CN101345623B - Control system and method with authentication function - Google Patents
Control system and method with authentication function Download PDFInfo
- Publication number
- CN101345623B CN101345623B CN2007101281623A CN200710128162A CN101345623B CN 101345623 B CN101345623 B CN 101345623B CN 2007101281623 A CN2007101281623 A CN 2007101281623A CN 200710128162 A CN200710128162 A CN 200710128162A CN 101345623 B CN101345623 B CN 101345623B
- Authority
- CN
- China
- Prior art keywords
- key
- gold medal
- information
- medal key
- golden
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
A control system with authentication function for protecting program inventor developed and device. The system comprises a first device including a executive program for controlling the first device and a first key which has information enciphering function and deciphering function; a second device including a control program and a second key which has information enciphering and deciphering function, connecting with the first device through a communication interface; in addition, enciphered information of the first key must be deciphered by using the second key, and enciphered information of the second key must be deciphered by using the first key, the first key and second key needs to cooperate for authentication and the first device and second device will execute function.
Description
Technical field
The present invention is about a kind of authenticate device and relevant method thereof; being meant that especially a kind of this authenticate device and method of making reaches the protection program that the inventor developed and the effect of equipment, is control system and the method that has authentication function about a kind of specifically.
Background technology
At present general common remote controlled instrument, the order of control all is disclosed on the communication interface of standard, has the inclination the personage as long as the identical command format of design can use ready-made software, causes the loss of the opticians that develops software; The chamber of commerce of part instrument plant uses special communication interface to avoid being plagiarized, but develops new communication interface, also will improve the difficulty of cost of developing and maintenance.And at software partly; general common protected mode such as registration code, software startup etc.; all can't effectively prevent to crack; and use hardware lock to select for another, but equally also can increase the cost of product, also owing to have the hardware lock of certain Cipher Strength few on the market; naturally become all hackers' target of attack; its manufacturer also need disclose the mode of its exploitation and give software vendor, cracks a hardware lock as long as cause, and all use the software protection of this product all to disintegrate.
" the IC smart card security system " that No. the 480435th, general prior art such as Taiwan patent announcement wherein comprises:
One is installed in the computer, is used to store the complementary metal oxide-semiconductor memory (CMOS memory) of Identification Data (authenticating data);
One is used to store the backup media of backup password; And
A kind of device is used for handling the above-mentioned Identification Data of (processing) above-mentioned complementary metal oxide-semiconductor memory, the above-mentioned password in the above-mentioned IC smart card, and the above-mentioned backup password in the above-mentioned backup media; Wherein computer is started after confirming the backup password and Identification Data is consistent.
Though above-mentioned prior art can reach the function of encrypting and deciphering, but since its add, decrypted program is fixing pattern and can't randomly changing, and in this system, need earlier in all kinds of devices, to pick out device under it with Identification Data, utilize the backup password to confirm action again, add, only have unidirectional protection mechanism when deciphering, the password of this setting can't be done dynamic change again; So also can't meet the required of user with general prior art.
Summary of the invention
The present invention is in view of the disappearance of above-mentioned prior art; develop a cover authenticate device and a method; can can guarantee that the user is when using the program that the present invention developed by this device and method; the equipment that the present invention developed of must arranging in pairs or groups simultaneously; for protecting inventor's rights and interests really, be to propose the present invention, by proposition of the present invention; improve the disappearance of existing technology, with beneficial to the relevant design manufacturer.
The object of the present invention is to provide a kind of authenticate device and relevant method thereof, be used to make this authenticate device and method to reach the protection program that the inventor developed and the effect of equipment.
The control system that the present invention has authentication function comprises one first device and one second device.
