Dynamic Password Authentication System and Method thereof
First Claim
1. A dynamic password authentication method comprising:
- performing in a mobile terminal an encrypting operation using a dynamic password algorithm generating key and an initialization parameter stored in a telecommunication card to obtain an encryption result;
sending the encryption result and a user identity identification code to a security authentication server, the security authentication server seeking out the dynamic password generating algorithm key in a database based on the user identity identification code and performing a decrypting operation to the encryption result to obtain a decrypted parameter. comparing the initialization parameter with the decrypted parameter, the mobile terminal passing the authentication if the initialization parameter is consistent with the decrypted parameter, and the authentication being denied if not.
1 Assignment
0 Petitions
Accused Products
Abstract
A dynamic password authentication system and the method thereof are disclosed. According to one aspect of the present invention, a dynamic password telecommunication card embedded with a security algorithm in the SIM card of a mobile telephone is used to generate a momentarily changed password. The technique as disclosed improves the security of identity authentication effectively and avoids the trouble for the user to remember the password and change the password frequently. The technique is also suitable to a systems that requires a higher security of the identify authentication, such as the bank, the securities, the police and the electronic government affair and the like, thereby to improve the security for the system administrator and the user to login the system.
87 Citations
10 Claims
-
1. A dynamic password authentication method comprising:
-
performing in a mobile terminal an encrypting operation using a dynamic password algorithm generating key and an initialization parameter stored in a telecommunication card to obtain an encryption result;
sending the encryption result and a user identity identification code to a security authentication server, the security authentication server seeking out the dynamic password generating algorithm key in a database based on the user identity identification code and performing a decrypting operation to the encryption result to obtain a decrypted parameter. comparing the initialization parameter with the decrypted parameter, the mobile terminal passing the authentication if the initialization parameter is consistent with the decrypted parameter, and the authentication being denied if not. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A dynamic password authentication system comprising:
-
an authentication server; and
a mobile terminal connected to the authentication server via wireless communication,the mobile terminal is provided with a dynamic password telecommunication card to generate a dynamic password, the authentication server is stored therein with a dynamic password key corresponding to the dynamic password telecommunication card of the mobile terminal to verify the dynamic password submitted by the mobile terminal - View Dependent Claims (10)
-
Specification