201007494 九、發明說明: 【發明所屬之技術領域】 本發明係關於一種使用動態虛擬鍵盤之動態密碼系統及 其方法’特別為一種利用動態虛擬鍵盤的密碼輸入方法與ic 卡認證的整合應用》 【先前技術】 現有的1C卡在使用的時候需要先***讀卡機,之後再輸 入PIN碼,並與1C卡内部所存放的PIN碼做比對。但是這 樣做會有一個安全性問題存在,若是密碼在傳送過程中被竊 聽,安全問題就會產生疑慮,恐導致身分被冒用、胡亂簽章, 甚至是錢財都有被盜領的可能。 由此可見,上述執行身分認證所需鍵入的PIN碼為唯一 的缺點,而巫待加以改良。 本案發明人鑑於上述習用方式所衍生的各項缺點,乃亟 思加以改良創新’並經過多年苦心研究後,终於研發完成本 件動態虛擬鍵盤之動態密碼設計架構,可以讓使用者使用幾 乎跟以前一樣的方式進行認證動作,在保留便利性的前提下 達到安全性目標。 【發明内容】 本發明之目的即在於提供一種可藉由軟體搭配動態密碼 系統,將可提高使用者使用IC卡時的安全性,且由於本發 明的系統使得PIN碼有一:欠性密竭(〇ne Time Passw〇rd)的特 5 201007494 -性,所以就算鍵人PIN碼時被竊聽,也不用害怕被惡意使用 者冒用身分。 可達成上述發明目的之使用冑態虛擬鍵盤之動態密瑪系 統及其方法係利用虛擬鍵盤打亂的技術將鍵盤上的字母、符 號位置做重新排列,當IC卡使用者要鍵入piN碼時,使用 者記得的不是PIN碼是由哪些字母、符號組成,而是記得虛 擬鍵盤上的座標。由於每一次要認證使用者時的虛擬鍵盤都 0 會重新產生,子母、符號位置也都經過重新排列,故使用者 每次輸入的PIN碼值都會不同,可藉此使得piN碼有(〇此 Time Password)的特性。本發明的架構組成包括:動態虛擬 鍵盤表產生模組、座標比對模組、密碼與座標轉換模組、亂 數seed產生模組以及動態虛擬鍵盤的輸入與輸出介面。本發 明可以完全避免掉密碼重送攻擊(Replay Attack),藉由記憶 密碼的輸入座標以及動態的虛擬鍵盤,達到每次登入密碼都 參不同的效果。這樣就算密碼被惡意使用者竊聽,對方也無法 在下次的登入使用該組密碼來通過驗證。 【實施方式】 請參閱·圖一所示’為本發明之使用動態虚擬鍵盤之動態 密碼系統及其方法之架構圖,其包括有: 一 1C卡1,該1C卡1係供使用者進行加解密或簽驗章, 其内主要包括有一亂數seed產生模組11、動態虛擬鍵盤表 產生模組12、密碼與座標轉換模組13及座標比對模組14 ; 6 201007494 ' 一亂數seed產生模組11,其係接收使用者進行加解密或 簽驗章之訊號後’將會立即執行運算以產生亂數seed,並將 亂數seed同時傳送至動態虛擬鍵盤表產生模組η及使用者 電腦2接收;該亂數seed產生模組11係會亂數產生鍵盤文 數字與符號值,並會隨每次1C卡認證而改變其排列順序; 一動態虛擬鍵盤表產生模组12,其係接收亂數see(j產生 模組所傳送的亂數seed,藉由亂數產生一虛擬鍵盤表,再將 φ 此虚擬鍵盤表傳送至密碼與座標轉換模組13,以利密碼與座 標轉之作業執行; 农碼與座標轉換模組13,其係接從虛擬鍵盤3鍵入之 動態密碼’以及由動態虛擬鍵盤表產生模組12從seed產生 的動態虛擬鍵盤表資訊轉換成動態密碼代表的座標,再交由 座標比對模組11來進行密碼正確性比對; 一座標比對模組14’其係接收密碼與座標轉換模組13 ❷所傳送的ΡΙΝ碼座標,該座標比對模組14會將PIN碼座標 與1C卡1内所存放的piN碼座標進行相比對; 一使用者電腦2,該使用者電腦2係與1C卡1相互連結, 其内主要^括有一動態虛擬鍵盤表產生模組21及動態虛擬 鍵盤輪入與輸出介面22; 一動態虛擬鍵盤表產生模組21,其係接收亂數 seed產生 模組11所傳送的亂數seed ’藉由亂數以產生一虛擬鍵盤表, 7 201007494 ' 並將虛擬鍵盤表交予動態虛擬鍵盤輸入與輸出介面22於榮 幕上顯示一虛擬鍵盤3;該虛擬鍵盤3上係可具有座標行列 值及亂數產生之鍵盤文數字與符號值; 一動態虛擬鍵盤輸入與輸出介面22,其係將動態虛擬鍵 盤表產生模組21所產生的虛擬鍵盤表,將其轉化為一虛擬 鍵盤3並顯示於使用者電腦3的螢幕上,以供使用者根據他 所記住的座標位置,將PIN碼的座標在鍵入於螢幕上,並回 Ο傳至1€卡1内的密碼與座標轉換模組13接收;該動態虛擬 鍵盤輸入與輸出介面22產生之動態虛擬鍵盤3係可顯示於 手持式電腦、桌上型電腦或移動式行動設備等; 藉由上述構成之架構,即形成本發明之使用動態虛擬鍵 盤之動態密碼系統及其方法;當使用者有需要使用卡i 來做加解密或簽驗章的動作時,1(:卡1中的亂數seed產生 模組11會立即執行運算,並將seed傳送至動態虛擬鍵盤表 ® 產生模組12及使用者電腦2中,由使用者電腦2中的動態 虛擬鍵盤表產生模組21亂數產生一個虛擬鍵盤表’再交予 動態虛擬鍵盤輸入與輸出介面22將虛擬鍵盤表轉化為一虚 擬鍵盤3^顯示在使用者電腦2的螢幕上。接下來使用者根 據他所記住的座標位置在螢幕上鍵入piN碼,並回傳至IC 卡1内部晶片做處理4C卡1收到使用者鍵入的PIN碼後則 將之送至#碼與座標轉換模組丨3,配合1C卡1内的動態虚 201007494 擬鍵盤表產生模組12給予的資訊,將這次輸入的piN碼的 座標加以解析出來,再將該座標傳送至座標比對模組14與 ic卡1内部存放的PIN碼座標相比對,若相同則通過身分認 證’若不同,則駁回身分認證、 請參閱圖二所示’為本發明使用動態虛擬鍵盤之動態密 碼系統及其方法之實施示意圖’其中該1C卡1為具有本發 明提出的創新的動態密碼設計架構,當其被使用做為加解密 Ο或簽驗章時’會將產生的亂數seed傳送至使用者電腦裡2, 以之產生一個虛擬鍵盤3,供使用者鍵入動態密瑪,並回傳 至之1C卡1做比對。其中該虛擬鍵盤3是由座標31及鍵盤 符號32所級成’座標31之橫軸位於虛擬鍵盤3之上方,座 標31之縱軸位於虛擬鍵盤3之左方,中間則為虛擬鍵盤3 之鍵盤符號。 #參Μ圖三所示,為本發明使用動態虛擬鍵盤之動態密 ®竭系統及其方法之密碼與座標轉換圖,其係由密碼與座標轉 換模組13將使用者電腦2從虛擬鍵盤3鍵入之動態密碼及 由動態虛擬鍵盤表產生模組12從seed產生的動態虛擬鍵盤 表資訊轉彳奐成動態密碼代表的座標,再交由座標比對模組14 來進行密碼正確性比對。 本發明所提供之使用動態虛擬鍵盤之動態密碼系統及其 方法·’與其他習用技術相互比較時,更具有下列之優點: 201007494 ι·本發明係在於提供一種可提高安全性。創新動態密碼 架構使得PIN碼有一次性密碼(〇ne Time passw〇rd)的特性, 就算PIN碼被竊聽,惡意使用者也無法使用該piN碼再次登 入〇 2.本發明係在於提供一種使用依然方便。不用為了達到 一次性密碼的功效而需使用額外的硬體或者傳輸。 上列詳細s兒明係針對本發明之一可行實施例之具號說 %明,惟該實施例並非用以限制本發明之專利範圍,凡未脫離 本發明技藝精神所為之等效實施或變更,均應包含於本案之 專利範圍中。 綜上所述’本案不但在技術思想上確屬創新,並能較習 用方式增進上述多項功效,應已充分符合新穎性及進步性之 法定發明專利要件,爰依法提出申請,懇請貴局核准本件 發明專利申請案,以勵發明,至感德便。 鲁 【圖式簡單說明】 請參閱以下有關本發明一較佳實施例之詳細說明及其附 圖’將可進一步瞭解本發明之技術内容及其目的功效;有關 該實施例之附圖為: 圖一為本發明使用動態虛擬鍵盤之動態密碼系統及其方 法之架構圖; 圖二為該使用動態虛擬鍵盤之動態密碼系統及其方法之 實施示意圖;以及 10 201007494 圖三為該使用動態虛擬鍵盤之動態密碼系統及其方法之 密碼與座標轉換視圖。 【主要元件符號說明】 1 1C卡 11亂數seed產生模組 12動態虛擬鍵盤表產生模組 13密碼與座標轉換模組 14座標比對模組 2使用者電腦 21動態虛擬鍵盤表產生模組 22動態虛擬鍵盤輸入與輸出介面 3虛擬鍵盤 31座標 32鍵盤符號 11201007494 IX. Description of the Invention: [Technical Field] The present invention relates to a dynamic cryptosystem using a dynamic virtual keyboard and a method thereof, particularly for an integrated application of a password input method using a dynamic virtual keyboard and an ic card authentication. Prior Art The existing 1C card needs to be inserted into the card reader before use, and then the PIN code is input and compared with the PIN code stored inside the 1C card. However, there is a security problem in this way. If the password is eavesdropped during the transmission process, the security problem will cause doubts, which may lead to the fraudulent use of the identity, the random signature, and even the possibility that the money will be stolen. It can be seen that the above-mentioned PIN code required to perform the identity authentication is the only shortcoming, and the witch is to be improved. In view of the shortcomings derived from the above-mentioned conventional methods, the inventor of the present invention has improved and innovated in the past, and after years of painstaking research, finally developed the dynamic password design framework of the dynamic virtual keyboard of this piece, which allows the user to use almost as before. In the same way, the authentication action is carried out, and the security goal is achieved while preserving convenience. SUMMARY OF THE INVENTION It is an object of the present invention to provide a software collocation dynamic password system that can improve the security of a user when using an IC card, and the PIN code has a lack of deficiencies due to the system of the present invention ( 〇ne Time Passw〇rd) special 5 201007494 - sex, so even if the key PIN code is eavesdropped, do not have to fear being used by malicious users. The dynamic megama system using the virtual keyboard and the method thereof can achieve the above object of the invention, and the method of using the virtual keyboard to confuse the letters and symbols on the keyboard is rearranged. When the IC card user wants to input the piN code, What the user remembers is not what letters and symbols the PIN code is composed of, but the coordinates on the virtual keyboard. Since the virtual keyboard is regenerated every time the user is authenticated, the position of the parent and the symbol are also rearranged. Therefore, the value of the PIN code input by the user will be different each time, so that the piN code is available. The characteristics of this Time Password). The architecture of the present invention comprises: a dynamic virtual keyboard table generation module, a coordinate comparison module, a password and coordinate conversion module, a random number generation module, and an input and output interface of a dynamic virtual keyboard. The present invention completely avoids the Replay Attack, and by inputting the input coordinates of the password and the dynamic virtual keyboard, each login password has a different effect. In this way, even if the password is eavesdropped by a malicious user, the other party cannot use the password to verify the next login. [Embodiment] Please refer to FIG. 1 for the architecture diagram of the dynamic cryptosystem using the dynamic virtual keyboard and the method thereof, which includes: a 1C card 1 for the user to add Decryption or signature verification, which mainly includes a random number generation module 11, a dynamic virtual keyboard table generation module 12, a password and coordinate conversion module 13 and a coordinate comparison module 14; 6 201007494 ' A random numbered The generating module 11 receives the signal of the user for encryption, decryption or verification, and will immediately perform an operation to generate a random number, and simultaneously transmit the random number to the dynamic virtual keyboard table to generate the module η and use The computer 2 receives; the random number generation module 11 will randomly generate keyboard text numbers and symbol values, and will change its arrangement order with each 1C card authentication; a dynamic virtual keyboard table generation module 12, The system receives the random number see (j generates the random number seed transmitted by the module, generates a virtual keyboard table by random numbers, and transmits the virtual keyboard table to the password and coordinate conversion module 13 to facilitate the password and coordinate conversion. Job execution; farm code The coordinate conversion module 13 is connected to the dynamic password typed from the virtual keyboard 3 and the dynamic virtual keyboard table information generated by the dynamic virtual keyboard table generation module 12 from the seed is converted into a coordinate represented by the dynamic password, and then converted to a coordinate ratio. The module 11 is used for password correctness comparison; a standard alignment module 14' receives the password coordinates transmitted by the coordinate and coordinate conversion module 13 ,, and the coordinate comparison module 14 will PIN code coordinates. Comparing with the piN code coordinates stored in the 1C card 1; a user computer 2, the user computer 2 and the 1C card 1 are connected to each other, and a dynamic virtual keyboard table generating module 21 is mainly included therein. Dynamic virtual keyboard wheeling and output interface 22; a dynamic virtual keyboard table generating module 21, which receives the random number set transmitted by the random number seed generating module 11 'by generating random numbers to generate a virtual keyboard table, 7 201007494 And assigning a virtual keyboard table to the dynamic virtual keyboard input and output interface 22 to display a virtual keyboard 3 on the screen; the virtual keyboard 3 can have a coordinate row value and a random number generated keyboard text number and symbol value; The dynamic virtual keyboard input and output interface 22 is a virtual keyboard table generated by the dynamic virtual keyboard table generating module 21, which is converted into a virtual keyboard 3 and displayed on the screen of the user computer 3 for the user. According to the coordinates of the coordinates he remembers, the coordinates of the PIN code are entered on the screen, and the password is transmitted to the coordinate conversion module 13 in the 1€ card 1; the dynamic virtual keyboard input and output interface 22 is generated. The dynamic virtual keyboard 3 can be displayed on a handheld computer, a desktop computer or a mobile mobile device, etc.; by the above-structured structure, the dynamic cryptosystem using the dynamic virtual keyboard of the present invention and the method thereof are formed; When there is a need to use the card i for the purpose of encryption, decryption or signature verification, 1 (the random number generation module 11 in the card 1 immediately performs the operation and transmits the seed to the dynamic virtual keyboard table® generation module 12 And in the user computer 2, the dynamic virtual keyboard table generation module 21 in the user computer 2 generates a virtual keyboard table in random numbers and then passes to the dynamic virtual keyboard input and output interface 22 to be virtualized. Tray table into a virtual keyboard displayed on the user 3 ^ 2 of the computer screen. Next, the user types the piN code on the screen according to the coordinate position he remembers, and returns it to the internal chip of the IC card 1 to process the 4C card. After receiving the PIN code typed by the user, the user sends it to the #码 and coordinates. The conversion module 丨3 cooperates with the dynamic virtual 201007494 pseudo-keyboard table in the 1C card 1 to generate the information given by the module 12, parses the coordinate of the input piN code, and transmits the coordinate to the coordinate comparison module 14 Compared with the PIN code coordinates stored inside the ic card 1, if they are the same, the identity authentication is passed. If the difference is different, the identity authentication is rejected. Please refer to the dynamic password system and the method for using the dynamic virtual keyboard according to the present invention. The implementation diagram 'where the 1C card 1 is an innovative dynamic password design architecture proposed by the present invention, when it is used as an encryption/decryption or signature check, the generated random number will be transmitted to the user's computer. 2, to generate a virtual keyboard 3, for the user to type dynamic mima, and return to the 1C card 1 for comparison. The virtual keyboard 3 is defined by the coordinates 31 and the keyboard symbol 32. The horizontal axis of the coordinate 31 is located above the virtual keyboard 3. The vertical axis of the coordinate 31 is located to the left of the virtual keyboard 3, and the middle is the keyboard of the virtual keyboard 3. symbol. As shown in FIG. 3, the password and coordinate conversion diagram of the dynamic virtual keyboard system and the method thereof using the dynamic virtual keyboard of the present invention are performed by the password and coordinate conversion module 13 to the user computer 2 from the virtual keyboard 3. The dynamic password entered and the dynamic virtual keyboard table information generated by the dynamic virtual keyboard table generation module 12 from the seed are converted into coordinates represented by the dynamic password, and then passed to the coordinate comparison module 14 for password correctness comparison. The dynamic cryptosystem and the method thereof using the dynamic virtual keyboard provided by the present invention have the following advantages when compared with other conventional techniques: 201007494 ι The present invention provides an improvement in security. The innovative dynamic password structure makes the PIN code have the characteristics of one-time password (〇ne Time passw〇rd). Even if the PIN code is eavesdropped, the malicious user cannot use the piN code to log in again. 2. The present invention provides a use still. Convenience. There is no need to use additional hardware or transmission in order to achieve the power of a one-time password. The above detailed description of the present invention is not intended to limit the scope of the invention, and is not intended to limit the scope of the invention. , should be included in the scope of the patent in this case. To sum up, 'this case is not only innovative in terms of technical thinking, but also can enhance the above-mentioned multiple functions in a more conventional way. It should fully comply with the statutory invention patent requirements of novelty and progressiveness, and apply in accordance with the law. I urge you to approve this article. Invention patent application, in order to invent invention, to the sense of virtue. BRIEF DESCRIPTION OF THE DRAWINGS The following is a detailed description of a preferred embodiment of the present invention and its accompanying drawings, which will be further understood, 1 is a structural diagram of a dynamic cryptosystem and a method thereof using a dynamic virtual keyboard; FIG. 2 is a schematic diagram of implementation of a dynamic cryptosystem using a dynamic virtual keyboard and a method thereof; and 10 201007494 FIG. 3 is a dynamic virtual keyboard A password and coordinate conversion view of a dynamic cryptosystem and its methods. [Main component symbol description] 1 1C card 11 random number seed generation module 12 dynamic virtual keyboard table generation module 13 password and coordinate conversion module 14 coordinate comparison module 2 user computer 21 dynamic virtual keyboard table generation module 22 Dynamic virtual keyboard input and output interface 3 virtual keyboard 31 coordinates 32 keyboard symbol 11