KR20080109581A - Method of recording and certifying image password - Google Patents
Method of recording and certifying image password Download PDFInfo
- Publication number
- KR20080109581A KR20080109581A KR1020070081600A KR20070081600A KR20080109581A KR 20080109581 A KR20080109581 A KR 20080109581A KR 1020070081600 A KR1020070081600 A KR 1020070081600A KR 20070081600 A KR20070081600 A KR 20070081600A KR 20080109581 A KR20080109581 A KR 20080109581A
- Authority
- KR
- South Korea
- Prior art keywords
- image
- specific
- symbol
- call
- image key
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/36—User authentication by graphic or iconic representation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Telephonic Communication Services (AREA)
Abstract
The present invention relates to an image password storage and authentication method that enhances security against server hacking by not storing password information in a server, and implements a complete password system against password attack by server hacking. Match specific images to at least two specific symbols among the images, and set them as specific symbol-specific image key pairs, and randomly match the remaining symbols and images, and set them as arbitrary symbol-image key pairs and store them in the server. It is done.
According to the present invention, it is possible to provide an image password storage and authentication method that enhances security against server hacking by not storing password information in a server and implements a complete password system against password attack by server hacking.
Description
The present invention relates to an image password storage and authentication method, and more particularly, to enhance security against server hacking by not storing password information on a server, and to implement a complete password system against password attack by server hacking. Password storage and authentication method.
Currently, security programs for personal computers (PCs) have already been commercialized, and functions such as monitoring illegal installation for hacking or installation of hacking programs are provided.
In addition, many Internet sites allow users to check secure connection options when logging in. To prevent hackers from invading, they use the 128-bit SSL (Secure Sockets Layer) standard, which is used for Internet banking and card payments. It provides a service for encrypting passwords.
However, a personal computer security program only works on the computer on which it is installed, so if you open the e-mail on another computer, you are exposed to hacking again.
In addition, the conventional secure access service was helpless for the keyboard input information hacking program installed directly in the computer.
An object of the present invention for solving the above problems is to store the image password and authentication method to enhance the security against server hacking by not storing the password information in the server, and implement a complete password system against password attack by server hacking To provide.
Image password storage and authentication method of the present invention for achieving the above object, from a certain number of symbols and images, the specific image is matched by the user to at least two specific symbols to be used as call codes, respectively, specific symbol-specific image Set as a key pair, and the remaining symbols and images are arbitrarily matched, set as arbitrary symbol-image key pairs, stored in the server together with the specific symbol-specific image key pair, and when the specific image is sequentially selected during user authentication. Provided is an image password storage and authentication method characterized by authenticating with the correct user.
In addition, the image password storage and authentication method of the present invention for achieving the above object, and generates a call table for each digit of the call code from a certain number of symbols and images, each stored in the server, the call table is the call table Combination of specific symbol-specific image key pair that is set by matching specific image by user to specific symbol of each digit of code, and random symbol-image key pair which is set by random matching of remaining images to each other symbol When the specific image is sequentially selected during user authentication, an image password storage and authentication method is provided.
The specific symbol may be hardware information.
In addition, the image password storage and authentication method of the present invention for achieving the above object, among a predetermined number of symbols and images, the specific image is matched by the user to at least two specific symbols to be used as a call code, respectively. It is set as a specific image key pair, and the remaining symbols and images are arbitrarily matched and set as arbitrary symbol-image key pairs and stored in the server together with the specific symbol-specific image key pair. After the call code input step of inputting a specific symbol designated as a code to the user terminal, after the call code input step, the server displays the image key table consisting of the images stored in the storage step on the user terminal and the display From the table of image keys displayed on the user's terminal in
In addition, in the image password storage and authentication method of the present invention for achieving the above object, a call table is generated for each digit of a call code among a predetermined number of symbols and images and stored in a server, and the call table is the call table. A specific symbol-specific image key pair set by matching a specific image to a specific symbol in each digit of the code, and an arbitrary symbol-image key pair set by arbitrarily matching the remaining images to the remaining symbols When the storage step, the authentication is performed, the call code input step of inputting a specific symbol designated as the call code in the storage step to the user terminal, after the call code input step, the server is an image consisting of the images stored in the storage step The display step of displaying the key table on the user terminal and the server display the table on the user terminal. The image key selected by the user is sequentially input from the displayed image key table, and the symbol matched to the input image key is queried from the corresponding call table stored in the storage step, and the matched symbol corresponds to the corresponding digit of the call code. If matched with the present invention provides an image password storage and authentication method comprising the authentication step of authenticating with the correct user.
The specific symbol input in the call code input step may be input by encrypting.
In the call code input step, the specific symbol may be stored as a file in the user terminal and automatically input at the time of authentication.
The file may also be stored in the user's mobile terminal.
As described above, according to the present invention, there is provided an image password storage and authentication method that enhances security against server hacking by not storing password information in a server, and implements a complete password system against password attack by server hacking. can do.
DETAILED DESCRIPTION Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings so that those skilled in the art can easily carry out the present invention.
1. First embodiment
1 is a view showing a user screen when calling a call code according to a first embodiment of the present invention, Figure 2 is a view showing the inside of a server when calling a call code according to a first embodiment of the present invention, Figure 3 is a view of the
In order to perform authentication using a symbol-image key pair according to the present invention as a password, a user must first specify a specific symbol to be matched with the image key.
If at least two specific symbols to be matched with the image key are determined, the desired specific images among the multiple images are sequentially matched to each specific symbol designated by the user, and the remaining unmatched images are randomly selected from the rest of the symbols besides the specific symbols. After matching, the server stores the symbol-image key pair in the server (S410). At this time, the specific symbol matched with the image key is a call code for calling the image keys stored in the server.
For example, as shown in FIG. 2, when the user designates 'ceo' as the call code, 'c' is the first image key (man) 210 and 'e' is the second image key (airplane) 220. ), 'o' directly matches each of the third image key (cloud) 230, and the remaining images are randomly matched to the remaining symbols to store the matched symbol-image key pair in the server.
For another example, as shown in FIG. 3A, when the user designates 'ford' as the call code, 'f' is the first image key (man) 310 and 'o' is the second image key (step; 320, 'r' directly matches the third image key (pig 330), and 'd' directly matches the fourth image key (female) 340, and as shown in FIG. 3B, the remaining images are random to the remaining symbols. To store the matched symbol-image key pair on the server.
Next, when the user tries to access the server using the terminal (S420), the server displays the screen as shown in FIG. 1 on the user screen for user authentication. Then, 'ceo' designated as the calling code is inputted in the
At this time, as shown in Fig. 1, the call code is preferably input by encrypting (for example, '***').
If the user passes the call code input step by text input (S440), the server randomly shuffles all the images stored with the predetermined symbol-specific image key pair to the user in random order with other random image key pairs. Is displayed on the user screen (S450).
At this time, the symbol matching the image key is not displayed in the image key table of the user screen, and only the image keys are displayed.
Next, the user selects a specific image key (man, airplane, cloud) matching the call codes 'c', 'e', and 'o' entered in order from the image key table (S460), and selects the selected image. If the key is correct (S470), the server passes the authentication step to authenticate with the correct user (S480).
Therefore, according to the present invention, since a symbol corresponding to a call code is not stored in the server, only a large number of symbol-image key pairs are stored, and user authentication is performed according to the above method. It is possible to implement a complete cryptosystem against password attacks.
2. Second Embodiment
Hereinafter, a second embodiment of the present invention will be described.
5 is a view showing an example of setting a symbol-image key pair according to a second embodiment of the present invention, Figure 6 is a view showing a user screen when calling a call code according to a second embodiment of the present invention.
In the second embodiment of the present invention, the rest of the contents are the same except that the symbol-image key pair of the first embodiment is stored in the server, and thus the description of the same contents is omitted.
In order to use the symbol-image key pair according to the second embodiment of the present invention as a password, the user must first designate a specific symbol to which the image key is matched.
If at least two specific symbols to be matched with the image key are determined, a specific symbol-specific image key pair is set by matching desired specific images among multiple images to each specific symbol designated by the user, and in addition to the specific symbol-specific image key pair The remaining symbols and images are randomly matched and set to arbitrary symbol-image key pairs, and then one symbol-specific image key pair is included in one symbol-image key pair, so that the symbol including the specific symbol-image key pair is included. Store the image key pairs in the server (S410).
That is, if there are two specific symbols and two specific symbol-specific image key pairs are set by matching specific images to each specific symbol, the first specific symbol-specific image key pair is included in any symbol-image key pair first. Store on the server, and then store the second specific symbol-specific image key pair in any symbol-image key pair.
For example, as shown in FIG. 5, when the user designates 'kiss' as the calling code, 'k' is the first image key (man 510) and 'i' is the second image key (step) 520 ), 's' directly matches the third image key (pig 530), and the other 's' directly matches the fourth image key (female 540).
Then, as shown in Fig. 5A, the symbol-image key pair except for the k-
Next, when the user wants to access the server (S420), the server displays a screen as shown in FIG. 6 on the user screen for user authentication. Then, the user inputs 'kiss' designated by the call code into the
At this time, as shown in Fig. 6, it is preferable that the call code is input by encrypting (for example, '****').
If the user passes the call code input step by text input (S440), the server randomly shuffles all the images stored with the predetermined symbol-specific image key pair to the user in random order with other random image key pairs. Is displayed on the user screen (S450). At this time, the symbol matching the image key is not displayed in the image key table of the user screen, and only the image keys are displayed.
Next, the user selects a specific image key (man, stair, pig, woman) matching the call codes 'k', 'i', 's' and 's' entered in order from the image key table ( S460), the 'step' where the first selected image key corresponds to the 'male' image key matched to the 'k' of the first digit call table stored in the server, and the second selected image key matches the 'i' of the second digit call table stored in the server 'Corresponds to the image key, the third selected image key corresponds to the' pig 'image key matched to' s' in the third digit call table stored on the server, and the fourth selected image key is placed in 's' in the fourth digit call table stored on the server. If it corresponds to the matched 'woman' image key (S470), the server passes the authentication step to authenticate as a correct user (S480).
3. Third embodiment
Since the third embodiment of the present invention is the same except for the method of inputting the call code in the first embodiment or the second embodiment, the description of the same content is omitted.
When performing authentication according to the first or second embodiment according to the present invention, there is a risk that the calling code is exposed to the surrounding people when selecting the keyboard to enter the calling code or selecting the virtual keyboard.
Therefore, in the third embodiment of the present invention, the call code is stored in the user terminal as a file, and the call code file is called out during authentication to enter the call code in the text input window. At this time, the call code is automatically input to the text input windows (110, 610), it is preferable that the encryption (for example '****') is entered.
If the calling code is saved as a file and the calling code is inputted, the calling code cannot be known even if other people see it from the side, and it also reduces the inconvenience of having to manually enter the calling code every time it is authenticated. have.
On the other hand, after storing the call code stored in the user terminal in the mobile terminal together, when the authentication is performed in another user terminal that does not have the call code stored, the call code stored in the mobile terminal is recalled and the call code is input to the user terminal. You can also call up image key pairs.
4. Fourth embodiment
Since the fourth embodiment of the present invention is the same except for the method of inputting the call codes in the first to third embodiments, the description of the same contents is omitted.
In the fourth embodiment of the present invention, the hardware information of the user terminal is used as the call code.
For example, if the serial number of the hard disk is 'R25A', select the desired first image key for 'R', the desired second image key for '2', and the desired third image for '5'. Select a key, select a desired fourth image key in 'A', and then match and store each image. And during authentication, the serial number of the hard disk is automatically recognized, and the call code 'R25A' is automatically entered into the
As described above, the present invention is not limited to the above-described preferred embodiments and can be easily modified and implemented by anyone skilled in the art without departing from the gist of the present invention as claimed in the claims. Such changes are intended to fall within the scope of the claims.
1 is a view showing a user screen when calling a call code according to a first embodiment of the present invention;
2 is a view showing the inside of the server when calling the call code according to the first embodiment of the present invention;
3 is a view showing an example of setting a symbol-image key pair according to a first embodiment of the present invention;
4 is a flowchart showing an image password authentication method according to a first embodiment of the present invention;
5A illustrates an example of setting a first digit symbol-image key pair according to a second embodiment of the present invention;
5B illustrates an example of setting a second digit symbol-image key pair according to a second embodiment of the present invention;
5C illustrates an example of setting a third digit symbol-image key pair according to a second embodiment of the present invention;
5D illustrates an example of setting a fourth digit symbol-image key pair according to a second embodiment of the present invention;
6 is a view showing a user screen when calling a call code according to a second embodiment of the present invention.
Claims (8)
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020070057124 | 2007-06-12 | ||
KR20070057124 | 2007-06-12 |
Publications (1)
Publication Number | Publication Date |
---|---|
KR20080109581A true KR20080109581A (en) | 2008-12-17 |
Family
ID=40368870
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020070081600A KR20080109581A (en) | 2007-06-12 | 2007-08-14 | Method of recording and certifying image password |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR20080109581A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2013162296A1 (en) * | 2012-04-25 | 2013-10-31 | 주식회사 로웸 | Passcode operating system, passcode apparatus, and super-passcode generating method |
WO2013165227A1 (en) * | 2012-05-04 | 2013-11-07 | 주식회사 로웸 | Icon password setting apparatus and icon password setting method using keyword of icon |
KR101381583B1 (en) * | 2012-06-27 | 2014-04-07 | 고려대학교 산학협력단 | Graphical-password Authentication Method |
CN105096121A (en) * | 2015-06-25 | 2015-11-25 | 百度在线网络技术(北京)有限公司 | Voiceprint authentication method and device |
-
2007
- 2007-08-14 KR KR1020070081600A patent/KR20080109581A/en not_active Application Discontinuation
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2013162296A1 (en) * | 2012-04-25 | 2013-10-31 | 주식회사 로웸 | Passcode operating system, passcode apparatus, and super-passcode generating method |
US9769154B2 (en) | 2012-04-25 | 2017-09-19 | Rowem Inc. | Passcode operating system, passcode apparatus, and super-passcode generating method |
WO2013165227A1 (en) * | 2012-05-04 | 2013-11-07 | 주식회사 로웸 | Icon password setting apparatus and icon password setting method using keyword of icon |
US9531706B2 (en) | 2012-05-04 | 2016-12-27 | Rowem Inc. | Icon password setting apparatus and icon password setting method using keyword of icon |
KR101381583B1 (en) * | 2012-06-27 | 2014-04-07 | 고려대학교 산학협력단 | Graphical-password Authentication Method |
CN105096121A (en) * | 2015-06-25 | 2015-11-25 | 百度在线网络技术(北京)有限公司 | Voiceprint authentication method and device |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8732477B2 (en) | Graphical image authentication and security system | |
Jansen | Authenticating mobile device users through image selection | |
US8997177B2 (en) | Graphical encryption and display of codes and text | |
US7644433B2 (en) | Authentication system and method based upon random partial pattern recognition | |
US7073067B2 (en) | Authentication system and method based upon random partial digitized path recognition | |
CA2649015C (en) | Graphical image authentication and security system | |
US7519989B2 (en) | Token device that generates and displays one-time passwords and that couples to a computer for inputting or receiving data for generating and outputting one-time passwords and other functions | |
US7770002B2 (en) | Multi-factor authentication | |
CN112425114B (en) | Password manager protected by public key-private key pair | |
US20080263361A1 (en) | Cryptographically strong key derivation using password, audio-visual and mental means | |
US20070271465A1 (en) | Method of Authentication by Challenge-Response and Picturized-Text Recognition | |
US9172692B2 (en) | Systems and methods for securely transferring authentication information between a user and an electronic resource | |
JP2012185844A (en) | Computer-implemented authentication interface system | |
EP2150915B1 (en) | Secure login protocol | |
US8327420B2 (en) | Authentication system and method | |
AU2020220152A1 (en) | Interception-proof authentication and encryption system and method | |
KR20080109581A (en) | Method of recording and certifying image password | |
US20180124034A1 (en) | Image based method, system and computer program product to authenticate user identity | |
US11652814B2 (en) | Password protection in a computing environment | |
US20140096211A1 (en) | Secure identification of intranet network | |
Mulwani et al. | 3LAS (three level authentication scheme) | |
KR20090013616A (en) | Server certification system and method using server certification code | |
Thotadi et al. | E-Brightpass: A Secure way to access social networks on smartphones | |
Vaz et al. | Authentication technique for security using ensemble graphical password | |
AU2004323374B2 (en) | Authentication system and method based upon random partial digitized path recognition |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
E601 | Decision to refuse application |