First device comprises an executive program and one first gold medal key, and the first gold medal key has the function of information encryption and deciphering, and executive program is in order to control this first device, and second device sees through a communication interface and is connected with first device; Second device comprises a control program and one second gold medal key, and the second gold medal key has the function of information encryption and deciphering.In addition, the enciphered message of the first gold medal key must be utilized the deciphering of the second gold medal key, and the enciphered message of the second gold medal key must be utilized the deciphering of the first gold medal key, and control program may command executive program, executive program system is in order to control first device, the first gold medal key and the second gold medal key need be arranged in pairs or groups simultaneously to meet authentication, and first device and second device could be carried out function.
Design of the present invention belongs to the symmetric key enciphered method; because what it added, decrypted program is randomly changing; and first device directly is connected with second device; directly the golden key of utilization itself is directly confirmed the action of other party information; the second gold medal key can be decrypted the first device institute information encrypted; passback compares to first device again, so can reach the effect of bidirectional protective mechanism.
Its step produces a first information at random by first device, and utilize the first gold medal key to encrypt to produce first enciphered message, again this first enciphered message is sent to second device, second device utilizes the second gold medal key that first enciphered message is deciphered, and obtain one second information, second device is back to first device with second information, first device judges whether second information is identical with the first information, if comparison result is inequality, then get back to initial step, represent this second to install the not tool second gold medal key, non-qualified device can't calculate out correct information, if the identical then authentication of comparison result is finished, represent both sides to be all qualified device, second device is obtained the control authority of first device.
Because the information that each first device and second device are sent is at random; also might be false; therefore on the channel of communication interface; the information of tackling is all inequality at every turn; can't conclude via information and obtain content; and the first gold medal key and the second gold medal key in the end the execution phase just makes up; so can't obtain correct golden key content by cracking; so see through such mechanism; can make this control system reach bidirectional protective mechanism with authentication function; and encrypt; decrypted program adds mess code at random; be rigid in checking up make it not be subjected to intentionally the personage cracks, the present invention can guarantee that the user when using program that the present invention developed and equipment, must comprise certain machine; our instrument of some; certainly, this control system with authentication function is still possessed the elasticity that can expand other hardware arbitrarily.
Be with, by the control system that the invention described above disclosed and the illustrated example of method with authentication function, program that the present invention developed and equipment can reach shielded effect really.
Description of drawings
Fig. 1: the schematic diagram of the control system of authentication function of the present invention.
Fig. 2: the first embodiment flow chart of the authentication method of control system of the present invention.
Fig. 3: the second embodiment flow chart of the authentication method of control system of the present invention.
Drawing reference numeral:
100: control system
110: the first devices
111: executive program
112: the first gold medal keys
120: the second devices
121: control program
122: the second gold medal keys
130: communication interface
S1~S6: each steps flow chart
S1 '~S6 ': each steps flow chart
Embodiment
About control system and the method with authentication function of the present invention, can be further understood by following detailed Description Of The Invention and appended graphic.
Because the communication interface of instrument has very many kinds at present, as GPIB, RS232/482/485, USB, Ethernet etc., therefore the present invention will be to be applicable to all machines, when these common communication interfaces were used for message transmission, its content can be monitored, and meaning these communication datas is full disclosures, so the present invention designs a kind of authenticate device and relevant method thereof, even the communication data full disclosure also can reach secret effect, below will be described in detail design of the present invention.
At first, please consult Fig. 1 earlier, the basic conception that it designs for the present invention, the schematic diagram that also has the control system of authentication function for the present invention, this control system 100 comprises one first device, 110 and 1 second device 120.
Wherein, first device 110 comprises an executive program 111 and one first gold medal key 112, the first gold medal key 112 has the function of information encryption and deciphering, the executive program 111 of first device 110 is in order to control this first device 110, second device 120 can be a system master end, a personal computer (PC), a PDA(Personal Digital Assistant), an e-schoolbag or an electronic game equipment etc., see through a communication interface 130 and be connected with this first device 110, communication interface 130 comprises GPIB, RS232, RS482, RS485, USB, Ethernet or above-mentioned combination; Second device 120 comprises a control program 121 and one second gold medal key, 122, the second gold medal keys 122 have the function of information encryption and deciphering, and above encryption, the algorithm of decryption technology comprise DES, Triple-DES, AES, RC5, RC6 or above-mentioned combination; The enciphered message of the first gold medal key 112 and the second gold medal key 122 can be an authentication code or a random number at random.In addition, the enciphered message of the first gold medal key 112 must be utilized 122 deciphering of the second gold medal key, and the enciphered message of the second gold medal key 122 must be utilized 112 deciphering of the first gold medal key, and control program 121 may command executive programs 112, executive program 112 is in order to control first device 110, the first gold medal key 112 and the second gold medal key 122 need be arranged in pairs or groups simultaneously to meet authentication, and first device, 110 and second device 120 could be carried out function.
Design of the present invention belongs to the symmetric key enciphered method; because it adds, decrypted program is randomly changing; and first device 110 directly is connected with second device 120; directly the golden key of utilization itself is directly confirmed the action of other party information; the second gold medal key 122 can be decrypted 110 information encrypted of first device; passback compares to first device 110 again, so can reach the effect of bidirectional protective mechanism.
Please consult Fig. 2 earlier, it is the first embodiment flow chart of the authentication method of control system of the present invention, first device produces a first information at random, and utilize the first gold medal key to encrypt to produce first enciphered message (step S 1), again this first enciphered message is sent to second device (step S2), second device utilizes the second gold medal key that first enciphered message is deciphered, and obtain one second information (step S3), second device is back to first device (step S4) with second information, first device is judged second information whether identical with the first information (step S5), if comparison result is inequality, then get back to step S1, represent this second to install the not tool second gold medal key, non-qualified device can't calculate out correct information, if the identical then authentication of comparison result is finished, represent both sides to be all qualified device, second device is obtained the control authority (step S6) of first device.
Please consult Fig. 3 earlier, it is the second embodiment flow chart of the authentication method of control system of the present invention, its step is similar to first embodiment, different be in, first device is exchanged with the function of second device, second device produces a first information at random, and utilize the second gold medal key to encrypt to produce first enciphered message (step S1 '), again this first enciphered message is sent to first device (step S2 '), first device utilizes the first gold medal key that first enciphered message is deciphered, and obtain one second information (step S3 '), first device is back to second device (step S4 ') with second information, and whether identical with the first information second device judge second information (step S5 '), inequality as if comparison result, then get back to step S1 ', represent this first to install the not tool first gold medal key, non-qualified device can't calculate out correct information, if the identical then authentication of comparison result is finished, represent both sides to be all qualified device, first device is obtained the control authority (step S6 ') of second device.
The first gold medal key 112 can be divided into a part of fixing golden key, the dynamic golden key of a part, the second gold medal key 122 also is divided into the fixing golden key of a part, a part of dynamic golden key, dynamic golden key is to produce at random, the content of Chan Shenging is neither identical each time, the dynamic golden key of the first gold medal key 112 sees through in the execution phase and passes to second device 120 after specific coding is encrypted, second device 120 receives the first gold medal key, the 112 dynamic golden keys behind this part coding encrypting, the complete second gold medal key 122 is formed with the fixing golden key of other part second gold medal key in the decoding back, this moment, the second gold medal key 122 was identical with the first gold medal key 112, but certain some of the first gold medal key 112 is to see through dynamically to produce coding transmission again, can allow golden key each neither together, the personage cracks to avoid intentionally.
Because each first device, 110 and second device, 120 information of sending are at random; also might be false; therefore on the channel of communication interface; the information of tackling is all inequality at every turn; can't conclude via information and obtain content; and the first gold medal key 112 and the second gold medal key 122 in the end the execution phase just makes up; so can't obtain correct golden key content by cracking; so see through such mechanism; can make this control system with authentication function 100 reach bidirectional protective mechanism; and encrypt; decrypted program adds mess code at random; be rigid in checking up make it not be subjected to intentionally the personage cracks; the present invention can guarantee that the user is when use program that the inventor developed and equipment; our instrument that must comprise certain machine; mean second device 120 and be necessary device with second gold medal key 122; and our instrument that must include some; meaning the second gold medal key 122 can be divided into a plurality of parts gold keys and be located in second device 120; certainly, this control system with authentication function is still possessed the elasticity that can expand other hardware arbitrarily.
Be with, by the control system that the invention described above disclosed and the illustrated example of method with authentication function, program that the inventor developed and equipment can reach shielded effect really.
Though the present invention illustrates as above with preferred embodiments, so it is not in order to limit spirit of the present invention and the invention entity only terminates in the foregoing description.Be with, the modification of being done in not breaking away from spirit of the present invention and scope all should be included in the claim scope.
Claims (7)
1. control system with authentication function comprises:
One first device, comprise an executive program and one first gold medal key, the described first gold medal key has the function of information encryption and deciphering, and the described first gold medal key is divided into fixing golden key of a part and the dynamic golden key of a part, and described partial dynamic gold key is produced at random by described first device; And
One second device links with described first device, and it comprises a control program and one second gold medal key, and the described second gold medal key has the function of information encryption and deciphering, and the described second gold medal key is divided into fixing golden key of a part and the dynamic golden key of a part;
Wherein, the enciphered message of the described first gold medal key must be utilized described second gold medal key deciphering, and the enciphered message of the described second gold medal key must be utilized described first gold medal key deciphering, and the described executive program of described control program may command, the dynamic golden key of the first gold medal key passes to second device after encrypting in the execution phase, second device receives the dynamic golden key of the first gold medal key after this encryption, and the second complete gold medal key is formed with the fixing golden key of the second gold medal key in the decoding back.
2. control system as claimed in claim 1, it is characterized in that, as binding, described communication interface comprises GPIB, RS232, RS482, RS485, USB, Ethernet or above-mentioned combination with a communication interface for described first device and described second device.
3. control system as claimed in claim 1 is characterized in that, the algorithm of described encryption and decryption technology comprises DES, Triple-DES, AES, RC5, RC6 or above-mentioned combination.
4. the authentication method of a control system, described control system comprises that one first device has one first gold medal key, the described first gold medal key is divided into fixing golden key of a part and the dynamic golden key of a part, and one second device have one second gold medal key, the described second gold medal key is divided into fixing golden key of a part and the dynamic golden key of a part, wherein, the dynamic golden key of the first gold medal key passes to second device after encrypting in the execution phase, second device receives the dynamic golden key of the first gold medal key after this encryption, the second complete gold medal key is formed with the fixing golden key of the second gold medal key in the decoding back, and described authentication method comprises:
A. described first device produces a first information at random, and utilizes the described first information of described first key pair to encrypt to produce first enciphered message;
B. described first device is sent to described second device with described first enciphered message;
C. described second device utilizes the described second gold medal key that described first enciphered message is deciphered, and obtains one second information;
D. described second device is back to described first device with described second information;
E. described first device judges whether described second information is identical with the described first information, and then described if yes second device is obtained the control authority of described first device.
5. authentication method as claimed in claim 4, it is characterized in that, described (a) step can be described first device and produces a first information at random, and utilizes the described first information of described first key pair and the part first gold medal key content to encrypt to produce first enciphered message.
6. authentication method as claimed in claim 4, it is characterized in that, as binding, described communication interface comprises GPIB, RS232, RS482, RS485, USB, Ethernet or above-mentioned combination with a communication interface for described first device and described second device.
7. authentication method as claimed in claim 4 is characterized in that, the algorithm of described encryption and decryption technology comprises DES, Triple-DES, AES, RC5, RC6 or above-mentioned combination.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007101281623A CN101345623B (en) | 2007-07-09 | 2007-07-09 | Control system and method with authentication function |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007101281623A CN101345623B (en) | 2007-07-09 | 2007-07-09 | Control system and method with authentication function |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101345623A CN101345623A (en) | 2009-01-14 |
| CN101345623B true CN101345623B (en) | 2010-11-10 |
Family
ID=40247520
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2007101281623A Active CN101345623B (en) | 2007-07-09 | 2007-07-09 | Control system and method with authentication function |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101345623B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101584652B (en) * | 2009-06-19 | 2012-06-20 | 上海医药集团股份有限公司 | Risperidone sustained-release gel injection and preparation method thereof |
| CN104410474B (en) * | 2014-08-26 | 2017-09-26 | 苏州佳世达电通有限公司 | A kind of communication system and the means of communication |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1527208A (en) * | 2003-09-25 | 2004-09-08 | 联想(北京)有限公司 | Method and device for realizing computer safety and enciphering based on identity confirmation |
| CN1559117A (en) * | 2001-11-29 | 2004-12-29 | Use of a public key pair in terminal equipment for authentication and authorization of telecommunication user with network operator and business partner | |
| CN1558584A (en) * | 2004-02-01 | 2004-12-29 | 中兴通讯股份有限公司 | Safety proxy method |
| CN1695340A (en) * | 2002-09-19 | 2005-11-09 | 索尼株式会社 | Data processing method, its program, and its device |
-
2007
- 2007-07-09 CN CN2007101281623A patent/CN101345623B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1559117A (en) * | 2001-11-29 | 2004-12-29 | Use of a public key pair in terminal equipment for authentication and authorization of telecommunication user with network operator and business partner | |
| CN1695340A (en) * | 2002-09-19 | 2005-11-09 | 索尼株式会社 | Data processing method, its program, and its device |
| CN1527208A (en) * | 2003-09-25 | 2004-09-08 | 联想(北京)有限公司 | Method and device for realizing computer safety and enciphering based on identity confirmation |
| CN1558584A (en) * | 2004-02-01 | 2004-12-29 | 中兴通讯股份有限公司 | Safety proxy method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101345623A (en) | 2009-01-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100452075C (en) | Security control methods for date transmission process of software protection device and device thereof | |
| CN100446018C (en) | Secure information storage method and information security apparatus thereof | |
| CN101149774A (en) | Methods and apparatuses for securing firmware image download and storage by distribution protection | |
| EP3803673A1 (en) | Dongle for ciphering data | |
| CN102065148A (en) | Memory system access authorizing method based on communication network | |
| CN111295654B (en) | Method and system for securely transferring data | |
| CN101908113B (en) | Authentication method and authentication system | |
| CN108323230B (en) | Method for transmitting key, receiving terminal and distributing terminal | |
| CN104322003A (en) | Cryptographic authentication and identification method using real-time encryption | |
| US11677546B2 (en) | Methods and systems of securely transferring data | |
| CN101471943A (en) | Methods for authenticating a hardware device and providing a secure channel to deliver data | |
| CN104268447A (en) | Encryption method of embedded software | |
| CN100583174C (en) | Data safety processing method using online banking system safety terminal | |
| CN103460260B (en) | By the method for the specific cipher key operation money box of client | |
| CN100410829C (en) | Granting an access to a computer-based object | |
| CN101622818A (en) | IC tag system | |
| CN101345623B (en) | Control system and method with authentication function | |
| CN101902610B (en) | Method for realizing safety communication between IPTV set-top box and intelligent card | |
| CN111542050B (en) | TEE-based method for guaranteeing remote initialization safety of virtual SIM card | |
| CN2886687Y (en) | Software protection device with data transmission process security control | |
| CN108235807B (en) | Software encryption terminal, payment terminal, software package encryption and decryption method and system | |
| CN102236754B (en) | Data security method and electronic device using same | |
| CN105184116A (en) | Intelligent equipment software encryption and personal authentication device and method | |
| CN102176711A (en) | System and method for information security protection of advertisement kiosk | |
| CN102404119B (en) | The method to set up of cryptographic key factors of dynamic tokens, dynamic token and server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |