CN114026820A

CN114026820A - Data uploading method, data downloading method and related equipment

Info

Publication number: CN114026820A
Application number: CN202180004124.5A
Authority: CN
Inventors: 杨世昭; 王雪平; 孙金龙
Original assignee: Shenzhen Goodix Technology Co Ltd
Current assignee: Shenzhen Goodix Technology Co Ltd
Priority date: 2021-03-09
Filing date: 2021-03-09
Publication date: 2022-02-08
Also published as: WO2022188033A1

Abstract

The embodiment of the application provides a data uploading method, a data downloading method and related equipment, wherein in the method, access control data to be uploaded are obtained; in response to the input of the user, sending a PIN to a server, wherein the PIN is used for verifying whether the identity of the user is legal or not; receiving first confirmation information sent by the server, and creating a random factor, wherein the first confirmation information is used for confirming whether the verification of the user identity is successful; determining a first key based on the PIN and the random factor, and encrypting the access control data to be uploaded based on the first key to obtain a first data ciphertext; and uploading the first data cipher text and the random factor to the server. Thereby, a secure transmission of data is achieved.

Description

Data uploading method, data downloading method and related equipment

Technical Field

The embodiment of the application relates to the technical field of information security, in particular to a data uploading method, a data downloading method and related equipment.

Background

At present, along with the continuous powerful of cell-phone function, the application of entrance guard's card in the cell-phone is also more and more common, and the high-end cell-phone on the market has mostly all built-in the function of installing entrance guard's card and duplicating entrance guard's card.

However, the following problems are usually encountered in copying the access card in the mobile phone:

when the data of the access card in one mobile phone is migrated to another mobile phone, the data may be intercepted by an attacker, which may cause the leakage of the information of the access card. And entrance guard card information can be used to open the entrance guard, thereby probably causing the property loss and the personal safety hidden danger of enterprise, the danger is very big.

Disclosure of Invention

The embodiment of the application provides a data uploading method, a data downloading method and related equipment, so as to realize the safe migration of data of an access control card.

In a first aspect, an embodiment of the present application provides a data uploading method, which is applied to an electronic device, and includes: acquiring entrance guard data to be uploaded; in response to the input of the user, sending a PIN to a server, wherein the PIN is used for verifying whether the identity of the user is legal or not; receiving first confirmation information sent by the server, and creating a random factor S, wherein the first confirmation information is used for confirming whether the user identity authentication is successful; determining a first secret key K based on the PIN and the random factor S, and encrypting the access control data to be uploaded based on the first secret key K to obtain a first data ciphertext; and uploading the first data cipher text and the random factor S to the server. Therefore, the safe uploading of the access control card data is realized.

In the above data uploading method, in order to verify the identity of the user, a possible implementation manner is that before the obtaining of the access control data to be uploaded, the method further includes:

sending a user registration request to the server, wherein the user registration request is used for registering user identity on the server, and the user registration request comprises the PIN;

and receiving second confirmation information sent by the server, wherein the second confirmation information is used for confirming whether the registration of the user is successful or not.

In order to establish a secure channel to improve the security of data transmission, in one possible implementation manner, the electronic device includes a public signature key, the server includes a private signature key and a second private key, and further includes:

obtaining a first signed certificate, wherein the first signed certificate is obtained by the server after signing the first certificate by using the private signature key, the first certificate is signed and issued by the server, and the first certificate comprises a first public key;

creating a random number RA, and sending a secure channel establishment request to the server, wherein the secure channel establishment request comprises the random number RA and the signed first certificate;

receiving a random number RB, a random number ciphertext CRA and a signed second certificate, wherein the random number RB is created by the server, the random number ciphertext CRA is obtained by the server after being encrypted by using a second key EK, and the second key EK is determined based on the random number RA, the random number RB, the first public key and the second private key;

using the signature public key to carry out identity verification on the signature second certificate, and if the identity verification is passed, acquiring a second public key in the second certificate, wherein the second public key and the second private key are a pair of asymmetric public and private keys;

obtaining a first private key, and determining a second private key EK based on the random number RA, the random number RB, the first private key and the second public key, wherein the first private key and the first public key are a pair of asymmetric public private keys;

decrypting the random number ciphertext CRA by using the second key EK to obtain a random number RA';

and if the random number RA is consistent with the random number RA' obtained by decryption, establishing a secure channel with the server, and determining the second key EK as a session key of the secure channel.

In order to ensure the security of data uploading, a possible implementation manner is that the encrypting the to-be-uploaded access control data based on the first key K to obtain a first data ciphertext includes:

encrypting the entrance guard data to be uploaded based on the first secret key K to obtain a second data ciphertext;

and encrypting the second data ciphertext by using the second key EK to obtain a first data ciphertext.

calculating a digest value based on the random factor S, and determining an initial vector based on the digest value;

and encrypting the entrance guard data to be uploaded based on the first secret key K and the initial vector to obtain a first data ciphertext.

In a second aspect, an embodiment of the present application provides a data downloading method, where the method includes: sending a data acquisition request to a server, wherein the data acquisition request is used for acquiring a first data ciphertext; receiving an encapsulated data packet and a random factor S sent by the server, wherein the encapsulated data packet comprises the first data ciphertext; acquiring a PIN, and determining a first secret key K based on the PIN and the random factor S; and decrypting the encapsulated data packet based on the first secret key K to obtain the clear text of the access control data. Therefore, the safe downloading of the access card data is realized.

In the above data downloading method, in order to verify the validity of the user identity, a possible implementation manner is that the data acquisition request includes a PIN, and the PIN is used to verify whether the identity of the user is valid.

In order to improve the security of data downloading, a possible implementation manner is that the receiving the encapsulated data packet sent by the server includes:

acquiring a second key EK;

receiving an encrypted and encapsulated data packet sent by the server;

and decrypting the encrypted and encapsulated data packet by using the second key EK to obtain an encapsulated data packet.

In order to implement normal writing of the data plaintext, a possible implementation manner is that the encapsulated data packet further includes an executable instruction, and the decrypting the encapsulated data packet based on the first key K to obtain the door access data plaintext includes:

acquiring a first data ciphertext in the encapsulated data packet, and decrypting the first data ciphertext based on the first key K to obtain an access control data plaintext;

and acquiring an executable instruction in the encapsulated data packet, and executing write-in operation on the clear text of the access control data based on the executable instruction.

In a third aspect, an embodiment of the present application provides a chip to implement the foregoing data uploading method, where the chip is applied to an electronic device, and the chip includes:

the acquisition module is used for acquiring the access control data to be uploaded;

the system comprises a sending module, a receiving module and a sending module, wherein the sending module is used for responding to the input of a user and sending a PIN to a server, and the PIN is used for verifying whether the identity of the user is legal or not;

a receiving module, configured to receive first confirmation information sent by the server, and create a random factor S, where the first confirmation information is used to confirm whether verification of a user identity is successful;

the encryption module is used for determining a first secret key K based on the PIN and the random factor S, and encrypting the access control data to be uploaded based on the first secret key K to obtain a first data ciphertext;

and the uploading module is used for uploading the first data ciphertext and the random factor S to the server.

In one possible implementation manner, the chip further includes:

a registration module, configured to send a user registration request to the server, where the user registration request is used to register a user identity on the server, and the user registration request includes the PIN; and receiving second confirmation information sent by the server, wherein the second confirmation information is used for confirming whether the registration of the user is successful or not.

