CN104009851A - One-time pad bidirectional authentication safe logging technology for internet bank - Google Patents
One-time pad bidirectional authentication safe logging technology for internet bank Download PDFInfo
- Publication number
- CN104009851A CN104009851A CN201410267786.3A CN201410267786A CN104009851A CN 104009851 A CN104009851 A CN 104009851A CN 201410267786 A CN201410267786 A CN 201410267786A CN 104009851 A CN104009851 A CN 104009851A
- Authority
- CN
- China
- Prior art keywords
- user
- net silver
- authentication
- character list
- character
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
The invention relates to one-time pad bidirectional authentication safe logging technology for an internet bank. The technology ensures that a user safely logs in a personal e-bank, and the account capital security of the user is protected. A character table disclosed in the technology has electronic and substantial double characteristics and has huge information space. Because all used authentication information is hashed values in the bidirectional authentication process, it is difficult to calculate the character table back through the hashed values, and various network eavesdropping and Trojan horse programs can be sufficiently resisted. An input password must be subjected to bidirectional authentication of the internet bank and the user in a one-time pad mode, and in the process, any failures can prevent the password of the user himself or herself from being divulged. Any ordinary people can easily master the one-time pad bidirectional authentication safe logging technology for the internet bank, and extra auxiliary authentication hardware devices and authentication cost are not needed. The technology can ensure that an ordinary user frequently conducts the operation of logging in a personal e-bank account and an ATM in a long term without reducing the safety of a system.
Description
Technical field
The present invention relates to the network information security in field of computer technology; be particularly related to and adopt information security technology to realize when Net silver user logins bank net, to carry out one-time pad bidirectional identity authentication; the present invention can ensure that Net silver user security logins individual Net silver account and ATM, protection individual subscriber account fund safety.
Background technology
The security threat that Net silver user faces during individual Net silver account in login is mainly from aspect two: the one, and the true and false of the Net silver website of accessing; The 2nd, the malicious attacker that may exist in the various hacker software that may exist in the personal computer that user uses or smart mobile phone and network environment.The security threat facing for Net silver, fail safe when bank has mainly adopted USB flash disk digital certificate, intellective IC card, multifactor cryptographic check method, batch processing password, dynamically the Multi Identity Attestation technology such as account, electronic cipher device, dynamic password card is strengthened Net silver user and logined individual Net silver account.The common feature of these technological means is: user is only by using after the multiple safety identification authentication modes such as dynamic password verification, browser digital certificate of file or mobile digital certificate, could be undertaken variously transferring accounts by Web bank, the operation such as payment.These security means overwhelming majority all need extra hardware identification equipment, for example dynamic password card technique was once considered to effectively to solve one of mode of authenticating user identification, can effectively take precautions against wooden horse theft user's data, yet the appearance of dynamic password swindle note and personation website of bank, brings very big challenge but to the fail safe of this authentication techniques.Although dynamic password will lose efficacy after the short time, trojan horse program obtains user account information and dynamic password by personation Net silver, and the time of successfully logining Net silver often only needs the several seconds.
Smart mobile phone has portable ease for use, information interchange is quick, as long as open the change conditions that related service user can collect personal account fund at any time, be conducive to user and pinpoint the problems in time, but smart mobile phone in the occupation mode of soft hardware equipment and the safety problem facing also can not be ignored.Smart phone user face equally note swindle, malicious attacker personation bank to user send deceptive information, mobile phone viruses is stolen the security threats such as user cipher, phishing.What smart mobile phone was different from personal computer is a bit, because handling of mobile phone business is limited by the administrative provisions of communication company under Mobile phone card, whether these regulations put in place with safety measure comprehensively, and the real-time of reacting while running into security threat and appropriateness all can cause new problem because involving new management organization.For example certain cellphone subscriber's cell-phone number is assumed another's name to make up by other people in certain business hall, and her mobile phone is forced to shut down, and Mobile banking's function is stolen, and in account, fund is all transferred.The fail safe of mobile-phone payment directly affects the propagation and employment of Liao Ge big bank mobile phone business and popularizes.Follow the continuous upgrading of mechanics of communication and smart mobile phone software and hardware, bank also needs to constantly update debug system simultaneously, in this process, just likely produces some technical leaks or blind spot, causes safety problem to occur.
Although each big bank has taked various safety measures in the safety problem of Net silver, Net silver user will confirm by Multi Identity Attestation the legal identity of oneself in login during Net silver to Net silver, and does not require Net silver to itself legitimacy of user-approved.This just causes Net silver user likely at illegal Net silver, to input real Multi Identity Attestation information, and malicious attacker is by means of illegal Net silver, and the important authentication information that these are acquired is indirectly for the attack to true Net silver account.China Internet security study report shows that fishing website becomes infringement Net silver user's No.1 threat, avoid illegal Net silver to extract user profile, user is when login Net silver, Net silver should carry out two-way Multi Identity Attestation with user, should take as far as possible the authentication mode of one-time pad, to avoid authentication information to divulge a secret simultaneously.
Although Net silver and user's two-way authentication can greatly improve fail safe in identity legitimacy each other definite, but very difficult when actual realization.Main cause is, the authentication mode that Net silver adopts must be easy to be easy-to-use for user, any ordinary people can easily grasp, preferably do not need extra authentication ancillary hardware equipment and authentication cost, must be able to guarantee that domestic consumer can authenticate mutually continually for a long time and can not cause the fail safe of Verification System to reduce on personal computer or smart mobile phone.For example certain user may be because need of work be all repeatedly logined Net silver account every day, and this can cause authentication information to be increased by the danger of malicious attacker record analysis, and authentication techniques must can be resisted this security threat.The authentication techniques conventionally technology of accessing to your password realize, but this can bring very big inconvenience to the domestic consumer's daily life without any cryptography professional knowledge, for these problems, the zero-knowledge proof principle design in application message safe practice of the present invention has been realized brand-new user's Net silver one-time pad two-way authentication secure log technology.So-called zero-knowledge proof is exactly generally, suppose that second knows in safety cabinet, there is jobbie, first will prove and oneself have this key to the safe to second, but first does not wish that again second sees this key, first only need be used alone one's own key to open the door of safety cabinet, object in safety cabinet is shown to second, and this method of proof belongs to zero-knowledge proof.In this proof procedure, second can not be seen the key that first has all the time, but second be sure of first and really have key, thereby not only realized proof object but also avoided the leakage of key.
Summary of the invention
The present invention proposes a kind of one-time pad bidirectional identity authentication of realizing Net silver and user by means of character list.So-called character list is one and is arranged in the foursquare table being comprised of character, and symbolically is T, the character list shown in Fig. 1
comprise altogether
row and
row amount to
individual character, these character symbolicallies are
, each character
,
it can be the character that the users such as Chinese character, letter, numeral are easy to identification and use keyboard to input.All in same character list
individual character
must be different.Character list is responsible for generation by bank, when Net silver is opened in user's application, by banking secrecy, is distributed to user, and bank retains the character list copy identical with user simultaneously.The corresponding relation of Net silver account and character list is known by bank, if user proposes to change character list application, bank, after the replacing character list application of accepting user, should upgrade the corresponding relation of fresh character table and Net silver account.Suppose that bank's selection Chinese characters in common use are as the character source set of character list, Chinese characters in common use sum is made as 3000, establishes character list T to be
form, all different character lists add up to astronomical figure, are enough to guarantee to distribute for a long time to national Net silver user.The advantage of character list T is to have huge information space, has soft hard double attribute simultaneously, both can save as picture and also can be printed on paper or on card.
After the character list that user obtains from bank binding with its account, bank requires user when using character list to carry out Net silver login simultaneously, must use the hash function of certain agreement to carry out as requested login authentication operation.This hash function can be also the independently developed hash function of bank for commercial hash function, and bank can be written as this hash function a tool software and download for user.So-called hash function is actually a kind of data compression mapping transformation, the eap-message digest that is a certain regular length by the message compression of random length by hashing algorithm, and the output valve of hash function is called hashed value.In present patent application specification, formula
represent hash function
to input message
hash generates hashed value
.Because the space size of hashed value is far smaller than the space size of input message, thus hash function be a kind of many-to-one mapping
,
, different input message
,
be hashed and generate identical hashed value
.If given hashed value
, cannot be by
carry out unique real input message of determining.For example classical hash function MD5 can generate the message hash of random length the hashed value of 128 bit regular lengths, and its hashed value space size is
, any one hashed value in hashed value space is corresponding infinite a plurality of message all.
The confidentiality of authentication information while carrying out two-way authentication in order further to strengthen Net silver and user, authentication each time all will be first by an identifying code that at least comprises six bit digital of the random generation of Net silver
.When Net silver carries out authentication to user, user inputs individual account information, the character list T then having from it, chooses arbitrarily
individual character,
, it is input in the authentication string input frame that the Net silver page provides.Due to each character in character list T
position in T is by its residing line number
with row number
determining, can use location information be binary digit
represent character
.User is the positional information of each character in the own character list T grasping in authentication query character string successively, and these positional information journals are become to a string
bit digital, the identifying code then this string numeral and Net silver being shown
be stitched together, be input in the hash function tool software that bank provides and calculate and generate hashed value
.Then the result of the result of calculation of oneself and Net silver being returned is compared, if these two results are the same, because only have real Net silver website just to have the character list T identical with user account, Net silver successfully to user-approved the legitimacy of self.The process that user carries out authentication to Net silver similarly, just chosen at random from the character list with the binding of Net silver account by Net silver by authentication string, and verification process repeats no more in detail.
User must experience Net silver and user's bidirectional identity authentication process when the individual Net silver account of login, be that first user requires Net silver to confirm the legitimacy of its identity to oneself, then Net silver requires the legitimacy of user-approved identity, only after successfully having carried out bidirectional identity authentication, user just inputs the real accounts password that oneself is grasped, and carries out the operation of account fund.Due in this authentication process, for the information authenticating, be actually authentication character at positional information and the identifying code of character list T
the hashed value that combines and generate after hash function hash, each verification process identifying code
all change, this hashed value also changes, and this has just played the effect of one-time pad, is difficult to the anti-character list that pushes away of this hashed value, can fully resist diverse network eavesdropping and trojan horse program.As long as user keeps properly the character list of oneself, the fail safe of the one-time pad two-way authentication technology login Net silver based on character list proposed by the invention just improves greatly.When applying above-mentioned two-way authentication technology, user on ATM, withdraws the money when operation, even if side has people to peep or has the unlimited many authentication Hash values of camera monitor log, but because assailant cannot recover to construct from these authentication Hash values the character list T that user grasps effectively, the input content that he sees is without any meaning, because the authentication information that one-time pad login techniques is inputted while making user login ATM will be brand-new next time.
The present invention is not only applicable to banking establishments, is applicable to have large-scale company, service industry or the member system unit of outlet yet.When user registers in these units, character list can directly be maintained secrecy and provide to user in the mode of papery or electronic pictures, and the character list ways of distribution fail safe based on solid shop/brick and mortar store will be far away higher than the mode based on E-mail or mobile phone in network environment.After these unit network are opened bidirectional identity authentication function, as long as user keeps properly the character list of oneself, and carry out website log according to correct browsing process, just can guarantee well personal information security.
Accompanying drawing explanation
Fig. 1 is proposed by the invention comprising
row and
row amount to
the character list of individual character, numeral
be respectively used to represent line number and the row number of character list.
Embodiment
Suppose that Net silver user has obtained safely the random character list of binding with its account that generate of Liao You bank from the outlet of bank, and hypothesis bank clearly specifies
as user, carry out the hash function that Net silver login authentication operation will be used, one-time pad two-way authentication safety network bank login techniques implementation procedure proposed by the invention is as shown in following.
(1) first Net silver carries out authentication to user.User is after individual account information is inputted in Net silver website, and bank generates an identifying code that at least comprises six bit digital at random
, then at the Net silver page, provide an authentication string input frame, wait user's input authentication information.The character list T that user has from it, choose arbitrarily
individual character,
.The character list T shown in Fig. 1 of take is example, establishes user and chooses the character formation authentication string in character list T
, now
, user will
be input to click on submission button after authentication string input frame.When Net silver is received after the authentication request from user, first Net silver obtains the character list T identical with user according to the account information of user's input from database, then according to the authentication string of user's input
each character comprising is inquired about respectively T and is obtained its positional information
,
.Due to
middle first character
be positioned at character list the first row first row, so its positional information
;
in second character
be positioned at character list the first row secondary series, so its positional information
, can obtain by that analogy
in the 6th character
be positioned at character list the second row the 3rd row, so its positional information
.Can obtain
in the numeric string that forms of all character location informations be
, then Net silver is used agreement hash function
calculate
, symbol wherein
expression is stitched together two parts numerical order before and after it, and Net silver is by result of calculation
return and be presented on user's Net silver page.It should be noted that, work as use
with
generate hashed value
time, because the two is all integer, also can use
, as long as by using
introduce random element, the method for being convenient to the actual use of user all can.
(2) Net silver user can obtain according to above-mentioned computational process the result of calculation of oneself
, the result of then result of calculation of oneself and Net silver being returned is compared, if these two results are consistent, Net silver successfully to user-approved the legitimacy of self.Because only have real Net silver just to have the character list T identical with user account, thereby correct authentication result can be provided.So illegal website cannot complete above verification process owing to not having the character list T identical with user, user can directly exit, and also can report to departments of government.The serious harm bringing due to leakage of personal information when Net silver carries out authentication and can avoid user to access illegal Net silver to user, has also safeguarded the rights and interests of legal Net silver simultaneously.Above-mentioned verification process has easy ease for use when actual realization, and the work that he does for user is exactly authentication query character string
in each character
residing by line number in character list T
with row number
the positional information forming
, these positional information journals are become to string number, and then the identifying code showing with Net silver
be stitched together to be input to click to calculate in the hash function tool software that bank provides and generate hashed value
.
Above-mentioned verification process is carried out to safety analysis below, establish the same authentication string of a certain malicious attacker Reusability
carry out authentication operation,
in the numeric string that forms of all character location informations
remain unchanged at every turn, but because each verification process Net silver website all can generate an identifying code at random
so, the hashed value that Net silver returns at every turn
be all different, so just realized Net silver and user's bidirectional identity authentication of one-time pad.If the malicious attacker existing in the hacker software existing in subscriber computer or smart mobile phone or network has been intercepted and captured the authentication string of a large number of users input
, also obtained the hashed value that Net silver website is returned simultaneously
, will just launch a offensive to user's Net silver account must be by
with
the anti-character list T that pushes away user.Due to
in the positional information of each character be used to hash and generate hashed value
so, can only adopt by hashed value
attempting deciphering obtains
.Due to real message
all by natural number, formed, according in specification about the introduction of hash function, hash function is one-way function, cannot directly by hashed value, be deciphered and be obtained origination message, can only adopt the mode of finding collision to decode.Even if cryptologist is being obtained progress aspect the collision of fast searching hash function, but the Hash function collision attack method of having announced at present there is no method, effectively construct another and there is same length with original series and the complete sequence consisting of natural number makes both hashed values after hash identical.
(3) Net silver completes after user's authentication process, and user must be and then to the legitimacy of Net silver authentication self, and verification process is: Net silver is optional from the character list T corresponding with user account at random
individual character,
, generate at random an identifying code that at least comprises six bit digital simultaneously
, then at the Net silver page, provide a hashed value input frame to wait user and input result of calculation.User's hashed value computational process is identical to user's verification process with Net silver, repeats no more herein.If the hashed value result of user's input is consistent with the result of calculation of Net silver website, illustrate that this user is for validated user, user can use the account password of oneself successfully to login individual Net silver.Otherwise Net silver repeats this verification process, if the input error of user's continuous several times, bank can carry out corresponding safe handling to the account according to set safety management regulation.
(4) input of the final password of user is just carried out after must experiencing Net silver and the user mode two-way authentication with one-time pad, and any once failure of this process can avoid user to reveal the password of own grasp.
Claims (5)
1. a bank net one-time pad two-way authentication secure log technology, it is characterized in that user must experience Net silver and user's bidirectional identity authentication process when the individual Net silver account of login, be that first user requires Net silver to confirm the legitimacy of its identity to oneself, then Net silver requires the legitimacy of user-approved identity, only after successfully having carried out bidirectional identity authentication, user just inputs the real accounts password that oneself is grasped, and carries out the operation of account fund.
2. method according to claim 1, is characterized in that: propose a kind ofly based on character list, to realize one-time pad bidirectional identity authentication between Net silver and user; So-called character list be one be arranged in foursquare, the table that is easy to identification and uses the character of keyboard input to form by users such as Chinese character, letter, numerals; Character list has electronics and double characteristic in kind, there is huge information space, character list is responsible for generation by bank, when opening Net silver, user's application is distributed to user by banking secrecy, the corresponding relation of character list and Net silver account is known by bank, and has the character list copy of all Net silver accounts.
3. method according to claim 1, is characterized in that: the information for two-way authentication between Net silver and user is actually authentication string at the positional information string of character list T
identifying code with the random generation of Net silver
combine, the hashed value generating after hash function hash
, work as use
with
generate hashed value
time, because the two is all integer, also can use
, as long as by using
introduce random element, the method for being convenient to the actual use of user all can; Due to each verification process identifying code
all change, authentication information
also change, this has just played the effect of one-time pad; Hash function is one-way function, cannot directly by hashed value, be deciphered and be obtained origination message, can fully resist diverse network eavesdropping and trojan horse program and attempt to recover to construct character list by this hashed value.
4. method according to claim 1, is characterized in that: Net silver, to user's authentication, requires user to randomly draw from the character list of its grasp
individual character,
, by Net silver to user's return authentication information
, whether user compares with it correct judgment by the result of calculation of oneself; User is to the authentication of Net silver, by Net silver, from its grasp and the character list binding of Net silver account, randomly drawed
individual character,
, by user to Net silver return authentication information
, whether Net silver compares with it correct judgment by the result of calculation of oneself, owing to only having the people of the character list of real grasp and the binding of Net silver account just can complete this verification process, by this mode, realizes two-way authentication.
5. method according to claim 1, is characterized in that: the present invention is not only applicable to bank net, is also applicable to have large-scale company, service industry or the member system unit of outlet; When user registers in these units, character list can directly be maintained secrecy and provide to user in the mode of papery or electronic pictures, the renewal of character list or change neck and can carry out at solid shop/brick and mortar store equally, the character list ways of distribution fail safe based on solid shop/brick and mortar store will be far away higher than the mode based on E-mail or mobile phone in network environment; After these unit network are opened bidirectional identity authentication function, as long as user keeps properly the character list of oneself, and carry out website log according to correct browsing process, just can guarantee well user's personal information security.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410267786.3A CN104009851B (en) | 2014-06-17 | 2014-06-17 | A kind of bank net one-time pad two-way authentication secure log technology |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410267786.3A CN104009851B (en) | 2014-06-17 | 2014-06-17 | A kind of bank net one-time pad two-way authentication secure log technology |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104009851A true CN104009851A (en) | 2014-08-27 |
| CN104009851B CN104009851B (en) | 2018-08-10 |
Family
ID=51370347
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410267786.3A Active CN104009851B (en) | 2014-06-17 | 2014-06-17 | A kind of bank net one-time pad two-way authentication secure log technology |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104009851B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106778272A (en) * | 2016-12-27 | 2017-05-31 | 成都三零瑞通移动通信有限公司 | A kind of method that dynamic security detection is carried out to call function |
| CN106973008A (en) * | 2017-05-26 | 2017-07-21 | 无锡云商通科技有限公司 | A kind of selectivity recalls the implementation method of mail |
| CN108810017A (en) * | 2018-07-12 | 2018-11-13 | 中国工商银行股份有限公司 | Business processing safe verification method and device |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101458840A (en) * | 2009-01-09 | 2009-06-17 | 北京大明五洲科技有限公司 | Apparatus and method for personal digital ID authentication device for Internet banking operation |
| US20090172402A1 (en) * | 2007-12-31 | 2009-07-02 | Nguyen Tho Tran | Multi-factor authentication and certification system for electronic transactions |
| CN101640591A (en) * | 2008-07-31 | 2010-02-03 | 西门子(中国)有限公司 | Authentication method |
| CN103152172A (en) * | 2011-12-07 | 2013-06-12 | 中国电信股份有限公司 | Method and client side and server and system for mobile token dynamic password generation |
| US20140040629A1 (en) * | 2009-09-04 | 2014-02-06 | Computer Associates Think, Inc. | Otp generation using a camouflaged key |
-
2014
- 2014-06-17 CN CN201410267786.3A patent/CN104009851B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090172402A1 (en) * | 2007-12-31 | 2009-07-02 | Nguyen Tho Tran | Multi-factor authentication and certification system for electronic transactions |
| CN101640591A (en) * | 2008-07-31 | 2010-02-03 | 西门子(中国)有限公司 | Authentication method |
| CN101458840A (en) * | 2009-01-09 | 2009-06-17 | 北京大明五洲科技有限公司 | Apparatus and method for personal digital ID authentication device for Internet banking operation |
| US20140040629A1 (en) * | 2009-09-04 | 2014-02-06 | Computer Associates Think, Inc. | Otp generation using a camouflaged key |
| CN103152172A (en) * | 2011-12-07 | 2013-06-12 | 中国电信股份有限公司 | Method and client side and server and system for mobile token dynamic password generation |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106778272A (en) * | 2016-12-27 | 2017-05-31 | 成都三零瑞通移动通信有限公司 | A kind of method that dynamic security detection is carried out to call function |
| CN106973008A (en) * | 2017-05-26 | 2017-07-21 | 无锡云商通科技有限公司 | A kind of selectivity recalls the implementation method of mail |
| CN108810017A (en) * | 2018-07-12 | 2018-11-13 | 中国工商银行股份有限公司 | Business processing safe verification method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104009851B (en) | 2018-08-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9887989B2 (en) | Protecting passwords and biometrics against back-end security breaches | |
| KR102493744B1 (en) | Security Verification Method Based on Biometric Characteristics, Client Terminal, and Server | |
| Bojinov et al. | Kamouflage: Loss-resistant password management | |
| Chen et al. | Mobile device integration of a fingerprint biometric remote authentication scheme | |
| CN108833114A (en) | A kind of decentralization identity authorization system and method based on block chain | |
| Sumitra et al. | A survey of cloud authentication attacks and solution approaches | |
| CN104283688B (en) | A kind of USBKey security certification systems and safety certifying method | |
| CN108989346A (en) | The effective identity trustship agility of third party based on account concealment authenticates access module | |
| CN101815091A (en) | Cipher providing equipment, cipher authentication system and cipher authentication method | |
| CN106130716A (en) | Cipher key exchange system based on authentication information and method | |
| KR20120007509A (en) | Method for authenticating identity and generating share key | |
| CN107277059A (en) | A kind of one-time password identity identifying method and system based on Quick Response Code | |
| CN105656862A (en) | Authentication method and device | |
| CN105187382A (en) | Multi-factor identity authentication method for preventing library collision attacks | |
| Kharod et al. | An improved hashing based password security scheme using salting and differential masking | |
| Goel et al. | LEOBAT: Lightweight encryption and OTP based authentication technique for securing IoT networks | |
| CN106549756A (en) | A kind of method and device of encryption | |
| CN110572392A (en) | Identity authentication method based on HyperLegger network | |
| CN104009851A (en) | One-time pad bidirectional authentication safe logging technology for internet bank | |
| Ernst et al. | A Framework for UC Secure Privacy Preserving Biometric Authentication Using Efficient Functional Encryption | |
| CN107733936A (en) | A kind of encryption method of mobile data | |
| CN201717885U (en) | Code providing equipment and code identification system | |
| Fan et al. | Eland: an efficient lightweight anonymous authentication protocol applied to digital rights management system | |
| Tan et al. | Securing password authentication for web-based applications | |
| Xie et al. | VOAuth: A solution to protect OAuth against phishing |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |