CN106790210A - Data safety exchange method, end side safety device and service side safety device - Google Patents
Data safety exchange method, end side safety device and service side safety device Download PDFInfo
- Publication number
- CN106790210A CN106790210A CN201710009006.9A CN201710009006A CN106790210A CN 106790210 A CN106790210 A CN 106790210A CN 201710009006 A CN201710009006 A CN 201710009006A CN 106790210 A CN106790210 A CN 106790210A
- Authority
- CN
- China
- Prior art keywords
- data
- terminal
- service
- safety device
- service end
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention discloses a kind of data safety exchange method, the data safety exchange method is comprised the following steps:The data of ciphering terminal, and the data after encryption are issued into the terminal, so that the data after encryption are issued service end by the terminal;The data through servicing the encryption of side safety device that the terminal is obtained from the service end are decrypted, the data after decryption are issued into the terminal.The invention also discloses a kind of end side safety device and service side safety device.The present invention improves the security of the data transfer between terminal and service end in system.
Description
Technical field
The present invention relates to field of data transmission, more particularly to a kind of data safety exchange method, end side safety device and
Service side safety device.
Background technology
Since 21 century, various security incidents emerge in an endless stream, and the national security of China is just becoming increasingly complicated;China
National cryptosecurity office and center the People's Bank of China are put out jointly based on SM2/SM3/ for the safety problem of financial industry
Chinese state's Data Encryption Standard of SM4 algorithms and certification, progressively require that the self-service device and system of financial industry must be by the close certifications of state.
The part that the ATM being currently in use in the market is currently in use does not support the close algorithm of state mostly, and various parts
Being upgraded to the close algorithm of support state had both needed the time, had been directed to the cost of hardware modification.
The content of the invention
It is a primary object of the present invention to provide a kind of data safety exchange method, end side safety device and service side
Safety device, it is intended to make existing atm device low cost and rapidly meet the close certification of state.
To achieve the above object, a kind of data safety exchange method that the present invention is provided, it is characterised in that the data peace
Full exchange method is comprised the following steps:
Data of ciphering terminal, and the data after encryption are issued into the terminal, so that the terminal is by the number after encryption
According to issuing service end;
The data through servicing the encryption of side safety device that the terminal is obtained from the service end are decrypted, after decryption
Data issue the terminal.
Preferably, the data of the ciphering terminal include:
Ciphering terminal is sent to the data of service end;
The communication data that the service end is sent to the terminal carries out MAC calculating.
To achieve the above object, the present invention also provides a kind of data safety exchange method, the data safety exchange method
Comprise the following steps:
The data encrypted through end side safety device that decryption service end is obtained from terminal, and the data after decryption are issued
The service end;
The data of the service end are encrypted, and the service end is given by the data is activation after encryption, for the service end
Data after encryption are issued into the terminal.
Preferably, the data encrypted through end side safety device that the decryption service end is obtained from terminal include:
The communication data calculated through MAC that the service end is obtained from the terminal is verified;
After verifying successfully, the encrypted data are decrypted.
To achieve the above object, the present invention also provides a kind of end side safety device, and the end side safety device includes
End side encrypting module and end side deciphering module, wherein:
Data after encryption for the data of ciphering terminal, and are issued the terminal by the end side encrypting module, with
The data after encryption are issued into service end for the terminal;
The end side deciphering module, fills safely from what the service end was obtained for decrypting the terminal through servicing side
The data of encryption are put, and the data after decryption are issued into the terminal.
Preferably, the encrypting module includes DEU data encryption unit and MAC computing units, wherein:
The DEU data encryption unit, the data of service end are sent to for ciphering terminal;
The MAC computing units, the communication data for being sent to the service end to the terminal carries out MAC calculating.
Preferably, the end side safety device encrypts and decrypts operation by SM4 algorithms to the data.
To achieve the above object, the present invention also provides a kind of service side safety device, service side safety device
Including service side deciphering module and service side encrypting module, wherein:
Service side deciphering module, for decrypt service end from terminal obtain through end side safety device encrypt
Data, and the data after decryption are issued into the service end;
Service side encrypting module, the data for encrypting the service end, and the data is activation after encryption is given
The service end, so that the data after encryption are issued the terminal by the service end.
