CN101833718A - Method and system for resisting denying - Google Patents
Method and system for resisting denying Download PDFInfo
- Publication number
- CN101833718A CN101833718A CN200910119534A CN200910119534A CN101833718A CN 101833718 A CN101833718 A CN 101833718A CN 200910119534 A CN200910119534 A CN 200910119534A CN 200910119534 A CN200910119534 A CN 200910119534A CN 101833718 A CN101833718 A CN 101833718A
- Authority
- CN
- China
- Prior art keywords
- evidence
- request
- repudiation
- user
- electronic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a method for solving the repudiation problem in actual application in the field of electronic commerce. The method comprises the following steps of: combining the conventional electronic commerce mode, namely a way that user transaction is carried out on an electronic commerce platform, and protecting the transaction content among the transaction users by a symmetric encryption system and an asymmetric encryption system; retaining an electronic evidence after each step in the transaction process, wherein the electronic evidence has the special content; and saving the electronic evidence which may be used by the user later by adopting an electronic evidence notary authority with the legal aptitude. In the invention, the problems such as the transaction privacy and the electronic evidence validity of the anti-repudiation scheme in the actual application of the electronic commerce are solved. The invention also provides a system for realizing the method. The system comprises an origin non-repudiation evidence generating unit and a receiving non-repudiation evidence generating unit serving as a core, so that the behaviors of the user and the electronic commerce platform can be saved in the electronic evidence notary authority in the evidence way.
Description
Affiliated technical field
The present invention relates to internet arena, in particular, provide a kind of resisting denying method and system, can solve the transaction controversial issue problem in the e-commerce field in the actual life.
Background technology
The resisting denying service is intended to generate, collect, safeguard the relevant evidence of having stated incident or action, this evidence can be got and can verify this evidence, solve the dispute (referring to " infotech-safety technique-resisting denying-first: general introduction ") that takes place or do not take place and cause about this incident or action with this.In e-commerce field, have the situation that electronic transaction takes place but deny afterwards often and take place.Therefore need the resisting denying scheme and guarantee to solve these denial phenomenons.In real world, take place that any transaction all has voucher in kind and necessary audit, filing flow process guarantees to solve controversial issue afterwards, but it is then different in the such internet of ecommerce and PC World, all all occur with data mode, so need special resisting denying scheme to solve the controversial issue problem afterwards of e-commerce field.
Existing resisting denying solution roughly is divided into two classes: a kind of is directly mutual scheme of parties, and also having a kind of is to have the third party of notarization to participate in the scheme that solves two sides transaction.In fact, the ecommerce behavior in the reality is carried out on e-commerce platform mostly, just has at least parties e-commerce platform in addition to occur as the third party in the transaction.Having two kinds of special problems in this case occurs: the one, and there is the possibility of knowing transaction content in the platform that parties is concluded the business, and this is a kind of unfairness to parties; The 2nd, e-commerce platform also should be brought within the limit of consideration of resisting denying solution.In addition, it is exactly that the electronic evidence that produces in the scheme is mostly held by the final user that also there is a problem in resisting denying solution in the past, concerning the requirement of evidence, the evidence that this user holds does not often possess enough effectiveness and solves controversial issue legally.
Summary of the invention
In order to overcome existing resisting denying solution and the actual too big problem of electronic business mode disconnection, the invention provides a kind of practical resisting denying method and system.The present invention not only can be implemented in the electronic business mode of reality, and has solved problem unfair to the user and that electronic evidence is renderd a service by the mechanism of encryption and decryption and separate electronic evidence.
The solution to the problems described above that the present invention adopts is:
In conjunction with symmetric cryptography and asymmetric encryption techniques and according to the step and the flow process of the electronic transaction in the reality, the requestor of transaction carries out symmetric cryptography with the content of transaction and issues e-commerce platform later on, and adopt the PKI of electronic evidence notary organization to encrypt the encrypted secret key, by e-commerce platform this encrypted public key is issued electronic evidence notary organization;
By electronic evidence notary organization symmetric key is used transaction recipient's public key encryption again, issue e-commerce platform, by e-commerce platform with transaction content of encrypting and the recipient who issues transaction with the symmetric key of recipient's public key encryption together, the transaction recipient can obtain symmetric key and untie the transaction content that has carried out symmetric cryptography like this, and e-commerce platform can only obtain to encrypt transaction content, electronic evidence notary organization can only obtain symmetric key, and the two all can not obtain the transaction content between the user;
In the process of transaction, each participant of transaction all can relate to process of exchange, and therefore each step of transaction all can stay evidence, and content of evidence has strict requirement (please refer to embodiment);
That concludes the business is final, and the required evidence of user is preserved by electronic evidence notary organization, and concrete scheme please refer to " description of drawings " part;
Simultaneously, the notary organization of resisting denying method design has the law qualification among the present invention, and all evidences that are kept at this notary organization all are considered to be in the regular period effective.
The present invention also provides a kind of practical resisting denying system simultaneously, comprising: client process unit, platform processes unit, notary organization's processing unit.
Wherein:
Described client process unit comprises:
First request unit is initiated the request that customer requirements uses the resisting denying system;
Ciphering unit produces symmetric cryptographic key and user message is carried out symmetric cryptography, searches electronic evidence notary organization PKI, and utilizes this PKI that symmetric key is encrypted;
Non-repudiation of origin evidence generation unit utilizes self private key to sign, and signature contents comprises the request that sends in the request unit, and signature contents is sent in the lump with request;
The first non-repudiation of receipt evidence generation unit is initiated the symmetric key request of obtaining and is utilized take over party's private key that request and received message are signed;
The random number generation unit produces a certain big number at random;
Described platform processes unit comprises:
First requesting processing, the request of handling the request user and receiving the user parses the part that need be transmitted to electronic evidence notary organization;
Second request unit sends the symmetric key request of obtaining and receives user's non-repudiation of origin evidence, non-repudiation of receipt evidence, e-commerce platform non-repudiation of origin evidence;
Non-repudiation of origin evidence generation unit, function is with above-mentioned;
Described notary organization processing unit comprises:
Second requesting processing is handled the request of E-business applications platform, and parsing needs to preserve and encryption section, utilizes the reception client public key that symmetric key is encrypted;
The second non-repudiation of receipt evidence generation unit, the non-repudiation of origin evidence that utilizes self private key that the E-business applications platform is sent is signed;
Storage unit is preserved all the non-repudiation of origin evidence that receives and non-repudiation of receipt evidences.
The invention has the beneficial effects as follows, can in the E-business applications of reality, be implemented, and solved the efficacy issues of electronic evidence in the resisting denying scheme in the past, protected the transaction content between the parties in the ecommerce behavior simultaneously.
Description of drawings
In order to be illustrated more clearly in the embodiment of the invention or technical scheme of the prior art, will to do one to the accompanying drawing of required use in embodiment or the system description below and introduce simply
Fig. 1 is a method schematic diagram of the present invention.
ESP is an electronic evidence notary organization among the figure, and APP is the E-business applications platforms, and A, B are the users who concludes the business in the e-commerce initiative.Numeral 1 to 12 is to implement the flow sequence (please refer to embodiment) of resisting denying scheme.
Fig. 2 is a system architecture synoptic diagram of the present invention.
Embodiment
Technical term or the term that at first this paper is occurred makes an explanation below, to make things convenient for the understanding of those skilled in the art to this paper technical scheme, may use following symbol in implementation process:
POO:proof of origin represents the resisting denying evidence of transmit leg
POR:proof of receipt represents take over party's resisting denying evidence
EK{m}: adopt key K that message m is carried out symmetric cryptography
EV
x{ y}: adopt the PKI of x that content y is carried out asymmetric encryption
SS
x{ y}: adopt the privacy key appearance y of x to sign
H (m): content m is carried out the hash computing
Req
x: the request message of x
L: a big random number that identifies same transaction
Below in conjunction with diagram the resisting denying method and system that the present invention provides more is made detailed explanation.
Embodiment 1:
As shown in Figure 1, concrete implementation process is:
Step 4, APP send to B:A, B, L, eK{m}, POO1
APP-B=sS
APP{ H (A, B, L, eK{m}) }, and notice B has new information;
Step 5, B send to APP:B and send the key K request of obtaining A, B, L, Req
B, POO
B=sS
B{ H (A, B, L, Req
B), and send POR1B=sS
B{ H (A, B, L, eK{m}, POO1
APP-B);
Step 8, APP send to B:A, B, L, eV
B{ k}, POO2
APP-B=sS
APP{ H (A, B, L, eV
BK}) };
Step 1O, APP send to ESP:A, B, L, POO2
APP-B, POR2
B, POO3
APP-ESP=sS
APP{ H (A, B, L, POO2
APP-B, POR2
B);
Illustrate: after A, B transmission message was to APP, APP should postback receipt, avoids A, B constantly to repeat to send message; If A, B do not receive receipt in the appointment time limit, can select resend message; If the stand-by period is oversize, as greater than a certain the appointments time limit, wait can the situation of infinite wait can not occur to select the termination transaction.
Embodiment 2:
At said method, the invention also discloses a kind of practical resisting denying system.With reference to Fig. 2:
This system comprises client 21, platform processes unit 22, notary organization's processing unit 23.
Wherein, comprise at least in the described client:
Random number generation unit 213, produce a certain big number at random, non-repudiation of origin evidence generation unit 214 utilizes self private key to sign, signature contents comprises the request that sends in the request unit, and big number that the random number generation unit produces and signature contents all can send in the lump with request;
The first non-repudiation of receipt evidence generation unit 215, this resisting denying unit is only useful when receiving request, the expression recipient has received the message of oh initiating in user's request, and initiates the symmetric key request of obtaining and utilize take over party's private key that request and received message are signed;
Described platform processes unit comprises at least:
First requesting processing, 221, the second request units 222, non-repudiation of origin evidence generation unit 223 is to realize the forwards operation of processing platform.Detailed process is as follows:
At first processing unit receives the user's request that the user sends of initiating, therefrom identify message part, symmetric key part and non-repudiation of origin evidence part, self the non-repudiation of origin evidence that produces with non-repudiation of origin evidence and symmetric key part and by Unit 223 is issued electronic evidence notary organization.Then, issue electronic evidence notary organization according to the request that receives the user by the request that request unit will obtain symmetric key.Then, first requesting processing parses the symmetric key part after obtaining the content that electronics notary organization returns, and the non-repudiation of origin evidence that collaborative once more Unit 223 produce together mails to user B.At last, first requesting processing parses and receives the non-repudiation of receipt evidence that the user returns and issue electronic evidence notary organization.
Described notary organization processing unit comprises at least:
Second requesting processing, 231, the second non-repudiation of receipt evidence generation units 232, storage unit 233 is with the Request Processing work of realization e-commerce platform and the preservation work of evidence.Detailed process is as follows:
At first second requesting processing is handled the request from e-commerce platform, the beginning that record is once concluded the business also parses non-repudiation of origin evidence part and symmetric key part, preserve the back by storage unit and produce receipt, issue e-commerce platform in conjunction with the second non-repudiation of receipt evidence generation unit.The symmetric key that is returned by the second processing unit processes e-commerce platform obtains request then, the same processing non-repudiation of origin evidence and non-repudiation of receipt evidence, and the symmetric key that sends electronic evidence notary organization's non-repudiation of origin evidence and encrypt with the reception client public key.At last preserve corresponding evidence and send the non-repudiation of receipt evidence to e-commerce platform receiving after receiving the user finishes the request that message obtains, sign institute is on evidence all to preserve.
More than to a kind of practical resisting denying method and system provided by the present invention, be described in detail, used specific case herein principle of the present invention and embodiment are set forth, the explanation of above embodiment just is used for helping to understand method of the present invention and core concept thereof; Simultaneously, for one of ordinary skill in the art, according to thought of the present invention, part in specific embodiments and applications all can change.In sum, this description should not be construed as limitation of the present invention.
Claims (6)
1. a resisting denying method that is applicable to e-commerce field is characterized in that, comprising:
The electronic evidence, e-commerce platform and the electronic evidence notary organization that have comprised ecommerce user, specific composition in this scheme; It is characterized in that meeting E-business applications situation in practice, promptly on traditional resisting denying solution basis, considered e-commerce platform factor, user's transaction message privacy and evidential effect problem.
2. resisting denying method according to claim 1 is characterized in that, also comprises:
This method was made up of 12 steps, initiated request by the request user, and e-commerce platform is handled and the transfer request, and electronic evidence notary organization handles request, received user's response request and initiated request;
Each step all can relate to e-commerce platform, in the process user is transmitted content and adopt symmetric cryptography, encryption key is carried out asymmetric encryption by the PKI of electronic evidence notary organization earlier, and after being decrypted by this notary organization, the PKI by the transaction recipient carries out asymmetric encryption again.
3. resisting denying method according to claim 1 is characterized in that, also comprises: all user's evidences all are kept at electronic evidence notary organization, and user self does not need to remain with electronic evidence.
4. method according to claim 3 is characterized in that:
E-commerce platform remains with a non-repudiation of origin evidence and twice non-repudiation of receipt evidence of electronic evidence notary organization;
Electronic evidence notary organization remains with the request user, receives each non-repudiation of origin evidence of user, five non-repudiation of origin evidences of e-commerce platform, twice non-repudiation of receipt evidence of reception user.
5. a practical resisting denying system that is applicable to e-commerce field is characterized in that, comprising: client process unit, e-commerce platform processing unit, electronic evidence notary organization processing unit.
6. system according to claim 5 is characterized in that:
Described client process unit comprises:
First request unit is initiated the request that customer requirements uses the resisting denying system;
Ciphering unit produces symmetric cryptographic key and user message is carried out symmetric cryptography, searches electronic evidence notary organization PKI, and utilizes this PKI that symmetric key is encrypted;
Non-repudiation of origin evidence generation unit utilizes self private key to sign, and signature contents comprises the request that sends in the request unit, and signature contents is sent in the lump with request;
The first non-repudiation of receipt evidence generation unit is initiated the symmetric key request of obtaining and is utilized take over party's private key that request and received message are signed;
The random number generation unit produces a certain big number at random;
Described e-commerce platform processing unit comprises:
First requesting processing, the request of handling the request user and receiving the user parses the part that need be transmitted to electronic evidence notary organization;
Second request unit sends the symmetric key request of obtaining and receives user's non-repudiation of origin evidence, non-repudiation of receipt evidence, e-commerce platform non-repudiation of origin evidence;
Non-repudiation of origin evidence generation unit, function is with above-mentioned;
Described electronic evidence notary organization processing unit comprises:
Second requesting processing is handled the request of E-business applications platform, and parsing needs to preserve and encryption section, utilizes the reception client public key that symmetric key is encrypted;
The second non-repudiation of receipt evidence generation unit, the non-repudiation of origin evidence that utilizes self private key that the E-business applications platform is sent is signed;
Storage unit is preserved all the non-repudiation of origin evidence that receives and non-repudiation of receipt evidences.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN200910119534A CN101833718A (en) | 2009-03-13 | 2009-03-13 | Method and system for resisting denying |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN200910119534A CN101833718A (en) | 2009-03-13 | 2009-03-13 | Method and system for resisting denying |
Publications (1)
Publication Number | Publication Date |
---|---|
CN101833718A true CN101833718A (en) | 2010-09-15 |
Family
ID=42717781
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN200910119534A Pending CN101833718A (en) | 2009-03-13 | 2009-03-13 | Method and system for resisting denying |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN101833718A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104022883A (en) * | 2014-06-17 | 2014-09-03 | 烟台大学 | Individual information protection online shopping technology based on logistics network |
CN107067321A (en) * | 2017-05-05 | 2017-08-18 | 国信嘉宁数据技术有限公司 | Data security method, server, client and the system of payment beforehand business |
CN111080299A (en) * | 2019-12-27 | 2020-04-28 | 广州骏伯网络科技有限公司 | Anti-repudiation method for transaction information, client and server |
-
2009
- 2009-03-13 CN CN200910119534A patent/CN101833718A/en active Pending
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104022883A (en) * | 2014-06-17 | 2014-09-03 | 烟台大学 | Individual information protection online shopping technology based on logistics network |
CN104022883B (en) * | 2014-06-17 | 2017-03-15 | 烟台大学 | A kind of personal information protection shopping at network technology based on logistics network |
CN107067321A (en) * | 2017-05-05 | 2017-08-18 | 国信嘉宁数据技术有限公司 | Data security method, server, client and the system of payment beforehand business |
CN111080299A (en) * | 2019-12-27 | 2020-04-28 | 广州骏伯网络科技有限公司 | Anti-repudiation method for transaction information, client and server |
CN111080299B (en) * | 2019-12-27 | 2020-12-15 | 广州骏伯网络科技有限公司 | Anti-repudiation method for transaction information, client and server |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Zhou et al. | Evidence and non-repudiation | |
Yoon et al. | Cryptanalysis of a simple three‐party password‐based key exchange protocol | |
EP3481003B1 (en) | An efficient certified email protocol | |
Roy et al. | A survey on digital signatures and its applications | |
WO2008127446A3 (en) | A method and apparatus for time-lapse cryptography | |
CN103746811B (en) | Anonymous signcryption method from identity public key system to certificate public key system | |
Zhou | Non-repudiation | |
CN104506503A (en) | Security certification system based on broadcast television one-way transmission network | |
CN103457932A (en) | Data safety storage method and system under cloud computing environment | |
CN107888380A (en) | A kind of the RSA digital signature generation method and system of two sides distribution identity-based | |
Huang et al. | P 2 OFE: Privacy-preserving optimistic fair exchange of digital signatures | |
CN103973713A (en) | Transfer method, extraction method and processing system for electronic mail information | |
CN104009841B (en) | A kind of message encryption method under instant messaging situation | |
CN102857487A (en) | Method and system for remote tender invitation | |
CN101833718A (en) | Method and system for resisting denying | |
Zhang | A study on application of digital signature technology | |
Yang et al. | A provably secure and efficient strong designated verifier signature scheme | |
Shao et al. | Some common attacks against certified email protocols and the countermeasures | |
CN100521686C (en) | Anti-denial method between UA and MTA based on mail transfer agent | |
Wątróbski et al. | Application of the fair secret exchange protocols in the distribution of electronic invoices | |
Meadors | Secure electronic data interchange over the Internet | |
CN103107939B (en) | Based on the implementation method of the safety E-mail of public safety facilities management platform | |
Wang et al. | A new dependable exchange protocol | |
CN111695932A (en) | Block chain public key method and system based on point transaction | |
CN102739604B (en) | The method and system of secure transmission of media information |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
DD01 | Delivery of document by public notice |
Addressee: Meng Renxing Document name: Notification of Publication of the Application for Invention |
|
DD01 | Delivery of document by public notice |
Addressee: Meng Renxing Document name: Notification of before Expiration of Request of Examination as to Substance |
|
DD01 | Delivery of document by public notice |
Addressee: Meng Renxing Document name: Notification that Application Deemed to be Withdrawn |
|
C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20100915 |