[go: up one dir, main page]

CN108400868A - Storage method, device and the mobile terminal of seed key - Google Patents

Storage method, device and the mobile terminal of seed key Download PDF

Info

Publication number
CN108400868A
CN108400868A CN201810043839.1A CN201810043839A CN108400868A CN 108400868 A CN108400868 A CN 108400868A CN 201810043839 A CN201810043839 A CN 201810043839A CN 108400868 A CN108400868 A CN 108400868A
Authority
CN
China
Prior art keywords
seed key
mobile terminal
information
user
key information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810043839.1A
Other languages
Chinese (zh)
Other versions
CN108400868B (en
Inventor
陈柳章
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Excelsecu Data Technology Co Ltd
Original Assignee
Shenzhen Excelsecu Data Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Excelsecu Data Technology Co Ltd filed Critical Shenzhen Excelsecu Data Technology Co Ltd
Priority to CN201810043839.1A priority Critical patent/CN108400868B/en
Publication of CN108400868A publication Critical patent/CN108400868A/en
Application granted granted Critical
Publication of CN108400868B publication Critical patent/CN108400868B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Telephone Function (AREA)

Abstract

本发明适用于信息安全技术领域,提供了种子密钥的存储方法、装置、移动终端及计算机可读存储介质,包括:根据预设规则将种子密钥划分为至少两部分种子密钥信息;将至少一部分种子密钥信息由用户和/或第三方保存,并将其余的、至少一部分种子密钥信息保存于移动终端。通过本发明可增加种子密钥被破解的难度,提高种子密钥的安全性。

The present invention is applicable to the technical field of information security, and provides a seed key storage method, device, mobile terminal, and computer-readable storage medium, including: dividing the seed key into at least two parts of seed key information according to preset rules; At least a part of the seed key information is saved by the user and/or a third party, and the rest, at least a part of the seed key information is saved in the mobile terminal. The invention can increase the difficulty of cracking the seed key and improve the security of the seed key.

Description

种子密钥的存储方法、装置及移动终端Seed key storage method, device and mobile terminal

技术领域technical field

本发明属于信息安全技术领域,尤其涉及种子密钥的存储方法、装置、移动终端及计算机可读存储介质。The invention belongs to the technical field of information security, and in particular relates to a seed key storage method, device, mobile terminal and computer-readable storage medium.

背景技术Background technique

动态口令是根据专门的算法生成一个不可预测的随机数字组合,每个密钥只能使用一次,目前被广泛应用于网银、网游、电子商务等领域。在现有技术中,在移动终端生成动态口令,通常是将生成动态口令所需的种子密钥保存于移动终端。然而将种子密钥保存于移动终端容易被他人解析或者拷贝,进而导致种子密钥被他人破解,安全性较低。The dynamic password is an unpredictable combination of random numbers generated according to a special algorithm, and each key can only be used once. It is currently widely used in online banking, online games, e-commerce and other fields. In the prior art, the dynamic password is generated at the mobile terminal, usually the seed key required for generating the dynamic password is stored in the mobile terminal. However, storing the seed key in the mobile terminal is easy to be parsed or copied by others, thereby causing the seed key to be cracked by others, and the security is low.

故,有必要提出一种新的技术方案,以解决上述技术问题。Therefore, it is necessary to propose a new technical solution to solve the above technical problems.

发明内容Contents of the invention

有鉴于此,本发明提供了种子密钥的存储方法、装置、移动终端及计算机可读存储介质,以增加种子密钥被破解的难度,提高种子密钥的安全性。In view of this, the present invention provides a seed key storage method, device, mobile terminal and computer-readable storage medium, so as to increase the difficulty of cracking the seed key and improve the security of the seed key.

本发明的第一方面提供了一种种子密钥的存储方法,包括:A first aspect of the present invention provides a method for storing a seed key, including:

根据预设规则将种子密钥划分为至少两部分种子密钥信息;dividing the seed key into at least two parts of seed key information according to preset rules;

将至少一部分种子密钥信息由用户和/或第三方保存,并将其余的、至少一部分种子密钥信息保存于移动终端。At least a part of the seed key information is stored by the user and/or a third party, and the rest, at least a part of the seed key information is stored in the mobile terminal.

本发明的第二方面提供了一种种子密钥的存储装置,包括:A second aspect of the present invention provides a seed key storage device, including:

种子密钥划分模块,用于根据预设规则将种子密钥划分为至少两部分种子密钥信息;A seed key division module, configured to divide the seed key into at least two parts of seed key information according to preset rules;

第一信息处理模块,用于将至少一部分种子密钥信息由用户和/或第三方保存,并将其余的、至少一部分种子密钥信息保存于移动终端。The first information processing module is configured to store at least a part of the seed key information by the user and/or a third party, and store the rest, at least a part of the seed key information, in the mobile terminal.

本发明的第三方面提供了一种移动终端,包括存储器、处理器以及存储在所述存储器中并可在所述处理器上运行的计算机程序,所述处理器执行所述计算机程序时实现如上述第一方面所述方法的步骤。A third aspect of the present invention provides a mobile terminal, including a memory, a processor, and a computer program stored in the memory and operable on the processor. When the processor executes the computer program, the following is implemented: The steps of the method described in the first aspect above.

本发明的第四方面提供了一种计算机可读存储介质,所述计算机可读存储介质存储有计算机程序,所述计算机程序被处理器执行时实现如上述第一方面所述方法的步骤。A fourth aspect of the present invention provides a computer-readable storage medium, the computer-readable storage medium stores a computer program, and when the computer program is executed by a processor, the steps of the method described in the above-mentioned first aspect are implemented.

本发明方案与现有技术相比存在的有益效果是:本发明方案根据预设规则将种子密钥划分为至少两部分种子密钥信息,将至少一部分种子密钥信息由用户和/或第三方进行记录保存,并将其余的、至少一部分种子密钥信息保存于移动终端。本发明方案通过将种子密钥划分至少两部分,至少一部分由用户和/或第三方保存,其余的另一部分由移动终端保存,从而实现种子密钥的分开存储,增加了种子密钥被破解的难度,提高了种子密钥的安全性。Compared with the prior art, the present invention has the beneficial effect that the present invention divides the seed key into at least two parts of seed key information according to preset rules, and at least part of the seed key information is distributed by the user and/or a third party Keep records, and save the rest, at least a part of the seed key information, in the mobile terminal. The solution of the present invention divides the seed key into at least two parts, at least one part is saved by the user and/or a third party, and the other part is saved by the mobile terminal, thereby realizing the separate storage of the seed key and increasing the chance of the seed key being cracked. Difficulty, improving the security of the seed key.

附图说明Description of drawings

为了更清楚地说明本发明实施例中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the following will briefly introduce the accompanying drawings that need to be used in the descriptions of the embodiments or the prior art. Obviously, the accompanying drawings in the following description are only of the present invention. For some embodiments, those of ordinary skill in the art can also obtain other drawings based on these drawings without paying creative efforts.

图1是本发明实施例一提供的种子密钥的存储方法的实现流程示意图;FIG. 1 is a schematic diagram of the implementation flow of the seed key storage method provided by Embodiment 1 of the present invention;

图2是本发明实施例二提供的种子密钥的存储方法的实现流程示意图;Fig. 2 is a schematic diagram of the implementation flow of the storage method of the seed key provided by the second embodiment of the present invention;

图3是本发明实施例三提供的种子密钥的存储装置的示意图;FIG. 3 is a schematic diagram of a storage device for a seed key provided in Embodiment 3 of the present invention;

图4是本发明实施例四提供的移动终端的示意图;FIG. 4 is a schematic diagram of a mobile terminal provided in Embodiment 4 of the present invention;

图5是本发明实施例五提供的移动终端的示意图。FIG. 5 is a schematic diagram of a mobile terminal provided by Embodiment 5 of the present invention.

具体实施方式Detailed ways

以下描述中,为了说明而不是为了限定,提出了诸如特定系统结构、技术之类的具体细节,以便透彻理解本发明实施例。然而,本领域的技术人员应当清楚,在没有这些具体细节的其它实施例中也可以实现本发明。在其它情况中,省略对众所周知的系统、装置、电路以及方法的详细说明,以免不必要的细节妨碍本发明的描述。In the following description, specific details such as specific system structures and technologies are presented for the purpose of illustration rather than limitation, so as to thoroughly understand the embodiments of the present invention. It will be apparent, however, to one skilled in the art that the invention may be practiced in other embodiments without these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present invention with unnecessary detail.

应当理解,当在本说明书和所附权利要求书中使用时,术语“包括”指示所描述特征、整体、步骤、操作、元素和/或组件的存在,但并不排除一个或多个其它特征、整体、步骤、操作、元素、组件和/或其集合的存在或添加。It should be understood that when used in this specification and the appended claims, the term "comprising" indicates the presence of described features, integers, steps, operations, elements and/or components, but does not exclude one or more other features. , whole, step, operation, element, component and/or the presence or addition of a collection thereof.

还应当理解,在此本发明说明书中所使用的术语仅仅是出于描述特定实施例的目的而并不意在限制本发明。如在本发明说明书和所附权利要求书中所使用的那样,除非上下文清楚地指明其它情况,否则单数形式的“一”、“一个”及“该”意在包括复数形式。It should also be understood that the terminology used in the description of the present invention is for the purpose of describing particular embodiments only and is not intended to be limiting of the present invention. As used in this specification and the appended claims, the singular forms "a", "an" and "the" are intended to include plural referents unless the context clearly dictates otherwise.

还应当进一步理解,在本发明说明书和所附权利要求书中使用的术语“和/或”是指相关联列出的项中的一个或多个的任何组合以及所有可能组合,并且包括这些组合。It should also be further understood that the term "and/or" used in the description of the present invention and the appended claims refers to any combination and all possible combinations of one or more of the associated listed items, and includes these combinations .

如在本说明书和所附权利要求书中所使用的那样,术语“如果”可以依据上下文被解释为“当...时”或“一旦”或“响应于确定”或“响应于检测到”。类似地,短语“如果确定”或“如果检测到[所描述条件或事件]”可以依据上下文被解释为意指“一旦确定”或“响应于确定”或“一旦检测到[所描述条件或事件]”或“响应于检测到[所描述条件或事件]”。As used in this specification and the appended claims, the term "if" may be construed as "when" or "once" or "in response to determining" or "in response to detecting" depending on the context . Similarly, the phrase "if determined" or "if [the described condition or event] is detected" may be construed, depending on the context, to mean "once determined" or "in response to the determination" or "once detected [the described condition or event] ]” or “in response to detection of [described condition or event]”.

具体实现中,本发明实施例中描述的移动终端包括但不限于诸如具有触摸敏感表面(例如,触摸屏显示器和/或触摸板)的移动电话、膝上型计算机或平板计算机之类的其它便携式设备。还应当理解的是,在某些实施例中,所述设备并非便携式通信设备,而是具有触摸敏感表面(例如,触摸屏显示器和/或触摸板)的台式计算机。In a specific implementation, the mobile terminals described in the embodiments of the present invention include but are not limited to other portable devices such as mobile phones, laptop computers or tablet computers with touch-sensitive surfaces (for example, touch screen displays and/or touch pads) . It should also be appreciated that in some embodiments, the device is not a portable communication device, but a desktop computer with a touch-sensitive surface (eg, a touchscreen display and/or a touchpad).

在接下来的讨论中,描述了包括显示器和触摸敏感表面的移动终端。然而,应当理解的是,移动终端可以包括诸如物理键盘、鼠标和/或控制杆的一个或多个其它物理用户接口设备。In the ensuing discussion, a mobile terminal including a display and a touch-sensitive surface is described. However, it should be understood that a mobile terminal may include one or more other physical user interface devices such as a physical keyboard, mouse and/or joystick.

移动终端支持各种应用程序,例如以下中的一个或多个:绘图应用程序、演示应用程序、文字处理应用程序、网站创建应用程序、盘刻录应用程序、电子表格应用程序、游戏应用程序、电话应用程序、视频会议应用程序、电子邮件应用程序、即时消息收发应用程序、锻炼支持应用程序、照片管理应用程序、数码相机应用程序、数字摄影机应用程序、web浏览应用程序、数字音乐播放器应用程序和/或数字视频播放器应用程序。The mobile terminal supports various applications such as one or more of the following: drawing application, presentation application, word processing application, website creation application, disk burning application, spreadsheet application, game application, telephone applications, video conferencing applications, email applications, instant messaging applications, exercise support applications, photo management applications, digital camera applications, digital video camera applications, web browsing applications, digital music player applications and/or digital video player applications.

可以在移动终端上执行的各种应用程序可以使用诸如触摸敏感表面的至少一个公共物理用户接口设备。可以在应用程序之间和/或相应应用程序内调整和/或改变触摸敏感表面的一个或多个功能以及终端上显示的相应信息。这样,终端的公共物理架构(例如,触摸敏感表面)可以支持具有对用户而言直观且透明的用户界面的各种应用程序。Various applications that can be executed on the mobile terminal can use at least one common physical user interface device, such as a touch-sensitive surface. One or more functions of the touch-sensitive surface and corresponding information displayed on the terminal may be adjusted and/or changed between applications and/or within the respective applications. In this way, the common physical architecture (eg, touch-sensitive surface) of the terminal can support various applications with a user interface that is intuitive and transparent to the user.

应理解,本实施例中各步骤的序号的大小并不意味着执行顺序的先后,各过程的执行顺序应以其功能和内在逻辑确定,而不应对本发明实施例的实施过程构成任何限定。It should be understood that the sequence numbers of the steps in this embodiment do not mean the order of execution, and the execution order of each process should be determined by its functions and internal logic, and should not constitute any limitation to the implementation process of the embodiment of the present invention.

为了说明本发明所述的技术方案,下面通过具体实施例来进行说明。In order to illustrate the technical solutions of the present invention, specific examples are used below to illustrate.

参见图1,是本发明实施例一提供的种子密钥的存储方法的实现流程示意图,该种子密钥的存储方法应用于移动终端,如图所示该种子密钥的存储方法可以包括以下步骤:Referring to FIG. 1 , it is a schematic diagram of the implementation flow of the seed key storage method provided by Embodiment 1 of the present invention. The seed key storage method is applied to a mobile terminal. As shown in the figure, the seed key storage method may include the following steps :

步骤S101,根据预设规则将种子密钥划分为至少两部分种子密钥信息。Step S101, divide the seed key into at least two parts of seed key information according to preset rules.

在本发明实施例中,预设规则可以为第一预设规则或第二预设规则,根据预设规则将种子密钥划分为至少两部分种子密钥信息。In the embodiment of the present invention, the preset rule may be a first preset rule or a second preset rule, and the seed key is divided into at least two parts of seed key information according to the preset rule.

种子密钥可以由服务器整体下发给移动终端,或者由服务器将计算种子密钥的若干计算因子下发给移动终端,而后在移动终端计算得到种子密钥。The seed key can be issued to the mobile terminal by the server as a whole, or the server can issue several calculation factors for calculating the seed key to the mobile terminal, and then the mobile terminal can calculate the seed key.

若种子密钥由服务器整体下发给移动终端,此时预设规则为第一预设规则,移动终端根据第一预设规则将种子密钥划分为至少两部分种子密钥信息。If the seed key is delivered to the mobile terminal by the server as a whole, the preset rule is the first preset rule, and the mobile terminal divides the seed key into at least two parts of seed key information according to the first preset rule.

若服务器将计算种子密钥的若干计算因子下发给移动终端,此时预设规则为第二预设规则,移动终端根据第二预设规则将计算种子密钥的若干个计算因子划分为至少两部分种子密钥信息,在此不做限定。计算因子可以是指计算种子密钥时所需的参数。例如,由用户密码、用户名、卡号等信息计算种子密钥,此时的用户密码、用户名、卡号等可均为种子密钥的计算因子。故,可以通过划分计算种子密钥的计算因子,将种子密钥划分为至少两部分种子密钥信息。If the server sends several calculation factors for calculating the seed key to the mobile terminal, the preset rule is the second preset rule at this time, and the mobile terminal divides the several calculation factors for calculating the seed key into at least The two parts of seed key information are not limited here. The calculation factor may refer to parameters required when calculating the seed key. For example, the seed key is calculated from information such as user password, user name, and card number. At this time, the user password, user name, and card number can all be calculation factors of the seed key. Therefore, the seed key can be divided into at least two parts of seed key information by dividing the calculation factor for calculating the seed key.

其中,预设规则可以是指用户预先设置的如何划分(即拆分)种子密钥的规则。第一预设规则可以是指用户预先设置的如何划分由服务器整体下发给移动终端的种子密钥的规则,用户可以根据需要自行设置该规则,在此不做限定,例如,种子密钥为128K字节数据,可以将前32K字节数据作为种子密钥的一部分信息,剩余的96K字节数据作为种子密钥的另一部分信息,在此不做限定。可选的,所述种子密钥可以是明文,也可以是密文,在此不做限定。第二预设规则可以是指用户预先设置的如何划分由服务器下发给移动终端的计算种子密钥的若干计算因子的规则,用户可以根据需要自行设置该规则,在此不做限定。Wherein, the preset rule may refer to a rule of how to divide (that is, split) the seed key set in advance by the user. The first preset rule may refer to a rule set by the user on how to divide the seed key issued by the server as a whole to the mobile terminal. The user may set the rule by himself according to the needs, which is not limited here. For example, the seed key is 128K bytes of data, the first 32K bytes of data can be used as a part of the information of the seed key, and the remaining 96K bytes of data can be used as another part of the information of the seed key, which is not limited here. Optionally, the seed key may be plain text or cipher text, which is not limited here. The second preset rule may refer to a rule set in advance by the user on how to divide several calculation factors for calculating the seed key sent by the server to the mobile terminal. The user can set the rule by himself according to needs, which is not limited here.

步骤S102,将至少一部分种子密钥信息由用户和/或第三方保存,并将其余的、至少一部分种子密钥信息保存于移动终端。Step S102, saving at least a part of the seed key information by the user and/or a third party, and saving the rest, at least a part of the seed key information, in the mobile terminal.

在本发明实施例中,可以将种子密钥划分为至少两部分,至少一部分由用户和/或第三方进行记录保存,其余的至少一部分保存于移动终端,即使他人破解了保存于移动终端的种子密码信息,也无法获知完整的种子密钥,因为种子密钥的至少一部分种子密钥信息是由用户和/或第三方进行保存,他人无法获知由用户和/或第三方保存的种子密钥信息。例如,可以将种子密钥划分为两部分,一部分由用户保存,另一部分由保存于移动终端;或者将种子密钥划分为三部分,一部分由用户保存,一部分发送给服务器保存,一部分由移动终端保存,当启用移动终端的OTP时,服务器将保存的一部分种子密钥发送给用户,用户将收到的服务器发送的一部分种子密钥和自己保存的一部分种子密钥提交给移动终端,以与移动终端的一部分种子密钥一起恢复得到种子密钥。In the embodiment of the present invention, the seed key can be divided into at least two parts, at least one part is recorded by the user and/or a third party, and the remaining part is stored in the mobile terminal, even if someone else cracks the seed key stored in the mobile terminal Password information, and the complete seed key cannot be obtained, because at least part of the seed key information of the seed key is stored by the user and/or a third party, and others cannot know the seed key information stored by the user and/or a third party . For example, the seed key can be divided into two parts, one part is saved by the user, and the other part is saved by the mobile terminal; Save, when the OTP of the mobile terminal is enabled, the server will send a part of the stored seed key to the user, and the user will submit a part of the seed key sent by the server and a part of the seed key saved by the user to the mobile terminal to communicate with the mobile terminal. A part of the seed key of the terminal is restored together to obtain the seed key.

可选的,在将至少一部分种子密钥信息反馈给用户(例如显示给用户)之后,若接收到针对至少一部分种子密钥信息的确认指令(例如用户记住该至少一部分种子密钥信息后,点击所述至少一部分种子密钥信息所在区域)或者在预设时间(例如1分钟)之后,不再显示所述至少一部分种子密钥信息。Optionally, after at least a part of the seed key information is fed back to the user (for example, displayed to the user), if a confirmation instruction for at least a part of the seed key information is received (for example, after the user memorizes the at least part of the seed key information, Click on the area where the at least a part of the seed key information is located) or after a preset time (for example, 1 minute), the at least a part of the seed key information is no longer displayed.

或者在将至少一部分种子密钥信息发送给第三方之后,第三方接收到并保存该至少一部分密钥信息后,向移动终端反馈应答指令,移动终端在接收到应答指令后,不再显示该至少一部分种子密钥信息,其中,应答指令用于指示第三方已接收并保存移动终端发送的种子密钥信息。第三方可以是指除用户和移动终端之外的设备,例如用户预先设置的服务器。Or after at least a part of the seed key information is sent to a third party, after the third party receives and saves the at least part of the key information, it will feed back a response instruction to the mobile terminal, and the mobile terminal will no longer display the at least part of the seed key information after receiving the response instruction. Part of the seed key information, wherein the response instruction is used to indicate that the third party has received and saved the seed key information sent by the mobile terminal. The third party may refer to equipment other than the user and the mobile terminal, such as a server preset by the user.

可选的,所述将至少一部分种子密钥信息由用户和/或第三方保存包括:Optionally, the storing at least a part of the seed key information by the user and/or a third party includes:

将一部分种子密钥信息显示给用户保存,或者一部分种子密钥信息发送给第三方保存,或者一部分种子密钥信息显示给用户保存、且一部分种子密钥信息发送给第三方保存。A part of the seed key information is displayed to the user for storage, or a part of the seed key information is sent to a third party for storage, or a part of the seed key information is displayed for the user to save, and a part of the seed key information is sent to a third party for storage.

可选的,保存于所述移动终端的种子密钥信息可以是经过加密后再保存于所述移动终端。Optionally, the seed key information stored in the mobile terminal may be encrypted and then stored in the mobile terminal.

可选的,本发明实施例还包括:Optionally, the embodiment of the present invention also includes:

根据第三预设规则将加密种子密钥信息的加密因子划分为至少两部分加密因子信息;dividing the encryption factor of the encrypted seed key information into at least two parts of encryption factor information according to a third preset rule;

将至少一部分加密因子信息由用户和/或第三方保存,并将其余的、至少一部分加密因子信息保存或加密后保存于所述移动终端。At least a part of the encryption factor information is stored by the user and/or a third party, and the rest, at least a part of the encryption factor information is stored or encrypted and stored in the mobile terminal.

可选的,所述将至少一部分加密因子信息由用户和/或第三方保存包括:Optionally, the storing at least part of the encryption factor information by the user and/or a third party includes:

将一部分加密因子信息显示给用户保存,或者一部分加密因子信息发送给第三方保存,或者一部分加密因子信息显示给用户保存、且一部分加密因子信息发送给第三方保存。A part of the encryption factor information is displayed to the user for storage, or a part of the encryption factor information is sent to a third party for storage, or a part of the encryption factor information is displayed for the user to save, and a part of the encryption factor information is sent to a third party for storage.

其中,第三预设规则可以是指用户预先设置的如何划分加密因子的规则,用户可以根据需要自行设置该规则,在此不做限定。Wherein, the third preset rule may refer to a rule of how to divide the encryption factors set in advance by the user, and the user may set the rule by himself according to needs, which is not limited here.

本发明实施例通过将种子密钥划分至少两部分,一部分由用户和/或第三方保存,其余的另一部分由移动终端保存,从而实现种子密钥的分开存储,增加了种子密钥被破解的难度,提高了种子密钥的安全性。而进一步将加密因子分为至少两部分分别由用户或第三方保存、移动终端保存,增强了种子密钥存储的安全性。In the embodiment of the present invention, the seed key is divided into at least two parts, one part is stored by the user and/or a third party, and the other part is stored by the mobile terminal, thereby realizing the separate storage of the seed key and increasing the chance of the seed key being cracked. Difficulty, improving the security of the seed key. Furthermore, the encryption factor is divided into at least two parts, which are stored by the user or a third party, and stored by the mobile terminal, which enhances the security of the storage of the seed key.

参见图2,是本发明实施例二提供的种子密钥的存储方法的实现流程示意图,该种子密钥的存储方法应用于移动终端的OTP,如图所示该种子密钥的存储方法可以包括以下步骤:Referring to FIG. 2 , it is a schematic diagram of the implementation flow of the storage method of the seed key provided by Embodiment 2 of the present invention. The storage method of the seed key is applied to the OTP of the mobile terminal. As shown in the figure, the storage method of the seed key may include The following steps:

步骤S201,在OTP激活阶段,种子密钥由服务器整体下发给移动终端,根据第一预设规则将整体的种子密钥划分为至少两部分种子密钥信息;或者在OTP激活阶段,种子密钥的若干个计算因子由服务器下发给所述移动终端,根据第二预设规则将所述种子密钥的若干个计算因子划分为至少两部分种子密钥信息。Step S201, in the OTP activation phase, the seed key is issued to the mobile terminal as a whole by the server, and the overall seed key is divided into at least two parts of seed key information according to the first preset rule; or in the OTP activation phase, the seed key The several calculation factors of the seed key are sent to the mobile terminal by the server, and the several calculation factors of the seed key are divided into at least two parts of seed key information according to a second preset rule.

本发明实施例中的OTP是指应用于移动终端的软OTP,其通过软件根据种子密钥和当前时间一起通过动态口令计算方法计算出动态口令。其中,动态口令是根据专门的算法每隔一定时间段生成一个与时间相关的、不可预测的随机数字组合。The OTP in the embodiment of the present invention refers to the soft OTP applied to the mobile terminal, which calculates the dynamic password through the dynamic password calculation method through the software according to the seed key and the current time. Among them, the dynamic password is based on a special algorithm to generate a time-related, unpredictable random number combination at regular intervals.

其中,第一预设规则可以是指用户预先设置的如何划分由服务器整体下发给移动终端的种子密钥的规则,用户可以根据需要自行设置该规则,在此不做限定,例如,种子密钥为128K字节数据,可以将前32K字节数据作为种子密钥第一部分信息,剩余的96K字节数据作为种子密钥的第二部分信息,在此不做限定。可选的,所述种子密钥可以是明文,也可以是密文,在此不做限定。Wherein, the first preset rule may refer to a rule set in advance by the user on how to divide the seed key issued by the server as a whole to the mobile terminal. The key is 128K bytes of data, the first 32K bytes of data can be used as the first part of the seed key information, and the remaining 96K bytes of data can be used as the second part of the seed key information, which is not limited here. Optionally, the seed key may be plain text or cipher text, which is not limited here.

其中,计算因子可以是指计算种子密钥时所需的参数。例如,由用户密码、用户名、卡号等信息计算种子密钥,此时的用户密码、用户名、卡号等可均为种子密钥的计算因子。故,可以通过划分计算种子密钥的计算因子,将种子密钥划分为至少两部分种子密钥信息。Wherein, the calculation factor may refer to parameters required when calculating the seed key. For example, the seed key is calculated from information such as user password, user name, and card number. At this time, the user password, user name, and card number can all be calculation factors of the seed key. Therefore, the seed key can be divided into at least two parts of seed key information by dividing the calculation factor for calculating the seed key.

第二预设规则可以是指用户预先设置的如何划分若干计算因子的规则,用户可以根据需要自行设置该规则,在此不做限定。The second preset rule may refer to a rule of how to divide several calculation factors set in advance by the user, and the user may set the rule by himself according to needs, which is not limited here.

步骤S202,将至少一部分种子密钥信息由用户和/或第三方保存,并将其余的、至少一部分种子密钥信息保存于移动终端。Step S202, saving at least a part of the seed key information by the user and/or a third party, and saving the rest, at least a part of the seed key information, in the mobile terminal.

在本发明实施例中,可以将种子密钥划分为至少两部分,至少一部分由用户和/或第三方进行记录保存,其余的至少一部分保存于移动终端,即使他人破解了保存于移动终端的种子密码信息,也无法获知完整的种子密钥,因为种子密钥的至少一部分种子密钥信息是由用户和/或第三方进行保存,他人无法获知由用户和/或第三方保存的种子密钥信息。例如,可以将种子密钥划分为两部分,一部分由用户保存,另一部分由保存于移动终端;或者将种子密钥划分为三部分,一部分由用户保存,一部分发送给服务器保存,一部分由移动终端保存,当启用移动终端的OTP时,服务器将保存的一部分种子密钥发送给用户,用户将收到的服务器发送的一部分种子密钥和自己保存的一部分种子密钥提交给移动终端,以与移动终端的一部分种子密钥一起恢复得到种子密钥。In the embodiment of the present invention, the seed key can be divided into at least two parts, at least one part is recorded by the user and/or a third party, and the remaining part is stored in the mobile terminal, even if someone else cracks the seed key stored in the mobile terminal Password information, and the complete seed key cannot be obtained, because at least part of the seed key information of the seed key is stored by the user and/or a third party, and others cannot know the seed key information stored by the user and/or a third party . For example, the seed key can be divided into two parts, one part is saved by the user, and the other part is saved by the mobile terminal; Save, when the OTP of the mobile terminal is enabled, the server will send a part of the stored seed key to the user, and the user will submit a part of the seed key sent by the server and a part of the seed key saved by the user to the mobile terminal to communicate with the mobile terminal. A part of the seed key of the terminal is restored together to obtain the seed key.

可选的,在将至少一部分种子密钥信息反馈给用户(例如显示给用户)之后,若接收到针对至少一部分种子密钥信息的确认指令(例如用户记住该至少一部分种子密钥信息后,点击所述至少一部分种子密钥信息所在区域)或者在预设时间(例如1分钟)之后,不再显示所述至少一部分种子密钥信息。Optionally, after at least a part of the seed key information is fed back to the user (for example, displayed to the user), if a confirmation instruction for at least a part of the seed key information is received (for example, after the user memorizes the at least part of the seed key information, Click on the area where the at least a part of the seed key information is located) or after a preset time (for example, 1 minute), the at least a part of the seed key information is no longer displayed.

或者在将至少一部分种子密钥信息发送给第三方之后,第三方接收到并保存该至少一部分密钥信息后,向移动终端反馈应答指令,移动终端在接收到应答指令后,不再显示该至少一部分种子密钥信息,其中,应答指令用于指示第三方已接收并保存移动终端发送的种子密钥信息。第三方可以是指除用户和移动终端之外的设备,例如用户预先设置的服务器。Or after at least a part of the seed key information is sent to a third party, after the third party receives and saves the at least part of the key information, it will feed back a response instruction to the mobile terminal, and the mobile terminal will no longer display the at least part of the seed key information after receiving the response instruction. Part of the seed key information, wherein the response instruction is used to indicate that the third party has received and saved the seed key information sent by the mobile terminal. The third party may refer to equipment other than the user and the mobile terminal, such as a server preset by the user.

可选的,所述将至少一部分种子密钥信息由用户和/或第三方保存包括:Optionally, the storing at least a part of the seed key information by the user and/or a third party includes:

将一部分种子密钥信息显示给用户保存,或者一部分种子密钥信息发送给第三方保存,或者一部分种子密钥信息显示给用户保存、且一部分种子密钥信息发送给第三方保存。A part of the seed key information is displayed to the user for storage, or a part of the seed key information is sent to a third party for storage, or a part of the seed key information is displayed for the user to save, and a part of the seed key information is sent to a third party for storage.

可选的,保存于所述移动终端的种子密钥信息可以是经过加密后再保存于所述移动终端。Optionally, the seed key information stored in the mobile terminal may be encrypted and then stored in the mobile terminal.

可选的,本发明实施例还包括:Optionally, the embodiment of the present invention also includes:

根据第三预设规则将加密种子密钥信息的加密因子划分为至少两部分加密因子信息;dividing the encryption factor of the encrypted seed key information into at least two parts of encryption factor information according to a third preset rule;

将至少一部分加密因子信息由用户和/或第三方保存,并将其余的、至少一部分加密因子信息保存或加密后保存于所述移动终端。At least a part of the encryption factor information is stored by the user and/or a third party, and the rest, at least a part of the encryption factor information is stored or encrypted and stored in the mobile terminal.

可选的,所述将至少一部分加密因子信息由用户和/或第三方保存包括:Optionally, the storing at least part of the encryption factor information by the user and/or a third party includes:

将一部分加密因子信息显示给用户保存,或者一部分加密因子信息发送给第三方保存,或者一部分加密因子信息显示给用户保存、且一部分加密因子信息发送给第三方保存。A part of the encryption factor information is displayed to the user for storage, or a part of the encryption factor information is sent to a third party for storage, or a part of the encryption factor information is displayed for the user to save, and a part of the encryption factor information is sent to a third party for storage.

其中,第三预设规则可以是指用户预先设置的如何划分加密因子的规则,用户可以根据需要自行设置该规则,在此不做限定。Wherein, the third preset rule may refer to a rule of how to divide the encryption factors set in advance by the user, and the user may set the rule by himself according to needs, which is not limited here.

步骤S203,在启动OTP时,获取用户输入的由用户保存和/或用户从第三方得到的种子密钥信息,获取所述移动终端保存的种子密钥信息。Step S203, when starting the OTP, obtain the seed key information input by the user that is saved by the user and/or that the user obtains from a third party, and obtain the seed key information saved by the mobile terminal.

在本发明实施例中,在启动OTP时,用户可以通过移动终端输入由用户保存或者用户从第三方得到的种子密钥信息(例如在移动终端的触摸屏上输入种子密钥信息)或者由用户保存和用户从第三方得到的种子密钥信息,从而获取用户输入的种子密钥信息,并从移动终端中获取其自身所保存的种子密钥信息。In the embodiment of the present invention, when starting OTP, the user can input the seed key information saved by the user or obtained by the user from a third party through the mobile terminal (such as inputting the seed key information on the touch screen of the mobile terminal) or saved by the user. and the seed key information obtained by the user from a third party, so as to obtain the seed key information input by the user, and obtain the seed key information stored by the mobile terminal itself.

步骤S204,根据获取的全部种子密钥信息恢复种子密钥明文。Step S204, restore the plaintext of the seed key according to all the acquired seed key information.

在本发明实施例中,由于用户输入的种子密钥信息和移动终端自身保存的种子密钥信息是由种子密钥划分所得,那么将用户输入的种子密钥信息和移动终端自身保存的种子密钥信息进行组合可获取完整的种子密钥。如果保存于移动终端的部分种子密钥信息是经过加密的,则先解密再与用户输入的种子密钥信息恢复得到种子密钥明文。In the embodiment of the present invention, since the seed key information input by the user and the seed key information stored by the mobile terminal itself are obtained by dividing the seed key, the seed key information input by the user and the seed key information stored by the mobile terminal itself Combining key information can obtain a complete seed key. If part of the seed key information stored in the mobile terminal is encrypted, first decrypt it and then restore it with the seed key information input by the user to obtain the plaintext of the seed key.

步骤S205,根据所述种子密钥明文和动态口令算法计算动态口令。Step S205, calculating the dynamic password according to the plain text of the seed key and the dynamic password algorithm.

本发明实施例通过将种子密钥划分至少两部分,至少一部分由用户和/或第三方保存,其余的另一部分由移动终端保存,从而实现种子密钥的分开存储,增加了种子密钥被破解的难度,提高了种子密钥的安全性,计算得到的动态口令更安全可靠。In the embodiment of the present invention, the seed key is divided into at least two parts, at least one part is stored by the user and/or a third party, and the other part is stored by the mobile terminal, so as to realize the separate storage of the seed key and increase the chance of the seed key being cracked. The difficulty improves the security of the seed key, and the calculated dynamic password is more secure and reliable.

参见图3,是本发明实施例三提供的种子密钥的存储装置的示意图,为了便于说明,仅示出了与本发明实施例相关的部分。Referring to FIG. 3 , it is a schematic diagram of a storage device for a seed key provided by Embodiment 3 of the present invention. For convenience of description, only parts related to the embodiment of the present invention are shown.

所述装置包括:The devices include:

种子密钥划分模块31,用于根据预设规则将种子密钥划分为至少两部分种子密钥信息;A seed key division module 31, configured to divide the seed key into at least two parts of seed key information according to preset rules;

第一信息处理模块32,用于将至少一部分种子密钥第一部分信息由用户和/或第三方保存,并将其余的、至少一部分种子密钥信息保存于移动终端。The first information processing module 32 is configured to save at least a part of the first part of the seed key information by the user and/or a third party, and save the rest, at least a part of the seed key information, in the mobile terminal.

可选的,所述种子密钥划分模块31具体用于:Optionally, the seed key division module 31 is specifically used for:

所述预设规则为第一预设规则,在OTP激活阶段,所述种子密钥由服务器整体下发给所述移动终端,根据第一预设规则将整体的种子密钥划分为至少两部分种子密钥信息;或者The preset rule is a first preset rule. In the OTP activation stage, the seed key is issued to the mobile terminal as a whole by the server, and the whole seed key is divided into at least two parts according to the first preset rule. seed key information; or

所述预设规则为第二预设规则,在OTP激活阶段,所述种子密钥的若干个计算因子由服务器下发给所述移动终端,根据第二预设规则将所述种子密钥的若干个计算因子划分为至少两部分种子密钥信息。The preset rule is a second preset rule. In the OTP activation stage, several calculation factors of the seed key are sent to the mobile terminal by the server, and the seed key is calculated according to the second preset rule. Several calculation factors are divided into at least two parts of seed key information.

可选的,所述装置还包括:Optionally, the device also includes:

信息获取模块33,用于在启动OTP时,获取用户输入的由用户保存和/或用户从第三方得到的种子密钥信息,获取所述移动终端保存的种子密钥信息;The information acquisition module 33 is used to obtain the seed key information that is saved by the user and/or the user obtains from a third party input by the user when starting the OTP, and obtains the seed key information saved by the mobile terminal;

种子密钥恢复模块34,用于根据获取的全部种子密钥信息恢复种子密钥明文;Seed key recovery module 34, used for recovering the seed key plaintext according to all the seed key information obtained;

动态口令计算模块35,用于根据所述种子密钥明文和动态口令算法计算动态口令。The dynamic password calculation module 35 is configured to calculate the dynamic password according to the plain text of the seed key and the dynamic password algorithm.

可选的,保存于所述移动终端的种子密钥信息是经过加密后再保存于所述移动终端。Optionally, the seed key information stored in the mobile terminal is encrypted and then stored in the mobile terminal.

可选的,所述装置还包括:Optionally, the device also includes:

加密因子划分模块,用于根据第三预设规则将加密种子密钥信息的加密因子划分为至少两部分加密因子信息;An encryption factor division module, configured to divide the encryption factor of the encrypted seed key information into at least two parts of the encryption factor information according to a third preset rule;

第二信息处理模块,用于将至少一部分加密因子信息由用户和/或第三方保存,并将其余的、至少一部分加密因子信息保存或加密后保存于所述移动终端。The second information processing module is configured to store at least a part of the encryption factor information by the user and/or a third party, and store or encrypt the rest, at least a part of the encryption factor information, in the mobile terminal.

其中,所述加密因子划分模块以及所述第二信息处理模块未在图3中显示。Wherein, the encryption factor dividing module and the second information processing module are not shown in FIG. 3 .

本发明实施例提供的装置可以应用在前述方法实施例一和实施例二中,详情参见上述方法实施例一和实施例二的描述,在此不再赘述。The device provided by the embodiment of the present invention can be applied in the foregoing method embodiment 1 and embodiment 2. For details, refer to the description of the foregoing method embodiment 1 and embodiment 2, which will not be repeated here.

图4是本发明实施例四提供的移动终端的示意图。如图所示的该移动终端可以包括:一个或多个处理器401(图中仅示出一个);一个或多个输入设备402(图中仅示出一个),一个或多个输出设备403(图中仅示出一个)和存储器404。上述处理器401、输入设备402、输出设备403和存储器404通过总线405连接。存储器404用于存储指令,处理器401用于执行存储器404存储的指令。其中:FIG. 4 is a schematic diagram of a mobile terminal provided by Embodiment 4 of the present invention. The mobile terminal as shown in the figure may include: one or more processors 401 (only one is shown in the figure); one or more input devices 402 (only one is shown in the figure), one or more output devices 403 (only one is shown in the figure) and memory 404 . The aforementioned processor 401 , input device 402 , output device 403 and memory 404 are connected through a bus 405 . The memory 404 is used to store instructions, and the processor 401 is used to execute the instructions stored in the memory 404 . in:

所述处理器401,用于根据预设规则将种子密钥划分为至少两部分种子密钥信息;将至少一部分种子密钥信息由用户和/或第三方保存,并将其余的、至少一部分种子密钥信息保存于移动终端。The processor 401 is configured to divide the seed key into at least two parts of seed key information according to preset rules; store at least a part of the seed key information by the user and/or a third party, and store the rest, at least a part of the seed key information The key information is stored in the mobile terminal.

可选的,所述处理器401具体用于:Optionally, the processor 401 is specifically configured to:

所述预设规则为第一预设规则,在OTP激活阶段,所述种子密钥由服务器整体下发给所述移动终端,根据第一预设规则将整体的种子密钥划分为至少两部分种子密钥信息;或者The preset rule is a first preset rule. In the OTP activation stage, the seed key is issued to the mobile terminal as a whole by the server, and the whole seed key is divided into at least two parts according to the first preset rule. seed key information; or

所述预设规则为第二预设规则,在OTP激活阶段,所述种子密钥的若干个计算因子由服务器下发给所述移动终端,根据第二预设规则将所述种子密钥的若干个计算因子划分为至少两部分种子密钥信息。The preset rule is a second preset rule. In the OTP activation stage, several calculation factors of the seed key are sent to the mobile terminal by the server, and the seed key is calculated according to the second preset rule. Several calculation factors are divided into at least two parts of seed key information.

可选的,所述处理器401还用于:Optionally, the processor 401 is further configured to:

在启动OTP时,获取用户输入的由用户保存和/或用户从第三方得到的种子密钥信息,获取所述移动终端保存的种子密钥信息;When starting the OTP, obtain the seed key information that is saved by the user and/or the user obtains from a third party input by the user, and obtain the seed key information saved by the mobile terminal;

根据获取的全部种子密钥信息恢复种子密钥明文;Recover the plaintext of the seed key according to all the obtained seed key information;

根据所述种子密钥明文和动态口令算法计算动态口令。Calculate the dynamic password according to the plain text of the seed key and the dynamic password algorithm.

可选的,保存于所述移动终端的种子密钥信息是经过加密后再保存于所述移动终端。Optionally, the seed key information stored in the mobile terminal is encrypted and then stored in the mobile terminal.

可选的,所述处理器401还用于:Optionally, the processor 401 is further configured to:

根据第三预设规则将加密种子密钥信息的加密因子划分为至少两部分加密因子信息;dividing the encryption factor of the encrypted seed key information into at least two parts of encryption factor information according to a third preset rule;

将至少一部分加密因子信息由用户和/或第三方保存,并将其余的、至少一部分加密因子信息保存或加密后保存于所述移动终端。At least a part of the encryption factor information is stored by the user and/or a third party, and the rest, at least a part of the encryption factor information is stored or encrypted and stored in the mobile terminal.

应当理解,在本发明实施例中,所述处理器401可以是中央处理单元(CentralProcessing Unit,CPU),该处理器还可以是其他通用处理器、数字信号处理器(DigitalSignal Processor,DSP)、专用集成电路(Application Specific Integrated Circuit,ASIC)、现成可编程门阵列(Field-Programmable Gate Array,FPGA)或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件等。通用处理器可以是微处理器或者该处理器也可以是任何常规的处理器等。It should be understood that, in the embodiment of the present invention, the processor 401 may be a central processing unit (Central Processing Unit, CPU), and the processor may also be other general-purpose processors, digital signal processors (Digital Signal Processor, DSP), dedicated Integrated Circuit (Application Specific Integrated Circuit, ASIC), off-the-shelf programmable gate array (Field-Programmable Gate Array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc. A general-purpose processor may be a microprocessor, or the processor may be any conventional processor, or the like.

输入设备402可以包括触控板、指纹采传感器(用于采集用户的指纹信息和指纹的方向信息)、麦克风、数据接收接口等。输出设备403可以包括显示器(LCD等)、扬声器、数据发送接口等。The input device 402 may include a touch panel, a fingerprint sensor (for collecting user's fingerprint information and fingerprint direction information), a microphone, a data receiving interface, and the like. The output device 403 may include a display (LCD, etc.), a speaker, a data sending interface, and the like.

该存储器404可以包括只读存储器和随机存取存储器,并向处理器401提供指令和数据。存储器404的一部分还可以包括非易失性随机存取存储器。例如,存储器404还可以存储设备类型的信息。The memory 404 may include read-only memory and random-access memory, and provides instructions and data to the processor 401 . A portion of memory 404 may also include non-volatile random access memory. For example, memory 404 may also store device type information.

具体实现中,本发明实施例中所描述的处理器401、输入设备402、输出设备403和存储器404可执行本发明实施例提供的种子密钥的存储方法的实施例中所描述的实现方式,也可执行实施例三所述种子密钥的存储装置中所描述的实现方式,在此不再赘述。In a specific implementation, the processor 401, input device 402, output device 403, and memory 404 described in the embodiment of the present invention can execute the implementation described in the embodiment of the seed key storage method provided in the embodiment of the present invention, The implementation manner described in the storage device for the seed key described in Embodiment 3 may also be implemented, and details are not repeated here.

图5是本发明实施例五提供的移动终端的示意图。如图5所示,该实施例的移动终端5包括:处理器50、存储器51以及存储在所述存储器51中并可在所述处理器50上运行的计算机程序52。所述处理器50执行所述计算机程序52时实现上述各个种子密钥的存储方法实施例中的步骤,例如图1所示的步骤S101至S102。或者,所述处理器50执行所述计算机程序52时实现上述各装置实施例中各模块/单元的功能。FIG. 5 is a schematic diagram of a mobile terminal provided by Embodiment 5 of the present invention. As shown in FIG. 5 , the mobile terminal 5 of this embodiment includes: a processor 50 , a memory 51 , and a computer program 52 stored in the memory 51 and operable on the processor 50 . When the processor 50 executes the computer program 52, it implements the steps in the above embodiments of the method for storing various seed keys, such as steps S101 to S102 shown in FIG. 1 . Alternatively, when the processor 50 executes the computer program 52, the functions of the modules/units in the above-mentioned device embodiments are implemented.

示例性的,所述计算机程序52可以被分割成一个或多个模块/单元,所述一个或者多个模块/单元被存储在所述存储器51中,并由所述处理器50执行,以完成本发明。所述一个或多个模块/单元可以是能够完成特定功能的一系列计算机程序指令段,该指令段用于描述所述计算机程序52在所述移动终端5中的执行过程。例如,所述计算机程序52可以被分割成种子密钥划分模块、第一信息处理模块、信息获取模块、种子密钥恢复模块、动态口令计算模块、加密因子划分模块以及第二信息处理模块,各模块具体功能如下:Exemplarily, the computer program 52 can be divided into one or more modules/units, and the one or more modules/units are stored in the memory 51 and executed by the processor 50 to complete this invention. The one or more modules/units may be a series of computer program instruction segments capable of accomplishing specific functions, and the instruction segments are used to describe the execution process of the computer program 52 in the mobile terminal 5 . For example, the computer program 52 can be divided into a seed key division module, a first information processing module, an information acquisition module, a seed key recovery module, a dynamic password calculation module, an encryption factor division module and a second information processing module, each The specific functions of the module are as follows:

种子密钥划分模块,用于根据预设规则将种子密钥划分为至少两部分种子密钥信息;A seed key division module, configured to divide the seed key into at least two parts of seed key information according to preset rules;

第一信息处理模块,用于将至少一部分种子密钥信息由用户和/或第三方保存,并将其余的、至少一部分种子密钥信息保存于移动终端。The first information processing module is configured to store at least a part of the seed key information by the user and/or a third party, and store the rest, at least a part of the seed key information, in the mobile terminal.

可选的,所述种子密钥划分模块具体用于:Optionally, the seed key division module is specifically used for:

所述预设规则为第一预设规则,在OTP激活阶段,所述种子密钥由服务器整体下发给所述移动终端,根据第一预设规则将整体的种子密钥划分为至少两部分种子密钥信息;或者The preset rule is a first preset rule. In the OTP activation stage, the seed key is issued to the mobile terminal as a whole by the server, and the whole seed key is divided into at least two parts according to the first preset rule. seed key information; or

所述预设规则为第二预设规则,在OTP激活阶段,所述种子密钥的若干个计算因子由服务器下发给所述移动终端,根据第二预设规则将所述种子密钥的若干个计算因子划分为至少两部分种子密钥信息。The preset rule is a second preset rule. In the OTP activation stage, several calculation factors of the seed key are sent to the mobile terminal by the server, and the seed key is calculated according to the second preset rule. Several calculation factors are divided into at least two parts of seed key information.

可选的,信息获取模块,用于在启动OTP时,获取用户输入的由用户保存和/或用户从第三方得到的种子密钥信息,获取所述移动终端保存的种子密钥信息;Optionally, the information acquisition module is used to acquire the seed key information input by the user and saved by the user and/or obtained by the user from a third party when starting the OTP, and obtain the seed key information saved by the mobile terminal;

种子密钥恢复模块,用于根据获取的全部种子密钥信息恢复种子密钥明文;The seed key recovery module is used to restore the plaintext of the seed key according to all the obtained seed key information;

动态口令计算模块,用于根据所述种子密钥明文和动态口令算法计算动态口令。The dynamic password calculation module is used to calculate the dynamic password according to the plain text of the seed key and the dynamic password algorithm.

可选的,加密因子划分模块,用于根据第三预设规则将加密种子密钥信息的加密因子划分为至少两部分加密因子信息;Optionally, an encryption factor division module, configured to divide the encryption factor of the encrypted seed key information into at least two parts of the encryption factor information according to a third preset rule;

第二信息处理模块,用于将至少一部分加密因子信息由用户和/或第三方保存,并将其余的、至少一部分加密因子信息保存或加密后保存于所述移动终端。The second information processing module is configured to store at least a part of the encryption factor information by the user and/or a third party, and store or encrypt the rest, at least a part of the encryption factor information, in the mobile terminal.

所述移动终端5可以是桌上型计算机、笔记本、掌上电脑及云端服务器等计算设备。所述移动终端可包括,但不仅限于,处理器50、存储器51。本领域技术人员可以理解,图5仅仅是移动终端5的示例,并不构成对移动终端5的限定,可以包括比图示更多或更少的部件,或者组合某些部件,或者不同的部件,例如所述移动终端还可以包括输入输出设备、网络接入设备、总线等。The mobile terminal 5 may be a computing device such as a desktop computer, a notebook, a palmtop computer, or a cloud server. The mobile terminal may include, but not limited to, a processor 50 and a memory 51 . Those skilled in the art can understand that FIG. 5 is only an example of the mobile terminal 5, and does not constitute a limitation to the mobile terminal 5. It may include more or less components than those shown in the figure, or combine certain components, or different components. , for example, the mobile terminal may further include an input and output device, a network access device, a bus, and the like.

所称处理器50可以是中央处理单元CPU,还可以是其他通用处理器、数字信号处理器DSP、专用集成电路ASIC、现成可编程门阵列FPGA或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件等。通用处理器可以是微处理器或者该处理器也可以是任何常规的处理器等。The so-called processor 50 can be a central processing unit CPU, and can also be other general-purpose processors, digital signal processors DSP, application-specific integrated circuits ASIC, off-the-shelf programmable gate array FPGA or other programmable logic devices, discrete gates or transistor logic devices , discrete hardware components, etc. A general-purpose processor may be a microprocessor, or the processor may be any conventional processor, or the like.

所述存储器51可以是所述移动终端5的内部存储单元,例如移动终端5的硬盘或内存。所述存储器51也可以是所述移动终端5的外部存储设备,例如所述移动终端5上配备的插接式硬盘,智能存储卡(Smart Media Card,SMC),安全数字(Secure Digital,SD)卡,闪存卡(Flash Card)等。进一步地,所述存储器51还可以既包括所述移动终端5的内部存储单元也包括外部存储设备。所述存储器51用于存储所述计算机程序以及所述移动终端所需的其他程序和数据。所述存储器51还可以用于暂时地存储已经输出或者将要输出的数据。The memory 51 may be an internal storage unit of the mobile terminal 5 , such as a hard disk or memory of the mobile terminal 5 . The memory 51 can also be an external storage device of the mobile terminal 5, such as a plug-in hard disk equipped on the mobile terminal 5, a smart memory card (Smart Media Card, SMC), a secure digital (Secure Digital, SD) card, flash memory card (Flash Card), etc. Further, the memory 51 may also include both an internal storage unit of the mobile terminal 5 and an external storage device. The memory 51 is used to store the computer program and other programs and data required by the mobile terminal. The memory 51 can also be used to temporarily store data that has been output or will be output.

所属领域的技术人员可以清楚地了解到,为了描述的方便和简洁,仅以上述各功能单元、模块的划分进行举例说明,实际应用中,可以根据需要而将上述功能分配由不同的功能单元、模块完成,即将所述装置的内部结构划分成不同的功能单元或模块,以完成以上描述的全部或者部分功能。实施例中的各功能单元、模块可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中,上述集成的单元既可以采用硬件的形式实现,也可以采用软件功能单元的形式实现。另外,各功能单元、模块的具体名称也只是为了便于相互区分,并不用于限制本申请的保护范围。上述系统中单元、模块的具体工作过程,可以参考前述方法实施例中的对应过程,在此不再赘述。Those skilled in the art can clearly understand that for the convenience and brevity of description, only the division of the above-mentioned functional units and modules is used for illustration. In practical applications, the above-mentioned functions can be assigned to different functional units, Completion of modules means that the internal structure of the device is divided into different functional units or modules to complete all or part of the functions described above. Each functional unit and module in the embodiment may be integrated into one processing unit, or each unit may exist separately physically, or two or more units may be integrated into one unit, and the above-mentioned integrated units may adopt hardware It can also be implemented in the form of software functional units. In addition, the specific names of the functional units and modules are only for the convenience of distinguishing each other, and are not used to limit the protection scope of the present application. For the specific working process of the units and modules in the above system, reference may be made to the corresponding process in the foregoing method embodiments, and details will not be repeated here.

在上述实施例中,对各个实施例的描述都各有侧重,某个实施例中没有详述或记载的部分,可以参见其它实施例的相关描述。In the above-mentioned embodiments, the descriptions of each embodiment have their own emphases, and for parts that are not detailed or recorded in a certain embodiment, refer to the relevant descriptions of other embodiments.

本领域普通技术人员可以意识到,结合本文中所公开的实施例描述的各示例的单元及算法步骤,能够以电子硬件、或者计算机软件和电子硬件的结合来实现。这些功能究竟以硬件还是软件方式来执行,取决于技术方案的特定应用和设计约束条件。专业技术人员可以对每个特定的应用来使用不同方法来实现所描述的功能,但是这种实现不应认为超出本发明的范围。Those skilled in the art can appreciate that the units and algorithm steps of the examples described in conjunction with the embodiments disclosed herein can be implemented by electronic hardware, or a combination of computer software and electronic hardware. Whether these functions are executed by hardware or software depends on the specific application and design constraints of the technical solution. Those skilled in the art may use different methods to implement the described functions for each specific application, but such implementation should not be regarded as exceeding the scope of the present invention.

在本发明所提供的实施例中,应该理解到,所揭露的装置/移动终端和方法,可以通过其它的方式实现。例如,以上所描述的装置/移动终端实施例仅仅是示意性的,例如,所述模块或单元的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通讯连接可以是通过一些接口,装置或单元的间接耦合或通讯连接,可以是电性,机械或其它的形式。In the embodiments provided in the present invention, it should be understood that the disclosed device/mobile terminal and method may be implemented in other ways. For example, the device/mobile terminal embodiments described above are only illustrative. For example, the division of the modules or units is only a logical function division. In actual implementation, there may be other division methods, such as multiple units Or components may be combined or may be integrated into another system, or some features may be omitted, or not implemented. In another point, the mutual coupling or direct coupling or communication connection shown or discussed may be through some interfaces, and the indirect coupling or communication connection of devices or units may be in electrical, mechanical or other forms.

所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例方案的目的。The units described as separate components may or may not be physically separated, and the components shown as units may or may not be physical units, that is, they may be located in one place, or may be distributed to multiple network units. Part or all of the units can be selected according to actual needs to achieve the purpose of the solution of this embodiment.

另外,在本发明各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现,也可以采用软件功能单元的形式实现。In addition, each functional unit in each embodiment of the present invention may be integrated into one processing unit, each unit may exist separately physically, or two or more units may be integrated into one unit. The above-mentioned integrated units can be implemented in the form of hardware or in the form of software functional units.

所述集成的模块/单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本发明实现上述实施例方法中的全部或部分流程,也可以通过计算机程序来指令相关的硬件来完成,所述的计算机程序可存储于一计算机可读存储介质中,该计算机程序在被处理器执行时,可实现上述各个方法实施例的步骤。其中,所述计算机程序包括计算机程序代码,所述计算机程序代码可以为源代码形式、对象代码形式、可执行文件或某些中间形式等。所述计算机可读介质可以包括:能够携带所述计算机程序代码的任何实体或装置、记录介质、U盘、移动硬盘、磁碟、光盘、计算机存储器、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、电载波信号、电信信号以及软件分发介质等。需要说明的是,所述计算机可读介质包含的内容可以根据司法管辖区内立法和专利实践的要求进行适当的增减,例如在某些司法管辖区,根据立法和专利实践,计算机可读介质不包括电载波信号和电信信号。If the integrated module/unit is realized in the form of a software function unit and sold or used as an independent product, it can be stored in a computer-readable storage medium. Based on this understanding, the present invention realizes all or part of the processes in the methods of the above embodiments, and can also be completed by instructing related hardware through a computer program. The computer program can be stored in a computer-readable storage medium, and the computer When the program is executed by the processor, the steps in the above-mentioned various method embodiments can be realized. Wherein, the computer program includes computer program code, and the computer program code may be in the form of source code, object code, executable file or some intermediate form. The computer-readable medium may include: any entity or device capable of carrying the computer program code, a recording medium, a U disk, a removable hard disk, a magnetic disk, an optical disk, a computer memory, and a read-only memory (ROM, Read-Only Memory) , Random Access Memory (RAM, Random Access Memory), electrical carrier signal, telecommunication signal, and software distribution medium, etc. It should be noted that the content contained in the computer-readable medium may be appropriately increased or decreased according to the requirements of legislation and patent practice in the jurisdiction. For example, in some jurisdictions, computer-readable media Excludes electrical carrier signals and telecommunication signals.

以上所述实施例仅用以说明本发明的技术方案,而非对其限制;尽管参照前述实施例对本发明进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本发明各实施例技术方案的精神和范围,均应包含在本发明的保护范围之内。The above-described embodiments are only used to illustrate the technical solutions of the present invention, rather than to limit them; although the present invention has been described in detail with reference to the foregoing embodiments, those of ordinary skill in the art should understand that: it can still carry out the foregoing embodiments Modifications to the technical solutions recorded in the examples, or equivalent replacement of some of the technical features; and these modifications or replacements do not make the essence of the corresponding technical solutions deviate from the spirit and scope of the technical solutions of the various embodiments of the present invention, and should be included in within the protection scope of the present invention.

Claims (10)

1.一种种子密钥的存储方法,其特征在于,包括:1. A storage method for a seed key, comprising: 根据预设规则将种子密钥划分为至少两部分种子密钥信息;dividing the seed key into at least two parts of seed key information according to preset rules; 将至少一部分种子密钥信息由用户和/或第三方保存,并将其余的、至少一部分种子密钥信息保存于移动终端。At least a part of the seed key information is stored by the user and/or a third party, and the rest, at least a part of the seed key information is stored in the mobile terminal. 2.如权利要求1所述的种子密钥的存储方法,其特征在于,根据预设规则将种子密钥划分为至少两部分种子密钥信息包括:2. The storage method of the seed key as claimed in claim 1, wherein the seed key is divided into at least two parts according to preset rules and the seed key information comprises: 所述预设规则为第一预设规则,在OTP激活阶段,所述种子密钥由服务器整体下发给所述移动终端,根据第一预设规则将整体的种子密钥划分为至少两部分种子密钥信息;或者The preset rule is a first preset rule. In the OTP activation stage, the seed key is issued to the mobile terminal as a whole by the server, and the whole seed key is divided into at least two parts according to the first preset rule. seed key information; or 所述预设规则为第二预设规则,在OTP激活阶段,所述种子密钥的若干个计算因子由服务器下发给所述移动终端,根据第二预设规则将所述种子密钥的若干个计算因子划分为至少两部分种子密钥信息。The preset rule is a second preset rule. In the OTP activation stage, several calculation factors of the seed key are sent to the mobile terminal by the server, and the seed key is calculated according to the second preset rule. Several calculation factors are divided into at least two parts of seed key information. 3.如权利要求1所述的种子密钥的存储方法,其特征在于,还包括:3. The storage method of the seed key as claimed in claim 1, further comprising: 在启动OTP时,获取用户输入的由用户保存和/或用户从第三方得到的种子密钥信息,获取所述移动终端保存的种子密钥信息;When starting the OTP, obtain the seed key information that is saved by the user and/or the user obtains from a third party input by the user, and obtain the seed key information saved by the mobile terminal; 根据获取的全部种子密钥信息恢复种子密钥明文;Recover the plaintext of the seed key according to all the obtained seed key information; 根据所述种子密钥明文和动态口令算法计算动态口令。Calculate the dynamic password according to the plain text of the seed key and the dynamic password algorithm. 4.如权利要求1所述的种子密钥的存储方法,其特征在于,保存于所述移动终端的种子密钥信息是经过加密后再保存于所述移动终端。4. The method for storing the seed key according to claim 1, wherein the seed key information stored in the mobile terminal is encrypted and then stored in the mobile terminal. 5.如权利要求4所述的种子密钥的存储方法,其特征在于,还包括:5. The storage method of the seed key as claimed in claim 4, further comprising: 根据第三预设规则将加密种子密钥信息的加密因子划分为至少两部分加密因子信息;dividing the encryption factor of the encrypted seed key information into at least two parts of encryption factor information according to a third preset rule; 将至少一部分加密因子信息由用户和/或第三方保存,并将其余的、至少一部分加密因子信息保存或加密后保存于所述移动终端。At least a part of the encryption factor information is stored by the user and/or a third party, and the rest, at least a part of the encryption factor information is stored or encrypted and stored in the mobile terminal. 6.一种种子密钥的存储装置,其特征在于,包括:6. A storage device for a seed key, comprising: 种子密钥划分模块,用于根据预设规则将种子密钥划分为至少两部分种子密钥信息;A seed key division module, configured to divide the seed key into at least two parts of seed key information according to preset rules; 第一信息处理模块,用于将至少一部分种子密钥信息由用户和/或第三方保存,并将其余的、至少一部分种子密钥信息保存于移动终端。The first information processing module is configured to store at least a part of the seed key information by the user and/or a third party, and store the rest, at least a part of the seed key information, in the mobile terminal. 7.如权利要求6所述的种子密钥的存储装置,其特征在于,所述种子密钥划分模块具体用于:7. The storage device of the seed key as claimed in claim 6, wherein the seed key division module is specifically used for: 所述预设规则为第一预设规则,在OTP激活阶段,所述种子密钥由服务器整体下发给所述移动终端,根据第一预设规则将整体的种子密钥划分为至少两部分种子密钥信息;或者The preset rule is a first preset rule. In the OTP activation stage, the seed key is issued to the mobile terminal as a whole by the server, and the whole seed key is divided into at least two parts according to the first preset rule. seed key information; or 所述预设规则为第二预设规则,在OTP激活阶段,所述种子密钥的若干个计算因子由服务器下发给所述移动终端,根据第二预设规则将所述种子密钥的若干个计算因子划分为至少两部分种子密钥信息;The preset rule is a second preset rule. In the OTP activation stage, several calculation factors of the seed key are sent to the mobile terminal by the server, and the seed key is calculated according to the second preset rule. Several calculation factors are divided into at least two parts of seed key information; 所述装置还包括:The device also includes: 信息获取模块,用于在启动OTP时,获取用户输入的由用户保存和/或用户从第三方得到的种子密钥信息,获取所述移动终端保存的种子密钥信息;The information acquisition module is used to obtain the seed key information that is saved by the user and/or obtained by the user from a third party input by the user when starting the OTP, and obtains the seed key information saved by the mobile terminal; 种子密钥恢复模块,用于根据获取的全部种子密钥信息恢复种子密钥明文;The seed key recovery module is used to restore the plaintext of the seed key according to all the obtained seed key information; 动态口令计算模块,用于根据所述种子密钥明文和动态口令算法计算动态口令。The dynamic password calculation module is used to calculate the dynamic password according to the plain text of the seed key and the dynamic password algorithm. 8.如权利要求6所述的种子密钥的存储装置,其特征在于,保存于所述移动终端的种子密钥信息是经过加密后再保存于所述移动终端;8. The storage device of the seed key according to claim 6, wherein the seed key information stored in the mobile terminal is encrypted and then stored in the mobile terminal; 所述装置还包括:The device also includes: 加密因子划分模块,用于根据第三预设规则将加密种子密钥信息的加密因子划分为至少两部分加密因子信息;An encryption factor division module, configured to divide the encryption factor of the encrypted seed key information into at least two parts of the encryption factor information according to a third preset rule; 第二信息处理模块,用于将至少一部分加密因子信息由用户和/或第三方保存,并将其余的、至少一部分加密因子信息保存或加密后保存于所述移动终端。The second information processing module is configured to store at least a part of the encryption factor information by the user and/or a third party, and store or encrypt the rest, at least a part of the encryption factor information, in the mobile terminal. 9.一种移动终端,包括存储器、处理器以及存储在所述存储器中并可在所述处理器上运行的计算机程序,其特征在于,所述处理器执行所述计算机程序时实现如权利要求1至5任一项所述方法的步骤。9. A mobile terminal, comprising a memory, a processor, and a computer program stored in the memory and operable on the processor, characterized in that, when the processor executes the computer program, the computer program according to claim The step of any one of 1 to 5. 10.一种计算机可读存储介质,所述计算机可读存储介质存储有计算机程序,其特征在于,所述计算机程序被处理器执行时实现如权利要求1至5任一项所述方法的步骤。10. A computer-readable storage medium, the computer-readable storage medium storing a computer program, characterized in that, when the computer program is executed by a processor, the steps of the method according to any one of claims 1 to 5 are implemented .
CN201810043839.1A 2018-01-17 2018-01-17 Seed key storage method, device and mobile terminal Expired - Fee Related CN108400868B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810043839.1A CN108400868B (en) 2018-01-17 2018-01-17 Seed key storage method, device and mobile terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810043839.1A CN108400868B (en) 2018-01-17 2018-01-17 Seed key storage method, device and mobile terminal

Publications (2)

Publication Number Publication Date
CN108400868A true CN108400868A (en) 2018-08-14
CN108400868B CN108400868B (en) 2021-06-15

Family

ID=63094569

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810043839.1A Expired - Fee Related CN108400868B (en) 2018-01-17 2018-01-17 Seed key storage method, device and mobile terminal

Country Status (1)

Country Link
CN (1) CN108400868B (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109389397A (en) * 2018-09-28 2019-02-26 北京金山安全软件有限公司 Hardware wallet
CN110069949A (en) * 2019-04-19 2019-07-30 浙江鲸腾网络科技有限公司 A kind of electronic contract signature method, apparatus, equipment and medium
CN110166425A (en) * 2019-04-09 2019-08-23 北京奇艺世纪科技有限公司 Data processing method, device, system and computer readable storage medium
CN112636907A (en) * 2020-12-18 2021-04-09 深圳前海微众银行股份有限公司 Key management method, key using method, device and equipment
CN113507368A (en) * 2021-06-17 2021-10-15 北京惠而特科技有限公司 Industrial control equipment identity authentication method and device based on dynamic password
CN113595727A (en) * 2021-09-26 2021-11-02 南京慧链和信数字信息科技研究院有限公司 Key safety system based on key separate storage and hardware binding
CN113806787A (en) * 2021-11-19 2021-12-17 苏州浪潮智能科技有限公司 A kind of method, device, device and readable medium for automatic decryption of ARM platform
CN115021910A (en) * 2022-05-31 2022-09-06 苏州浪潮智能科技有限公司 Server reset password management method, device, equipment and storage medium

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100211787A1 (en) * 2009-02-19 2010-08-19 Leonid Bukshpun Chaotic cipher system and method for secure communication
CN101826957A (en) * 2010-01-19 2010-09-08 北京信安世纪科技有限公司 Dynamic token seed key injection method
WO2011089143A1 (en) * 2010-01-20 2011-07-28 Intrinsic Id B.V. Device and method for obtaining a cryptographic key
CN103746801A (en) * 2014-01-21 2014-04-23 北京智控美信信息技术有限公司 Method for protecting dynamic password seed key on smart phone or tablet personal computer
CN106330868A (en) * 2016-08-14 2017-01-11 北京数盾信息科技有限公司 Encrypted storage key management system and method of high-speed network
CN106878005A (en) * 2016-12-23 2017-06-20 中国电子科技集团公司第三十研究所 A root key management method and device based on network friends
CN106961336A (en) * 2017-04-18 2017-07-18 北京百旺信安科技有限公司 A kind of key components trustship method and system based on SM2 algorithms

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100211787A1 (en) * 2009-02-19 2010-08-19 Leonid Bukshpun Chaotic cipher system and method for secure communication
CN101826957A (en) * 2010-01-19 2010-09-08 北京信安世纪科技有限公司 Dynamic token seed key injection method
WO2011089143A1 (en) * 2010-01-20 2011-07-28 Intrinsic Id B.V. Device and method for obtaining a cryptographic key
CN103746801A (en) * 2014-01-21 2014-04-23 北京智控美信信息技术有限公司 Method for protecting dynamic password seed key on smart phone or tablet personal computer
CN106330868A (en) * 2016-08-14 2017-01-11 北京数盾信息科技有限公司 Encrypted storage key management system and method of high-speed network
CN106878005A (en) * 2016-12-23 2017-06-20 中国电子科技集团公司第三十研究所 A root key management method and device based on network friends
CN106961336A (en) * 2017-04-18 2017-07-18 北京百旺信安科技有限公司 A kind of key components trustship method and system based on SM2 algorithms

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
张剑主编: "2.4 密钥管理", 《信息安全技术》 *
邱卫东主编: "密钥共享Secret key sharing", 《英汉信息安全技术辞典》 *

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109389397A (en) * 2018-09-28 2019-02-26 北京金山安全软件有限公司 Hardware wallet
CN109389397B (en) * 2018-09-28 2021-11-26 北京金山安全软件有限公司 Hardware wallet
CN110166425A (en) * 2019-04-09 2019-08-23 北京奇艺世纪科技有限公司 Data processing method, device, system and computer readable storage medium
CN110166425B (en) * 2019-04-09 2021-08-20 北京奇艺世纪科技有限公司 Data processing method, device, system and computer readable storage medium
CN110069949A (en) * 2019-04-19 2019-07-30 浙江鲸腾网络科技有限公司 A kind of electronic contract signature method, apparatus, equipment and medium
CN112636907A (en) * 2020-12-18 2021-04-09 深圳前海微众银行股份有限公司 Key management method, key using method, device and equipment
CN112636907B (en) * 2020-12-18 2023-04-18 深圳前海微众银行股份有限公司 Key management method, key using method, device and equipment
CN113507368A (en) * 2021-06-17 2021-10-15 北京惠而特科技有限公司 Industrial control equipment identity authentication method and device based on dynamic password
CN113595727A (en) * 2021-09-26 2021-11-02 南京慧链和信数字信息科技研究院有限公司 Key safety system based on key separate storage and hardware binding
CN113806787A (en) * 2021-11-19 2021-12-17 苏州浪潮智能科技有限公司 A kind of method, device, device and readable medium for automatic decryption of ARM platform
CN115021910A (en) * 2022-05-31 2022-09-06 苏州浪潮智能科技有限公司 Server reset password management method, device, equipment and storage medium

Also Published As

Publication number Publication date
CN108400868B (en) 2021-06-15

Similar Documents

Publication Publication Date Title
CN108400868A (en) Storage method, device and the mobile terminal of seed key
CN108038112B (en) File processing method, mobile terminal and computer readable storage medium
CN107431924A (en) Device Theft Prevention Linking Device Identifiers and User Identifiers
CN109660352B (en) Block chain-based distribution relation recording method and device and terminal equipment
CN108694578A (en) Payment method, payment device, terminal device and computer-readable storage medium
US20230245118A1 (en) Point-to-point (p2p)-based data processing method and system, computing device, and storage medium
WO2019019702A1 (en) Algorithm generation method and device, terminal device and storage medium
CN112131593A (en) Information-based feature encryption method, device, equipment and storage medium
CN107864039A (en) A kind of application signature method, terminal and computer-readable recording medium
CN107368735A (en) One kind applies installation method, mobile terminal and computer-readable recording medium
CN107317928A (en) Information processing method, mobile terminal and computer-readable recording medium
CN109104481B (en) File integrity detection method, file integrity detection device and terminal equipment
CN107248078A (en) Mobile payment means of defence, mobile terminal and computer-readable recording medium
CN108363915A (en) unlocking method, mobile terminal and computer readable storage medium
CN107506494A (en) File processing method, mobile terminal, and computer-readable storage medium
CN107301236A (en) Application searches method, mobile terminal, server and computer-readable recording medium
CN107330058A (en) Application search method, mobile terminal and computer-readable storage medium
CN106445699A (en) Method and terminal for integrating social contact application program
WO2023134259A1 (en) Point-to-point-based data processing method and system, computing device, and storage medium
CN108520186A (en) Screen recording method, mobile terminal and computer readable storage medium
CN107332988A (en) Information processing method, mobile terminal, and computer-readable storage medium
CN107783932A (en) Information processing method, mobile terminal and the computer-readable recording medium of calculator
CN109324843B (en) Fingerprint processing system and method and fingerprint equipment
CN108985758B (en) Data processing method, data processing system and terminal device
CN107911220A (en) A kind of endorsement method, signature apparatus and terminal device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20210615

CF01 Termination of patent right due to non-payment of annual fee