CN106251146B - A kind of method of mobile payment and mobile-payment system - Google Patents
A kind of method of mobile payment and mobile-payment system Download PDFInfo
- Publication number
- CN106251146B CN106251146B CN201610581937.1A CN201610581937A CN106251146B CN 106251146 B CN106251146 B CN 106251146B CN 201610581937 A CN201610581937 A CN 201610581937A CN 106251146 B CN106251146 B CN 106251146B
- Authority
- CN
- China
- Prior art keywords
- sub
- key
- module
- private key
- mobile
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a kind of method of mobile payment and mobile-payment system, is related to safety of payment technical field, for improving the security paid.The method of mobile payment includes:Using a main private key, N number of different sub- private key is generated, N is positive integer and satisfaction:N≥2;N number of sub- private key is respectively stored in N number of different mobile terminal;It is determined that the minimum quantity t for the required mobile terminal that to Transaction Information signmin, wherein tminFor positive integer and satisfaction:tmin> 1;T mobile terminal is chosen from N number of mobile terminal, t is positive integer and satisfaction:tmin≤t≤N;Transaction Information is signed respectively using the sub- private key stored in t mobile terminal, obtains the first signature;The first all signatures is integrated, obtains the second signature;The second signature is verified using Your Majesty's key.Method of mobile payment provided by the present invention is used to safely be paid.
Description
Technical field
The present invention relates to safety of payment technical field, more particularly to a kind of method of mobile payment and mobile-payment system.
Background technology
Mobile payment is that a kind of permission user is carried out using mobile terminal (for example, mobile phone) to the commodity consumed or service
The payment method of payment.
In the prior art, it is the security of raising mobile payment, it will usually numeral label are used during mobile payment
Name technology.Specifically, digital signature technology is generally realized by using a key to (i.e. private key and public key), wherein, it is private
Key is the private part of cipher key pair, is stored in the mobile terminal of user, and only user can obtain, and public key is key pair
Disclosed in part, it is any to obtain per capita.In a transaction, user (i.e. Transaction Information initiator) use is stored with private
The mobile terminal of key is signed to Transaction Information, then sends the Transaction Information after signature to Transaction Information recipient's (example
Such as, bank), Transaction Information recipient is verified using public key to the signature in Transaction Information.
In above-mentioned existing mobile payment, due to only needing the mobile terminal for being stored with a private key can to transaction
Information is correctly signed, and causes mobile payment larger security risk to be present, if for example, user will be stored with private key accidentally
Mobile terminal lose, then the people's can for finding the mobile terminal is correctly signed to Transaction Information, causes user
Property loss.
The content of the invention
It is an object of the invention to provide a kind of method of mobile payment and mobile-payment system, for improving the safety paid
Property.
To reach above-mentioned purpose, method of mobile payment provided by the present invention adopts the following technical scheme that:
A kind of method of mobile payment, the method for mobile payment include:Using a main private key, the N number of different son of generation is private
Key, N are positive integer and satisfaction:N≥2;N number of sub- private key is respectively stored in N number of different mobile terminal;It is determined that to handing over
Easy information sign the minimum quantity t of required mobile terminalmin, wherein tminFor positive integer and satisfaction:tmin> 1;From N number of
T mobile terminal is chosen in the mobile terminal, t is positive integer and satisfaction:tmin≤t≤N;Using in the t mobile terminals
The sub- private key of storage is signed to Transaction Information respectively, is obtained and t sub- one-to-one first signatures of private key;To institute
First signature having is integrated, and obtains the second signature, second signature with the main private key with being believed the transaction
Breath signature resulting after being signed is identical;The described second signature is verified using Your Majesty's key.
In addition, present invention also offers a kind of mobile-payment system, should for implementing method of mobile payment as described above
Mobile-payment system includes:Sub- private key generation module, for utilizing a main private key, N number of different sub- private key is generated, N is just
Integer and satisfaction:N≥2;The distribute module being connected with the sub- private key generation module, for N number of sub- private key to be deposited respectively
Storage is in N number of different mobile terminal;The parameter determination module being connected with the distribute module, for determining to enter Transaction Information
The minimum quantity t of mobile terminal needed for row signaturemin, wherein tminFor positive integer and satisfaction:tmin> 1;Determined with the parameter
Module connection first choose module, for from N number of mobile terminal choose t mobile terminal, t be positive integer and completely
Foot:tmin≤t≤N;With the described first signature blocks for be connected of selection module, for using storing in the individual mobile terminals of t
Sub- private key is signed to Transaction Information respectively, is obtained and t sub- one-to-one first signatures of private key;With the signature
The integration module of module connection, for being integrated to all first signatures, obtain the second signature, second signature
With the Transaction Information is signed with the main private key after obtained by signature it is identical;Tested with what the integration module was connected
Module is demonstrate,proved, for being verified using Your Majesty's key to the described second signature.
Because method of mobile payment provided by the present invention includes above step, therefore, divide in N number of different mobile terminal
N number of sub- private key is not stored with, when signing to Transaction Information, can first determine to carry out required shifting of signing to Transaction Information
The minimum quantity t of dynamic terminalmin, wherein tminFor positive integer and satisfaction:tmin> 1, then t movement is chosen from N number of mobile terminal
Terminal, wherein t are positive integer and satisfaction:tmin≤ t≤N, it is then private using the son stored in t mobile terminal elected
Key is signed to Transaction Information respectively, i.e., at least to use the sub- private key stored in two mobile terminals to carry out Transaction Information
Signature, obtain signing with t sub- private keys one-to-one first, then the first all signatures is integrated, obtains second
Signature, wherein the second signature with Transaction Information is signed with main private key after resulting signature it is identical, then using Your Majesty
Key is verified to the second signature, that is to say, that two are at least only chosen from N number of be stored with the mobile terminal of sub- private key,
Transaction Information can correctly be signed, even if being stored with sub- private so as to which other people in addition to validated user obtain one
The mobile terminal of key also can not correctly be signed to Transaction Information.As the above analysis, movement provided by the present invention
Method of payment realizes only just can correctly be signed using multiple mobile terminals for being stored with sub- private key to Transaction Information
Name, can correctly be signed compared to a mobile terminal for being stored with sub- private key is only needed in the prior art to Transaction Information
Mobile payment mode, hence it is evident that improve the security of payment.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, embodiment will be described below
In the required accompanying drawing used be briefly described, it should be apparent that, drawings in the following description be only the present invention some
Embodiment, for those of ordinary skill in the art, on the premise of not paying creative work, can also be attached according to these
Figure obtains other accompanying drawings.
Fig. 1 is the schematic flow sheet one of the method for mobile payment in the embodiment of the present invention;
Fig. 2 is the schematic flow sheet two of the method for mobile payment in the embodiment of the present invention;
Fig. 3 is the schematic flow sheet three of the method for mobile payment in the embodiment of the present invention;
Fig. 4 is the schematic flow sheet four of the method for mobile payment in the embodiment of the present invention;
Fig. 5 is the module diagram one of the mobile-payment system in the embodiment of the present invention;
Fig. 6 is the module diagram two of the mobile-payment system in the embodiment of the present invention;
Fig. 7 is the module diagram three of the mobile-payment system in the embodiment of the present invention;
Fig. 8 is the module diagram four of the mobile-payment system in the embodiment of the present invention.
Description of reference numerals:
1- private key generation modules;2- distribute modules;3- parameter determination modules;
4- first chooses module;5- signature blocks;6- integrates module;
7- authentication modules;The sub- public key generation modules of 8- first;9- second chooses module;
The computing modules of 10- first;The uploading modules of 11- first;The 12- webservers;
The download modules of 13- first;The first sub- authentication modules of 14-;15- removing modules;
The second sub- public keys of 16- generation mould 17- the 3rd chooses module;The uploading modules of 18- second;
Block;
The download modules of 19- second;The computing modules of 20- second;The second sub- authentication modules of 21-;
22- dealing money acquiring units;23- minimum quantity determining units.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete
Site preparation describes, it is clear that described embodiment is part of the embodiment of the present invention, rather than whole embodiments.Based on this hair
Embodiment in bright, the every other implementation that those of ordinary skill in the art are obtained under the premise of creative work is not made
Example, belongs to the scope of protection of the invention.
Embodiment one
The embodiments of the invention provide a kind of method of mobile payment, as shown in figure 1, the method for mobile payment includes:
Step S1, using a main private key, N number of different sub- private key is generated, N is positive integer and satisfaction:N≥2;
For example, using a main private key, 3 different sub- private keys, respectively sub- private key A, sub- private key B, sub- private key are generated
C.Wherein, main private key refers to the private part that a cipher key pair can correctly be signed to Transaction Information,
That is the signature obtained by after being signed using main private key to Transaction Information can be by a cipher key pair and the main private key
Corresponding Your Majesty's key institute correct verification.Specifically, Shamir's Secret Sharing algorithms can be used by a main private
Key is divided into 3 different sub- private keys.It should be noted that above-mentioned Shamir's Secret Sharing algorithms refer to it is existing
Technology, no longer repeated herein.
Step S2, N number of sub- private key is respectively stored in N number of different mobile terminal;
For example, above-mentioned sub- private key A, sub- private key B, sub- private key C are stored into mobile phone, Intelligent bracelet and bluetooth Key respectively.
Wherein, bluetooth Key is a kind of hardware device including bluetooth module and Digital Signature module, and it can be received by bluetooth module
Transaction Information, and the Transaction Information received is signed using the sub- private key in Digital Signature module, and pass through bluetooth mould
Transaction Information after signature is back to Transaction Information initiator by block.It can be worn in addition, mobile terminal can also be intelligent watch etc.
Equipment is worn, or is notebook computer, digit broadcasting receiver and PDA (Personal Digital Assistant, individual number
Word assistant) etc. terminal device.
Step S3, determine Transaction Information sign the minimum quantity t of required mobile terminalmin, wherein, tminFor just
Integer and satisfaction:tmin> 1;
To Transaction Information sign the minimum quantity t of required mobile terminalminIt can be carried out flexibly according to being actually needed
Ground is set, but tminNeed to meet:tmin> 1, that is to say, that at least need two mobile terminals for being stored with sub- private key can
Transaction Information is correctly signed.
Step S4, t mobile terminal is chosen from N number of mobile terminal, wherein t is positive integer and satisfaction:tmin≤t≤N;
For example, work as tminWhen=2, then t mobile terminal is chosen from above-mentioned mobile phone, Intelligent bracelet and bluetooth Key and existed such as
Under several situations:Selection mobile phone and Intelligent bracelet;Selection mobile phone and bluetooth Key;Only choose Intelligent bracelet and bluetooth Key;
Choose mobile phone, Intelligent bracelet and bluetooth Key.
Step S5, Transaction Information is signed respectively using the sub- private key stored in t mobile terminal, obtained and t
Sub- one-to-one first signature of private key;
For example, summary that can first to Transaction Information using Hash functions (hash function) generation Transaction Information
(Digest), then summary is encrypted using the sub- private key B in the sub- private key A and Intelligent bracelet in mobile phone respectively, generated
Sub- private key A signature and sub- private key B signature.
Step S6, the first all signatures is integrated, obtains the second signature, second signs and with main private key to transaction
Information signature resulting after being signed is identical.
It is, for example, possible to use Shamir's Secret Sharing algorithms are by above-mentioned sub- private key A signature and sub- private key B
Signature integrated, obtain the second signature, this second signature with Transaction Information is signed with main private key after obtained by
Sign identical, that is to say, that the second signature can be by the cipher key pair Your Majesty key institute correct verification corresponding with main private key.
If it should be noted that in step s 5, k (k are used<T) the sub- private key in individual mobile terminal is to Transaction Information
Signed, obtain signing with k sub- private keys one-to-one first, then in step s 6, according to Shamir's Secret
Sharing algorithmic rules, the second signature can not be obtained by the first signature of above-mentioned k sub- private keys.For example, work as tminWhen=2,
Only use and be stored with sub- private key A mobile phone, be stored with sub- private key B Intelligent bracelet and be stored with sub- private key C bluetooth Key
A kind of terminal device can not correctly be signed to Transaction Information, and reason is, according to Shamir's Secret
Sharing algorithmic rules, work as tminWhen=2, the second signature can not be obtained by the first signature of 1 sub- private key.
Step S7, the second signature is verified using Your Majesty's key.
By the method for mobile payment that the embodiment of the present invention is provided includes above step, therefore, N number of different mobile end
N number of sub- private key is stored with end respectively, when signing to Transaction Information, can first determine to carry out Transaction Information signature institute
The minimum quantity t of the mobile terminal neededmin, wherein tminFor positive integer and satisfaction:tmin> 1, then choose t from N number of mobile terminal
Individual mobile terminal, wherein t are positive integer and satisfaction:tmin≤ t≤N, then using being stored in t mobile terminal elected
Sub- private key Transaction Information is signed respectively, i.e., at least to use the sub- private key stored in two mobile terminals to believe transaction
Breath is signed, and obtains signing with t sub- private keys one-to-one first, then the first all signatures is integrated, obtained
To the second signature, wherein the second signature with Transaction Information is signed with main private key after resulting signature it is identical, then make
The second signature is verified with Your Majesty's key, that is to say, that only at least chosen from N number of be stored with the mobile terminal of sub- private key
Two, Transaction Information can correctly be signed, even if so as to which other people in addition to validated user obtain a storage
The mobile terminal for having sub- private key also can not correctly be signed to Transaction Information.As the above analysis, the embodiment of the present invention
The method of mobile payment provided realizes only just can be to Transaction Information using multiple mobile terminals for being stored with sub- private key
Correctly signed, Transaction Information can be entered compared to a mobile terminal for being stored with sub- private key is only needed in the prior art
The mobile payment mode that row is correctly signed, hence it is evident that improve the security of payment.
Further, as shown in Fig. 2 in above-mentioned steps S1, using a main private key, generate N number of different sub- private key it
Afterwards, the method for mobile payment that the embodiment of the present invention is provided also includes:
Step S11, using N number of sub- private key, N number of and sub- private key public key correspondingly is generated;
For example, when generating sub- private key A, sub- private key B and sub- private key C using a main private key, this 3 sub- private keys point are utilized
3 sub- public keys Sheng Cheng not be generated with respective one-to-one sub- public key D, sub- public key E, sub- public key F.
Step S12, t sub- public keys are chosen from N number of sub- public key.
For example, in above-mentioned steps S4, when choosing two mobile terminals from mobile phone, Intelligent bracelet and bluetooth Key, then
Correspondingly, in this step, it is necessary to choose 2 sub- public keys from above-mentioned 3 sub- public keys.That is, the selection of sub- public key exists following
Several situations:Choose sub- public key D and sub- public key E;Choose sub- public key D and sub- public key F;Choose sub- public key E and sub- public key F.
Step S13, the Your Majesty to match with main private key a key is calculated using t sub- public keys, and utilizes Your Majesty's key
Generate public key certificate;
For example, in above-mentioned steps S12, sub- public key D and sub- public key E are selected from sub- public key D, sub- public key E and sub- public key F
When, then in this step, the Your Majesty to match with main private key a key can be calculated using sub- public key D and sub- public key E, that is, counted
This Your Majesty's key calculated can be verified with the signature in the Transaction Information after main private key signature, that is to say, that by above-mentioned second
The definition of signature understands that this Your Majesty's key calculated can verify the second signature, then generates public key using this Your Majesty's key
Certificate.In addition, after this step, the method for mobile payment that the embodiment of the present invention is provided can also include:Step 131, incite somebody to action
Caused intermediate data is deleted in calculating process, to avoid disabled user from obtaining sub- public key using these intermediate data, so as to
Improve the security of mobile payment.
Step S14, public key certificate is uploaded to the webserver;
In order that Transaction Information recipient can obtain public key certificate, will the public key certificate disclose, public key can be demonstrate,proved
Book is uploaded to the webserver.Certainly, mode disclosed in public key certificate is not limited to described above, those skilled in the art can
Carry out reasonable selection is actually needed with basis.
If the method for mobile payment that the embodiment of the present invention is provided includes above step, above-mentioned steps S7, Your Majesty is used
Key is verified to the second signature can specifically include:
Step S15, public key certificate is downloaded from the webserver, and Your Majesty's key is recovered using the public key certificate;
When Transaction Information recipient needs to verify the second signature, for example, bank is needed to mistake transmitted by client
When the Transaction Information come is verified, bank, which can send, downloads request to the webserver, and the webserver please according to download
Ask to send public key certificate to bank, bank and recover Your Majesty's key using the public key certificate.
Step S16, the second signature is verified using from Your Majesty's key that public key certificate recovers to obtain.
For example, Transaction Information recipient can be with the Your Majesty's key for recovering to obtain from public key certificate to second in Transaction Information
Signature is decrypted, and obtains the first summary of Transaction Information, and obtain the of Transaction Information using Hash functions to Transaction Information
Two summaries, the summary of contrast first and the second summary, if the two is consistent, then it represents that the second signature is verified, if two
Person is inconsistent, then it represents that to the authentication failed of the second signature.
In the case of another is optional, as shown in figure 3, in above-mentioned steps S1, using a main private key, generation is N number of
After different sub- private keys, the method for mobile payment that the embodiment of the present invention is provided also includes:
Step S101, using N number of sub- private key, N number of and sub- private key public key correspondingly is generated;
For example, when generating sub- private key A, sub- private key B and sub- private key C using a main private key, this 3 sub- private keys point are utilized
3 sub- public keys Sheng Cheng not be generated with respective one-to-one sub- public key D, sub- public key E, sub- public key F.
Step S102, t sub- public keys are chosen from N number of sub- public key;
For example, in above-mentioned steps S4, when choosing two mobile terminals from mobile phone, Intelligent bracelet and bluetooth Key, then
Correspondingly, in this step, it is necessary to choose 2 sub- public keys from above-mentioned 3 sub- public keys.That is, the selection of sub- public key exists following
Several situations:Choose sub- public key D and sub- public key E;Choose sub- public key D and sub- public key F;Choose sub- public key E and sub- public key F.
Step S103, t sub- public keys are uploaded to the webserver;
In order that Transaction Information recipient can obtain selected all sub- public keys, all sub- public keys that will be selected
It is open, selected all sub- public keys can be all uploaded to the webserver.For example, will be selected in above-mentioned steps S102
Sub- public key E and sub- public key F be uploaded to the webserver.Certainly, by the not office of mode disclosed in selected all sub- public keys
It is limited to described above, those skilled in the art can be according to being actually needed carry out reasonable selection.
If the moving method that the embodiment of the present invention is provided includes above step, above-mentioned steps S7, Your Majesty's key pair is used
Second signature is verified can specifically include:
Step S104, all t sub- public keys are downloaded from the webserver;
When Transaction Information recipient needs to verify the second signature, for example, bank is needed to mistake transmitted by client
When the Transaction Information come is verified, bank, which can send, downloads request to the webserver, and the webserver please according to download
Ask and all send all t sub- public keys to bank.For example, the sub- public key for being uploaded to the webserver in step s 103 is
Sub- public key E and sub- public key F, then bank need sub- public key E and sub- public key F are all downloaded from the webserver.
Step S105, the Your Majesty to match with main private key a key is calculated using the t downloaded to sub- public keys;
Match for example, bank can calculate one using the above-mentioned sub- public key E downloaded to and sub- public key F with main private key
Your Majesty's key.
Step S106, the second signature is verified using Your Majesty's key.
The embodiment of this step is similar with above-mentioned steps S16 embodiment, is no longer repeated herein.
In addition, as shown in figure 4, above-mentioned steps S3, determination carry out the minimum of required mobile terminal of signing to Transaction Information
Quantity tminIt can specifically include:
Step S31, the dealing money in Transaction Information is determined;
Step S32, according to dealing money, t is determinedminNumerical value, wherein, dealing money is bigger, tminNumerical value it is bigger.
For example, when generating 10 sub- private keys using a main private key, this 10 sub- private keys are then respectively stored in 10
When in different mobile terminals, if the transaction amount of money in Transaction Information is larger (for example, 100,000 RMB), moved to increase
The dynamic security paid, can be by tminNumerical value be set to 8, it is correspondingly, in above-mentioned steps S4, it is necessary to stored above using 8
The mobile terminal for having sub- private key is signed to Transaction Information respectively.If the transaction amount of money in Transaction Information it is smaller (for example,
100 RMB), can be by t to increase the flexibility of mobile paymentminNumerical value be arranged to 2, correspondingly, in above-mentioned steps S4
In, only need 2 mobile terminals stored above for having sub- private key to be signed respectively to Transaction Information.Therefore, when in Transaction Information
Dealing money it is larger when, can be by tminNumerical value be configured larger, to increase the security of mobile payment;Work as Transaction Information
In dealing money it is smaller when, can be by tminNumerical value be configured smaller, to increase the flexibility of mobile payment.
For ease of it will be appreciated by those skilled in the art that three kinds of the method for mobile payment provided below the embodiment of the present invention
Application scenarios explanation for example.
Application scenarios one, a user possess 3 mobile terminals, then can profit such as mobile phone, Intelligent bracelet and bluetooth Key
3 sub- private keys are generated with a main private key, this 3 sub- private keys are then respectively stored in mobile phone, Intelligent bracelet and bluetooth Key
In, i.e., N=3 in this case.If by tminWhen being set as 2, when user wants correctly to sign to a transaction information
When, then at least need respectively to enter the Transaction Information using any two mobile terminal in mobile phone, Intelligent bracelet and bluetooth Key
Row signature.Now, even if user accidentally loses mobile phone, finding the people of the mobile phone can only also be entered using the mobile phone to Transaction Information
Row signature, so as to which the security of mobile payment will not be had influence on because of the loss of mobile phone.
Application scenarios two, an enterprise need to assign 3 people to be jointly managed the Transaction Information of enterprise, it is desirable to every time
Transaction at least needs 2 individual consents just to allow transaction to be smoothed out.At this point it is possible to 3 sub- private keys are generated using a main private key,
Then this 3 sub- private keys are respectively stored in this 3 respective mobile phones of people, i.e., N=3 in this case.Further, will
tminIt is set as 2, so as to which when enterprise needs to carry on a deal, the mobile phone at least needing 2 people to be stored with sub- private key is right respectively
Transaction Information is signed just can be with.
Application scenarios three, a pair of men and wives jointly manage family assets.At this point it is possible to deposited respectively in this mobile phone to man and wife
2 sub- private keys are contained, this 2 sub- private keys are generated using a main private key, i.e., N=2 in this case.Further,
By tminIt is set as 2, so that when needing to carry on a deal to family assets, it is necessary to which couple are stored with the hand of sub- private key
Machine is respectively that Transaction Information signed just can be with.
Embodiment two
The embodiments of the invention provide a kind of mobile-payment system, for implementing the mobile payment side as described in embodiment one
Method, as shown in figure 5, the mobile-payment system includes:Sub- private key generation module 1, for N number of not using a main private key, generation
Same sub- private key, N is positive integer and satisfaction:N≥2;The distribute module 2 being connected with sub- private key generation module 1, for by N number of son
Private key is respectively stored in N number of different mobile terminal;The parameter determination module 3 being connected with distribute module 2, for determining to handing over
Easy information sign the minimum quantity t of required mobile terminalmin, wherein tminFor positive integer and satisfaction:tmin> 1;With parameter
Determining module 3 connect first choose module 4, for from N number of mobile terminal choose t mobile terminal, t be positive integer and completely
Foot:tmin≤t≤N;The signature blocks 5 being connected with the first selection module 4, for using the sub- private key stored in t mobile terminal
Transaction Information is signed respectively, obtained and t sub- one-to-one first signatures of private key;It is connected with signature blocks 5 whole
Matched moulds block 6, for being integrated to the first all signatures, the second signature is obtained, the second signature with main private key with being believed transaction
Breath signature resulting after being signed is identical;The authentication module 7 being connected with integrating module 6, for using Your Majesty's key to second
Signature is verified.
By the mobile-payment system that the embodiment of the present invention is provided includes that, with upper module, therefore, sub- private can be first passed through
Key generation module 1 utilizes a main private key, generates N number of different sub- private key, N is positive integer and satisfaction:N >=2, then pass through distribution
This N number of sub- private key is respectively stored in N number of different mobile terminal by module 2, then is determined by parameter determination module 3 to transaction
Information sign the minimum quantity t of required mobile terminalmin, wherein tminFor positive integer and satisfaction:tmin> 1, then passes through
First selection module 4 chooses t mobile terminal from this N number of mobile terminal, and wherein t is positive integer and satisfaction:tmin≤ t≤N,
Transaction Information is signed respectively using the sub- private key stored in above-mentioned t mobile terminal by signature blocks 5 again, obtain with
One-to-one first signature of the sub- private keys of t, is then integrated by integrating module 6 to the first all signatures, obtains the
Two signatures, wherein the second signature with Transaction Information is signed with main private key after resulting signature it is identical, then pass through again
Authentication module 7 is verified using Your Majesty's key to the second signature, that is to say, that only from N number of mobile end for being stored with sub- private key
Two are at least chosen in end, Transaction Information can correctly be signed, even if so as to other people in addition to validated user
A mobile terminal for being stored with sub- private key is obtained also can not correctly to sign to Transaction Information.As the above analysis,
The mobile-payment system that the embodiment of the present invention is provided realizes only just may be used using multiple mobile terminals for being stored with sub- private key
Correctly to be signed to Transaction Information, compared to only needing a mobile terminal for being stored with sub- private key in the prior art
The mobile payment mode correctly signed to Transaction Information, hence it is evident that improve the security of payment.
Alternatively, as shown in fig. 6, the mobile-payment system that the embodiment of the present invention is provided also includes:Generated with sub- private key
The first sub- public key generation module 8 that module 1 connects, for utilizing N number of sub- private key, generate N number of sub correspondingly with sub- private key
Public key;Second be connected with sub- public key generation module chooses module 9, for choosing t sub- public keys from N number of sub- public key;With
Two choose the first computing module 10 that module 9 connects, for calculating a master to match with main private key using t sub- public keys
Public key, and utilize Your Majesty's key generation public key certificate;The first uploading module 11 being connected with the first computing module 10, for by public key
Certificate is uploaded to the webserver 12;Authentication module 7 includes the first download module 13 and the first sub- authentication module 14, wherein, the
One download module 13 is connected with the webserver 12, for downloading public key certificate from the webserver 12, and utilizes the public key
Warrant recovery goes out Your Majesty's key;First sub- authentication module 14 is connected with the first download module 13, for recovering to obtain from public key certificate
Your Majesty's key to second signature verify.
Alternatively, as shown in fig. 6, the mobile-payment system that the embodiment of the present invention is provided also includes:Mould is calculated with first
The removing module 15 that block 10 connects, for intermediate data caused by calculating process to be deleted.
Alternatively, as shown in fig. 7, the mobile-payment system that the embodiment of the present invention is provided also includes:Generated with sub- private key
The second sub- public key generation module 16 that module 1 connects, for utilizing N number of sub- private key, generate N number of sub correspondingly with sub- private key
Public key;The 3rd be connected with the second sub- public key generation module 16 chooses module 17, public for choosing t son from N number of sub- public key
Key;The second uploading module 18 being connected with the 3rd selection module 17, for t sub- public keys to be uploaded into the webserver 12;Test
Card module 7 includes the second download module 19, the second computing module 20 and the second sub- authentication module 21, wherein, the second download module
19 are connected with the webserver 12, for downloading all t sub- public keys from the webserver 12;Second computing module 20 with
Second download module 19 connects, for calculating the Your Majesty to match with main private key a key using the t sub- public keys downloaded to;
Second sub- authentication module 21 is connected with the second computing module 20, for being verified using Your Majesty's key to the second signature.
Alternatively, as shown in figure 8, parameter determination module 3 can specifically include:Dealing money acquiring unit 22, for true
Determine the dealing money in Transaction Information;The minimum quantity determining unit 23 being connected with dealing money acquiring unit 22, for basis
Dealing money, it is determined that the minimum quantity t for the required mobile terminal that to Transaction Information signmin, wherein, dealing money is bigger,
tminNumerical value it is bigger.
It should be noted that process when mobile-payment system moves payment, referring to mobile payment in embodiment one
The associated description of method can obtain, and no longer be repeated herein.
The foregoing is only a specific embodiment of the invention, but protection scope of the present invention is not limited thereto, any
Those familiar with the art the invention discloses technical scope in, change or replacement can be readily occurred in, should all be contained
Cover within protection scope of the present invention.Therefore, protection scope of the present invention should be based on the protection scope of the described claims.
Claims (9)
1. a kind of method of mobile payment, it is characterised in that the method for mobile payment includes:
Using a main private key, N number of different sub- private key is generated, N is positive integer and satisfaction:N≥2;
N number of sub- private key is respectively stored in N number of different mobile terminal;
It is determined that the minimum quantity t for the required mobile terminal that to Transaction Information signmin, wherein tminFor positive integer and satisfaction:
tmin> 1;
T mobile terminal is chosen from N number of mobile terminal, wherein, t is positive integer and satisfaction:tmin≤t≤N;
Transaction Information is signed respectively using the sub- private key stored in the t mobile terminals, obtained private with the t sons
One-to-one first signature of key;
All first signatures are integrated, obtain the second signature, described second signs and with the main private key to institute
Signature obtained by stating after Transaction Information is signed is identical;
The described second signature is verified using Your Majesty's key;
After the step of generating N number of different sub- private key, the method for mobile payment also includes:
Using N number of sub- private key, the N number of and sub- private key public key correspondingly is generated;
T sub- public keys are chosen from N number of sub- public key;
The t sub- public keys are uploaded to the webserver;
Described the step of being verified using Your Majesty's key to the described second signature, is specifically included:
The t sub- public keys are downloaded from the webserver;
A Your Majesty's key to match with the main private key is calculated using the t downloaded to the sub- public keys;
The described second signature is verified using Your Majesty's key.
2. method of mobile payment according to claim 1, it is characterised in that generate N number of different sub- private key the step of
Afterwards, the method for mobile payment also includes:
Using N number of sub- private key, the N number of and sub- private key public key correspondingly is generated;
T sub- public keys are chosen from N number of sub- public key;
A Your Majesty's key to match with the main private key is calculated using the t sub- public keys, and is given birth to using Your Majesty's key
Into public key certificate;
The public key certificate is uploaded to the webserver;
Described the step of being verified using Your Majesty's key to the described second signature, is specifically included:
The public key certificate is downloaded from the webserver, and Your Majesty's key is recovered using the public key certificate;
The described second signature is verified using from Your Majesty's key that the public key certificate recovers to obtain.
3. method of mobile payment according to claim 2, it is characterised in that calculating one using the t sub- public keys
After the step of Your Majesty's key that the individual and main private key matches, the method for mobile payment also includes:
Caused intermediate data in calculating process is deleted.
4. method of mobile payment according to claim 1, it is characterised in that it is determined that it is required to Transaction Information sign
The minimum quantity t of mobile terminalminThe step of specifically include:
Determine the dealing money in the Transaction Information;
According to the dealing money, t is determinedminNumerical value, wherein, the dealing money is bigger, tminNumerical value it is bigger.
5. a kind of mobile-payment system, for implementing the method for mobile payment described in any one of Claims 1 to 44, its feature exists
In the mobile-payment system includes:
Sub- private key generation module, for utilizing a main private key, N number of different sub- private key is generated, N is positive integer and satisfaction:N≥
2;
The distribute module being connected with the sub- private key generation module is N number of different for N number of sub- private key to be respectively stored in
In mobile terminal;
The parameter determination module being connected with the distribute module, for determining to carry out required mobile terminal of signing to Transaction Information
Minimum quantity tmin, wherein tminFor positive integer and satisfaction:tmin> 1;
First be connected with the parameter determination module chooses module, mobile whole for choosing t from N number of mobile terminal
End, t is positive integer and satisfaction:tmin≤t≤N;
The signature blocks being connected with the described first selection module, for using the sub- private key point stored in the t mobile terminals
It is other that Transaction Information is signed, obtain and t sub- one-to-one first signatures of private key;
The integration module being connected with the signature blocks, for being integrated to all first signatures, obtain the second label
Name, second signature with the Transaction Information is signed with the main private key after resulting signature it is identical;
The authentication module being connected with the integration module, for being verified using Your Majesty's key to the described second signature.
6. mobile-payment system according to claim 5, it is characterised in that the mobile-payment system also includes:
The first sub- public key generation module being connected with the sub- private key generation module, for utilizing N number of sub- private key, generate N
The individual sub- public key correspondingly with the sub- private key;
Second be connected with the sub- public key generation module chooses module, public for choosing t son from N number of sub- public key
Key;
The first computing module being connected with the described second selection module, for calculating one and institute using the t sub- public keys
Your Majesty's key that main private key matches is stated, and utilizes Your Majesty's key generation public key certificate;
The first uploading module being connected with first computing module, for the public key certificate to be uploaded into the webserver;
The authentication module includes the first download module and the first sub- authentication module, wherein, first download module with it is described
The webserver connects, and recovers for downloading the public key certificate from the webserver, and using the public key certificate
Go out Your Majesty's key;The first sub- authentication module is connected with first download module, for recovering from the public key certificate
Obtained Your Majesty's key is verified to the described second signature.
7. mobile-payment system according to claim 6, it is characterised in that the mobile-payment system also includes:With institute
The removing module of the first computing module connection is stated, for intermediate data caused by calculating process to be deleted.
8. mobile-payment system according to claim 5, it is characterised in that the mobile-payment system also includes:
The second sub- public key generation module being connected with the sub- private key generation module, for utilizing N number of sub- private key, generate N
The individual sub- public key correspondingly with the sub- private key;
The 3rd be connected with the described second sub- public key generation module chooses module, for choosing t son from N number of sub- public key
Public key;
The second uploading module being connected with the described 3rd selection module, for the t sub- public keys to be uploaded into the webserver;
The authentication module includes the second download module, the second computing module and the second sub- authentication module, wherein, under described second
Carry module to be connected with the webserver, for downloading all t sub- public keys from the webserver;It is described
Second computing module is connected with second download module, for using the t that the downloads to sub- public keys calculate one with
Your Majesty's key that the main private key matches;The second sub- authentication module is connected with second computing module, for using institute
Your Majesty's key is stated to verify the described second signature.
9. mobile-payment system according to claim 5, it is characterised in that the parameter determination module specifically includes:
Dealing money acquiring unit, for determining the dealing money in Transaction Information;
The minimum quantity determining unit being connected with the dealing money acquiring unit, for according to the dealing money, it is determined that pair
The Transaction Information sign the minimum quantity t of required mobile terminalmin, wherein, the dealing money is bigger, tminNumber
Value is bigger.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610581937.1A CN106251146B (en) | 2016-07-21 | 2016-07-21 | A kind of method of mobile payment and mobile-payment system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610581937.1A CN106251146B (en) | 2016-07-21 | 2016-07-21 | A kind of method of mobile payment and mobile-payment system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106251146A CN106251146A (en) | 2016-12-21 |
CN106251146B true CN106251146B (en) | 2018-04-10 |
Family
ID=57603631
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610581937.1A Active CN106251146B (en) | 2016-07-21 | 2016-07-21 | A kind of method of mobile payment and mobile-payment system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106251146B (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113765657B (en) * | 2017-08-28 | 2023-10-24 | 创新先进技术有限公司 | Key data processing method, device and server |
CN109816362B (en) * | 2019-01-28 | 2021-07-06 | 杭州复杂美科技有限公司 | Red packet processing method, device and storage medium |
WO2020181427A1 (en) * | 2019-03-08 | 2020-09-17 | 云图有限公司 | Signing method, device, and system employing secure multi-party computation |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101056173A (en) * | 2007-05-22 | 2007-10-17 | 周弘懿 | A RSA based joint electronic signature method |
CN101416439A (en) * | 2006-04-06 | 2009-04-22 | 英特尔公司 | Supporting multiple key ladders using a common private key set |
-
2016
- 2016-07-21 CN CN201610581937.1A patent/CN106251146B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101416439A (en) * | 2006-04-06 | 2009-04-22 | 英特尔公司 | Supporting multiple key ladders using a common private key set |
CN101056173A (en) * | 2007-05-22 | 2007-10-17 | 周弘懿 | A RSA based joint electronic signature method |
Also Published As
Publication number | Publication date |
---|---|
CN106251146A (en) | 2016-12-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20200394651A1 (en) | Dynamic off-chain digital currency transaction processing | |
EP3509006A1 (en) | Information sharing system | |
CN109409122A (en) | File memory method and its electronic equipment, storage medium | |
WO2012004838A1 (en) | Service provision method | |
CN109472164A (en) | The verification method and its network and electronic equipment of contract dataset | |
CN107392603A (en) | Use the method for commerce and device of digital cash | |
CN103714626A (en) | Multi-password pre-warning type bank card capable of being controlled by different card | |
CN1636353A (en) | A method, system and computer program product for secure ticketing in a communications device | |
CA2418050A1 (en) | Linking public key of device to information during manufacture | |
WO2016134039A1 (en) | Verifying electronic transactions | |
CN104462949B (en) | The call method and device of a kind of plug-in unit | |
JPH10504150A (en) | A method for securely using digital signatures in commercial cryptosystems | |
CN106251146B (en) | A kind of method of mobile payment and mobile-payment system | |
CN108241979A (en) | More account book transfer account methods, electronic device and readable storage medium storing program for executing based on block chain | |
CA2355928C (en) | Method and system for implementing a digital signature | |
CN109978533B (en) | Offline secure payment system and method for resisting two-dimension code theft | |
EP0904581A1 (en) | System with and method of cryptographically protecting communications | |
KR102227578B1 (en) | Method for serving certificate based on zero knowledge proof by using blockchain network, and server and terminal for using them | |
CN113474804A (en) | Transaction and account verification method, device and storage medium of digital currency | |
CN107256479A (en) | The classification of trade mode performs method and device | |
CN114239066A (en) | Contract processing method based on block chain and related equipment | |
CA3184856A1 (en) | Method, participatant unit, transaction register, and payment system for managing transaction data sets | |
CN109889343A (en) | Electronic invoice circulation control method and device | |
CN103186805A (en) | Smart card and signature authentication method based on smart card | |
CN111598556A (en) | Digital currency exchange method, device, equipment and medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |