CN108881269B

CN108881269B - Seed key management method and system and token manufacturer production device

Info

Publication number: CN108881269B
Application number: CN201810719198.7A
Authority: CN
Inventors: 陆舟; 于华章
Original assignee: Feitian Technologies Co Ltd
Current assignee: Feitian Technologies Co Ltd
Priority date: 2018-07-02
Filing date: 2018-07-02
Publication date: 2020-10-13
Anticipated expiration: 2038-07-02
Also published as: CN108881269A

Abstract

The invention discloses a seed key management method, a seed key management system and a token manufacturer production device. The method comprises the following steps: the bank side sends the identity of the manufacturer seed file to the token producer; the token producer generates a downloading request according to the identity of the received manufacturer seed file and sends the downloading request to the bank; the bank side finds out the encrypted manufacturer seed file according to the downloading request and sends the encrypted manufacturer seed file to the token producer; the token producer decrypts the received encrypted manufacturer seed file to obtain a manufacturer seed file, produces a token according to the token seed in the manufacturer seed file, generates a return file according to the result of producing the token, encrypts the return file and sends the encrypted return file to the bank; and the bank side receives and stores the encrypted return file, decrypts the encrypted return file to obtain the return file, and generates an authentication seed file according to the return file. The method, the system and the token manufacturer production device provided by the invention are simple, convenient and safe to operate.

Description

Seed key management method and system and token manufacturer production device

Technical Field

The present invention relates to the field of information security, and in particular, to a method and a system for managing seed keys and a token manufacturer production apparatus.

Background

Generally, in the field of information security, a key management device is usually deployed on a client side, such as a bank, and after a token manufacturer seed file and an authentication seed file are generated and exported in the key management device, the token manufacturer seed file and the authentication seed file are sent to a token manufacturer through a offline manner, the token manufacturer produces a production token, and in the process of producing the token, the authentication seed is manually introduced into an authentication system. In the prior art, too much labor is involved in the transmission of the token manufacturer seeds, so that the use is complicated and inconvenient.

Disclosure of Invention

In order to solve the technical problems, the invention provides a seed key management method, a seed key management system and a token manufacturer production device.

The invention provides a seed key management method, which comprises the following steps:

step 101, a bank party generates a token seed, generates and stores a manufacturer seed file according to the token seed, encrypts the manufacturer seed file, and generates an identity identifier of the manufacturer seed file according to the encrypted manufacturer seed file;

102, the bank side sends the identity of the manufacturer seed file to a token producer;

103, the token producer receives the identity of the manufacturer seed file, generates a downloading request according to the identity of the manufacturer seed file and sends the downloading request to the bank;

104, the bank party sends the encrypted manufacturer seed file to the token producer according to the encrypted manufacturer seed file found by the downloading request;

105, the token producer decrypts the received encrypted manufacturer seed file to obtain the manufacturer seed file, produces the token according to the token seed in the manufacturer seed file, generates a return file according to the result of producing the token, encrypts the return file and sends the encrypted return file to the bank;

step 106, the bank side receives and stores the encrypted return file, and decrypts the received encrypted return file to obtain a return file;

and step 107, the bank party generates an authentication seed file according to the return file.

The step 101 also comprises the steps that the bank side carries out hash operation on the encrypted manufacturer seed file to generate a hash value and stores the hash value;

step 102, the bank party sends the identity identification and the hash value of the manufacturer seed file to a token producer;

step 103 specifically comprises: the token producer receives the identity identification and the hash value of the manufacturer seed file, generates a downloading request according to the received identity identification and the hash value of the manufacturer seed file, and sends the downloading request to the bank;

before the step 104, the bank side also judges whether the downloading request is legal or not according to the hash value in the downloading request, if so, the step 104 is executed, and if not, an error is reported to the token producer.

The bank side judges whether the downloading request is legal according to the hash value in the downloading request, and specifically comprises the following steps: and the bank side judges whether the hash value in the downloading request is the same as the stored hash value, if so, the step 104 is executed, and if not, an error is reported to the token production side.

In step 101, the bank generates a token seed, generates a manufacturer seed file according to the token seed, and stores the manufacturer seed file as follows: the bank side generates a token seed, and generates and stores a manufacturer seed file according to the token seed, the manufacturer number and the token serial number;

the token producer decrypts the encrypted manufacturer seed file to obtain a manufacturer seed file, and produces a token according to the token seed in the manufacturer seed file, and generates a return file according to a result of producing the token in step 105. the token producer decrypts the encrypted manufacturer seed file to obtain the manufacturer seed file, produces the token according to the token seed, the manufacturer number and the token serial number in the manufacturer seed file, and generates the return file according to the result, the manufacturer number and the token serial number of producing the token;

step 107 is preceded by step 106' in which the bank side determines whether the manufacturer number and the token serial number exist in the return file, if yes, step 107 is executed, and if not, the process is ended.

The token production party decrypts the encrypted manufacturer seed file to obtain the manufacturer seed file, produces the token according to the token seed in the manufacturer seed file, generates a return file comprising token information of the burning state of the token seed according to the result of producing the token, encrypts the return file and sends the encrypted return file to the bank party; the token information of the token seed burning state comprises token information of successful token seed burning or token information of failed token seed burning;

correspondingly, the step 106 is specifically that the bank side receives and stores the encrypted return file, decrypts the received encrypted return file to obtain the return file, judges whether token information of token seed burning failure exists in the return file, modifies the return file by deleting the token information of token seed burning failure in the return file if the token information of token seed burning failure exists in the return file, generates an authentication seed file according to the modified return file, and generates the authentication seed file according to the return file if the token information of token seed burning failure does not exist in the return file.

The key for encrypting and decrypting the manufacturer seed file and the return file is preset or obtained after key agreement.

The bank side comprises a key management device, a file transfer protocol server, a bank notification device and a one-time password authentication server, and the token production side comprises a token manufacturer production device;

step 101 specifically comprises: the key management device generates a token seed, generates a manufacturer seed file according to the token seed, encrypts the manufacturer seed file, and sends the encrypted manufacturer seed file to the file transfer protocol server, and the file transfer protocol server receives and stores the encrypted manufacturer seed file and generates an identity identifier of the manufacturer seed file according to the encrypted manufacturer seed file;

step 102 specifically comprises: the file transfer protocol server sends the manufacturer seed file identity identification to the key manager, the key manager sends the manufacturer seed file identity identification to the bank notification device, and the bank notification device sends the manufacturer seed file identity identification to the token manufacturer production device;

step 103 specifically comprises: the token manufacturer production device receives the manufacturer seed file identity identification, generates a downloading request according to the received manufacturer seed file identity identification and sends the downloading request to the file transfer protocol server;

step 104 specifically includes: the file transfer protocol server sends the encrypted manufacturer seed file found according to the downloading request to a token manufacturer production device;

step 105 specifically comprises: the token manufacturer production device decrypts the encrypted manufacturer seed file to obtain a manufacturer seed file, produces a token according to the token seed in the manufacturer seed file, generates a return file according to the result of producing the token, encrypts the return file and sends the encrypted return file to the file transmission protocol server;

step 106 specifically includes: the file transmission protocol server receives and stores the encrypted return file, the key management device accesses the file transmission protocol server, the file transmission protocol server sends the encrypted return file to the key management device, the key management device decrypts the received encrypted return file to obtain the return file and generates an authentication seed file according to the return file, the key management device sends the authentication seed file to the one-time password authentication server, the one-time password authentication server generates an import result according to the authentication seed file and sends the import result to the key management device, and the key management device sends the import result to the bank notification device.

The step 101 also comprises the steps that the file transmission protocol server carries out hash operation on the encrypted manufacturer seed file to generate a hash value and stores the hash value;

the file transfer protocol server sends the identity identifier and the hash value of the manufacturer seed file to a key manager, the key manager sends the identity identifier and the hash value of the manufacturer seed file to a bank notification device, and the bank notification device sends the identity identifier and the hash value of the manufacturer seed file to a token manufacturer production device;

step 103 specifically comprises: the token manufacturer production device receives the manufacturer seed file identity identification, generates a downloading request according to the received manufacturer seed file identity identification and the Hash value, and sends the downloading request to the file transfer protocol server;

before the step 104, the file transfer protocol server judges whether the download request is legal or not according to the hash value in the download request, if so, the step 104 is executed, and if not, an error is reported to the token manufacturer production device.

The file transfer protocol server judges whether the download request is legal according to the hash value in the download request, specifically: the file transfer protocol server judges whether the hash value in the download request is the same as the stored hash value, if so, the step 104 is executed, and if not, an error is reported to the token production device.

In step 101, the key management apparatus generates a token seed, and generating a manufacturer seed file according to the token seed specifically includes: the key management device generates a token seed and generates a manufacturer seed file according to the token seed, the manufacturer number and the token serial number;

the token manufacturer production device decrypts the encrypted manufacturer seed file to obtain a manufacturer seed file, produces a token according to the token seed in the manufacturer seed file, generates a return file according to the result of producing the token, encrypts the return file and sends the encrypted return file to the file transmission protocol server;

the step 106 of generating the authentication seed file according to the return file specifically includes: the key management device judges whether the return file has a manufacturer number and a token serial number, if so, the key management device generates an authentication seed file according to the received return file, if not, the key management device returns a notice of failure in processing the return file to the bank notification device, and the process is finished.

The token manufacturer production device decrypts the encrypted manufacturer seed file to obtain the manufacturer seed file, produces a token according to the token seed in the manufacturer seed file, generates a return file comprising token information of the token seed burning state according to the result of producing the token, encrypts the return file, and sends the encrypted return file to the file transmission protocol server; the token information of the failure of the token seed burning comprises the token information of the success of the token seed burning or the token information of the failure of the token seed burning;

correspondingly, in step 106, the key management device decrypts the received encrypted return file to obtain a return file, and generates an authentication seed file according to the return file.

The invention also provides a seed key management method, which comprises the following steps:

step 201, a token manufacturer production device receives a manufacturer seed file identity sent by a bank party;

202, the token manufacturer production device generates a downloading request according to the manufacturer seed file identity and sends the downloading request to a bank party;

step 203, the token manufacturer production device receives the encrypted manufacturer seed file sent by the bank party and decrypts the encrypted manufacturer seed file to obtain the manufacturer seed file; the encrypted manufacturer seed file is found by the bank party according to the received downloading request;

and step 204, the token manufacturer production device produces the token according to the manufacturer seed file, generates a return file according to the result of producing the token, encrypts the return file and sends the encrypted return file to the bank side.

In step 204, the token manufacturer produces tokens according to the manufacturer seed file and generates a return file according to the result of producing the tokens, specifically, the token production apparatus produces tokens according to the manufacturer seed file and generates a return file including token information of the token seed burning state according to the result of producing the tokens; the token information of the token seed burning state comprises token information of successful token seed burning or token information of failed token seed burning.

The token manufacturer production device receives an identity identifier and a hash value of a manufacturer seed file sent by a bank party; the hash value is generated by carrying out hash operation on the manufacturer seed file by a bank party;

step 202 specifically includes: the token manufacturer production device generates a downloading request according to the manufacturer seed file identity and the hash value and sends the downloading request to the bank;

step 203 specifically comprises: after the bank side judges that the downloading request is legal according to the hash value, the token manufacturer production device receives a manufacturer seed file sent by the bank side; and the manufacturer seed file is found by the bank according to the manufacturer seed file identity in the received downloading request.

The invention also provides a seed key management system, which comprises: comprises a first subsystem and a second subsystem,

the first subsystem is used for generating a token seed, generating and storing a manufacturer seed file according to the token seed, encrypting the manufacturer seed file to obtain an encrypted manufacturer seed file, and generating an identity identifier of the manufacturer seed file according to the encrypted manufacturer seed file; the system is also used for sending the identity of the manufacturer seed file to the second subsystem; the system is also used for finding the encrypted manufacturer seed file according to the received download request sent by the second subsystem and sending the encrypted manufacturer seed file to the second subsystem; the second subsystem is used for sending the encrypted return file to the first subsystem; the authentication device is also used for generating an authentication seed file according to the return file;

the second subsystem is used for receiving the manufacturer seed file identity identifier sent by the first subsystem, generating a downloading request according to the manufacturer seed file identity identifier and sending the downloading request to the first subsystem; the system is also used for decrypting the encrypted manufacturer seed file sent by the first subsystem to obtain the manufacturer seed file, producing a token according to the token seed in the manufacturer seed file, generating a return file according to the result of producing the token, encrypting the return file and sending the encrypted return file to the first subsystem.

The first subsystem is also used for carrying out Hash operation on the encrypted manufacturer seed file, generating a Hash value, storing the Hash value and sending the identity identification of the manufacturer seed file and the Hash value to the second subsystem; the first subsystem is also used for judging whether the downloading request is legal or not according to the hash value in the downloading request sent by the second subsystem, and if so, sending the encrypted manufacturer seed file to the token producer according to the encrypted manufacturer seed file found by the downloading request; if not, an error is reported to the second subsystem.

The second subsystem is also used for receiving the identity identifier and the hash value of the manufacturer seed file sent by the first subsystem, generating a downloading request according to the identity identifier and the hash value of the manufacturer seed file, and sending the downloading request to the first subsystem.

The first subsystem is further configured to determine whether the download request is legal according to the hash value in the download request, specifically: the first subsystem judges whether the hash value in the download request is the same as the stored hash value.

The first subsystem is specifically used for generating a token seed, generating a manufacturer seed file according to the token seed, a manufacturer number and a token serial number, storing the manufacturer seed file, encrypting the manufacturer seed file to obtain an encrypted manufacturer seed file, and generating a manufacturer seed file identity identifier according to the encrypted manufacturer seed file; the system is also used for sending the identity of the manufacturer seed file to the second subsystem; the system is also used for sending the encrypted manufacturer seed file to the second subsystem according to the encrypted manufacturer seed file found by receiving the download request sent by the second subsystem; the second subsystem is used for sending the encrypted return file to the first subsystem; the authentication system is also used for judging whether the manufacturer number and the token serial number exist in the return file, and if so, generating an authentication seed file according to the return file; if not, ending;

the second subsystem is specifically used for receiving the manufacturer seed file identity identifier sent by the first subsystem, generating a downloading request according to the manufacturer seed file identity identifier and sending the downloading request to the first subsystem; the second subsystem is further used for decrypting the encrypted manufacturer seed file to obtain the manufacturer seed file, producing a token according to the token seed, the manufacturer number and the token serial number in the manufacturer seed file, generating a return file according to the result of producing the token, the manufacturer number and the token serial number, encrypting the return file, and sending the encrypted return file to the first subsystem.

The second subsystem generates a return file according to the result of the production token, specifically: the second subsystem generates a return file comprising token information of a token seed burning state according to a result of producing the token, wherein the token information of the token seed burning state comprises token information of successful token seed burning or token information of failed token seed burning;

correspondingly, the first subsystem is further configured to determine whether token information indicating that the burning of the token seed fails exists in the returned file, modify the returned file by deleting the token information indicating that the burning of the token seed fails in the returned file if the token information indicating that the burning of the token seed fails exists in the returned file, generate an authentication seed file according to the modified returned file, and generate the authentication seed file according to the returned file if the token information indicating that the burning of the token seed fails exists in the returned file.

The first subsystem comprises a key management device, a file transfer protocol server, a bank notification device and a one-time password authentication server, and the second subsystem comprises a token manufacturer production device;

the key management device is used for generating a token seed, generating a manufacturer seed file according to the token seed, encrypting the manufacturer seed file and sending the encrypted manufacturer seed file to the file transfer protocol server; the bank notification device is also used for sending the identity identifier of the manufacturer seed file sent by the file transfer protocol server to the bank notification device; the file transfer protocol server is also used for accessing the file transfer protocol server; the authentication device is also used for decrypting the encrypted return file sent by the file transfer protocol server to obtain a return file and generating an authentication seed file according to the return file; the system is also used for sending the authentication seed file to the one-time password authentication server and sending the received import result sent by the one-time password authentication server to the bank notification device;

the file transmission protocol server is used for receiving and storing the encrypted manufacturer seed file and generating an identity of the manufacturer seed file according to the encrypted manufacturer seed file; the system is also used for sending the identity of the manufacturer seed file to the key manager; the token manufacturer production device is also used for receiving a downloading request sent by the token manufacturer production device and sending the encrypted manufacturer seed file found according to the downloading request to the token manufacturer production device; the file transmission protocol server is also used for receiving and storing the encrypted return file, and is also used for sending the encrypted return file to the key management device when the key management device accesses the file transmission protocol server;

the bank notification device is used for sending the received manufacturer seed file identity identifier sent by the key management device to the token manufacturer production device;

the token manufacturer production device is used for receiving the manufacturer seed file identity identifier sent by the bank notification device, generating a downloading request according to the received manufacturer seed file identity identifier and sending the downloading request to the file transfer protocol server; the system is also used for decrypting the encrypted manufacturer seed file sent by the file transfer protocol server to obtain the manufacturer seed file, producing a token according to the token seed in the manufacturer seed file, generating a return file according to the result of producing the token, encrypting the return file and sending the encrypted return file to the file transfer protocol server;

and the one-time password authentication server is used for generating an import result according to the received authentication seed file sent by the key management device and sending the import result to the key management device.

The file transmission protocol server is also used for carrying out Hash operation on the encrypted manufacturer seed file, generating a Hash value, storing the Hash value and sending the identity identification of the manufacturer seed file and the Hash value to the key manager; the token manufacturer production device is also used for judging whether the download request is legal or not according to the hash value in the received download request sent by the token manufacturer production device, if so, sending the encrypted manufacturer seed file found according to the download request to the token manufacturer production device, and if not, reporting an error to the token manufacturer production device;

the key manager is also used for sending the identity identifier and the hash value of the manufacturer seed file to the bank notification device;

the bank notification device is also used for sending the identity identifier and the hash value of the manufacturer seed file to the token manufacturer production device;

the token manufacturer production device is also used for generating a downloading request according to the received manufacturer seed file identity identifier and the hash value sent by the bank notification device and sending the downloading request to the file transfer protocol server.

Judging whether the download request is legal according to the hash value in the received download request sent by the token manufacturer production device specifically comprises the following steps: and the file transfer protocol server judges whether the hash value in the downloading request is the same as the stored hash value.

The key management device is used for generating a token seed, generating a manufacturer seed file according to the token seed, a manufacturer number and a token serial number, encrypting the manufacturer seed file and sending the encrypted manufacturer seed file to the file transfer protocol server; the bank notification device is also used for sending the identity identifier of the manufacturer seed file sent by the file transfer protocol server to the bank notification device; the file transfer protocol server is also used for accessing the file transfer protocol server; the device is also used for decrypting the encrypted return file sent by the file transfer protocol server to obtain the return file, and is also used for judging whether the return file has a manufacturer number and a token serial number, if so, the key management device generates an authentication seed file according to the received return file and generates the authentication seed file according to the return file, and if not, a notification of failure in processing the return file is returned to the bank notification device, and the process is finished; the system is also used for sending the authentication seed file to the one-time password authentication server and sending the received import result sent by the one-time password authentication server to the bank notification device.

The token manufacturer producing device generates the return file according to the result of the production token, specifically: the token production device generates a return file comprising token information of a token seed burning state according to a result of producing the token, wherein the token information of the token seed burning failure comprises the token information of the token seed burning success or the token information of the token seed burning failure;

and the key management device is also used for judging whether the received return file has token information of token seed burning failure, if so, modifying the return file by deleting the token information of token seed burning failure in the return file, generating an authentication seed file according to the modified return file, and if not, generating the authentication seed file according to the return file.

The invention also provides a token manufacturer production device, comprising:

the receiving module is used for receiving the identity of the manufacturer seed file sent by the first subsystem; the system is also used for receiving the encrypted manufacturer seed file sent by the first subsystem;

the generating module is used for generating a downloading request according to the identity of the manufacturer seed file received by the receiving module; the production module is also used for generating a return file according to the result of the production token of the production module;

the sending module is used for sending the downloading request generated by the generating module to the first subsystem; the system is also used for sending the encrypted return file obtained by the encryption module to the first subsystem;

the decryption module is used for decrypting the encrypted manufacturer seed file received by the receiving module to obtain the manufacturer seed file; wherein the encrypted vendor seed file is found by the first subsystem according to the received download request;

the production module is used for producing the token according to the manufacturer seed file;

and the encryption module is used for encrypting the return file generated by the generation module to obtain an encrypted return file.

The return file is a return file comprising token information of the token seed burning state; the token information of the token seed burning state comprises token information of successful token seed burning or token information of failed token seed burning.

The receiving module is specifically used for receiving the identity identifier and the hash value of the manufacturer seed file sent by the first subsystem; the Hash value is generated by carrying out Hash operation on the manufacturer seed file by the first subsystem; the first subsystem is also used for receiving the encrypted manufacturer seed file sent by the first subsystem after judging that the downloading request is legal according to the hash value;

the generating module is used for generating a downloading request according to the identity identifier and the hash value of the manufacturer seed file received by the receiving module and generating the downloading request; and the system is also used for generating a return file according to the result of the production token of the production module.

The invention has the beneficial effects that: the invention provides a seed key management method, a seed key management system and a token manufacturer production device, which can avoid the problems of unknown risk and data transmission safety caused by excessive manual intervention in the transmission process of a seed file, save the labor cost of manufacturers and realize simple, convenient and safe operation.

Drawings

In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.

Fig. 1 is a flowchart of a seed key management method according to embodiment 1 of the present invention;

fig. 2 is a flowchart of a seed key management method according to embodiment 2 of the present invention;

3-1, 3-2 are flowcharts of a seed key management method according to embodiment 3 of the present invention;

fig. 4 is a flowchart of a seed key management method according to embodiment 4 of the present invention;

fig. 5 is a structural diagram of a seed key management system according to embodiment 5 of the present invention;

fig. 6 is a structural diagram of a token vendor manufacturing apparatus according to embodiment 6 of the present invention.

Detailed Description

The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

Example 1

The present invention provides a seed key management method, as shown in fig. 1, including:

In the method provided by the embodiment, the step 101 may further include the bank performing hash operation on the encrypted manufacturer seed file to generate a hash value and storing the hash value;

Specifically, the bank side judges whether the download request is legal or not according to the hash value in the download request, specifically, the bank side judges whether the hash value in the download request is the same as the stored hash value or not, if so, step 104 is executed, and if not, an error is reported to the token producer.

In the method provided in this example, the bank party generates a token seed in step 101, and generates a manufacturer seed file according to the token seed and stores the token seed file specifically as follows: the bank side generates a token seed, and generates and stores a manufacturer seed file according to the token seed, the manufacturer number and the token serial number;

In the method provided by the embodiment, the step 105 may specifically be that the token producer decrypts the encrypted manufacturer seed file to obtain the manufacturer seed file, produces the token according to the manufacturer seed file, generates a return file including token information of the token seed burning state according to the result of producing the token, encrypts the return file, and sends the encrypted return file to the bank; the token information of the token seed burning state comprises token information of successful token seed burning or token information of failed token seed burning;

In the method provided in this example, the key for encrypting and decrypting the manufacturer seed file and the return file is preset or obtained after key agreement.

In the method provided by the example, the bank side comprises a key management device, a file transfer protocol server, a bank notification device and a one-time password authentication server, the token producer side comprises a token producer device,

In the method provided by the embodiment, the step 101 further comprises the steps that the file transfer protocol server carries out hash operation on the encrypted manufacturer seed file to generate a hash value and stores the hash value;

Specifically, the file transfer protocol server determines whether the download request is legal according to the hash value in the download request, specifically, the file transfer protocol server determines whether the hash value in the download request is the same as the stored hash value, if so, step 104 is executed, and if not, an error is reported to the token production apparatus.

In the method provided in this example, the step 101 of generating a token seed by the key management apparatus and generating the manufacturer seed file according to the token seed specifically includes: the key management device generates a token seed and generates a manufacturer seed file according to the token seed, the manufacturer number and the token serial number;

the step 106 of generating the authentication seed file according to the return file specifically includes: and the key management device judges whether the manufacturer number and the token serial number exist in the return file, if so, the key management device generates an authentication seed file according to the received return file, and if not, a notification of failure in processing the return file is returned to the bank notification device, and the process is finished.

In the method provided by the embodiment, the step 105 is specifically that the token manufacturer production device decrypts the encrypted manufacturer seed file to obtain the manufacturer seed file, produces the token according to the token seed in the manufacturer seed file, generates a return file comprising token information of the token seed burning state according to the result of producing the token, encrypts the return file, and sends the encrypted return file to the file transmission protocol server; the token information of the failure of the token seed burning comprises the token information of the success of the token seed burning or the token information of the failure of the token seed burning;

Example 2

The present embodiment provides a seed key management method, as shown in fig. 2, including:

step 203, the token manufacturer production device receives the encrypted manufacturer seed file sent by the bank party and decrypts the encrypted manufacturer seed file to obtain the manufacturer seed file; the encrypted manufacturer file is found by the bank party according to the received downloading request;

In the method provided by the embodiment, in step 204, the token manufacturer produces tokens according to the manufacturer seed file, and generates a return file according to the result of producing the tokens, specifically, the token production apparatus produces tokens according to the manufacturer seed file, and generates a return file including token information of the token seed burning state according to the result of producing the tokens; the token information of the token seed burning state comprises token information of successful token seed burning or token information of failed token seed burning.

In the method provided by the embodiment, the step 201 is specifically that a token manufacturer production device receives an identity identifier and a hash value of a manufacturer seed file sent by a bank; the hash value is generated by carrying out hash operation on the manufacturer seed file by a bank party;

Example 3

The embodiment provides a seed key management method, wherein a bank side in the method comprises an FTP server, a key management device, a bank notification device and a one-time password (OTP) authentication server, and a token producer comprises a token manufacturer producer. As shown in fig. 3-1 and 3-2, the seed key management method provided in this embodiment specifically includes the following steps:

step 101, the key management device generates a manufacturer seed file according to a token seed, a manufacturer number and a token serial number;

wherein, the file name of the manufacturer seed file comprises the manufacturer number.

Optionally, the manufacturer seed file may also include parameters such as the expiration date of the seed.

Specifically, the key management device generates a token seed, and generates a vendor seed file 0001_20180101_ sm.txt according to the token seed, the vendor number, and the token serial number, where the generated vendor seed file specifically includes:

“0001000000000001,3288FE75AE90D4E0F4755D75FFA42EA44772CFC7,20200101

0001000000000002，

5EA3CB2319B2230B3533017CE43467CBB436D4D，20200101

…”

wherein the key management device generates a token seed

3288FE75AE90D4E0F4755D75FFA42EA44772CFC7, according to the token seed, the vendor number 0001 and the token serial number 0001000000000001, a vendor seed file 0001_20180101_ SM.txt is generated, and the generated vendor seed file content is 0001000000000001,3288FE75AE90D4E0F4755D75FFA42EA44772CFC7,20200101 ".

Specifically, in the filename 0001_20180101_ sm.txt of the manufacturer seed file, 0001 denotes the manufacturer number, 20180101 denotes the generation time of 1 month and 1 day in 2018, SM denotes an algorithm, for example, the national encryption algorithm, and 20200101 denotes the valid time of 1 month and 1 day in 2020.

102, encrypting the generated manufacturer seed file by using a first RSA public key by using a key management device, and storing the encrypted manufacturer seed file;

specifically, the first RSA public key is 30820122300D06092a864886F70D01010105000382010F003082010a028201010093E47BC557EBDA014DBA61A7F90FD6DF536497D38D5CE25D6BC94C301C6F 2EA93008E80C09708971FBA88F5F1ADFB61AEE0DDBD4F16729203F6BB8CA13FD612F74B2788107FC512844CA040ABF7330FE3a66F0F99FEB2FF BA40D1116ADBB 83B 1AF 8734A0CF415317802C55 DFE6B209D9131a62 BD863A0DA30478B145233774C49B133E1A9C8ECF 7330 CA4D4630C0251 fa 133E1 A9B afc 8ECF 35 DB 35.

In this embodiment, specifically, before this step, the method may further include: the key management device uses the digital certificate to verify the validity of the first RSA public key, and if valid, performs step 103, and if not, reports an error.

