Great research starts with great data.

Learn More
More >
Patent Analysis of

Key generating method and apparatus

Updated Time 12 June 2019

Patent Registration Data

Publication Number

US10003462

Application Number

US14/867106

Application Date

28 September 2015

Publication Date

19 June 2018

Current Assignee

HUAWEI TECHNOLOGIES CO., LTD.

Original Assignee (Applicant)

HUAWEI TECHNOLOGIES CO., LTD.

International Classification

H04L9/08,G06T3/40,G06K9/52,G06K9/46

Cooperative Classification

H04L9/0866,G06K9/52,G06T3/40,H04L9/0861,G06K2009/4666

Inventor

XU, LEI,ZHAI, ZHENGDE

Patent Images

This patent contains figures and images illustrating the invention and its embodiment.

US10003462 Key generating 1 US10003462 Key generating 2 US10003462 Key generating 3
See all images <>

Abstract

A key generating method and apparatus, where the method includes acquiring complete picture data of a complete picture; displaying a partial picture of the complete picture in a display window; capturing a first picture from the partial picture, and generating first picture data of the first picture; and generating a key according to the first picture data.

Read more

Claims

1. A key generating method for securing an electronic device, wherein the method comprises: receiving, by the electronic device, a selection of a complete picture; displaying at least a partial picture of the complete picture in a display window of the electronic device; receiving an input; acquiring a region in the partial picture based, at least in part, on the input; representing the region as a square set; forming a string based, at least in part, on squares in the square set; generating a key based, at least in part, on the string; encrypting unencrypted data stored on the electronic device using the key; and decrypting encrypted data stored on the electronic device using the key,wherein acquiring the region comprises: detecting a closed region defined by the input; determining a first square is part of the region when the first square is entirely within the closed region; determining a portion of the first square within the region when the portion of the first square is within the closed region; determining the first square is part of the region when the portion of the first square is greater than a threshold; and determining the first square is not part of the region when the portion of the first square is less than a threshold.

2. The method of claim 1, wherein receiving the input comprises at least one of: receiving a touch at a touch screen of the electronic device; and receiving a command from an input device of the electronic device.

3. The method of claim 1, wherein forming the string comprises connecting all squares within the closed region to form the string.

4. The method of claim 1, wherein generating the key comprises performing a hash on the string.

Read more

Claim Tree

  • 1
    1. A key generating method for securing an electronic device, wherein
    • the method comprises:
    • 2. The method of claim 1, wherein
      • receiving the input comprises
    • 3. The method of claim 1, wherein
      • forming the string comprises
    • 4. The method of claim 1, wherein
      • generating the key comprises
See all independent claims <>

Description

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation of International Application No. PCT/CN2014/075369, filed on Apr. 15, 2014, which claims priority to Chinese Patent Application No. 201310518424.2, filed on Oct. 28, 2013, both of which are hereby incorporated by reference in their entireties.

TECHNICAL FIELD

The present disclosure relates to the field of mobile communications, and in particular, to a key generating method and apparatus.

BACKGROUND

With the popularization of smart devices, how to protect data in smart devices becomes a very important issue. Encryption is an effective method for implementing data protection. When an encryption system is deployed in a smart device, one of key issues is to ensure security of an encrypted key. Generally, to protect an encrypted key, the key cannot be stored in a plaintext format in a smart device; instead, each time a key is needed, a key is generated by using input of a user in interaction with the user.

In the prior art, a smart device provides an interface for a user, the user enters an American Standard Code for Information Interchange (ASCII) character string on the interface, and the character string and a salt value selected by the smart device are connected and then input to a key generating function, to generate a key; or a smart device provides an interface for a user, the user selects a group of pictures on the interface, where each picture is assigned a unique identifier (ID), and the IDs of the pictures selected by the user and a salt value are used as input to a key generating function, to generate a key.

Therefore, in the method of using a character string or a group of sequential pictures as input to a key generating function in the prior art, a user usually needs to memorize input of the user, which brings inconvenience for use by the user, and an input entropy of the key generating function is relatively small, which is prone to an attack by an attacker.

SUMMARY

Embodiments of the present disclosure provide a key generating method and apparatus, which can bring convenience for memorization and use by a user and can also improve security of a key.

According to a first aspect, an embodiment of the present disclosure provides a key generating method, where the method includes acquiring complete picture data of a complete picture; displaying a partial picture of the complete picture in a display window; capturing a first picture from the partial picture, and generating first picture data of the first picture; and generating a key according to the first picture data.

In a possible implementation manner, after the displaying of a partial picture of the complete picture in a display window, the method further includes dividing the partial picture into equal squares and moving, using the square as a movement unit, the complete picture until the display window displays a needed partial picture.

In a possible implementation manner, capturing a first picture from the partial picture, and generating first picture data of the first picture includes capturing a part of the partial picture as the first picture, and generating the first picture data of the first picture; or capturing the entire partial picture as the first picture, and generating the first picture data of the first picture.

In a possible implementation manner, capturing a part of the partial picture or the entire partial picture as the first picture, and generating the first picture data of the first picture includes acquiring a region selected by a user in the partial picture, and using a picture corresponding to the region in the partial picture as the first picture; and representing the region selected by the user as a square set, and connecting, according to a specified rule, pieces of image data that correspond to all squares in the square set to form a binary string, where the binary string is the first picture data.

In a possible implementation manner, representing the region selected by the user as a square set includes the region selected by the user being a closed region; sequentially acquiring each square in the display window, and when the square is included in the closed region, the square belongs to the square set; or when only a part of the square is included in the closed region, computing an area of the part of the square included in the closed region, and when the area is greater than a first threshold, the square belongs to the square set.

In a possible implementation manner, representing the region selected by the user as a square set includes the region selected by the user being a closed region; sequentially acquiring each square in the display window, and when four sides of the square and the closed region have more than two intersection points, the square belongs to the square set; or when four sides of the square and the closed region have two intersection points and the two intersection points are on a same side of the square, the square belongs to the square set; or when four sides of the square and the closed region have two intersection points and the two intersection points are not on a same side of the square, computing an area of a trapezoid that is formed after the two intersection points are connected, and when the area is greater than a second threshold, the square belongs to the square set.

In a possible implementation manner, generating a key according to the first picture data includes performing hash computing, in which a specified quantity of iteration times is i, on the first picture data, to generate the key, where i is a natural number.

According to a second aspect, an embodiment of the present disclosure further provides a key generating apparatus, wherein the apparatus includes an acquiring unit, a display unit, a first processing unit, and a generating unit; wherein the acquiring unit is configured to acquire complete picture data of a complete picture, and send the complete picture data to the display unit; wherein the display unit is configured to receive the complete picture data sent by the acquiring unit, display a partial picture of the complete picture in a display window, and send the partial picture to the first processing unit; wherein the first processing unit is configured to receive the partial picture sent by the display unit, capture a first picture from the partial picture, and generate first picture data of the first picture; and wherein the generating unit is configured to generate a key according to the first picture data.

In a possible implementation manner, the apparatus further includes a second processing unit configured to divide the partial picture into equal squares and move, using the square as a movement unit, the complete picture until the display window displays a needed partial picture.

In a possible implementation manner, the first processing unit is configured to capture a part of the partial picture as the first picture, and generate the first picture data of the first picture; or capture the entire partial picture as the first picture, and generate the first picture data of the first picture.

In a possible implementation manner, the first processing unit is configured to acquire a region selected by a user in the partial picture, and use a picture corresponding to the region in the partial picture as the first picture; and represent the region selected by the user as a square set, and connect, according to a specified rule, pieces of image data that correspond to all squares in the square set to form a binary string, where the binary string is the first picture data.

