CN103701610A - Method and system for collecting TK (transmission key) - Google Patents
Method and system for collecting TK (transmission key)Download PDFInfo
- Publication number
- CN103701610A CN103701610ACN201310742713.0ACN201310742713ACN103701610ACN 103701610 ACN103701610 ACN 103701610ACN 201310742713 ACN201310742713 ACN 201310742713ACN 103701610 ACN103701610 ACN 103701610A
- Authority
- CN
- China
- Prior art keywords
- data
- signature
- module
- transmission security
- security key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/20—Point-of-sale [POS] network systems
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Business, Economics & Management (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Accounting & Taxation (AREA)
- General Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Storage Device Security (AREA)
- Cash Registers Or Receiving Machines (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Computer And Data Communications (AREA)
- Control Of Vending Devices And Auxiliary Devices For Vending Devices (AREA)
- Mobile Radio Communication Systems (AREA)
- Small-Scale Networks (AREA)
Abstract
Description
Technical field
The present invention relates to E-Payment field, relate in particular to acquisition method and the system of a kind of transmission security key TK.
Background technology
(BANK Card) is more and more universal as the means of payment for bank card, common bank card paying system comprises point of sales terminal (Point Of Sale, POS), POS receives single system (POSP), code keypad (PIN PAD) and hardware encipher machine (Hardware and Security Module, HSM).Wherein POS terminal can be accepted bank card information, has communication function, and the instruction of accepting teller completes financial transaction information and the equipment of exchange for information about; POS receives single system POS terminal is managed concentratedly, comprises parameter downloads, and key is downloaded, and accepts, processes or forward the transaction request of POS terminal, and to POS terminal loopback transaction results information, is the system of centralized management and trading processing; Code keypad (PIN PAD) is that the relevant key of various financial transactions is carried out to safe storage protection, and the safety means that PIN are encrypted to protection; Hardware encipher machine (HSM) is to the peripheral hardware equipment that is encrypted of transmission data, for correctness and the storage key of encryption and decryption, checking message and the document source of PIN.Personal identification code (Personal Identification Number, PIN), personal identification number, is the data message of identifying holder's identity legitimacy in on-line transaction, in cyber-net system, any link does not allow to occur in mode expressly; Terminal master key (Terminal Master Key, TMK), during POS terminal works, the master key that working key is encrypted, encrypting storing is in system database; POS terminal is widely used in bank card and pays occasion, such as manufacturer's shopping, hotel's lodging etc., is a kind of indispensable modernization means of payment, has incorporated the various occasions of people's life.Bank card; debit card particularly; generally all by holder, be provided with PIN; in carrying out payment process; POS terminal is except above sending the data such as magnetic track information of bank card; also want holder to input the checking holder's of PINGong issuing bank identity legitimacy, guarantee bank card safety of payment, protection holder's property safety.In order to prevent that PIN from revealing or being cracked; requirement is from terminal to issuing bank in whole information interactive process; whole process is carried out safety encipher protection to PIN; do not allow any link in computer network system; PIN occurs in mode expressly, so the POS terminal of the PIN of acceptance input at present all requires to be equipped with key management system.
The key code system of POS terminal is divided into secondary: terminal master key (TMK) and working key (WK).Wherein TMK, in WK renewal process, is encrypted protection to WK.Between every POS terminal and POS, share unique TMK, must have safeguard protection, assurance can only write device and is participated in calculating, and can not read; TMK is a very crucial root key, if TMK is intercepted, working key is just cracked than being easier to, by serious threat bank card safety of payment.So can secure download TMK to POS terminal, become the key of whole POS terminal security.Conclude existing TMK download scenarios below as follows:
1, the female POS scheme of key: user receives single system hardware encipher machine and the same traffic encryption key of the female POS input of key at POS.POS terminal is received single system initiating terminal master key download request by the female POS of key to POS, POS receives single system and drives hardware encipher machine to generate at random terminal master key, and by traffic encryption key encrypted transmission to the female POS of key, the female POS of key is with being transferred to POS terminal after traffic encryption key deciphering again, POS terminal obtains terminal master key expressly, be saved in POS terminal password keyboard, thereby realize POS terminal and POS, receive the synchronous of terminal master key between single system.
2, IC-card decrypt scheme: user receives single system hardware encipher machine and injects the same traffic encryption key in IC-card at POS.User inserts POS terminal by IC-card, POS terminal is received single system initiating terminal master key download request to POS, POS receives single system and drives hardware encipher machine to generate at random terminal master key, and by traffic encryption key encrypted transmission to POS terminal, traffic encryption key deciphering terminal master key ciphertext in IC-card for POS terminal, obtain terminal master key expressly, be saved in POS terminal password keyboard, thereby realize POS terminal and POS, receive the synchronous of terminal master key between single system.
Above-mentioned two schemes has following shortcoming: terminal master key expressly appears at outside safety means, and for taking precautions against Key Exposure risk, the safe machine room that the download of terminal master key must be controlled at administrative center carries out, by the artificial download terminal master key of concentrating.Thereby bring, " maintenance centre's machine room workload is large; After equipment dispatches from the factory, need to be transported to administrative center's safe machine room download key and just can be deployed to trade company, cost of transportation rises; In order to concentrate lower dress key, need a large amount of staff and operating time, maintenance cost is large, maintenance period is long " etc. problem.
Summary of the invention
For solving the problems of the technologies described above, the technical scheme that the present invention adopts is to provide the acquisition method of a kind of transmission security key TK, comprises step:
S1, operating terminal read operation person block the operation certificate of storage, and verification operation certificate legitimacy;
S2, after the legitimate verification of operation certificate passes through, operating terminal obtains the transmission security key TK that POS terminal sends;
S3, operating terminal are used the private key of the operation certificate of operator's card to carry out signature operation to transmission security key TK, and the TK data after signature are sent to MTMS system, and the TK data after signature comprise transmission security key TK, operation certificate, signed data;
The legitimacy of S4, MTMS system verification operation certificate and signed data, if legal, is stored in database by the TK data after signature.
Another technical scheme of the present invention is for providing the acquisition system of a kind of transmission security key TK, comprise MTMS system, at least one operating terminal being connected with MTMS system communication and at least one the POS terminal being connected with operating terminal, described operating terminal comprises the first authentication module, acquisition module and the first sending module; Described MTMS system comprises the second authentication module and memory module;
The first authentication module blocks the operation certificate of storage for read operation person, and verification operation certificate legitimacy;
Acquisition module, for after confirming that when the first authentication module the legitimate verification of operation certificate passes through, obtains the transmission security key TK that POS terminal sends;
The first sending module is for using the private key of the operation certificate that operator blocks to carry out signature operation to transmission security key TK, and the TK data after signature are sent to MTMS system, and the TK data after signature comprise transmission security key TK, operation certificate, signed data;
The second authentication module is for verifying operation certificate that MTMS system receives and the legitimacy of signed data;
Memory module, for after confirming that when the second authentication module the legitimate verification of operation certificate and signed data passes through, is stored in database by the TK data after signature.
Beneficial effect of the present invention: in method and system of the present invention, when the secret key TK data operable terminal of transmission gathers, operating terminal is used operator's private key sign and enclose operation certificate transmitting secret key TK data, together uploads onto the server.When server receives TK data, the legitimacy of the legitimacy of meeting certifying signature and operation certificate, if the TK data that illegal direct rejection gathers.The present invention can guarantee the integrality of the TK data of collection, and when corresponding POS terminal remote is downloaded, main secret key goes wrong and corresponding TK data go wrong, and can find by the signing certificate of TK data concrete operating personnel.
Accompanying drawing explanation
Fig. 1 is the flowchart of an execution mode of the acquisition method of a kind of transmission security key TK of the present invention;
Fig. 2 is the structured flowchart of an execution mode of acquisition system of a kind of transmission security key TK of the present invention;
Main element symbol description:
1, the acquisition system of transmission security key TK;
10, operating terminal; 11, the first authentication module; 12, acquisition module; 13, the first sending module;
20, MTMS system; 21, the second authentication module; 22, memory module;
30, POS terminal.
Embodiment
By describing technology contents of the present invention, structural feature in detail, being realized object and effect, below in conjunction with execution mode and coordinate accompanying drawing to be explained in detail.
For solving the technical problem existing in background technology, the present invention adopts a kind of new master key download scenarios, by POS terminal, produce at random TK(Transmission Key, transmission security key), TK after producing is stored in the code keypad of POS terminal, and TK is sent to KMS(Key Management System by transmission means required under various application scenarioss, key management system, for office terminal master key TMK).
When POS terminal to apply download terminal master key TMK, KMS system is used TK to encrypt terminal master key TMK, and the terminal master key ciphertext after encrypting is sent to POS terminal, POS terminal is decrypted master key ciphertext with TK after receiving, obtain terminal master key TMK, and terminal master key TMK is kept in code keypad.
So, by TK, encrypt terminal master key TMK, make TMK can carry out remote transmission, facilitate the secure download of TMK.
Under some scene, adopt operating terminal to gather the TK that POS terminal produces, and be responsible for TK to be transferred to MTMS system (Material Tracking Management System by operating terminal, Tracing Material system, mainly in plant produced, use), by MTMS systematic unity management TK, and TK is sent to corresponding KMS system, described course of conveying YouCA center (Certificate Authority, certificate granting center, adopt Public Key Infrastructure public key infrastructure technology, network ID authentication service is provided specially, be responsible for signing and issuing and managing digital certificate, and third party's trust authority with authoritative and fairness) differentiate operating terminal, the identity of MTMS system and KMS system.Adopt operating terminal to gather TK and can facilitate the acquisition operations (can realize a key collection etc.) of TK and the rights management that TK gathers; Employing MTMS system can be conveniently to TK unified management, and during convenient after-sales service later, data search and the download of POS terminal, can realize by manufacture order bulk transfer TK by MTMS system, facilitates the transfer management of TK, prevents that TK from misinformating to wrong object; Introduce CA center and can prevent that pseudo-terminal and pseudo-KMS system from stealing TK.
Above-mentionedly by POS terminal, gather and to be sent to bank's end after transmission security key TK TMK is encrypted, then by the method that POS terminal remote is downloaded the TMK after TK encrypts, can guarantee the transmission security of TMK.When operating terminal gathers the TK of POS terminal generation, owing to having a lot of operating personnel, there are authority use operating terminal collection TK data, afterwards for convenient management management and control, need to inquire concrete TK is by which operating personnel's control operation terminal to be gathered, and need to guarantee to gather TK data integrity, therefore this scheme is proposed for head it off.
Below just the present invention is overcome to the problems referred to above technical scheme be elaborated.
Referring to Fig. 1, is the flowchart of the acquisition method of a kind of transmission security key TK of the present invention, and the method comprising the steps of:
S1, operating terminal read operation person block the operation certificate of storage, and verification operation certificate legitimacy;
S2, after the legitimate verification of operation certificate passes through, operating terminal obtains the transmission security key TK that POS terminal sends;
S3, operating terminal are used the private key of the operation certificate of operator's card to carry out signature operation to transmission security key TK, and the TK data after signature are sent to MTMS system, and the TK data after signature comprise transmission security key TK, operation certificate, signed data;
The legitimacy of S4, MTMS system verification operation certificate and signed data, if legal, is stored in database by the TK data after signature.
In the present embodiment, after described step S4, also comprise transmission security key forwarding step, specifically comprise:
When receiving TK, obtain when request, MTMS system reads the TK data after the signature of storage, and the legitimacy of certifying signature data;
After the legitimate verification of signed data passes through, MTMS system turns encrypted transmission cipher key T K and the transmission security key TK that turns encryption is sent to KMS system.
In the present embodiment, the signature operation in described step S3 specifically comprises step:
Operating terminal calculates cryptographic Hash Hash1 to transmission security key TK and signature time T ime_sign;
Use operation certificate corresponding private key WCRT_prk to encrypt generating ciphertext C_sign to cryptographic Hash Hash1, this ciphertext is signed data C_sign.
In the present embodiment, described step S4 specifically comprises:
MTMS system receives after the TK data after signature, the legitimacy of verification operation certificate;
Verify legal after, from operation certificate, extract PKI WCRT_pu, the WCRT_pu that uses public-key is decrypted signed data C_sign, obtains expressly Hash2;
Transmission security key TK and signature time T ime_sign are calculated to Hash, generate cryptographic Hash Hash3;
Whether Hash2 is consistent with Hash3 in contrast, if consistent decision data is not distorted, if inconsistent, decision data is distorted.
Referring to Fig. 2, is the structured flowchart of the acquisition system of a kind of transmission security key TK of the present invention.The acquisition method of above-mentioned a kind of transmission security key TK is applied in this system.
The acquisition system 1 of described transmission security key TK comprisesMTMS system 20, at least oneoperating terminal 10 communicating to connect withMTMS system 20 and at least one thePOS terminal 30 being connected with operating terminal, and describedoperating terminal 10 comprises the first authentication module 11,acquisition module 12 and thefirst sending module 13; Described MTMS system comprises thesecond authentication module 21 andmemory module 22;
The first authentication module 11 blocks the operation certificate of storage for read operation person, and verification operation certificate legitimacy;
Thefirst sending module 13 carries out signature operation for the private key of the operation certificate that uses operator and block to transmission security key TK, and the TK data after signature are sent to MTMS system, and the TK data after signature comprise transmission security key TK, operation certificate, signed data;
Thesecond authentication module 21 is for the operation certificate verifying MTMS system and receive and the legitimacy of signed data;
In the present embodiment, describedMTMS system 20 also comprises the 3rd authentication module and the second sending module;
The 3rd authentication module is for reading the TK data after the signature that described database stores, and the legitimacy of certifying signature data;
The second sending module, for after the 3rd authentication module determines that the legitimate verification of described signed data passes through, turns encrypted transmission cipher key T K and the transmission security key TK that turns encryption is sent to KMS system.
In the present embodiment, described thefirst sending module 13 specifically comprises the first computing module, encrypting module;
The first computing module is for calculating cryptographic Hash Hash1 to transmission security key TK and signature time T ime_sign;
Encrypting module is used for using operation certificate corresponding private key WCRT_prk to encrypt generating ciphertext C_sign to cryptographic Hash Hash1, and this ciphertext is signed data C_sign.
In the present embodiment, described the 3rd authentication module specifically comprises the 4th authentication module, deciphering module, the second computing module, judge module;
The 4th authentication module is used for after the TK data after receiving signature, the legitimacy of verification operation certificate;
Deciphering module, for after the 4th authentication module checking is legal, extracts PKI WCRT_pu from operation certificate, and the WCRT_pu that uses public-key is decrypted signed data C_sign, obtains expressly Hash2;
The second computing module, for transmission security key TK and signature time T ime_sign are calculated to Hash, generates cryptographic Hash Hash3;
Whether judge module is used for contrasting Hash2 consistent with Hash3, if consistent decision data is not distorted, if inconsistent, decision data is distorted.
Beneficial effect of the present invention: transmission security key TK of the present invention is random generation, transmitting procedure is also sealed, TMK expressly there will not be outside safety storage apparatus, in transmitting procedure, be all to utilize PKI to be encrypted, TMK ciphertext just can be untied in the encryption equipment of TMS, has very high fail safe.
When the secret key TK data operable terminal of transmission gathers, operating terminal is used operator's private key sign and enclose operation certificate transmitting secret key TK data, together uploads onto the server.When server receives TK data, the legitimacy of the legitimacy of meeting certifying signature and operation certificate, if the TK data that illegal direct rejection gathers.The present invention can guarantee the integrality of the TK data of collection, and when corresponding POS terminal remote is downloaded, main secret key goes wrong and corresponding TK data go wrong, and can find by the signing certificate of TK data concrete operating personnel.
The foregoing is only embodiments of the invention; not thereby limit the scope of the claims of the present invention; every equivalent structure or conversion of equivalent flow process that utilizes specification of the present invention and accompanying drawing content to do; or be directly or indirectly used in other relevant technical fields, be all in like manner included in scope of patent protection of the present invention.
Claims (8)
1. an acquisition method of transmission security key TK, is characterized in that, comprises step:
S1, operating terminal read operation person block the operation certificate of storage, and verification operation certificate legitimacy;
S2, after the legitimate verification of operation certificate passes through, operating terminal obtains the transmission security key TK that POS terminal sends;
S3, operating terminal are used the private key of the operation certificate of operator's card to carry out signature operation to transmission security key TK, and the TK data after signature are sent to MTMS system, and the TK data after signature comprise transmission security key TK, operation certificate, signed data;
The legitimacy of S4, MTMS system verification operation certificate and signed data, if legal, is stored in database by the TK data after signature.
2. the acquisition method of transmission security key TK according to claim 1, is characterized in that, also comprises and specifically comprise transmission security key forwarding step after described step S4:
When receiving TK, obtain when request, MTMS system reads the TK data after the signature of storage, and the legitimacy of certifying signature data;
After the legitimate verification of signed data passes through, MTMS system turns encrypted transmission cipher key T K and the transmission security key TK that turns encryption is sent to KMS system.
3. the acquisition method of transmission security key TK according to claim 2, is characterized in that, the signature operation in described step S3 specifically comprises step:
Operating terminal calculates cryptographic Hash Hash1 to transmission security key TK and signature time T ime_sign;
Use operation certificate corresponding private key WCRT_prk to encrypt generating ciphertext C_sign to cryptographic Hash Hash1, this ciphertext is signed data C_sign.
4. the acquisition method of transmission security key TK according to claim 3, is characterized in that, described step S4 specifically comprises:
MTMS system receives after the TK data after signature, the legitimacy of verification operation certificate;
Verify legal after, from operation certificate, extract PKI WCRT_pu, the WCRT_pu that uses public-key is decrypted signed data C_sign, obtains expressly Hash2;
Transmission security key TK and signature time T ime_sign are calculated to Hash, generate cryptographic Hash Hash3;
Whether Hash2 is consistent with Hash3 in contrast, if consistent decision data is not distorted, if inconsistent, decision data is distorted.
5. the acquisition system of a transmission security key TK, it is characterized in that, comprise MTMS system, at least one operating terminal being connected with MTMS system communication and at least one the POS terminal being connected with operating terminal, described operating terminal comprises the first authentication module, acquisition module and the first sending module; Described MTMS system comprises the second authentication module and memory module;
The first authentication module blocks the operation certificate of storage for read operation person, and verification operation certificate legitimacy;
Acquisition module, for after confirming that when the first authentication module the legitimate verification of operation certificate passes through, obtains the transmission security key TK that POS terminal sends;
The first sending module is for using the private key of the operation certificate that operator blocks to carry out signature operation to transmission security key TK, and the TK data after signature are sent to MTMS system, and the TK data after signature comprise transmission security key TK, operation certificate, signed data;
The second authentication module is for verifying operation certificate that MTMS system receives and the legitimacy of signed data;
Memory module, for after confirming that when the second authentication module the legitimate verification of operation certificate and signed data passes through, is stored in database by the TK data after signature.
6. the acquisition system of transmission security key TK according to claim 5, is characterized in that, described MTMS system also comprises the 3rd authentication module and the second sending module;
The 3rd authentication module, for obtaining while asking when receiving TK, reads the TK data after the signature of storing in described database, and the legitimacy of certifying signature data;
The second sending module, for after the 3rd authentication module determines that the legitimate verification of described signed data passes through, turns encrypted transmission cipher key T K and the transmission security key TK that turns encryption is sent to KMS system.
7. the acquisition system of transmission security key TK according to claim 6, is characterized in that, described the first sending module specifically comprises the first computing module, encrypting module;
The first computing module is for calculating cryptographic Hash Hash1 to transmission security key TK and signature time T ime_sign;
Encrypting module is used for using operation certificate corresponding private key WCRT_prk to encrypt generating ciphertext C_sign to cryptographic Hash Hash1, and this ciphertext is signed data C_sign.
8. the acquisition system of transmission security key TK according to claim 7, is characterized in that, described the 3rd authentication module specifically comprises the 4th authentication module, deciphering module, the second computing module, judge module;
The 4th authentication module is used for after the TK data after receiving signature, the legitimacy of verification operation certificate;
Deciphering module, for after the 4th authentication module checking is legal, extracts PKI WCRT_pu from operation certificate, and the WCRT_pu that uses public-key is decrypted signed data C_sign, obtains expressly Hash2;
The second computing module, for transmission security key TK and signature time T ime_sign are calculated to Hash, generates cryptographic Hash Hash3;
Whether judge module is used for contrasting Hash2 consistent with Hash3, if consistent decision data is not distorted, if inconsistent, decision data is distorted.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310742713.0ACN103701610B (en) | 2013-03-15 | 2013-12-27 | A kind of acquisition method and system for transmitting cipher key T K |
Applications Claiming Priority (13)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013100846538 | 2013-03-15 | ||
| CN201310084673.5 | 2013-03-15 | ||
| CN201310084397.2 | 2013-03-15 | ||
| CN2013100846735 | 2013-03-15 | ||
| CN2013100843972 | 2013-03-15 | ||
| CN2013100846716 | 2013-03-15 | ||
| CN201310084671.6 | 2013-03-15 | ||
| CN2013100846538ACN103237005A (en) | 2013-03-15 | 2013-03-15 | Method and system for key management |
| CN2013100843972ACN103237004A (en) | 2013-03-15 | 2013-03-15 | Key download method, key management method, method, device and system for download management |
| CN2013100846716ACN103220270A (en) | 2013-03-15 | 2013-03-15 | Downloading method, management method, downloading management method, downloading management device and downloading management system for secret key |
| CN201310084653.8 | 2013-03-15 | ||
| CN2013100846735ACN103220271A (en) | 2013-03-15 | 2013-03-15 | Downloading method, management method, downloading management method, downloading management device and downloading management system for secret key |
| CN201310742713.0ACN103701610B (en) | 2013-03-15 | 2013-12-27 | A kind of acquisition method and system for transmitting cipher key T K |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103701610Atrue CN103701610A (en) | 2014-04-02 |
| CN103701610B CN103701610B (en) | 2018-04-17 |
Family
ID=50363015
Family Applications (28)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310740644.XAActiveCN103714638B (en) | 2013-03-15 | 2013-12-27 | A kind of method and system of quick position terminal master key failed download |
| CN201310740158.8AActiveCN103716320B (en) | 2013-03-15 | 2013-12-27 | A kind of terminal master key TMK safety downloading method and systems |
| CN201310740540.9AActiveCN103716154B (en) | 2013-03-15 | 2013-12-27 | A kind of terminal master key TMK safety downloading method and systems |
| CN201310740285.8AActiveCN103729940B (en) | 2013-03-15 | 2013-12-27 | A kind of main cipher key T MK method for safely downloading of terminal and system |
| CN201310740574.8AActiveCN103729945B (en) | 2013-03-15 | 2013-12-27 | A kind of method and system of secure download terminal master key |
| CN201310740430.2AActiveCN103729943B (en) | 2013-03-15 | 2013-12-27 | A kind of method and system transmission security key being imported KMS system |
| CN201310740231.1AActiveCN103714635B (en) | 2013-03-15 | 2013-12-27 | A kind of POS terminal and terminal master key downloading mode collocation method thereof |
| CN201310742713.0AActiveCN103701610B (en) | 2013-03-15 | 2013-12-27 | A kind of acquisition method and system for transmitting cipher key T K |
| CN201310740360.0AActiveCN103714636B (en) | 2013-03-15 | 2013-12-27 | A kind of method of batch capture and upload transfers cipher key T K data and operating terminal |
| CN201310742648.1AActiveCN103716155B (en) | 2013-03-15 | 2013-12-27 | A kind of method of automated maintenance POS terminal and operation terminal |
| CN201310742681.4AActiveCN103714640B (en) | 2013-03-15 | 2013-12-27 | A kind of sending method of transmission security key and system |
| CN201310740567.8AActiveCN103729944B (en) | 2013-03-15 | 2013-12-27 | A kind of method and system of secure download terminal master key |
| CN201310742661.7AActiveCN103716167B (en) | 2013-03-15 | 2013-12-27 | Method and device for safely collecting and distributing transmission keys |
| CN201310740188.9AActiveCN103716153B (en) | 2013-03-15 | 2013-12-27 | Terminal master key TMK safety downloading method and systems |
| CN201310740537.7AActiveCN103746800B (en) | 2013-03-15 | 2013-12-27 | TMK (terminal master key) safe downloading method and system |
| CN201310740410.5AActiveCN103729942B (en) | 2013-03-15 | 2013-12-27 | Transmission security key is transferred to the method and system of key server from terminal server |
| CN201310742686.7AActiveCN103745351B (en) | 2013-03-15 | 2013-12-27 | A kind of acquisition method and system for transmitting cipher key T K |
| CN201310740642.0AActiveCN103731259B (en) | 2013-03-15 | 2013-12-27 | A kind of terminal master key TMK safety downloading method and systems |
| CN201310741948.8AActiveCN103714639B (en) | 2013-03-15 | 2013-12-27 | A kind of method and system that realize the operation of POS terminal security |
| CN201310741949.2AActiveCN103731260B (en) | 2013-03-15 | 2013-12-27 | A kind of terminal master key TMK safety downloading method and system |
| CN201310742991.6AActiveCN103714641B (en) | 2013-03-15 | 2013-12-27 | A kind of terminal master key TMK method for safely downloading and system |
| CN201310740380.8AActiveCN103714637B (en) | 2013-03-15 | 2013-12-27 | A kind of transmission security key sending method and system, operating terminal |
| CN201310742886.2AActiveCN103716321B (en) | 2013-03-15 | 2013-12-27 | A kind of terminal master key TMK safety downloading method and systems |
| CN201310740264.6AActiveCN103701812B (en) | 2013-03-15 | 2013-12-27 | TMK (Terminal Master Key) secure downloading method and system |
| CN201310740226.0AActiveCN103714634B (en) | 2013-03-15 | 2013-12-27 | A kind of method of main key of secure download terminal and system |
| CN201310740244.9AActiveCN103701609B (en) | 2013-03-15 | 2013-12-27 | A kind of server and the method and system operating terminal two-way authentication |
| CN201310740308.5AActiveCN103729941B (en) | 2013-03-15 | 2013-12-27 | A kind of main cipher key T MK method for safely downloading of terminal and system |
| CN201310740100.3AActiveCN103714633B (en) | 2013-03-15 | 2013-12-27 | A kind of method of safe generating transmission key and POS terminal |
Family Applications Before (7)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310740644.XAActiveCN103714638B (en) | 2013-03-15 | 2013-12-27 | A kind of method and system of quick position terminal master key failed download |
| CN201310740158.8AActiveCN103716320B (en) | 2013-03-15 | 2013-12-27 | A kind of terminal master key TMK safety downloading method and systems |
| CN201310740540.9AActiveCN103716154B (en) | 2013-03-15 | 2013-12-27 | A kind of terminal master key TMK safety downloading method and systems |
| CN201310740285.8AActiveCN103729940B (en) | 2013-03-15 | 2013-12-27 | A kind of main cipher key T MK method for safely downloading of terminal and system |
| CN201310740574.8AActiveCN103729945B (en) | 2013-03-15 | 2013-12-27 | A kind of method and system of secure download terminal master key |
| CN201310740430.2AActiveCN103729943B (en) | 2013-03-15 | 2013-12-27 | A kind of method and system transmission security key being imported KMS system |
| CN201310740231.1AActiveCN103714635B (en) | 2013-03-15 | 2013-12-27 | A kind of POS terminal and terminal master key downloading mode collocation method thereof |
Family Applications After (20)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310740360.0AActiveCN103714636B (en) | 2013-03-15 | 2013-12-27 | A kind of method of batch capture and upload transfers cipher key T K data and operating terminal |
| CN201310742648.1AActiveCN103716155B (en) | 2013-03-15 | 2013-12-27 | A kind of method of automated maintenance POS terminal and operation terminal |
| CN201310742681.4AActiveCN103714640B (en) | 2013-03-15 | 2013-12-27 | A kind of sending method of transmission security key and system |
| CN201310740567.8AActiveCN103729944B (en) | 2013-03-15 | 2013-12-27 | A kind of method and system of secure download terminal master key |
| CN201310742661.7AActiveCN103716167B (en) | 2013-03-15 | 2013-12-27 | Method and device for safely collecting and distributing transmission keys |
| CN201310740188.9AActiveCN103716153B (en) | 2013-03-15 | 2013-12-27 | Terminal master key TMK safety downloading method and systems |
| CN201310740537.7AActiveCN103746800B (en) | 2013-03-15 | 2013-12-27 | TMK (terminal master key) safe downloading method and system |
| CN201310740410.5AActiveCN103729942B (en) | 2013-03-15 | 2013-12-27 | Transmission security key is transferred to the method and system of key server from terminal server |
| CN201310742686.7AActiveCN103745351B (en) | 2013-03-15 | 2013-12-27 | A kind of acquisition method and system for transmitting cipher key T K |
| CN201310740642.0AActiveCN103731259B (en) | 2013-03-15 | 2013-12-27 | A kind of terminal master key TMK safety downloading method and systems |
| CN201310741948.8AActiveCN103714639B (en) | 2013-03-15 | 2013-12-27 | A kind of method and system that realize the operation of POS terminal security |
| CN201310741949.2AActiveCN103731260B (en) | 2013-03-15 | 2013-12-27 | A kind of terminal master key TMK safety downloading method and system |
| CN201310742991.6AActiveCN103714641B (en) | 2013-03-15 | 2013-12-27 | A kind of terminal master key TMK method for safely downloading and system |
| CN201310740380.8AActiveCN103714637B (en) | 2013-03-15 | 2013-12-27 | A kind of transmission security key sending method and system, operating terminal |
| CN201310742886.2AActiveCN103716321B (en) | 2013-03-15 | 2013-12-27 | A kind of terminal master key TMK safety downloading method and systems |
| CN201310740264.6AActiveCN103701812B (en) | 2013-03-15 | 2013-12-27 | TMK (Terminal Master Key) secure downloading method and system |
| CN201310740226.0AActiveCN103714634B (en) | 2013-03-15 | 2013-12-27 | A kind of method of main key of secure download terminal and system |
| CN201310740244.9AActiveCN103701609B (en) | 2013-03-15 | 2013-12-27 | A kind of server and the method and system operating terminal two-way authentication |
| CN201310740308.5AActiveCN103729941B (en) | 2013-03-15 | 2013-12-27 | A kind of main cipher key T MK method for safely downloading of terminal and system |
| CN201310740100.3AActiveCN103714633B (en) | 2013-03-15 | 2013-12-27 | A kind of method of safe generating transmission key and POS terminal |
Country Status (2)
| Country | Link |
|---|---|
| CN (28) | CN103714638B (en) |
| WO (5) | WO2014139403A1 (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106559218A (en)* | 2015-09-29 | 2017-04-05 | 中国电力科学研究院 | A kind of safe acquisition method of intelligent substation continuous data |
| CN107944250A (en)* | 2017-11-28 | 2018-04-20 | 艾体威尔电子技术(北京)有限公司 | A kind of key acquisition method applied to POS machine |
Families Citing this family (121)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103714638B (en)* | 2013-03-15 | 2015-09-30 | 福建联迪商用设备有限公司 | A kind of method and system of quick position terminal master key failed download |
| CN105281896B (en)* | 2014-07-17 | 2018-11-27 | 深圳华智融科技股份有限公司 | A kind of key POS machine Activiation method and system based on elliptic curve |
| CN104270346B (en)* | 2014-09-12 | 2017-10-13 | 北京天行网安信息技术有限责任公司 | The methods, devices and systems of two-way authentication |
| CN105991536A (en)* | 2014-11-07 | 2016-10-05 | 天地融科技股份有限公司 | Data interaction system |
| CN104363090A (en)* | 2014-11-19 | 2015-02-18 | 成都卫士通信息产业股份有限公司 | Secret key distribution device and method for enhancing safety of banking terminal equipment |
| CN105681263B (en)* | 2014-11-20 | 2019-02-12 | 广东华大互联网股份有限公司 | A kind of secrete key of smart card remote application method and application system |
| CN104486323B (en)* | 2014-12-10 | 2017-10-31 | 福建联迪商用设备有限公司 | A kind of POS terminal controlled networking activation method and device safely |
| CN104410641B (en)* | 2014-12-10 | 2017-12-08 | 福建联迪商用设备有限公司 | A kind of POS terminal controlled networking activation method and device safely |
| US9485250B2 (en)* | 2015-01-30 | 2016-11-01 | Ncr Corporation | Authority trusted secure system component |
| CN105989472A (en)* | 2015-03-06 | 2016-10-05 | 华立科技股份有限公司 | Wireless mobile configuration, wireless payment configuration and wireless payment configuration method of electric energy measurement system, and public commodity wireless payment configuration |
| CN106204034B (en)* | 2015-04-29 | 2019-07-23 | 中国电信股份有限公司 | Using the mutual authentication method and system of interior payment |
| CN105117665B (en)* | 2015-07-16 | 2017-10-31 | 福建联迪商用设备有限公司 | A kind of end product pattern and the method and system of development mode handoff-security |
| CN105184121A (en)* | 2015-09-02 | 2015-12-23 | 上海繁易电子科技有限公司 | Hardware authorization system and method using remote server |
| CN105243542B (en)* | 2015-11-13 | 2021-07-02 | 咪付(广西)网络技术有限公司 | Dynamic electronic certificate authentication method |
| CN105260884A (en)* | 2015-11-18 | 2016-01-20 | 北京微智全景信息技术有限公司 | POS machine key distributing method and device |
| CN105530241B (en)* | 2015-12-07 | 2018-12-28 | 咪付(广西)网络技术有限公司 | The authentication method of mobile intelligent terminal and POS terminal |
| CN105574722A (en)* | 2015-12-11 | 2016-05-11 | 福建新大陆支付技术有限公司 | Authorization IC card based remote online authorization method for payment terminal |
| CN105930718A (en)* | 2015-12-29 | 2016-09-07 | 中国银联股份有限公司 | Method and apparatus for switching point-of-sale (POS) terminal modes |
| CN105656669B (en)* | 2015-12-31 | 2019-01-01 | 福建联迪商用设备有限公司 | The remote repairing method of electronic equipment, is repaired equipment and system at equipment |
| CN105681032B (en) | 2016-01-08 | 2017-09-12 | 腾讯科技(深圳)有限公司 | Method for storing cipher key, key management method and device |
| CN114240421A (en)* | 2016-01-25 | 2022-03-25 | 创新先进技术有限公司 | Credit payment method and device based on mobile terminal eSE |
| CN105743654A (en)* | 2016-02-02 | 2016-07-06 | 上海动联信息技术股份有限公司 | POS machine secret key remote downloading service system and secret key downloading method |
| CN105790934B (en)* | 2016-03-04 | 2019-03-15 | 中国银联股份有限公司 | An adaptive POS terminal configuration method and its configuration right transfer method |
| CN107294722A (en)* | 2016-03-31 | 2017-10-24 | 阿里巴巴集团控股有限公司 | A kind of terminal identity authentication method, apparatus and system |
| CN105978856B (en)* | 2016-04-18 | 2019-01-25 | 随行付支付有限公司 | A kind of POS machine key downloading method, apparatus and system |
| CN106059771A (en)* | 2016-05-06 | 2016-10-26 | 上海动联信息技术股份有限公司 | Intelligent POS machine secret key management system and method |
| CN106097608B (en)* | 2016-06-06 | 2018-07-27 | 福建联迪商用设备有限公司 | Remote cipher key method for down loading and system, acquirer and target POS terminal |
| CN106127461A (en)* | 2016-06-16 | 2016-11-16 | 中国银联股份有限公司 | Bi-directional verification method of mobile payment and system |
| CN107563712A (en)* | 2016-06-30 | 2018-01-09 | 中兴通讯股份有限公司 | A kind of mobile terminal punch card method, device, equipment and system |
| CN106027247A (en)* | 2016-07-29 | 2016-10-12 | 宁夏丝路通网络支付有限公司北京分公司 | Method for remotely issuing POS key |
| CN106100854A (en)* | 2016-08-16 | 2016-11-09 | 黄朝 | The reverse authentication method of terminal unit based on authority's main body and system |
| CN107800538B (en)* | 2016-09-01 | 2021-01-29 | 中电长城(长沙)信息技术有限公司 | Remote key distribution method for self-service equipment |
| US11018860B2 (en) | 2016-10-28 | 2021-05-25 | Microsoft Technology Licensing, Llc | Highly available and reliable secret distribution infrastructure |
| CN106571915A (en)* | 2016-11-15 | 2017-04-19 | 中国银联股份有限公司 | Terminal master key setting method and apparatus |
| CN106603496B (en)* | 2016-11-18 | 2019-05-21 | 新智数字科技有限公司 | A kind of guard method, smart card, server and the communication system of data transmission |
| CN106656488B (en)* | 2016-12-07 | 2020-04-03 | 百富计算机技术(深圳)有限公司 | Key download method and device for POS terminal |
| CN106712939A (en)* | 2016-12-27 | 2017-05-24 | 百富计算机技术(深圳)有限公司 | Offline key transmission method and device |
| US10432730B1 (en) | 2017-01-25 | 2019-10-01 | United States Of America As Represented By The Secretary Of The Air Force | Apparatus and method for bus protection |
| CN106953731B (en)* | 2017-02-17 | 2020-05-12 | 福建魔方电子科技有限公司 | Authentication method and system for terminal administrator |
| CN107466455B (en)* | 2017-03-15 | 2021-05-04 | 深圳大趋智能科技有限公司 | POS machine security verification method and device |
| US10296477B2 (en) | 2017-03-30 | 2019-05-21 | United States of America as represented by the Secretary of the AirForce | Data bus logger |
| CN106997533B (en)* | 2017-04-01 | 2020-10-13 | 福建实达电脑设备有限公司 | POS terminal product safety production authorization management system and method |
| CN107094138B (en)* | 2017-04-11 | 2019-09-13 | 郑州信大捷安信息技术股份有限公司 | A kind of smart home safe communication system and communication means |
| CN107070925A (en)* | 2017-04-18 | 2017-08-18 | 上海赛付网络科技有限公司 | A kind of terminal applies and the anti-tamper method of background service communication packet |
| CN107104795B (en)* | 2017-04-25 | 2020-09-04 | 上海汇尔通信息技术有限公司 | Method, framework and system for injecting RSA key pair and certificate |
| CN107360652A (en)* | 2017-05-31 | 2017-11-17 | 江苏普世祥光电技术有限公司 | A kind of control method of square landscape lamp |
| CN107301437A (en)* | 2017-05-31 | 2017-10-27 | 江苏普世祥光电技术有限公司 | A kind of control system of square landscape lamp |
| CN107358441B (en)* | 2017-06-26 | 2020-12-18 | 北京明华联盟科技有限公司 | Payment verification method, system, mobile device and security authentication device |
| WO2019023979A1 (en)* | 2017-08-02 | 2019-02-07 | 福建联迪商用设备有限公司 | Method for generating configurable pos machine secret key pair, and storage medium |
| CN107666420B (en)* | 2017-08-30 | 2020-12-15 | 宁波梦居智能科技有限公司 | Method for production control and identity authentication of intelligent home gateway |
| CN107392591B (en)* | 2017-08-31 | 2020-02-07 | 恒宝股份有限公司 | Online recharging method and system for industry card and Bluetooth read-write device |
| CN107888379A (en)* | 2017-10-25 | 2018-04-06 | 百富计算机技术(深圳)有限公司 | A kind of method of secure connection, POS terminal and code keypad |
| WO2019080095A1 (en)* | 2017-10-27 | 2019-05-02 | 福建联迪商用设备有限公司 | Financial payment terminal activation method and system |
| CN107835170B (en)* | 2017-11-04 | 2021-04-20 | 上海动联信息技术股份有限公司 | Intelligent Pos equipment safety authorization dismantling system and method |
| CN107993062A (en)* | 2017-11-27 | 2018-05-04 | 百富计算机技术(深圳)有限公司 | POS terminal method of commerce, device, computer equipment and readable storage medium storing program for executing |
| CN107919962B (en)* | 2017-12-22 | 2021-01-15 | 国民认证科技(北京)有限公司 | Internet of things equipment registration and authentication method |
| CN108365950A (en)* | 2018-01-03 | 2018-08-03 | 深圳怡化电脑股份有限公司 | The generation method and device of financial self-service equipment key |
| CN108390851B (en)* | 2018-01-05 | 2020-07-03 | 郑州信大捷安信息技术股份有限公司 | Safe remote control system and method for industrial equipment |
| WO2019136736A1 (en)* | 2018-01-15 | 2019-07-18 | 福建联迪商用设备有限公司 | Software encryption terminal, payment terminal, and software package encryption and decryption method and system |
| WO2019153119A1 (en)* | 2018-02-06 | 2019-08-15 | 福建联迪商用设备有限公司 | Method for transmitting key, receiving terminal and distribution terminal |
| CN108446539B (en)* | 2018-03-16 | 2023-01-13 | 福建深空信息技术有限公司 | Software authorization method and software authorization file generation system |
| WO2019178763A1 (en)* | 2018-03-21 | 2019-09-26 | 福建联迪商用设备有限公司 | Certificate importing method and terminal |
| CN108496194A (en)* | 2018-03-21 | 2018-09-04 | 福建联迪商用设备有限公司 | A method, server and system for verifying terminal legitimacy |
| WO2019200530A1 (en)* | 2018-04-17 | 2019-10-24 | 福建联迪商用设备有限公司 | Remote distribution method and system for terminal master key |
| CN108737106B (en)* | 2018-05-09 | 2021-06-01 | 深圳壹账通智能科技有限公司 | User authentication method and device on block chain system, terminal equipment and storage medium |
| CN108833088A (en)* | 2018-05-22 | 2018-11-16 | 珠海爱付科技有限公司 | A kind of POS terminal Activiation method |
| CN110581829A (en)* | 2018-06-08 | 2019-12-17 | 中国移动通信集团有限公司 | Communication method and device |
| CN109218293B (en)* | 2018-08-21 | 2021-09-21 | 西安得安信息技术有限公司 | Use method of distributed password service platform key management |
| CN109347625B (en)* | 2018-08-31 | 2020-04-24 | 阿里巴巴集团控股有限公司 | Password operation method, work key creation method, password service platform and equipment |
| CN109326061B (en)* | 2018-09-10 | 2021-10-26 | 惠尔丰(中国)信息系统有限公司 | Anti-cutting method of intelligent POS |
| CN109274500B (en)* | 2018-10-15 | 2020-06-02 | 百富计算机技术(深圳)有限公司 | A key downloading method, client, cryptographic device and terminal device |
| CN109274684B (en)* | 2018-10-31 | 2020-12-29 | 中国—东盟信息港股份有限公司 | Internet of things terminal system based on integration of eSIM communication and navigation service and implementation method thereof |
| CN109547208B (en)* | 2018-11-16 | 2021-11-09 | 交通银行股份有限公司 | Online distribution method and system for master key of financial electronic equipment |
| CN109670289B (en)* | 2018-11-20 | 2020-12-15 | 福建联迪商用设备有限公司 | Method and system for identifying legality of background server |
| CN109508995A (en)* | 2018-12-12 | 2019-03-22 | 福建新大陆支付技术有限公司 | A kind of off line authorization method and payment terminal based on payment terminal |
| CN109510711B (en)* | 2019-01-08 | 2022-04-01 | 深圳市网心科技有限公司 | Network communication method, server, client and system |
| CN111627174B (en)* | 2019-02-28 | 2024-12-06 | 南京摩铂汇信息技术有限公司 | Bluetooth POS equipment and payment system |
| CN110011794B (en)* | 2019-04-11 | 2021-08-13 | 北京智芯微电子科技有限公司 | Test Methods for Cipher Key Properties |
| CN109995532A (en)* | 2019-04-11 | 2019-07-09 | 晏福平 | A kind of online management method and system of terminal master key |
| CN110061848B (en)* | 2019-04-17 | 2021-09-14 | 飞天诚信科技股份有限公司 | Method for safely importing secret key of payment terminal, payment terminal and system |
| CN110545542B (en)* | 2019-06-13 | 2023-03-14 | 银联商务股份有限公司 | Main control key downloading method and device based on asymmetric encryption algorithm and computer equipment |
| CN112532567A (en)* | 2019-09-19 | 2021-03-19 | 中国移动通信集团湖南有限公司 | Transaction encryption method and POSP system |
| CN110855442A (en)* | 2019-10-10 | 2020-02-28 | 北京握奇智能科技有限公司 | PKI (public key infrastructure) technology-based inter-device certificate verification method |
| CN111132154B (en)* | 2019-12-26 | 2022-10-21 | 飞天诚信科技股份有限公司 | Method and system for negotiating session key |
| CN111193748B (en)* | 2020-01-06 | 2021-12-03 | 惠州市德赛西威汽车电子股份有限公司 | Interactive key security authentication method and system |
| CN111275440B (en)* | 2020-01-19 | 2023-11-10 | 中钞科堡现金处理技术(北京)有限公司 | Remote key downloading method and system |
| TWI775061B (en)* | 2020-03-30 | 2022-08-21 | 尚承科技股份有限公司 | Protection system and method for soft/firmware or data |
| CN111597512B (en)* | 2020-03-31 | 2023-10-31 | 尚承科技股份有限公司 | Soft firmware or data protection system and protection method |
| CN111526013B (en)* | 2020-04-17 | 2023-05-05 | 中国人民银行清算总中心 | Key distribution method and system |
| CN111884804A (en)* | 2020-06-15 | 2020-11-03 | 上海祥承通讯技术有限公司 | Remote key management method |
| CN111815811B (en)* | 2020-06-22 | 2022-09-06 | 合肥智辉空间科技有限责任公司 | Electronic lock safety coefficient |
| CN114024949A (en)* | 2020-07-17 | 2022-02-08 | 华为技术有限公司 | Data transmission method and device |
| CN111950999B (en)* | 2020-07-28 | 2024-06-04 | 银盛支付服务股份有限公司 | Method and system for realizing key filling safety based on IC card on POS machine |
| CN111931206A (en)* | 2020-07-31 | 2020-11-13 | 银盛支付服务股份有限公司 | Data encryption method based on APP |
| CN112134849B (en)* | 2020-08-28 | 2024-02-20 | 国电南瑞科技股份有限公司 | A dynamic trusted encrypted communication method and system for smart substations |
| CN112182599B (en)* | 2020-09-15 | 2024-06-11 | 中信银行股份有限公司 | Automatic loading method and device for master key, electronic equipment and readable storage medium |
| CN112311528B (en)* | 2020-10-17 | 2023-06-23 | 深圳市德卡科技股份有限公司 | Data security transmission method based on cryptographic algorithm |
| CN112291232B (en)* | 2020-10-27 | 2021-06-04 | 中国联合网络通信有限公司深圳市分公司 | Safety capability and safety service chain management platform based on tenants |
| CN112332978B (en)* | 2020-11-10 | 2022-09-20 | 上海商米科技集团股份有限公司 | Remote key injection method based on key agreement |
| CN112396416A (en)* | 2020-11-18 | 2021-02-23 | 上海商米科技集团股份有限公司 | Method for loading certificate of intelligent POS equipment |
| CN112560058B (en)* | 2020-12-17 | 2022-12-30 | 山东华芯半导体有限公司 | SSD partition encryption storage system based on intelligent password key and implementation method thereof |
| CN112968776B (en)* | 2021-02-02 | 2022-09-02 | 中钞科堡现金处理技术(北京)有限公司 | Method, storage medium and electronic device for remote key exchange |
| CN113037494B (en)* | 2021-03-02 | 2023-05-23 | 福州汇思博信息技术有限公司 | Burning piece mirror image file signature method and terminal |
| CN113450511A (en)* | 2021-03-25 | 2021-09-28 | 深圳怡化电脑科技有限公司 | Transaction method of acceptance terminal equipment and bank system and acceptance terminal equipment |
| CN113132980B (en)* | 2021-04-02 | 2023-10-13 | 四川省计算机研究院 | Key management system method and device applied to Beidou navigation system |
| CN113328851B (en)* | 2021-04-21 | 2022-01-14 | 北京连山科技股份有限公司 | Method and system for randomly transmitting secret key under multilink condition |
| CN115620411A (en)* | 2021-07-16 | 2023-01-17 | 交通运输部路网监测与应急处置中心 | ETC parking transaction safety certification system facing public network |
| CN113708923A (en)* | 2021-07-29 | 2021-11-26 | 银盛支付服务股份有限公司 | Method and system for remotely downloading master key |
| CN113645221A (en)* | 2021-08-06 | 2021-11-12 | 中国工商银行股份有限公司 | Encryption method, device, equipment, storage medium and computer program |
| CN113810391A (en)* | 2021-09-01 | 2021-12-17 | 杭州视洞科技有限公司 | Cross-machine-room communication bidirectional authentication and encryption method |
| CN113612612A (en)* | 2021-09-30 | 2021-11-05 | 阿里云计算有限公司 | Data encryption transmission method, system, equipment and storage medium |
| CN114423003B (en)* | 2021-12-29 | 2024-01-30 | 中国航空工业集团公司西安飞机设计研究所 | Airplane key comprehensive management method and system |
| CN114499891B (en)* | 2022-03-21 | 2024-05-31 | 宁夏凯信特信息科技有限公司 | Signature server system and signature verification method |
| CN114726521A (en)* | 2022-04-14 | 2022-07-08 | 广东好太太智能家居有限公司 | Smart lock temporary password generation method and electronic device |
| CN115085981A (en)* | 2022-05-31 | 2022-09-20 | 深圳市旭子科技有限公司 | Self-service terminal with data communication encryption function |
| CN115604133A (en)* | 2022-09-29 | 2023-01-13 | 成都卫士通信息产业股份有限公司(Cn) | An access control method, device, system and medium for an operation and maintenance terminal |
| CN115632769B (en)* | 2022-10-12 | 2025-02-11 | 北京捷文科技股份有限公司 | Payment terminal comprehensive key management method, system and computer readable storage medium |
| CN116233094A (en)* | 2022-12-31 | 2023-06-06 | 北京结慧科技有限公司 | Method for downloading POS terminal key by key IC card |
| CN117176339B (en)* | 2023-08-31 | 2024-06-18 | 深圳手付通科技有限公司 | A method and system for online updating of master key TMK of POS terminal equipment |
| CN116865966B (en)* | 2023-09-04 | 2023-12-05 | 中量科(南京)科技有限公司 | Encryption method, device and storage medium for generating working key based on quantum key |
| CN119172743B (en)* | 2024-08-15 | 2025-09-09 | 北京智芯微电子科技有限公司 | Terminal identity identification method, device and system |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060281442A1 (en)* | 2005-06-03 | 2006-12-14 | Samsung Electronics Co., Ltd. | Method for inclusive authentication and management of service provider, terminal and user identity module, and system and terminal device using the method |
| CN101145913A (en)* | 2007-10-25 | 2008-03-19 | 东软集团有限公司 | A method and system for network security communication |
| CN101593389A (en)* | 2009-07-01 | 2009-12-02 | 中国建设银行股份有限公司 | A kind of key management method and system that is used for the POS terminal |
| US20100122081A1 (en)* | 2008-11-12 | 2010-05-13 | Sato Akane | Method of validation public key certificate and validation server |
| CN103237005A (en)* | 2013-03-15 | 2013-08-07 | 福建联迪商用设备有限公司 | Method and system for key management |
Family Cites Families (61)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JPS57157371A (en)* | 1981-03-24 | 1982-09-28 | Sharp Corp | Electronic cash register |
| JP2993833B2 (en)* | 1993-11-29 | 1999-12-27 | 富士通株式会社 | POS system |
| JPH10112883A (en)* | 1996-10-07 | 1998-04-28 | Hitachi Ltd | Wireless communication switching system, exchange, public key management device, mobile terminal, and mobile terminal authentication method |
| CN1285559C (en)* | 1999-03-22 | 2006-11-22 | 普拉克生化公司 | Method of industrial-scale purification of lactic acid |
| CN1127033C (en)* | 2000-07-20 | 2003-11-05 | 天津南开戈德集团有限公司 | Radio mobile network point of sale (POS) terminal system and operation method thereof |
| US7110986B1 (en)* | 2001-04-23 | 2006-09-19 | Diebold, Incorporated | Automated banking machine system and method |
| KR100641824B1 (en)* | 2001-04-25 | 2006-11-06 | 주식회사 하렉스인포텍 | Financial Information Input Method Using Symmetric Key Security Algorithm and Its Commerce Communication System |
| JP2002366285A (en)* | 2001-06-05 | 2002-12-20 | Matsushita Electric Ind Co Ltd | POS terminal |
| GB2384402B (en)* | 2002-01-17 | 2004-12-22 | Toshiba Res Europ Ltd | Data transmission links |
| JP2003217028A (en)* | 2002-01-24 | 2003-07-31 | Tonfuu:Kk | Operation situation monitoring system for pos terminal device |
| US7395427B2 (en)* | 2003-01-10 | 2008-07-01 | Walker Jesse R | Authenticated key exchange based on pairwise master key |
| JP2005117511A (en)* | 2003-10-10 | 2005-04-28 | Nec Corp | Quantum cipher communication system and quantum cipher key distributing method used therefor |
| KR101282972B1 (en)* | 2004-03-22 | 2013-07-08 | 삼성전자주식회사 | Authentication between a device and a portable storage |
| US20060093149A1 (en)* | 2004-10-30 | 2006-05-04 | Shera International Ltd. | Certified deployment of applications on terminals |
| DE102005022019A1 (en)* | 2005-05-12 | 2007-02-01 | Giesecke & Devrient Gmbh | Secure processing of data |
| CN100583743C (en)* | 2005-07-22 | 2010-01-20 | 华为技术有限公司 | Distributing method for transmission key |
| MX2008010705A (en)* | 2006-02-22 | 2009-03-02 | Hypercom Corp | Secure electronic transaction system. |
| JP2007241351A (en)* | 2006-03-06 | 2007-09-20 | Cela System:Kk | Customer / product / stock management system (including POS) and mobile / customer integrated management system |
| EP1833009B1 (en)* | 2006-03-09 | 2019-05-08 | First Data Corporation | Secure transaction computer network |
| US7818264B2 (en)* | 2006-06-19 | 2010-10-19 | Visa U.S.A. Inc. | Track data encryption |
| CN101064695A (en)* | 2007-05-16 | 2007-10-31 | 杭州看吧科技有限公司 | P2P(Peer to Peer) safe connection method |
| WO2009070041A2 (en)* | 2007-11-30 | 2009-06-04 | Electronic Transaction Services Limited | Payment system and method of operation |
| CN101541002A (en)* | 2008-03-21 | 2009-09-23 | 展讯通信(上海)有限公司 | Web server-based method for downloading software license of mobile terminal |
| CN101615322B (en)* | 2008-06-25 | 2012-09-05 | 上海富友金融网络技术有限公司 | Mobile terminal payment method and mobile terminal payment system for realizing magnetic payment function |
| JP4666240B2 (en)* | 2008-07-14 | 2011-04-06 | ソニー株式会社 | Information processing apparatus, information processing method, program, and information processing system |
| CN101686225A (en)* | 2008-09-28 | 2010-03-31 | 中国银联股份有限公司 | Methods of data encryption and key generation for on-line payment |
| KR20100052668A (en)* | 2008-11-11 | 2010-05-20 | 노틸러스효성 주식회사 | Method for on-line sharing of tmk(terminal master key) between atm and host |
| CN101425208B (en)* | 2008-12-05 | 2010-11-10 | 浪潮齐鲁软件产业有限公司 | Method for safely downloading cipher key of finance tax-controlling cashing machine |
| CN101527714B (en)* | 2008-12-31 | 2012-09-05 | 飞天诚信科技股份有限公司 | Method, device and system for accreditation |
| CN101930644B (en)* | 2009-06-25 | 2014-04-16 | 中国银联股份有限公司 | Method for safely downloading master key automatically in bank card payment system and system thereof |
| CN101719895A (en)* | 2009-06-26 | 2010-06-02 | 中兴通讯股份有限公司 | Data processing method and system for realizing secure communication of network |
| CN101631305B (en)* | 2009-07-28 | 2011-12-07 | 交通银行股份有限公司 | Encryption method and system |
| CN101656007B (en)* | 2009-08-14 | 2011-02-16 | 通联支付网络服务股份有限公司 | Safe system realizing one machine with multiple ciphers on POS machine and method thereof |
| CN102064939B (en)* | 2009-11-13 | 2013-06-12 | 福建联迪商用设备有限公司 | Method for authenticating point of sail (POS) file and method for maintaining authentication certificate |
| CN101710436B (en)* | 2009-12-01 | 2011-12-14 | 中国建设银行股份有限公司 | Method and system for controlling POS terminal and POS terminal management equipment |
| CN101807994B (en)* | 2009-12-18 | 2012-07-25 | 北京握奇数据系统有限公司 | Method and system for application data transmission of IC card |
| CN102148799B (en)* | 2010-02-05 | 2014-10-22 | 中国银联股份有限公司 | Key downloading method and system |
| CN201656997U (en)* | 2010-04-28 | 2010-11-24 | 中国工商银行股份有限公司 | Device for generating transmission key |
| CN101807997B (en)* | 2010-04-28 | 2012-08-22 | 中国工商银行股份有限公司 | Device and method for generating transmission key |
| CN102262760A (en)* | 2010-05-28 | 2011-11-30 | 杨筑平 | Transaction security method, acceptance device and submission software |
| EP2604017B1 (en)* | 2010-08-10 | 2017-10-04 | Google Technology Holdings LLC | System and method for cognizant transport layer security |
| CN101938520B (en)* | 2010-09-07 | 2015-01-28 | 中兴通讯股份有限公司 | Mobile terminal signature-based remote payment system and method |
| CN101976403A (en)* | 2010-10-29 | 2011-02-16 | 北京拉卡拉网络技术有限公司 | Phone number payment platform, payment trading system and method thereof |
| CN102013982B (en)* | 2010-12-01 | 2012-07-25 | 银联商务有限公司 | Long-distance encryption method, management method, as well as encryption management method, device and system |
| CN102903189A (en)* | 2011-07-25 | 2013-01-30 | 上海昂贝电子科技有限公司 | Terminal transaction method and device |
| CN102394749B (en)* | 2011-09-26 | 2014-03-05 | 深圳市文鼎创数据科技有限公司 | Line protection method, system, information safety equipment and application equipment for data transmission |
| CN102521935B (en)* | 2011-12-15 | 2013-12-11 | 福建联迪商用设备有限公司 | Method and apparatus for state detection of POS machine |
| CN102592369A (en)* | 2012-01-14 | 2012-07-18 | 福建联迪商用设备有限公司 | Method for self-service terminal access to financial transaction center |
| CN102624710B (en)* | 2012-02-27 | 2015-03-11 | 福建联迪商用设备有限公司 | Sensitive information transmission method and sensitive information transmission system |
| CN102624711B (en)* | 2012-02-27 | 2015-06-03 | 福建联迪商用设备有限公司 | Sensitive information transmission method and sensitive information transmission system |
| CN102647274B (en)* | 2012-04-12 | 2014-10-08 | 福建联迪商用设备有限公司 | POS (Point of Sale) terminal, terminal accessing device, main key managing system and method thereof |
| CN102707972B (en)* | 2012-05-02 | 2016-03-09 | 银联商务有限公司 | A kind of POS terminal method for updating program and system |
| CN102768744B (en)* | 2012-05-11 | 2016-03-16 | 福建联迪商用设备有限公司 | A kind of remote safe payment method and system |
| CN102868521B (en)* | 2012-09-12 | 2015-03-04 | 成都卫士通信息产业股份有限公司 | Method for enhancing secret key transmission of symmetrical secret key system |
| CN103116505B (en)* | 2012-11-16 | 2016-05-25 | 福建联迪商用设备有限公司 | A kind of method that Auto-matching is downloaded |
| CN103117855B (en)* | 2012-12-19 | 2016-07-06 | 福建联迪商用设备有限公司 | A kind of method of the method generating digital certificate and backup and recovery private key |
| CN103220271A (en)* | 2013-03-15 | 2013-07-24 | 福建联迪商用设备有限公司 | Downloading method, management method, downloading management method, downloading management device and downloading management system for secret key |
| CN103714638B (en)* | 2013-03-15 | 2015-09-30 | 福建联迪商用设备有限公司 | A kind of method and system of quick position terminal master key failed download |
| CN103237004A (en)* | 2013-03-15 | 2013-08-07 | 福建联迪商用设备有限公司 | Key download method, key management method, method, device and system for download management |
| CN103220270A (en)* | 2013-03-15 | 2013-07-24 | 福建联迪商用设备有限公司 | Downloading method, management method, downloading management method, downloading management device and downloading management system for secret key |
| CN103269266B (en)* | 2013-04-27 | 2016-07-06 | 北京宏基恒信科技有限责任公司 | The safety certifying method of dynamic password and system |
- 2013
- 2013-12-27CNCN201310740644.XApatent/CN103714638B/enactiveActive
- 2013-12-27CNCN201310740158.8Apatent/CN103716320B/enactiveActive
- 2013-12-27CNCN201310740540.9Apatent/CN103716154B/enactiveActive
- 2013-12-27CNCN201310740285.8Apatent/CN103729940B/enactiveActive
- 2013-12-27CNCN201310740574.8Apatent/CN103729945B/enactiveActive
- 2013-12-27CNCN201310740430.2Apatent/CN103729943B/enactiveActive
- 2013-12-27CNCN201310740231.1Apatent/CN103714635B/enactiveActive
- 2013-12-27CNCN201310742713.0Apatent/CN103701610B/enactiveActive
- 2013-12-27CNCN201310740360.0Apatent/CN103714636B/enactiveActive
- 2013-12-27CNCN201310742648.1Apatent/CN103716155B/enactiveActive
- 2013-12-27CNCN201310742681.4Apatent/CN103714640B/enactiveActive
- 2013-12-27CNCN201310740567.8Apatent/CN103729944B/enactiveActive
- 2013-12-27CNCN201310742661.7Apatent/CN103716167B/enactiveActive
- 2013-12-27CNCN201310740188.9Apatent/CN103716153B/enactiveActive
- 2013-12-27CNCN201310740537.7Apatent/CN103746800B/enactiveActive
- 2013-12-27CNCN201310740410.5Apatent/CN103729942B/enactiveActive
- 2013-12-27CNCN201310742686.7Apatent/CN103745351B/enactiveActive
- 2013-12-27CNCN201310740642.0Apatent/CN103731259B/enactiveActive
- 2013-12-27CNCN201310741948.8Apatent/CN103714639B/enactiveActive
- 2013-12-27CNCN201310741949.2Apatent/CN103731260B/enactiveActive
- 2013-12-27CNCN201310742991.6Apatent/CN103714641B/enactiveActive
- 2013-12-27CNCN201310740380.8Apatent/CN103714637B/enactiveActive
- 2013-12-27CNCN201310742886.2Apatent/CN103716321B/enactiveActive
- 2013-12-27CNCN201310740264.6Apatent/CN103701812B/enactiveActive
- 2013-12-27CNCN201310740226.0Apatent/CN103714634B/enactiveActive
- 2013-12-27CNCN201310740244.9Apatent/CN103701609B/enactiveActive
- 2013-12-27CNCN201310740308.5Apatent/CN103729941B/enactiveActive
- 2013-12-27CNCN201310740100.3Apatent/CN103714633B/enactiveActive
- 2014
- 2014-03-11WOPCT/CN2014/073205patent/WO2014139403A1/enactiveApplication Filing
- 2014-03-11WOPCT/CN2014/073215patent/WO2014139406A1/enactiveApplication Filing
- 2014-03-11WOPCT/CN2014/073225patent/WO2014139412A1/enactiveApplication Filing
- 2014-03-11WOPCT/CN2014/073224patent/WO2014139411A1/enactiveApplication Filing
- 2014-03-11WOPCT/CN2014/073220patent/WO2014139408A1/enactiveApplication Filing
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060281442A1 (en)* | 2005-06-03 | 2006-12-14 | Samsung Electronics Co., Ltd. | Method for inclusive authentication and management of service provider, terminal and user identity module, and system and terminal device using the method |
| CN101145913A (en)* | 2007-10-25 | 2008-03-19 | 东软集团有限公司 | A method and system for network security communication |
| US20100122081A1 (en)* | 2008-11-12 | 2010-05-13 | Sato Akane | Method of validation public key certificate and validation server |
| CN101593389A (en)* | 2009-07-01 | 2009-12-02 | 中国建设银行股份有限公司 | A kind of key management method and system that is used for the POS terminal |
| CN103237005A (en)* | 2013-03-15 | 2013-08-07 | 福建联迪商用设备有限公司 | Method and system for key management |
Non-Patent Citations (1)
| Title |
|---|
| 宁宇鹏: "《PKI技术》", 30 April 2004, 机械工业出版社* |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106559218A (en)* | 2015-09-29 | 2017-04-05 | 中国电力科学研究院 | A kind of safe acquisition method of intelligent substation continuous data |
| CN107944250A (en)* | 2017-11-28 | 2018-04-20 | 艾体威尔电子技术(北京)有限公司 | A kind of key acquisition method applied to POS machine |
| CN107944250B (en)* | 2017-11-28 | 2021-04-13 | 艾体威尔电子技术(北京)有限公司 | Key acquisition method applied to POS machine |
Also Published As
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103729942B (en) | Transmission security key is transferred to the method and system of key server from terminal server | |
| CN103729946B (en) | Key downloading method, management method, downloading management method and device and system | |
| CN103716168B (en) | Secret key management method and system | |
| CN103714642B (en) | Key downloading method, management method, downloading management method and device and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C53 | Correction of patent of invention or patent application | ||
| CB03 | Change of inventor or designer information | Inventor after:Hong Yixuan Inventor after:Su Wenlong Inventor before:Su Wenlong | |
| COR | Change of bibliographic data | Free format text:CORRECT: INVENTOR; FROM: SU WENLONG TO: HONG YIXUAN SU WENLONG | |
| GR01 | Patent grant | ||
| GR01 | Patent grant |