103, the key management device sends the encrypted manufacturer seed file to an FTP (file transfer protocol) server;

specifically, the encrypted vendor seed file 0001_20180101_ sm.enc is as follows:

EE96D9DAA2B846BA3BB7B2055E7E8A28D12B701FA0483791822C672C94CECF8423A590A0104500D33EC9E3EB490345F54A725C8225777A73F7E7246BFE0549074822672651BD7C13BCA02A677934EE5C4EA39102818100C2ED957FF65B536C542060D9185DF190F324D7AD8D439C22C961B99359C1AD745908C18335F519BCB7631E87DD80C659A7D59A61B9BAF89AC0B293B1995DE3E3C9DAA672DEFAF7A438ED1EE8B5A346E74C921E3513437EC6A2A91A8119E6456AE7AE321C93B9A613296D6CB6F3DECA26F829EF6EBB27059FDDAD0D795A30E58F02818100B425AD8DCFED046A................

104, receiving the encrypted manufacturer seed file by the FTP server and storing the encrypted manufacturer seed file;

105, generating a manufacturer seed file ID by the FTP server, and performing HASH operation on the encrypted manufacturer seed file to generate a first HASH value;

the manufacturer seed file ID is a unique identifier of the manufacturer seed file, and specifically, the manufacturer seed file ID generated by the FTP server is:

32dc7343defc0678459d89eef3078442。

the FTP server performs hash operation on the encrypted manufacturer seed file to generate a first hash value of 6FBFD5E68D3306E51350BEA0232F8FA 5.

Step 106, the FTP server sends the manufacturer seed file ID and the first hash value to the key management device;

in particular, the FTP server stores the vendor seed files

ID32dc7343defc0678459d89eef3078442 and first hash value

6FBFD5E68D3306E51350BEA0232F8FA5 is sent to the key management device;

step 107, the key management device sends the manufacturer seed file ID and the first hash value to a bank notification device;

the key management device stores the manufacturer seed file

ID32dc7343defc0678459d89eef3078442 and first hash value

6FBFD5E68D3306E51350BEA0232F8FA5 sends to bank notification device;

step 108, the bank informing device receives the ID of the manufacturer seed file and the first hash value;

step 109, the bank notification device sends the received manufacturer seed file ID and the first hash value to the token manufacturer production device;

step 110, the token manufacturer production device receives the manufacturer seed file ID and the first hash value sent by the bank notification device;

step 111, the token manufacturer production device generates a downloading request according to the manufacturer seed file ID and the first hash value;

in particular, the token production apparatus bases on the manufacturer seed ID

32dc7343defc0678459d89eef3078442 and a first hash value

6FBFD5E68D3306E51350BEA0232F8FA5 generates a download request

32dc7343defc0678459d89eef30784426FBFD5E68D3306E51350BEA0232F8FA5。

Step 112, the token manufacturer production device sends a download request to the FTP server;

specifically, the token manufacturer's device will download the request

32dc7343defc0678459D89eef30784426FBFD5E68D3306E51350BEA0232F8FA5 sends to the FTP server;

step 113, the FTP server finds out the encrypted manufacturer seed file corresponding to the manufacturer seed file on the FTP server according to the manufacturer seed file ID in the downloading request;

specifically, the FTP server finds the corresponding encrypted vendor seed file 0001_20180101_ sm.enc according to the vendor seed file ID in the download request.

Step 114, the FTP server judges whether the downloading request is legal or not according to the first hash value, if so, step 115 is executed, and if not, an error is reported to the token manufacturer production device;

specifically, the FTP server performs hash operation on the encrypted vendor seed file stored on the FTP server, which is found according to the vendor seed file ID, to obtain a second hash value, and determines whether the second hash value is consistent with the first hash value in the download request, if so, the download request is legal, step 115 is executed, and if not, the download request is illegal, and the process is ended.

Step 115, the FTP server sends the found encrypted manufacturer seed file to a token manufacturer production device;

step 116, the token manufacturer production device receives the encrypted manufacturer seed file and decrypts the encrypted manufacturer seed file by using a first RSA private key to obtain a decrypted manufacturer seed file;

particularly, the first RSA private key is BD 06092A F70D A A47 BC 47 FD 557EBDA014DBA61A7F90FD6D 38D 35D 5CE25D 6C 301C 9F2EA93008E80C FBA88F5F1ADFB61 EDFA 0DDBD4F 6BB 6CA 13FD612F74B CA040ABF7330FE3A66F0F99FEB2FF 162D 1116B 83AFB 83AF 1AF01D8734A0CF C55 DFE 0682B 209D9131A62 FB863A 0DA B C49B133E1A9C8ECF 1564 CA4D4630C 35F 35B 35F 35D 35F 35 DE 35F 35B 35F DEFD 2D 35F 35B 35F 48F 35B 35F 35D 2FD 2D 2F 35F 48F 35A 48F 35B 35F DEFD 2FD 2D 2FD 2F 48F 35F DEFD 2D 2FD 2D 2FD 2 FA FD 2F 48F 2D 7B 35F 2FD 7D 2FD 2D 2F 2FD 2F 2D 2FD 7FD 2D 2F 8FD 2D 2FD 2F 2D 8FD 2D 7FD 2D 8D 2F 8FD 2D 8FD 7FD 2F 8D 2D 8FD 7F8D 2F 8FD 2F 8D 2F 8D 6F 2F 8D 7F 2F 8D 7F8D 7F8D 8FD 2F 8D 8F 2F 8D 8F 8D 8FD 2F 8D 2F 8D 6F 2F 8D 2F 8D 6F 8D 7F 2F 8FD 2F 8D 8DE 8D 7F8D 8F 2F 8D 6F 8F 2F 6F 2F 8D 6F 2F 8D 6F 2F 8D 6F 8D 6F 8DE 8D 6F 8D 7DE 8FD 2F 8DE 8F 8FD 2F 8DE 8F 6F 8DE 8F 6F 8F 6F 8F 6F 2F 6F 8FD 2F8F 6F 8F 6F 8F 6F 8F 6F 8FD 2F8F 6F 8FD 2F8F 6F 8F 6F.

The first RSA public key and the first RSA private key are a key pair, and may be preset in the key management device and the token manufacturer production device. It may be set by both parties through key agreement before step 101 by the key management device and the token manufacturer production device.

Step 117, the token manufacturer produces the token according to the decrypted manufacturer seed file, and generates a token making result;

the result of making the token includes the burning state information of each token, that is, the burning state of each token corresponding to the token serial number is successful or failed.

Step 118, the token manufacturer production device generates a return file according to the token serial number, the manufacturer number and the token manufacturing result;

specifically, the file name of the generated return file is: 0001_ background file

The file content of the return file is as follows:

“0001000000000001,0

0001000000000002,1

…

…”

wherein 0001 represents the manufacturer number, 000000000001 represents the serial number of the token, 0 represents the success of the burning token, and 1 represents the failure of the burning token.

Step 119, the token manufacturer production device encrypts the return file by using the second RSA public key to obtain an encrypted return file;

in particular, the token manufacturer's production device uses a second RSA public key

30820122300D06092A864886F70D01010105000382010F003082010A02820101009C81D01C5C730C57036090E23A44CA3BEC53C6FFFD83ADC1A567DC 8E4429228BE4416DEB89257F2117ACBB81C484942813BE3EA29BECC5F7685475E99C5D123799293C0D10EB2849403AE89EFDDA5EC51134A13301616754C605C10C440AC2E7EB8C 168039F 0397E1578F2568C360761B4475A09549F 34A 7CC4C0 FCD9D148B95CD065FE 492 DA 31DA9937C0 DFAEDC4A243FE3CF67 BD7A1A 91E 4B64C0E 636B 6319B 6451B 43B 35E 43B AF 35F 35B 35E C9C 0B FD 9B 35 BD 35B 35 BD A BD 35B 35D 92B 35A 35D 9937C 0B 35C 0B 35C 3B 35C 3B 35C 3B 35.

For example, the contents of the specific encrypted backhaul file of 0001_ backhaul file.

b05efa62756795ee9898a53d866f465e55fd7a8def7ebf56fea2079616e6c6569313737362028205f20827378ca2029202067e5770b4eba54582067008fd16d4f89c876843a20303133393539312c20303133383233332c20303133393539332c2030313339353031aa95ee98982023a67e5770b95ee98988be660c5aa7f1653f79987976ee952067c7b967e5770b67439650962a5544a65e5671f96700540e66f465b0a3031333832333396d4b8bd590e82854442996d4b8bd575338bf7286d4b8bd54e8c299516c5f009323031382d30332d32392031313a32329323031382d30342d32382031323a3435a62a5544a5458979e680dc8d85952066d3e7ed99674e91d15229920a4f1851487ea794e2d94e2591cd602795c0f95198bef951fa73b09891738796ca167098bd59a8ca72b660019205df2786e8ba495904740672b651b59672a59047406920a6458898194f545020536572766572342e3820680751c64ea754c175338bf76d4b8bd5a63cf8ff0965e5671fff1a5b323031382d30332d32395da7cfb7edf7248672cff1a56342e38a53d1884c8bed8a00ff1a4e2d6587a8bf4660...........

Before this step, the token manufacturer may also use the digital certificate to verify the validity of the first RSA public key, and if valid, execute step 119, and if invalid, report an error.

Step 120, the token manufacturer production device sends the encrypted return file to the FTP server;

specifically, the token manufacturer production device sends the encrypted backhaul file 0001_ backhaul file.

Step 121, the FTP server saves the encrypted return file;

step 122, the FTP server informs the token manufacturer that the storage of the encrypted return file of the production device is successful;

specifically, in this step, the FTP server notifies the token manufacturer that the encrypted passback file was successfully saved by the production device.

Specifically, the FTP server stores the manufacturer seed file

ID32dc7343defc0678459d89eef3078442 and first hash value

6FBFD5E68D3306E51350BEA0232F8FA5 is sent to the token vendor manufacturer.

Step 123, the token manufacturer production device sends a notification that the encrypted return file is successfully stored to the bank notification device;

specifically, the token manufacturer production device will manufacture the seed file

ID32dc7343defc0678459d89eef3078442 and first hash value

6FBFD5E68D3306E51350BEA0232F8FA5 is sent to the bank notification appliance.

Step 124, the bank notification device receives the notification that the encrypted return file is successfully stored;

step 125, the bank notifies the key management device that the returned file is successfully stored;

specifically, the bank notification device sends the manufacturer seed file

ID32dc7343defc0678459d89eef3078442 and first hash value

6FBFD5E68D3306E51350BEA0232F8FA5 is sent to the key management device;

step 126, the key management device accesses the FTP server;

specifically, the key management device stores the manufacturer seed file

ID32dc7343defc0678459d89eef3078442 and first hash value

6FBFD5E68D3306E51350BEA0232F8FA5 is sent to the FTP server;

step 127, the FTP server sends the encrypted return file to the key management device;

specifically, the FTP server sends the encrypted backhaul file of 0001_ backhaul.enc to the key management device.

Step 128, the key management device decrypts the encrypted return file by using the second RSA private key to obtain a decrypted return file;

specifically, the second RSA private key is

308204BE020100300D06092A864886F70D0101010500048204A8308204A402010002820101009C81D01C5C730C57036090E23A44CA3BEC53C6FFFD83ADC1A567DC8AE8E4429228BE4416DEB89257F2117ACBB81C484942813BE3EA29BECC5F7685475E99C5D123799293C0D10EB2849403AE89EFDDA5EC51134A13301616754C605C10C440AC2E7EB8C1689F0397E1578F2568C360761B4475A09549F34E58A7CC4C0FD9FCD9D148B95CD065FE25FBA492BE31DA9937C0CBDFAEDC4A243FE3CF67C7BD7A1A03783E91EBBC4B64C0E0D6F4BD34B824269885B9BD6BD271783356B9A32AF6E02306BDE865F0685CB47A6021E6AF48DE6D10AFB6B620B1AEE87C40C3A7C1D5A6838C5171D0B607FDB1A6A25AE54AECFCE1FB67F52700D6395647A96A808D6E12FF0203010001028201007F3C8A14849483D3B9CB27FEC3A069498E380DF0D009DD9930FFDF2C8F6A0335102A9EF078E155186A940B60D3AD2A976499EC36BE8871B57566C5B3E014E3DDC3197330EBF10A21D7E6FD97484CD9C5AAF9BED4DA049DF0642C53AA8577079CF3AFD2446AE9DBE1FE31510EF8BCDE0F26DBE1454C1972D49EFECBF88A6A8E44C16CC22F816B37D920B6C6510FB12D3D3516EA869574A5A0D51469FB87C3A16B69F33CE32211882EAF821F06CE017CBCE390C1DD2A245E470FEF30C9C145B15CB04D62FA2C64EF0B870B9F20A6279EADCD418841170CB1F2676B4930040C528A61002167C37442BCFA81C995A3E54220EBDAAC5F43BC12782112BFE671D63C0102818100CD8AA1F56F5CA66633A9D4AEB7FF0D856D75AD9C23893EFA39FFE7A1C6E546A9D20845275692F9FCAAFC74396DEE96D9DAA2B846BA3BB7B2055E7E8A28D12B701FA0483791822C672C94CECF8423A590A0104500D33EC9E3EB490345F54A725C8225777A73F7E7246BFE0549074822672651BD7C13BCA02A677934EE5C4EA39102818100C2ED957FF65B536C542060D9185DF190F324D7AD8D439C22C961B99359C1AD745908C18335F519BCB7631E87DD80C659A7D59A61B9BAF89AC0B293B1995DE3E3C9DAA672DEFAF7A438ED1EE8B5A346E74C921E3513437EC6A2A91A8119E6456AE7AE321C93B9A613296D6CB6F3DECA26F829EF6EBB27059FDDAD0D795A30E58F02818100B425AD8DCFED046ACF1D2AAB77D8B3A11E2EE5DAD3CA96C7F9CDB0D6B9DC79F29D836218F8681972BAEA49738C467130BFCF9E735F06B819EF5AC2CD94B8BFB9A5FE754D3EDB38CFB4E337DFE990D4ABCD9E74DC244A03E91F6EFECF720DADEE26A36FF4836FE3C6A8601B81C64012E7154ECF24D0A7A2398837538D169A5601028181008139AE4DA9CDBB8D6A6C18A8739DFC02631EBE9900B89CAEF720813D6D58979C355637ABBBBEA4745683307F53DA0624F3BE08DDD69A5C2B83AA1F7DB2B5EAD95D3D45F18B5F8782E876527265D03BB6252E0D369471BF7F01E0E78044E2428CEFD0ACCA0329252F38DCA120DCA58B10B09E646BDD48AE52E04BD44DE9FBD68302818077A137549597CD50D0B2DD93F023570C30E2C924D064B676138D391F213C8C6EBB2C8D75EF249D46475CCD7F9004129E7295B9FCA197F4569D75A04721E7BE2D00F6E52F0376948E55D8EBCB4EA9D557309DEE247DD8742BCA6BD285F1F833B3B03AE215A966A44B1417B08100800E934B2F1523BD2DF96BE2AE030548543035，

The second RSA public key and the second RSA private key are a key pair, and the second RSA public key and the second RSA private key may be preset in the key management device and the token manufacturer production device. Alternatively, both can be obtained by means of key agreement before step 101.

Step 129, the key management device judges whether the decrypted return file has the manufacturer number in the step 101, if so, the step 130 is executed, and if not, the key management device returns a notification of failure in processing the return file to the bank notification device;

specifically, the key management device parses the name of the returned file, determines whether the manufacturer number in step 101 exists in the name of the returned file, if yes, executes step 130, and if not, the key management device returns a notification of failure in processing the returned file to the bank notification device;

step 130, the key management device determines whether the token serial number in the decrypted return file is the same as the token serial number in step 101; if yes, go to step 131; if not, the key management device returns a notice of failure in processing the return file to the bank notification device;

specifically, the key management device compares the token serial number in the decrypted return file with the token serial number in step 101 one by one, and if the token serial numbers are the same, step 131 is executed; if there are different sequence numbers, then the process ends.

Step 131, the key management device modifies part of the data in the decrypted return file;

specifically, the key management device judges whether token information of token seed burning failure exists in the decrypted return file, and if so, deletes the state information of the token of token seed burning failure in the decrypted return file from the return file;

in this step, if there is no token information with failed token seed burning, the decrypted return file does not need to be modified.

Step 132, the key management device generates an authentication seed file according to the unmodified data in the decrypted return file;

specifically, the key management device generates an authentication seed file according to the state information of the token in the decrypted return file, wherein the token seed is burned successfully.

If the decrypted return file is not modified in step 132, an authentication seed file is generated from the decrypted return file in this step.

In this embodiment, the key management device may further query unmodified data in the decrypted return file to obtain a token seed, encrypt the token seed by using an AS128 algorithm to obtain an encrypted token seed, and generate an authentication seed file according to the encrypted token seed and state information of a token in the decrypted return file, where the token seed is successfully burned.

For example, in the present embodiment, the name of the generated authentication seed file is auth _ token.tnk, and the file contents are as follows:

step 133, the key management device sends the authentication seed file to the OTP authentication server;

specifically, the key management device sends the authentication seed file auth _ token.tnk to the OTP authentication server.

Step 134, the OTP authentication server imports the authentication seed file, and generates an import result according to the authentication seed file;

specifically, the import result may include: the total number of tokens successfully burned in the imported token seeds at this time is compared with the existing authentication seed file in the OTP authentication server to obtain the number of tokens successfully burned in the newly imported token seeds, the number of tokens successfully burned in the repeatedly imported token seeds and the number of tokens failed to be imported due to various errors.

For example, the import result is generated as follows:

"total number of introductions: 100

And (3) successful import: 100

Repeatedly introducing: 100

And (3) failure of import: 0".

Step 135, the OTP authentication server sends the import result to the key management device;

step 136, the key management device receives the import result;

in step 137, the key management device sends the import result to the bank notification device.

Example 4

The present embodiment provides a method for managing seed keys, as shown in fig. 4, which specifically includes the following steps:

step 210, the token manufacturer production device receives the manufacturer seed file ID and the first hash value sent by the bank notification device;

step 211, the token manufacturer production device generates a download request according to the manufacturer seed ID and the first hash value;

step 212, the token manufacturer production device sends a download request to the FTP server;

step 213, the token manufacturer production device receives the encrypted manufacturer seed file sent by the FTP server and decrypts the encrypted manufacturer seed file by using the first RSA private key to obtain a decrypted manufacturer seed file;

step 214, the token manufacturer production device produces the token according to the decrypted manufacturer seed file to generate a token making result;

step 215, the token manufacturer production device generates a return file according to the token serial number, the manufacturer number and the token manufacturing result;

step 216, the token manufacturer production device encrypts the return file by using a second RSA public key;

step 217, the token manufacturer production device sends the encrypted return file to the FTP server;

step 218, the token manufacturer receives the encrypted return file successful storage notification sent by the FTP server;

in step 219, the token manufacturer produces a notification to the bank notification device that the encrypted passback file was successfully saved.

Example 5

An embodiment of the present invention provides a seed key management system, as shown in fig. 5, including a first subsystem 51 and a second subsystem 52,

the first subsystem 51 is used for generating a token seed, generating and storing a manufacturer seed file according to the token seed, encrypting the manufacturer seed file to obtain an encrypted manufacturer seed file, and generating a manufacturer seed file identity identifier according to the encrypted manufacturer seed file; and is further configured to send the manufacturer seed file identification to the second subsystem 52; and is further configured to send the encrypted vendor seed file to the second subsystem 52 according to the encrypted vendor seed file found by receiving the download request sent by the second subsystem 52; the second subsystem 52 is further configured to receive and store the encrypted return file sent by the second subsystem, and decrypt the encrypted return file to obtain a return file; the authentication device is also used for generating an authentication seed file according to the return file;

the second subsystem 52 is configured to receive the manufacturer seed file identity sent by the first subsystem 51, generate a download request according to the manufacturer seed file identity, and send the download request to the first subsystem 51; and is further configured to decrypt the encrypted manufacturer seed file received from the first subsystem 51 to obtain the manufacturer seed file, produce a token according to the token seed in the manufacturer seed file, generate a return file according to the result of producing the token, encrypt the return file, and send the encrypted return file to the first subsystem 51.

In the system provided in this embodiment, the first subsystem 51 is further configured to perform a hash operation on the encrypted manufacturer seed file, generate a hash value, store the hash value, and send the identity identifier and the hash value of the manufacturer seed file to the second subsystem 52; the first subsystem 51 is further configured to determine whether the download request is legal according to the hash value in the download request sent by the second subsystem 52, and if so, send the encrypted vendor seed file to the token producer according to the encrypted vendor seed file found in the download request; if not, an error is reported to the second subsystem 52.

The second subsystem 52 is further configured to receive the identity and the hash value of the vendor seed file sent by the first subsystem 51, generate a download request according to the received identity and the hash value of the vendor seed file, and send the download request to the first subsystem 51.

In the system provided in this example, the first subsystem 51 is further configured to determine whether the download request is legal according to the hash value in the download request, specifically, the first subsystem 51 determines whether the hash value in the download request is the same as the stored hash value.

In the system provided in this embodiment, the first subsystem 51 is specifically configured to generate a token seed, generate and store a manufacturer seed file according to the token seed, a manufacturer number, and a token serial number, encrypt the manufacturer seed file to obtain an encrypted manufacturer seed file, and generate a manufacturer seed file identity identifier according to the encrypted manufacturer seed file; and is further configured to send the manufacturer seed file identification to the second subsystem 52; and is further configured to send the encrypted vendor seed file to the second subsystem 52 according to the encrypted vendor seed file found by receiving the download request sent by the second subsystem 52; the second subsystem 52 is further configured to receive and store the encrypted return file sent by the second subsystem, and decrypt the encrypted return file to obtain a return file; the authentication system is also used for judging whether the manufacturer number and the token serial number exist in the return file, and if so, generating an authentication seed file according to the return file; if not, ending;

the second subsystem 52 is specifically configured to receive the manufacturer seed file identity sent by the first subsystem 51, generate a download request according to the manufacturer seed file identity, and send the download request to the first subsystem 51; and is further configured to decrypt the encrypted manufacturer seed file by the second system to obtain the manufacturer seed file, produce a token according to the token seed, the manufacturer number, and the token serial number in the manufacturer seed file, generate a return file according to the result of producing the token, the manufacturer number, and the token serial number, encrypt the return file, and send the encrypted return file to the first subsystem 51.

In the system provided in this example, the second subsystem 52 generates a return file according to the result of the production token, specifically, the second subsystem 52 generates a return file including token information in the token seed burning state according to the result of the production token, where the token information in the token seed burning state includes token information in which the token seed burning is successful or token information in which the token seed burning is failed;

correspondingly, the first subsystem 51 is further configured to determine whether token information indicating that the token seed burning fails exists in the return file, modify the return file by deleting the token information indicating that the token seed burning fails in the return file if the token information indicating that the token seed burning fails exists in the return file, generate an authentication seed file according to the modified return file, and generate the authentication seed file according to the return file if the token information indicating that the token seed burning fails exists in the return file.

In the system provided in this example, the first subsystem includes a key management device 511, a file transfer protocol server 512, a bank notification device 513 and a one-time password authentication server 514, and the second subsystem includes a token vendor production device 522;

the key management device 511 is configured to generate a token seed, generate a manufacturer seed file according to the token seed, encrypt the manufacturer seed file, and send the encrypted manufacturer seed file to the file transfer protocol server 512; the device is further configured to send the received manufacturer seed file identity identifier sent by the file transfer protocol server 512 to the bank notification device 513; and also for accessing a file transfer protocol server 512; the authentication module is further configured to decrypt the encrypted return file sent by the file transfer protocol server 512 to obtain a return file, and generate an authentication seed file according to the return file; the system is further configured to send the authentication seed file to the one-time password authentication server 514, and further configured to send the received import result sent by the one-time password authentication server 514 to the bank notification device 513;

the file transfer protocol server 512 is configured to receive and store the encrypted manufacturer seed file, and generate a manufacturer seed file identity according to the encrypted manufacturer seed file; also used for sending the identity of the manufacturer seed file to the key management device 511; and is further configured to receive a download request sent by the token vendor production apparatus 522, and send the encrypted vendor seed file found according to the download request to the token vendor production apparatus 522; file transfer protocol server 512, further configured to receive and store the encrypted return file, and further configured to send the encrypted return file to key management apparatus 511 by file transfer protocol server 512 when key management apparatus 511 accesses file transfer protocol server 512;

a bank notification means 513 for sending the received manufacturer seed file identifier sent by the key management means 511 to the token manufacturer production means 522;

the token manufacturer production device 522 is configured to receive the manufacturer seed file identity identifier sent by the bank notification device 513, generate a download request according to the received manufacturer seed file identity identifier, and send the download request to the file transfer protocol server 512; the system is further configured to decrypt the encrypted manufacturer seed file sent by the file transfer protocol server 512 to obtain a manufacturer seed file, produce a token according to the token seed in the manufacturer seed file, generate a return file according to the result of producing the token, encrypt the return file, and send the encrypted return file to the file transfer protocol server 512;

the one-time-password authentication server 514 is configured to generate an import result from the received authentication seed file transmitted by the key management device 511, and transmit the import result to the key management device 511.

In the system provided in this example, the file transfer protocol server 512 is further configured to perform a hash operation on the encrypted manufacturer seed file, generate a hash value, store the hash value, and send the identity identifier and the hash value of the manufacturer seed file to the key manager; the token manufacturer production device 522 is further configured to determine whether the download request is legal according to the hash value in the received download request sent by the token manufacturer production device 522, if so, send the encrypted manufacturer seed file found according to the download request to the token manufacturer production device 522, and if not, report an error to the token manufacturer production device 522;

the key management device 511 is further configured to send the manufacturer seed file identity and the hash value to the bank notification device 513;

the bank notification device 513 is further configured to send the manufacturer seed file identity and the hash value to the token manufacturer production device 522;

the token manufacturer production device 522 is further configured to generate a download request according to the received manufacturer seed file identity and the hash value sent by the bank notification device 513, and send the download request to the file transfer protocol server 512.

In the system provided in this example, the specific step of determining whether the download request is legal according to the hash value in the download request sent by the token manufacturer production apparatus 522 is as follows: the file transfer protocol server 512 determines whether the hash value in the download request is the same as the saved hash value.

In the system provided in this embodiment, the key management device 511 is configured to generate a token seed, generate a manufacturer seed file according to the token seed, a manufacturer number, and a token serial number, encrypt the manufacturer seed file, and send the encrypted manufacturer seed file to the file transfer protocol server 512; the device is further configured to send the received manufacturer seed file identity identifier sent by the file transfer protocol server 512 to the bank notification device 513; and also for accessing a file transfer protocol server 512; the key management device 511 is further configured to decrypt the encrypted return file sent by the received file transfer protocol server 512 to obtain a return file, and further configured to determine whether the return file has a manufacturer number and a token serial number, if yes, the key management device 511 generates an authentication seed file according to the received return file, and generates an authentication seed file according to the return file, if no, a notification that the return file processing has failed is returned to the bank notification device 513, and the process is ended; and is further configured to send the authentication seed file to the one-time password authentication server 514, and is further configured to send the received import result sent by the one-time password authentication server 514 to the bank notification apparatus 513.

In the system provided in this example, the token manufacturer production apparatus 522 generates the return file according to the result of producing the token, specifically, the token production apparatus generates the return file including the token information of the token seed burning state according to the result of producing the token, where the token information of the token seed burning failure includes the token information of the token seed burning success or the token information of the token seed burning failure;

the key management device 511 is further configured to determine whether the received return file has token information indicating that the token seed burning fails, modify the return file by deleting the token information indicating that the token seed burning fails in the return file if the received return file has the token information indicating that the token seed burning fails, generate an authentication seed file according to the modified return file, and generate the authentication seed file according to the return file if the received return file has the token information indicating that the token seed burning fails.

Example 6

The present embodiment provides a token manufacturer production apparatus, as shown in fig. 6, including:

the receiving module 601 is configured to receive a manufacturer seed file identity sent by a first subsystem; the system is also used for receiving the encrypted manufacturer seed file sent by the first subsystem;

a generating module 602, configured to generate a downloading request according to the manufacturer seed file identity received by the receiving module 601; the production module is also used for generating a return file according to the result of the production token of the production module;

a sending module 603, configured to send the download request generated by the generating module to the first subsystem; the system is also used for sending the encrypted return file obtained by the encryption module to the first subsystem;

the decryption module 604 is configured to decrypt the encrypted manufacturer seed file received by the receiving module 601 to obtain a manufacturer seed file; wherein the encrypted vendor file is found by the first subsystem according to the received download request;

a production module 605 for producing tokens according to the vendor seed file;

an encrypting module 606, configured to encrypt the return file generated by the generating module 602 to obtain an encrypted return file.

In the system provided in this example, the generating module 602 generates the return file as a return file including token information of the token seed burning state according to the result of the production token of the production module; the token information of the token seed burning state comprises token information of successful token seed burning or token information of failed token seed burning.

In the system provided in this example, the receiving module 601 is specifically configured to receive a manufacturer seed file identity and a hash value sent by a first subsystem; the Hash value is generated by carrying out Hash operation on the manufacturer seed file by the first subsystem; the first subsystem is also used for receiving the encrypted manufacturer seed file sent by the first subsystem after judging that the downloading request is legal according to the hash value;

the generating module 602 is specifically configured to generate a download request according to the manufacturer seed file identity and the hash value received by the receiving module 601, and generate the download request; and also for generating a return file based on the results of the production token from the production module 605.

The above is only a preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present invention are included in the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims

1. A method for managing seed keys, the method comprising:

step 101, a bank party generates a token seed, generates and stores a manufacturer seed file according to the token seed, encrypts the manufacturer seed file, and generates an identity of the manufacturer seed file according to the encrypted manufacturer seed file;

102, the bank party sends the identity of the manufacturer seed file to a token producer;

103, the token producer receives the identity of the manufacturer seed file, generates a downloading request according to the identity of the manufacturer seed file, and sends the downloading request to the banking party;

105, the token producer decrypts the received encrypted manufacturer seed file to obtain the manufacturer seed file, produces a token according to the token seed in the manufacturer seed file, generates a return file according to the result of producing the token, encrypts the return file, and sends the encrypted return file to the bank;

step 106, the bank side receives and stores the encrypted return file, and decrypts the received encrypted return file to obtain the return file;

and 107, the banking party generates an authentication seed file according to the return file.

2. The method according to claim 1, wherein the step 101 further comprises the banking party performing a hash operation on the encrypted vendor seed file to generate a hash value and saving the hash value;

the step 102 is specifically that the bank party sends the manufacturer seed file identity and the hash value to a token producer;

the step 103 is specifically: the token producer receives the identity identifier of the manufacturer seed file and the hash value, generates a downloading request according to the received identity identifier of the manufacturer seed file and the hash value, and sends the downloading request to the banking party;

before the step 104, the banking party further determines whether the download request is legal according to the hash value in the download request, if so, the step 104 is executed, and if not, an error is reported to the token production party.

3. The method according to claim 2, wherein the step of the banking party judging whether the download request is legal according to the hash value in the download request is specifically as follows: and the bank side judges whether the hash value in the downloading request is the same as the stored hash value, if so, the step 104 is executed, and if not, an error is reported to the token producer.

4. The method according to claim 1 or 2, wherein in step 101, the banking party generates a token seed, and generates a manufacturer seed file according to the token seed and stores the token seed file specifically as: the bank party generates a token seed, and generates and stores a manufacturer seed file according to the token seed, the manufacturer number and the token serial number;

the token producer decrypts the encrypted manufacturer seed file to obtain the manufacturer seed file, produces a token according to the token seed in the manufacturer seed file, and generates a return file according to a result of producing the token in step 105. concretely, the token producer decrypts the encrypted manufacturer seed file to obtain the manufacturer seed file, produces the token according to the token seed, the manufacturer number and the token serial number in the manufacturer seed file, and generates the return file according to the result of producing the token, the manufacturer number and the token serial number;

before the step 107, the step 106' is further included, in which the banking party determines whether the manufacturer number and the token serial number exist in the return file, if so, the step 107 is executed, and if not, the step is ended.

5. The method of claim 1,

the token producer decrypts the encrypted manufacturer seed file to obtain the manufacturer seed file, produces a token according to the token seed in the manufacturer seed file, generates a return file comprising token information of a token seed burning state according to a result of producing the token, encrypts the return file, and sends the encrypted return file to the bank; the token information of the token seed burning state comprises token information of successful token seed burning or token information of failed token seed burning;

correspondingly, the step 106 is specifically that the bank side receives and stores the encrypted return file, decrypts the received encrypted return file to obtain the return file, judges whether token information of token seed burning failure exists in the return file, modifies the return file by deleting the token information of token seed burning failure in the return file if the token information of token seed burning failure exists in the return file, generates an authentication seed file according to the modified return file, and generates an authentication seed file according to the return file if the token information of token seed burning failure does not exist in the return file.

6. The method of claim 1, wherein keys for encrypting and decrypting the vendor seed file and the return file are preset or obtained after key agreement.

7. The method of claim 1, wherein the banking party includes a key management device, a file transfer protocol server, a bank notification device, and a one-time password authentication server, and the token production party includes a token vendor production device;

step 101 specifically comprises: the key management device generates the token seed, generates the manufacturer seed file according to the token seed, encrypts the manufacturer seed file, and sends the encrypted manufacturer seed file to the file transfer protocol server, and the file transfer protocol server receives and stores the encrypted manufacturer seed file and generates a manufacturer seed file identity according to the encrypted manufacturer seed file;

step 102 specifically comprises: the file transfer protocol server sends the manufacturer seed file identity identifier to a key manager, the key manager sends the manufacturer seed file identity identifier to the bank notification device, and the bank notification device sends the manufacturer seed file identity identifier to the token manufacturer production device;

step 103 specifically comprises: the token manufacturer production device receives the manufacturer seed file identity identification, generates a downloading request according to the received manufacturer seed file identity identification, and sends the downloading request to the file transfer protocol server;

step 104 specifically includes: the file transfer protocol server sends the encrypted manufacturer seed file found according to the downloading request to the token manufacturer production device;

step 105 specifically comprises: the token manufacturer production device decrypts the encrypted manufacturer seed file to obtain the manufacturer seed file, produces a token according to the token seed in the manufacturer seed file, generates a return file according to the result of producing the token, encrypts the return file, and sends the encrypted return file to the file transmission protocol server;

8. The method according to claim 7, wherein the step 101 further comprises the file transfer protocol server performing a hash operation on the encrypted vendor seed file, generating a hash value and saving the hash value;

the step 102 is specifically that the file transfer protocol server sends the manufacturer seed file identity and the hash value to the key manager, the key manager sends the manufacturer seed file identity and the hash value to the bank notification device, and the bank notification device sends the manufacturer seed file identity and the hash value to a token manufacturer production device;

the step 103 is specifically: the token manufacturer production device receives the manufacturer seed file identity identification, generates a downloading request according to the received manufacturer seed file identity identification and the hash value, and sends the downloading request to the file transfer protocol server;

before the step 104, the file transfer protocol server further determines whether the download request is legal according to the hash value in the download request, if so, the step 104 is executed, and if not, an error is reported to the token manufacturer production device.

9. The method according to claim 8, wherein the step of the file transfer protocol server determining whether the download request is legal according to the hash value in the download request is specifically that: and the file transfer protocol server judges whether the hash value in the downloading request is the same as the stored hash value, if so, the step 104 is executed, and if not, an error is reported to the token production device.

10. The method according to claim 7 or 8, wherein the step 101 of the key management apparatus generating the token seed and generating the vendor seed file according to the token seed specifically comprises: the key management device generates a token seed and generates a manufacturer seed file according to the token seed, a manufacturer number and a token serial number;

the token manufacturer production device decrypts the encrypted manufacturer seed file to obtain the manufacturer seed file, produces a token according to the token seed in the manufacturer seed file, generates a return file according to the result of producing the token, encrypts the return file, and sends the encrypted return file to the file transmission protocol server;

the step 106 of generating the authentication seed file according to the return file specifically includes: and the key management device judges whether the manufacturer number and the token serial number exist in the return file, if so, the key management device generates an authentication seed file according to the received return file, if not, a notification of failure in processing the return file is returned to the bank notification device, and the process is finished.

11. The method of claim 7,

the token manufacturer production device decrypts the encrypted manufacturer seed file to obtain the manufacturer seed file, produces a token according to the token seed in the manufacturer seed file, generates a return file comprising token information of a token seed burning state according to a result of producing the token, encrypts the return file, and sends the encrypted return file to the file transmission protocol server; the token information of the token seed burning failure comprises token information of the token seed burning success or token information of the token seed burning failure;

correspondingly, in the step 106, the key management device decrypts the received encrypted return file to obtain the return file, and generates an authentication seed file according to the return file, specifically, the key management device decrypts the received encrypted return file to obtain the return file, and determines whether the received return file has token information of token seed burning failure, if so, modifies the return file by deleting the token information of token seed burning failure in the return file, generates the authentication seed file according to the modified return file, and if not, generates the authentication seed file according to the return file.

12. A method for managing seed keys, the method comprising:

step 202, the token manufacturer production device generates a downloading request according to the manufacturer seed file identity, and sends the downloading request to the bank party;

step 203, the token manufacturer production device receives the encrypted manufacturer seed file sent by the bank party and decrypts the encrypted manufacturer seed file to obtain the manufacturer seed file; wherein the encrypted vendor seed file is found by the banking party according to the received download request;

and 204, the token manufacturer production device produces the token according to the manufacturer seed file, generates a return file according to the result of producing the token, encrypts the return file and sends the encrypted return file to the bank party.

13. The method of claim 12,

in the step 204, the token manufacturer production device produces the token according to the manufacturer seed file and generates a return file according to the result of the production token, specifically, the token production device produces the token according to the manufacturer seed file and generates a return file comprising token information of the token seed burning state according to the result of the production token; the token information of the token seed burning state comprises token information of successful token seed burning or token information of failed token seed burning.

14. The method according to claim 12, wherein said step 201 is embodied as said token manufacturer production means receiving said manufacturer seed file identity and hash value sent by said banking party; the bank side generates a hash value according to the manufacturer seed file;

the step 202 specifically includes: the token manufacturer production device generates a downloading request according to the manufacturer seed file identity and the hash value and sends the downloading request to the bank party;

the step 203 specifically includes: after the banking party judges that the downloading request is legal according to the hash value, the token manufacturer production device receives manufacturer seed files sent by the banking party; and the manufacturer seed file is found by the bank party according to the identity of the manufacturer seed file in the received downloading request.

15. A seed key management system, the system comprising: comprises a first subsystem and a second subsystem,

the first subsystem is used for generating a token seed, generating and storing a manufacturer seed file according to the token seed, encrypting the manufacturer seed file to obtain an encrypted manufacturer seed file, and generating a manufacturer seed file identity identifier according to the encrypted manufacturer seed file; the manufacturer seed file identification is also used for sending the manufacturer seed file identification to a second subsystem; the system is also used for finding the encrypted manufacturer seed file according to the received download request sent by the second subsystem and sending the encrypted manufacturer seed file to the second subsystem; the second subsystem is used for sending an encrypted return file to the first subsystem, and sending the encrypted return file to the second subsystem; the authentication module is also used for generating an authentication seed file according to the return file;

the second subsystem is used for receiving the identity of the manufacturer seed file sent by the first subsystem, generating a downloading request according to the identity of the manufacturer seed file and sending the downloading request to the first subsystem; the system is further configured to decrypt the encrypted manufacturer seed file sent by the first subsystem to obtain the manufacturer seed file, produce a token according to the token seed in the manufacturer seed file, generate a return file according to a result of producing the token, encrypt the return file, and send the encrypted return file to the first subsystem.

16. The system of claim 15,

the first subsystem is further configured to perform a hash operation on the encrypted manufacturer seed file, generate a hash value, store the hash value, and send the manufacturer seed file identification and the hash value to the second subsystem; the first subsystem is further used for judging whether the download request is legal or not according to the hash value in the download request sent by the second subsystem, and if so, sending the encrypted manufacturer seed file to the token producer according to the encrypted manufacturer seed file found by the download request; if not, reporting an error to the second subsystem;

the second subsystem is further configured to receive the manufacturer seed file identity and the hash value sent by the first subsystem, generate the download request according to the received manufacturer seed file identity and the hash value, and send the download request to the first subsystem.

17. The system of claim 16,

the first subsystem is further configured to determine whether the download request is legal according to the hash value in the download request, specifically: and the first subsystem judges whether the hash value in the downloading request is the same as the stored hash value.

18. The system of claim 15 or 16,

the first subsystem is specifically used for generating a token seed, generating a manufacturer seed file according to the token seed, a manufacturer number and a token serial number, storing the manufacturer seed file, encrypting the manufacturer seed file to obtain an encrypted manufacturer seed file, and generating a manufacturer seed file identity identifier according to the encrypted manufacturer seed file; the manufacturer seed file identification is also used for sending the manufacturer seed file identification to a second subsystem; the system is also used for sending the encrypted manufacturer seed file to the second subsystem according to the encrypted manufacturer seed file found by receiving the download request sent by the second subsystem; the second subsystem is used for receiving and storing the encrypted return file sent by the second subsystem, and decrypting the encrypted return file to obtain the return file; the authentication module is also used for judging whether the manufacturer number and the token serial number exist in the return file, and if so, generating an authentication seed file according to the return file; if not, ending;

the second subsystem is specifically configured to receive the manufacturer seed file identity sent by the first subsystem, generate a download request according to the manufacturer seed file identity, and send the download request to the first subsystem; the second subsystem is further configured to decrypt the encrypted manufacturer seed file to obtain the manufacturer seed file, produce a token according to the token seed, the manufacturer number, and the token serial number in the manufacturer seed file, generate a return file according to a result of producing the token, the manufacturer number, and the token serial number, encrypt the return file, and send the encrypted return file to the first subsystem.

19. The system of claim 15,

correspondingly, the first subsystem is further configured to determine whether token information indicating that the burning of the token seed fails exists in the return file, modify the return file by deleting the token information indicating that the burning of the token seed fails in the return file if the token information indicating that the burning of the token seed fails exists in the return file, generate an authentication seed file according to the modified return file, and generate an authentication seed file according to the return file if the token information indicating that the burning of the token seed fails exists in the return file.

20. The system of claim 15,

the key management device is used for generating the token seed, generating the manufacturer seed file according to the token seed, encrypting the manufacturer seed file and sending the encrypted manufacturer seed file to the file transfer protocol server; the bank notification device is also used for sending the identity identifier of the manufacturer seed file sent by the file transfer protocol server to the bank notification device; also used for visiting the said file transmission protocol server; the authentication device is also used for decrypting the encrypted return file sent by the file transfer protocol server to obtain a return file and generating an authentication seed file according to the return file; the authentication seed file is also used for sending the authentication seed file to a one-time password authentication server and sending the received import result sent by the one-time password authentication server to the bank notification device;

the file transmission protocol server is used for receiving and storing the encrypted manufacturer seed file and generating an identity of the manufacturer seed file according to the encrypted manufacturer seed file; the system is also used for sending the identity of the manufacturer seed file to a key manager; the token manufacturer production device is also used for receiving a downloading request sent by the token manufacturer production device and sending the encrypted manufacturer seed file found according to the downloading request to the token manufacturer production device; the file transmission protocol server is further configured to receive and store the encrypted return file, and is further configured to send the encrypted return file to the key management device when the key management device accesses the file transmission protocol server;

the token manufacturer production device is used for receiving the manufacturer seed file identity identifier sent by the bank notification device, generating a downloading request according to the received manufacturer seed file identity identifier, and sending the downloading request to the file transfer protocol server; the system is also used for decrypting the encrypted manufacturer seed file sent by the file transfer protocol server to obtain the manufacturer seed file, producing a token according to the token seed in the manufacturer seed file, generating a return file according to the result of producing the token, encrypting the return file, and sending the encrypted return file to the file transfer protocol server;

the one-time password authentication server is used for generating the import result according to the received authentication seed file sent by the key management device and sending the import result to the key management device.

21. The system of claim 20,

the file transmission protocol server is further configured to perform a hash operation on the encrypted manufacturer seed file, generate a hash value, store the hash value, and send the manufacturer seed file identification and the hash value to the key manager; the token manufacturer production device is also used for judging whether the download request is legal or not according to the received hash value in the download request sent by the token manufacturer production device, if so, sending the encrypted manufacturer seed file found according to the download request to the token manufacturer production device, and if not, reporting an error to the token manufacturer production device;

the key manager is further configured to send the manufacturer seed file identity and the hash value to the bank notification apparatus;

the bank notification device is further configured to send the manufacturer seed file identity and the hash value to a token manufacturer production device;

the token manufacturer production device is further configured to generate a download request according to the received manufacturer seed file identity and the hash value sent by the bank notification device, and send the download request to the file transfer protocol server.

22. The system of claim 21,

the step of judging whether the download request is legal according to the received hash value in the download request sent by the token manufacturer production device specifically comprises: and the file transfer protocol server judges whether the hash value in the downloading request is the same as the stored hash value.

23. The system of claim 20,

the key management device is used for generating the token seed, generating a manufacturer seed file according to the token seed, the manufacturer number and the token serial number, encrypting the manufacturer seed file and sending the encrypted manufacturer seed file to the file transfer protocol server; the bank notification device is also used for sending the identity identifier of the manufacturer seed file sent by the file transfer protocol server to the bank notification device; also used for visiting the said file transmission protocol server; the device is also used for decrypting the encrypted return file sent by the file transfer protocol server to obtain a return file, and is also used for judging whether the manufacturer number and the token serial number exist in the return file, if so, the key management device generates an authentication seed file according to the received return file, and generates an authentication seed file according to the return file, and if not, a notification of failure in processing the return file is returned to the bank notification device, and the process is finished; and the system is also used for sending the authentication seed file to a one-time password authentication server and sending the received import result sent by the one-time password authentication server to the bank notification device.

24. The system of claim 20,

the method for generating the return file by the token manufacturer production device according to the result of the production token specifically comprises the following steps: the token production device generates a return file comprising token information of a token seed burning state according to the result of the production token, wherein the token information of the token seed burning failure comprises the token information of the token seed burning success or the token information of the token seed burning failure;

the key management device is further configured to determine whether token information indicating that the burning of the token seed fails exists in the received return file, modify the return file by deleting the token information indicating that the burning of the token seed fails in the return file if the token information indicating that the burning of the token seed fails exists in the return file, generate an authentication seed file according to the modified return file, and generate an authentication seed file according to the return file if the token information indicating that the burning of the token seed fails exists in the return file.

25. A token vendor production apparatus, the apparatus comprising:

a sending module, configured to send the download request generated by the generating module to the first subsystem; the system is also used for sending the encrypted return file obtained by the encryption module to the first subsystem;

and the encryption module is used for encrypting the return file generated by the generation module to obtain the encrypted return file.

26. The apparatus of claim 25,

the return file is a return file comprising token information of a token seed burning state; the token information of the token seed burning state comprises token information of successful token seed burning or token information of failed token seed burning.

27. The apparatus according to claim 25, wherein the receiving module is specifically configured to receive the vendor seed file identity and the hash value sent by the first subsystem; the first subsystem generates a hash value according to the manufacturer seed file; the first subsystem is further used for receiving the encrypted manufacturer seed file sent by the first subsystem after judging that the downloading request is legal according to the hash value;

the generating module is used for generating a downloading request according to the manufacturer seed file identity and the hash value received by the receiving module and generating the downloading request; and the system is also used for generating a return file according to the result of the production token of the production module.