CN1095112C - Security cipher confirming keyboard and method thereof - Google Patents
Security cipher confirming keyboard and method thereof Download PDFInfo
- Publication number
- CN1095112C CN1095112C CN99121691A CN99121691A CN1095112C CN 1095112 C CN1095112 C CN 1095112C CN 99121691 A CN99121691 A CN 99121691A CN 99121691 A CN99121691 A CN 99121691A CN 1095112 C CN1095112 C CN 1095112C
- Authority
- CN
- China
- Prior art keywords
- authentication
- keyboard
- password
- buffer
- message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
Abstract
The present invention relates to a keyboard device with security cipher authentication and a method thereof, particularly to a cipher authentication system of inputting secret messages through the keyboard by using hardware authentication. The present invention is mainly characterized in that an unreadable authentication buffer area with a protection function, an authentication controller and an authentication table used for authentication are arranged inside the keyboard. The authentication buffer area treats character streams inputted by the keyboard with the original keyboard buffer area together; cipher messages are sent to the authentication buffer area; the authentication controller obtains the messages from the authentication buffer area and compares the messages with the messages inside the authentication table; a user is allowed to use a computer system and clear the authentication buffer area if the authentication is passed. Because a CPU and authentication software do not join in the authentication process, an illegal invader can not capture the secret messages, and the problem of a safety hole of the traditional cipher authentication system is solved.
Description
The present invention relates to the key board unit and the method thereof of the authentication of a kind of tool security password, particularly a kind ofly utilize the hardware authentication to import secret message, and CPU do not participate in verification process with authenticating software, can solve the design of conventional cipher Verification System security breaches by keyboard.
Traditional cipher authentication system is dominated by software, as shown in Figure 1, when the user will start cipher authentication system, because the authentication software is performed by CPU, the password 10 that software will set according to the user, produce a private mark chart 12 by authentication software 11, when using each time afterwards, authentication software 12 all will be inquired user's password 10 ', after the user imported password 10 ' by keyboard, authentication software 11 contrasted this password and original private mark chart 12 that produces, as if correct, then the user promptly has the right of using system, can do the access and the processing of data to storage device (as hard disc etc.).But the illegal invasion person in the whole authentication process (hacker) can see handling procedure, the authentication private mark chart that software produced 12 is very easy to by illegal invasion person's displacement, revises, or the results of comparison of password 11 played tricks, be about to the result and change to correctly or not and work.
For instance, the password that the user sets is " abc ", and the coding back is " * ﹠amp; 1 "; the password of encoding will be sent in the memory body and store; but the data in the memory body is not authenticated the protection of software 11; can utilize some softwares (as soft ICE etc.) to find password easily and be stored in position in the memory body; illegal invasion person if during authentication processing with the word string (be " xxx " as " cde " coding back) of equal length, with the original " * of " xxx " replacement; 1 ", so illegal invasion person can be easily by authentication.Thus, illegal invasion person can take from me whatever you please to the information of system stores.
In aforesaid cipher authentication process, no matter the input of the person of being to use or illegal invasion person's password all is to reach by input media, the most common input media promptly is a keyboard.Traditional keyboard includes keyboard array and keyboard controller (can with reference to figure 3), then is to finish by keyboard buffer with communicating by letter between computer.Therefore, password is identical with general character stream by the keyboard input, all will enter in the computer system by same keyboard buffer, transfers to CPU again and carries out identifying procedure to user filtering.
But traditional flow process has the secret worry on the following safety:
1. because keyboard buffer there is no the removing step after using, and be open to all users, any disabled user may obtain the password message that is not eliminated by illegal means in keyboard buffer.
2. identifying procedure is performed by CPU, and illegal invasion person can invade the CPU executive routine and obtain the password message easily.
3. Installed System Memory is not encrypted, and the authentication software may be attacked (as described above) by illegal invasion person.
Edge this, the present invention is because the shortcoming that existing security breaches of existing software Verification System and input media exist, a kind of key board unit and method thereof of tool security password authentication are provided, it is reached by hardware, CPU can't get involved identifying procedure with the authentication software, and solves the leak on the conventional authentication security of system.
According to aforementioned; the present invention be in keyboard, be provided with one not readable and have the authentication buffer of defencive function, a verification table that a controller for authentication and is used to authenticate; the original keyboard buffer of authentication buffer and keyboard is handled the character stream of keyboard input jointly; the password message is sent into authentication buffer; this controller for authentication promptly from authenticate buffer zone obtain message and with verification table in message relatively; authentication is by promptly allowing the user and use computer system and authentication buffer is removed, and can't obtain any residual keying material in keyboard.
Below will do a detailed description to structural design of the present invention and know-why, and with reference to accompanying drawing, feature of the present invention be done further to understand, wherein accompanying drawing comprises:
Fig. 1 is the schematic flow sheet that traditional soft is realized card;
Fig. 2 is system architecture figure of the present invention;
Fig. 3 is system works flow process figure of the present invention.
Description of reference numerals:
10 passwords, 20 key board units
10 ' password, 30 importations
11 authentication softwares, 31 keyboard controller
12 private mark charts, 32 keyboard arrays
33 keyboard buffers, 43 controller for authentication
34 authentication buffers, 44 verification tables
40 authentication section, 45 softwares
41 CPU, 50 bus-bars
42 system controllers
As shown in Figure 2, this figure is the framework map of system of the present invention.The key board unit 20 of tool security password authentication of the present invention mainly is made up of importation 30 and authentication section 40, wherein:
This importation 30 comprises traditional keyboard controller 31, keyboard array 32 and keyboard buffer 33 (with commonly used identical, not giving unnecessary details) and authentication buffer 34 herein.
This authentication section 40 includes CPU41, system controller 42, controller for authentication 43, verification table 44 and related software 45.
This keyboard controller 31 is to distinguish to look 32 input data of keyboard array, if general character stream then with this data storage in keyboard buffer 33; If the password message then is stored in authentication buffer 34.
This system controller 42 is from the general message of keyboard buffer 33 acquisition, and sends into CPU41 and be for further processing.
This controller for authentication 43 is framework independent individuals in system controller 42, and it is the password message in the acquisition authentication buffer 34, and with verification table 44 in the keying material contrast that prestores, whether legal to appraise and decide the user.
The formation of this verification table 44 is to be set by software 45 when using for the first time in system, and this software 45 is guiding user setting code data, and is stored in the verification table 44.When starting again, refresh routine (as increasing user, Change Password etc.) only, the control of authentication will be transferred to controller for authentication 43 forever.
As shown in Figure 3, this figure is system works flow process figure of the present invention.When starting for the first time, software 45 is carried out and is set verification table 44, and the user is according to the guiding of software 45, and (step a), as the foundation that authenticates in the future, Ren Zheng work after this promptly has nothing to do in software 45 in verification table 44 with password setting.When carrying out again, the user is by keyboard array 32 input messages, and this keyboard controller 31 judges it is general character stream or password message (step b).If general character stream, then this input message will be controlled by keyboard controller 31 and send in the keyboard buffer 33 that (step c) is made conventional handling procedure (steps d by system controller 42; Identical with conventional keyboard).If password message, then send into authentication buffer 34 (step e) by keyboard controller 31 controls, this moment, user or illegal invasion person can only read the substitute symbol word string (as " * * * * * ") of corresponding password bit number in keyboard buffer 33, keyboard controller 31 and this substitute symbol word string is sent to software 45 and CPU41 by keyboard buffer 33, system controller 42 simultaneously, so anyone has to read the substitute symbol word string from authentication buffer 34, CPU41 and software 45, and can't obtain the password message.
This controller for authentication 43 from authenticate obtain the password message in the buffer zone 34 after, will compare with the data that prestores in the verification table 44 (step f), if be complementary, authentication success then, system will open all resources and use for the user.But if be not complementary, promptly represent authentification failure, system is any request of refusing user's, and so just protecting system resources closely blocks illegal invasion person's p of E in the path of the message that may snatch password.
After authentication procedure finished, controller for authentication 43 was about to authentication buffer 34 and removes (step g).
Because authentication buffer 34 not readable (promptly read as and replace the bit message) adopts above-mentioned safeguard measure simultaneously, and promptly is eliminated after each authentication is finished, system provides tight guarantee to user's password message.And the authentication of system is to be handled by the controller for authentication 43 that is independent of system controller 42, not via software 45 and CPU41, has solved the secret worry of conventional cipher Verification System.
In sum, the key board unit and the method thereof of tool security password authentication provided by the present invention, the execution of cipher authentication is not via CPU and authentication software, and password is by independently controller for authentication is performed, and replace former input password to substitute unreadable character stream, reach and remove authentication buffer after authentication finishes, make illegal invasion person can't in keyboard buffer, read any secret message, leak for the conventional authentication program proposes effective solution and countermeasure, has met the application important document of patent of invention really.
Methods such as above-described technology, accompanying drawing, program or control only are most preferred embodiments of the present invention, can not limit the scope of the invention according to this.The modifications and variations of being done within the scope of the invention any similar, that function is identical all should be in protection scope of the present invention.
Claims (5)
1. the key board unit of a tool security password authentication comprises importation and authentication section, wherein:
The importation comprises:
Keyboard buffer is temporary general character stream;
Authentication buffer is temporary password message;
Keyboard controller is looked keyboard array institute input data for distinguishing, if general character stream then with this data storage in keyboard buffer; If the password message then is stored in authentication buffer with the password message;
Authentication section includes:
CPU;
System controller for capturing general message from keyboard buffer, and is sent into CPU and is for further processing;
Controller for authentication is the independent individual of framework in system controller, the password message of its acquisition in authentication buffer, and with verification table in the keying material contrast that prestores, whether legal to appraise and decide the user;
Verification table is the password message that stored user is set, and makes the foundation of authentication in the future.
2. the key board unit of tool security password authentication as claimed in claim 1 wherein more includes software, in order to guiding user setting code data, and is stored in the verification table.
3. the key board unit of tool security password as claimed in claim 1 authentication, wherein between this importation and authentication section for to communicate by letter by bus-bar.
4. the keyboard authentication method of tool security password authentication mainly is to import secret message by the hardware authentication by keyboard, and CPU do not participate in verification process with authenticating software, comprises the following steps:
A. software is carried out the step of setting verification table;
B. judge general character stream or password flood breath step; If general character stream is sent in the keyboard buffer and is made conventional handling procedure by system controller; If the password message is then sent into authentication buffer and is made the Cipher Processing program by controller for authentication;
C. authenticate comparison step, the data that prestores in password message and the verification table is compared, if be complementary, authentication success then, system will open all resources and use for the user; If be not complementary, the authentication authorization and accounting failure, system is with any request of refusing user's;
D. remove data step in the authentication buffer.
5. the keyboard authentication method of tool security password authentication as claimed in claim 4, wherein after the input of password message, controller for authentication produces the substitute symbol word string of corresponding password message bit number to keyboard buffer.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN99121691A CN1095112C (en) | 1999-10-14 | 1999-10-14 | Security cipher confirming keyboard and method thereof |
| GB0025325A GB2355331B (en) | 1999-10-14 | 2000-10-16 | Keyboard apparatus with a password-identification device and method for controlling the same |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN99121691A CN1095112C (en) | 1999-10-14 | 1999-10-14 | Security cipher confirming keyboard and method thereof |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1252550A CN1252550A (en) | 2000-05-10 |
| CN1095112C true CN1095112C (en) | 2002-11-27 |
Family
ID=5282085
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN99121691A Expired - Fee Related CN1095112C (en) | 1999-10-14 | 1999-10-14 | Security cipher confirming keyboard and method thereof |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN1095112C (en) |
| GB (1) | GB2355331B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2040229A1 (en) * | 2007-09-18 | 2009-03-25 | Axalto SA | Method and system for obtaining a pin validation signal in a data processing unit |
| CN102255109B (en) * | 2011-04-06 | 2014-11-19 | 宇龙计算机通信科技(深圳)有限公司 | Authentication method for mobile terminal battery, and mobile terminal thereof |
| CN102521546B (en) * | 2011-12-22 | 2014-10-08 | 福建联迪商用设备有限公司 | Method for realizing mutual authentication of self-service terminal and pin pad |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4224666A (en) * | 1977-04-27 | 1980-09-23 | Compagnie Internationale Pour L'informatique Cii-Honeywell Bull | Data processing system which protects the secrecy of confidential data |
| US4271482A (en) * | 1977-05-26 | 1981-06-02 | Compagnie Internationale Pour L'informatique -Cii-Honeywell Bull | Data processing system which protects the secrecy of confidential data |
| CN85105985A (en) * | 1985-05-14 | 1987-02-18 | 佳德目服务股份(有限)公司 | Program keyboard arrangement |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP0763791A1 (en) * | 1995-09-14 | 1997-03-19 | Hewlett-Packard Company | Computer keyboard unit with smartcard interface |
-
1999
- 1999-10-14 CN CN99121691A patent/CN1095112C/en not_active Expired - Fee Related
-
2000
- 2000-10-16 GB GB0025325A patent/GB2355331B/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4224666A (en) * | 1977-04-27 | 1980-09-23 | Compagnie Internationale Pour L'informatique Cii-Honeywell Bull | Data processing system which protects the secrecy of confidential data |
| US4271482A (en) * | 1977-05-26 | 1981-06-02 | Compagnie Internationale Pour L'informatique -Cii-Honeywell Bull | Data processing system which protects the secrecy of confidential data |
| CN85105985A (en) * | 1985-05-14 | 1987-02-18 | 佳德目服务股份(有限)公司 | Program keyboard arrangement |
Also Published As
| Publication number | Publication date |
|---|---|
| GB2355331A (en) | 2001-04-18 |
| GB0025325D0 (en) | 2000-11-29 |
| GB2355331B (en) | 2001-11-28 |
| CN1252550A (en) | 2000-05-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| O'Gorman | Comparing passwords, tokens, and biometrics for user authentication | |
| US7415605B2 (en) | Biometric identification network security | |
| US6745327B1 (en) | Electronic certificate signature program | |
| CA2490226C (en) | Systems and methods for secure biometric authentication | |
| US7502937B2 (en) | Digital watermarking security systems | |
| EP1189128A2 (en) | Secure system and method for accessing files in computers using fingerprints | |
| US20100088509A1 (en) | System and method for sequentially processing a biometric sample | |
| EP1789901A2 (en) | System, method of generation and use of bilaterally generated variable instant passwords | |
| CN1976281A (en) | Information processing device and authentication method | |
| CN1834977A (en) | Authentication protection method based on USB device | |
| KR100908100B1 (en) | Encrypted image data with matryoshka structure and, system and method for mutual synchronization certificating using the same | |
| CN1095112C (en) | Security cipher confirming keyboard and method thereof | |
| JP2005293490A (en) | Biometrics system | |
| CN1322335A (en) | Apparatus and method for end-to-end authentication using biometric data | |
| JP2005115485A (en) | Authentication system and computer readable storage medium | |
| JPH10161979A (en) | User authentication by fingerprint at time of log-in to server and converted password | |
| CN103178955B (en) | A kind of authentication method, equipment and system | |
| TWI328956B (en) | ||
| CN1271525C (en) | Computer system landing method | |
| CN1263251C (en) | Wireless network authentication method and authenticatior encrypting method | |
| CN111526010A (en) | Key escrow method suitable for user identity authentication | |
| JP3227536B2 (en) | Keyboard device and password authentication method using the same | |
| US20020025040A1 (en) | Method and apparatus for generating an encryption key | |
| CN110335373A (en) | Intelligent door lock and intelligent access control system | |
| Fan et al. | A novel authentication mechanism for improving the creditability of DRM system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C06 | Publication | ||
| PB01 | Publication | ||
| C53 | Correction of patent for invention or patent application | ||
| CB02 | Change of applicant information |
Address after: The British Virgin Islands Duoertuolalu town zip code 34444 Applicant after: Gennetichvar Ltd. Address before: Taipei city of Taiwan Province Applicant before: Hou Jianci |
|
| COR | Change of bibliographic data |
Free format text: CORRECT: APPLICANT; FROM: HOU JIANCI TO: GENTICVAL CO., LTD. |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C19 | Lapse of patent right due to non-payment of the annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| REG | Reference to a national code |
Ref country code: HK Ref legal event code: GR Ref document number: 1064451 Country of ref document: HK |