KR20110121032A - Security device with output window and its input method of password - Google Patents

Security device with output window and its input method of password Download PDF

Info

Publication number
KR20110121032A
KR20110121032A KR1020100040436A KR20100040436A KR20110121032A KR 20110121032 A KR20110121032 A KR 20110121032A KR 1020100040436 A KR1020100040436 A KR 1020100040436A KR 20100040436 A KR20100040436 A KR 20100040436A KR 20110121032 A KR20110121032 A KR 20110121032A
Authority
KR
South Korea
Prior art keywords
password
unit
control unit
security device
keyboard
Prior art date
Application number
KR1020100040436A
Other languages
Korean (ko)
Inventor
서정훈
이정엽
Original Assignee
주식회사 스마트솔루션
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 스마트솔루션 filed Critical 주식회사 스마트솔루션
Priority to KR1020100040436A priority Critical patent/KR20110121032A/en
Publication of KR20110121032A publication Critical patent/KR20110121032A/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Input From Keyboards Or The Like (AREA)

Abstract

PURPOSE: A security apparatus including a display window and secret number input method using the display window of an input apparatus are provided to prevent the exposure of a password from hacking by reducing the number of input values of an input apparatus. CONSTITUTION: A control unit(120) displays a number in which is located from zero to nine on an display unit(130) by selecting the number. A user transmits an increasing or decreasing signal to the control unit using a mouse or a keyboard. The control unit displays the number on the display unit according to the increasing or decreasing signal. When a user transmits the signal in which is selected by the mouse or the key board to the control unit, the control unit completes a secret number by selecting the input value in which is displayed on the output unit. When the user transmits a confirmation signal to the control unit, the control unit transmits the secret number to the authentication unit(140).

Description

Security device with output window and its input method of password}

The present invention relates to a security device having an output window and a secure password input method in a field belonging to user authentication.

As the Internet and Internet banking become more common, security incidents related to various Internet banking are also increasing. In particular, financial security incidents such as leaking the certificate stored in the hard disk of a PC cause serious problems. The leakage of the public certificate means the leakage of the digital signature key that technically corresponds to the public certificate.

By using the security token, it is possible to prevent the leakage of the digital signature key at the source to prevent financial security accidents caused by the leakage of the certificate.

A security token is a hardware device that can safely store and store secret information such as an electronic signature key, and is a hardware device that can not be leaked outside of the secret information.It has a process and cryptographic operation device that can generate an electronic signature key, generate and verify an electronic signature, etc. It is a hardware device.

In general, a smart token IC is used to implement a security token in the form of a USB interface. It is also possible to use the smart card reader and smart card IC together with the security token.

To prevent such financial security incidents, the Financial Supervisory Service, the Korea Internet Security Agency (former Korea Information Security Agency), and banks recommend the use of security tokens.

With the rapid development of NAND flash memory capacity and price, USB memory has become the most representative removable storage medium.

Many people all over the world store and use various kinds of data in USB memory.However, general USB memory has no security function, so anyone can access the data stored inside, and data leakage occurs frequently due to USB memory loss. have. In order to prevent data leakage caused by the loss of USB memory, the introduction of a secure USB that requires access to the data stored in the user is increasingly required.

In fact, the National Intelligence Service enacted the 'Auxiliary Storage Management Guidelines' in 2007 and mandated the use of secure USB by government departments, public corporations and local governments.

In order to use the security devices such as the security token, the security USB, and the smart card reader, a user authentication process must be performed. The user authentication method generally uses a password authentication method. Biometric authentication, such as fingerprint authentication or iris authentication, can be used, but password authentication is common because it incurs additional costs.

When the user installs a security device such as a security token, security USB, or smart card reader on the PC, a window for inputting a password appears.The user inputs a password through the keyboard of the PC and the password registered in advance matches the password. The security device can be used.

However, the password input method through the PC keyboard may expose the password by the keyboard hacking program or other hacking program installed in the PC.

If the password is exposed by the hacking program while the security device is mounted on the PC, the hacker may leak important data stored inside the security device or use the security device incorrectly without the user's knowledge.

There are security software to prevent keyboard hacking, but it does not fundamentally prevent keyboard hacking.

In order to overcome this problem, the device itself has a built-in input method for inputting a password such as a keypad and an output method such as an LCD for checking the entered password. If you enter the password through the built-in keypad and check the password entered through the LCD embedded in the device, not the monitor of the PC, it is possible to fundamentally block the leakage of the password by the hacking program installed in the PC.

4 is a security device incorporating a keypad as a password input method and an LCD as an output method. 5 is a security device with only a keypad as an input method. 4 and 5, the keypad is embedded as an input method. As a result, the size of the device becomes large and it is difficult to carry.

Security devices such as the security token, security USB, and smart card readers are large enough to be placed on a key ring or a mobile phone, so that the portability of the security device can be increased and the new market can be created. 4 and 5, it is difficult to apply a large keypad and LCD to a security device such as a security token, a security USB, and a smart card reader as an input / output method.

In order to solve the above-mentioned problems, the present invention configures an output unit such as an LCD or a 7-segment in a security device such as a security token, a secure USB, or a smart card reader, while viewing the numbers or letters displayed on the output unit. User authentication is performed by inputting password through increasing or decreasing signal input from keyboard or mouse connected to PC. Therefore, the security device and password input method to prevent the damage that may occur due to the leakage of important data stored inside the security device or the misuse of the security device without the user's knowledge due to the exposure of the password by the hacking program while the security device is installed on the PC. It aims to provide.

In addition, it is easy to implement without using a separate large input device such as a keypad for safe user authentication, and an output unit such as a LCD or 7-segment with a relatively small size is applied to the security device, so that the device can be easily implemented. And also to provide a security device with portability and convenience.

In order to achieve the above object, the present invention connects the computer and the control unit, the interface unit for enabling data transmission between the computer and the control unit, an output unit for outputting numbers, an authentication unit for performing a password authentication function, a large data storage The memory unit, the upper part is connected to the computer through the interface unit, and the lower part of the security device consisting of a control unit connected to the output unit, the authentication unit, the memory unit to control them and any one of the numbers from 0 to 9 Select and display on the output unit, and the user transmits the increase or decrease signal to the control unit by using a mouse or keyboard connected to the computer, and the control unit increases or decreases the number displayed on the output unit according to the signal and displays it on the output unit. When the user passes the selection signal to the control unit using the mouse or keyboard, the control unit outputs. Establish the number shown on the first input value by repeating the above processes complete the password, and when the user uses the mouse or the keyboard to transfer a confirmation signal to the control unit provides a password input method for transmitting the password to the authentication unit.

According to the present invention, without inputting the password of the security device directly via the keyboard connected to the PC, and configures the output unit such as LCD or 7-segment in the security device, the user looking at any number displayed on the output unit, Using a keyboard or a mouse connected to the input device, the number displayed on the output unit is changed, a corresponding number is selected, and a password is input. There is no risk of password exposure by the hacking program because the value entered by the user using an input device such as a keyboard or mouse connected to the PC is not a password but a signal of increasing or decreasing numbers. As a result, the password is exposed by the hacking program, thereby preventing the damage that may occur due to the leakage of important data stored inside the security device or the misuse of the security device without the user's knowledge.

In addition, whenever a password is required for user authentication, the starting number displayed on the output configured in the security device is changed every time, so that input device signal values such as a keyboard or a mouse that a user must operate to input the password are changed. It's different every time. Therefore, even if the hacking program monitors input values such as a keyboard or a mouse, the next time the user authenticates, the previously monitored data becomes meaningless and the user's password is protected.

In addition, it is easy to implement the device by using an output unit such as LCD or 7-segment that is relatively small and easy to implement, without using a separate input device such as a large keypad for safe user authentication. It can be made large enough to be carried in a key ring or a mobile phone. As a result, it has the effect of maximizing portability and convenience compared to the existing device using the keypad as an input unit.In the industrial fields where portability, convenience and security are important such as security token, security USB, smart card reader, and portable financial device. It can be applied to a wide range of effects.

1 is a block diagram of a security device with an output window of a preferred embodiment of the present invention.
2 is a flowchart illustrating a secure password input method according to a preferred embodiment of the present invention.
3 is a perspective view showing a security device having an output window of the present invention.
4 is a security device with a built-in keypad and LCD.
5 is a security device with only a built-in keypad.

Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings.

1 is a block diagram of a security device with an output window of a preferred embodiment of the present invention.

The block diagram is largely divided into a host computer 300 and a security device 100. The security device 100 includes an interface unit 110, a control unit 120, an output unit 130, an authentication unit 140, and a memory unit. It consists of 150.

The interface unit 110 connects the computer 300 and the security device 100 and enables data transmission between each other. In general, the interface unit 110 preferably uses a USB. In addition, it is also possible to use a serial, parallel, or wireless communication interface.

The output unit 130 displays the number received from the control unit 120. In general, it is preferable to use LCD or 7-segment.

The memory unit 150 stores various data of the user. In general, it is preferable to configure a NAND Flash memory.

The authentication unit 140 receives the password from the control unit 120 and performs an authentication function. The authentication unit 140 is generally preferably implemented using a security chip such as a smart card IC. However, it is also possible to implement the authentication unit 140 and the control unit 120 in a general-purpose microcontroller.

The controller 120 is connected to the computer 300 through the interface unit 110 at the top, and connects and controls the output unit 130, the authentication unit 140, and the memory unit 150 below. The controller 120 may be implemented using various interface chips. For example, when the interface unit is USB, the controller 120 may be implemented using a USB control chip.

Hereinafter, the operation of the controller 120 will be described in detail. For inputting a password, the controller selects one random number from 0 to 9 and displays it on the output unit 130. The user transmits an increase or decrease signal to the controller 120 by using an input device such as a mouse 310 or a keyboard 320 connected to the computer while viewing the number displayed on the output unit 130. For example, the controller 120 displays the number '5' on the output unit 130. When the user sees the number '5' displayed on the output unit 130 and presses the right direction key of the keyboard once, the corresponding right direction key input signal is transmitted to the controller 120. The controller 120 increases the numerical value displayed on the output 130 by '1' to display the numeral '6'. The user presses the right arrow key repeatedly until the desired number appears. If the number you want to enter is '8', enter the right arrow key three times. When the number '8' is output to the output unit 130, the user presses an upward direction key of the keyboard to transmit a selection signal to the control unit 120. When the controller 120 receives the selection signal, the controller 120 again selects and outputs one random number among the numbers 0 to 9 to the output unit 130 and repeats the input process. For example, if the user inputs a password of '8765', the input process is repeated four times. When the user inputs the password to be input, the controller 120 transmits an input completion signal. For example, when the password is input and the down arrow key of the keyboard is pressed, the controller 120 determines that the user has completed the password input and transmits the input password ('8765') to the authenticator 140. The increase signal, decrease signal, selection signal, and completion signal may be variously configured using a keyboard and a mouse. E.g

Increase signal-> (keyboard right arrow, mouse wheel up, etc.)

Decrease signal-> (keyboard left arrow, mouse wheel down, etc.)

Selected Signal-> (Keyboard Up Arrow, Left Mouse Button Click, etc.)

Done-> (keyboard down, right mouse button click)

Various configurations are possible as shown. It is also possible to generate the increase signal, the decrease signal, the selection signal, and the completion signal by using various input devices other than a keyboard and a mouse.

The authentication unit 140 performs user authentication with the password received from the control unit 120, and if the user authentication is allowed, the user accesses the memory unit 150 to read / write data to the memory unit 150. To make it possible.

2 is a flowchart illustrating a secure password input method according to a preferred embodiment of the present invention. Hereinafter, a password input method of a security device having a secure user authentication method will be described in detail with reference to FIG. 2.

The controller 120 displays an arbitrary number between 0 and 9 on the output unit 130 (S201).

The user transmits an increase / decrease signal to the controller 120 using the keyboard 320 or the mouse 310 (S202).

The controller 120 receives the increase / decrease signal and increases / decreases the number displayed on the output unit 130 (S203).

The user sees the number displayed on the output unit 130 and inputs a selection signal to the control unit 120 (S204).

The controller 120 determines the selected number as an input value (S205).

The controller 120 checks whether a confirmation signal is input (S206).

If the confirmation signal is not input, the control unit 120 displays a random number between 0 and 9 on the output unit 130 (S201). If the confirmation signal is input, the input password is transmitted to the authentication unit 140. Perform password authentication (S207).

3 is a perspective view showing a security device having an output window of the present invention. Referring to Figure 3, the output unit 130 is configured on the upper surface of the security device 100, the security device 100 can be implemented to be easily carried in a key ring or a mobile phone.

The present invention has been described above with reference to the accompanying drawings, but the present invention is not limited thereto, and various changes, modifications, and equivalents may be used. Therefore, the present invention can be applied by appropriately modifying the above embodiments, it will be obvious that such application also belongs to the scope of the present invention based on the technical idea described in the claims below.

The present invention relates to a security device having an output window and a password input method, and can be widely used in industries where portability and security are important, such as security tokens, secure USB, smart card readers, and portable financial devices.

100: security device
110: interface unit 120: control unit
130: output unit 140: authentication unit
150: memory
300: computer
310: mouse
320: keyboard

Claims (1)

Security device with output window and password input method,
An interface unit connecting the computer and the control unit to enable data transmission between the computer and the control unit;
An output unit for outputting a number;
An authentication unit performing a password authentication function;
A memory unit for storing a large amount of data, a controller connected to a computer through an interface unit and a controller connected to an output unit, an authentication unit, and a memory unit;
Security device and characterized in that consisting of
The controller randomly selects one number from 0 to 9 and displays it on the output unit. The user transmits an increase or decrease signal to the controller using a mouse or keyboard connected to the computer. Increase or decrease the displayed number to display it on the output, and when the user sends the selection signal to the control unit using the mouse or keyboard, the control unit sets the number displayed on the output as the first input value and repeats the above process to complete the password. The password is transmitted to the controller when the confirmation signal is transmitted to the controller by using a mouse or a keyboard.
KR1020100040436A 2010-04-30 2010-04-30 Security device with output window and its input method of password KR20110121032A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020100040436A KR20110121032A (en) 2010-04-30 2010-04-30 Security device with output window and its input method of password

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020100040436A KR20110121032A (en) 2010-04-30 2010-04-30 Security device with output window and its input method of password

Publications (1)

Publication Number Publication Date
KR20110121032A true KR20110121032A (en) 2011-11-07

Family

ID=45391974

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020100040436A KR20110121032A (en) 2010-04-30 2010-04-30 Security device with output window and its input method of password

Country Status (1)

Country Link
KR (1) KR20110121032A (en)

Similar Documents

Publication Publication Date Title
KR20110087178A (en) Usb security device with way for secure user-authentication and method of authentication
CN107742362B (en) PIN verification
US20160127134A1 (en) User authentication system and method
US20170005995A1 (en) Confidential data management method and device, and security authentication method and system
US20140098141A1 (en) Method and Apparatus for Securing Input of Information via Software Keyboards
KR20160077096A (en) Secure Mobile User Interface
US9773240B1 (en) Fake sensor input for passcode entry security
US20130276100A1 (en) Method and apparatus for authenticating password
CN104021323A (en) Password authentication method and device
KR20110078601A (en) Security usb device with secure password input&output function and method of authentication
KR101109000B1 (en) Security module, System and Method for securing electronic banking using the same
CN104636917A (en) Mobile payment system and method with secure payment function
US20130151859A1 (en) Key and method for entering computer related passwords via a mnemonic combination
CN109299944B (en) Data encryption method, system and terminal in transaction process
KR20110085305A (en) Method for secure input of password using general-purpose keyboard and the method-based security device and input module
CN104021322A (en) Electronic signature method, electronic signature equipment and electronic signature client
CN101383833A (en) Apparatus and method for enhancing PIN code input security of intelligent cipher key apparatus
CN112636914A (en) Identity authentication method, identity authentication device and smart card
KR101188016B1 (en) Method for password input using vibration
US20140373131A1 (en) Method for controlling the access to a specific type of services and authentication device for controlling the access to such type of services
CN106326703A (en) An encryption method, a decryption method and an electronic apparatus
CN105405010B (en) Transaction device, transaction system using the same and transaction method
KR20110121032A (en) Security device with output window and its input method of password
KR101388843B1 (en) User authentication method using vibration indicator
KR20120107610A (en) The apparatus for verifying user in portable appliance and the method thereof

Legal Events

Date Code Title Description
A201 Request for examination
N231 Notification of change of applicant
E902 Notification of reason for refusal
E601 Decision to refuse application