[go: up one dir, main page]

CN118555138B - Secure access authentication system based on time stamp - Google Patents

Secure access authentication system based on time stamp Download PDF

Info

Publication number
CN118555138B
CN118555138B CN202411017554.2A CN202411017554A CN118555138B CN 118555138 B CN118555138 B CN 118555138B CN 202411017554 A CN202411017554 A CN 202411017554A CN 118555138 B CN118555138 B CN 118555138B
Authority
CN
China
Prior art keywords
matrix
key
time stamp
initial
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202411017554.2A
Other languages
Chinese (zh)
Other versions
CN118555138A (en
Inventor
徐海艇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong Tianyun Technology Co ltd
Original Assignee
Guangdong Tianyun Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdong Tianyun Technology Co ltd filed Critical Guangdong Tianyun Technology Co ltd
Priority to CN202411017554.2A priority Critical patent/CN118555138B/en
Publication of CN118555138A publication Critical patent/CN118555138A/en
Application granted granted Critical
Publication of CN118555138B publication Critical patent/CN118555138B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/082Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying multi-factor authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/121Timestamp

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a secure access identity verification system based on a time stamp, which comprises the steps of pre-drawing three initial keys when a user terminal registers to a server terminal, constructing a key time stamp matrix by matching the three initial keys with the time stamp, and verifying whether a corresponding element value is matched with a virtual matrix related virtual value or not through inputting matrix coordinates in a subsequent login operation to verify the success of the login operation. In the invention, the security access matrix is constructed by utilizing the time stamp, so that a hacker can hardly predict when a user registers specifically, and can not crack the security access matrix, in addition, the user can randomly select any element of the matrix for verification in the subsequent login process, no special correlation exists among different elements of the matrix, no special mathematical rule exists among the elements of the matrix, and thus the difficulty of hacking is increased.