Preferably, service side deciphering module includes MAC verification units and data decryption unit, wherein:
The MAC verification units, for entering to the communication data calculated through MAC that the service end is obtained from the terminal
Row verification;
The data decryption unit, for after verifying successfully, the encrypted data being decrypted.
Preferably, service side safety device encrypts and decrypts operation by SM4 algorithms to the data.
Be encrypted for the data that terminal is sent to service end by end side safety device by the present invention;Service side safety
The encrypted described data that device will be sent to the service end are decrypted, and encrypt the service end and be sent to the end
The data at end;The encrypted described data that end side safety device will be sent to the terminal are decrypted.So that the end
End and the service end between transmit data be all by encryption, and each side can decrypt reading data, protect
The security of data interaction between the terminal and the service end is demonstrate,proved.
Brief description of the drawings
Fig. 1 is the schematic flow sheet of data safety exchange method first embodiment of the present invention;
Fig. 2 is the schematic flow sheet of data safety exchange method second embodiment of the present invention;
Fig. 3 is the schematic flow sheet of data safety exchange method 3rd embodiment of the present invention;
Fig. 4 is the schematic flow sheet of data safety exchange method fourth embodiment of the present invention;
Fig. 5 be data safety interactive system of the present invention in end side and service side between data safety interact schematic diagram;
Fig. 6 a are the high-level schematic functional block diagram of end side scheme one in Fig. 5;
Fig. 6 b are the high-level schematic functional block diagram of end side scheme two in Fig. 5;
Fig. 7 is the high-level schematic functional block diagram of safety device first embodiment in end side of the present invention;
Fig. 8 is that the refinement functional module of end side encrypting module in safety device second embodiment in end side of the present invention is illustrated
Figure;
The schematic diagram of SM4 algorithms in Fig. 9 safety device 3rd embodiments in end side of the present invention;
Figure 10 a are the high-level schematic functional block diagram of service end side case one in Fig. 5;
Figure 10 b are the high-level schematic functional block diagram of service end side case two in Fig. 5;
Figure 10 c are the high-level schematic functional block diagram of service end side case three in Fig. 5;
Figure 11 is the high-level schematic functional block diagram of present invention service side safety device first embodiment;
Figure 12 is the refinement functional module of service end deciphering module in present invention service side safety device second embodiment
Schematic diagram.
The realization of the object of the invention, functional characteristics and advantage will be described further referring to the drawings in conjunction with the embodiments.
Specific embodiment
It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not intended to limit the present invention.
The present invention provides a kind of data safety exchange method, refers to Fig. 1, in one embodiment, data safety interaction
Method is comprised the following steps:
Step S110, the data of ciphering terminal, and the data after encryption are issued into the terminal, so that the terminal will add
Data after close issue service end;
Data safety exchange method provided in an embodiment of the present invention is applied in existing ATM, will meet the close algorithm of state
Safety device is combined with the ATM, so that ATM meets the close algorithm of state, it is ensured that the security of ATM data interaction.It is described
Terminal is operation system of software of the user using ATM, can be the SDK (Software of ATM specifically
Development Kit, SDK) or SP based on WOSA/XFS standards drive.The service end is that the hardware in ATM sets
It is standby, at least including code keypad, paper money supplying module, card reader.
In the embodiment of the present invention, the data that the terminal issues the service end are operational order, and the service end sends
Data to the terminal are implementing result.
The operational order that the terminal will be sent to the service end issues the end side safety device, the end side
Safety device sends back to the terminal after being encrypted to the operational order, the terminal will be encrypted after the operation refer to
The service end is issued in order.Wherein described end side safety device is the code keypad for possessing the close function of state in operating system in itself
Drive or the close security module of an extra increased state, such as ZT130, the close security module ZT130 of state is similar to silver
The data for sending can be encrypted by the USB-Key in row payment.
Step S120, decrypts the data through servicing the encryption of side safety device that the terminal is obtained from the service end,
Data after decryption are issued into the terminal.
The terminal receives the implementing result that the service end sends and is transmitted to the end side safety device, the end
Side safety device after the encrypted implementing result decryption to beaming back the terminal.
In the present embodiment, the operational order that terminal is sent to service end is encrypted by end side safety device;Eventually
The encrypted described implementing result that side safety device will be sent to the terminal is decrypted.So that the terminal with it is described
Between service end transmit data be all by encryption, and each side can decrypt reading data, it is ensured that it is described
The security of data interaction between terminal and the service end.
Further, Fig. 2 is referred to, based on the first embodiment of data safety exchange method of the present invention, in number of the present invention
According to safety interacting method second embodiment, the step S110 includes:
Step S111, ciphering terminal is sent to the data of service end;
Step S112, the communication data that the service end is sent to the terminal carries out MAC calculating.
The calculation of MAC (Message Authentication Code, Message Authentication Code) has two kinds, and one kind is profit
It is encrypted with existing AES;Another kind is to use special MAC algorithms, when hashed value is calculated by key and data
Simultaneously as input, and calculated by the way of secondary hash iteration.Before transmitting data, end side safety device makes first
The hash function consulted with communicating pair calculates its digest value.Under the session key effect that both sides share, obtained by digest value
Obtain MAC.Afterwards, it and data are sent together.
In the present embodiment, end side safety device ciphering terminal is sent to the data of service end, including the terminal is sent out
The communication data for giving the service end carries out MAC calculating so that the terminal and the service end are in data transmission procedure
MAC is verified, can interpolate that out whether data are tampered, be conducive to certification and the integrity ensuring of data.
The present invention also provides a kind of data safety exchange method, refers to Fig. 3, in the third embodiment, the data safety
Exchange method is comprised the following steps:
Step S210, the data encrypted through end side safety device that decryption service end is obtained from terminal, and by after decryption
Data issue the service end;
Step S220, encrypts the data of the service end, and gives the service end by the data is activation after encryption, for institute
State service end and the data after encryption are issued into the terminal.
Service side safety device is arranged between the connection of the service end and the terminal, afterwards or be itself
Possess the hardware device of the service end of the close algorithm of state, such as code keypad.With service side safety device in the present embodiment
Illustrated as a example by being arranged at after the service end and the connection of the terminal.
The service end is transmitted to the clothes after receiving the operational order after being encrypted through end side safety device
Business side safety device, service side safety device will send clear data after the encrypted operational order decryption
To the service end.The service end is sent to service side safety device after drawing implementing result according to clear data,
Service side safety device beams back the service end after the implementing result is encrypted, the service end will be through described
The implementing result of service side safety device encryption is transmitted to the terminal.
The encrypted described data that the present invention will be sent to the service end by servicing side safety device are solved
It is close, and encrypt the data that the service end is sent to the terminal.So that the number transmitted between the terminal and the service end
According to be all by encryption, and each side can decrypt reading data, it is ensured that the terminal and the service end it
Between data interaction security.
Further, Fig. 4 is referred to, based on data safety exchange method 3rd embodiment of the present invention, in data of the present invention
In safety interacting method fourth embodiment, the step S210 includes:
Step S211, verifies to the communication data calculated through MAC that the service end is obtained from the terminal;
Step S212, after verifying successfully, the encrypted data is decrypted.
The calculation of MAC (Message Authentication Code, Message Authentication Code) has two kinds, and one kind is profit
It is encrypted with existing AES;Another kind is to use special MAC algorithms, when hashed value is calculated by key and data
Simultaneously as input, and calculated by the way of secondary hash iteration.After service side safety device receives message, first with
Session key reduces digest value, while receiving the digest value of data in local computing using hash function, and the two is counted
According to comparing.If both are equal, message passes through certification.
In the present embodiment, service side safety device enters to the communication data calculated through MAC for being sent to the service end
Row verification, after verifying successfully, the encrypted data is decrypted.So that the terminal and the service end are in data
MAC is verified in transmitting procedure, can interpolate that out whether data are tampered, the certification and integrality for being conducive to data are protected
Barrier.
The present invention also provides a kind of end side safety device, refers to Fig. 5 to Fig. 7, in the first embodiment, the terminal
Side safety device 10 includes end side encrypting module 11 and end side deciphering module 12, wherein:
Data after encryption for the data of ciphering terminal, and are issued the terminal by the end side encrypting module 11,
So that the data after encryption are issued service end by the terminal;
End side safety device provided in an embodiment of the present invention is applied in existing ATM, will meet the peace of the close algorithm of state
Full device is combined with the ATM, so that ATM meets the close algorithm of state, it is ensured that the security of ATM data interaction.The end
The operation system of software that ATM is used for user is held, can be the SDK (Software of ATM specifically
Development Kit, SDK) or SP based on WOSA/XFS standards drive.The service end is that the hardware in ATM sets
It is standby, at least including code keypad, paper money supplying module, card reader.
In the embodiment of the present invention, the data that the terminal issues the service end are operational order, and the service end sends
Data to the terminal are implementing result.
The operational order that the terminal will be sent to the service end issues the end side safety device, the end side
Safety device sends back to the terminal after being encrypted to the operational order, the terminal will be encrypted after the operation refer to
The service end is issued in order.Wherein described end side safety device is the code keypad for possessing the close function of state in operating system in itself
Drive or the close security module of an extra increased state, such as ZT130, the close security module ZT130 of state is similar to silver
The data for sending can be encrypted by the USB-Key in row payment.
The operational order that the terminal will be sent to the service end issues the end side safety device 10, the terminal
11 pairs of operational orders of the end side encrypting module in the safety device of side send back to the terminal after being encrypted, described
Terminal will be encrypted after the operational order issue the service end.
The end side deciphering module 12, for decrypt the terminal from the service end obtain through service side safety
The data of device encryption, and the data after decryption are issued into the terminal.
The terminal is transmitted to the end side safety device 10 after receiving the implementing result that the service end sends, described
The end side deciphering module 12 pairs in end side safety device 10 is through servicing the execution that side safety device 20 is encrypted
The terminal is beamed back after result decryption.
In the present embodiment, the operational order that terminal is sent to service end is encrypted by end side safety device;Eventually
The encrypted described implementing result that side safety device will be sent to the terminal is decrypted.So that the terminal with it is described
Between service end transmit data be all by encryption, and each side can decrypt reading data, it is ensured that it is described
The security of data interaction between terminal and the service end.
Further, Fig. 8 is referred to, based on safety device first embodiment in end side of the present invention, in end side of the present invention
In safety device second embodiment, the end side encrypting module 11 includes DEU data encryption unit 111 and MAC computing units 112,
Wherein:
The DEU data encryption unit 111, the data of service end are sent to for ciphering terminal;
The MAC computing units 112, by being sent to the terminal based on the communication data of the service end carries out MAC
Calculate.
The calculation of MAC (Message Authentication Code, Message Authentication Code) has two kinds, and one kind is profit
It is encrypted with existing AES;Another kind is to use special MAC algorithms, when hashed value is calculated by key and data
Simultaneously as input, and calculated by the way of secondary hash iteration.Before transmitting data, end side safety device makes first
The hash function consulted with communicating pair calculates its digest value.Under the session key effect that both sides share, obtained by digest value
Obtain MAC.Afterwards, it and data are sent together.
In the present embodiment, end side safety device ciphering terminal is sent to the data of service end, including the terminal is sent out
The communication data for giving the service end carries out MAC calculating so that the terminal and the service end are in data transmission procedure
MAC is verified, can interpolate that out whether data are tampered, be conducive to certification and the integrity ensuring of data.
Further, above-described embodiment based on end side safety device of the present invention, in end side safety device of the present invention
3rd embodiment in, the end side safety device 10 encrypts and decrypts operation by SM4 algorithms to the data.
SM4 algorithms are a grouping algorithms, including nonlinear transformation S boxes, and be made up of displacement XOR it is linear
Conversion.In addition to the S boxes of 256 bytes, other two groups of parameters FK and CK are also defined.Basic process is first 16 bytes
Key is divided into 4 groups for one group according to 4 byte, then according to key schedule, generates 32 group of 4 byte round key;Again input
16 byte datas are also divided into 4 groups and then are circulated computing according to one group of 4 byte, and particular flow sheet refers to Fig. 9.The algorithm
Block length is 128 bits, and key length is 128 bits.AES and key schedule are all non-linear repeatedly using 32 wheels
For structure.Decipherment algorithm is identical with the structure of AES, and simply the use order of round key is conversely, decryption round key is encryption
The backward of round key, this algorithm uses nonlinear iteration structure, each iteration to be provided by a round function, and wherein round function is by one
Individual nonlinear transformation and linear transformation are composited, and nonlinear transformation substantially increases the safety of algorithm as given by S boxes
Property.
In the present embodiment, the end side safety device is using SM4 algorithms come to the operational order and the execution knot
Fruit encrypts and decrypts operation, can meet the security that the standard of the close certification of state can greatly improve data transfer again.
The present invention also provides a kind of service side safety device, refers to Fig. 5, Figure 10 and Figure 11, in the first embodiment,
Service side safety device 20 includes service side deciphering module 21 and service side encrypting module 22, wherein:
Service side deciphering module 21, encrypts from what terminal was obtained for decrypting service end through end side safety device
Data, and the data after decryption are issued into the service end;
Service side encrypting module 22, the data for encrypting the service end, and by the data is activation after encryption
To the service end, so that the data after encryption are issued the terminal by the service end.
Service side safety device is arranged between the connection of the service end and the terminal, afterwards or be itself
Possess the hardware device of the service end of the close algorithm of state, such as code keypad.With service side safety device in the present embodiment
Illustrated as a example by being arranged at after the service end and the connection of the terminal.
The service end is transmitted to the clothes after receiving the operational order after being encrypted through end side safety device
Business side safety device, service side safety device will send clear data after the encrypted operational order decryption
To the service end.The service end is sent to service side safety device after drawing implementing result according to clear data,
Service side safety device beams back the service end after the implementing result is encrypted, the service end will be through described
The implementing result of service side safety device encryption is transmitted to the terminal.
The encrypted described data that the present invention will be sent to the service end by servicing side safety device are solved
It is close, and encrypt the data that the service end is sent to the terminal.So that the number transmitted between the terminal and the service end
According to be all by encryption, and each side can decrypt reading data, it is ensured that the terminal and the service end it
Between data interaction security.
Further, Figure 12 is referred to, based on present invention service side safety device first embodiment, is serviced in the present invention
In the safety device second embodiment of side, service side deciphering module 21 includes MAC verification units 211 and data deciphering list
Unit 212, wherein:
The MAC verification units 211, for the communication number calculated through MAC obtained from the terminal to the service end
According to being verified;
The data decryption unit 212, for after verifying successfully, the encrypted data being decrypted.
The calculation of MAC (Message Authentication Code, Message Authentication Code) has two kinds, and one kind is profit
It is encrypted with existing AES;Another kind is to use special MAC algorithms, when hashed value is calculated by key and data
Simultaneously as input, and calculated by the way of secondary hash iteration.After service side safety device receives message, first with
Session key reduces digest value, while receiving the digest value of data in local computing using hash function, and the two is counted
According to comparing.If both are equal, message passes through certification.
In the present embodiment, service side safety device enters to the communication data calculated through MAC for being sent to the service end
Row verification, after verifying successfully, the encrypted data is decrypted.So that the terminal and the service end are in data
MAC is verified in transmitting procedure, can interpolate that out whether data are tampered, the certification and integrality for being conducive to data are protected
Barrier.
Further, above-described embodiment based on present invention service side safety device, in present invention service side safety
In the 3rd embodiment of device, service side safety device encrypts and decrypts behaviour by SM4 algorithms to the data
Make.
SM4 algorithms are a grouping algorithms, including nonlinear transformation S boxes, and be made up of displacement XOR it is linear
Conversion.In addition to the S boxes of 256 bytes, other two groups of parameters FK and CK are also defined.Basic process is first 16 bytes
Key is divided into 4 groups for one group according to 4 byte, then according to key schedule, generates 32 group of 4 byte round key;Again input
16 byte datas are also divided into 4 groups and then are circulated computing according to one group of 4 byte, and particular flow sheet refers to Fig. 9.The algorithm
Block length is 128 bits, and key length is 128 bits.AES and key schedule are all non-linear repeatedly using 32 wheels
For structure.Decipherment algorithm is identical with the structure of AES, and simply the use order of round key is conversely, decryption round key is encryption
The backward of round key, this algorithm uses nonlinear iteration structure, each iteration to be provided by a round function, and wherein round function is by one
Individual nonlinear transformation and linear transformation are composited, and nonlinear transformation substantially increases the safety of algorithm as given by S boxes
Property.
In the present embodiment, service side safety device is using SM4 algorithms come to the operational order and the execution
Result encrypts and decrypts operation, can meet the security that the standard of the close certification of state can greatly improve data transfer again.
The preferred embodiments of the present invention are these are only, the scope of the claims of the invention is not thereby limited, it is every to utilize this hair
Equivalent structure or equivalent flow conversion that bright specification and accompanying drawing content are made, or directly or indirectly it is used in other related skills
Art field, is included within the scope of the present invention.
Claims (10)
1. a kind of data safety exchange method, it is characterised in that the data safety exchange method is comprised the following steps:
The data of ciphering terminal, and the data after encryption are issued into the terminal, so that the terminal sends out the data after encryption
To service end;
The data through servicing the encryption of side safety device that the terminal is obtained from the service end are decrypted, by the data after decryption
Issue the terminal.
2. data safety exchange method according to claim 1, it is characterised in that the data of the ciphering terminal include:
Ciphering terminal is sent to the data of service end;
The communication data that the service end is sent to the terminal carries out MAC calculating.
3. a kind of data safety exchange method, it is characterised in that the data safety exchange method is comprised the following steps:
The data encrypted through end side safety device that decryption service end is obtained from terminal, and the data after decryption are issued described
Service end;
The data of the service end are encrypted, and the service end is given by the data is activation after encryption, so that the service end will add
Data after close issue the terminal.
4. data safety exchange method according to claim 3, it is characterised in that the decryption service end is obtained from terminal
Through end side safety device encrypt data include:
The communication data calculated through MAC that service end is obtained from terminal is verified;
After verifying successfully, the encrypted data are decrypted.
5. a kind of end side safety device, it is characterised in that the end side safety device includes end side encrypting module and end
Side deciphering module, wherein:
Data after encryption for the data of ciphering terminal, and are issued the terminal, for institute by the end side encrypting module
State terminal and the data after encryption are issued into service end;
The end side deciphering module, adds from what the service end was obtained for decrypting the terminal through servicing side safety device
Close data, and the data after decryption are issued into the terminal.
6. end side safety device according to claim 5, it is characterised in that the end side encrypting module includes data
Ciphering unit and MAC computing units, wherein:
The DEU data encryption unit, the data of service end are sent to for ciphering terminal;
The MAC computing units, the communication data for being sent to the service end to the terminal carries out MAC calculating.
7. the end side safety device according to claim 5 or 6, it is characterised in that the end side safety device passes through
SM4 algorithms encrypt and decrypt operation to the data.
8. it is a kind of to service side safety device, it is characterised in that service side safety device includes service side decryption mould
Block and service side encrypting module, wherein:
Service side deciphering module, for decrypting the number encrypted through end side safety device that service end is obtained from terminal
According to, and the data after decryption are issued into the service end;
Service side encrypting module, the data for encrypting the service end, and by the data is activation after encryption to described
Service end, so that the data after encryption are issued the terminal by the service end.
9. service side according to claim 8 safety device, it is characterised in that service side deciphering module includes
MAC verification units and data decryption unit, wherein:
The MAC verification units, for being verified to the communication data calculated through MAC that service end is obtained from terminal;
The data decryption unit, for after verifying successfully, the encrypted data being decrypted.
10. service side safety device according to claim 8 or claim 9, it is characterised in that service side safety device
Operation is encrypted and decrypted to the data by SM4 algorithms.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710009006.9A CN106790210A (en) | 2017-01-05 | 2017-01-05 | Data safety exchange method, end side safety device and service side safety device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710009006.9A CN106790210A (en) | 2017-01-05 | 2017-01-05 | Data safety exchange method, end side safety device and service side safety device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106790210A true CN106790210A (en) | 2017-05-31 |
Family
ID=58949730
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710009006.9A Pending CN106790210A (en) | 2017-01-05 | 2017-01-05 | Data safety exchange method, end side safety device and service side safety device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106790210A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107786550A (en) * | 2017-10-17 | 2018-03-09 | 中电长城(长沙)信息技术有限公司 | A kind of safety communicating method of self-service device, safe communication system and self-service device |
| CN111310203A (en) * | 2020-02-10 | 2020-06-19 | 广东工业大学 | Electronic medical record hybrid encryption method based on SM2 and SM4 |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080077794A1 (en) * | 2006-09-22 | 2008-03-27 | International Business Machines Corporation | Method for controlling security function execution with a flexible, entendable, and non-forgable block |
| CN103853340A (en) * | 2014-03-28 | 2014-06-11 | 广东华大集成技术有限责任公司 | Touch keyword using national cipher SM1 encryption chip and encryption method thereof |
| CN105513222A (en) * | 2016-01-22 | 2016-04-20 | 广州御银科技股份有限公司 | Cash-out system and method based on cryptographic algorithm |
-
2017
- 2017-01-05 CN CN201710009006.9A patent/CN106790210A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080077794A1 (en) * | 2006-09-22 | 2008-03-27 | International Business Machines Corporation | Method for controlling security function execution with a flexible, entendable, and non-forgable block |
| CN103853340A (en) * | 2014-03-28 | 2014-06-11 | 广东华大集成技术有限责任公司 | Touch keyword using national cipher SM1 encryption chip and encryption method thereof |
| CN105513222A (en) * | 2016-01-22 | 2016-04-20 | 广州御银科技股份有限公司 | Cash-out system and method based on cryptographic algorithm |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107786550A (en) * | 2017-10-17 | 2018-03-09 | 中电长城(长沙)信息技术有限公司 | A kind of safety communicating method of self-service device, safe communication system and self-service device |
| CN107786550B (en) * | 2017-10-17 | 2019-11-05 | 中电长城(长沙)信息技术有限公司 | A kind of safety communicating method of self-service device, safe communication system and self-service device |
| CN111310203A (en) * | 2020-02-10 | 2020-06-19 | 广东工业大学 | Electronic medical record hybrid encryption method based on SM2 and SM4 |
| CN111310203B (en) * | 2020-02-10 | 2023-02-03 | 广东工业大学 | SM2 and SM 4-based electronic medical record hybrid encryption method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20210344495A1 (en) | Contactless card emulation system and method | |
| CN103714642B (en) | Key downloading method, management method, downloading management method and device and system | |
| CN102317904B (en) | System and methods for encryption with authentication integrity | |
| CN101075874B (en) | Certifying method and system | |
| CN106357400B (en) | Establish the method and system in channel between TBOX terminal and TSP platform | |
| CN101131756B (en) | Security authentication system, device and method for electric cash charge of mobile paying device | |
| CN101656007B (en) | Safe system realizing one machine with multiple ciphers on POS machine and method thereof | |
| CN103237005A (en) | Method and system for key management | |
| CN101631305B (en) | Encryption method and system | |
| CN104393993A (en) | A security chip for electricity selling terminal and the realizing method | |
| CN106572106A (en) | Method of transmitting message between TBOX terminal and TSP platform | |
| CN102332981A (en) | Three-layer key encryption method and bank transaction system | |
| CN107135070A (en) | Method for implanting, framework and the system of RSA key pair and certificate | |
| CN106973056A (en) | The safety chip and its encryption method of a kind of object-oriented | |
| CN103326862A (en) | Electronically signing method and system | |
| CN104901803A (en) | Data interaction safety protection method based on CPK identity authentication technology | |
| CN109543434A (en) | Block chain information encryption method, decryption method, storage method and device | |
| CN107707562A (en) | A kind of method, apparatus of asymmetric dynamic token Encrypt and Decrypt algorithm | |
| CN101938353B (en) | Method for remotely resetting personal identification number (PIN) of key device | |
| CN1316405C (en) | Method for obtaining digital siguature and realizing data safety | |
| CN107104795A (en) | Method for implanting, framework and the system of RSA key pair and certificate | |
| CN101931623B (en) | Safety communication method suitable for remote control with limited capability at controlled end | |
| CN103179514A (en) | Cell phone safe group-sending method and device for sensitive message | |
| CN106817369A (en) | Data safety exchange method and system | |
| CN101867471A (en) | Irrational number based DES authentication encryption algorithm |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170531 |