CN102571724B - System login method based on RSAKey (Rivest-Shamir-Adleman Key) supporting Microsoft CSP (Cryptographic Service provider) interface - Google Patents
System login method based on RSAKey (Rivest-Shamir-Adleman Key) supporting Microsoft CSP (Cryptographic Service provider) interface Download PDFInfo
- Publication number
- CN102571724B CN102571724B CN201010619001.6A CN201010619001A CN102571724B CN 102571724 B CN102571724 B CN 102571724B CN 201010619001 A CN201010619001 A CN 201010619001A CN 102571724 B CN102571724 B CN 102571724B
- Authority
- CN
- China
- Prior art keywords
- rsa key
- key
- certificate
- rsa
- login method
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention aims at disclosing a system login method based on an RSAKey (Rivest-Shamir-Adleman Key) supporting a Microsoft CSP (Cryptographic Service provider) interface. According to the system login method, a digital envelope is prepared for account information and can be encrypted by a person holding a corresponding key, i.e. a person corresponding to the RSA Key, so that the security of a login user is ensured; and other persons without the RSAKey cannot login a Windows system client of the person even if steeling the account information of the user, so that the aim of the invention is achieved.
Description
Technical field
The present invention relates to a kind of system login method, particularly one is based on supporting Microsoft Cryptographic Service Provider(CSP) the MS Windows Gina login method of RSA Key of interface.
Background technology
Cryptographic Service Provider(CSP) ripe and universal, the Key of the support RSA Algorithm that each hardware vendor produces emerges in an endless stream, and these RSA Key support Microsoft Cryptographic Service Provider(CSP) interface.
RSA Key is easy to carry with it, can deposit the certificate that CA sends out, and support RSA operation, the features such as high Cipher Strength are subject to extensive favor.
But, the login of the PC of Microsoft Windows system, still by the mode (even not using password) of user name/password, very large hidden danger is brought to fail safe, also need user to remember password simultaneously, and for preventing password from revealing, need often to change password, this, concerning user, brings very large burden.
In sum, for the defect of prior art, the special system login method needing a kind of RSA Key based on support Microsoft CSP interface, to solve above-mentioned problem.
Summary of the invention
The object of the present invention is to provide the system login method of a kind of RSA Key based on support Microsoft CSP interface, solve the defect of above-mentioned prior art, effectively ensure that the fail safe of login user.
Technical problem solved by the invention can realize by the following technical solutions:
Based on a system login method of the RSA Key of support Microsoft CSP interface, it is characterized in that, it comprises the steps:
1) Key supporting RSA Algorithm is used;
2) third party's certificate verification center CA, sends out double certificate in RSA Key;
3) need add log in protection MS Windows system client on use above-mentioned steps 2) in RSA Key register;
4) client computer of MS Windows system is logged in by RSA Key.
In one embodiment of the present of invention, described step 2) comprise the following steps:
(1) in RSA Key, public, private key pair is produced, the request of Generating Certificate;
(2) generate signing certificate and encrypted certificate by third party's certificate verification center CA, import in RSA Key.
In one embodiment of the present of invention, described step 3) comprises the following steps:
(1) on the MS Windows system client needing login protection, register the certificate in RSA Key;
(2) use the encrypted certificate in RSA Key, digital envelope is done to the accounts information of MS Windows system;
(3) this digital envelope is kept in the local memory device of system, completes registration.
In one embodiment of the present of invention, described step 4) comprises the following steps:
(1) the RSA Key MS Windows system client logging in protection inserting correspondence is being used;
(2) password of RSA Key is inputted;
(3) digital envelope of deciphering preservation, obtains the accounts information in envelope;
(4) account information registration Windows system is used.
The system login method of the RSA Key based on supporting Microsoft CSP interface of the present invention has following features:
1, digital envelope is adopted to ensure the fail safe of accounts information;
2, adopt RSA Key, be convenient for carrying;
3, technology and hardware device have nothing to do, and can support the support Microsoft Cryptographic Service Provider(CSP of any standard) RSA equipment, availability is high.
The system login method of the RSA Key based on support Microsoft CSP interface of the present invention, accounts information is done digital envelope, only holds corresponding private key, namely the individual of corresponding RSA Key, could decipher this envelope, ensure that the fail safe of login user; Other people of not this RSA Key, even if then stolen the accounts information of user, also cannot log in the Windows system client of this people, achieve object of the present invention.
The detailed description and obtaining that feature of the present invention can consult the graphic and following better execution mode of this case is well understood to.
Accompanying drawing explanation
Fig. 1 is the schematic flow sheet of registration RSA Key of the present invention;
Fig. 2 is the schematic flow sheet being logged in MS Windows system client by RSA Key of the present invention.
Embodiment
The technological means realized to make the present invention, creation characteristic, reaching object and effect is easy to understand, below in conjunction with concrete diagram, setting forth the present invention further.
As shown in Figure 1 and Figure 2, the system login method of the RSA Key based on support Microsoft CSP interface of the present invention, it comprises the steps:
1) Key supporting RSA Algorithm is used;
2) third party's certificate verification center CA, sends out double certificate in RSA Key;
3) need add log in protection MS Windows system client on use above-mentioned steps 2) in RSA Key register;
4) client computer of MS Windows system is logged in by RSA Key.
In the present invention, described step 2) comprise the following steps:
(1) in RSA Key, public, private key pair is produced, the request of Generating Certificate;
(2) generate signing certificate and encrypted certificate by third party's certificate verification center CA, import in RSA Key.
In the present invention, described step 3) comprises the following steps:
(1) on the MS Windows system client needing login protection, register the certificate in RSA Key;
(2) use the encrypted certificate in RSA Key, digital envelope is done to the accounts information of MS Windows system;
(3) this digital envelope is kept in the local memory device of system, completes registration.
In the present invention, described step 4) comprises the following steps:
(1) the RSA Key MS Windows system client logging in protection inserting correspondence is being used;
(2) password of RSA Key is inputted;
(3) digital envelope of deciphering preservation, obtains the accounts information in envelope;
(4) account information registration Windows system is used.
The system login method of the RSA Key based on support Microsoft CSP interface of the present invention, its application system at least comprises two parts: the Accreditation System of RSA Key and the login control system of RSA Key.
The Accreditation System of RSA Key: be responsible for the RSA Key sending out well certificate to bind calmly on specific MS Windows system client, this RSA Key can be logged on the client.
The login control system of RSA Key: be inserted in the RSA Key that this Windows system client is registered, sign in Windows system.
Described Windows system login method, comprises following step:
1) driver of RSA Key is installed, comprises the CSP program of this RSA Key;
2) Login Register control software design is installed;
3) RSA Key is registered on Windows system client;
4) insert RSA Key, log in Windows system client.
Described step 3) comprises the following steps:
(1) the RSA Key having sent out double certificate is inserted;
(2) encrypted certificate in RSA Key is selected:
(3) accounts information of Windows system is inputted;
(4) use the encrypted certificate selected, digital envelope is done to encoded accounts information;
(5) digital envelope is preserved to local storage system.
Described step 4) comprises the following steps:
(1) RSA Key is inserted;
(2) Windows system client is started;
(3) input the password of RSA Key, decrypting digital envelope, obtain accounts information;
(4) access to your account information, logs in Windows system client.
More than show and describe general principle of the present invention and principal character and advantage of the present invention.The technical staff of the industry should understand; the present invention is not restricted to the described embodiments; what describe in above-described embodiment and specification just illustrates principle of the present invention; without departing from the spirit and scope of the present invention; the present invention also has various changes and modifications; these changes and improvements all fall in the claimed scope of the invention, and application claims protection range is defined by appending claims and equivalent thereof.
Claims (3)
1., based on a system login method of the RSA Key of support Microsoft CSP interface, it is characterized in that, it comprises the steps:
1) Key supporting RSA Algorithm is used;
2) third party's certificate verification center CA, sends out double certificate in RSA Key;
3) need add log in protection MS Windows system client on use above-mentioned steps 2) in RSA Key register; It comprises the following steps:
(1) on the MS Windows system client needing login protection, register the certificate in RSA Key;
(2) use the encrypted certificate in RSA Key, digital envelope is done to the accounts information of MS Windows system;
(3) this digital envelope is kept in the local memory device of system, completes registration;
4) client computer of MS Windows system is logged in by RSA Key;
Thus, accounts information is done digital envelope by described system login method, only holds corresponding RSA Key and could decipher this envelope, ensure that the fail safe of login user.
2., as claimed in claim 1 based on the system login method of the RSA Key of support Microsoft CSP interface, it is characterized in that, described step 2) comprise the following steps:
(1) in RSA Key, public, private key pair is produced, the request of Generating Certificate;
(2) generate signing certificate and encrypted certificate by third party's certificate verification center CA, import in RSAKey.
