Point-to-point payment communication method between near field communication devices
Technical Field
The invention relates to the field of communication, in particular to a point-to-point payment communication method between near field communication devices.
Background
Near Field Communication (NFC) is a short-range high-frequency radio technology, is formed by fusing a non-contact radio frequency identification technology and a point-to-point Communication technology, works at a frequency of 13.56MHz within a distance of 0-20 cm, has three transmission speeds of 106 Kbit/s, 212 Kbit/s or 424 Kbit/s, and can automatically switch between different transmission speeds.
NFC has three usage modes: card mode, peer-to-peer communication mode, and card reader/writer mode. The point-to-point communication mode is used for realizing data interaction among different NFC terminals, so that a plurality of devices with NFC functions are connected in a communication mode, and point-to-point transmission of data is realized through a link layer communication protocol. It is known that the NFC-enabled near field communication devices can perform wireless data transmission therebetween. For example, in a transaction activity of shopping and completing payment by a consumer using an NFC communication device, the NFC communication device of the consumer needs to perform pairing communication with an NFC communication device of a merchant to complete the whole peer-to-peer payment process.
However, when the existing NFC communication device is used for performing peer-to-peer payment communication with another NFC communication device, due to the short communication distance of the NFC communication and no security verification, the peer-to-peer payment process has a large potential safety hazard and is easily attacked by other devices.
Disclosure of Invention
The technical problem to be solved by the present invention is to provide a point-to-point payment communication method between near field communication devices for performing secure communication using a dynamic public key and an anonymous identity in a point-to-point communication mode of near field communication in view of the above prior art.
The technical scheme adopted by the invention for solving the technical problems is as follows: the point-to-point payment communication method between near field communication devices is characterized by sequentially comprising the following steps of:
(1) Setting a global identity number of a first NFC terminal as ID First And the global identity number of the second NFC terminal is ID Second The third party trusted authority is the TSM; the third-party trusted authority TSM is used for storing the anonymous identity of the first NFC terminal, the anonymous identity of the second NFC terminal and the real ID of the first NFC terminal First And the true ID of the second NFC terminal Second (ii) a The anonymous identity is composed of a public key, a private key and a global identity identification number ID of a third-party trusted authority TSM TSM And signature components of the TSM;
registering a corresponding payment account on a third-party payment platform by using a first NFC terminal, and storing a global identity number (ID) of the first NFC terminal by the third-party payment platform First The payment password;
registering a corresponding collection account on a third-party payment platform by using a second NFC terminal, and storing the global identity number ID of the second NFC terminal by the third-party payment platform Second ;
(2) The first NFC terminal requests the use of the third-party trusted authority TSMWhen the identity of the NFC terminal is anonymous, a third party trusted authority (TSM) generates an anonymous identity set PS of the first NFC terminal First And assemble this anonymous identity into a PS First Sending the information to a first NFC terminal; the TSM of the third party trusted authority stores the anonymous identity set PS sent to the first NFC terminal First And the true ID of the first NFC terminal First (ii) a The process of generating the anonymous identity of the first NFC terminal by the third-party trusted authority TSM includes:
(2-1) when the third-party trusted authority TSM receives the anonymous identity request of the first NFC terminal, the third-party trusted authority TSM generates n random valuesWherein, the first and the second end of the pipe are connected with each other,a private key representing an ith anonymous identity of the first NFC terminal;
(2-2) random values generated by the third-party trusted authority TSMMultiplying by elliptic curve base point G to obtain n public keysWherein the content of the first and second substances,a public key representing an ith anonymous identity of the first NFC terminal,the base point G is on an elliptic curve which is: e, y 2 =x 3 +ax+b modn 1 E is an elliptic curve, a, b are coefficients of the elliptic curve E, (x, y) are points on the elliptic curve E, n 1 Is the order of the elliptic curve E;
(2-3) the private key of the third party trusted authority TSM according to the ith anonymous identity of the first NFC terminalAnd corresponding to the private keyOf (2) a public keyGenerating a third-party trusted authority TSM signature to obtain an ith anonymous identity corresponding to the first NFC terminal
Wherein Enc K (m) Sig, which means that the information m is encrypted by the key K k (m) represents signing the information m with a key k, | | is a concatenation symbol;
(2-4) signature of ith anonymous identity of first NFC terminal generated by third-party trusted authority TSM according to the third-party trusted authority TSMObtaining an anonymous identity set PS of a first NFC terminal First Wherein:
(3) The first NFC terminal receives an anonymous identity set PS sent by a third-party trusted authority TSM First And then, disconnecting the communication between the first NFC terminal and the third-party trusted authority TSM, and activating an NFC security protocol between the first NFC terminal and the second NFC terminal:
(3-1) the first NFC terminal generates a random number NFirst and a random integer RFirst, and calculates and obtains a self-updating public key of the random number NFirst and the random integer RFirstAndthen will beAnd NFirst is compressed and then sent to a second NFC terminal, whereinRespectively become QFirst after compression " i 、QFirst' i ;Is a point on an elliptic curve E with a base point G, wherein,
Q TSM public key, k, representing a third party trusted authority TSM TSM A private key representing a third party trusted authority, TSM;
(3-2) the second NFC terminal generates a random number NSecond and a random integer RSecond, and calculates and obtains a self-updating public key thereofAndthen will beAnd NSecond is compressed and then sent to the first NFC terminal, whereinCompressed to QSecond respectively " i 、QSecond' i :
A public key representing an ith anonymous identity of the second NFC terminal,a private key representing an ith anonymous identity of the second NFC terminal;
(3-3) respectively calculating a common point P (P) of the first NFC terminal and the second NFC terminal according to the public key and the random number which are mutually exchanged x ,P y ) Shared secret z and shared key Q SSE :
(a) The first NFC terminal calculates to obtain a common point P (P) x ,P y ) Shared secret z and shared key Q SSE_First And calculating to obtain a key verification tag MacTag sent by the first NFC terminal First And sends a key authentication tag MacTag First Authenticating the second NFC terminal:
z=P x ,
Q SSE_First =KDF(NFirst,NSecond,ID First ,ID Second ,Z),
wherein Z is a corresponding 8-bit string obtained after the shared secret Z is converted, and a conversion formula between the shared secret Z and the 8-bit string Z is as follows:
z is a non-negative integer, and the expected length K of the character string satisfies 2 8K >, z, M of output 1 ,M 2 ,...,M k Is the bit value of string Z from left to right;
verification tag MacTag First The calculation uses the key verification mechanism defined by ISO/IEC 11770-3:
MacTag First =MAC-KC(Q SSE_First ,0x03,ID First ,ID Second ,QFirst,QSecond);
the key verification mechanism uses an AES encryption XCBC-MAC-96 mode to calculate:
MacTag First =AES-XCBC-MAC-96Q SSE_First (0x03||ID First ||ID Second ||QFirst||QSecond);
(b) The second NFC terminal calculates to obtain a common point P (P) x ,P y ) Shared secret z and shared key Q SSE_second And verifying the key verification tag MacTag sent by the first NFC terminal First And calculating to obtain a key verification tag MacTag of the second NFC terminal Second Sending a key verification tag MacTag Second Authenticating the first NFC terminal:
z=P x ,
Q SSE_second =KDF(NFirst,NSecond,ID First ,ID Second ,Z),
verification tag MacTag Second The calculation uses the key verification mechanism defined by ISO/IEC 11770-3:
MacTag Second =MAC-KC(Q SSE_Second ,0x03,ID Second ,ID First ,QSecond,QFirst);
the key verification mechanism uses an AES encryption XCBC-MAC-96 mode to calculate:
(3-4) verifying the tag MacTag when the key of the first NFC terminal First Is verified by the second NFC terminal, and the key verification tag MacTag of the second NFC terminal Second When the first NFC terminal passes the verification, the first NFC terminal and the second NFC terminal are both Q-switched SSE As a shared key, and connected for data communication, and then performing step (4), wherein Q SSE =Q SSE_First =Q SSE_second (ii) a Otherwise, the communication connection between the first NFC terminal and the second NFC terminal is interrupted; wherein the content of the first and second substances,
second NFC terminal verifies key verification tag MacTag of first NFC terminal First The process comprises the following steps: the second NFC terminal obtains a shared secret key Q according to calculation thereof SSE_second Calculating a key verification tag MacTag 'of the first NFC terminal' First WhereinIf MacTag' First =MacTag First And then, the key verification tag MacTag of the first NFC terminal is represented First The NFC terminal is verified to be passed, otherwise, the verification is not passed;
first NFC terminal verifies key verification tag MacTag of second NFC terminal Second The process comprises the following steps: the first NFC terminal obtains a shared secret key Q according to calculation thereof SSE_First Calculating a key verification tag MacTag 'of the second NFC terminal' Second WhereinIf MacTag' Second =MacTag Second And then, it means that the key verification tag MacTag of the second NFC terminal is Second Is checked by the first NFC terminalThe verification is passed, otherwise, the verification is not passed;
wherein the key verifies the tag MacTag' First 、MacTag' Second The calculation of the method uses a key verification mechanism defined by ISO/IEC 11770-3, and the key verification mechanism uses an AES encryption XCBC-MAC-96 mode;
(4) First NFC terminal acquires the GPS positioning data of self and receives the GPS positioning data that second NFC terminal sent, and first NFC terminal calculates the physical distance d between first NFC terminal and the second NFC terminal according to self GPS positioning data and the GPS positioning data of receipt:
if the physical distance d between the first NFC terminal and the second NFC terminal is larger than the preset distance d of the first NFC terminal 0 If the first NFC terminal is a potential attack user, the first NFC terminal interrupts the communication connection with the second NFC terminal; otherwise, the first NFC terminal continuously keeps the communication connection with the second NFC terminal and executes the step (5);
(5) Generating a virtual keyboard by using a first NFC terminal, inputting a payment password through the virtual keyboard, and then enabling the first NFC terminal to transmit the payment password and the global identity number ID First Sending the data to a third party payment platform, wherein the interface of the virtual keyboard is a dynamic interface, the dynamic interface is provided with ten numbers from 0 to 9, and the numbers are randomly distributed on the dynamic interface;
(6) The third party payment platform receives a payment password and a global Identity (ID) number sent by the first NFC terminal First And judges the received payment password and the global identification number ID First And a preset payment password and a global identity number ID stored in the third-party payment platform First And if the payment account is consistent with the payment account, transferring the money of the payment account corresponding to the first NFC terminal to a collection account corresponding to the second NFC terminal, and sending a successful payment notification to the first NFC terminal.
Further, in the elliptic curve E in the step (2-2):
a=-3,
b=64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1,
n 1 =6277101735386680763835789423176059013767194773182842284081。
compared with the prior art, the invention has the advantages that: when point-to-point communication is carried out between near field communication devices, a first NFC terminal and a second NFC terminal in two communication parties firstly respectively store respective real IDs in a third-party trusted authority, and meanwhile, the third-party trusted authority stores anonymous identities of the two NFC terminals; when two NFC terminals need to carry out point-to-point, the first NFC terminal requests a third-party trusted authority to use the anonymous identity of the two NFC terminals, calculates to obtain a self-updating public key and a key verification label after obtaining the anonymous identity set of the two NFC terminals, and sends the self-updating public key and the key verification label to the second NFC terminal for verification; the second NFC terminal also sends the calculated self-updating public key and the key verification tag to the first NFC terminal for verification; when the key verification tags of the first NFC terminal and the second NFC terminal are verified by the other party and the self-updating public keys are the same, and when the physical distance between the first NFC terminal and the second NFC terminal is judged to be larger than the preset near field communication distance, the attacker does not exist, and then the first NFC terminal and the second NFC terminal use the same self-updating public key as the shared public key of the two parties, so that the point-to-point communication between the near field communication devices is completed.
Drawings
Fig. 1 is a schematic flow chart illustrating a peer-to-peer payment communication method between near field communication devices according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of a random layout of ten numbers 0-9 on a virtual keyboard according to an embodiment of the present invention.
Detailed Description
The invention is described in further detail below with reference to the accompanying examples.
As shown in fig. 1, the method for peer-to-peer payment communication between near field communication devices in this embodiment sequentially includes the following steps:
(1) Setting a global identity number of a first NFC terminalIs ID First And the global identity number of the second NFC terminal is ID Second The third party trusted authority is the TSM; the third-party trusted authority TSM is used for storing the anonymous identity of the first NFC terminal, the anonymous identity of the second NFC terminal and the real ID of the first NFC terminal First And the true ID of the second NFC terminal Second (ii) a The anonymous identity is composed of a public key, a private key and a global identity identification number ID of a third-party trusted authority TSM TSM And signature components of the TSM; the second NFC terminal and the first NFC terminal use the corresponding anonymous identity in the TSM of the third-party trusted authority in the transaction process to prevent hiding the public key of the NFC terminalIllegal interception; when the second NFC owner and the first NFC owner have a transaction dispute, the third-party trusted authority TSM may issue the real IDs corresponding to the first NFC terminal and the second NFC terminal First And a true ID Second To provide third party proof for resolving transaction disputes;
registering a corresponding payment account on a third-party payment platform by using a first NFC terminal, and storing a global identity number (ID) of the first NFC terminal by the third-party payment platform First And a payment password; the payment password can be a number or a letter or a combination of the number and the letter;
registering a corresponding collection account on a third-party payment platform by using a second NFC terminal, and storing the global identity number ID of the second NFC terminal by the third-party payment platform Second ;
(2) When the first NFC terminal requests the third-party trusted authority TSM to use the anonymous identity of the first NFC terminal, the third-party trusted authority TSM generates an anonymous identity set PS of the first NFC terminal First And aggregate this anonymous identity into a PS First Sending the information to a first NFC terminal; the TSM stores the anonymous identity set PS sent to the first NFC terminal First And the true ID of the first NFC terminal First (ii) a The process of generating the anonymous identity of the first NFC terminal by the third-party trusted authority TSM includes:
(2-1) when the third-party trusted authority TSM receives the anonymous identity request of the first NFC terminal, the third-party trusted authority TSM generates n random valuesWherein the content of the first and second substances,a private key representing an ith anonymous identity of the first NFC terminal;
(2-2) random values generated by the third-party trusted authority TSMMultiplying the base point G of the elliptic curve to obtain n public keysWherein the content of the first and second substances,a public key representing an ith anonymous identity of the first NFC terminal,the base point G is on an elliptic curve which is: e: y 2 =x 3 +ax+b modn 1 E is an elliptic curve, a, b are coefficients of the elliptic curve E, (x, y) are points on the elliptic curve E, n 1 Is the order of the elliptic curve E; among them, in the elliptic curve E of the present embodiment:
a=-3,
b=64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1,
n 1 =6277101735386680763835789423176059013767194773182842284081;
(2-3) the private key of the third party trusted authority TSM according to the ith anonymous identity of the first NFC terminalAnd corresponding private keyOf (2) a public keyGenerating a third-party trusted authority TSM signature to obtain an ith anonymous identity corresponding to the first NFC terminalSignatureRepresenting that the third-party trusted authority TSM authenticates the ith anonymous identity of the first NFC terminal:
wherein Enc K (m) Sig, which means that the information m is encrypted by the key K k (m) represents signing the information m with a key k, | | is a join symbol;
(2-4) signature of ith anonymous identity of first NFC terminal generated by third-party trusted authority TSM according to the third-party trusted authority TSMObtaining an anonymous identity set PS of a first NFC terminal First Wherein:
(3) The first NFC terminal receives an anonymous identity set PS sent by a third-party trusted authority TSM First Then, the communication between the first NFC terminal and the third-party trusted authority TSM is disconnected, and the NFC security protocol between the first NFC terminal and the second NFC terminal is activated; the process of activating the NFC security protocol includes:
(3-1) the first NFC terminal generates a random number NFirst and a random integer RFirst, and calculates and obtains a self-updating public key of the random number NFirst and the random integer RFirstAndthen will beAnd NFirst is compressed and then sent to a second NFC terminal, whereinRespectively become QFirst after compression " i 、QFirst' i ;Is a point on an elliptic curve E with a base point G, wherein,
Q TSM public key, k, representing a third party trusted authority, TSM TSM A private key representing a third party trusted authority, TSM;
(3-2) the second NFC terminal generates a random number NSecond and a random integer RSecond, and calculates and obtains a self-updating public key of the random number NSecond and the random integer RSecondAndthen will beAnd NSecond compressing and sending to the first NFC terminal, whereinCompressed to QSecond respectively " i 、QSecond' i :
A public key representing an ith anonymous identity of the second NFC terminal,a private key representing an ith anonymous identity of the second NFC terminal;
(3-3) respectively calculating a common point P (P) of the first NFC terminal and the second NFC terminal according to the public key and the random number which are mutually exchanged x ,P y ) Shared secret z and shared key Q SSE :
(a) The first NFC terminal calculates to obtain a common point P (P) x ,P y ) Shared secret z and shared secret Q SSE_First And calculating to obtain a key verification tag MacTag sent by the first NFC terminal First And transmits a key authentication tag MacTag First Authenticating the second NFC terminal:
z=P x ,
Q SSE_First =KDF(NFirst,NSecond,ID First ,ID Second ,Z),
wherein Z is a corresponding 8-bit character string obtained by converting the shared secret value Z, and a conversion formula between the shared secret value Z and the 8-bit character string Z is as follows:
z is a non-negative integer, and the expected length K of the character string satisfies 2 8K >, z, M of output 1 ,M 2 ,...,M k Is the bit value of string Z from left to right;
verification tag MacTag First The calculation uses the key verification mechanism defined by ISO/IEC 11770-3:
MacTag First =MAC-KC(Q SSE_First ,0x03,ID First ,ID Second ,QFirst,QSecond);
the key verification mechanism uses an AES encryption XCBC-MAC-96 mode to calculate:
MacTag First =AES-XCBC-MAC-96Q SSE_First (0x03||ID First ||ID Second ||QFirst||QSecond);
(b) The second NFC terminal calculates to obtain a common point P (P) x ,P y ) Shared secret z and shared key Q SSE_second And verifying the key verification tag MacTag sent by the first NFC terminal First And calculating to obtain a key verification tag MacTag of the second NFC terminal Second Sending a key verification tag MacTag Second Authenticating the first NFC terminal:
z=P x ,
Q SSE_second =KDF(NFirst,NSecond,ID First ,ID Second ,Z),
verification tag MacTag Second The calculation uses the key verification mechanism defined by ISO/IEC 11770-3:
MacTag Second =MAC-KC(Q SSE_Second ,0x03,ID Second ,ID First ,QSecond,QFirst);
the key verification mechanism uses an AES encryption XCBC-MAC-96 mode to calculate:
(3-4) verifying the tag MacTag when the key of the first NFC terminal First Is verified by the second NFC terminal, and the key verification tag MacTag of the second NFC terminal Second When the first NFC terminal passes the verification, the first NFC terminal and the second NFC terminal are both Q-switched SSE As a shared key, and connected for data communication, and then performing step (4), wherein Q SSE =Q SSE_First =Q SSE_second (ii) a Otherwise, the communication connection between the first NFC terminal and the second NFC terminal is interrupted; wherein the content of the first and second substances,
second NFC terminal verifies key verification tag MacTag of first NFC terminal First The process comprises the following steps: the second NFC terminal obtains a shared secret key Q according to calculation thereof SSE_second Calculating a key verification tag MacTag 'of the first NFC terminal' First WhereinIf MacTag' First =MacTag First And then, the key verification tag MacTag of the first NFC terminal is represented First The NFC terminal is verified to be passed, otherwise, the verification is not passed;
first NFC terminal verifies key verification tag MacTag of second NFC terminal Second The process comprises the following steps: the first NFC terminal obtains a shared secret key Q according to calculation thereof SSE_First Calculating a key verification tag MacTag 'of the second NFC terminal' Second In whichIf MacTag' Second =MacTag Second And then, it means that the key verification tag MacTag of the second NFC terminal is Second The first NFC terminal passes the verification, otherwise, the verification is not passed;
wherein, the key verification tag MacTag' First 、MacTag' Second The calculation of the method uses a key verification mechanism defined by ISO/IEC 11770-3, and the key verification mechanism uses an AES encryption XCBC-MAC-96 mode;
(4) First NFC terminal acquires the GPS positioning data of self and receives the GPS positioning data that second NFC terminal sent, and first NFC terminal calculates the physical distance d between first NFC terminal and the second NFC terminal according to self GPS positioning data and the GPS positioning data of receipt:
if the physical distance d between the first NFC terminal and the second NFC terminal is larger than the preset distance d of the first NFC terminal 0 If the second NFC terminal is a potential attack user, the first NFC terminal interrupts the communication connection with the second NFC terminal, for example, the communication distance of NFC is within 20cm, and the preset distance d in the first NFC terminal is 0 Can be set to 20cm; otherwise, the first NFC terminal continuously keeps the communication connection with the second NFC terminal and executes the step (5);
(5) Generating a virtual keyboard by using a first NFC terminal, inputting a payment password through the virtual keyboard, and then enabling the first NFC terminal to transmit the payment password and the global identity number ID First Sending the data to a third party payment platform, wherein the interface of the virtual keyboard is a dynamic interface, the dynamic interface has ten numbers from 0 to 9, and the layout of the numbers on the dynamic interface is random; FIG. 2 shows a random layout of ten numbers from 0 to 9 on a virtual keyboard; in addition, the virtual keyboard can also be a letter or a combination of letters and numbers;
(6) The third party payment platform receives a payment password and a global Identity (ID) number sent by the first NFC terminal First And judges the received payment password and the global identification number ID First And a preset payment password and a global identity number ID stored in the third-party payment platform First If the first NFC terminal is consistent with the first NFC terminal, the first NFC terminal is correspondingly supportedAnd transferring the money of the payment account into a collection account corresponding to the second NFC terminal, and sending a successful payment notice to the first NFC terminal so as to prompt that the point-to-point communication between the first NFC terminal and the second NFC terminal is completed safely.