的威胁相比前两种情况,危害性小很多。Scenario 3: Get a mobile phone number identical to the user’s by making up the card or cloning the card to receive the user’s verification code text message, reset the user’s various accounts, and then steal property. Since all mobile phone numbers now require real-name registration, this type of threat is much less harmful than the previous two cases.

基于身份加密体制的思想在1984年就由Shamir提出,此后基于身份的密码体制得到了广泛的发展与应用。基于身份的密码体制也是一种公钥密码体制,不过这种体制直接利用用户的唯一身份标志(用户邮箱等等)作为公钥,不需要使用一堆无意义的数字组作为公钥了,相对于传统的PKI技术,从而不采用数字证书,使得用户使用和后台管理都很简单,有着广泛的应用场景。The idea of identity-based encryption system was proposed by Shamir in 1984. Since then, identity-based encryption system has been widely developed and applied. The identity-based cryptosystem is also a public key cryptosystem, but this system directly uses the user's unique identity (user mailbox, etc.) as the public key instead of using a bunch of meaningless numbers as the public key. Compared with traditional PKI technology, digital certificates are not used, which makes user use and background management very simple, and has a wide range of application scenarios.

透明加解密技术是一种保护重要信息技术,在保护过程中,相对于用户终端是透明的、不会改变用户习惯。当重要信息或者文档保存在设备硬盘上是已经加密过得,称为密文,这个系统对那些没有加密的信息或者文档进行自动加密;而在内存当中,打开或者编辑时,系统是自动进行解密,称为明文。Transparent encryption and decryption technology is a technology for protecting important information. During the protection process, it is transparent to user terminals and will not change user habits. When important information or documents are saved on the hard disk of the device, they are encrypted, called ciphertext, and this system automatically encrypts those unencrypted information or documents; while in the memory, when opening or editing, the system automatically decrypts , called plaintext.

由于目前手机短信验证码加密方法与技术当中,采用验证码运算处理,或者是调用混淆加密算法进行加固验证码操作,而对验证码解密或解固时需要进行手动操作;这些原因影响了移动设备的用户体验,并且有的方法实现验证码短信加解密时没有做到用户身份认证等等不足。Due to the current mobile phone text message verification code encryption method and technology, the verification code operation is used, or the obfuscated encryption algorithm is used to strengthen the verification code operation, and manual operation is required to decrypt or unharden the verification code; these reasons affect mobile devices. The user experience is better, and some methods do not achieve user identity authentication and other deficiencies when implementing verification code SMS encryption and decryption.

发明内容Contents of the invention

本发明要解决的技术问题是:解决现有手机验证码短信应用当中遇到地安全问题的威胁:手机木马和无线电监听,以及目前手机验证码短信加解密方法没有做用户身份认证与用户体验不好等问题。The technical problem to be solved by the present invention is: to solve the threat of safety problems encountered in the application of the existing mobile phone verification code text messages: mobile phone Trojans and radio monitoring, and the current mobile phone verification code text message encryption and decryption method does not do user identity authentication and user experience is not good Waiting for the question.

本发明的技术方案是:一种基于手机身份的验证码短信透明加密方法,包括以下步骤:步骤1:首先用户通过网站或者APP发送获取验证码请求;步骤2:接入商的服务器获得用户请求之后,生成随机验证码,并将验证码保存在数据库当中;步骤3:在接入商服务器的触发模块中,向可信中心PKG 请求系统公开参数,接着利用可信中心PKG返回的系统公开参数结合用户标识身份字符串进行转换、计算得到公钥,最后利用公钥对生成的验证码进行加密操作;步骤4:对于加密过的验证码以短信方式发送到用户手机,手机端的触发模块检测到短信时,向可信中心PKG 发起请求,验证身份,可信中心PKG将用户标识身份字符串进行转换,结合系统保留参数计算出私钥,并将私钥通过安全信道返回给对应用户;步骤5:用户打开短信应用,自动调用手机端的触发模块,触发模块利用获得私钥进行对加密过的验证码自动解密;步骤6:用户将验证码的真实信息在网页上填写,或者直接复制、粘贴到APP应用中;步骤7:在网页上或者APP应用当中填写的验证码验证成功,则立即删除解密后验证码内容。所述步骤3当中身份的密码体制加密算法与步骤5身份的密码体制解密算法是基于身份的密码体制方案加密算法与解密算法;身份的密码体制方案由系统建立(Setup)、私钥提取(KeyGen)、加密(Encrypt)及解密(Decrypt)四个算法构成。The technical solution of the present invention is: a method for transparently encrypting short messages with verification codes based on mobile phone identity, including the following steps: Step 1: first, the user sends a request for obtaining the verification code through the website or APP; Step 2: the server of the access provider obtains the user request After that, generate a random verification code and save the verification code in the database; Step 3: In the trigger module of the access provider server, request the system public parameters from the trusted center PKG, and then use the system public parameters returned by the trusted center PKG Convert and calculate the public key in combination with the user identification string, and finally use the public key to encrypt the generated verification code; Step 4: Send the encrypted verification code to the user's mobile phone as a text message, and the trigger module on the mobile phone detects When sending a text message, initiate a request to the trusted center PKG to verify the identity. The trusted center PKG converts the user identification string, calculates the private key based on the system reserved parameters, and returns the private key to the corresponding user through a secure channel; step 5 : The user opens the SMS application, automatically invokes the trigger module on the mobile phone, and the trigger module uses the obtained private key to automatically decrypt the encrypted verification code; Step 6: The user fills in the real information of the verification code on the web page, or directly copies and pastes it to In the APP application; Step 7: If the verification code filled in on the webpage or in the APP application is successfully verified, the content of the decrypted verification code will be deleted immediately. The cryptosystem encryption algorithm of the identity in step 3 and the cryptosystem decryption algorithm of the identity in step 5 are the encryption algorithm and decryption algorithm of the cryptosystem scheme based on the identity; the cryptosystem scheme of the identity is established by the system (Setup), private key extraction (KeyGen ), encryption (Encrypt) and decryption (Decrypt) four algorithms.

所述步骤3和步骤4当中的可信中心PKG是基于身份的密码体制方案系统建立算法(Setup)与密钥提取算法(KeyGen);系统建立算法是生成系统参数,而密钥提取算法是产生用户私钥。可信中心PKG为加密过程中提供系统公开参数以及为解密过程中提供用户私钥与系统公开参数。The trusted center PKG in steps 3 and 4 is an identity-based cryptosystem scheme system establishment algorithm (Setup) and key extraction algorithm (KeyGen); the system establishment algorithm is to generate system parameters, and the key extraction algorithm is to generate User private key. The trusted center PKG provides system public parameters for the encryption process and user private key and system public parameters for the decryption process.

本发明的有益效果:本发明涉及一种基于手机身份的验证码短信透明加密方法与技术。这种方法与技术将服务器生成的验证码进行加密处理,然后将加密的验证码以短信形式进行传送到用户手机。在用户手机端应用中进行自动解密,让用户直接复制、粘贴解密验证码进行填写。对于木马而言,验证码短信内容已被加密了,从而无法识别到验证码内容,导致木马攻击失效。应对无线电监听,主要包括GSM监听,包括监听空中短信,直接获取短信内容,从而获取验证码内容。由于验证码在发送前,已经被加密,在传输过程当中是以密文形式进行传送,即使验证码短信被截获,从而攻击者也无法知道验证码内容,也是没有任何意义。对于SIM进行补卡和克隆的攻击,办理一张受害者同样的手机号码,来接收验证码短信,因为验证码是被加密,而解密是需要用户认证的私钥,而攻击者无法获得认证私钥,保证了验证码安全。Beneficial effects of the present invention: the present invention relates to a method and technology for transparently encrypting verification code short messages based on mobile phone identity. This method and technology encrypts the verification code generated by the server, and then transmits the encrypted verification code to the mobile phone of the user in the form of a short message. Automatic decryption is performed in the application on the user's mobile phone, allowing the user to directly copy and paste the decryption verification code to fill in. For the Trojan horse, the verification code text message content has been encrypted, so that the content of the verification code cannot be recognized, resulting in the failure of the Trojan horse attack. To deal with radio monitoring, it mainly includes GSM monitoring, including monitoring air short messages, and directly obtains the content of the short message, so as to obtain the content of the verification code. Since the verification code has been encrypted before sending, it is transmitted in cipher text during the transmission process, even if the verification code text message is intercepted, the attacker cannot know the content of the verification code, and it is meaningless. For SIM card replacement and cloning attacks, apply for a victim’s same mobile phone number to receive verification code text messages, because the verification code is encrypted, and decryption requires the private key for user authentication, and the attacker cannot obtain the authentication private key. key to ensure the security of the verification code.

方案中利用了基于身份的密码体制,相对于传统的PKI技术,从而不采用数字证书,用户使用方便及后台管理简单,并且安全性及效率高、成本低。对于验证码短信解密操作时,用户打开短信应用,利用透明实现技术,自动将保存在手机内加密的验证码短信进行解密操作,这种方式保证了验证码信息的安全,同时具有很好的用户体验。The scheme uses an identity-based cryptographic system. Compared with the traditional PKI technology, digital certificates are not used, and the user is convenient to use and the background management is simple, and the security and efficiency are high, and the cost is low. For the verification code SMS decryption operation, the user opens the SMS application, and uses the transparent implementation technology to automatically decrypt the encrypted verification code text message stored in the mobile phone. This method ensures the security of the verification code information and has a good user experience. experience.

附图说明Description of drawings

图1为本发明所述一种基于手机身份的验证码短信透明加密方法与技术流程图;Fig. 1 is a kind of mobile phone identity-based verification code short message transparent encryption method and technical flow chart of the present invention;

图2为本发明所述基于身份的密码体制方案运算过程图。Fig. 2 is a diagram of the operation process of the identity-based cryptosystem scheme of the present invention.

具体实施方式Detailed ways

下面结合附图和实施例对本发明做进一步的说明。The present invention will be further described below in conjunction with the accompanying drawings and embodiments.

一种基于手机身份的验证码短信透明加密方法与技术,设计一种基于身份的密码体制对手机验证码短信进行加密及透明实现方案,该方案如图1所示。A method and technology for transparent encryption of verification code text messages based on mobile phone identity. An identity-based cryptographic system is designed to encrypt and transparently implement mobile phone verification code text messages, as shown in Figure 1.

基于身份的密码体制方案由四个步骤组成:系统建立(Setup)、私钥提取(KeyGen)、加密(Encrypt)及解密(Decrypt)基于身份的密码体制方案对手机验证码短信加解密运算过程如图2所示。The identity-based cryptosystem scheme consists of four steps: system establishment (Setup), private key extraction (KeyGen), encryption (Encrypt) and decryption (Decrypt). Figure 2 shows.

用户在网站或者APP应用上填写自己的手机号码,点击“获取验证码”按钮,用户发送获取验证码请求。接入商服务器获得用户请求之后,生成随机验证码,并将验证码保存在数据库中。在接入商服务器的触发模块中,向可信中心PKG 请求系统公开参数,接着利用可信中心PKG返回的系统公开参数结合用户标识身份字符串电话号码进行转换、计算得到公钥,最后利用公钥对生成的验证码进行加密操;在加密算法(Encrypt)操作当中,输入一个k位的验证码信息M、用户电话号码标识身份字符串ID、随机数r及系统公开参数(PK、PK与MSK的点乘积),输出验证码密文数据;其中加密过程需要的系统公开参数来自于可信中心PKG(Private Key Generator)的系统建立算法(Setup)运算结果,用户电话号码标识身份字符串电话号码ID、随机数r及PK与MSK的点乘积是用来计算用户加密公钥。对于加密过的验证码以短信方式发送到用户手机,手机端的触发模块检测到短信时,向可信中心PKG 发起请求,验证身份,验证成功之后,可信中心PKG将用户标识身份字符串电话号码ID经过私钥提取算法(KeyGen)计算出用户私钥,并将私钥通过安全信道返回给对应用户。在PKG操作当中进行系统建立(Setup)与私钥提取(KeyGen)两个算法运算。系统建立算法(Setup),输入一个安全参数S,经过计算输出系统公开参数PK与主密钥MSK;其中系统参数PK是对外进行公布,而主密钥MSK是秘密保存,称为系统保留参数。私钥提取算法(KeyGen),输入用户标识身份字符串电话号码ID及主密钥MSK,计算输出用户私钥。在解密算法(Decrypt)操作当中,用户打开手机短信应用,自动调用手机端的触发模块,触发模块利用获得用户私钥自动将保存在手机内加密的验证码短信进行解密,解密后将验证码的真实信息呈现用户眼前。在解密实现操作当中,透明技术的体现是通过修改系统函数库入口点,使得系统操作指向新的自定义应用程序,找到这个应用程序当中Open函数符号存在动态链接库,在Open函数操作进行的时候,将加密过的验证码短信解密到手机内存中,并将该内存的验证码短信标识符返回;其中解密算法需要的公开系统参数PK与随机数r。用户得到解密的验证码的真实信息在网页上填写,或者直接复制、粘贴到APP应用中进行验证,在网页上或者APP应用当中填写的验证码验证成功,则立即删除解密后验证码内容。The user fills in his mobile phone number on the website or APP, clicks the "Get Verification Code" button, and the user sends a request to obtain the verification code. After obtaining the user request, the access provider server generates a random verification code and stores the verification code in the database. In the trigger module of the access provider server, request the system public parameters to the trusted center PKG, then use the system public parameters returned by the trusted center PKG combined with the user identification string phone number to convert and calculate the public key, and finally use the public key Encrypt the generated verification code with the key pair; in the encryption algorithm (Encrypt) operation, input a k-bit verification code information M, user phone number identification identity string ID, random number r and system public parameters (PK, PK and The dot product of MSK) to output the verification code ciphertext data; the system public parameters required for the encryption process come from the calculation result of the system establishment algorithm (Setup) of the trusted center PKG (Private Key Generator), and the user's phone number identifies the identity string phone The number ID, random number r and the dot product of PK and MSK are used to calculate the user's encryption public key. The encrypted verification code is sent to the user's mobile phone as a text message. When the trigger module on the mobile phone detects the text message, it initiates a request to the trusted center PKG to verify the identity. After the verification is successful, the trusted center PKG sends the user's identity string phone number ID calculates the user's private key through the private key extraction algorithm (KeyGen), and returns the private key to the corresponding user through a secure channel. In the PKG operation, two algorithm operations are performed: system establishment (Setup) and private key extraction (KeyGen). The system establishes an algorithm (Setup), inputs a security parameter S, and outputs the system public parameter PK and master key MSK after calculation; the system parameter PK is announced to the outside world, and the master key MSK is kept secret, called system reserved parameters. Private key extraction algorithm (KeyGen), input user identification identity string phone number ID and master key MSK, calculate and output user private key. In the decryption algorithm (Decrypt) operation, the user opens the SMS application on the mobile phone and automatically invokes the trigger module on the mobile phone. The trigger module uses the user's private key to automatically decrypt the encrypted verification code SMS stored in the mobile phone. After decryption, the authenticity of the verification code is information presented to the user. In the decryption implementation operation, the embodiment of transparency technology is to modify the entry point of the system function library, so that the system operation points to a new custom application program, find that the Open function symbol in this application program exists in the dynamic link library, and when the Open function operation is performed , decrypt the encrypted verification code text message into the mobile phone memory, and return the verification code text message identifier in the memory; the public system parameter PK and the random number r required by the decryption algorithm. The user can fill in the real information of the decrypted verification code on the webpage, or directly copy and paste it into the APP for verification. If the verification code filled in on the webpage or in the APP is successfully verified, the content of the decrypted verification code will be deleted immediately.

以上结合具体实施例对本发明进行了详细的说明,这些并非构成对发明的限制。在不脱离本发明原理的情况下,本领域的技术人员还可以作出许多变形和改进,这些也应属于本发明的保护范围。The present invention has been described in detail above in conjunction with specific embodiments, which are not intended to limit the invention. Without departing from the principles of the present invention, those skilled in the art can make many modifications and improvements, which should also belong to the protection scope of the present invention.

Claims (3)

1. a kind of identifying code short message transparent encryption method based on handset identities, it is characterised in that:Include the following steps:Step 1: User is sent by website or APP and obtains identifying code request first;Step 2:The server of access quotient obtains user and asks it Afterwards, random verification code is generated, and identifying code is stored in database;Step 3:In the trigger module of access quotient's server In, parameter is disclosed to trusted party PKG Request Systems, combines and uses followed by the system public parameter that trusted party PKG is returned Family identity character string is converted, public key is calculated, and operation finally is encrypted to the identifying code of generation using public key; Step 4:User mobile phone is sent to short message mode for encrypted identifying code, the trigger module of mobile phone terminal detects short message When, request is initiated to trusted party PKG, verifies identity, trusted party PKG converts user identifier identity character string, ties Collaboration system retention parameter calculates private key, and private key is returned to corresponding user by safe lane;Step 5:User opens short Letter application, the trigger module at automatic calling mobile phone end, trigger module are carried out automatic to encrypted identifying code using acquisition private key Decryption;Step 6:User fills in the real information of identifying code on webpage, or directly replicates, pastes in APP applications;Step Rapid 7:On webpage or APP applies the identifying code filled in the middle to be proved to be successful, then verifies digital content after deleting decryption immediately.
2. a kind of identifying code short message transparent encryption method based on handset identities according to claim 1, it is characterised in that: The cipher system Encryption Algorithm of identity and the cipher system decipherment algorithm of step 5 identity are identity-baseds in the step 3 Cipher system scheme Encryption Algorithm and decipherment algorithm;The cipher system scheme of identity is established by system, private key extraction, encrypts and solve Close four Algorithm constitutions.
3. a kind of identifying code short message transparent encryption method based on handset identities according to claim 1, it is characterised in that: The step 3 and the trusted party PKG in step 4 are that Identity- based cryptography scheme system is established algorithm and carried with key Take algorithm;It is to generate system public parameter, and key-extraction algorithm is to generate private key for user, trusted party that system, which establishes algorithm, PKG is to provide system public parameter in ciphering process and is to provide private key for user and system public parameter in decrypting process.
CN201810417920.1A 2018-05-04 2018-05-04 A kind of identifying code short message transparent encryption method based on handset identities Pending CN108599944A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810417920.1A CN108599944A (en) 2018-05-04 2018-05-04 A kind of identifying code short message transparent encryption method based on handset identities

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810417920.1A CN108599944A (en) 2018-05-04 2018-05-04 A kind of identifying code short message transparent encryption method based on handset identities

Publications (1)

Publication Number Publication Date
CN108599944A true CN108599944A (en) 2018-09-28

Family

ID=63619806

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810417920.1A Pending CN108599944A (en) 2018-05-04 2018-05-04 A kind of identifying code short message transparent encryption method based on handset identities

Country Status (1)

Country Link
CN (1) CN108599944A (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170262853A1 (en) * 2016-03-14 2017-09-14 Mastercard International Incorporated Method and system for biometric confirmation of suspect transactions
CN109587683A (en) * 2019-01-04 2019-04-05 中国联合网络通信集团有限公司 Method and system, application program and the terminal information database of the anti-monitoring of short message
CN111064732A (en) * 2019-12-24 2020-04-24 王升 Verification code or information encryption and decryption system
CN111414599A (en) * 2020-02-26 2020-07-14 北京奇艺世纪科技有限公司 Identity authentication method, device, terminal, server and readable storage medium
CN113849790A (en) * 2021-10-13 2021-12-28 深圳美云集网络科技有限责任公司 Verification code automatic input method and device, storage medium and electronic equipment
CN115379403A (en) * 2022-08-17 2022-11-22 福建天晴在线互动科技有限公司 Optimization method and system for identifying verification code of mobile phone short message
US12341927B1 (en) * 2023-12-22 2025-06-24 Techjutsu Properties Inc. Methods and systems for verification of an affiliation of a call initiator with an organization

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101030856A (en) * 2006-07-19 2007-09-05 王李琰 Method for verifying SMS and transmitting reliability classification based on cipher technology mark
CN101257489A (en) * 2008-03-20 2008-09-03 陈珂 Method for protecting account number safety
CN101267311A (en) * 2008-04-14 2008-09-17 中国工商银行股份有限公司 A method, device and system for preventing network bank from hijacking data
US20090270073A1 (en) * 2008-04-29 2009-10-29 Jin Ling Authenticating identity of caller
CN102289632A (en) * 2011-08-30 2011-12-21 武汉大学 Method for encrypting executable file under condition of unknown software source code
US8108678B1 (en) * 2003-02-10 2012-01-31 Voltage Security, Inc. Identity-based signcryption system
CN103997730A (en) * 2014-04-25 2014-08-20 长沙市梦马软件有限公司 Method for decrypting, copying and pasting encrypted data
CN104935735A (en) * 2015-05-20 2015-09-23 深圳市万普拉斯科技有限公司 Information deletion method and system
CN105516059A (en) * 2014-09-25 2016-04-20 阿里巴巴集团控股有限公司 Resource access control method and device
CN105743646A (en) * 2016-02-03 2016-07-06 四川长虹电器股份有限公司 Encryption method and system based on identity

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8108678B1 (en) * 2003-02-10 2012-01-31 Voltage Security, Inc. Identity-based signcryption system
CN101030856A (en) * 2006-07-19 2007-09-05 王李琰 Method for verifying SMS and transmitting reliability classification based on cipher technology mark
CN101257489A (en) * 2008-03-20 2008-09-03 陈珂 Method for protecting account number safety
CN101267311A (en) * 2008-04-14 2008-09-17 中国工商银行股份有限公司 A method, device and system for preventing network bank from hijacking data
US20090270073A1 (en) * 2008-04-29 2009-10-29 Jin Ling Authenticating identity of caller
CN102289632A (en) * 2011-08-30 2011-12-21 武汉大学 Method for encrypting executable file under condition of unknown software source code
CN103997730A (en) * 2014-04-25 2014-08-20 长沙市梦马软件有限公司 Method for decrypting, copying and pasting encrypted data
CN105516059A (en) * 2014-09-25 2016-04-20 阿里巴巴集团控股有限公司 Resource access control method and device
CN104935735A (en) * 2015-05-20 2015-09-23 深圳市万普拉斯科技有限公司 Information deletion method and system
CN105743646A (en) * 2016-02-03 2016-07-06 四川长虹电器股份有限公司 Encryption method and system based on identity

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170262853A1 (en) * 2016-03-14 2017-09-14 Mastercard International Incorporated Method and system for biometric confirmation of suspect transactions
CN109587683A (en) * 2019-01-04 2019-04-05 中国联合网络通信集团有限公司 Method and system, application program and the terminal information database of the anti-monitoring of short message
CN111064732A (en) * 2019-12-24 2020-04-24 王升 Verification code or information encryption and decryption system
CN111414599A (en) * 2020-02-26 2020-07-14 北京奇艺世纪科技有限公司 Identity authentication method, device, terminal, server and readable storage medium
CN113849790A (en) * 2021-10-13 2021-12-28 深圳美云集网络科技有限责任公司 Verification code automatic input method and device, storage medium and electronic equipment
CN115379403A (en) * 2022-08-17 2022-11-22 福建天晴在线互动科技有限公司 Optimization method and system for identifying verification code of mobile phone short message
CN115379403B (en) * 2022-08-17 2023-08-11 福建天晴在线互动科技有限公司 Optimization method and system for identifying mobile phone short message verification code
US12341927B1 (en) * 2023-12-22 2025-06-24 Techjutsu Properties Inc. Methods and systems for verification of an affiliation of a call initiator with an organization
US20250211678A1 (en) * 2023-12-22 2025-06-26 Techjutsu Properties Inc. Methods and systems for verification of an affiliation of a call initiator with an organization

Similar Documents

Publication Publication Date Title
CN110971415B (en) An anonymous access authentication method and system for a space-earth integrated spatial information network
Chen et al. Security enhancement on an improvement on two remote user authentication schemes using smart cards
CN106656503B (en) Method for storing cipher key, data encryption/decryption method, electric endorsement method and its device
CN113067699B (en) Data sharing method and device based on quantum key and computer equipment
CN108599944A (en) A kind of identifying code short message transparent encryption method based on handset identities
CN106412862B (en) Method, device and system for strengthening short messages
EP1976322A1 (en) An authentication method
CN108347419A (en) Data transmission method and device
CN105450406A (en) Data processing method and device
CN106101068A (en) Terminal communicating method and system
Nyamtiga et al. Enhanced security model for mobile banking systems in Tanzania
CN101720071A (en) Short message two-stage encryption transmission and secure storage method based on safety SIM card
CN104901935A (en) Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem)
CN101931536B (en) Method for encrypting and authenticating efficient data without authentication center
CN112564906A (en) Block chain-based data security interaction method and system
CN104424446A (en) Safety verification and transmission method and system
CN101296083A (en) An encrypted data transmission method and system
CN112020038A (en) Domestic encryption terminal suitable for rail transit mobile application
CN1316405C (en) Method for obtaining digital siguature and realizing data safety
CN115276978A (en) Data processing method and related device
CN105407467A (en) Short message encryption methods, devices and system
CN110401531B (en) Cooperative signature and decryption system based on SM9 algorithm
CN116132025A (en) Key negotiation method, device and communication system based on preset key group
CN118555133B (en) Quantum-resistant security enhancement method of transport layer security protocol
CN114765544B (en) Trusted execution environment data offline migration method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20180928