In a possible implementation manner, the first processing unit is configured to, the region selected by the user being a closed region, sequentially acquire each square in the display window, and when the square is included in the closed region, the square belongs to the square set; or when only a part of the square is included in the closed region, compute an area of the part of the square included in the closed region, and when the area is greater than a first threshold, the square belongs to the square set.

In a possible implementation manner, the first processing unit is configured to, the region selected by the user being a closed region, sequentially acquire each square in the display window, and when four sides of the square and the closed region have more than two intersection points, the square belongs to the square set; or when four sides of the square and the closed region have two intersection points and the two intersection points are on a same side of the square, the square belongs to the square set; or when four sides of the square and the closed region have two intersection points and the two intersection points are not on a same side of the square, compute an area of a trapezoid that is formed after the two intersection points are connected, and when the area is greater than a second threshold, the square belongs to the square set.

In a possible implementation manner, the generating unit is configured to perform hash computing, in which a specified quantity of iteration times is i, on the first picture data, to generate the key, where i is a natural number.

In the embodiments of the present disclosure, complete picture data, which is sent by a picture selector, of a complete picture is received; a partial picture of the complete picture is displayed in a display window according to the complete picture data; a first picture is captured from the partial picture, and first picture data of the first picture is generated; and the first picture data is sent to a key extractor, such that the key extractor generates a key according to the first picture data. In this way, convenience is brought for memorization and use by a user, and by using a characteristic region of a picture as input to a key generating function, it can be ensured that an input entropy of the key generating function is large enough, which can improve security of a key.

BRIEF DESCRIPTION OF DRAWINGS

FIG. 1 is a schematic flowchart of a key generating method according to Embodiment 1 of the present disclosure;

FIG. 2 is a schematic principle diagram of a key generating method according to the present disclosure; and

FIG. 3 is a schematic diagram of a key generating apparatus according to Embodiment 2 of the present disclosure.

DESCRIPTION OF EMBODIMENTS

The following clearly describes the technical solutions in the embodiments of the present disclosure with reference to the accompanying drawings in the embodiments of the present disclosure. The described embodiments are merely some but not all of the embodiments of the present disclosure. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments of the present disclosure without creative efforts shall fall within the protection scope of the present disclosure.

A key generating method and apparatus in the embodiments of the present disclosure solve a problem that when an encrypted key is generated, a user needs to memorize input of the user, which brings inconvenience for use by a user, and an input entropy of a key generating function is relatively small, and provide a manner of generating a key by using an image characteristic as input to a key generating function, such that when a key is generated, a user only needs to memorize characteristic regions on some pictures and does not need to memorize a relatively long character string or related pictures and a sequence thereof.

FIG. 1 is a schematic flowchart of a key generating method according to Embodiment 1 of the present disclosure. The method may be applied to any electronic device having a touchscreen. The electronic device may be a mobile terminal such as a mobile phone, a tablet, or a laptop, or may be a fixed terminal such as a desktop computer or a server. As shown in FIG. 1, the method provided in this embodiment includes the following steps.

Step 101: Acquire complete picture data of a complete picture.

Referring to a schematic principle diagram of a key generating method according to the present disclosure shown in FIG. 2, in FIG. 2, a terminal includes a picture selector, a region selector, and a key extractor, and this method is executed by the region selector. A user selects one or more complete pictures by using the picture selector, and then the picture selector sends complete picture data of the one or more complete pictures selected by the user to the region selector, where the region selector includes a display window.

Step 102: Display a partial picture of the complete picture in a display window.

It should be noted that a complete picture selected by a user is generally large; therefore, the display window in the region selector can only display a partial picture of the complete picture. After the region selector receives the complete picture data of the complete picture selected by the user, the display window displays a partial picture of the complete picture, where the partial picture, which is displayed in the display window, of the complete picture is divided into equal squares, and sizes of the squares are adjustable. When the user moves the complete picture on a screen to display a needed partial picture in the display window, a unit in which the user moves the complete picture each time is one square.

Step 103: Capture a first picture from the partial picture, and generate first picture data of the first picture.

When displaying a partial picture needed by the user in the display window by moving the complete picture, the user may select one or more regions on the partial picture with a finger or by using another device. Preferably, the selected region is a continuous closed region, and is usually irregular. The region selector uses a part of a partial picture or an entire partial picture corresponding to the continuous closed region selected by the user on the partial picture as a first picture, and generates first picture data of the first picture.

It should be noted that the region selector generates the first picture data of the first picture in a manner of representing the region selected by the user as a square set S. Representing the region selected by the user as a square set S includes, when the display window divides the partial picture of the complete picture into equal squares for display, and when a continuous closed region selected by the user on the partial picture is acquired, sequentially acquiring squares in the display window, and when a square is included in the continuous closed region, recording the square in the square set S; or when only a part of a square is included in the continuous closed region, computing an area of the part of the square included in the continuous closed region, and when the area of the part of the square included in the continuous closed region is greater than a first threshold, the square belongs to the square set S; and the rest can by deduced by analogy, until determining is performed for all the squares in the display window, where a value of the first threshold is determined according to an accuracy requirement selected by the user; for example, when the user has a high requirement for security, the first threshold may be set to a larger value, that is, may be set to 80% of an area of the entire square; when the user has a high requirement on convenience, the first threshold may be set to a smaller value, that is, may be set to 50% of an area of the entire square.

In another implementation manner, representing the region selected by the user as a square set S may also include, when the display window divides the partial picture of the complete picture into equal squares for display, and when a continuous closed region selected by the user on the partial picture is acquired, sequentially acquiring squares in the display window, and when four sides of a square and the continuous closed region have more than two intersection points, the square belongs to the square set S; or when four sides of the square and the continuous closed region have two intersection points and the two intersection points are on a same side of the square, the square belongs to the square set S; or when four sides of the square and the continuous closed region have two intersection points and the two intersection points are not on a same side of the square, computing an area of a trapezoid that is formed after the two intersection points are connected, and when the area of the trapezoid is greater than a second threshold, the square belongs to the square set S; and the rest can by deduced by analogy, until determining is performed for all the squares in the display window, where a method for determining a value of the second threshold is same as the method for determining a value of the first threshold.

After the square set S is obtained, pieces of image data corresponding to all squares in the square set S are connected according to a specified rule (for example, according to a top-to-bottom and left-to-right sequence of the squares in S in the display window), to form a binary string, and the binary string is the first picture data.

Step 104: Generate a key according to the first picture data.

The region selector sends the generated first picture data to the key extractor, and the key extractor performs, using a secure hash function according to a preset quantity of iteration times, hash computing in which the specified quantity of iteration times is i on the received first picture data, to generate a key, where i is a natural number.

It should be noted that when the region selector determines that it is the first time a key is generated on the terminal, after the region selected by the user is converted into the square set S by using the foregoing process, it is required that the user selects a region on the partial picture again, and after the region selected by the user at the second time is converted into a square set S′, the first picture data is sent to the key extractor only when S=S′. The region selector may determine, according to a flag, whether it is the first time a key is generated on the terminal, that is, set the flag to 0 in an initial state and set the flag to 1 when the user sets a key for the first time, and when learning that a value of the flag is 1, the region selector can determine that it is the first time a key is generated on the terminal.

It should be noted that in this embodiment of the present disclosure, the key generating method is described using one region selected by a user on one picture as an example, but the present disclosure is not limited thereto; this method may also be used to process multiple regions selected by a user on multiple pictures, and a key is generated by using processed data as input to a key generating function. Besides, a salt value is not needed in a process of generating a key by using the key generating method provided in the present disclosure.

FIG. 3 is a schematic diagram of a key generating apparatus according to Embodiment 2 of the present disclosure. As shown in FIG. 3, the apparatus provided in this embodiment includes an acquiring unit 301, a display unit 302, a first processing unit 303, and a generating unit 304.

The acquiring unit 301 is configured to acquire complete picture data of a complete picture and send the complete picture data to the display unit 302.

A user selects one or more complete pictures by using a picture selector, then the picture selector sends complete picture data of the one or more complete pictures selected by the user to a region selector, and the region selector acquires the complete picture data by using the acquiring unit 301.

The display unit 302 is configured to receive the complete picture data sent by the acquiring unit 301, display a partial picture of the complete picture in a display window, and send the partial picture to the first processing unit 303.

It should be noted that a complete picture selected by a user is generally large; therefore, the display window in the region selector can only display a partial picture of the complete picture.

The first processing unit 303 is configured to receive the partial picture sent by the display unit 302, capture a first picture from the partial picture, and generate first picture data of the first picture.

In a specific embodiment of the present disclosure, the first processing unit 303 is configured to capture a part of the partial picture as the first picture, and generate the first picture data of the first picture; or capture the entire partial picture as the first picture, and generate the first picture data of the first picture. Further, the first processing unit 303 is configured to acquire a region selected by a user in the partial picture and use a picture corresponding to the region in the partial picture as the first picture; and represent the region selected by the user as a square set, and connect, according to a specified rule, pieces of image data that correspond to all squares in the square set to form a binary string, where the binary string is the first picture data.

In the foregoing embodiment, assuming that the region selected by the user is a closed region, representing the region selected by the user as a square set includes sequentially acquiring each square in the display window, and when the square is included in the closed region, the square belongs to the square set; or when only a part of the square is included in the closed region, computing an area of the part of the square included in the closed region, and when the area is greater than a first threshold, the square belongs to the square set; optionally, representing the region selected by the user as a square set may also include acquiring a region selected by a user in the partial picture, and using a picture corresponding to the region in the partial picture as the first picture; and representing the region selected by the user as a square set, and connecting, according to a specified rule, pieces of image data that correspond to all squares in the square set to form a binary string, where the binary string is the first picture data.

The generating unit 304 is configured to generate a key according to the first picture data.

In a specific embodiment of the present disclosure, the generating unit 304 is configured to send the first picture data to a key extractor, such that the key extractor performs hash computing in which a specified quantity of iteration times is i on the first picture data, to generate the key, where i is a natural number.

Optionally, the apparatus further includes a second processing unit configured to divide the partial picture into equal squares and move, using the square as a movement unit, the complete picture until the display window displays a needed partial picture.

The method provided in Embodiment 1 of the present disclosure is embedded in the apparatus provided in this embodiment of the present disclosure. Therefore, a specific working process of the apparatus provided in the present disclosure is not described in detail herein.

In Embodiment 2 of the present disclosure, the acquiring unit 301 acquires complete picture data of a complete picture; the display unit 302 displays a partial picture of the complete picture in a display window; the first processing unit 303 captures a first picture from the partial picture and generates first picture data of the first picture; and the generating unit 304 generates a key according to the first picture data. In this way, convenience is brought for memorization and use by a user, and by using a characteristic region of a picture as input to a key generating function, it can be ensured that an input entropy of the key generating function is large enough, which can improve security of a key.

It can be seen that the key generating method and apparatus in the embodiments of the present disclosure solve a problem that when an encrypted key is generated, a user needs to memorize input of the user, which brings inconvenience for use by a user, and an input entropy of a key generating function is relatively small, and provide a manner of generating a key by using an image characteristic as input to a key generating function, such that when a key is generated, a user only needs to memorize characteristic regions on some pictures and does not need to memorize a relatively long character string or related pictures and a sequence thereof.

A person skilled in the art may be further aware that, in combination with the examples described in the embodiments disclosed in this specification, units and algorithm steps may be implemented by electronic hardware, computer software, or a combination thereof. To clearly describe the interchangeability between the hardware and the software, the foregoing has generally described compositions and steps of each example according to functions. Whether the functions are performed by hardware or software depends on particular applications and design constraint conditions of the technical solutions. A person skilled in the art may use different methods to implement the described functions for each particular application, but it should not be considered that the implementation goes beyond the scope of the present disclosure.

Steps of methods or algorithms described in the embodiments disclosed in this specification may be implemented by hardware, a software module executed by a processor, or a combination thereof. The software module may reside in a random access memory (RAM), a memory, a read-only memory (ROM), an electrically programmable ROM, an electrically erasable programmable ROM, a register, a hard disk, a removable disk, a compact disc ROM (CD-ROM), or any other form of storage medium known in the art.

In the foregoing specific implementation manners, the objective, technical solutions, and benefits of the present disclosure are further described in detail. It should be understood that the foregoing descriptions are merely specific implementation manners of the present disclosure, but are not intended to limit the protection scope of the present disclosure. Any modification, equivalent replacement, or improvement made without departing from the spirit and principle of the present disclosure should fall within the protection scope of the present disclosure.

Read more
PatSnap Solutions

Great research starts with great data.

Use the most comprehensive innovation intelligence platform to maximise ROI on research.

Learn More

Patent Valuation

$

Reveal the value <>

35.0/100 Score

Market Attractiveness

It shows from an IP point of view how many competitors are active and innovations are made in the different technical fields of the company. On a company level, the market attractiveness is often also an indicator of how diversified a company is. Here we look into the commercial relevance of the market.

46.0/100 Score

Market Coverage

It shows the sizes of the market that is covered with the IP and in how many countries the IP guarantees protection. It reflects a market size that is potentially addressable with the invented technology/formulation with a legal protection which also includes a freedom to operate. Here we look into the size of the impacted market.

73.11/100 Score

Technology Quality

It shows the degree of innovation that can be derived from a company’s IP. Here we look into ease of detection, ability to design around and significance of the patented feature to the product/service.

55.0/100 Score

Assignee Score

It takes the R&D behavior of the company itself into account that results in IP. During the invention phase, larger companies are considered to assign a higher R&D budget on a certain technology field, these companies have a better influence on their market, on what is marketable and what might lead to a standard.

18.98/100 Score

Legal Score

It shows the legal strength of IP in terms of its degree of protecting effect. Here we look into claim scope, claim breadth, claim quality, stability and priority.

Citation

Patents Cited in This Cited by
Title Current Assignee Application Date Publication Date
向图象嵌入鉴定信息的系统及图象改变检测系统 国际商业机器公司 27 October 1997 10 June 1998
一种数据加解密方法以及装置 中国科学院声学研究所 16 March 2012 12 September 2012
Image public key generation method NATIONAL CHENG KUNG UNIVERSITY 06 November 2002 06 May 2004
图像验证系统、图像验证装置和图像验证方法 佳能株式会社 27 December 2002 23 July 2003
Image reading apparatus and image forming apparatus KYOCERA MITA CORPORATION 24 November 2008 28 May 2009
See full citation <>

More Patents & Intellectual Property

PatSnap Solutions

PatSnap solutions are used by R&D teams, legal and IP professionals, those in business intelligence and strategic planning roles and by research staff at academic institutions globally.

PatSnap Solutions
Search & Analyze
The widest range of IP search tools makes getting the right answers and asking the right questions easier than ever. One click analysis extracts meaningful information on competitors and technology trends from IP data.
Business Intelligence
Gain powerful insights into future technology changes, market shifts and competitor strategies.
Workflow
Manage IP-related processes across multiple teams and departments with integrated collaboration and workflow tools.
Contact Sales
Clsoe
US10003462 Key generating 1 US10003462 Key generating 2 US10003462 Key generating 3