CN101350095A - Method for implementing safety network bank - Google Patents

Method for implementing safety network bank Download PDF

Info

Publication number
CN101350095A
CN101350095A CNA200810222669XA CN200810222669A CN101350095A CN 101350095 A CN101350095 A CN 101350095A CN A200810222669X A CNA200810222669X A CN A200810222669XA CN 200810222669 A CN200810222669 A CN 200810222669A CN 101350095 A CN101350095 A CN 101350095A
Authority
CN
China
Prior art keywords
key
money order
signature
content
digital signature
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CNA200810222669XA
Other languages
Chinese (zh)
Inventor
胡祥义
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CNA200810222669XA priority Critical patent/CN101350095A/en
Publication of CN101350095A publication Critical patent/CN101350095A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention relates to an implementation method of safe net banks, wherein a verified center is built on a web site of a net bank, the verified center validates the identity of an user of the net bank and validates a digital signature of the content of a cash remittance, each user of the net bank has a password key hardware device and logs on a personal or a self-unit bank account and fills the cash remittance after passing identity verification, the cash remittance is stored in a record of a relational database by a remittance system, a digital signature system uses a single key password algorithm to do the digital signature for the content of the cash remittance, a signature password key uses a generation technology of a combined single password key, the signature password key is changed once, a signature verified system eliminates the cash remittances of illegal signature users and remits the cash remittances of legal signature users through a network bank remittance system, the content of the cash remittances of the legal signature users are preserved, thereby achieving the safe remittance of the net banks.