3., as claimed in claim 1 based on the system login method of the RSA Key of support Microsoft CSP interface, it is characterized in that, described step 4) comprise the following steps:
(1) the RSA Key MS Windows system client logging in protection inserting correspondence is being used;
(2) password of RSA Key is inputted;
(3) digital envelope of deciphering preservation, obtains the accounts information in envelope;
(4) account information registration Windows system is used.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201010619001.6A CN102571724B (en) | 2010-12-31 | 2010-12-31 | System login method based on RSAKey (Rivest-Shamir-Adleman Key) supporting Microsoft CSP (Cryptographic Service provider) interface |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201010619001.6A CN102571724B (en) | 2010-12-31 | 2010-12-31 | System login method based on RSAKey (Rivest-Shamir-Adleman Key) supporting Microsoft CSP (Cryptographic Service provider) interface |
Publications (2)
Publication Number | Publication Date |
---|---|
CN102571724A CN102571724A (en) | 2012-07-11 |
CN102571724B true CN102571724B (en) | 2015-04-01 |
Family
ID=46416212
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201010619001.6A Active CN102571724B (en) | 2010-12-31 | 2010-12-31 | System login method based on RSAKey (Rivest-Shamir-Adleman Key) supporting Microsoft CSP (Cryptographic Service provider) interface |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102571724B (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104580198A (en) * | 2014-12-31 | 2015-04-29 | 上海格尔软件股份有限公司 | Windows desktop safety login system and method based on PKI smart watch |
CN107276961B (en) * | 2016-04-06 | 2021-04-02 | 北京天威诚信电子商务服务有限公司 | Method and device for encrypting and decrypting data based on cryptographic algorithm |
CN115102788B (en) * | 2022-08-10 | 2023-01-17 | 北京安盟信息技术股份有限公司 | Method for improving performance of digital envelope through key reuse and digital envelope |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101447010A (en) * | 2008-12-30 | 2009-06-03 | 北京飞天诚信科技有限公司 | Login system and method for logging in |
-
2010
- 2010-12-31 CN CN201010619001.6A patent/CN102571724B/en active Active
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101447010A (en) * | 2008-12-30 | 2009-06-03 | 北京飞天诚信科技有限公司 | Login system and method for logging in |
Non-Patent Citations (3)
Title |
---|
WINDOWS域智能卡认证实施方案设计;潘晓恒;《内蒙古大学工程硕士学位论文》;20090223;第22-54页 * |
基于智能卡和USB 电子加密钥匙的CSP 设计与实现;娄晓晋;《上海交通大学硕士学位论文》;20080724;全文 * |
硬件加密***研究与应用;王义;《北京邮电大学硕士学位论文》;20070723;第35-37页 * |
Also Published As
Publication number | Publication date |
---|---|
CN102571724A (en) | 2012-07-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11799668B2 (en) | Electronic identification verification methods and systems with storage of certification records to a side chain | |
CN106961336B (en) | A kind of key components trustship method and system based on SM2 algorithm | |
US11799656B2 (en) | Security authentication method and device | |
CN107465689B (en) | Key management system and method of virtual trusted platform module in cloud environment | |
ES2687191T3 (en) | Network authentication method for secure electronic transactions | |
CN103812871B (en) | Development method and system based on mobile terminal application program security application | |
CN101789865B (en) | Dedicated server used for encryption and encryption method | |
CN109587162B (en) | Login verification method, device, terminal, password server and storage medium | |
CN104753881B (en) | A kind of WebService safety certification access control method based on software digital certificate and timestamp | |
CN105553654B (en) | Key information processing method and device, key information management system | |
RU2584500C2 (en) | Cryptographic authentication and identification method with real-time encryption | |
CN109067766A (en) | A kind of identity identifying method, server end and client | |
CN103067160A (en) | Method and system of generation of dynamic encrypt key of encryption secure digital memory card (SD) | |
CN113067823B (en) | Mail user identity authentication and key distribution method, system, device and medium | |
TW201409990A (en) | Communication method utilizing fingerprint information for authentication | |
KR101879758B1 (en) | Method for Generating User Digital Certificate for Individual User Terminal and for Authenticating Using the Same Digital Certificate | |
CN109412812A (en) | Data safe processing system, method, apparatus and storage medium | |
CN104202163A (en) | Password system based on mobile terminal | |
CN109040079A (en) | The establishment of live streaming chained address and verification method and related device | |
CN106936588A (en) | A kind of trustship method, the apparatus and system of hardware controls lock | |
Kurniawan et al. | Login security using one time password (otp) application with encryption algorithm performance | |
CN106790208A (en) | A kind of communication encrypting method and device | |
CN106161031A (en) | Server password generates method, verification method and device | |
CN108259445A (en) | MS windows desktops Security Login System and its login method based on smart mobile phone | |
CN103973714A (en) | E-mail account generating method and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CP03 | Change of name, title or address |
Address after: 200436 Room 601, Lane 299, Lane 299, JIANGCHANG West Road, Jingan District, Shanghai Patentee after: Geer software Limited by Share Ltd Address before: 200070 50 Mau Ling Road, Zhabei District, Shanghai Patentee before: Geer Software Co., Ltd., Shanghai |
|
CP03 | Change of name, title or address |