CN114584327B - Verification method and system for graphic verification code generated by client - Google Patents

Verification method and system for graphic verification code generated by client Download PDF

Info

Publication number
CN114584327B
CN114584327B CN202210495601.9A CN202210495601A CN114584327B CN 114584327 B CN114584327 B CN 114584327B CN 202210495601 A CN202210495601 A CN 202210495601A CN 114584327 B CN114584327 B CN 114584327B
Authority
CN
China
Prior art keywords
verification code
verification
client
picture
character string
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210495601.9A
Other languages
Chinese (zh)
Other versions
CN114584327A (en
Inventor
牟文青
王涛
安士才
冷政君
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shandong Jerei Digital Technology Co Ltd
Original Assignee
Shandong Jerei Digital Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shandong Jerei Digital Technology Co Ltd filed Critical Shandong Jerei Digital Technology Co Ltd
Priority to CN202210495601.9A priority Critical patent/CN114584327B/en
Publication of CN114584327A publication Critical patent/CN114584327A/en
Application granted granted Critical
Publication of CN114584327B publication Critical patent/CN114584327B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • H04L9/3213Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)
  • User Interface Of Digital Computer (AREA)

Abstract

The invention discloses a verification method and a verification system for a graph verification code generated by a client, and belongs to the field of graph verification code generation and verification. The method comprises the following steps: determining a public key and a private key; generating an original character string of the verification code by a random number algorithm; encrypting the verification code original character string through the public key to generate a verification token; generating a verification code picture based on the verification code original character string; determining an input verification code based on the verification code picture; and verifying the input verification code based on the verification token. By the method and the system, the interaction frequency of the client and the server in the graphical verification code generation and verification process can be reduced to 1 time, the dependence on a network and the pressure of a server are reduced, and the response speed and the user experience are improved.

Description

Verification method and system for graphic verification code generated by client
Technical Field
The invention relates to the technical field of graph verification code generation and verification, in particular to a verification method and a verification system for a graph verification code generated by a client.
Background
At present, in the field of software, applications including but not limited to enterprise applications, web portals, mobile phone apps and the like all require a function of checking a graphical verification code. In the prior art and the method, a request for generating a verification code is sent to a server side through a client side, after the server side generates the verification code, the original value of the verification code is stored in the local of the server side, and a verification code generation result is sent to the client side in a picture form. And after the user inputs the verification code, a request is sent to the server, the server compares the content input by the user with the original value of the verification code stored in advance, and then a comparison result is returned. The method has the advantages that the interaction times of the client and the server are large, the picture occupies large network resources in the network transmission process, and the verification code is easy to refresh when the network condition is not good, so that the user experience is influenced.
Disclosure of Invention
The invention aims to provide a verification method and a verification system for a graphic verification code generated by a client, which are used for reducing the dependence on a network and the pressure of a server and improving the response speed and the user experience.
In order to achieve the purpose, the invention provides the following scheme:
a verification method for a graphic verification code generated by a client comprises the following steps:
determining a public key and a private key;
generating an original character string of the verification code by a random number algorithm;
encrypting the verification code original character string through the public key to generate a verification token;
generating a verification code picture based on the verification code original character string;
determining an input verification code based on the verification code picture;
and verifying the input verification code based on the verification token.
Optionally, the generating a verification code picture based on the verification code original character string specifically includes:
generating an original verification code picture by adopting a picture generation algorithm based on the original verification code character string;
and deforming the verification code original picture and adding an interference image to generate a verification code picture.
Optionally, the verifying the input verification code based on the verification token specifically includes:
decrypting the verification token through the private key to obtain a decrypted verification code;
and comparing the decrypted verification code with the input verification code to finish verification.
The invention also provides a verification system of the graph verification code generated by the client, which comprises the client and the server; the client stores a public key, and the server stores a private key;
the client generates an original character string of the verification code by a random number algorithm;
the client encrypts the verification code original character string through the public key to generate a verification token;
the client generates a verification code picture based on the verification code original character string;
the client acquires an input verification code submitted by a user according to the verification code picture, transmits the input verification code and the verification token to the server and submits a verification request;
and the server side carries out verification according to the verification request.
Optionally, the client generates an original verification code picture by using a picture generation algorithm based on the original verification code character string, deforms the original verification code picture and adds an interference image to generate the verification code picture.
Optionally, the client transmits the input verification code and the verification token to the server through a hypertext transfer protocol interface.
Optionally, the verifying by the server according to the verification request specifically includes:
and after receiving the verification request submitted by the client, the server decrypts the verification token through the private key, compares the decrypted verification code with the input verification code and returns a comparison result.
According to the specific embodiment provided by the invention, the invention discloses the following technical effects:
the verification code verification function is realized by generating a verification code original character string and a corresponding verification code picture at the client, encrypting the verification code original character string into token by using an encryption algorithm, and transmitting the token and the input verification code content to the server for verification. According to the invention, the interaction times of the client and the server in the graphical verification code generation and verification process are reduced to 1, the dependence on a network and the pressure of a server are reduced, and the response speed and the user experience are improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings required in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to these drawings without creative efforts.
FIG. 1 is a flow chart of a method for verifying a graphical verification code generated by a client according to the present invention;
fig. 2 is a flowchart of the work flow of the verification system of the graphical verification code generated by the client according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The invention aims to provide a verification method and a verification system for a graphic verification code generated by a client, which are used for reducing the dependence on a network and the pressure of a server and improving the response speed and the user experience.
In order to make the aforementioned objects, features and advantages of the present invention comprehensible, embodiments accompanied with figures are described in further detail below.
As shown in fig. 1, the method for verifying the graphical verification code generated by the client according to the present invention includes the following steps:
step 101: a public key and a private key are determined.
The client and the server contract a public key and a private key required by encryption in advance, the private key is stored in the server, and the public key is stored in the client.
Step 102: and generating the original character string of the verification code by a random number algorithm.
Step 103: and encrypting the verification code original character string through the public key to generate a verification token.
Step 104: and generating a verification code picture based on the verification code original character string.
Based on the verification code original character string, a verification code original picture is generated by adopting a picture generation algorithm, and the verification code original picture is deformed and subjected to processing such as image interference and the like through a preset strategy to generate a final verification code picture.
Step 105: determining an input verification code based on the verification code picture.
Step 106: and verifying the input verification code based on the verification token.
Decrypting the verification token through the private key to obtain a decrypted verification code; and comparing the decrypted verification code with the input verification code to finish verification.
As shown in fig. 2, the present invention further provides a verification system for a graphical verification code generated by a client, where the verification system includes a client and a server. The client can be a smart phone, a tablet computer, a personal computer and other devices with networking functions. The server side is server equipment. The client and the server contract a public key and a private key required by encryption in advance, the private key is stored in the server, and the public key is stored in the client.
1. And the client generates an original character string of the verification code by a random number algorithm.
2. And the client encrypts the verification code original character string through the public key to generate a verification token.
3. And the client generates a verification code picture based on the verification code original character string.
The client generates an original verification code picture by adopting a picture generation algorithm, and the original verification code picture is deformed, an interference image is added and the like through a preset strategy to generate a final verification code picture which is displayed on a user interface.
4. The user inputs and submits the verification code at the client based on the verification code picture, the client receives the input verification code submitted by the user, transmits the input verification code and the verification token to the server through a HyperText Transfer Protocol (HTTP), and submits a verification request.
5. And the server side carries out verification according to the verification request.
And after receiving the verification request submitted by the client, the server decrypts the verification token through the private key, compares the decrypted verification code with the input verification code, and returns a comparison result.
The verification code generation is completed at the client, the interaction times of the client and the server in the generation and verification process are reduced to 1 time, the verification code refreshing is completely realized at the client by the user, the dependence on the network and the pressure of the server are reduced, and the response speed and the user experience are improved.
The embodiments in the present description are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other.
The principles and embodiments of the present invention have been described herein using specific examples, which are provided only to help understand the method and the core concept of the present invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, the specific embodiments and the application range may be changed. In view of the above, the present disclosure should not be construed as limiting the invention.

Claims (7)

1. A verification method for a graph verification code generated by a client is characterized by comprising the following steps:
determining a public key from a client and a private key from a server;
the client generates an original character string of the verification code by a random number algorithm;
the client encrypts the verification code original character string through the public key to generate a verification token;
the client generates a verification code picture based on the verification code original character string;
the client acquires an input verification code submitted by a user according to the verification code picture, and transmits the input verification code and the verification token to the server;
and the server side verifies the input verification code based on the verification token.
2. The method for verifying the graphical verification code generated by the client according to claim 1, wherein the generating of the verification code picture based on the verification code original character string specifically includes:
generating an original verification code picture by adopting a picture generation algorithm based on the original verification code character string;
and deforming the verification code original picture and adding an interference image to generate a verification code picture.
3. The method for verifying the graphical verification code generated by the client according to claim 1, wherein the verifying the input verification code based on the verification token specifically comprises:
decrypting the verification token through the private key to obtain a decrypted verification code;
and comparing the decrypted verification code with the input verification code to finish verification.
4. A verification system for a graphic verification code generated by a client is characterized by comprising the client and a server; the client stores a public key, and the server stores a private key;
the client generates an original character string of the verification code by a random number algorithm;
the client encrypts the verification code original character string through the public key to generate a verification token;
the client generates a verification code picture based on the verification code original character string;
the client acquires an input verification code submitted by a user according to the verification code picture, transmits the input verification code and the verification token to the server and submits a verification request;
and the server side carries out verification according to the verification request.
5. The system for verifying the graphical verification code generated by the client according to claim 4, wherein the client generates an original verification code picture by using a picture generation algorithm based on the original verification code character string, and generates the verification code picture by deforming the original verification code picture and adding an interference image.
6. The system of claim 4, wherein the client transmits the input validation code and the validation token to the server via a hypertext transfer protocol interface.
7. The system for verifying the graphical verification code generated by the client as claimed in claim 4, wherein the server decrypts the verification token by the private key after receiving the verification request submitted by the client, compares the decrypted verification code with the input verification code, and returns the comparison result.
CN202210495601.9A 2022-05-09 2022-05-09 Verification method and system for graphic verification code generated by client Active CN114584327B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210495601.9A CN114584327B (en) 2022-05-09 2022-05-09 Verification method and system for graphic verification code generated by client

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210495601.9A CN114584327B (en) 2022-05-09 2022-05-09 Verification method and system for graphic verification code generated by client

Publications (2)

Publication Number Publication Date
CN114584327A CN114584327A (en) 2022-06-03
CN114584327B true CN114584327B (en) 2022-08-12

Family

ID=81769295

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210495601.9A Active CN114584327B (en) 2022-05-09 2022-05-09 Verification method and system for graphic verification code generated by client

Country Status (1)

Country Link
CN (1) CN114584327B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115225362A (en) * 2022-07-13 2022-10-21 南京元贝信息技术有限公司 Verification method, device, equipment and storage medium of man-machine behavior

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102594806A (en) * 2012-01-31 2012-07-18 华为技术有限公司 Verification method and advertising server
CN104468616A (en) * 2014-12-24 2015-03-25 广州华多网络科技有限公司 Picture verification code generation method and client side
CN106878024A (en) * 2017-03-08 2017-06-20 北京科摩仕捷科技有限公司 A kind of checking code check method and system based on caching
WO2018059480A1 (en) * 2016-09-29 2018-04-05 腾讯科技(深圳)有限公司 Method, device, and system for defending against network attack
CN113918898A (en) * 2021-08-31 2022-01-11 暨南大学 Safety verification code generation method, system and medium based on track drawing interaction

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010037429A1 (en) * 2008-09-30 2010-04-08 Novelty Group Limited Method for generating a verification code, verification code, method and device for verifying the authenticity of objects
CN104104664A (en) * 2013-04-11 2014-10-15 腾讯科技(深圳)有限公司 Method, server, client and system for verifying verification code
CN106899610A (en) * 2017-03-22 2017-06-27 世纪恒通科技股份有限公司 A kind of checking code verification method without storage
CN112039890A (en) * 2020-08-31 2020-12-04 重庆可兰达科技有限公司 Verification code verification method, device, terminal and medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102594806A (en) * 2012-01-31 2012-07-18 华为技术有限公司 Verification method and advertising server
CN104468616A (en) * 2014-12-24 2015-03-25 广州华多网络科技有限公司 Picture verification code generation method and client side
WO2018059480A1 (en) * 2016-09-29 2018-04-05 腾讯科技(深圳)有限公司 Method, device, and system for defending against network attack
CN106878024A (en) * 2017-03-08 2017-06-20 北京科摩仕捷科技有限公司 A kind of checking code check method and system based on caching
CN113918898A (en) * 2021-08-31 2022-01-11 暨南大学 Safety verification code generation method, system and medium based on track drawing interaction

Also Published As

Publication number Publication date
CN114584327A (en) 2022-06-03

Similar Documents

Publication Publication Date Title
US10999257B2 (en) Secure delivery and storage of content
CN112154638B (en) System and method for distributed verification of online identity
CN111064757B (en) Application access method and device, electronic equipment and storage medium
CN108322416B (en) Security authentication implementation method, device and system
CN113489585A (en) Identity authentication method and system of terminal equipment, storage medium and electronic equipment
CN111970109B (en) Data transmission method and system
CN112035827B (en) Cipher data processing method, device, equipment and readable storage medium
CN103414727A (en) Encryption protection system for input password input box and using method thereof
CN114584327B (en) Verification method and system for graphic verification code generated by client
CN110036615B (en) Method, system and computer readable medium for communicating account authentication information via parameters
CN114553590A (en) Data transmission method and related equipment
CN111249740A (en) Resource data access method and system
Hussain et al. Secure password transmission for web applications over internet using cryptography and image steganography
CN114095165B (en) Key updating method, server device, client device and storage medium
JP2022172251A (en) Systems and methods for protecting data
CN112565156B (en) Information registration method, device and system
CN107872312A (en) Symmetric key dynamic creation method, device, equipment and system
CN110166226B (en) Method and device for generating secret key
KR101200331B1 (en) Digital Signing Method among Cross Domains
CN113271306B (en) Data request and transmission method, device and system
CN115473690A (en) Data transmission method, data transmission device, electronic equipment, data transmission medium and program product
CN113742671A (en) Online collaborative information processing method, system, electronic device and storage medium
CN115580470A (en) Method, system and equipment for querying secret file based on searchable encryption technology
CN112769912A (en) Data synchronization method of Internet of things equipment and computer readable storage medium
CN113656811A (en) Dynamic key data encryption method based on memory

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant