Background technology
Bank card (BankCard) is more and more universal as the instrument of payment, common bank card paying system, comprise point of sale terminal (PointOfSale:POS), terminal management system (TerminalManageSystem:TMS), code keypad (PINPAD) and hardware encryption equipment (HardwareandSecurityModule:HSM). Wherein POS terminal can accept bank card information, has communication function, and accept the instruction of teller and complete financial transaction information and the equipment about message exchange; The POS terminal of subordinate is managed concentratedly by TMS system, comprises parameter downloads, and key is downloaded, and accepts, processes or forward the transaction request of POS terminal, and to the centralized management of POS terminal loopback transaction results information and transaction processing system; Code keypad (PINPAD) is that TMK, PIK and MAK are carried out safety storing protection, and PIN is encrypted the safety equipment of protection; Hardware encryption equipment (HardwareandSecurityModule:HSM) is the peripheral hardware devices of the encrypt data to transmission, for the encryption and decryption of PIN, the exactness verifying message and document source and storage key. Person identifier code (PersonalIdentificationNumber; PIN), i.e. personal identification number is the data information identifying holder's identity legitimacy in on-line transaction, and in cyber-net system, any link does not allow PIN to occur in the way of expressly;Main key (the TerminalMasterKey of terminal; : when POS terminal works, TMK) to the main key that work key is encrypted, it is kept in system hardware, can only use, can not read; Work key (workingkey; WK), also referred to as data key, generally include the key (being called for short MAK) that PIN adds decryption key (being called for short PIK) and Package authentication MAC calculating, work key must often upgrade, work key is encrypted by the main key of terminal (TMK) by the message of online renewal, transmits again after forming ciphertext.
POS terminal is widely used in bank card and pays occasion, and such as market shopping, hotel's mandate etc., be a kind of indispensable modernization means of payment, incorporated the orthobiosis of people. Bank card (particularly debit card) is generally all provided with PIN by holder; carrying out in payment process; POS terminal is except above sending the data such as the magnetic track information of bank card; also require that holder inputs PIN for hair fastener bank validation holder's identity legitimacy; to guarantee bank card safety of payment, the property safety of protection holder. In order to prevent PIN from revealing or being cracked, it is desired to from terminal to, the whole information interactive process of hair fastener bank, PIN is carried out safety encipher protection by whole process, does not allow any link in cyber-net system, PIN occurs in the way of expressly. For this reason, the POS terminal that can accept to input PIN at present all requires to be equipped with key management system.
The key code system of POS terminal is divided into two grades: the main key of terminal (TMK) and work key (WK). Wherein WK is encrypted protection by TMK, and every platform POS terminal has unique TMK, it is necessary to have safeguard protection measure, and guarantee can only write hardware device and participate in computing, can not be read; WK comprises the PIK for being encrypted by PIN and carries out MAK two portions of Package authentication (MAC), call encryption equipment by TMS to produce, downloading when POS terminal is registered to TMS, and utilize TMK encrypted transmission and storage, its encryption algorithm is all the 3DES algorithm that use safety rank is very high. Concrete work key downloads flow process:
POS terminal initiates, to TMS, the request of registering;
TMS calls PIK and MAK that encryption equipment stochastic generation TMK encrypts;
POS terminal receives PIK and the MAK ciphertext returned from TMS, and stored in code keypad.
In bank card payment process; during by input through keyboard; TMS is given on after utilizing PIK to be encrypted by the PIN that holder inputs by code keypad; then the PIN after encryption is carried out authorisation process by forwarding after calling encryption equipment and changing to hair fastener bank by TMS again; whole transmitting procedure being guaranteed, PIN utilizes hardware to be encrypted protection; it is also be widely used one of very high encryption algorithm of safe rank so far that the 3DES that its encryption uses encrypts algorithm, is usually applied in financial industry.
It may be seen that TMK is a very crucial root key from work key download procedure above. If TMK is intercepted, PIK, MAK even PIN 3DES algorithm can be utilized to crack, by serious threat bank card safety of payment. So, TMK can secure download to POS terminal, also just become the committed step of a cipher safe protecting. We are summarized as follows current existing TMK method for down loading below:
In various mode, plaintext TMK or ciphertext TMK is imported in the female POS terminal of a key, finally all need to download and female POS terminal stores expressly main key, by serial ports, the POS terminal of the main cipher key T MK downloaded is connected the female POS terminal of key with needing, and is downloaded in POS terminal by expressly main cipher key T MK.
Owing to main cipher key T MK is transferred in POS terminal by female POS download, by plaintext transmission, there is potential safety hazard, if by intercept, the leakage of main cipher key T MK will be caused.
Embodiment
By technology contents, the structural attitude of the present invention being described in detail, is realized object and effect, below in conjunction with enforcement mode and coordinate accompanying drawing to be explained in detail.
First, shortenings and Key Term to the present invention relates to defines and illustrates:
HSM_VENDOR: supplier's hardware encryption equipment;
The abbreviation of AUK:AuthenticationKey, authentication authorization and accounting key, for the two-way certification between PINPAD and key management system KMS;
CA center: so-called CA(CertificateAuthority) center, it adopts PKI(PublicKeyInfrastructure) public key infrastructure technology, special offer network ID authentication service, it is responsible for signing and issuing and managing digital certificate, and there is third party's trust authority that is authoritative and fairness, its effect just as the company of issue certificates in our actual life, as mechanism handled by passport;
The abbreviation of HSM:HighSecurityMachine, high safety equipment are hardware encryption equipment within the system;
KMS system: KeyManagementSystem, key management system, for managing the main cipher key T MK of terminal;
The abbreviation of MAK:MacKey, namely MAC calculates key, consults with client to determine the symmetrical key of 24 bytes, and the MAC value for TK between MTMS system and KMS system calculates;
MTMS: full name MaterialTrackingManagementSystem, material system for tracing and managing, mainly uses when plant produced;
The abbreviation of PIK:PinKey, namely Pin adds decryption key, is the one of work key;
PINPAD: code keypad;
The abbreviation of PK:ProtectKey, i.e. Protective Key, consult to determine with client, the symmetrical key of 24 bytes. For the encrypted transmission of TK between MTMS/TCS and KMS;
The abbreviation of POS:PointOfSale, i.e. point-of-sale terminal
SNpinpad: the sequence number of code keypad, when PINPAD is built-in, consistent with POS terminal sequence number SNpos;
The sequence number of SN:POS terminal;
The abbreviation of TEK:TransmissionEncryptKey, i.e. Transmission Encryption key, the symmetrical key of 24 bytes, for the encrypted transmission of TMK between PINPAD and key management system KMS;
The abbreviation of TK:TransmissionKey, namely transmits key. Transmission key is made up of Transmission Encryption cipher key T EK and two-way certification key A UK;
The abbreviation of TMS:TerminalManagementSystem, i.e. terminal management system, for completing the functions such as the management of POS terminal information, software and parameter configuration, remote download, terminal running state information gathering management, long-range diagnosis;
The abbreviation of TMK:TerminalMasterKey, the i.e. main key of terminal, for POS terminal and the encrypted transmission paying the key that works between receipts monophyly;
Safe house: having higher security level other, for the room of service device, just can enter after needing authentication in this room.
Intellective IC card: be CPU card, card internal operating system COS (ChipOperatingSystem) that unicircuit in card comprises central processor CPU, programmable read only memory EEPROM, random access memory ram and is solidificated in read only memory ROM, in card, data are divided into outside reading and inter-process part.
Symmetrical key: the both sides sending and receiving data must use identical double secret key expressly to encrypt and decrypt computing. Symmetric key encryption algorithm mainly comprises: DES, 3DES, IDEA, FEAL, BLOWFISH etc.
Unsymmetrical key: asymmetric encryption algorithm needs two keys: public-key cryptography (private key Publickey) and private cipher key (PKI Privatekey). Public-key cryptography and private cipher key are one right, if with public-key cryptography to encrypt data, only could decipher with corresponding private cipher key; If with private cipher key to encrypt data, so only could decipher with corresponding public-key cryptography. Because encryption and decryption use two different keys, so this kind of algorithm is called asymmetric encryption algorithm.Asymmetric encryption algorithm realizes the primary process of confidential information exchange: Party A generates pair of secret keys and disclosed as public key to other side by a handle wherein; The Party B obtaining this public key is sent to Party A after using this double secret key confidential information to be encrypted again; Party A is decrypted by the information after another the special key pair encryption oneself preserved again. Party A is sent to Party B after the PKI of Party B can be used confidential information to be encrypted again; Information after encryption is decrypted by Party B again with the private spoon of oneself. Main algorithm has RSA, Elgamal, knapsack algorithm, Rabin, D-H, ECC(elliptic curve encryption algorithm).
RSA: a kind of unsymmetrical key algorithm. RSA PKI encryption algorithm develops in (the masschusetts, u.s.a Institute of Technology) by RonRivest, AdiShamirh and LenAdleman for 1977. RSA is named the name from they three of exploitation. RSA is PKI encryption algorithm the most powerful at present, and it can resist up to the present known all cryptographic attacks, is recommended as public key data encryption standard by ISO. RSA algorithm is true based on a very simple number theory: be multiplied by two Big prime very easy. RSA algorithm be first can simultaneously for encrypting the algorithm with digital signature, also easy to understand and operation. RSA is studied PKI algorithm the most widely, from proposing three ten years till now, experienced by the test of various attack, gradually for people accept, generally thinks one of PKI scheme fitst water at present.
TDESTriple-DES:DES is a kind of symmetrical encryption algorithm, and key is 8 bytes. TDES is the encryption algorithm based on DES, and its key is 16 bytes or 24 bytes. TDES/3DES is the abbreviated expression (i.e. triple data encryption standards) of English TripleDES, and DES is then English DataEncryptionStandard(number encryption standard) abbreviated expression. DES is a kind of symmetric key encryption algorithm, the encryption algorithm that namely data encryption key is identical with separating decryption key. DES is developed in the seventies in 20th century by IBM company and discloses, and is that United States Government adopts subsequently, and is admitted by National Bureau of Standards and American National Standard Institute (ANSI). TDES/3DES is a kind of pattern of des encryption algorithm, and it uses the data key of 3 64 to carry out Tertiary infilling. It it is a safer distortion of DES.
Referring to Fig. 1, be the structure block diagram of the system of an embodiment of the present invention a kind of secure download main key of terminal, this system comprises key downloader 20 and POS terminal 10; Described key downloader 20 comprises key generation module 201, main key generation module 202, encryption module 203, main key sending module 204, and described POS terminal 10 comprises main key reception module 101.
Described key generation module 201 for generation of or importing secret key to private key Pu, PKI Pr;
Described main key generation module 202 for generation of or import the main cipher key T MK of terminal;
Described encryption module 203 generates main key ciphertext Ctmk for using private key Pr to encrypt the main cipher key T MK of terminal;
Described main key sending module 204 is for being sent to POS terminal 10 by PKI Pu and main key ciphertext Ctmk;
Described main key reception module 101 obtains the main cipher key T MK of terminal for using PKI Pu to decipher main key ciphertext Ctmk, and main for terminal cipher key T MK is stored to code keypad.
In a practical situation, being provided with the key downloader of multiple acquirer in the safe house of a bank, any key downloader has and can be downloaded in the POS terminal of same communication interface by main key.But, have a lot of acquirer at present all by POS terminal privatization, namely only allow the key downloader of this acquirer that the POS terminal of this acquirer is downloaded main key. But a lot of different key downloader of acquirer and the communication interface of POS terminal are still identical, it can still carry out downloading main key. For solving the corresponding relation of key downloader and POS terminal further, making the key downloader of only this acquirer could download in the POS terminal of this acquirer by main key, the technical scheme of the present invention is that the main key downloader downloaded by main key by CA center and POS terminal carry out identification.
Wherein, the system of the described main key of secure download terminal also comprises CA center; Described CA center comprises certificate preset module.
Described key generation module 201 for generation of or import the private key Pr and PKI Pu of public private key pair, and PKI Pu is issued CA center; The Pu received, for generating acquirer root certificate AcquireRCRT and corresponding private key AcquireRCRT_Prk, is used AcquireRCRT_Prk signature to generate acquirer work certificate AcquireWCRT by described certificate preset module; And for described work certificate AcquireWCRT and private key AcquireWCRT_Prk is stored in key downloader 20, described acquirer root certificate AcquireRCRT is stored in POS terminal 10;
Described main key generation module 202 for generation of or import the main cipher key T MK of terminal;
Described encryption module 203 generates main key ciphertext Ctmk for using private key Pr to encrypt the main cipher key T MK of terminal;
For being worked by acquirer, certificate AcquireWCRT and main key ciphertext Ctmk is sent to POS terminal 10 to described main key sending module 204; Described main key reception module 101, for using the legitimacy of acquirer root certificate AcquireRCRT certification acquirer work certificate AcquireWCRT, and for when described certification is legal, works certificate AcquireWCRT extraction Pu from acquirer;
Main key reception module 101 obtains the main cipher key T MK of terminal for using PKI Pu to decipher main key ciphertext Ctmk, and main for terminal cipher key T MK is stored to code keypad.
Wherein, described key downloader 20 also comprises importing module, and described POS terminal 10 also comprises download request module.
Described importing module for needing, by all, the terminal serial number SN importing secret key downloader downloading the POS terminal of main cipher key T MK, described key generation module 201 for generation of or importing secret key to private key Pu, PKI Pr;
Described main key generation module 202 for producing or import the main cipher key T MK of terminal correspondingly according to each terminal serial number SN;
When described download request module is connected for setting up wire communication with key downloader, terminal serial number SN and main key download request are sent to key downloader; Whether described encryption module 203 is present in the terminal serial number SN importing module importing for verifying the terminal serial number SN of POS terminal 10, and for after being verified, it may also be useful to private key Pr encrypts the main cipher key T MK of terminal and generates main key ciphertext Ctmk;
Described main key sending module 204 is for being sent to POS terminal 10 by PKI Pu and main key ciphertext Ctmk;
Described main key reception module 101 obtains the main cipher key T MK of terminal for using PKI Pu to decipher main key ciphertext Ctmk, and main for terminal cipher key T MK is stored to code keypad.
Referring to Fig. 2, be the method flow diagram of the method for the main key of secure download terminal a kind of in an embodiment of the present invention, this comprises step:
The generation of S1, key downloader or importing secret key are to private key Pu, PKI Pr;
S2, key downloader produce or import the main cipher key T MK of terminal;
S3, key downloader use private key Pr to encrypt the main cipher key T MK of terminal and generate main key ciphertext Ctmk;
PKI Pu and main key ciphertext Ctmk is sent to POS terminal by S4, key downloader;
S5, POS terminal use PKI Pu to decipher main key ciphertext Ctmk and obtain the main cipher key T MK of terminal, and main for terminal cipher key T MK is stored to code keypad.
Referring to Fig. 3, be the method flow diagram of another method implementing mode a kind of secure download main key of terminal of the present invention, the method specifically comprises step:
S1, key downloader produce or import the private key Pr and PKI Pu of public private key pair, and PKI Pu is issued CA center, CA center generates acquirer root certificate AcquireRCRT and corresponding private key AcquireRCRT_Prk, the key received is downloaded PKI Pu and uses AcquireRCRT_Prk signature to generate acquirer work certificate AcquireWCRT;
Key downloader stores described work certificate AcquireWCRT and private key AcquireWCRT_Prk;
POS terminal stores described acquirer root certificate AcquireRCRT;
S2, key downloader produce or import the main cipher key T MK of terminal;
S3, key downloader use private key Pr to encrypt the main cipher key T MK of terminal and generate main key ciphertext Ctmk;
S4, the key downloader certificate AcquireWCRT and main key ciphertext Ctmk that worked by acquirer is sent to POS terminal, POS terminal uses the legitimacy of acquirer root certificate AcquireRCRT certification acquirer work certificate AcquireWCRT, if certification is legal, then extract Pu from acquirer work certificate AcquireWCRT;
S5, POS terminal use PKI Pu to decipher main key ciphertext Ctmk and obtain the main cipher key T MK of terminal, and main for terminal cipher key T MK is stored to code keypad.
Wherein, described step S1 also comprises:
POS terminal is set up wire communication with key downloader and is connected, and described wire communication connects and connects for serial ports or USB connection.
Referring to Fig. 4, be the method flow diagram of the method for the main key of secure download terminal a kind of in an embodiment of the present invention, the method specifically comprises step:
S1, need, by all, the terminal serial number SN importing secret key downloader downloading the POS terminal of main cipher key T MK, key downloader produce or importing secret key to private key Pu, PKI Pr;
S2, key downloader produce correspondingly according to each terminal serial number SN or import the main cipher key T MK of terminal;
S3, POS terminal are set up wire communication with key downloader and are connected, and terminal serial number SN and main key download request are sent to key downloader, key downloader verify the terminal serial number SN of this POS terminal whether be present in step S1 import terminal serial number SN in, after being verified, key downloader uses private key Pr to encrypt the main cipher key T MK of terminal and generates main key ciphertext Ctmk;
PKI Pu and main key ciphertext Ctmk is sent to POS terminal by S4, key downloader;
S5, POS terminal use PKI Pu to decipher main key ciphertext Ctmk and obtain the main cipher key T MK of terminal, and main for terminal cipher key T MK is stored to code keypad.
The useful effect of the present invention is: use unsymmetrical key to download after master key encryption between key downloader of the present invention and POS terminal, main key is all with ciphertext form transmission in transmitting procedure, POS terminal and key downloader self its deciphering can only can be obtained main key plain, avoid the potential safety hazard that the main key midway by the existence of plaintext transmission main key is intercepted, substantially increase main key and download safety.
Further, the public private key pair that the present invention is produced by key downloader or uniquely has from outside importing secret key downloader, PKI is issued CA center, CA center is the work certificate that key downloader generates specific acquirer, and work certificate is stored in key downloader, CA center is that the acquirer that key downloader is corresponding produces acquirer root certificate, by acquirer root certificate storage in POS terminal, undertaken by described work certificate and root certificate identifying whether this key downloader and POS terminal are belong to same acquirer, therefore effectively guarantee that the POS terminal of this acquirer could be downloaded main key by the key downloader of only this acquirer, realize POS terminal acquirer privatization.
Further, the POS terminal sequence number of the present invention by importing in advance in key downloader, when POS terminal accesses key downloader, by judging that the terminal serial number of this POS terminal is whether within the terminal serial number imported, thus judge whether this POS terminal is the POS terminal belonging to phase acquirer, the POS terminal of the acquirer belonging to key downloader is downloaded main key, therefore effectively prevents main key from downloading in the POS terminal of non-acquirer.
The foregoing is only embodiments of the invention; not thereby the patent scope of the present invention is limited; every utilize specification sheets of the present invention and accompanying drawing content to do equivalent structure or equivalence flow process conversion; or directly or indirectly it is used in other relevant technical fields, all it is included in the scope of patent protection of the present invention with reason.