Description

Secure access authentication system based on time stamp
Technical Field
The invention relates to the field of information security, in particular to a secure access identity verification system based on a time stamp.
Background
Currently, each big information website emerges like a spring bamboo shoot after rain, and accordingly a large number of website login operations exist.
However, users often face a significant information security risk when logging into a website. Once the key or identity information is revealed, irrecoverable loss may occur to the user, resulting in disclosure of the privacy of the user or loss of property.
In practice, when the information website logs in, the information website is usually completed in the form of an account encryption code or further in the form of an authentication code. However, once the user terminal or the server is hacked (e.g., embedded with a Trojan program), the related information is highly likely to be stolen and the user information is revealed by hacking.
Therefore, it is urgently required to establish a complete authentication system to ensure safe access of information websites.
Disclosure of Invention
The invention provides a secure access identity verification system based on a time stamp, which effectively solves the technical problems existing in the prior art.
Specifically, the invention provides a security access identity verification system based on a time stamp, the system comprises a user side and a server side, the user side comprises an input module, a matrix construction module and a sending module, the server side comprises a mirror module, in a registration stage, a user inputs login name and identity information to the input module, thereby the sending module sends an initial registration request to the server side at a specific moment, the user side constructs three initial keys, the matrix construction module constructs 3*3 key time stamp matrix A based on the three initial keys and the time stamp corresponding to the specific moment, the key time stamp matrix A is sent to the mirror module to form a scene virtual matrix A' with the same form, in the registration stage, the user side randomly inputs any appointed coordinates of the key time stamp matrix A and element values corresponding to the appointed coordinates, and the appointed coordinates and the element values are sent to the server side; the server side finds out a virtual value corresponding to the appointed coordinate in the mirror image virtual matrix A' according to the received appointed coordinate, and once the virtual value is the same as the element value, the login request of the user side is passed.
Preferably, the time stamp is divided into a small period H, a minute period M, and a second period S, the three initial keys are a first initial key x1, a second initial key x2, and a third initial key x3, and the constructed key time stamp matrix a is in the form of:
preferably, the specified coordinate form is [ i, j ], i and j are integers, i is equal to or more than 1 and equal to or less than 3, j is equal to or more than 1 and equal to or less than 3, and represents the ith row and the jth column of the key timestamp matrix A with the element value being 3*3.
Optionally, when i=2 and j=3, the coordinates are designated as [2,3], and the element value in the corresponding key timestamp matrix a is
Optionally, setting the initial key constructed by the user end as 113523, then the initial key is split into three segments: the first initial key x1= "11", the second initial key x2= "35", the third initial key x3= "23", and the user side is set to issue an initial registration request at a specific time of 45 minutes and 34 seconds at 13 points, the small period h= "13", the minute period m= "45", and the second period s=34, so that the key timestamp matrix a is formed as follows:
In summary, the present invention provides a secure access control identity verification system based on a timestamp, when a user terminal registers with a server terminal, three initial keys are pre-formulated, the three initial keys and the timestamp cooperate to construct a key timestamp matrix, and in a subsequent login operation, whether a corresponding element value matches a virtual value related to a virtual matrix is verified by inputting a matrix coordinate, so as to verify the success of the login operation. In the invention, the security access matrix is constructed by utilizing the time stamp, so that a hacker can hardly predict when a user registers specifically, and can not crack the security access matrix, in addition, the user can randomly select any element of the matrix for verification in the subsequent login process, no special correlation exists among different elements of the matrix, no special mathematical rule exists among the elements of the matrix, and thus the difficulty of hacking is increased.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the following discussion will discuss the embodiments or the drawings required in the description of the prior art, and it is obvious that the technical solutions described in connection with the drawings are only some embodiments of the present invention, and that other embodiments and drawings thereof can be obtained according to the embodiments shown in the drawings without inventive effort for a person skilled in the art.
Fig. 1 shows a specific flow diagram of a time stamp based secure access authentication system according to the invention.
Detailed Description
The following description of the embodiments of the present invention will be made in detail with reference to the accompanying drawings, wherein it is apparent that the embodiments described are only some, but not all embodiments of the present invention. All other embodiments, which can be made by a person of ordinary skill in the art without the need for inventive faculty, are within the scope of the invention, based on the embodiments described in the present invention.
In summary, the invention provides a secure access identity verification system based on a time stamp, when a user logs in initially from a user side to a server side, the user side constructs three initial keys, the user side records the time stamp of the login time, the initial keys and the time stamp are input into the server side, when the user side logs in next time, the user side inputs matrix coordinates and corresponding matrix coordinate values, the server side verifies after receiving the data, and once the verification passes, the success of login can be declared. The above-described authentication system will be described in detail hereinafter.
Fig. 1 shows a specific flow diagram of a time stamp based secure access authentication system according to the invention.
As shown in fig. 1, first, a user side inputs login name and identity information to an input module of a server side, and a transmitting module transmits an initial registration request to the server side at a specific moment. Meanwhile, the ue constructs three initial keys, for example, a first initial key x1, a second initial key x2, and a third initial key x3, which are registered in a register module of the ue together with a timestamp corresponding to the specific time.
Then, a matrix construction module at the user end constructs 3*3 key time stamp matrix based on the three initial keys and the time stamp.
Specifically, the time stamp may be divided into a small period H, a minute period M, and a second period S. For example, when the user side issues an initial registration request at a specific time of 45 minutes and 34 seconds at 13, the small period h= "13", the minute period m= "45", and the second period s=34.
Then the small period H, the minute M, and the second period S can construct the following key timestamp matrix a with the first initial key x1, the second initial key x2, and the third initial key x 3:
3*3 the element in the ith row and jth column of the matrix A is a ij, the matrix coordinates are [ i, j ], wherein i and j are integers, i is more than or equal to 1 and less than or equal to 3, and j is more than or equal to 1 and less than or equal to 3. For example, in the above matrix, the element of row 2 and column 3 counts as a 23. In the matrix of this type of matrix,
More specifically, in the above example, for example, the initial key constructed by the ue is 113523, then the method can be divided into three segments: the first initial key x1= "11", the second initial key x2= "35", and the third initial key x3= "23".
Thus, the key timestamp matrix a is formed as:
thus, in this matrix a,
Meanwhile, the key time stamp matrix A is also sent to a mirror image module of the server side by the client side, and a mirror image virtual matrix A' with the same form is formed in the mirror image module according to the key time stamp matrix A.
Subsequently, in the login stage, the user side randomly inputs any specified coordinates [ i, j ] and at the same time, the corresponding element values of the coordinates in the key timestamp matrix A, the any specified coordinates [ i, j ] and the corresponding element values are sent to the server side,
After receiving the login request of the user terminal, the server terminal finds the virtual value corresponding to the arbitrary designated coordinate in the mirror virtual matrix A' according to the coordinate [ i, j ] input by the user terminal.
Once the virtual value is the same as the element value, the login request of the user side is passed.
For example, in the above example, if the user side inputs the matrix coordinates [2,2] at random, the element value of the corresponding key timestamp matrix a is 1575, in this case, the element values of the matrix coordinates [2,2] and 1575 are both input to the server side, the server side finds the corresponding virtual value in the mirror virtual matrix a' according to the matrix coordinates [2,2], and if the virtual value is 1575, the two can be corresponding, the login is successful. And once the two cannot be corresponded, for example, the corresponding virtual value found in the mirror virtual matrix a' is 1675, the login fails.
It should be noted that the key timestamp matrix and mirrored virtual array mentioned above are merely virtual representations, and are not stored as actual files and data in the client and server side. Thus, even if the client and/or server side is hacked, it is not possible to find any actual files about the virtual array and the mirrored virtual array.
Furthermore, the invention breaks through the original inherent authentication rule which can only be set by the server end, and the security access matrix is constructed by utilizing the timestamp in the authentication process, so that a hacker can hardly predict the specific time of registering by the user due to the real-time property of the timestamp, and can not crack the security access matrix.
The authentication system for security access control provided by the invention is basically introduced. In summary, the present invention provides a secure access control identity verification system based on a timestamp, when a user terminal registers with a server terminal, three initial keys are pre-formulated, the three initial keys and the timestamp cooperate to construct a key timestamp matrix, and in a subsequent login operation, whether a corresponding element value matches a virtual value related to a virtual matrix is verified by inputting a matrix coordinate, so as to verify the success of the login operation. In the invention, the security access matrix is constructed by utilizing the time stamp, so that a hacker can hardly predict when a user registers specifically, and can not crack the security access matrix, in addition, the user can randomly select any element of the matrix for verification in the subsequent login process, no special correlation exists among different elements of the matrix, no special mathematical rule exists among the elements of the matrix, and thus the difficulty of hacking is increased.
The foregoing description of the exemplary embodiments of the invention is not intended to limit the invention to the precise form disclosed, and any modifications, equivalents, and variations which fall within the spirit and scope of the invention are intended to be included in the scope of the invention.

Claims (5)

1. The security access authentication system based on the time stamp is characterized by comprising a user side and a server side, wherein the user side comprises an input module, a matrix construction module and a sending module, the server side comprises a mirror image module,
In the registration stage, the user inputs login name and identity information to the input module, so that the sending module sends an initial registration request to the server at a specific moment, the user side constructs three initial keys,
The matrix constructing module constructs 3*3 a key time stamp matrix A based on the three initial keys and the time stamp corresponding to the specific time, the key time stamp matrix A is sent to the mirror image module to form a scene virtual matrix A' with the same form,
In the login stage, the user side randomly inputs any appointed coordinate of the key time stamp matrix A and an element value corresponding to the appointed coordinate, and the appointed coordinate and the element value are sent to the server side;
The server side finds out a virtual value corresponding to the appointed coordinate in the mirror image virtual matrix A' according to the received appointed coordinate, and once the virtual value is the same as the element value, the login request of the user side is passed.
2. The system according to claim 1, wherein the time stamp is divided into a small period H, a minute period M, and a second period S, the three initial keys are a first initial key x1, a second initial key x2, and a third initial key x3, and the constructed key time stamp matrix a is in the form of:
3. The system of claim 2, wherein the specified coordinate form is [ i, j ], where i and j are integers, and 1.ltoreq.i.ltoreq.3, 1.ltoreq.j.ltoreq.3, representing the ith row and jth column of the key timestamp matrix a with element values at 3*3.
4. A system according to claim 3, wherein when i=2 and j=3, the assigned coordinates are [2,3], and the corresponding element value in the key timestamp matrix a is
5. The system of claim 4 wherein the initial key constructed by the client is 113523, then the initial key is split into three segments: the first initial key x1= "11", the second initial key x2= "35", the third initial key x3= "23", and the user side is set to issue an initial registration request at a specific time of 45 minutes and 34 seconds at 13 points, the small period h= "13", the minute period m= "45", and the second period s=34, so that the key timestamp matrix a is formed as follows:
CN202411017554.2A 2024-07-29 2024-07-29 Secure access authentication system based on time stamp Active CN118555138B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202411017554.2A CN118555138B (en) 2024-07-29 2024-07-29 Secure access authentication system based on time stamp

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202411017554.2A CN118555138B (en) 2024-07-29 2024-07-29 Secure access authentication system based on time stamp

Publications (2)

Publication Number Publication Date
CN118555138A CN118555138A (en) 2024-08-27
CN118555138B true CN118555138B (en) 2024-10-18

Family

ID=92453263

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202411017554.2A Active CN118555138B (en) 2024-07-29 2024-07-29 Secure access authentication system based on time stamp

Country Status (1)

Country Link
CN (1) CN118555138B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112383916A (en) * 2020-11-12 2021-02-19 刘中亚 WSN key management method suitable for unicast communication
CN114360111A (en) * 2022-01-15 2022-04-15 东北大学 A bicycle intelligent supervision anti-theft system and method based on Internet of Things technology

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7778166B2 (en) * 2007-11-28 2010-08-17 Intel Corporation Synchronizing sequence numbers among peers in a network
GB2554082B (en) * 2016-09-15 2019-09-18 Gurulogic Microsystems Oy User sign-in and authentication without passwords
CN114499828B (en) * 2020-10-23 2024-04-30 京东方科技集团股份有限公司 Communication method, Internet of Things terminal, gateway device and Internet of Things system
CN114760025B (en) * 2022-03-29 2025-05-13 微位(深圳)网络科技有限公司 Remote device control method, device, electronic device and medium
CN117955652A (en) * 2022-10-21 2024-04-30 大连秘阵科技有限公司 Dynamic token authentication method and system based on mask technology
CN117792765A (en) * 2023-12-28 2024-03-29 深圳前海微众银行股份有限公司 An identity authentication method and electronic device

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112383916A (en) * 2020-11-12 2021-02-19 刘中亚 WSN key management method suitable for unicast communication
CN114360111A (en) * 2022-01-15 2022-04-15 东北大学 A bicycle intelligent supervision anti-theft system and method based on Internet of Things technology

Also Published As

Publication number Publication date
CN118555138A (en) 2024-08-27

Similar Documents

Publication Publication Date Title
JP6882254B2 (en) Safety verification methods based on biological characteristics, client terminals, and servers
WO2022262078A1 (en) Access control method based on zero-trust security, and device and storage medium
US8151364B2 (en) Authentication device and/or method
CN110149328B (en) Interface authentication method, device, equipment and computer readable storage medium
KR101214839B1 (en) Authentication method and authentication system
US9871805B2 (en) User authentication
CN112989426B (en) Authorization authentication method and device, and resource access token acquisition method
US8863265B2 (en) Remote sign-out of web based service sessions
US9747434B1 (en) Authenticating with an external device by providing a message having message fields arranged in a particular message field order
US20200196143A1 (en) Public key-based service authentication method and system
KR101744747B1 (en) Mobile terminal, terminal and method for authentication using security cookie
CN111460423A (en) Two-dimensional code scanning login method and device
US9485255B1 (en) Authentication using remote device locking
US9660981B2 (en) Strong authentication method
KR20210095093A (en) Method for providing authentification service by using decentralized identity and server using the same
US20120246483A1 (en) Authentication System With Time Attributes
KR102372503B1 (en) Method for providing authentification service by using decentralized identity and server using the same
US20170011393A1 (en) Personal identification and anti-theft system and method using disposable random key
US20220159462A1 (en) Router, network connection method and mobile terminal
CN114301617A (en) Identity authentication method and device for multi-cloud application gateway, computer equipment and medium
CN111541649A (en) Password resetting method, device, server and storage medium
CN109784024A (en) One kind authenticating FIDO method and system based on the polyfactorial quick online identity of more authenticators
CN106612265A (en) Instant messaging method and server
TW201544983A (en) Data communication method and system, client and server
CN108965335B (en) Method for preventing malicious access to login interface, electronic device and computer medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant