CN106656495B - A kind of method and device of user password storage - Google Patents

A kind of method and device of user password storage Download PDF

Info

Publication number
CN106656495B
CN106656495B CN201610907011.7A CN201610907011A CN106656495B CN 106656495 B CN106656495 B CN 106656495B CN 201610907011 A CN201610907011 A CN 201610907011A CN 106656495 B CN106656495 B CN 106656495B
Authority
CN
China
Prior art keywords
encrypted
digest value
key
current
time
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610907011.7A
Other languages
Chinese (zh)
Other versions
CN106656495A (en
Inventor
安晓江
管延军
柳增寿
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Haitai Fangyuan High Technology Co Ltd
Original Assignee
Beijing Haitai Fangyuan High Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Haitai Fangyuan High Technology Co Ltd filed Critical Beijing Haitai Fangyuan High Technology Co Ltd
Priority to CN201610907011.7A priority Critical patent/CN106656495B/en
Publication of CN106656495A publication Critical patent/CN106656495A/en
Application granted granted Critical
Publication of CN106656495B publication Critical patent/CN106656495B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • H04L9/16Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms the keys or algorithms being changed during operation

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention relates to the method and devices that information security field more particularly to a kind of user password store, and this method is to receive user password input by user, and according to preset digest algorithm, calculates the first digest value of the user password;According to current first time and preset initial key, current first key is generated, and first digest value is encrypted based on the current first key;Encrypted first digest value is stored, in this way, what is stored is simply not only the digest value of user password, but, the digest value of user password is encrypted again, what is stored is the digest value of encrypted user password, further improves the safety of user password storage, improves the information security of user.

Description

A kind of method and device of user password storage
Technical field
The present invention relates to the method and devices that information security field more particularly to a kind of user password store.
Background technology
At present, in information-based today, the information security of user also increasingly attracts attention, in order to ensure the information of user Safety, is typically necessary between user and server and is authenticated, wherein, the certification based on user password is a kind of effective side Method.User needs to pre-enter user password, and then the user password of server stores user input, later in registration In user authentication process, the user password that by certification when inputs is compared with pre-stored user password, and then is realized and used The certification at family.
In the prior art, the method for secure storage being carried out to user password is typically all that user password is passed through digest algorithm Storage is in system after calculating, and later, when system is authenticated user, user inputs user password first, then to The registered permanent residence, which enables, carries out digest calculations, and finally the digest value with the pre-stored user password of system is compared, and recognizes if consistent Card passes through, otherwise authentification failure.
Can also be that system firstly generates a random number, user's input also, in the prior art, in verification process Digest calculations are carried out after user password, primary abstract is then calculated again to abstract result and random number, it then will be pre- in system The digest value and random number first stored also calculates primary abstract again, and finally the two digest value are compared again, if unanimously Then certification passes through, otherwise authentification failure.
But in the prior art, the digest value of pre-stored user password is all fixed in system, break through system it After can be readily available the digest value, if user password is not too complicated, by the method for exhaustion or hit library method can be very The user password is readily obtained, and then great risk is brought to the information security of user.
Invention content
The embodiment of the present invention provides a kind of method and device of user password storage, improves the peace of the storage of user password Quan Xing, so as to improve the information security of user.
Specific technical solution provided in an embodiment of the present invention is as follows:
A kind of method of user password storage, including:
User password input by user is received, and according to preset digest algorithm, calculate the user password first is plucked It is worth;
According to current first time and preset initial key, current first key is generated, and based on described current First key first digest value is encrypted;
Encrypted first digest value is stored.
In the embodiment of the present invention, user password input by user is received, and according to preset digest algorithm, calculate the use The first digest value that the registered permanent residence enables;According to current first time and preset initial key, current first key, and base are generated First digest value is encrypted in the current first key;Encrypted first digest value is stored, this Sample, storage not only be simply user password digest value, but, the digest value of user password is encrypted again, What is stored is the digest value of encrypted user password, after can preventing disabled user from obtaining user data, passes through the method for exhaustion Or hit library method and cracked, the safety of user password storage is further improved, improves the information security of user.
Preferably, after encrypted first digest value is stored, further comprise:
According to the preset period, encrypted first digest value is updated.
Preferably, being updated to encrypted first digest value, specifically include:
According to the second current time and the initial key, the second current key is generated;
Based on the current first key, encrypted first digest value is decrypted, obtains described first Digest value;
Encryption is re-started based on the first digest value described in the second current key pair, and by the after re-encrypted One digest value is stored.
In this way, due to be to the first of user password the encrypted key of abstract according to time dynamic, can be with Disabled user is effectively prevent to carry out data analysis after obtaining entire database to crack user password, further improves and uses the registered permanent residence Enable the safety of storage.
Preferably, further comprise:
User password input by user is received, and according to preset digest algorithm, calculate the user password second is plucked It is worth;
According to current third time and the initial key, current third key is generated, and based on described current The second digest value is encrypted described in third key pair;
The first digest value after encrypted second digest value and re-encrypted is compared, when determining encrypted When two digest value are consistent with the first digest value after re-encrypted, judgement certification passes through.
Preferably, when the first digest value after determining encrypted second digest value and re-encrypted is inconsistent, into one Step includes:
According to current third time and the preset period, calculate previous relative to the current third time A time and the latter time;
Based on the previous time, the latter time and the initial key, the previous time pair is generated respectively The 4th key answered and the latter time corresponding 5th key;
Second digest value described in being based respectively on the 4th key and the 5th key pair re-starts encryption, and respectively The first digest value after the second digest value and re-encrypted after re-encrypted is compared, when determining at least one again When encrypted second digest value is consistent with the first digest value after re-encrypted, judgement certification passes through.
A kind of device of user password storage, including:
First computing unit, for receiving user password input by user, and according to preset digest algorithm, described in calculating First digest value of user password;
First encryption unit, for according to current first time and preset initial key, it is close to generate current first Key, and first digest value is encrypted based on the current first key;
Storage unit, for encrypted first digest value to be stored.
In the embodiment of the present invention, user password input by user is received, and according to preset digest algorithm, calculate the use The first digest value that the registered permanent residence enables;According to current first time and preset initial key, current first key, and base are generated First digest value is encrypted in the current first key;Encrypted first digest value is stored, this Sample, storage not only be simply user password digest value, but, the digest value of user password is encrypted again, What is stored is the digest value of encrypted user password, after can preventing disabled user from obtaining user data, passes through the method for exhaustion Or hit library method and cracked, the safety of user password storage is further improved, improves the information security of user.
Preferably, after encrypted first digest value is stored, further comprise:
Updating unit, for according to the preset period, being updated to encrypted first digest value.
Preferably, when being updated to encrypted first digest value, updating unit is specifically used for:
According to the second current time and the initial key, the second current key is generated;
Based on the current first key, encrypted first digest value is decrypted, obtains described first Digest value;
Encryption is re-started based on the first digest value described in the second current key pair, and by the after re-encrypted One digest value is stored.
In this way, due to be to the first of user password the encrypted key of abstract according to time dynamic, can be with Disabled user is effectively prevent to carry out data analysis after obtaining entire database to crack user password, further improves and uses the registered permanent residence Enable the safety of storage.
Preferably, further comprise:
Second computing unit, for receiving user password input by user, and according to preset digest algorithm, described in calculating Second digest value of user password;
Second encryption unit, for according to current third time and the initial key, generating current third key, And it is encrypted based on the second digest value described in the current third key pair;
First authentication unit, for the first digest value after encrypted second digest value and re-encrypted to be compared Compared with when determining that encrypted second digest value is consistent with the first digest value after re-encrypted, judgement certification passes through.
Preferably, when the first digest value after determining encrypted second digest value and re-encrypted is inconsistent, into one Step includes:
Third computing unit, for according to current third time and the preset period, calculating and working as relative to described The previous time of preceding third time and the latter time;
Third encryption unit, for being based on the previous time, the latter time and the initial key, respectively Corresponding 4th key of previous time and the latter time corresponding 5th key are generated, and is based respectively on the 4th key Encryption is re-started with the second digest value described in the 5th key pair;
Second authentication unit, for respectively by the first digest value after the second digest value and re-encrypted after re-encrypted It is compared, the second digest value after at least one re-encrypted is determined is consistent with the first digest value after re-encrypted When, judgement certification passes through.
Description of the drawings
Fig. 1 is the method flow diagram of user password storage in the embodiment of the present invention;
Fig. 2 is the apparatus structure schematic diagram of user password storage in the embodiment of the present invention.
Specific embodiment
Below in conjunction with the attached drawing in the embodiment of the present invention, the technical solution in the embodiment of the present invention is carried out clear, complete Site preparation describes, it is clear that described embodiment is only part of the embodiment of the present invention, is not whole embodiments.It is based on Embodiment in the present invention, those of ordinary skill in the art are obtained every other without making creative work Embodiment shall fall within the protection scope of the present invention.
In order to further improve the safety of the storage of user password, so as to improve the information security of user, the present invention is real It applies in example, when being stored to user password, calculates the digest value of user password, and give birth to according to current time and initial key Into current key, the digest value based on current key pair user password is encrypted, and then stores and encrypted use the registered permanent residence The digest value of order.
The present invention program is described in detail below by specific embodiment, certainly, the present invention is not limited to following realities Apply example.
As shown in fig.1, in the embodiment of the present invention, the idiographic flow of the method for user password storage is as follows:
Step 100:User password input by user is received, and according to preset digest algorithm, calculates above-mentioned user password The first digest value.
In practice, in order to ensure the information security of user, it is often necessary to carry out user authentication, therefore, user is at the beginning It during registration, is required for first setting user password, stores the user password in systems, and then when user later logs in, be based on The user password is authenticated user.If the user password stored in system is illegally accessed, user will be caused very big Security threat.
In the embodiment of the present invention, in user's registration, first according to preset digest algorithm, calculate user password first is plucked It is worth, in this way, being equivalent to carry out one-time pad encryption to user password.
Wherein, above-mentioned preset digest algorithm in the embodiment of the present invention, and is not limited, and can be in the prior art Arbitrary digest algorithm, for example, Message Digest 5 version 5 (Message-Digest Algorithm 5, MD5) algorithm Deng.
For example, user password input by user is P, according to preset digest algorithm, calculate the user password P's of acquisition First digest value is H (P).
Step 110:According to current first time and preset initial key, current first key is generated, and be based on Above-mentioned first digest value is encrypted in above-mentioned current first key.
In the embodiment of the present invention, one-time pad encryption is carried out again to the digest value of user password, in this way, being equivalent to user Password is encrypted twice, further improves the safety of user password storage.
When performing step 110, specifically include:
First, according to current first time and preset initial key, current first key is generated.
Wherein, above-mentioned initial key can be that system generates at random in initialization, and user need not know that this is initial close Key can further improve the safety of the first key of generation in this way.
And it is possible to the accuracy of the current first time is set, for example, hour is accurate to, for example, the time is 8: 05:32, then when generating key, the current time can be considered 8h to calculate.
In the embodiment of the present invention, for how to generate current first key, can also equally it use of the prior art Algorithm, for example, hash algorithm etc., in the embodiment of the present invention, and is not limited.
Then, above-mentioned first digest value is encrypted based on above-mentioned current first key.
Similarly, the Encryption Algorithm used when the first digest value is encrypted, in the embodiment of the present invention, and without Limitation.
For example, initial key is K0, current first time is 5h, then according to K0Generating current first key with 5h is K1, then, based on K1, using preset Encryption Algorithm, H (P) is encrypted, obtaining encrypted first digest value is
Step 120:Encrypted first digest value is stored.
In this way, what is stored in system is not simply the digest value of user password, but, to the digest value of user password again Encrypted, storage be encrypted user password digest value, after can preventing disabled user from obtaining user data, It by the method for exhaustion or hits library method and is cracked, improve the safety of user password storage.
Further, in the embodiment of the present invention, the method for user password storage further includes:According to the preset period, pair plus The first digest value after close is updated, specially:
For example, the preset period is a hour, then every a hour, system is automatically to encrypted first digest value It is updated.
First, according to the second current time and above-mentioned initial key, the second current key is generated.
Likewise it is possible to the accuracy of the second current time is set, for example, being accurate to hour.
Then, based on above-mentioned current first key, above-mentioned encrypted first digest value is decrypted, is obtained above-mentioned First digest value.
Finally, encryption is re-started based on above-mentioned current above-mentioned first digest value of the second key pair, and by re-encrypted The first digest value afterwards is stored.
For example, initial key is K0, the second current time is 6h, then according to K0The second current key is with 6h generations K2, then, use K1To encrypted first digest valueIt is decrypted, H (P) is obtained, finally, based on K2, use Preset Encryption Algorithm re-starts encryption to H (P), obtains the first digest value after re-encrypted and is
That is, system can periodically generate new key, and use the new key pair registered permanent residence according to the preset period The first digest value enabled re-starts encryption.In this way, since the first encrypted key of abstract to user password is according to the time Dynamic change, therefore, disabled user can be effectively prevent to obtain and carry out data analysis after entire database and use the registered permanent residence to crack It enables, further improves the safety of user password storage.
Further, based on above-described embodiment, correspondingly, in user authentication, including:
First, user password input by user is received, and according to preset digest algorithm, calculates the of above-mentioned user password Two digest value.
That is, in certification, for example, user logs in some websites, user name and user password (i.e. password) are inputted, System needs to be authenticated user password, that is, judges whether user password corresponding with the user name currently stored in system Unanimously, at this moment, it is necessary to according to the method that user password stores, using identical method, correspondingly come to carry out user password Certification.
For example, during user authentication, the user password of input is P1, according to preset digest algorithm, calculates the use of acquisition It is H (P1) that the registered permanent residence, which enables the first digest value of P1,.
Wherein, here preset digest algorithm is identical in preset digest algorithm and step 100.
Then, according to current third time and above-mentioned initial key, current third key is generated, and work as based on above-mentioned Above-mentioned second digest value of preceding third key pair is encrypted.
For example, initial key is K0, the current third time is 6h, then according to K0Generating current third key with 6h is K3, based on K3, using preset Encryption Algorithm, H (P1) is encrypted, obtaining encrypted second digest value is
Finally, the first digest value after encrypted second digest value and re-encrypted is compared, when determining encryption When the second digest value afterwards is consistent with the first digest value after re-encrypted, judgement certification passes through.
For example, since system also can periodically be updated encrypted first digest value, according to above-described embodiment, it is assumed that Encrypted first digest value stored in current system isThen willWithIt carries out Compare, when determining consistent, it is possible to determine P=P1, that is, judge that certification passes through.
This is because when user password certification and storage, initial key is identical, using identical digest algorithm and is added Close algorithm, system can periodically update encrypted first digest value according to the time again, and therefore, when certification, to certification when is defeated What the key and the digest value of the user password to being stored in system that the digest value of the user password entered is encrypted were encrypted Key be also it is identical, therefore, the embodiment of the present invention, it is possibility to have effect be properly completed verification process.
Further, in verification process, the first abstract after encrypted second digest value and re-encrypted is determined When being worth inconsistent, further include:
First, it according to current third time and above-mentioned preset period, calculates relative to the above-mentioned current third time The previous time and the latter time.
For example, the current third time be 8h, predetermined period 1h, then relative to the previous time of 8h and the latter when Between be respectively 7h and 9h.
Then, based on above-mentioned previous time, above-mentioned the latter time and above-mentioned initial key, when generating previous respectively Between corresponding 4th key and the latter time corresponding 5th key, and be based respectively on above-mentioned 4th key and the 5th key pair Above-mentioned second digest value re-starts encryption.
Finally, the first digest value after the second digest value and re-encrypted after re-encrypted is compared respectively, when When determining that the second digest value after at least one re-encrypted is consistent with the first digest value after re-encrypted, judgement certification is led to It crosses.
It is a kind of the reason is that the user password of input is inconsistent this is because when determining inconsistent, it is also a kind of the reason is that During possible system is updated current key, i.e., the process that is updated to encrypted first digest value In, therefore, at this moment just need based on current third time and predetermined period, to obtain previous time and the latter time, It calculates corresponding key respectively again, and then the second digest value is encrypted respectively, be finally compared respectively, in this way, can be with Further improve the accuracy of certification.
Based on above-described embodiment, as shown in fig.2, in the embodiment of the present invention, the device of user password storage is specific to wrap It includes:
First computing unit 20 for receiving user password input by user, and according to preset digest algorithm, calculates institute State the first digest value of user password;
First encryption unit 21, for according to current first time and preset initial key, generating current first Key, and first digest value is encrypted based on the current first key;
Storage unit 22, for encrypted first digest value to be stored.
Preferably, after encrypted first digest value is stored, further comprise:
Updating unit 23, for according to the preset period, being updated to encrypted first digest value.
Preferably, when being updated to encrypted first digest value, updating unit 23 is specifically used for:
According to the second current time and the initial key, the second current key is generated;
Based on the current first key, encrypted first digest value is decrypted, obtains described first Digest value;
Encryption is re-started based on the first digest value described in the second current key pair, and by the after re-encrypted One digest value is stored.
Preferably, further comprise:
Second computing unit 24 for receiving user password input by user, and according to preset digest algorithm, calculates institute State the second digest value of user password;
Second encryption unit 25, for according to current third time and the initial key, it is close to generate current third Key, and be encrypted based on the second digest value described in the current third key pair;
First authentication unit 26, for the first digest value after encrypted second digest value and re-encrypted to be compared Compared with when determining that encrypted second digest value is consistent with the first digest value after re-encrypted, judgement certification passes through.
Preferably, when the first digest value after determining encrypted second digest value and re-encrypted is inconsistent, into one Step includes:
Third computing unit 27, for according to current third time and the preset period, calculating relative to described The previous time of current third time and the latter time;
Third encryption unit 28, for being based on the previous time, the latter time and the initial key, point Corresponding 4th key of previous time and the latter time corresponding 5th key are not generated, and it is close to be based respectively on the described 4th Second digest value described in key and the 5th key pair re-starts encryption;
Second authentication unit 29, for respectively by the first abstract after the second digest value and re-encrypted after re-encrypted Value is compared, and the second digest value after at least one re-encrypted is determined is consistent with the first digest value after re-encrypted When, judgement certification passes through.
In conclusion in the embodiment of the present invention, user password input by user is received, and according to preset digest algorithm, Calculate the first digest value of the user password;According to current first time and preset initial key, current is generated One key, and first digest value is encrypted based on the current first key;By encrypted first digest value Stored, in this way, storage be simply not only user password digest value, but, to the digest value of user password again Encrypted, storage be encrypted user password digest value, further improve user password storage safety, Improve the information security of user.
It should be understood by those skilled in the art that, the embodiment of the present invention can be provided as method, system or computer program Product.Therefore, the reality in terms of complete hardware embodiment, complete software embodiment or combination software and hardware can be used in the present invention Apply the form of example.Moreover, the computer for wherein including computer usable program code in one or more can be used in the present invention The computer program production that usable storage medium is implemented on (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) The form of product.
The present invention be with reference to according to the method for the embodiment of the present invention, the flow of equipment (system) and computer program product Figure and/or block diagram describe.It should be understood that it can be realized by computer program instructions every first-class in flowchart and/or the block diagram The combination of flow and/or box in journey and/or box and flowchart and/or the block diagram.These computer programs can be provided The processor of all-purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices is instructed to produce A raw machine so that the instruction performed by computer or the processor of other programmable data processing devices is generated for real The device of function specified in present one flow of flow chart or one box of multiple flows and/or block diagram or multiple boxes.
These computer program instructions, which may also be stored in, can guide computer or other programmable data processing devices with spy Determine in the computer-readable memory that mode works so that the instruction generation being stored in the computer-readable memory includes referring to Enable the manufacture of device, the command device realize in one flow of flow chart or multiple flows and/or one box of block diagram or The function of being specified in multiple boxes.
These computer program instructions can be also loaded into computer or other programmable data processing devices so that counted Series of operation steps are performed on calculation machine or other programmable devices to generate computer implemented processing, so as in computer or The instruction offer performed on other programmable devices is used to implement in one flow of flow chart or multiple flows and/or block diagram one The step of function of being specified in a box or multiple boxes.
Although preferred embodiments of the present invention have been described, but those skilled in the art once know basic creation Property concept, then can make these embodiments other change and modification.So appended claims be intended to be construed to include it is excellent It selects embodiment and falls into all change and modification of the scope of the invention.
Obviously, those skilled in the art can carry out the embodiment of the present invention various modification and variations without departing from this hair The spirit and scope of bright embodiment.In this way, if these modifications and variations of the embodiment of the present invention belong to the claims in the present invention And its within the scope of equivalent technologies, then the present invention is also intended to include these modifications and variations.

Claims (8)

  1. A kind of 1. method of user password storage, which is characterized in that including:
    User password input by user is received, and according to preset digest algorithm, calculates the first digest value of the user password;
    According to current first time and preset initial key, current first key is generated, and based on described current the The first digest value is encrypted described in one key pair;
    Encrypted first digest value is stored;
    User password input by user is received, and according to preset digest algorithm, calculates the second digest value of the user password;
    According to current third time and the initial key, current third key is generated, and based on the current third The second digest value is encrypted described in key pair;
    Encrypted second digest value and encrypted first digest value are compared, when determining encrypted second digest value When consistent with encrypted first digest value, judgement certification passes through.
  2. 2. the method as described in claim 1, which is characterized in that after encrypted first digest value is stored, into one Step includes:
    According to the preset period, encrypted first digest value is updated.
  3. 3. method as claimed in claim 2, which is characterized in that be updated, specifically include to encrypted first digest value:
    According to the second current time and the initial key, the second current key is generated;
    Based on the current first key, encrypted first digest value is decrypted, obtains first abstract Value;
    Encryption is re-started, and first after re-encrypted is plucked based on the first digest value described in the second current key pair It is worth and is stored.
  4. 4. method as claimed in claim 2, which is characterized in that when determining encrypted second digest value and encrypted first When digest value is inconsistent, further comprise:
    According to current third time and the preset period, calculate relative to the current third time it is previous when Between and the latter time;
    Based on the previous time, the latter time and the initial key, it is corresponding that the previous time is generated respectively 4th key and the latter time corresponding 5th key;
    Second digest value described in being based respectively on the 4th key and the 5th key pair re-starts encryption, and respectively will weight New encrypted second digest value and encrypted first digest value are compared, after at least one re-encrypted is determined When second digest value is consistent with encrypted first digest value, judgement certification passes through.
  5. 5. a kind of device of user password storage, which is characterized in that including:
    First computing unit for receiving user password input by user, and according to preset digest algorithm, calculates the user First digest value of password;
    First encryption unit, for according to current first time and preset initial key, generating current first key, and First digest value is encrypted based on the current first key;
    Storage unit, for encrypted first digest value to be stored;
    Second computing unit for receiving user password input by user, and according to preset digest algorithm, calculates the user Second digest value of password;
    Second encryption unit, for according to current third time and the initial key, generating current third key, and base It is encrypted in the second digest value described in the current third key pair;
    First authentication unit, for encrypted second digest value and encrypted first digest value to be compared, when determining When encrypted second digest value is consistent with encrypted first digest value, judgement certification passes through.
  6. 6. device as claimed in claim 5, which is characterized in that after encrypted first digest value is stored, into one Step includes:
    Updating unit, for according to the preset period, being updated to encrypted first digest value.
  7. 7. device as claimed in claim 6, which is characterized in that when being updated to encrypted first digest value, update is single Member is specifically used for:
    According to the second current time and the initial key, the second current key is generated;
    Based on the current first key, encrypted first digest value is decrypted, obtains first abstract Value;
    Encryption is re-started, and first after re-encrypted is plucked based on the first digest value described in the second current key pair It is worth and is stored.
  8. 8. device as claimed in claim 6, which is characterized in that when determining encrypted second digest value and encrypted first When digest value is inconsistent, further comprise:
    Third computing unit, for according to current third time and the preset period, calculating relative to described current The previous time of third time and the latter time;
    Third encryption unit for being based on the previous time, the latter time and the initial key, generates respectively Previous time corresponding 4th key and the latter time corresponding 5th key, and it is based respectively on the 4th key and institute Second digest value described in stating the 5th key pair re-starts encryption;
    Second authentication unit, for respectively comparing the second digest value after re-encrypted and encrypted first digest value Compared with, when the second digest value after determining at least one re-encrypted is consistent with encrypted first digest value, judgement certification Pass through.
CN201610907011.7A 2016-10-18 2016-10-18 A kind of method and device of user password storage Active CN106656495B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610907011.7A CN106656495B (en) 2016-10-18 2016-10-18 A kind of method and device of user password storage

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610907011.7A CN106656495B (en) 2016-10-18 2016-10-18 A kind of method and device of user password storage

Publications (2)

Publication Number Publication Date
CN106656495A CN106656495A (en) 2017-05-10
CN106656495B true CN106656495B (en) 2018-06-12

Family

ID=58855933

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610907011.7A Active CN106656495B (en) 2016-10-18 2016-10-18 A kind of method and device of user password storage

Country Status (1)

Country Link
CN (1) CN106656495B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111934862B (en) * 2019-08-23 2023-08-11 广州华多网络科技有限公司 Server access method and device, readable medium and electronic equipment
CN112788012B (en) * 2020-12-30 2023-07-25 深圳市欢太科技有限公司 Log file encryption method and device, storage medium and electronic equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101291227A (en) * 2008-06-06 2008-10-22 薛明 Password inputting method, device and system
CN102480353A (en) * 2010-11-26 2012-05-30 航天信息股份有限公司 Method of password authentication and secret key protection
CN102843422A (en) * 2012-07-31 2012-12-26 郑州信大捷安信息技术股份有限公司 Account management system and account management method based on cloud service
CN105391556A (en) * 2015-11-27 2016-03-09 厦门雅迅网络股份有限公司 Method and apparatus for generating dynamic password, authentication method and system

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101301609B1 (en) * 2012-05-31 2013-08-29 서울대학교산학협력단 Apparatus and method for generating secret key, and recording medium storing program for executing method of the same in computer

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101291227A (en) * 2008-06-06 2008-10-22 薛明 Password inputting method, device and system
CN102480353A (en) * 2010-11-26 2012-05-30 航天信息股份有限公司 Method of password authentication and secret key protection
CN102843422A (en) * 2012-07-31 2012-12-26 郑州信大捷安信息技术股份有限公司 Account management system and account management method based on cloud service
CN105391556A (en) * 2015-11-27 2016-03-09 厦门雅迅网络股份有限公司 Method and apparatus for generating dynamic password, authentication method and system

Also Published As

Publication number Publication date
CN106656495A (en) 2017-05-10

Similar Documents

Publication Publication Date Title
CN106687980B (en) Management program and virtual machine protection
US9009463B2 (en) Secure delivery of trust credentials
CN105491062B (en) A kind of client software guard method, device and client
CN106991298B (en) Access method of application program to interface, authorization request method and device
KR20160138063A (en) Techniques to operate a service with machine generated authentication tokens
US11418499B2 (en) Password security
WO2015188426A1 (en) Method, device, system, and related device for identity authentication
RU2015117644A (en) SAFE DATA PROCESSING BY VIRTUAL MACHINE
CN104980477A (en) Data access control method and system in cloud storage environment
CN106716957A (en) Efficient and reliable attestation
JP2014516448A (en) Secure data storage
CA2842741C (en) Password audit system
CN110401538A (en) Data ciphering method, system and terminal
CN106992859B (en) Bastion machine private key management method and device
EP3206329A1 (en) Security check method, device, terminal and server
US9378358B2 (en) Password management system
CN104794394A (en) Virtual machine starting verification method and device
CN106656495B (en) A kind of method and device of user password storage
EP3338214B1 (en) Secure computation environment
US9930031B2 (en) Multi-factor user authentication based on user credentials and entry timing
CN106571928B (en) A kind of method and device of browser administration
CN114666108A (en) Identity authentication method, device, equipment and medium based on user-defined resources
CN107070648A (en) A kind of cryptographic key protection method and PKI system
CN107392039B (en) Computer hard disk data encryption method and device
CN114466358B (en) User identity continuous authentication method and device based on zero trust

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant