Detailed description of the invention
By describing the technology contents of the present invention, structural feature in detail, being realized purpose and effect, below in conjunction withEmbodiment also coordinates accompanying drawing to be explained in detail.
First, abbreviation and Key Term to the present invention relates to are defined and illustrate:
The abbreviation of AUK:Authentication Key, authentication authorization and accounting key, for PINPAD and key managementTwo-way authentication between system KMS;
CA center: so-called CA(Certificate Authority) center, it is to use PKI(Public KeyInfrastructure) public key infrastructure technology, special offer network ID authentication service, it is responsible for signing and issuingAnd managing digital certificate, and there is authoritative and third party's trust authority of fairness, it act like meThe company of issue certificates in actual life, as mechanism handled by passport;
The abbreviation of HSM:High Security Machine, high safety equipment, encrypt for hardware within the systemMachine;
KMS system: Key Management System, key management system, is used for managing terminal master keyTMK;
The abbreviation of MAK:Mac Key, i.e. MAC computation key, consult to determine 24 bytes pair with clientClaim key, calculate for the MAC value of TK between MTMS system and KMS system;
MTMS: full name Material Tracking Management System, Tracing Material management system,The main use when plant produced;
The abbreviation of PIK:Pin Key, i.e. Pin encryption key, is the one of working key;
PINPAD: code keypad;
The abbreviation of PK:Protect Key, i.e. protects key, consults to determine with client, 24 byte symmetric keys.The encrypted transmission of TK between MTMS/TCS and KMS;
The abbreviation of POS:Point Of Sale, i.e. point-of-sale terminal
The serial number of SNpinpad: code keypad, when PINPAD is built-in, and POS terminal serial number SNposUnanimously;
The serial number of SN: payment terminal;
The abbreviation of TEK:Transmission Encrypt Key, i.e. transmits encryption key, and 24 byte symmetries are closeKey, for the encrypted transmission of TMK between PINPAD and key management system KMS;
The abbreviation of TK:Transmission Key, i.e. transmits key.Transmission key is by transmission encryption keyTEK and two-way authentication key A UK form;
The abbreviation of TMS:Terminal Management System, i.e. terminal management system, it is used for propping upPay end message management, software and parameter configuration, remote download, the management of terminal running state information,The functions such as long-range diagnosis;
The abbreviation of TMK:Terminal Master Key, i.e. terminal master key, for payment terminal and paymentReceive the encrypted transmission of working key between single system;
Safe house: having higher security level other, for the room of service device, this room needs identity to recognizeJust can enter after card.
Intellective IC card: for CPU card, the integrated circuit in card include central processor CPU, able to programmeRead memorizer EEPROM, random access memory ram and be solidificated in the card in read only memory ROM Nei operationSystem COS (Chip Operating System), in card, data are divided into outside reading and inter-process part.
Symmetric key: send and receive the both sides of data identical double secret key must be used to be encrypted in plain text andDeciphering computing.Symmetric key encryption algorithm specifically includes that DES, 3DES, IDEA, FEAL, BLOWFISHDeng.
Unsymmetrical key: rivest, shamir, adelman two keys of needs: public-key cryptography (private key Public key)With private cipher key (PKI Private key).Public-key cryptography and private cipher key are a pair, if using public-key cryptographyData are encrypted, only could decipher with corresponding private cipher key;If data are entered with private cipher keyRow encryption, then only could decipher with corresponding public-key cryptography.Because encryption and deciphering use twoDifferent keys, so this algorithm is called rivest, shamir, adelman.Rivest, shamir, adelman realizes secret letterBreath exchange basic process be: Party A generate pair of secret keys and using therein one as Public key to otherFang Gongkai;The Party B obtaining this Public key uses this double secret key confidential information to be then forwarded to first after being encryptedSide;Information after encryption is decrypted by Party A again with another private key oneself preserved.Party A is permissibleThe PKI using Party B is then forwarded to Party B after being encrypted confidential information;Party B is right with the private spoon of oneself againInformation after encryption is decrypted.Main algorithm have RSA, Elgamal, knapsack algorithm, Rabin, D-H,ECC(elliptic curve encryption algorithm).
RSA: a kind of asymmetric key algorithm.RSA public key encryption algorithm be 1977 by Ron Rivest,Adi Shamirh and Len Adleman develops in (Massachusetts Institute Technology).RSA be named fromDevelop the name of they three.RSA is the most influential current public key encryption algorithm, and it can be resistedKnown all cryptographic attacks, are recommended as public key data encryption standard by ISO so far.RSA calculatesMethod is true based on a foolproof number theory: be multiplied by two Big prime the easiest.RSA Algorithm isOne algorithm that can be simultaneously used for encrypted and digitally signed, is also easy to understand and operation.RSA is to be studiedWidest public key algorithm, from three ten years proposed till now, experienced by the test of various attack, byGradually accept for people, be widely considered to be one of current classic public key scheme.
TDES Triple-DES:DES is a kind of symmetric encipherment algorithm, and key is 8 bytes.TDES is baseIn the AES of DES, its key is 16 bytes or 24 bytes.TDES/3DES is EnglishThe abbreviated expression (i.e. triple DES) of TripleDES, DES is then English Data EncryptionStandard(number encryption standard) abbreviated expression.DES is a kind of symmetric key encryption algorithm, i.e. data encryptionThe AES that key is identical with decruption key.DES is developed also at 20 century 70s by IBM CorporationOpen, use for U.S. government subsequently, and by NBS and ANSI (ANSI)Recognize.TDES/3DES is a kind of pattern of des encryption algorithm, and it uses the double secret key of 3 64Data carry out Tertiary infilling.It it is a safer deformation of DES.
For solving technical problem present in background technology, the present invention uses a kind of new master key download scenarios,Randomly generate TK(Transmission Key by POS terminal, transmit key), the TK after producing protectsIt is stored in the code keypad of POS terminal, and TK is passed by transmission means required under various application scenariosDeliver to KMS(Key Management System, key management system, be used for managing terminal master key TMK)In.
As POS terminal application download terminal master key TMK, KMS system uses TK ciphering terminal masterCipher key T MK, and the terminal master key ciphertext after encryption is sent to POS terminal, POS terminal is used after receivingMaster key ciphertext is decrypted by TK, obtains terminal master key TMK, and is preserved by terminal master key TMKIn code keypad.
So, by TK ciphering terminal master key TMK, TMK is enable to carry out remote transmission, convenientThe safety of TMK is downloaded.
Above by sending to bank's end after POS terminal collection transmission cipher key T K, TMK is encrypted, thenThe transmission safety of TMK is can ensure that by the method for POS terminal remote download TMK after TK encrypts.But, TK uploads by POS terminal is scattered, and every POS terminal all must be built with KMS systemVertical communication connection, therefore considerably increases work load and the difficulty of KMS system, it could be also difficult to rightTK uploads and is managed and security management and control.
The present invention the most just overcome the technical scheme of the problems referred to above be described in detail.
As it is shown in figure 1, be the structured flowchart of present embodiment a kind of terminal master key safe download system of TMK,This terminal master key TMK is safe, and download system includes: first hardware encryption equipment the 40, second hardware encryption equipment50, POS terminal 10 and POS terminal 10 communication connection MTMS system 20 and with MTMS systemThe KMS system 30 of system 20 communication connection;Described POS terminal 10 includes TK generation module 101, firstThe upper transmission module of TK 102, master key download request module 103, two-way authentication A module 105 and TMKReceiver module 104,
Described MTMS system 20 includes public and private key generation module 201, arranging key A module 202 andTransmission module 203 on two TK,
Described KMS system 30 includes arranging key B module 301, TK receiver module 302, request responseModule 303, two-way authentication B module 304 and TMK sending module 305;
Described first hardware encryption equipment 40 is used for calling for MTMS system 20, described second hardware encryption equipment50 for calling for KMS system 30;
Public and private key generation module 201 is used for calling the first hardware encryption equipment 40 and produces PKI Pu and private key Pr,PKI Pu is sent to POS terminal 10 and is stored in code keypad;
Arranging key A module 202 and arranging key B module 301 are used for calling the first hardware encryption equipment 40With the second hardware encryption equipment 50, respectively by MTMS system 20 authority component in respective hardware encryption equipmentAnd KMS authority component synthesis protection key PK and MAC key MAK, and by described protection keyPK and MAC key MAK is stored in the first hardware encryption equipment 40 and the second hardware encryption equipment 50 in the lump;
TK generation module 101 is used for calling code keypad and produces symmetrical transmission cipher key T K, described transmission keyTK includes transmitting encryption key TEK and certified transmission key A UK;
On oneth TK, transmission module 102 is used for calling code keypad use PKI Pu encrypted transmission cipher key T K lifeBecome the first transmission key ciphertext Ctk_Pu, and will transmission the first key ciphertext Ctk_Pu and terminal serial number SNSend to MTMS system 20;
On 2nd TK, transmission module 203 is for by terminal serial number SN received and the first transmission key ciphertextCtk_Pu is associatedly stored in MTMS system database;
On 2nd TK, transmission module 203 is used for calling first hardware encryption equipment use private key Pr deciphering the first transmissionKey ciphertext Ctk_Pu obtains transmission cipher key T K, then uses protection key PK encrypted transmission cipher key T K alsoUse MAC key MAK to calculate MAC value, generate the second transmission key ciphertext Ctk_pk, then willTerminal serial number SN and the second transmission key ciphertext Ctk_pk are sent to KMS system 30;
TK receiver module 302 is for terminal serial number SN MTMS system 20 sent and the second transmissionKey ciphertext Ctk_pk is associatedly stored in KMS data base;
Master key downloads request module 103 for terminal serial number SN and download master key application being sent extremelyKMS system 30;
Request respond module 303 is for receiving, when KMS system 30, the terminal sequence that POS terminal 10 sendsAfter row SN and download master key application, inquire about the second transmission key ciphertext corresponding with terminal serial number SNCtk_pk;
Request respond module 303 is used for calling the second hardware encryption equipment 50 and uses MAC key MAK to looking intoAsk the second transmission key ciphertext Ctk_pk verification MAC legitimacy arrived, if verification is passed through, use protectionKey PK deciphering the second transmission key ciphertext Ctk_pk obtains transmission cipher key T K and stores it in described theIn two hardware encryption equipments 50;
Two-way authentication A module 105 and two-way authentication B module 304 are for obtaining transmission when KMS system 30After cipher key T K, call the second hardware encryption equipment 50 and use certification key A UK to carry out two-way with POS terminalCertification;
TMK sending module 305, for when certification is passed through, calls the second hardware encryption equipment 50 and uses transmissionEncryption key TEK ciphering terminal master key TMK generates master key ciphertext Ctmk and by master key ciphertextCtmk sends to POS terminal 10;
TMK receiver module 104 is used for calling code keypad and uses transmission encryption key TEK deciphering master key closeLiterary composition Ctmk obtains terminal master key TMK and is stored in code keypad by terminal master key TMK.
Wherein, described MTMS system 20 also includes digital digest module.
Described digital digest module is for by terminal serial number SN received and the first transmission key ciphertextCtk_Pu carries out packing and generate the first digital digest, by described terminal serial number SN and the first transmission keyCiphertext Ctk_Pu and described first digital digest are stored separately in MTMS system database;
And terminal serial number SN and the first transmission key ciphertext Ctk_Pu for extracting described packing generatesSecond digital digest, it is judged that described second digital digest and the first digital digest are the most equal, and described numeral is pluckedModule is wanted to be additionally operable to, when the first digital digest and the second digital digest are equal, call the first hardware encryption equipment and makeTransmission cipher key T K is obtained by private key Pr deciphering the first transmission key ciphertext Ctk_Pu.
May determine that whether TK is modified described in MTMS system 20 by described digital digest module,Thus ensure that the TK uploaded from MTMS system 20 is consistent with the TK that POS terminal 10 is uploaded.
Referring to the structured flowchart that Fig. 2 and Fig. 3, Fig. 2 are described two-way authentication A module, Fig. 3 is describedThe structured flowchart of two-way authentication B module.Wherein, described two-way authentication A module 105 includes the first random numberGeneration unit the 1051, first data transceiving unit the 1052, first encryption/decryption element 1053 and first judgesUnit 1054, described two-way authentication B module 304 includes second random number generation unit the 3041, second dataTransmit-Receive Unit the 3042, second encryption/decryption element 3043 and the second judging unit 3044.
First random number generation unit 1051 is for producing the first random number R nd1;First data transceiving unit is usedSend to KMS system in the first random number R nd1 that will produce;Second data transceiving unit 3042 is used for connecingReceive the first random number R nd1;Second random number generation unit 3041 is for receiving the first random number R nd1Time, produce random number the 2nd Rnd2;Second encryption/decryption element 3043 is for receiving the first random number R nd1Time, call the second hardware encryption equipment 50 and use certified transmission key A UK to encrypt the first random number R nd1 acquisitionFirst random number ciphertext Crnd1;Second data transceiving unit is for by the first random number ciphertext Crnd1 and secondRandom number R nd2 is sent to POS terminal;
First encryption/decryption element 1053 is for receiving the first random number ciphertext Crnd1 and the second random numberDuring Rnd2, the first random number ciphertext Crnd1 using the deciphering of certified transmission key A UK to receive obtains theThree random number R nd1 ';First judging unit 1054 is for judging the 3rd random number R nd1 ' and the first random numberRnd1 is the most consistent;
First encryption/decryption element 1053 is for judging the 3rd random number R nd1 when described first judging unit ' and theWhen one random number R nd1 is consistent, uses certified transmission key A UK to encrypt the second random number R nd2 and generate theTwo random number ciphertexts Crnd2;First data transceiving unit 1052 is for sending out the second random number ciphertext Crnd2Give KMS system 30;
Second encryption/decryption element 3043, for when receiving the second random number ciphertext Crnd2, calls hardware and addsIt is random that the second random number ciphertext Crnd2 that close machine uses the deciphering of certified transmission key A UK to receive obtains the 4thNumber Rnd2 ', the second judging unit 3043 is for judging the 4th random number R nd2 ' and the second random number R nd2Whether consistent, and when judging the 4th random number R nd2 ' consistent with the second random number R nd2 time, confirmation KMSTwo-way authentication between system 30 and POS terminal 10 is passed through.
Refer to Fig. 4, for the general flow chart of present embodiment a kind of terminal master key TMK method for safely downloading,This terminal master key TMK method for safely downloading includes:
S1, TK upload flow process;
S2, TMK download flow process;
Referring to Fig. 5, for the particular flow sheet of step S1, this step specifically includes:
S11, MTMS system is called the first hardware encryption equipment and is produced PKI Pu and private key Pr, by PKI PuSend to POS terminal and be stored in code keypad;
S12, MTMS system calls the first hardware encryption equipment, KMS system calls the second hardware encryption equipment,In respective hardware encryption equipment, MTMS System Privileges component and KMS authority component are synthesized protection respectivelyKey PK and MAC key MAK, and by described protection key PK and MAC key MAK mono-And be stored in the first hardware encryption equipment and the second hardware encryption equipment;
S13, POS terminal are called code keypad and are produced symmetrical transmission cipher key T K, described transmission cipher key T K bagInclude transmission encryption key TEK and certified transmission key A UK;
S14, POS terminal are called code keypad and are used PKI Pu encrypted transmission cipher key T K to generate the first transmissionKey ciphertext Ctk_Pu, and transmission the first key ciphertext Ctk_Pu and terminal serial number SN are sent extremelyMTMS system;
S15, MTMS system is by terminal serial number SN received and the first transmission key ciphertext Ctk_PuAssociatedly it is stored in MTMS system database;
S16, MTMS system is called the first hardware encryption equipment and is used private key Pr deciphering the first transmission key ciphertextCtk_Pu obtains transmission cipher key T K, then uses protection key PK encrypted transmission cipher key T K and uses MACKey MAK calculates MAC value, generates the second transmission key ciphertext Ctk_pk, then by terminal serial numberSN and second transmission key ciphertext Ctk_pk is sent to KMS system;
Terminal serial number SN and second that MTMS system is sent by S17, KMS system transmits key ciphertextCtk_pk is associatedly stored in KMS data base;
Referring to Fig. 6, for the particular flow sheet of step S2, this step specifically includes:
S21, POS terminal are by terminal serial number SN and download master key application transmission to KMS system;
S22, KMS system receives terminal serial number SN and the download master key application that POS terminal sendsAfter, inquire about second transmission key ciphertext Ctk_pk corresponding with terminal serial number SN;
S23, KMS system is called the second hardware encryption equipment and is used MAC key MAK second to inquiringTransmission key ciphertext Ctk_pk verification MAC legitimacy, if verification is passed through, uses protection key PK to solveClose second transmission key ciphertext Ctk_pk obtains transmission cipher key T K and stores it in described second hardware encryptionIn machine;
S24, KMS system is called the second hardware encryption equipment after obtaining transmission cipher key T K and is used certification keyAUK and POS terminal carry out two-way authentication;
If S25 certification is passed through, KMS system is called the second hardware encryption equipment and is used transmission encryption key TEKCiphering terminal master key TMK generates master key ciphertext Ctmk and sends master key ciphertext Ctmk to POSTerminal;
S26, POS terminal are called code keypad and are used transmission encryption key TEK to decipher master key ciphertext CtmkObtain terminal master key TMK and terminal master key TMK is stored in code keypad.
It is wherein, described that " MTMS system is called the first hardware encryption equipment and is produced PKI Pu and private key Pr, willPKI Pu sends to POS terminal and is stored in code keypad " specifically include:
MTMS system is called the first hardware encryption equipment and is produced PKI Pu and private key Pr, and PKI Pu is issued CACenter;
MTMS system obtains the work certificate HsmWCRT of generation and is saved in data base from CA center,And work certificate HsmWCRT is sent to POS terminal, work certificate HsmWCRT is to use root certificatePKI Pu signature is generated by HsmRCRT;
POS terminal uses the conjunction of the root certificate HsmRCRT checking work certificate HsmWCRT burning sheet prepackageMethod, and POS terminal is extracted PKI Pu from work certificate HsmWCRT and is stored in after being verifiedIn code keypad.
It is wherein, described that " MTMS system is by terminal serial number SN received and the first transmission key ciphertextCtk_Pu is associatedly stored in MTMS system database " specifically include:
Terminal serial number SN received and the first transmission key ciphertext Ctk_Pu are carried out beating by MTMS systemWrap and generate the first digital digest, by described terminal serial number SN and first transmission key ciphertext Ctk_Pu withDescribed first digital digest is stored separately in MTMS system database;
It is described that " MTMS system is called the first hardware encryption equipment and is used private key Pr deciphering the first transmission key ciphertextCtk_Pu obtains transmission cipher key T K " specifically include:
MTMS system extracts terminal serial number SN and the first transmission key ciphertext Ctk_Pu life of described packingBecome the second digital digest;
Judge that described second digital digest and the first digital digest are the most equal, if equal, call first hardPart encryption equipment uses private key Pr deciphering the first transmission key ciphertext Ctk_Pu to obtain transmission cipher key T K.
It is wherein, described that " KMS system is called the second hardware encryption equipment after obtaining transmission cipher key T K and is used certificationKey A UK carries out two-way authentication with POS terminal " specifically include:
POS terminal produces the first random number R nd1 and sends the first random number R nd1 to KMS system;
KMS system produces random number the 2nd Rnd2 after receiving the first random number R nd1, calls the second hardware and addsClose machine uses certification key A UK to encrypt the first random number R nd1 and obtains the first random number ciphertext Crnd1, willFirst random number ciphertext Crnd1 and the second random number R nd2 are sent to POS terminal;
The first random number ciphertext Crnd1 that POS terminal uses the deciphering of certification key A UK to receive obtains the 3rdRandom number R nd1 ', it is judged that the 3rd random number R nd1 ' the most consistent with the first random number R nd1:
If the 3rd random number R nd1 ' consistent with the first random number R nd1, POS terminal uses certification keyAUK encrypts the second random number R nd2 and generates the second random number ciphertext Crnd2, and by the second random number ciphertextCrnd2 is sent to KMS system;
It is second random that KMS system calls that the second hardware encryption equipment uses that the deciphering of certification key A UK receivesNumber ciphertext Crnd2 obtains the 4th random number R nd2 ', it is judged that the 4th random number R nd2 ' and the second random number R nd2The most consistent;
If the 4th random number R nd2 ' consistent with the second random number R nd2, KMS system is recognized with POS terminalCard passes through.
In the present invention, transmission cipher key T K calculates the original uncommon Kazakhstan value of TK when producing, when storage every time, passDefeated or first verify the uncommon Kazakhstan value of TK when using TK, after upchecking, just can use TK.By verificationThe uncommon Kazakhstan value of TK is possible to prevent the abnormal error in data causing storage of storage device, determines that key is the most correct.
The invention have the benefit that the technology that must concentrate download terminal master key being different from prior artDefect, the present invention passes through POS terminal upload transfers cipher key T K, after TK ciphering terminal master key TMKDownload to POS terminal, it is achieved that POS terminal remote download terminal master key TMK, it is to avoid POS is eventuallyHold and download after master key cloth again and be put into trade company by concentrating, decrease logistics cost and concentrate download-maintenance cost,And also carry out two-way authentication before transmitting master key between POS terminal and KMS, improve master keyDownload safety.Further, master key TMK of the present invention is generated by KMS system, therefore facilitatesKMS system is to the follow-up maintenance of master key TMK and management.Further, the present invention passes through MTMSTK is unified to gather and upload by system, facilitates collection and the management of TK, meanwhile, POS terminal andCarry out TK by MTMS system between KMS system uploading, it is to avoid every POS terminal and KMS systemSystem directly communication, alleviates work load and the difficulty of KMS system, is also convenient for KMS system identification simultaneouslyThe identity communicating with connecting object and the verity of TK uploaded, improve TK accurate delivery andThe work efficiency of KMS system.
The foregoing is only embodiments of the invention, not thereby limit the scope of the claims of the present invention, every profitThe equivalent structure made by description of the invention and accompanying drawing content or equivalence flow process conversion, or directly or indirectly transportIt is used in other relevant technical fields, is the most in like manner included in the scope of patent protection of the present invention.