Description

A kind of implementation method of safety network bank
Technical field:
The present invention relates to information security field, the safety that is applicable to the safe funds transfer system of the Internet bank or the ecommerce system that pays the bill.
Background technology:
At present, generally adopt user name to add the identity validation technology of password mode both at home and abroad, or employing conbined public or double key cryptographic algorithm technology, as: PKI/CA carries out authentication, come secure log Net silver user's bank account, remit money again, this class single capacity verification technique is subjected to hacker's attack easily, in addition, it is low based on the digital signature system operational efficiency of conbined public or double key system to be usually used in financial circles, sets up and safeguards all cost height, popularizes to be affected, in a word, existing safety product all can not satisfy the market demand of Internet bank's industry.
Summary of the invention:
A kind of implementation method of safety network bank is utilization computing machine, network, password and chip technology, sets up a cover secure network banking system, and Net silver user's money order is carried out the digital signature protection, guarantees Net silver user's remittance safety, and implementation step is as follows:
At first, on the website of the Internet bank, set up authentication center, authentication center is verified Net silver user's identity, digital signature to the money order content is carried out signature verification, each Net silver user staff one is the cipher key hardware device, login in person or the bank account of our unit by authentication, the Net silver user is after filling in money order, click digital signature button, digital signature system in the client-side cipher key hardware device, content to money order is carried out digital signature, and use single key cryptographic algorithm to carry out digital signature, and signature key adopts the single key key generation technique of combination, the each signature of bonding key key is all different, that is: one time one change of signature key, digital signature system is with money order, the digital signature of money order content and digital signature parameter send to the WEB server of the Internet bank in the lump, the WEB server is transmitted automatically and is given authentication center, signature verification system by authentication center, be responsible for the digital signature of this money order content is carried out signature verification, if legitimate signature, then the signature verification system of authentication center is exported to Internet bank's funds transfer system with the money order content of legitimate signature, this funds transfer system is remitted money by the money order of legitimate signature, and the content of preserving this money order, returning client-side again remits money successfully, if false signature, then the signature verification system of authentication center is removed the money order content of this false signature, and return the client-side remittance and fail, thereby, set up a cover secure network banking system, realize the safety remittance of the Internet bank, this safety network bank system realizes that with the mode that software and hardware combines concrete grammar is as follows:
1, on the website of the Internet bank, use encrypted card hardware device based on the built-in CPU intelligent chip of pci interface, set up the encryption system of authentication center, single key cryptographic algorithm, the single key key schedule of combination are write in the chip of encrypted card in advance.
2, use promptly at client-side: cipher key based on the smart card of the built-in CPU of USB interface, set up the encryption system of client, with the element of single key cryptographic algorithm, combination single key key schedule, one group " key seed " table, Net silver user's sign and Net silver user name promptly: sender name, leave in the chip of cipher key cipher key hardware device of each Net silver user staff in advance in.
3, corresponding group id of each Net silver user, Net silver user's sign as: user number or identification card number, each Net silver user's sign are all different, and have uniqueness.
4, the element in " key seed " table produces with the randomizer in the encrypted card chip, guarantee that this element has randomness, each Net silver user's " key seed " is all different, all Net silver users' " key seed " and corresponding Net silver user's sign and Net silver user name, leave in advance in " key seed " relational database of authentication center authentication server, if " key seed " table is A
A = a 00 , a 01 , · · · · · · , a 0 M - 1 a 10 , a 11 , · · · · · · , a 1 M - 1 · · · · · · , a N - 10 , a N - 11 , · · · · · · , a N - 1 M - 1 ( N × M )
Wherein: the element of Table A is: a Ij, i=0~N-1, j=0~M-1, N<=132, M<=64.
5, make up single key key schedule that single key key generation technique is made up of timestamp and random number, element in " key seed " table is chosen, wherein: timestamp is responsible for determining the row of element in " key seed " table, random number is responsible for determining the row of element in " key seed " table, and the capable element that intersects with row of the table that will determine is selected, select U element altogether and be merged into one group of single key key, wherein: U is the number of random number, is made as: 16,32 or 64 16 system numbers.
6, one time one change of single key key that generates by the single key key schedule of combination, do not repeat, generate authenticate password with this list key secret key encryption timestamp and random number and carry out authentication, carry out digital signature with " digital finger-print " of this list key secret key encryption money order content.
7, being used for the timestamp of authentication and digital signature and random number is produced by the WEB server of the Internet bank, and send in the cipher key chip of client-side, the single key key schedule according to timestamp and random number composition in chip is chosen one group of single key key of generation to the element of " key seed " table.
8, at the WEB of Internet bank server end, use authentication server and encrypted card hardware device to set up authentication center, in the chip of encrypted card, use single key cryptographic algorithm to set up Net silver subscriber identity authentication system and signature verification system, for carrying out authentication, the Net silver user logins in person or the bank account of our unit, for the digital signature of money order content is carried out signature verification.
9, at client-side, the key hardware device that accesses to your password is set up client-side authentication system and digital signature system, and use single key cryptographic algorithm to set up client-side authentication system and digital signature system, for the Net silver user sets up the authentication system of client, for the Net silver user carries out digital signature to the content of money order.
10, the Net silver user carries out authentication, be to adopt to challenge/reply the formula checking, at first, produce one group of timestamp and random number and send to client-side by Net silver WEB server, in the chip of client-side cipher key, generate checking password 1, and in the chip of the authentication center encrypted card of server end, generate checking password 2, by in this chip, whether contrast verification password 1 is identical with checking password 2, and whether the identity of differentiating the Net silver user is legal.
11, after the Net silver user logging in network bank, at first click the authentication button, the authentication system of authentication center is verified Net silver user's identity, by login Net silver user's the individual or the account of our unit after the authentication, the Net silver user clicks ACK button after filling in money order again, funds transfer system leaves the content of money order in the record of money order relational database in, the method of depositing the money order content is the order of afterwards descending with the left back right side of elder generation by going up earlier, get the every content of money order respectively, and be stored in each field, wherein by the order of this record: the item number of money order is corresponding one by one with the field number of money order relational database record.
12, it is as follows to establish money order:
Money order 1:
The remittance sequence number 00001 The remittance time 2008.08.13 Currency Type Renminbi
The payment card number 10210001000368 97777 Sender name The king two Paper money converges and indicates Cash
Payee's name Beijing Jin Aobo company The payee bank title BeiJing ZhongGuanCun sales department of industrial and commercial bank Purposes Purchase 800 of notebook computers
Payee's account number 00200001100001 100 Money transfer amount 8000.00 Postscript Money is to back delivery in one week
Money order 2:
The remittance sequence number 00002 The remittance time 2008.08.15 Currency Type Renminbi
The payment card number 10010001000228 99966 Sender name Zhang San Paper money converges and indicates Cash
Payee's name Cat company is deceived in Shenzhen The payee bank title China Merchants Bank Shenzhen Shuan Dun collection sales department Purposes Purchase 3000 KEY
Payee's account number 00300003300005 501 Money transfer amount 3000.00 Postscript Money was delivered in back 15 days
......,
Money order V:
The remittance sequence number 0000V The remittance time 2008.08.20 Currency Type Renminbi
The payment card number 11030001000228 00111 Sender name Li Si Paper money converges and indicates Cash
Payee's name The sky, Guangzhou company The payee bank title Construction Bank Beijing Xizhimen sales department Purposes Purchase 500 display cards
Payee's account number 00400003300006 600 Money transfer amount 6000.00 Postscript Money was delivered in back 10 days
13, use money order 1, money order 2, ..., money order V, wherein: V is integer and the V dominant record number smaller or equal to the money order relational database, set up the money order relational database of depositing money order, with the record of each money order as the money order relational database, that is: the content with every of money order goes up afterwards by elder generation, the order on the left back right side is taken out respectively earlier, leave in each field of money order relational database corresponding record, this money order has 12 items, then every record of money order relational database all has 12 fields, and it is as follows to generate money order relational database record:
The remittance sequence number The remittance time Currency Type The payment card number Sender name Paper money converges and indicates Payee's name The payee bank title Purposes Payee's account number Money transfer amount Postscript
00001 2008. 08 .13 Renminbi 10210 00100 03689 7777 The king two Cash Beijing Jin Aobo company BeiJing ZhongGuanCun sales department of industrial and commercial bank Purchase 800 of notebook computers 0020 0001 1000 0110 0 8000.00 Money is to back delivery in one week
00002 2008. 08 .15 Renminbi 10010 00100 02289 9966 Zhang San Cash Cat company is deceived in Shenzhen China Merchants Bank Shenzhen Shuan Dun collection sales department Purchase 3000 KEY 0030 0003 3000 0550 1 3000.00 Money was delivered in back 15 days
......
0000V 2008. 8.20 Renminbi 11030 00100 02280 0111 Li Si Cash The sky, Beijing company Construction Bank Beijing Xizhimen sales department Purchase 500 display cards 0040 0003 3000 0660 0 6000.00 Money was delivered in back 10 days
14, the process of the content of money order being carried out digital signature is, the Net silver user clicks digital signature button, the WEB server produces one group of timestamp and random number and sends to client-side, the digital signature system of client-side is pressed the content of money order the order of the field of this record, take out respectively and remerge together, deliver in the lump in the chip of client-side cipher key with this group timestamp and random number, digital signature system carries out " summary " with the content that the HASH function is combined money order together in this chip, obtain " digital finger-print 1 " of this money order content, single key key schedule with this group timestamp and random number composition, generate one group of single key key and encrypt this " digital finger-print 1 ", the ciphertext that obtains this " digital finger-print 1 " is promptly: the digital signature of this money order content, the whole process of digital signature is to finish in the chip of cipher key, thereby, the safe class of raising digital signature.
15, the process of the content in the money order being carried out " summary " is, with money order 1 is example, the content of money order 1 is taken out and remerged together promptly: " 000012008.08.13 Renminbi 102,100,010,003,689,777 7 kings two cash Beijing BeiJing ZhongGuanCun sales departments of industrial and commercial bank of Jin Aobo company purchase 800 002000011000011008000.00 section interior delivery of one week to the back of notebook computer ", again this content is carried out " digital finger-print " that " summary " obtains this money order 1 content with the HASH function.
16, after digital signature system carries out digital signature to this money order, digital signature system leaves the digital signature parameter in, in the money order relational database in this record of corresponding money order content, the concrete storage means of digital signature parameter is, funds transfer system leaves the content of money order in the record of money order relational database in, and with the remittance sequence number field of this record promptly: the content of this field all has uniqueness in every record, the main external key of having set up an one-to-many concerns sublist, this main external key concerns sublist totally 6 fields, digital signature system is with the digital signature parameter: the Net silver user name, Net silver user's sign, digital signature, choose timestamp and these 5 groups of data of random number of producing single key key, being stored in this main external key concerns in the field of the 2nd of sublist~6th, and the content of the sequence number field of will remitting money leaves in the 1st field that this main external key concerns sublist, this method is only selected a field on the relational database record of application system, and the main external key of setting up an one-to-many on this field concerns sublist, do not destroy the structure of application system relational database, help digital signature commercialization exploitation.
17, select " remittance sequence number " field (content of this field in each record of money order relational database has uniqueness) of money order relational database record, the main external key of setting up an one-to-many concerns that sublist is as follows:
The remittance sequence number The Net silver user name Net silver user's sign Timestamp Random number Digital signature
00001 The king two 000011 Timestamp 1 Random number 1 Digital signature 1
00002 Zhang San 000012 Timestamp 2 Random number 2 Digital signature 2
...... ...... ...... ?...... ?...... ?......
0000V Li Si 00001V Timestamp V Random number V Digital signature V
18, after the Net silver user carries out digital signature to the content of money order, click and send the money order button, with money order, sign before the Net silver user, timestamp, the digital signature of random number and this money order content, issue authentication center in the lump, the signature verification system of authentication center carries out signature verification to the digital signature of this money order content, its process is: at first, signature verification system will be deposited the record of this money order content correspondence by order of the field, take out respectively and remerge in the chip of together delivering to encrypted card, carry out " summary " with the HASH function, obtain " digital finger-print 2 " of this money order content, again according to this Net silver user's of receiving sign, in " key seed " relational database of location " key seed " of corresponding record, to be somebody's turn to do " key seed " delivers in the chip of encrypted card with timestamp and random number, in chip, single key key schedule according to timestamp and random number composition is chosen the element of " key seed " table, generate one group of single key key and decipher the digital signature of this money order content, obtain " digital finger-print 1 " of this money order content, whether identical through contrast " digital finger-print 1 " with " digital finger-print 2 "? determine whether signature is legal, signature verification system is with the money order content of false signature promptly: the content that leaves in the money order relational database record is removed, the money order content of legitimate signature is directly exported to Internet bank's funds transfer system from the chip of encrypted card, Internet bank's funds transfer system is according to the take over party address in this money order, Bank Name, Net silver user name and account, send in take over party's the bank account, and the money order content of preservation legitimate signature promptly: leave the content in the money order relational database record in, signature-verification process is to finish in the chip of encrypted card, thereby, the signature verification system that prevents hacker attacks carries out illegal money transfer.
19, all money order contents all leave in the record of money order relational database, thereby, the storage space of minimizing data, simultaneously, the service management person of the Internet bank can carry out statistical study and retrieval fast to the money order content.
20, the service management person of the Internet bank can be by the artificial signature verification button of clicking, each bar to the money order relational database writes down promptly: the content of money order is carried out signature verification, if legitimate signature, then the main external key of the signature verification system remittance sequence number field that will write down concerns in the sublist, the 2nd field be promptly: the content of Net silver user name is taken out, and return client-side, otherwise, return client-side: false signature, thereby, the data maintenance and the check and correction service of money order content are provided for the service management person of the Internet bank.
21, the service management person of the Internet bank selects Net silver user money order promptly: a record of money order relational database, by clicking the signature verification button this Net silver user money order is carried out signature verification, its process is: signature verification system at first will need each field of signature verification record to take out sequentially, remerge in the encrypted card of together delivering to authentication center, the main external key of getting the remittance sequence number field correspondence of this record again concerns 3 of sublist, 4,5,6 fields are promptly: the sign of depositing the Net silver user respectively, timestamp, random number and digital signature field, identification field content according to the Net silver user, from " key seed " relational database, take out corresponding " key seed ", again with this 4,5, the content of 6 fields is given in the encrypted card chip in the lump, carries out signature verification in the chip of encrypted card.
Description of drawings:
Fig. 1: the Net silver user carries out the process flow diagram of digital signature to the money order content
Fig. 2: signature verification system carries out the process flow diagram of signature verification to the digital signature of money order content
Embodiment:
The money order content is carried out the signature verification system of digital signature and authentication center carries out signature verification to the digital signature of money order content implementation step below in conjunction with description of drawings Net silver user:
Fig. 1: illustrate that the Net silver user carries out the process of digital signature to the money order content, at first, Net silver user L logging in network website of bank, insert the cipher key hardware device at client-side, click the authentication button on the Internet bank website, the authentication system formula that throws down the gauntlet/reply is verified, that is: the WEB server generation time of the Internet bank stabs 1 and random number 1, and send in the cipher key hardware device of client-side, in the chip of cipher key, single key key schedule according to timestamp 1 and random number 1 composition, from the element of " key seed " table, select U group element and synthetic one group of single key key K 1, encrypt timestamp 1 and random number 1 generation checking password 1, again with the sign of this Net silver user L, timestamp 1, random number 1 and checking password 1 send to the WEB server of Net silver, the WEB server forwards of Net silver is given authentication center, this authentication center is selected corresponding " key seed " according to user's sign, in the encrypted card chip of this authentication center, single key key schedule according to timestamp 1 and random number 1 composition, from the element of " key seed " table, select U group element and synthetic one group of single key key K 2, encrypt timestamp 1 and random number 1 generation checking password 2, whether identical by contrast password 1 with checking password 2, whether the identity of verifying Net silver user L is legal, if both are inequality, then be illegal Net silver user, can not enter the bank account of I or our unit, if both are identical, then be legal Net silver user, can enter the bank account of I or our unit, after legal Net silver user L enters the bank account of I or our unit, fill in money order and preservation, funds transfer system is kept at the content of money order in the record of money order relational database, Net silver user L clicks digital signature button, the WEB server of Net silver produces one group of timestamp 2 and random number 2, and send in the cipher key hardware device of client-side, the digital signature system of client-side is with each field contents in the money order relational database record promptly: preserve the money order content, take out respectively and combine by order of the field, deliver in the cipher key hardware device of client-side, in the chip of this cipher key, the money order content that digital signature system is combined is together carried out " summary ", obtain " digital finger-print 1 " of this money order content, single key key schedule of forming according to timestamp 2 and random number 2 again, generate one group of single key key K 3, encrypt " digital finger-print 1 " obtain this this money order content digital signature, again with the user name of Net silver user L, the sign of Net silver user L, digital signature, timestamp 2 and random number 2 these 5 groups of data, leave the remittance sequence number field of this record of money order relational database in, corresponding main external key concerns in the field of the 2nd of sublist~6th, and the content of the sequence number field of will remitting money leaves in the 1st field that this main external key concerns sublist, the Net silver user clicks money order and sends button, with this record of money order relational database promptly: comprise this money order, the digital signature of money order content and digital signature parameter send to the authentication center of the Internet bank in the lump.
Fig. 2: illustrate that signature verification system carries out the process of signature verification to the digital signature of money order content, at first, authentication center is receiving that this record that client-side sends promptly: money order, after the digital signature of money order content and the digital signature parameter, signature verification system is with the content of the whole fields of this record, order by field is taken out respectively, and combine and deliver in the encrypted card, the main external key of the remittance sequence number field correspondence that will write down again concerns that the 3rd~6th field contents takes out in the sublist, signature verification system is according to " key seed " of the mark location correspondence of network user L, and with the digital signature of this money order content, timestamp 2 and random number 2 are sent in the encrypted card of authentication center together, in the chip of this encrypted card, single key key schedule according to timestamp 2 and random number 2 compositions generates one group of single key key K 4, decipher the digital signature of this money order content, obtain " digital finger-print 1 " of this money order content, again this is write down the content that whole fields combine, carry out " summary " with the HASH function, obtain " digital finger-print 2 " of this money order content, whether identical through contrast " digital finger-print 1 " with " digital finger-print 2 "? verify whether this money order is legitimate signature, that is: whether be the signature of Net silver user L, if both differences, then for false signature promptly: the signature that is not Net silver user L, signature verification system is in the chip of authentication center encrypted card, with this record purge, and return client-side: remittance is failed, if both are identical, then for legitimate signature promptly: the signature that is Net silver user L, signature verification system is with this money order, from the chip of encrypted card, directly export to Internet bank's funds transfer system, this funds transfer system is remitted money according to this money order, and returns client-side: remit money successfully.

Claims (8)

1, a kind of implementation method of safety network bank, it is the utilization computing machine, network, password and chip technology, on the website of the Internet bank, set up authentication center, authentication center is verified Net silver user's identity, digital signature to the money order content is carried out signature verification, each Net silver user staff one is the cipher key hardware device, login in person or the bank account of our unit by authentication, the Net silver user is after filling in money order, click digital signature button, digital signature system in the client-side cipher key hardware device, content to money order is carried out digital signature, and use single key cryptographic algorithm to carry out digital signature, and signature key adopts the single key key generation technique of combination, the each signature of bonding key key is all different, that is: one time one change of signature key, digital signature system is with money order, the digital signature of money order content and digital signature parameter send to the WEB server of the Internet bank in the lump, the WEB server is transmitted automatically and is given authentication center, signature verification system by authentication center, be responsible for the digital signature of this money order content is carried out signature verification, if legitimate signature, then the signature verification system of authentication center is exported to Internet bank's funds transfer system with the money order content of legitimate signature, this funds transfer system is remitted money by the money order of legitimate signature, and the content of preserving this money order, returning client-side again remits money successfully, if false signature, then the signature verification system of authentication center is removed the money order content of this false signature, and return the client-side remittance and fail, thereby, set up a cover secure network banking system, realize the safety remittance of the Internet bank.
2, according to the method for claim 1, it is characterized in that:
(1) at the WEB of Internet bank server end, use authentication server and encrypted card hardware device to set up authentication center, in the chip of encrypted card, use single key cryptographic algorithm to set up Net silver subscriber identity authentication system and signature verification system, for carrying out authentication, the Net silver user logins in person or the bank account of our unit, for the digital signature of money order content is carried out signature verification;
(2) at client-side, the key hardware device that accesses to your password is set up client-side authentication system and digital signature system, and use single key cryptographic algorithm to set up client-side authentication system and digital signature system, for the Net silver user sets up the authentication system of client, for the Net silver user carries out digital signature to the content of money order.
3, according to the method for claim 2, it is characterized in that:
(1) makes up single key key schedule that single key key generation technique is made up of timestamp and random number, element in " key seed " table is chosen, wherein: timestamp is responsible for determining the row of element in " key seed " table, random number is responsible for determining the row of element in " key seed " table, and the capable element that intersects with row of the table that will determine is selected, select U element altogether and be merged into one group of single key key, one time one change of single key key by single key key schedule generation, do not repeat, generate authenticate password with this list key secret key encryption timestamp and random number and carry out authentication, " digital finger-print " of showing content with this list key secret key encryption remittance carries out digital signature;
(2) being used for the timestamp of authentication and digital signature and random number is produced by the WEB server of the Internet bank, and send in the intelligent card chip of client-side, the single key key schedule according to timestamp and random number composition in chip is chosen one group of single key key of generation to the element of " key seed " table.
4, according to the method for claim 2, it is characterized in that:
The process of the content of money order being carried out digital signature is, the Net silver user clicks digital signature button, the WEB server produces one group of timestamp and random number and sends to client-side, the digital signature system of client-side is pressed the content of money order the order of the field of this record, take out respectively and remerge together, deliver in the lump in the chip of client-side cipher key with this group timestamp and random number, digital signature system carries out " summary " with the content that the HASH function is combined money order together in this chip, obtain " digital finger-print 1 " of this money order content, single key key schedule with this group timestamp and random number composition, generate one group of single key key and encrypt this " digital finger-print 1 ", the ciphertext that obtains this " digital finger-print 1 " is promptly: the digital signature of this money order content, the whole process of digital signature is to finish in the chip of cipher key, thereby, the safe class of raising digital signature.
5, according to the method for claim 2 and 4, it is characterized in that:
After the Net silver user carries out digital signature to the content of money order, click and send the money order button, with money order, the Net silver user name, Net silver user's sign, timestamp, the digital signature of random number and this money order content, issue authentication center in the lump, the signature verification system of authentication center carries out signature verification to the digital signature of this money order content, its process is: at first, signature verification system will be deposited the record of this money order content correspondence by order of the field, take out respectively and remerge in the chip of together delivering to encrypted card, carry out " summary " with the HASH function, obtain " digital finger-print 2 " of this money order content, again according to this Net silver user's of receiving sign, in " key seed " relational database of location " key seed " of corresponding record, to be somebody's turn to do " key seed " delivers in the core of encrypted card with timestamp and random number, in chip, single key key schedule according to timestamp and random number composition is chosen the element of " key seed " table, generate one group of single key key and decipher the digital signature of this money order content, obtain " digital finger-print 1 " of this money order content, whether identical through contrast " digital finger-print 1 " with " digital finger-print 2 "? determine whether signature is legal, signature verification system is with the money order content of false signature promptly: the content that leaves in the money order relational database record is removed, the money order content of legitimate signature is directly exported to Internet bank's funds transfer system from the chip of encrypted card, Internet bank's funds transfer system is according to the take over party address in this money order, Bank Name, Net silver user name and account, send in take over party's the bank account, and the money order third of preserving legitimate signature holds promptly: leave the content in the money order relational database record in, signature-verification process is to finish in the chip of encrypted card, thereby, the signature verification system that prevents hacker attacks carries out illegal money transfer.
6, according to the method for claim 4 and 5, it is characterized in that:
(1) after the Net silver user logging in network bank, at first click the authentication button, the authentication system of authentication center is verified Net silver user's identity, by login Net silver user's the individual or the account of unit after the authentication, the Net silver user clicks ACK button after filling in money order again, funds transfer system leaves the content of money order in the record of money order relational database in, the method of depositing the money order content is the order of afterwards descending with the left back right side of elder generation by going up earlier, get the every content of money order respectively, and be stored in each field, wherein by the order of this record: the item number of money order is corresponding one by one with the field number of money order relational database record;
(2) after digital signature system carries out digital signature to this money order, digital signature system leaves the digital signature parameter in, in the money order relational database in this record of corresponding money order content, the concrete storage means of digital signature parameter is, funds transfer system leaves the content of money order in the record of money order relational database in, and with the remittance sequence number field of this record promptly: the content of this field all has uniqueness in every record, the main external key of having set up an one-to-many concerns sublist, this main external key concerns sublist totally 6 fields, digital signature system is with the digital signature parameter: the Net silver user name, Net silver user's sign, digital signature, choose timestamp and these 5 groups of data of random number of producing single key key, being stored in this main external key concerns in the field of the 2nd of sublist~6th, and the content of the sequence number field of will remitting money leaves in the 1st field that this main external key concerns sublist, this method is only selected a field on the relational database record of application system, and the main external key of setting up an one-to-many on this field concerns sublist, do not destroy the structure of application system relational database, help digital signature commercialization exploitation.
7, according to the method for claim 6, it is characterized in that:
All money order contents all leave in the record of money order relational database, the service management person of the Internet bank can carry out statistical study and retrieval fast to the money order content, and by the artificial signature verification button of clicking, each bar to the money order relational database writes down promptly: the content of money order is carried out signature verification, if legitimate signature, then the main external key of the signature verification system remittance sequence number field that will write down concerns in the sublist, the 2nd field be promptly: the content of Net silver user name is taken out, and return client-side, otherwise, return client-side: false signature, thereby, the data maintenance and the check and correction service of money order content are provided for the service management person of the Internet bank.
8, according to the method for claim 5 and 7, it is characterized in that:
The service management person of the Internet bank selects Net silver user money order promptly: a record of money order relational database, by clicking the signature verification button this Net silver user money order is carried out signature verification, its process is: signature verification system at first will need each field of signature verification record to take out sequentially, remerge in the encrypted card of together delivering to authentication center, the main external key of getting the remittance sequence number field correspondence of this record again concerns 3 of sublist, 4,5,6 fields are promptly: the sign of depositing the Net silver user respectively, timestamp, random number and digital signature field, identification field content according to the Net silver user, from " key seed " relational database, take out corresponding " key seed ", again with this 4,5, the content of 6 fields is given in the encrypted card chip in the lump, carries out signature verification in the chip of encrypted card.
CNA200810222669XA 2008-09-22 2008-09-22 Method for implementing safety network bank Pending CN101350095A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNA200810222669XA CN101350095A (en) 2008-09-22 2008-09-22 Method for implementing safety network bank

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNA200810222669XA CN101350095A (en) 2008-09-22 2008-09-22 Method for implementing safety network bank

Publications (1)

Publication Number Publication Date
CN101350095A true CN101350095A (en) 2009-01-21

Family

ID=40268874

Family Applications (1)

Application Number Title Priority Date Filing Date
CNA200810222669XA Pending CN101350095A (en) 2008-09-22 2008-09-22 Method for implementing safety network bank

Country Status (1)

Country Link
CN (1) CN101350095A (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102646107A (en) * 2011-02-18 2012-08-22 华东科技股份有限公司 Digital key with functions of security and webpage guidance
CN102655496A (en) * 2011-03-01 2012-09-05 阿里巴巴集团控股有限公司 Logging method, system and device
CN102868705A (en) * 2012-10-24 2013-01-09 张仁平 Device for achieving network login certification by using dynamic passwords and using method of device
CN104601593A (en) * 2015-02-04 2015-05-06 公安部第三研究所 Anti-tracking method in network electronic identity authentication process based on challenge modes
CN105099691A (en) * 2014-05-23 2015-11-25 李亮 Method achieving computer Internet banking authentication by utilization of mobile phone
CN105357191A (en) * 2015-10-28 2016-02-24 北京奇虎科技有限公司 User data encryption method and device
CN106897637A (en) * 2015-12-18 2017-06-27 阿里巴巴集团控股有限公司 Business method of calibration and device
CN108009440A (en) * 2017-11-23 2018-05-08 重庆金融资产交易所有限责任公司 Date storage method, querying method, device, storage medium and computer equipment
CN108234664A (en) * 2014-10-23 2018-06-29 邹铁梅 A kind of account management system and its method based on cloud service

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102646107A (en) * 2011-02-18 2012-08-22 华东科技股份有限公司 Digital key with functions of security and webpage guidance
CN102655496A (en) * 2011-03-01 2012-09-05 阿里巴巴集团控股有限公司 Logging method, system and device
CN102868705A (en) * 2012-10-24 2013-01-09 张仁平 Device for achieving network login certification by using dynamic passwords and using method of device
CN102868705B (en) * 2012-10-24 2015-07-15 陶慧丽 Device for achieving network login certification by using dynamic passwords and using method of device
CN105099691A (en) * 2014-05-23 2015-11-25 李亮 Method achieving computer Internet banking authentication by utilization of mobile phone
CN108234664A (en) * 2014-10-23 2018-06-29 邹铁梅 A kind of account management system and its method based on cloud service
CN108234664B (en) * 2014-10-23 2019-08-09 北京人民在线网络有限公司 A kind of account management method based on cloud service
CN104601593A (en) * 2015-02-04 2015-05-06 公安部第三研究所 Anti-tracking method in network electronic identity authentication process based on challenge modes
CN104601593B (en) * 2015-02-04 2017-12-01 公安部第三研究所 The method that anti-tracking in network electronic authentication procedures is realized based on challenge mode
CN105357191A (en) * 2015-10-28 2016-02-24 北京奇虎科技有限公司 User data encryption method and device
CN105357191B (en) * 2015-10-28 2018-09-28 北京奇虎科技有限公司 The encryption method and device of user data
CN106897637A (en) * 2015-12-18 2017-06-27 阿里巴巴集团控股有限公司 Business method of calibration and device
CN108009440A (en) * 2017-11-23 2018-05-08 重庆金融资产交易所有限责任公司 Date storage method, querying method, device, storage medium and computer equipment
CN108009440B (en) * 2017-11-23 2020-05-22 重庆金融资产交易所有限责任公司 Data storage method, query method, device, storage medium and computer equipment

Similar Documents

Publication Publication Date Title
CN101350095A (en) Method for implementing safety network bank
Zhai et al. Research on the Application of Cryptography on the Blockchain
Singh et al. Blockchain: Future of financial and cyber security
US6944770B2 (en) Methods and systems for generating and validating value-bearing documents
CN110807641A (en) Pet food traceability system
CN102148685B (en) Method and system for dynamically authenticating password by multi-password seed self-defined by user
CN109615351A (en) SIM card, terminating machine and digital currency managing system
CN108292401A (en) The numerical data operation of safety
CN102812482A (en) Event access with data field encryption for validation and access control
CN107533700A (en) Verify electronic transaction
CN101576983A (en) Electronic payment method and system based on mobile terminal
US20220058642A1 (en) Systems and methods for amplifying the strength of cryptographic algorithms
CN109102259B (en) Block chain transaction method and block chain system supporting banking business
CN109242663A (en) A kind of bookkeeping methods and system based on block chain technology
CN102497358A (en) Online banking transaction method
CN113347008B (en) Loan information storage method adopting addition homomorphic encryption
CN109978533A (en) A kind of offline secure payment system and method that anti-two dimensional code is usurped
CN101771696A (en) Multi-layer data mapping authentication system
CN112513904A (en) Digital asset transaction control method and device, terminal equipment and storage medium
Ghimire Analysis of bitcoin cryptocurrency and its mining techniques
CN113516462A (en) Quantum cash settlement system and method based on block chain
Blum et al. Superlight–A permissionless, light-client only blockchain with self-contained proofs and BLS signatures
CN102609842B (en) A kind of payment cipher device based on hardware signature equipment and application process thereof
CN102831517A (en) Electronic consumption card system based on mobile terminal
CN105512936A (en) E-bank system sensitive data processing method and system in multi-legal-person business mode

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20090121