Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Authentication method and device and storage medium

An authentication method and authentication request technology, applied in the field of security, can solve problems such as reducing the overhead of synchronization requirements

Active Publication Date: 2020-08-25
BIGO TECH PTE LTD
View PDF7 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0011] The embodiment of the present invention provides an authentication method, device, and storage medium to solve the problem of how to reduce synchronization requirements and reduce overhead while ensuring costs when applying dynamic passwords to authenticate users

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Authentication method and device and storage medium
  • Authentication method and device and storage medium
  • Authentication method and device and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0074] figure 1 It is a flowchart of an authentication method provided by Embodiment 1 of the present invention. This embodiment is applicable to the case where the server registers the terminal based on the time window (TimeWindow) in the stateless mode. The so-called stateless mode may refer to the server The relevant data of user authentication is not persistently stored, and the method can be performed by a computer device, and the computer device (terminal and server) can be implemented by software and / or hardware, wherein the terminal can include a mobile terminal (such as a mobile phone, a tablet computer) etc.), wearable devices (such as smart watches, etc.), etc., the method specifically includes the following steps:

[0075] S101. The terminal sends a registration request message carrying registration parameters to the server.

[0076] In this embodiment, when the user registers, the terminal assembles the registration parameters into a registration request message ...

Embodiment 2

[0103] image 3 It is a flowchart of an authentication method provided by Embodiment 2 of the present invention. This embodiment is based on the foregoing embodiments, and further adds processing operations for the server to authenticate the terminal based on the time window in the stateless mode. The method specifically includes Follow the steps below:

[0104] S301. The terminal sends a first authentication request message carrying a token to a server.

[0105] In this example, if Figure 4 As shown, when the terminal registers with the server, it stores the original key SK, time window parameters, and token Token, and the server does not persist the original key SK, time window parameters, and token Token. , the terminal extracts the Token stored locally, and sends it to the server through the first authentication request message.

[0106] In one embodiment, as Figure 4 As shown, the terminal extracts the local token Token and the user identification UID of the termina...

Embodiment 3

[0171] Figure 5 It is a flowchart of an authentication method provided by Embodiment 3 of the present invention. This embodiment is applicable to the situation where the server registers and authenticates the terminal based on the time window in the stateless mode. This method can be executed by a computer device. The computer device can be implemented as a terminal, and the terminal stores the original key, time window parameters and tokens when registering with the server, and the terminal can be implemented by software and / or hardware, wherein the terminal can include a mobile terminal (such as a mobile phone, a tablet computer) etc.), wearable devices (such as smart watches, etc.), etc., the method specifically includes the following steps:

[0172] S501. Send the first authentication request message carrying the token to the server.

[0173] In a specific implementation, the server is used to decrypt the token into the original key, time window parameters and registrati...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses an authentication method and device and a storage medium. The method comprises the steps that a terminal sends a first authentication request message carryinga token to a server; the server sends the first authentication response message to the terminal; the terminal sends a second authentication request message carrying the target dynamic password to theserver, wherein the target dynamic password is encrypted from a local registration parameter, an original key and a time window parameter of the terminal; and the server sends a second authenticationresponse message carrying an authentication result to the terminal, the authentication result being used for indicating that the target dynamic password is authenticated according to the registrationparameter, the original key and the time window parameter in the time window indicated by the time window parameter. A symmetric key function and an HMAC technology can be used between the server andthe terminal for registration and authentication, the calculation speed can be increased, the overhead of time and space can be reduced, the range of a time window is wide, the requirement for time synchronization is low, and the method is suitable for authentication of transnational and cross-regional terminals and servers.

Description

technical field [0001] The embodiments of the present invention relate to security technologies, and in particular to an authentication method, device and storage medium. Background technique [0002] When users perform business operations such as login, payment, and transfer on the terminal, they often face the threat of eavesdropping attacks and replay attacks targeting passwords and login credentials. The server often authenticates users to ensure the security of user data and property. [0003] In the traditional account and password method, the password is fixed and needs to be remembered by the user. It is generally called a static password. The dynamic password is also called one-time password, and the password or password is valid for one time in the authentication. [0004] At present, dynamic passwords are mainly divided into the following two categories: [0005] 1. Hardware Token Technology [0006] The hardware token technology is that the terminal and the se...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L9/08H04L9/06G06Q20/40
CPCH04L63/0823H04L63/0838H04L63/0876H04L63/0407H04L9/0643H04L9/0869H04L9/0863G06Q20/4014
Inventor 李岩
Owner BIGO TECH PTE LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products