• 欢迎访问速搜资源吧,如果在网站上找不到你需要的资源,可以在留言板上留言,管理员会尽量满足你!

【速搜问答】什么是电子令牌

问答 admin 3周前 (07-13) 39次浏览 已收录 0个评论

汉英对照:
Chinese-English Translation:

电子令牌(E-Token)是一种配备了内置电源、密码生成芯片和显示屏、根据专门的算法每隔一定时间自动更新动态密码的专用硬件。基于该动态密码技术的网银系统又称为一次一密(OTP)系统,即用户的身份验证密码是变化的。

E-token is a kind of special hardware which is equipped with built-in power supply, password generation chip and display screen, and automatically updates dynamic password every certain time according to special algorithm. The online banking system based on the dynamic password technology is also known as one time password (OTP) system, that is, the user’s authentication password is changed.

电子令牌(E-Token)是一种配备了内置电源、密码生成芯片和显示屏、根据专门的算法每隔一定时间自动更新动态密码的专用硬件。基于该动态密码技术的网银系统又称为一次一密(OTP)系统,即用户的身份验证密码是变化的,密码在使用过一次后就失效,下次登录时的密码是完全不同的新密码。

E-token is a kind of special hardware which is equipped with built-in power supply, password generation chip and display screen, and automatically updates dynamic password every certain time according to special algorithm. The online banking system based on the dynamic password technology is also known as one time password (OTP) system, that is, the user’s authentication password is changed, the password will be invalid after using it once, and the password at the next login is a completely different new password.

作为一种重要的双因素认证工具,电子令牌被广泛地运用于安全认证领域,从而大大提升了网上银行的登录和交易的安全性。我行采用的电子令牌每 60 秒随机更新一次动态密码,密码长度为 6 位。电池寿命为出厂后三至四年,超过上述期限后,电子令牌将失效。届时您需要到柜台办理电子令牌更换。

As an important two factor authentication tool, electronic token is widely used in the field of security authentication, which greatly improves the security of online banking login and transaction. The electronic token adopted by our bank will be randomly updated with dynamic password every 60 seconds, and the password length is 6 digits. The battery life is three to four years after leaving the factory. After the above period, the electronic token will be invalid. At that time, you need to go to the counter to change the electronic token.

动态口令令牌,不使用任何对称或者非对称加密的算法,而采用时间同步型动态口令算法,即 TOTP(Time-Based One-Time Password Algorithm)。采用 TOTP 算法,令牌卡对种子文件和当前时间(令牌卡内部有自己的时钟,不依赖电脑时区)进行运算,以源源不断地产生不同的动态口令,并显示到屏幕上,与此同时,银行服务器会进行同样操作。

The dynamic password token does not use any symmetric or asymmetric encryption algorithm, but adopts the time synchronous dynamic password algorithm, namely TOTP (time based one time password algorithm). Using TOTP algorithm, the token card calculates the seed file and the current time (the token card has its own clock and does not depend on the computer time zone) to continuously generate different dynamic passwords and display them on the screen. At the same time, the bank server will perform the same operation.

由此可见,时间同步型动态口令对令牌卡和服务器的时间同步要求很高,时间误差会造成整个令牌的失灵,所以每一次用户成功使用令牌认证,服务器都会做相应的时间误差矫正。具体过程如下:令牌卡根据当前时间计算口令并发送至服务器,服务器再根据当前时间前后的数个时间点分别计算口令,若其中某个口令匹配则认为认证成功,并记录误差值,此后服务器在口令认证时,直接在当前时间加上误差值以计算口令。

It can be seen that the time synchronization dynamic password requires high time synchronization between the token card and the server, and the time error will cause the failure of the whole token. Therefore, each time a user successfully uses the token authentication, the server will correct the corresponding time error. The specific process is as follows: the token card calculates the password according to the current time and sends it to the server. The server calculates the password according to several time points before and after the current time. If one of the passwords matches, the authentication is considered successful, and the error value is recorded. Then, when the server authenticates the password, it directly adds the error value to the current time to calculate the password.


速搜资源网 , 版权所有丨如未注明 , 均为原创丨转载请注明原文链接:【速搜问答】什么是电子令牌
喜欢 (0)
[361009623@qq.com]
分享 (0)
发表我的评论
取消评论
表情 贴图 加粗 删除线 居中 斜体 签到

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址