In one possible implementation manner, the electronic device includes a public signature key, the server includes a private signature key and a second private signature key, and the chip further includes:

the certificate acquisition module is used for acquiring a signed first certificate, wherein the signed first certificate is acquired by the server after the server signs the first certificate by using the signature private key, the first certificate is signed and issued by the server, and the first certificate comprises a first public key;

the system comprises a channel establishing module, a signature first certificate and a server, wherein the channel establishing module is used for establishing a random number RA and sending a secure channel establishing request to the server, and the secure channel establishing request comprises the random number RA and the signature first certificate;

In one possible implementation manner, the encryption module is further configured to encrypt the to-be-uploaded access control data based on the first key K to obtain a second data ciphertext; and encrypting the second data ciphertext by using the second key EK to obtain a first data ciphertext.

In one possible implementation manner, the encryption module is further configured to calculate a digest value based on the random factor S, and determine an initial vector based on the digest value; and encrypting the entrance guard data to be uploaded based on the first secret key K and the initial vector to obtain a first data ciphertext.

In a fourth aspect, the present application further provides a chip for implementing the foregoing data downloading method, where the chip is applied to an electronic device, and the chip includes:

the request module is used for sending a data acquisition request to a server, wherein the data acquisition request is used for acquiring a first data ciphertext;

the download module is used for receiving an encapsulated data packet and a random factor S which are sent by the server, wherein the encapsulated data packet comprises the first data ciphertext;

the acquisition module is used for acquiring a PIN and determining a first secret key K based on the PIN and the random factor S;

and the decryption module is used for decrypting the encapsulated data packet based on the first secret key K to obtain the clear text of the access control data.

In one possible implementation manner, the data acquisition request includes a PIN, and the PIN is used to verify whether the identity of the user is legal.

In one possible implementation manner, the download module is further configured to obtain a second key EK; receiving an encrypted and encapsulated data packet sent by the server; and decrypting the encrypted and encapsulated data packet by using the second key EK to obtain an encapsulated data packet.

In one possible implementation manner, the encapsulated data packet further includes an executable instruction, and the decryption module is further configured to obtain a first data ciphertext in the encapsulated data packet, and decrypt the first data ciphertext based on the first key K to obtain an access control data plaintext; and acquiring an executable instruction in the encapsulated data packet, and executing write-in operation on the clear text of the access control data based on the executable instruction.

In a fifth aspect, an embodiment of the present application provides an electronic device, including: memory, a processor and a computer program stored on the memory and executable on the processor, the processor causing the electronic device to perform the method according to the first or second aspect when executing the computer program.

In a sixth aspect, embodiments of the present application provide a computer-readable storage medium, in which a computer program is stored, which, when run on a computer, causes the computer to perform the method according to the first aspect or the second aspect.

In a seventh aspect, the present application provides a computer program, which is used to execute the method of the first aspect or the second aspect when the computer program is executed by a computer.

In a possible design, the program in the seventh aspect may be stored in whole or in part on a storage medium packaged with the processor, or in part or in whole on a memory not packaged with the processor.

Drawings

FIG. 1 is a schematic diagram of a symmetric encryption technique;

FIG. 2 is a schematic diagram of an asymmetric encryption technique;

fig. 3 is a schematic diagram of an application scenario architecture provided in the embodiment of the present application;

fig. 4 is a schematic flowchart of a data uploading method and a data downloading method according to an embodiment of the present application;

fig. 5 is a flowchart of encryption provided by an embodiment of the present application;

fig. 6 is a flowchart of establishing a secure channel according to an embodiment of the present application;

FIG. 7 is a flowchart of decryption provided by an embodiment of the present application;

fig. 8 and fig. 9 are schematic structural diagrams of a chip provided in an embodiment of the present application;

fig. 10 is a schematic structural diagram of an electronic device according to an embodiment of the present application.

Detailed Description

Reference will now be made in detail to embodiments of the present application, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are exemplary and intended to explain the technical aspects of the present application and are not to be construed as limiting the present application.

The data uploading method and the data downloading method, as well as the electronic device and the computer-readable storage medium according to the embodiments of the present application are described below with reference to the accompanying drawings.

In order to clearly illustrate the data uploading method and the data downloading method provided by the embodiments of the present application, an encryption technology is first described.

In the process of transmitting data from a sender to a receiver, data which are not desired to be transmitted by both data transmission parties are acquired by a third party, and the data are conveniently encrypted by using an encryption technology in the sending process.

In the encryption process, data to be transmitted is called original text, and the original text is encrypted to obtain a ciphertext, wherein the ciphertext is usually in a form of messy codes. And the ciphertext is transmitted on a public channel, and even if a third party intercepts information, only the ciphertext can be obtained, and the original text cannot be obtained.

The sender encrypts the original text by using an encryption technology and sends the ciphertext to the receiver. Correspondingly, after receiving the ciphertext, the receiver needs to decrypt the ciphertext to restore the ciphertext to the original text, thereby realizing the encrypted transmission of data from the sender to the receiver.

Encryption techniques include two important factors: the cipher text encryption method comprises an encryption algorithm and a secret key, wherein the encryption algorithm is used for operating an original text and the secret key to obtain a cipher text.

In the related art, encryption technologies can be classified into two types, one is a symmetric encryption technology, and the other is an asymmetric encryption technology.

Fig. 1 is a schematic diagram of a symmetric encryption technique. As shown in fig. 1, in the symmetric encryption technique, the keys used for data encryption and decryption are the same, that is, the same key is used for data encryption and decryption by the receiving side. Once the key is known by a third party, the intercepted ciphertext can be decrypted by using the key, and the encryption technology is cracked. Therefore, in the symmetric encryption technology, the key can only be known by the sender and the receiver, and different senders and receivers use different keys in the data transmission process.

Fig. 2 is a schematic diagram of an asymmetric encryption technique. As shown in fig. 2, in the asymmetric encryption technique, data encryption and decryption is accomplished using a set of keys, including a public key and a private key. The public key is disclosed by the receiving party to the public, and the sender uses the public key disclosed by the receiving party to encrypt the original text when carrying out data transmission with the receiving party. And after receiving the ciphertext, the receiving party decrypts the ciphertext by using the private key corresponding to the public key. For the receiver, a group of key pairs are used to realize data transmission encryption between the receiver and a plurality of senders.

It should be noted that, different from the symmetric encryption technology, in the asymmetric encryption technology, the public key and the private key form a set of key pairs, and the public key and the private key are different, and the corresponding private key cannot be determined according to the public key.

In addition, similar to the symmetric encryption technology, in the asymmetric encryption technology, the public key is used for encryption, the corresponding private key can be used for decryption, and if the private key is used for encryption, the corresponding public key can also be used for decryption. That is, in a set of key pairs, the distinction between the public key and the private key does not lie in whether it is used for encryption or decryption, but in whether it is made public, i.e., called the public key, and what is called the private key, is made public, i.e., is not known to others.

At present, the functions of mobile phones are more and more powerful, and the application of access control cards in mobile phones is more and more common. Most of high-end mobile phones in the market have the functions of installing access cards and copying the access cards. However, when the access card data in one mobile phone is migrated to another mobile phone, the access card information may be leaked due to attack in the migration process, so that there is an information security risk, which may cause economic loss and potential safety hazard to enterprises.

In order to solve the above problems, an embodiment of the present application provides a data uploading method and a data downloading method, where data of an access control card to be migrated is encrypted by one mobile phone and then sent to a server, and the data of the access control card is downloaded in another mobile phone, so that migration of the data of the access control card is completed, and secure transmission of the data of the access control card can be ensured.

Fig. 3 is an application scenario diagram according to an embodiment of the present application. As shown in fig. 3, the access card 30 contains access card data, and the access card 30 may be a physical card (e.g., an IC card or a chip card). The first device 311 and the first device 312 may be mobile terminals (e.g., cell phones). The second device 32 may be a server. First equipment 311 can go out from access control card 30 and read access control card data to upload to second equipment 32 after encrypting access control card data, first equipment 312 can go out from second equipment 32 and download encrypted access control card data, and decipher encrypted access control card data, can obtain access control card data from this, and then accomplish the safe migration of access control card data.

It should be understood that the above examples only illustrate the scenario of the entrance guard card data, and do not limit the embodiments of the present application. In some embodiments, other security data scenarios may also be included, that is, the access card 30 may also be a physical card or device including other security data.

A mobile terminal may also be referred to as a terminal device, a User Equipment (UE), an access terminal, a subscriber unit, a subscriber station, a mobile station, a remote terminal, a mobile device, a User terminal, a wireless communication device, a User agent, or a User Equipment, among others. The Mobile terminal may be a cellular telephone, a cordless telephone, a Personal Digital Assistant (PDA) device, a handheld device, computing device or handheld communication device having wireless communication capabilities, a handheld computing device, a satellite radio, and/or other devices for communicating over a wireless system as well as next generation communication systems, e.g., a Mobile terminal in a 5G Network or a Mobile terminal in a future evolved Public Land Mobile Network (PLMN) Network, etc. The mobile terminal may also be a wearable device. Wearable equipment can also be called wearable intelligent equipment, is the general term of applying wearable technique to carry out intelligent design, develop the equipment that can dress to daily wearing, like glasses, gloves, wrist-watch, dress and shoes etc.. A wearable device is a portable device that is worn directly on the body or integrated into the clothing or accessories of the user. The wearable device is not only a hardware device, but also realizes powerful functions through software support, data interaction and cloud interaction. The generalized wearable intelligent device has the advantages that the generalized wearable intelligent device is complete in function and large in size, can realize complete or partial functions without depending on a smart phone, such as a smart watch or smart glasses, and only is concentrated on a certain application function, and needs to be matched with other devices such as the smart phone for use, such as various smart bracelets for monitoring physical signs, smart jewelry and the like.

The following description takes the data of the access card as an example, and fig. 4 is a schematic flow diagram of a data uploading method and a data downloading method provided in the embodiments of the present application. In order to facilitate the public to fully understand the complete solution of the present application, steps that various roles and devices in the entire system, such as the access card 30, the first device 311, the first device 312, and the second device 32, need to be executed at different stages are integrated into the description of the process according to a timeline, where the stages include, but are not limited to, a user registration stage, a device registration stage, a data reading stage, a data uploading stage, and a data downloading stage. As shown in fig. 4, the method includes:

in step 401, the first device 311 sends a user registration request to the second device 32.

Specifically, the user may operate in an Application (APP) of a first device 311 (e.g., a mobile phone) to complete identity registration of the user on a second device 32 (e.g., a server), where the second device 32 may correspond to the application, for example, the second device 32 may be a server providing the application service. For example, the user may open an Application (APP) in the first device 311, and the APP may be used to read the access card data in the access card 30 and send the access card data to the second device 32. In a specific implementation, the application may be a wallet application, or may be another type of application having the same function as described above, and this is not particularly limited in this embodiment of the application. Then, the user can input user information (e.g., a user account and a password) and a Personal Identification Number (PIN) in the application, and can click a registration function; it will be appreciated that the PIN may be a secret value, which may be used to verify the identity of the user. Optionally, the PIN may be hashed in the first device 311, so that a hash value of the PIN may be obtained. In response to the user operation, the first device 311 may send a user registration request to the second device 32, where the user registration request may include the user information and the PIN. It should be noted that, if the first device 311 obtains the hash value of the PIN by performing hash operation on the PIN, the user registration request may also include the user information and the hash value of the PIN.

In step 402, the second device 32 feeds back the confirmation information to the first device 311.

Specifically, after receiving the user registration request of the first device 311, the second device 32 may obtain the user information and the PIN in the user registration request, and may complete the user registration on the second device 32 based on the user information and the PIN. In a specific implementation, after receiving the user information and the PIN in the user registration request, the second device 32 may create a user account based on the user information and the PIN, and store the user account and the PIN in a local database, and then, the second device 32 may feed back confirmation information to the first device 311, where the confirmation information may be used to notify the first device 311 whether the user is successfully registered. Illustratively, the confirmation information may include success or failure, and if the first device 311 receives a success message, it may confirm that the user registration is successful, and if the first device 311 receives a failure message, it may confirm that the user registration is failed.

Optionally, if the user registration request includes the hash value of the user information and the PIN, the second device 32 may complete the registration of the user on the second device 32 based on the hash value of the user information and the PIN, and the specific registration process may refer to the process of completing the registration on the second device 32 through the user information and the PIN, which is not described herein again.

In step 403, the first device 311 obtains the signed secure chip certificate cert.

In particular, a secure chip certificate cert.se, which may include the SE public key pk.se, may be issued by the second device 32. The secure chip certificate cert.se described above may be used to negotiate a session key of a secure channel between the first device 311 and the second device 32 to establish the secure channel between the first device 311 and the second device 32. In addition, when the second device 32 issues the secure chip certificate cert.se, the secure chip certificate cert.se may be signed by using a signature private key sk.ca, so that the signed secure chip certificate cert.se.ca may be obtained.

In a specific implementation, the first device 311 may transmit the SE public key pk.se to the second device 32 in advance, and the second device 32 may generate the secure chip certificate cert.se based on the SE public key pk.se, that is, the secure chip certificate cert.se may include the SE public key pk.se. Then, the second device 32 may create a pair of asymmetric signature public and private keys, for example, a signature private key sk.ca and a signature public key pk.ca, where the signature private key sk.ca is used to sign the secure chip certificate cert.se, so as to obtain a signature secure chip certificate cert.se.ca; the signature public key PK.CA is used for carrying out the de-signature on the signature security chip certificate CERT.SE.CA so as to verify the identity of the security chip certificate CERT.SE. Therefore, the second device 32 may use the signature private key sk.ca to sign the secure chip certificate cert.se, so as to obtain a signed secure chip certificate cert.se.ca. The first device 311 may preset the above-described signed secure chip certificate cert.se.ca in the secure chip of the first device 311 at the time of factory shipment.

In addition, a secure channel may be established between the first device 312 and the second device 32, that is, the first device 312 may preset the signed secure chip certificate cert.se.ca issued by the second device 32 in the secure chip of the first device 312 when the first device 312 is shipped from a factory.

In step 404, the first device 311 sends a reading instruction to the access card 30, and reads the access card data in the access card 30.

Specifically, the user may operate in the first device 311 to read the access card data in the access card 30. Illustratively, the user operates (e.g., clicks on a control for reading access card data) in an application (e.g., a wallet application) in the first device 311. In response to the operation of the user, the first device 311 sends a reading instruction to the access card 30 to read the access card data in the access card 30. In a specific implementation, in response to an operation of a user, the first device 311 may send a read instruction to the access card 30 through the SE, so that the SE may read access card data in the access card 30, and may store the read access card data in the SE.

It should be noted that the access card data stored in the access card 30 may be plaintext data or ciphertext data, and the ciphertext data may be data encrypted by a preset key. After the ciphertext data is obtained, the first device 311 may perform decryption according to a preset key, so as to obtain plaintext data. Therefore, whether the access card data stored in the access card 30 is plaintext or ciphertext does not limit the embodiment of the present application. The embodiment of the application takes the example of finally reading the obtained clear text data of the access control card as an example for explanation.

Further, after the SE reads the data of the access card in the access card 30, the data of the access card may be encapsulated, so that a data format that can be recognized and processed by the server may be obtained.

In step 405, the first device 311 sends a verification request to the second device 32.

Specifically, after the first device 311 acquires the access card data in the access card 30, it may further verify whether the identity of the user is legal. For example, a display interface of an application (e.g., a wallet application) at the first device 311 may display an input box that may be used to enter user information and a PIN. The user can input user information and a PIN in the input box. In response to the user's input, the first device 311 may send an authentication request to the second device 32, which may be used to verify whether the user's identity is legitimate, the authentication request including the user information and the PIN.

Optionally, the first device 311 may also perform a hash operation on the PIN, so as to obtain a hash value of the PIN, that is, the authentication request may include the user information and the hash value of the PIN.

In step 406, the second device 32 receives the authentication request sent by the first device 311, and authenticates the user identity.

Specifically, after receiving the authentication request sent by the first device 311, the second device 32 may obtain the user information and the PIN in the authentication request, and may authenticate the identity of the user based on the user information and the PIN to determine whether the identity of the user is legal.

For example, the second device 32 may query a local database based on the user information in the authentication request, and may thus retrieve the PIN corresponding to the user information. Then, the PIN obtained by the query can be compared with the PIN in the verification request, and if the PIN obtained by the query is consistent with the PIN in the verification request, the identity of the user can be determined to be legal; if the PIN obtained by the query is inconsistent with the PIN in the verification request, the identity of the user can be determined to be illegal.

Alternatively, if the authentication request includes the user information and the hash value of the PIN, the second device 32 may query the local database based on the user information in the authentication request, so as to find the hash value of the PIN corresponding to the user information. Then, the second device 32 may perform a hash operation on the hash value of the queried PIN corresponding to the user information, so as to obtain the queried PIN corresponding to the user information; and the hash value of the PIN in the verification request can be subjected to hash operation, so that the PIN in the verification request can be obtained. Then, the PIN corresponding to the user information obtained by the query can be compared with the PIN in the verification request, and if the PIN corresponding to the user information obtained by the query is consistent with the PIN in the verification request, the identity of the user can be determined to be legal; if the PIN corresponding to the user information obtained by the query is not consistent with the PIN in the verification request, the identity of the user can be determined to be illegal.

In step 407, the second device 32 feeds back the verification result to the first device 311.

Specifically, if the second device 32 determines that the user identity is legal, a verification success message may be fed back to the first device 311; if the second device 32 determines that the user identity is illegal, a verification failure message may be fed back to the first device 311.

In step 408, the first device 311 receives the verification result sent by the second device 32, and encrypts the access card data to obtain an access card ciphertext.

Specifically, after receiving the verification result sent by the second device 32, the first device 311 may encrypt the access card data if it is determined that the user identity verification is successful, so as to obtain an access card ciphertext.

In a specific implementation, after receiving the verification result sent by the second device 32, an application (e.g., a wallet application) of the first device 311 may invoke an interface of the SE and send a data request to the SE to obtain the access card cryptograph if it is determined that the user identity verification is successful, where the data request may include a PIN. After the SE receives the data request, the PIN in the data request can be obtained, and the access card data in the SE can be encrypted according to the PIN, so that the access card ciphertext can be obtained.

Now, the encryption process of the SE is described with reference to fig. 5, where fig. 5 is a flow chart of data encryption of the access card, and includes the following sub-steps:

in step 4081, SE creates a random factor S and generates a first key K based on the random factor S and the PIN.

Specifically, the SE may arbitrarily create a random factor S, where S may be an arbitrary string of data. It is understood that the data length of the random factor S can be arbitrarily specified. SE may then treat S as a salt value, treat the PIN as a secret value, and generate the first key K through a KDF function. Preferably, the KDF function may be PBKDF 2. It is to be understood that the above example illustrates a manner of generating the first key through the PBKDF2 function, and does not constitute a limitation to the embodiments of the present application, and in some embodiments, may also be implemented through other KDF functions.

In step 4082, the SE generates an initial vector (initial vector, IV) based on the random factor S.

Specifically, the SE may perform a digest calculation on the random factor S using the SM3 algorithm, so that a digest value may be obtained, and then, the lower 16 bytes of the digest value may be taken as an initial vector.

It should be noted that the summary calculation algorithm in the embodiment of the present application may be any known summary calculation algorithm, and the embodiment of the present application is not limited thereto.

Step 4083, the SE encrypts the access card data based on the first key K and the initial vector to obtain an access card ciphertext.

Specifically, after the SE calculates the first key K and the initial vector, the SM4 algorithm may be used to encrypt the access card data based on the first key K and the initial vector, where the encryption may be performed in the CBC mode.

The length of the access card data can be an integral multiple of 16 bytes. In a specific implementation, the access card data can be encrypted in the following two ways.

Mode 1

All the entrance guard card data are taken as a whole, and the data of 16 sectors are uniformly encrypted. For example, the access card Data may be access card Data, and the Data length of the Data may be 1024 bytes. After the Data is encrypted through the first secret key K and the initial vector, the access control card ciphertext Cipher can be obtained, and the length of the access control card ciphertext Cipher can also be 1024 bytes.

Mode 2

Dividing all access control card data into 8 data blocks, wherein each data block comprises 2 sectors of data. For example, the access card Data may be Data1 or Data2 … DataN, where N is 8, and each Data block may be 128 bytes in length. After the Data1 and the Data2 … DataN are encrypted by the first key K and the initial vector, corresponding access card ciphertexts Cipher text Cipher1 and Cipher text 2 … Cipher text can be obtained, wherein the length of each access card Cipher text may be 128 bytes.

It should be noted that the encryption algorithm in the embodiment of the present application may be any known encryption algorithm, for example, AES, DES, and the like, and the embodiment of the present application does not limit this. The encryption mode may be any known encryption mode, such as GCM, ECB, and the like, which is not limited in the embodiment of the present application.

In step 409, the first device 311 sends the access control card cryptograph and the random factor S to the second device 32.

Specifically, after obtaining the access control card ciphertext, the first device 311 may send the access control card ciphertext and the random factor S to the second device 32. In a specific implementation, the SE in the first device 311 may encrypt the access card data, obtain an access card ciphertext, and send the access card ciphertext and the random factor S to an application (e.g., a wallet application). After receiving the access control card ciphertext and the random factor S sent by the SE, the application may send the access control ciphertext and the random factor S to the second device 32.

Optionally, before the first device 311 sends the access control card ciphertext to the second device 32, a secure channel may be further established between the first device 311 and the second device 32, where the secure channel may be used to ensure secure transmission of data between the first device 311 and the second device 32. For example, the first device 311 may negotiate a session key with the second device 32 before data transmission, and may encrypt the transmitted data using the session key after negotiating the session key, thereby ensuring security of data transmission.

In particular implementations, the secure channel described above may be established between an application (e.g., a wallet application) in the first device 311 and the second device 32. Now, the establishment process of the secure channel is described with reference to fig. 6, where fig. 6 is a flow chart of the secure channel establishment, and includes the following sub-steps:

step 4091, the application obtains the signature security chip certificate cert.

Specifically, the application may invoke an interface of the SE through which the signed secure chip certificate cert.

Step 4092, the application generates a random number RA.

The random number RA serves as a first random number.

Specifically, the sequence of step 4092 and step 4091 may not be sequential, for example, step 4092 may be executed before step 4091, step 4092 may also be executed after step 4091, step 4092 may also be executed simultaneously with step 4091, which is not particularly limited in this embodiment of the application.

Step 4093, the application sends a secure channel establishment request to the second device 32.

Specifically, after acquiring the random number RA and the signed secure chip certificate cert.se.ca, the application sends a secure channel establishment request to the second device 32, where the secure channel establishment request may be used to establish a secure channel between the application and the second device 32, and the secure channel establishment request may include the random number RA and the signed secure chip certificate cert.se.ca.

Step 4094, the second device 32 receives the secure channel establishment request sent by the application, verifies the secure channel establishment request, and generates feedback information based on the verification result.

Specifically, after receiving the secure channel establishment request sent by the application, the second device 32 obtains the random number RA and the signed secure chip certificate cert.

In a specific implementation, the above verification may be to verify the identity of the signed secure chip certificate cert. Illustratively, since the signed secure chip certificate cert.se.ca is signed and issued by the second device 32, the local database of the second device 32 stores the signed public key pk.ca corresponding to the signed secure chip certificate cert.se.ca. Therefore, the second device 32 can perform identity verification on the secure chip certificate cert.se.ca according to the public signature key pk.ca, and if the secure chip certificate cert.se.ca is correctly de-signed by the public signature key pk.ca, the identity of the secure chip certificate cert.se can be determined to be the first device 311; if the signature of the signature security chip certificate CERT.SE.CA fails to be signed by the signature public key PK.CA, the identity of the security chip certificate CERT.SE can be determined to be illegal equipment.

Next, if the second device 32 determines that the identity of the secure chip certificate cert.se is the first device 311, the SE public key pk.se in the secure chip certificate cert.se may be obtained, and a random number RB may be generated, where the random number RB is used as the second random number.

Then, the second device 32 may perform calculation by using an SM2 algorithm based on the random number RA, the random number RB, the SE public key pk.se, and the second device private key sk.server to obtain the second key EK, where sk.server is the second device private key preset in the second device 32.

It should be noted that the key generation algorithm in the embodiment of the present application may be any known key generation algorithm, and the embodiment of the present application does not limit this.

When the second device 32 obtains the second key EK, the random number RA may be encrypted using the EK, thereby obtaining a random number ciphertext CRA. Preferably, the above algorithm for encrypting the random number RA may be SM4, and the encryption mode may be ECB.

It should be noted that the encryption algorithm in the embodiment of the present application may be any known encryption algorithm, and the embodiment of the present application does not limit this. In addition, the encryption mode in the embodiment of the present application may be any known encryption algorithm other than ECB, for example, CBC, GCM, and the like, which is not limited in the embodiment of the present application.

Step 4095, the second device 32 sends feedback information to the application.

Specifically, the feedback information may include a random number RB, a random number ciphertext CRA, and a signed second device certificate cert. The signed second device certificate cert.server.ca may be obtained after the second device 32 signs the second device certificate cert.server using the private key signature sk.ca, and the second device certificate cert.server may include the second device public key pk.server.

Step 4096, the application receives the feedback information sent by the second device 32 and forwards the feedback information to the SE.

Specifically, after receiving the feedback information sent by the second device 32, the application may forward the feedback information and the random number RA to the SE. In a specific implementation, after receiving the feedback information sent by the second device 32, the application may completely forward the feedback information and the random number RA to the SE. For example, the application may forward the random number RB, the random number ciphertext CRA, and the signed second device certificate cert.server.ca in the feedback information to the SE, and may also send the random number RA to the SE.

Step 4097, the SE receives the feedback information and the random number RA forwarded by the application, and performs identity verification on the signed second device certificate cert.

Specifically, after receiving the feedback information forwarded by the application, the SE obtains the signed second device certificate cert.

In a specific implementation, the above verification of the signed second device certificate cert.server.ca may be that the signed second device certificate cert.server.ca is de-signed by using the signed public key pk.ca to verify the identity of the second device certificate cert.server. Where the signature public key pk.ca may be sent by the second device 32 to the first device 311 in advance. For example, if the SE correctly de-signs the signed second device certificate cert.server.ca using the signed public key pk.ca, the identity of the second device certificate cert.server is a legitimate server, and the second device certificate cert.server may be obtained; if the SE fails to sign off the signed second device certificate cert.server.ca using the signed public key pk.ca, the second device certificate cert.server cannot be obtained, and the identity of the second device certificate cert.server can be determined to be an illegal server.

Then, if the SE determines that the identity of the second device certificate cert.server is a legitimate server, the SE may obtain the second device public key pk.server in the second device certificate cert.server.

At step 4098, the SE determines the session key for the secure channel.

Specifically, after the SE acquires the second device public key pk.server, the second key EK may be determined based on the random number RA, the random number RB, the SE private key sk.se, and the second device public key pk.server, and a session key may be determined based on the second key EK, where the session key is used to encrypt and decrypt data transmitted in a secure channel. In a specific implementation, the above manner for determining the session key may be: and calculating to obtain a second key EK through a key negotiation algorithm in an SM2 algorithm according to the random number RA, the random number RB, the SE private key SK.SE and the second equipment public key PK.SERVER. Next, the random number ciphertext CRA may be decrypted using the second key EK to obtain a random number RA, and the decrypted random number RA may be compared with the locally generated random number RA by the application. If the random number RA obtained by the decryption matches the random number RA generated locally by the application, a secure channel may be established between the first device 311 and the second device 32, and the second key EK may be used as a session key of the secure channel. If the random number RA obtained by the decryption is not consistent with the random number RA generated locally by the application, the session key cannot be acquired, that is, the establishment of the secure channel between the first device 311 and the second device 32 fails.

It is understood that the SE private key sk.se and the SE public key pk.se are a pair of asymmetric public private keys, and the second device private key sk.server and the second device public key pk.server are a pair of asymmetric public private keys.

Step 4099, a channel setup response message is sent to the second device 32 based on the determined session key, to setup a secure channel with the second device 32.

Specifically, if the first device 311 determines the session key, it may feed back success information to the second device 32, so as to establish a secure channel between the first device 311 and the second device 32, that is, the first device 311 may encrypt the access card ciphertext again by using the session key (e.g., the second key EK), and send the encrypted access card ciphertext to the second device 32, so as to implement dual protection on the access card data. For example, if the Cipher is the access card Cipher text, the first device 311 may encrypt the access card Cipher text Cipher again by using the second key EK, and may obtain the encrypted access card Cipher text Cipher _ EK.

If the first device 311 does not acquire the session key, the first device 311 may feed back failure information to the second device 32, where the failure information is used to notify the second device 32 that the secure channel establishment fails.

At step 410, the first device 312 sends a data acquisition request to the second device 32.

Specifically, after the door access card data is uploaded to the second device 32. The first device 312 may send a data acquisition request to the second device 32 to acquire access card data. The data obtaining request may include user information and a PIN.

It is understood that the first device 311 may also send a data acquisition request to the second device 32 to obtain the access card data. The difference between the first device 311 and the first device 312 is that: if the first device 311 has just uploaded the access card data to the second device 32, at this time, the first device 311 requests the second device 32 to download the access card data, and since the user has already input the user information and the PIN when uploading the access card data, the user does not need to input the user information and the PIN when requesting the second device 32 to download the access card data, the first device 311 may create a data acquisition request according to the user information and the PIN input by the user when uploading the access card data, and send the data acquisition request to the second device 32, thereby facilitating the user's operation

Optionally, before the first device 312 sends the data obtaining request to the second device 32, a secure channel may also be established between the first device 312 and the second device 32. The method shown in fig. 6 may be referred to for establishing the secure channel, and details are not described here.

In step 411, the second device 32 verifies the data acquisition request.

Specifically, after receiving the data acquisition request sent by the first device 312, the second device 32 may acquire the user information and the PIN in the data acquisition request, and may perform authentication based on the user information and the PIN, thereby determining whether the identity of the user is legal. For example, if the PIN in the data acquisition request is consistent with the PIN locally stored in the second device 32, it may be determined that the user identity is legal; if the PIN in the data acquisition request is not consistent with the PIN locally stored in the second device 32, it may be determined that the user identity is illegal.

Optionally, if the data obtaining request is sent through a secure channel, the second device 32 may decrypt the data obtaining request using the second key EK, and may obtain the user information and the PIN in the data obtaining request after the data obtaining request is successfully decrypted.

In step 412, the second device 32 sends the encapsulated packet and the random factor S to the first device 312 based on the verification result.

Specifically, if the second device 32 determines that the user identity is legal, an encapsulation data packet and a random factor S may be sent to the first device 312, where the encapsulation data packet may include an instruction and an access card ciphertext. In a specific implementation, the second device 32 may encapsulate the above mentioned gate inhibition card ciphertext into data packets, where each encapsulated data packet may include an SE executable instruction and a gate inhibition card ciphertext.

It will be appreciated that the number of encapsulated packets may correspond to the number of gate card cryptograms already stored by the second device 32. For example, if the second device 32 receives only one access card ciphertext (e.g., cipherer), the second device 32 may encapsulate the cipherer into one packet. If the second device 32 receives N access control card ciphers (e.g., cipherer 1, cipherer 2 … CipherN), the second device 32 may encapsulate the N access control card ciphers into N data packets.

Now, N gate inhibition card ciphertexts are taken as an example for explanation, and table 1 is a gate inhibition card cipher text encapsulation table.

TABLE 1

As shown in table 1, the access control ciphertext includes N ciphertext such as cipherer 1, cipherer 2 …, CipherN, and the like. Since the data cannot be directly read and stored in the SE, it is necessary to add an SE executable instruction (for example, instruction 1, instruction 2 …, instruction N, etc.) to each piece of ciphertext. Then, the instructions and the corresponding ciphertext can be encapsulated, so that N encapsulated data packets can be obtained, that is, one encapsulated data packet corresponds to one instruction and one access control card ciphertext.

The second device 32 may then send each of the encapsulated packets to the first device 312 in turn. The sending sequence may be according to the order of the instructions.

It is understood that when the second device 32 sends the encapsulated data packet to the first device 312, the encapsulated data packet may be further encrypted in a secure channel (for example, encrypted by using the second key EK), so that the security of the transmission of the encapsulated data packet may be ensured.

In step 413, the first device 312 receives the encapsulated data packet and the random factor S sent by the second device 32, processes the encapsulated data packet, and obtains and stores the data of the access card.

Specifically, the first device 312 may receive the encapsulated data packet and the random factor S sent by the second device 32 through an application (e.g., a wallet application). After the application receives the encapsulated packet and the random factor S sent by the second device 32, the PIN may be sent to the SE through a preset instruction, so that the SE may store the PIN.

Alternatively, if the application receives the encrypted encapsulated packet sent by the second device 32 through the secure channel, the application may decrypt the encrypted encapsulated packet through the second key EK, so as to obtain the encapsulated packet.

The application may then forward the received encapsulated packets to the SE in turn, and may send the random factor S to the SE. The sequence in which the application forwards the encapsulated packets may be according to the sequence in which the encapsulated packets are received. For example, if the application receives the encapsulated packet 1 sent by the second device 32 at the earliest time, the application may forward the encapsulated packet 1 to the SE. Then, if the application receives the encapsulated packet 2 sent by the second device 32, the application may forward the encapsulated packet 2 to the SE, and so on.

And after the SE receives the encapsulated data packet forwarded by the application and the random factor S, the access control card ciphertext in the encapsulated data packet can be obtained, and the access control card ciphertext can be decrypted.

The above decryption process is now described with reference to fig. 7, where fig. 7 is a decryption flow diagram comprising the following sub-steps:

in step 4131, SE generates a first key K based on the random factor S and the PIN.

Specifically, after the SE obtains the random factor S and the PIN, a KDF function (e.g., PBKDF2) may be used to generate the first key K based on the random factor S and the PIN.

In step 4132, SE determines an initial vector based on the random factor S.

Specifically, an algorithm (e.g., SM3) may be used to calculate a digest value based on the random factor S, and the lower 16 bytes of the digest value may be taken as an initial vector.

In step 4133, the SE decrypts the data based on the first key K and the initial vector to obtain the data of the access card.

Specifically, the access card ciphertext may be decrypted in CBC mode based on the first key K and the initial vector using an algorithm (e.g., SM4), so that access card data may be obtained.

The access card data may then be written to the SE via an instruction (e.g., Write) in the encapsulated packet, thereby completing the copying of the access card data to the first device 312.

In the embodiment of the application, the access control card data is uploaded to the server after being safely encrypted in one mobile phone, and the access control card ciphertext is downloaded from the server in another mobile phone, so that the access control card data can be safely migrated, and the security of data transmission of the access control card is improved.

In order to implement the foregoing embodiment, an embodiment of the present application further provides a chip, which is applied to an electronic device, where the electronic device may be the first device 311 or the first device 312. Fig. 8 is a schematic structural diagram of a chip 80 according to an embodiment of the present disclosure. As shown in fig. 8, the chip 80 includes: an acquisition module 81, a sending module 82, a receiving module 83, an encryption module 84 and an uploading module 85; wherein the content of the first and second substances,

the acquisition module 81 is used for acquiring the access control data to be uploaded;

a sending module 82, configured to send a PIN to the server in response to an input of the user, where the PIN is used to verify whether the identity of the user is legal;

a receiving module 83, configured to receive first confirmation information sent by the server, and create a random factor S, where the first confirmation information is used to confirm whether the verification of the user identity is successful;

the encryption module 84 is configured to determine a first secret key K based on the PIN and the random factor S, and encrypt the to-be-uploaded access control data based on the first secret key K to obtain a first data ciphertext;

and an uploading module 85, configured to upload the first data ciphertext and the random factor S to the server.

In one possible implementation manner, the chip 80 further includes: a registration module 86; wherein the content of the first and second substances,

a registration module 86, configured to send a user registration request to the server, where the user registration request is used to register a user identity on the server, and the user registration request includes the PIN; and receiving second confirmation information sent by the server, wherein the second confirmation information is used for confirming whether the registration of the user is successful or not.

In one possible implementation manner, the electronic device includes a public signature key, the server includes a private signature key and a second private signature key, and the chip 80 further includes: a channel establishment module 88; wherein the content of the first and second substances,

the channel establishing module 88 is configured to obtain a signed first certificate, where the signed first certificate is obtained by the server after signing the first certificate with the signature private key, the first certificate is issued by the server, and the first certificate includes a first public key;

decrypting the random number ciphertext CRA by using the second key EK to obtain a random number RA' which is used as a third random number;

In one possible implementation manner, the encryption module 84 is further configured to encrypt the to-be-uploaded access control data based on the first key K to obtain a second data ciphertext; and encrypting the second data ciphertext by using the second key EK to obtain a first data ciphertext.

In one possible implementation manner, the encryption module 84 is further configured to calculate a digest value based on the random factor S, and determine an initial vector based on the digest value; and encrypting the entrance guard data to be uploaded based on the first secret key K and the initial vector to obtain a first data ciphertext.

In order to implement the foregoing embodiment, an embodiment of the present application further provides a chip, and fig. 9 is a schematic structural diagram of a chip 90 provided in the embodiment of the present application. As shown in fig. 9, the chip 90 includes: a request module 91, a download module 92, an acquisition module 93 and a decryption module 94; wherein the content of the first and second substances,

the request module 91 is configured to send a data obtaining request to a server, where the data obtaining request is used to obtain a first data ciphertext;

a downloading module 92, configured to receive an encapsulated data packet and a random factor S sent by the server, where the encapsulated data packet includes the first data ciphertext;

an obtaining module 93, configured to obtain a PIN, and determine a first secret key K based on the PIN and the random factor S;

and the decryption module 94 is configured to decrypt the encapsulated data packet based on the first key K to obtain an entrance guard data plaintext.

In one possible implementation manner, the downloading module 92 is further configured to obtain a second key EK; receiving an encrypted and encapsulated data packet sent by the server; and decrypting the encrypted and encapsulated data packet by using the second key EK to obtain an encapsulated data packet.

In one possible implementation manner, the encapsulated data packet further includes an executable instruction, and the decryption module 94 is further configured to obtain a first data ciphertext in the encapsulated data packet, and decrypt the first data ciphertext based on the first key K to obtain an access control data plaintext; and acquiring an executable instruction in the encapsulated data packet, and executing write-in operation on the clear text of the access control data based on the executable instruction.

It should be understood that the division of the modules of the chips shown in fig. 8 and 9 is merely a logical division, and the actual implementation may be wholly or partially integrated into one physical entity or may be physically separated. And these modules can be realized in the form of software called by processing element; or may be implemented entirely in hardware; and part of the modules can be realized in the form of calling by the processing element in software, and part of the modules can be realized in the form of hardware. For example, the detection module may be a separate processing element, or may be implemented by being integrated in a chip of the terminal. Other modules are implemented similarly. In addition, all or part of the modules can be integrated together or can be independently realized. In implementation, each step of the above method or each module above may be implemented by an integrated logic circuit of hardware in a processor element or an instruction in the form of software.

For example, the above modules may be one or more integrated circuits configured to implement the above methods, such as: one or more Application Specific Integrated Circuits (ASICs), one or more microprocessors (DSPs), one or more Field Programmable Gate Arrays (FPGAs), etc. For another example, these modules may be integrated together and implemented in the form of a System-On-a-Chip (SOC)

Fig. 10 exemplarily shows a schematic structural diagram of an electronic device 100 provided in an embodiment of the present application, where the electronic device 100 may be the first device 311 or the first device 312 described above.

As shown in fig. 10, the electronic device 100 may include a processor 110, an external memory interface 120, an internal memory 121, an antenna 1, an antenna 2, a mobile communication module 150, a wireless communication module 160, a display screen 194, and a Subscriber Identification Module (SIM) card interface 195, etc.

It is to be understood that the illustrated structure of the embodiment of the present invention does not specifically limit the electronic device 100. In other embodiments of the present application, electronic device 100 may include more or fewer components than shown, or some components may be combined, some components may be split, or a different arrangement of components. The illustrated components may be implemented in hardware, software, or a combination of software and hardware.

Processor 110 may include one or more processing units, such as: the processor 110 may include an Application Processor (AP), a modem processor, a Graphics Processing Unit (GPU), an Image Signal Processor (ISP), a controller, a video codec, a Digital Signal Processor (DSP), a baseband processor, and/or a neural-Network Processing Unit (NPU), etc. The different processing units may be separate devices or may be integrated into one or more processors.

The controller can generate an operation control signal according to the instruction operation code and the timing signal to complete the control of instruction fetching and instruction execution.

A memory may also be provided in processor 110 for storing instructions and data. In some embodiments, the memory in the processor 110 is a cache memory. The memory may hold instructions or data that have just been used or recycled by the processor 110. If the processor 110 needs to reuse the instruction or data, it can be called directly from the memory. Avoiding repeated accesses reduces the latency of the processor 110, thereby increasing the efficiency of the system.

The wireless communication function of the electronic device 100 may be implemented by the antenna 1, the antenna 2, the mobile communication module 150, the wireless communication module 160, a modem processor, a baseband processor, and the like.

Both antennas 1 and 2 may be used to transmit and receive electromagnetic wave signals. Each antenna in the electronic device 100 may be used to cover a single or multiple communication bands. Different antennas can also be multiplexed to improve the utilization of the antennas. For example: the antenna 1 may be multiplexed as a diversity antenna for a wireless local area network, although a separate antenna may be provided for each communication scheme in consideration of simplicity of design and influence of other factors. In other embodiments, the antenna may be used in conjunction with a tuning switch.

The mobile communication module 150 may provide a solution including 2G/3G/4G/5G wireless communication applied to the electronic device 100. The mobile communication module 150 may include at least one filter, a switch, a power amplifier, a Low Noise Amplifier (LNA), and the like. The mobile communication module 150 may receive the electromagnetic wave from the antenna 1, filter, amplify, etc. the received electromagnetic wave, and transmit the electromagnetic wave to the modem processor for demodulation. The mobile communication module 150 may also amplify the signal modulated by the modem processor, and convert the signal into electromagnetic wave through the antenna 1 to radiate the electromagnetic wave. In some embodiments, at least some of the functional modules of the mobile communication module 150 may be disposed in the processor 110. In some embodiments, at least some of the functional modules of the mobile communication module 150 may be disposed in the same device as at least some of the modules of the processor 110.

The wireless communication module 160 may provide a solution for wireless communication applied to the electronic device 100, including Wireless Local Area Networks (WLANs) (e.g., wireless fidelity (Wi-Fi) networks), bluetooth (bluetooth, BT), Global Navigation Satellite System (GNSS), Frequency Modulation (FM), Near Field Communication (NFC), Infrared (IR), and the like. The wireless communication module 160 may be one or more devices integrating at least one communication processing module. The wireless communication module 160 receives electromagnetic waves via the antenna 2, performs frequency modulation and filtering processing on electromagnetic wave signals, and transmits the processed signals to the processor 110. The wireless communication module 160 may also receive a signal to be transmitted from the processor 110, perform frequency modulation and amplification on the signal, and convert the signal into electromagnetic waves through the antenna 2 to radiate the electromagnetic waves.

In some embodiments, antenna 1 of electronic device 100 is coupled to mobile communication module 150 and antenna 2 is coupled to wireless communication module 160 so that electronic device 100 can communicate with networks and other devices through wireless communication techniques. The wireless communication technology may include global system for mobile communications (GSM), General Packet Radio Service (GPRS), code division multiple access (code division multiple access, CDMA), Wideband Code Division Multiple Access (WCDMA), time-division code division multiple access (time-division code division multiple access, TD-SCDMA), Long Term Evolution (LTE), LTE, BT, GNSS, WLAN, NFC, FM, and/or IR technologies, etc. The GNSS may include a Global Positioning System (GPS), a global navigation satellite system (GLONASS), a beidou navigation satellite system (BDS), a quasi-zenith satellite system (QZSS), and/or a Satellite Based Augmentation System (SBAS).

The electronic device 100 implements display functions via the GPU, the display screen 194, and the application processor. The GPU is a microprocessor for image processing, and is connected to the display screen 194 and an application processor. The GPU is used to perform mathematical and geometric calculations for graphics rendering. The processor 110 may include one or more GPUs that execute program instructions to generate or alter display information.

The display screen 194 is used to display images, video, and the like. The display screen 194 includes a display panel. The display panel may adopt a Liquid Crystal Display (LCD), an organic light-emitting diode (OLED), an active-matrix organic light-emitting diode (active-matrix organic light-emitting diode, AMOLED), a flexible light-emitting diode (FLED), a miniature, a Micro-oeld, a quantum dot light-emitting diode (QLED), and the like. In some embodiments, the electronic device 100 may include 1 or N display screens 194, with N being a positive integer greater than 1.

The internal memory 121 may be used to store computer-executable program code, which includes instructions. The internal memory 121 may include a program storage area and a data storage area. The storage program area may store an operating system, an application program (such as a sound playing function, an image playing function, etc.) required by at least one function, and the like. The storage data area may store data (such as audio data, phone book, etc.) created during use of the electronic device 100, and the like. In addition, the internal memory 121 may include a high-speed random access memory, and may further include a nonvolatile memory, such as at least one magnetic disk storage device, a flash memory device, a universal flash memory (UFS), and the like. The processor 110 executes various functional applications of the electronic device 100 and data processing by executing instructions stored in the internal memory 121 and/or instructions stored in a memory provided in the processor.

The SIM card interface 195 is used to connect a SIM card. The SIM card can be brought into and out of contact with the electronic apparatus 100 by being inserted into the SIM card interface 195 or being pulled out of the SIM card interface 195. The electronic device 100 may support 1 or N SIM card interfaces, N being a positive integer greater than 1. The SIM card interface 195 may support a Nano SIM card, a Micro SIM card, a SIM card, etc. The same SIM card interface 195 can be inserted with multiple cards at the same time. The types of the plurality of cards may be the same or different. The SIM card interface 195 may also be compatible with different types of SIM cards. The SIM card interface 195 may also be compatible with external memory cards. The electronic device 100 interacts with the network through the SIM card to implement functions such as communication and data communication. In some embodiments, the electronic device 100 employs esims, namely: an embedded SIM card. The eSIM card can be embedded in the electronic device 100 and cannot be separated from the electronic device 100.

The embodiments of the present specification provide a non-transitory computer-readable storage medium storing computer instructions, which, when executed on a computer, cause the computer to perform the data uploading method and the data downloading method provided by the embodiments shown in fig. 1 to fig. 7 of the present specification.

In the embodiments of the present application, "at least one" means one or more, "a plurality" means two or more. "and/or" describes the association relationship of the associated objects, and means that there may be three relationships, for example, a and/or B, and may mean that a exists alone, a and B exist simultaneously, and B exists alone. Wherein A and B can be singular or plural. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship. "at least one of the following" and similar expressions refer to any combination of these items, including any combination of singular or plural items. For example, at least one of a, b, and c may represent: a, b, c, a and b, a and c, b and c or a and b and c, wherein a, b and c can be single or multiple.

Those of ordinary skill in the art will appreciate that the various elements and algorithm steps described in connection with the embodiments disclosed herein can be implemented as electronic hardware, computer software, or combinations of electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.

It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.

In the several embodiments provided in the present application, any function, if implemented in the form of a software functional unit and sold or used as a separate product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application or portions thereof that substantially contribute to the prior art may be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.

The above description is only for the specific embodiments of the present application, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present disclosure, and all the changes or substitutions should be covered by the protection scope of the present application. The protection scope of the present application shall be subject to the protection scope of the claims.

Claims

1. A data uploading method is applied to electronic equipment and is characterized by comprising the following steps:

acquiring entrance guard data to be uploaded;

responding to the input of a user, and sending a Personal Identification Number (PIN) to a server, wherein the PIN is used for verifying whether the identity of the user is legal or not;

receiving first confirmation information sent by the server, and creating a random factor, wherein the first confirmation information is used for confirming whether the verification of the user identity is successful;

determining a first key based on the PIN and the random factor, and encrypting the access control data to be uploaded based on the first key to obtain a first data ciphertext;

and uploading the first data cipher text and the random factor to the server.

2. The method of claim 1, wherein prior to obtaining the gate inhibition data to be uploaded, the method further comprises:

3. The method of claim 1, wherein the electronic device includes a public signature key, wherein the server includes a private signature key and a second private key, and wherein the method further comprises:

creating a first random number, and sending a secure channel establishment request to the server, wherein the secure channel establishment request comprises the first random number and the signed first certificate;

receiving a second random number, a random number ciphertext and a signed second certificate sent by the server, wherein the second random number is created by the server, the random number ciphertext is obtained by the server after being encrypted by using a second key, and the second key is determined based on the first random number, the second random number, the first public key and the second private key;

obtaining a first private key, and determining a second private key based on the first random number, the second random number, the first private key and the second public key, wherein the first private key and the first public key are a pair of asymmetric public and private keys;

decrypting the random number ciphertext by using the second key to obtain a third random number;

and if the first random number is consistent with the third random number obtained by decryption, establishing a secure channel with the server, and determining that the second key is the session key of the secure channel.

4. The method of claim 3, wherein the encrypting the to-be-uploaded access control data based on the first key to obtain a first data ciphertext comprises:

encrypting the entrance guard data to be uploaded based on the first secret key to obtain a second data ciphertext;

and encrypting the second data ciphertext by using the second key to obtain a first data ciphertext.

5. The method of claim 1, wherein the encrypting the to-be-uploaded access control data based on the first key to obtain a first data ciphertext comprises:

calculating a digest value based on the random factor, and determining an initial vector based on the digest value;

and encrypting the entrance guard data to be uploaded based on the first secret key and the initial vector to obtain a first data ciphertext.

6. A method for downloading data, comprising:

sending a data acquisition request to a server, wherein the data acquisition request is used for acquiring a first data ciphertext;

receiving an encapsulated data packet and a random factor sent by the server, wherein the encapsulated data packet comprises the first data ciphertext;

acquiring a PIN, and determining a first secret key based on the PIN and the random factor;

and decrypting the encapsulated data packet based on the first secret key to obtain the clear text of the access control data.

7. The method of claim 6, wherein the data acquisition request comprises a PIN, and wherein the PIN is used to verify that the identity of the user is legitimate.

8. The method of claim 6, wherein the receiving the encapsulated packet sent by the server comprises:

acquiring a second key;

receiving an encrypted and encapsulated data packet sent by the server;

and decrypting the encrypted and packaged data packet by using the second key to obtain a packaged data packet.

9. The method of claim 6, wherein the encapsulating data packet further comprises executable instructions, and decrypting the encapsulating data packet based on the first key to obtain the clear access control data comprises:

acquiring a first data ciphertext in the encapsulated data packet, and decrypting the first data ciphertext based on the first key to obtain an access control data plaintext;

10. A chip for application in an electronic device, for performing the method of any one of claims 1-9.

11. An electronic device comprising the chip of claim 10.