CN114553510A - Service key distribution system, method and readable storage medium - Google Patents
Service key distribution system, method and readable storage medium Download PDFInfo
- Publication number
- CN114553510A CN114553510A CN202210133447.0A CN202210133447A CN114553510A CN 114553510 A CN114553510 A CN 114553510A CN 202210133447 A CN202210133447 A CN 202210133447A CN 114553510 A CN114553510 A CN 114553510A
- Authority
- CN
- China
- Prior art keywords
- key
- service
- encryption
- service key
- management unit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
Abstract
The invention relates to a service key distribution system, a service key distribution method and a readable storage medium. The system comprises: the service key management unit sends a service key application to the encryption machine, receives a service key identifier and applies the encryption key identifier to the encryption key management unit; the encryption key management unit sends an encryption key application to the encryptor, sends the encryption key to the service unit, and sends the encryption key identification to the service key management unit; the encryption machine encrypts the service key based on the encryption key to generate a corresponding service key ciphertext; the service unit can decrypt the service key ciphertext based on the encryption key to obtain a corresponding service key plaintext. The invention also discloses a service key distribution method and a readable storage medium. In the service key distribution system, only the service unit can know the plaintext of the service key, so that the safety of service key distribution and management can be improved.
Description
Technical Field
The invention relates to the technical field of key management, in particular to a service key distribution system, a service key distribution method and a readable storage medium.
Background
A key is a parameter that is input in an algorithm that converts plaintext into ciphertext or converts ciphertext into plaintext. For example, when a bank uses various types of terminal devices to complete a financial transaction, for example: each terminal device of ATM, POS, PINPAD, etc. stores a certain number of service keys (terminal keys) for protecting sensitive information such as PIN of bank card user and ensuring security of data transmission.
At present, each business only needs to relate to a key management system to ensure the security of key storage and transmission. For example, chinese patent publication No. CN107493167A discloses a terminal key distribution system and a terminal key distribution method, where the terminal key distribution system includes an electronic confidential letter platform, a key distributor and a terminal device, the key distributor includes a service processing chip, a security processing chip, built-in hardware, a service processing system and a security processing system, the service processing system is used to verify the validity of an operator, receive external authentication and instruction requests, and send the processing result to the security processing system and operate the built-in hardware, the security processing system is used to implement the secure storage and distribution of a terminal key, and includes a second instruction execution module, and the second instruction execution module is used to authenticate an external access device, manage key storage, reading, distribution, deletion and generate a protection factor.
In the above-mentioned prior art, the service key (terminal key) distribution system generates a service key through the electronic cipher-letter platform, then encrypts the service key through the key distributor to obtain a service key ciphertext, and finally decrypts the service key ciphertext by the service unit (terminal device) to obtain a plaintext of the service key. The existing scheme carries out encryption transmission on the service key, which can ensure the security of service key transmission to a certain extent. However, the service key generated in the existing scheme is stored in plaintext in both the electronic cryptographic function platform and the key distributor, so that an operator with related authority can directly acquire the plaintext of the service key, resulting in that the security of service key distribution is still insufficient. Therefore, how to design a key distribution method capable of improving the security of service key distribution is an urgent technical problem to be solved.
Disclosure of Invention
Aiming at the defects of the prior art, the technical problems to be solved by the invention are as follows: how to provide a service key distribution system, so that only a service unit can know the plaintext of a service key, thereby improving the security of service key distribution and management.
In order to solve the technical problems, the invention adopts the following technical scheme:
a service key distribution system comprises a service unit, a service key management unit, an encryption key management unit and an encryptor;
the service unit is used for applying for a service key from the service key management unit and inputting a service identifier;
the service key management unit is used for sending a service key application and a service identifier to the encryption machine based on the application of the service unit, so that the encryption machine can generate a corresponding service key and a corresponding service key identifier based on the service key application and the service identifier; then receiving the service key identification of the encryption machine and applying for the encryption key identification to an encryption key management unit;
the encryption key management unit is used for sending an encryption key application to the encryptor based on the application of the service key management unit, so that the encryptor can generate a corresponding encryption key and an encryption key identifier based on the encryption key application; then receiving an encryption key and an encryption key identifier of the encryption machine, sending the encryption key to the service unit, and sending the encryption key identifier to the service key management unit, so that the service key management unit can send the service key identifier and the encryption key identifier to the encryption machine;
the encryption machine is used for acquiring a corresponding service key and an encryption key based on the service key identification and the encryption key identification, and encrypting the service key based on the encryption key to generate a corresponding service key ciphertext; then, the business key ciphertext is sent to a business key management unit, so that the business key management unit can send the business key ciphertext to a business unit;
the service unit can decrypt the service key ciphertext based on the encryption key to obtain a corresponding service key plaintext.
Preferably, the service unit includes a service module for applying for a service key, a key storage module for storing an encryption key, and an encryption/decryption module for decrypting a service key ciphertext based on the encryption key.
Preferably, the service key management unit includes a first identity authentication module for verifying the identity of the service key operator, and a first key service module for sending a service key application.
Preferably, the encryption key management unit includes a second identity authentication module for verifying the identity of the operator of the encryption key, and a second key service module for sending the application for the encryption key.
Preferably, the encryption machine includes an encryption key management module for storing an encryption key, a service key management module for storing a service key, and an encryption service module for encrypting the service key based on the encryption key to generate a corresponding service key ciphertext.
The invention also discloses a service key distribution method, which is implemented based on the service key distribution system of the invention and comprises the following steps:
s1: the service unit applies for a service key from the service key management unit and inputs a service identifier; the service key management unit sends a service key application and a service identifier to the encryption machine based on the application of the service unit;
s2: the encryption machine generates a corresponding service key and a corresponding service key identifier based on the service key application and the service identifier, stores the service key, and sends the service key identifier to the service key management unit; the service key management unit receives the service key identification and applies for the encryption key identification to the encryption key management unit; the encryption key management unit sends an encryption key application to the encryptor based on the application of the service key management unit;
s3: the encryption machine generates a corresponding encryption key and an encryption key identifier based on the encryption key application, stores the encryption key, and sends the encryption key and the encryption key identifier to the encryption key management unit; the encryption key management unit sends the encryption key to the service unit and sends the encryption key identification to the service key management unit; the service key management unit sends the service key identification and the encryption key identification to the encryption machine;
s4: the encryption machine acquires a corresponding service key and an encryption key based on the service key identifier and the encryption key identifier, encrypts the service key based on the encryption key to generate a corresponding service key ciphertext, and then sends the service key ciphertext to the service key management unit; the service key management unit sends the service key ciphertext to the service unit;
s5: and the service unit decrypts the service key ciphertext based on the encryption key to obtain a corresponding service key plaintext.
The invention also discloses a readable storage medium on which a computer management class program is stored, wherein the computer management class program realizes the steps of the service key distribution method when being executed by a processor.
Compared with the prior art, the service key distribution system of the invention has the following beneficial effects:
in the invention, the service key (plaintext) is generated by the encryption machine and then stored in the encryption machine, so that both the service key management unit and the encryption key management unit cannot acquire the plaintext of the service key; meanwhile, the encryption machine encrypts the service key by generating the encryption key to generate a service key ciphertext and respectively sends the service key ciphertext to the service key management unit and the encryption key management unit, so that the service key management unit and the encryption key management unit cannot simultaneously acquire two data, namely the encryption key and the service key ciphertext, namely decryption of the service key ciphertext cannot be realized, the service key plaintext cannot be acquired, and finally, only the service unit can decrypt the service key ciphertext based on the encryption key to obtain the corresponding service key plaintext, namely, only the service unit can know the service key plaintext, thereby improving the security of service key distribution and management.
Secondly, the encryption machine of the invention acquires the corresponding service key and encryption key through the service key identifier and encryption key identifier, and further encrypts and generates the corresponding service key ciphertext, so that the service key management unit can only acquire the two kinds of ID information of the service key identifier and the encryption key identifier, but cannot acquire the service key encrypted by the encryption machine through which encryption key, namely cannot acquire the corresponding relation between the encryption key and the service key ciphertext, and cannot acquire an effective encryption key to decrypt the service key ciphertext to acquire the service key plaintext, thereby further improving the security of service key distribution and management.
Drawings
For purposes of promoting a better understanding of the objects, aspects and advantages of the invention, reference will now be made in detail to the present invention as illustrated in the accompanying drawings, in which:
fig. 1 is a logic block diagram of a service key distribution system.
Detailed Description
The following is further detailed by way of specific embodiments:
the first embodiment is as follows:
the embodiment discloses a service key distribution system.
As shown in fig. 1, the service key distribution system includes a service unit, a service key management unit, an encryption key management unit, and an encryptor;
the service unit is configured to apply for a service key from the service key management unit and input a service identifier (where the identifier refers to an identity identifier, that is, a service ID);
a service key management unit, configured to send a service key application and a service identifier to the encryptor based on the application of the service unit, so that the encryptor can generate a corresponding service key and a corresponding service key identifier (where the identifier refers to an identity identifier, that is, a service key ID) based on the service key application and the service identifier; then receiving the service key identification of the encryption machine, and applying for the encryption key identification (the identification refers to an identity identification number, namely an encryption key ID) to an encryption key management unit;
the encryption key management unit is used for sending an encryption key application to the encryptor based on the application of the service key management unit, so that the encryptor can generate a corresponding encryption key and an encryption key identifier based on the encryption key application; then receiving an encryption key and an encryption key identifier of the encryption machine, sending the encryption key to the service unit, and sending the encryption key identifier to the service key management unit, so that the service key management unit can send the service key identifier and the encryption key identifier to the encryption machine;
the encryption machine is used for acquiring a corresponding service key and an encryption key based on the service key identification and the encryption key identification, and encrypting the service key based on the encryption key to generate a corresponding service key ciphertext; then, the business key ciphertext is sent to a business key management unit, so that the business key management unit can send the business key ciphertext to a business unit;
the service unit can decrypt the service key ciphertext based on the encryption key to obtain a corresponding service key plaintext.
In the invention, the service key (plaintext) is generated by the encryption machine and then stored in the encryption machine, so that both the service key management unit and the encryption key management unit cannot acquire the plaintext of the service key; meanwhile, the encryption machine encrypts the service key by generating the encryption key to generate a service key ciphertext and respectively sends the service key ciphertext to the service key management unit and the encryption key management unit, so that the service key management unit and the encryption key management unit cannot simultaneously acquire two data, namely the encryption key and the service key ciphertext, namely decryption of the service key ciphertext cannot be realized, the service key plaintext cannot be acquired, and finally, only the service unit can decrypt the service key ciphertext based on the encryption key to obtain the corresponding service key plaintext, namely, only the service unit can know the service key plaintext, thereby improving the security of service key distribution and management.
Secondly, the encryption machine of the invention acquires the corresponding service key and encryption key through the service key identifier and encryption key identifier, and further encrypts and generates the corresponding service key ciphertext, so that the service key management unit can only acquire the two kinds of ID information of the service key identifier and the encryption key identifier, but cannot acquire the service key encrypted by the encryption machine through which encryption key, namely cannot acquire the corresponding relation between the encryption key and the service key ciphertext, and cannot acquire an effective encryption key to decrypt the service key ciphertext to acquire the service key plaintext, thereby further improving the security of service key distribution and management.
In a specific implementation process, the service unit includes a service module for applying for a service key, a key storage module for storing an encryption key, and an encryption/decryption module for decrypting a service key ciphertext based on the encryption key.
In a specific implementation process, the service key management unit comprises a first identity authentication module used for verifying the identity of a service key operator and a first key service module used for sending a service key application. The operation safety can be further improved by the mode of verifying the identity of the service key operator.
In a specific implementation process, the encryption key management unit comprises a second identity authentication module used for verifying the identity of an encryption key operator and a second key business module used for sending an encryption key application. The safety of the operation can be further improved by the mode of verifying the identity of the encryption key operator.
In a specific implementation process, the encryption machine comprises an encryption key management module for storing an encryption key, a service key management module for storing a service key, and an encryption service module for encrypting the service key based on the encryption key to generate a corresponding service key ciphertext.
The second embodiment:
the embodiment discloses a service key distribution method.
A service key distribution method is implemented based on the service key distribution system of the invention, and comprises the following steps:
s1: the service unit applies for a service key from the service key management unit and inputs a service identifier; the service key management unit sends a service key application and a service identifier to the encryption machine based on the application of the service unit;
s2: the encryption machine generates a corresponding service key and a corresponding service key identifier based on the service key application and the service identifier, stores the service key, and sends the service key identifier to the service key management unit; the service key management unit receives the service key identification and applies for the encryption key identification to the encryption key management unit; the encryption key management unit sends an encryption key application to the encryptor based on the application of the service key management unit;
s3: the encryption machine generates a corresponding encryption key and an encryption key identifier based on the encryption key application, stores the encryption key, and sends the encryption key and the encryption key identifier to the encryption key management unit; the encryption key management unit sends the encryption key to the service unit and sends the encryption key identification to the service key management unit; the service key management unit sends the service key identification and the encryption key identification to the encryption machine;
s4: the encryption machine acquires a corresponding service key and an encryption key based on the service key identifier and the encryption key identifier, encrypts the service key based on the encryption key to generate a corresponding service key ciphertext, and then sends the service key ciphertext to the service key management unit; the service key management unit sends the service key ciphertext to the service unit;
s5: and the service unit decrypts the service key ciphertext based on the encryption key to obtain a corresponding service key plaintext.
It should be noted that the service key distribution method of the present invention can generate corresponding software codes or software services in a program programming manner, and can further be run and implemented on a server and a computer.
In the invention, the service key (plaintext) is generated by the encryption machine and then stored in the encryption machine, so that both the service key management unit and the encryption key management unit cannot acquire the plaintext of the service key; meanwhile, the encryption machine encrypts the service key by generating the encryption key to generate a service key ciphertext and respectively sends the service key ciphertext to the service key management unit and the encryption key management unit, so that the service key management unit and the encryption key management unit cannot simultaneously acquire two data, namely the encryption key and the service key ciphertext, namely decryption of the service key ciphertext cannot be realized, the service key plaintext cannot be acquired, and finally, only the service unit can decrypt the service key ciphertext based on the encryption key to obtain the corresponding service key plaintext, namely, only the service unit can know the service key plaintext, thereby improving the security of service key distribution and management.
Secondly, the encryption machine of the invention acquires the corresponding service key and encryption key through the service key identifier and encryption key identifier, and further encrypts and generates the corresponding service key ciphertext, so that the service key management unit can only acquire the two kinds of ID information of the service key identifier and the encryption key identifier, but cannot acquire the service key encrypted by the encryption machine through which encryption key, namely cannot acquire the corresponding relation between the encryption key and the service key ciphertext, and cannot acquire an effective encryption key to decrypt the service key ciphertext to acquire the service key plaintext, thereby further improving the security of service key distribution and management.
Example three:
disclosed in the present embodiment is a readable storage medium.
A readable storage medium, on which a computer management class program is stored, which when executed by a processor implements the steps of the service key distribution method of the present invention. The readable storage medium can be a device with readable storage function such as a U disk or a computer.
Finally, it should be noted that the above embodiments are only used for illustrating the technical solutions of the present invention and not for limiting the technical solutions, and those skilled in the art should understand that modifications or equivalent substitutions can be made on the technical solutions of the present invention without departing from the spirit and scope of the technical solutions, and all that should be covered by the claims of the present invention.
Claims (7)
1. A service key distribution system is characterized by comprising a service unit, a service key management unit, an encryption key management unit and an encryptor;
the service unit is used for applying for a service key from the service key management unit and inputting a service identifier;
the service key management unit is used for sending a service key application and a service identifier to the encryption machine based on the application of the service unit, so that the encryption machine can generate a corresponding service key and a corresponding service key identifier based on the service key application and the service identifier; then receiving the service key identification of the encryption machine and applying for the encryption key identification to an encryption key management unit;
the encryption key management unit is used for sending an encryption key application to the encryptor based on the application of the service key management unit, so that the encryptor can generate a corresponding encryption key and an encryption key identifier based on the encryption key application; then receiving an encryption key and an encryption key identifier of the encryption machine, sending the encryption key to the service unit, and sending the encryption key identifier to the service key management unit, so that the service key management unit can send the service key identifier and the encryption key identifier to the encryption machine;
the encryption machine is used for acquiring a corresponding service key and an encryption key based on the service key identification and the encryption key identification, and encrypting the service key based on the encryption key to generate a corresponding service key ciphertext; then, the business key ciphertext is sent to a business key management unit, so that the business key management unit can send the business key ciphertext to a business unit;
the service unit can decrypt the service key ciphertext based on the encryption key to obtain a corresponding service key plaintext.
2. A service key distribution system according to claim 1, wherein: the service unit comprises a service module for applying a service key, a key storage module for storing an encryption key, and an encryption and decryption module for decrypting a service key ciphertext based on the encryption key.
3. A service key distribution system according to claim 1, wherein: the service key management unit comprises a first identity authentication module used for verifying the identity of a service key operator and a first key service module used for sending a service key application.
4. A service key distribution system according to claim 1, wherein: the encryption key management unit comprises a second identity authentication module used for verifying the identity of an encryption key operator and a second key business module used for sending an encryption key application.
5. A service key distribution system according to claim 1, wherein: the encryption machine comprises an encryption key management module for storing an encryption key, a service key management module for storing a service key, and an encryption service module for encrypting the service key based on the encryption key to generate a corresponding service key ciphertext.
6. A method for distributing service keys, characterized by: the implementation based on the service key distribution system of claim 1, comprising the following steps:
s1: the service unit applies for a service key from the service key management unit and inputs a service identifier; the service key management unit sends a service key application and a service identifier to the encryption machine based on the application of the service unit;
s2: the encryption machine generates a corresponding service key and a corresponding service key identifier based on the service key application and the service identifier, stores the service key, and sends the service key identifier to the service key management unit; the service key management unit receives the service key identification and applies for the encryption key identification to the encryption key management unit; the encryption key management unit sends an encryption key application to the encryptor based on the application of the service key management unit;
s3: the encryption machine generates a corresponding encryption key and an encryption key identifier based on the encryption key application, stores the encryption key, and sends the encryption key and the encryption key identifier to the encryption key management unit; the encryption key management unit sends the encryption key to the service unit and sends the encryption key identification to the service key management unit; the service key management unit sends the service key identification and the encryption key identification to the encryption machine;
s4: the encryption machine acquires a corresponding service key and an encryption key based on the service key identifier and the encryption key identifier, encrypts the service key based on the encryption key to generate a corresponding service key ciphertext, and then sends the service key ciphertext to the service key management unit; the service key management unit sends the service key ciphertext to the service unit;
s5: and the service unit decrypts the service key ciphertext based on the encryption key to obtain a corresponding service key plaintext.
7. A readable storage medium, having stored thereon a computer management class program which, when executed by a processor, implements the steps of the traffic key distribution method according to claim 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210133447.0A CN114553510B (en) | 2022-02-14 | 2022-02-14 | Service key distribution system, method and readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210133447.0A CN114553510B (en) | 2022-02-14 | 2022-02-14 | Service key distribution system, method and readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114553510A true CN114553510A (en) | 2022-05-27 |
| CN114553510B CN114553510B (en) | 2022-11-04 |
Family
ID=81674586
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210133447.0A Active CN114553510B (en) | 2022-02-14 | 2022-02-14 | Service key distribution system, method and readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114553510B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120159173A1 (en) * | 2010-12-21 | 2012-06-21 | General Instrument Corporation | Service key delivery system |
| CN109921902A (en) * | 2019-03-22 | 2019-06-21 | 阿里巴巴集团控股有限公司 | A kind of key management method, safety chip, service server and information system |
| CN111245597A (en) * | 2020-01-17 | 2020-06-05 | 众安信息技术服务有限公司 | Key management method, system and equipment |
| CN111327637A (en) * | 2020-03-10 | 2020-06-23 | 时时同云科技(成都)有限责任公司 | Service key management method and system |
| CN111818032A (en) * | 2020-06-30 | 2020-10-23 | 腾讯科技(深圳)有限公司 | Data processing method and device based on cloud platform and computer program |
| CN112565281A (en) * | 2020-12-09 | 2021-03-26 | 北京深思数盾科技股份有限公司 | Information processing method, server and system of service key |
| CN113613214A (en) * | 2021-08-31 | 2021-11-05 | 重庆长安汽车股份有限公司 | In-vehicle message authentication key management method and readable storage medium |
-
2022
- 2022-02-14 CN CN202210133447.0A patent/CN114553510B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120159173A1 (en) * | 2010-12-21 | 2012-06-21 | General Instrument Corporation | Service key delivery system |
| CN109921902A (en) * | 2019-03-22 | 2019-06-21 | 阿里巴巴集团控股有限公司 | A kind of key management method, safety chip, service server and information system |
| CN111245597A (en) * | 2020-01-17 | 2020-06-05 | 众安信息技术服务有限公司 | Key management method, system and equipment |
| CN111327637A (en) * | 2020-03-10 | 2020-06-23 | 时时同云科技(成都)有限责任公司 | Service key management method and system |
| CN111818032A (en) * | 2020-06-30 | 2020-10-23 | 腾讯科技(深圳)有限公司 | Data processing method and device based on cloud platform and computer program |
| CN112565281A (en) * | 2020-12-09 | 2021-03-26 | 北京深思数盾科技股份有限公司 | Information processing method, server and system of service key |
| CN113613214A (en) * | 2021-08-31 | 2021-11-05 | 重庆长安汽车股份有限公司 | In-vehicle message authentication key management method and readable storage medium |
Non-Patent Citations (1)
| Title |
|---|
| 高益等: "移动多媒体广播业务中的密钥保护", 《广播电视信息(上半月刊)》 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114553510B (en) | 2022-11-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20240127213A1 (en) | System and method for secure communication in a retail environment | |
| US9705672B2 (en) | Key management method and system | |
| US5805712A (en) | Apparatus and method for providing secured communications | |
| US9948624B2 (en) | Key downloading method, management method, downloading management method, device and system | |
| CN1985466B (en) | Method of delivering direct proof private keys in signed groups to devices using a distribution CD | |
| US7353385B2 (en) | Authentication system, authentication method, authentication apparatus, and authentication method therefor | |
| RU2584500C2 (en) | Cryptographic authentication and identification method with real-time encryption | |
| US8953805B2 (en) | Authentication information generating system, authentication information generating method, client apparatus, and authentication information generating program for implementing the method | |
| US20230368194A1 (en) | Encryption method and decryption method for payment key, payment authentication method, and terminal device | |
| US6988198B1 (en) | System and method for initializing operation for an information security operation | |
| CN106953732B (en) | Key management system and method for chip card | |
| CN112565265B (en) | Authentication method, authentication system and communication method between terminal devices of Internet of things | |
| CN108460597B (en) | Key management system and method | |
| JP2003044436A (en) | Authentication processing method, information processor, and computer program | |
| CN112685786A (en) | Financial data encryption and decryption method, system, equipment and storage medium | |
| TWI476629B (en) | Data security and security systems and methods | |
| CN110601836B (en) | Key acquisition method, device, server and medium | |
| CN114553510B (en) | Service key distribution system, method and readable storage medium | |
| CN113239343B (en) | Encryption method for internal authentication, smart card, internal authentication method and card reader | |
| CN112436937B (en) | Radio frequency tag initialization key distribution system and method | |
| CN112787996B (en) | Password equipment management method and system | |
| CN111988330B (en) | Information security protection system and method based on white-box encryption in distributed system | |
| CN111542050B (en) | TEE-based method for guaranteeing remote initialization safety of virtual SIM card | |
| JP2902087B2 (en) | Electronic signature method using IC card | |
| JP3436476B2 (en) | How to change the encryption key for authentication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |