KR100426048B1 - A safe payment method applying bluetooth protocol - Google Patents

Abstract

It is a short-range wireless communication payment method in which a user refuels his own car at a gas station and pays it by using Bluetooth, which is attracting attention as a standard for short-range wireless communication. After moving to the petrol station, payment and receipt are transmitted through Bluetooth communication with the access pointer installed in the petrol station.

Description

Safe payment method using bluetooth {A safe payment method applying bluetooth protocol}

The present invention relates to a secure payment processing method using Bluetooth, and more particularly, to a method for securely processing payment using Bluetooth communication in a state where a secure piconet is formed using Bluetooth, which is a short range wireless communication technology.

The wireless Internet is connected to the public network (PSTN) or the Internet, and the service goes through a security process. Therefore, wireless internet may cause more problems such as illegal hacking or leakage of personal information than wired internet. Wireless technology used in Korea adopts code division multiple access (CDMA) method, which is somewhat superior in terms of security, but a more secure security module or solution is needed to provide a secure wireless Internet service for users.

The wireless payment sector is also one of the major challenges to be addressed in the wireless Internet. This is because the service itself is difficult if the payment service is not properly supported when buying and selling goods through shopping malls as well as digital information. Payment services are also available through separate payments, payment gateways or systems linked to base stations. Of course, this requires a solution based on a wireless protocol such as WAP. In addition, like cyberspace, various cyber money, such as electronic money and electronic wallet, that can be used in cyberspace, are also required. Furthermore, they have to go through a system integration stage where they have to interlock financial institutions and computer networks, such as banks and credit cards.

The telecom market environment is moving from wired to wireless. In the past, wireless has become increasingly expensive, slow, and unstable in data transmission.

At the moment, Bluetooth is getting the most attention in the wireless multimedia market. The reason why Bluetooth is getting more popular than conventional wireless communication equipment is that it can be connected to each other wirelessly by adding simple and small modules to devices without communication functions. In addition, when the connection is within the range that can communicate with each other wirelessly, the connection is easy, so it is easy to use.

Bluetooth began in 1994 when Ericsson's mobile communications group began researching low-power, low-cost radio interfaces between mobile phones and peripherals, after which Ericsson, Nokia, IBM, Toshiba, Intel, Motorola, and Micro More than 2,000 companies have joined as members of the SIG (Special Internet Group), a leading group of nine companies including Soft, Lucent Technologies and 3Com. In addition, there are about 70 participating companies in Korea. And since the Bluetooth spec released 1.0 in 1999, it is expected to release 2.0 in 2001. Currently, Bluetooth is in the stage of development. Believing in the unlimited potential of Bluetooth, not only domestic companies but also world-class companies are participating. But now Bluetooth needs a lot of complement.

Currently, in order to install and use Bluetooth in existing home appliances, the unit price must be lowered and the short transmission distance must be increased. In addition, although only simple data transmission and voice transmission can be performed, a method of increasing the data transmission amount must be researched and developed for use in a place requiring high speed data transmission such as a video conference.

As Bluetooth is in the early stages of technology, it cannot satisfy everyone's needs. However, just as computers have been transformed from exclusively used in research institutes or public institutions to personal care products that anyone can use conveniently now, Bluetooth is expected to have a great impact on the upcoming advanced multimedia world.

The Bluetooth communication technology, which is attracting attention as a standard for short-range wireless communication, will be described in more detail. Think about what the information and telecommunications industry has developed for. It is freedom, safety, multifunction, simplicity and reliability. One more thing is that it is designed for the Internet industry, the largest industry in the 21st century. In the future, if you can't travel freely on the Internet, the person will be no different from those living on a desert island.

For example, let's take the internet user of a portable PC user. Portable PC with speed up to 1M with 2.4GHz frequency band within 10m / 100m of surrounding area Connection is possible any time as long as there is an external passage such as LAN (802.11, SWAP). Of course, E-mail is also possible, and Bluetooth has its own security functions (key operation, authentication, encryption, etc.) and can be used as a communication medium requiring security such as e-commerce with 1600 frequency leap. .

In the case of using a mobile phone, a handset can be used to call anytime, wherever the phone is located, and can be used as a wireless Internet phone without paying for the office and at home. It can be used as a regular phone (PSTN) and a cell phone (Cellular, PCS), which makes it possible to use three phones in one phone. The applications are endless, and the ideas we haven't thought of before have become possible with Bluetooth.

It is no wonder that low-cost, small, low-power Bluetooth, which provides common interfaces (UART, USB, PCM, PCMCIA, etc.) and connects via ISM open band, has attracted the attention of all electronic developers.

On the other hand, for user protection and information security, the system must provide appropriate security functions for both environments. In other words, each unit in Bluetooth must implement authentication and security algorithms in the same way.

Basic levels of security will be defined and suitable for chip implementations, and authentication algorithms will be provided at a level that does not overwhelm the device for processing capabilities. Future support plans for cryptographic algorithms will support backward compatibility, with the following key security features:

Challenge response routine for authentication

Stream cipher for encryption

Session key generation-session keys can be changed at any time during a connection

The highest level of Bluetooth security is link-level security. Bluetooth developers should consider the security risks of Bluetooth technologies. As a result, Bluetooth security is achieved through authentication and encryption. Authentication is necessary because authentication can reveal the creator of data and messages through eavesdropping.

Bluetooth and security issues can be largely divided into cryptographic algorithms, key management, and authentication protocols. First, you need to create a trusted authentication and connection key that will allow two devices to do an initial communication when they initiate an initial communication. This process is called a pairing process.

For the initial connection, pairing participants require each device to use a Bluetooth security key of up to 128 bits. When two Bluetooth devices communicate, they require authentication and encryption using a key called a link key. Pairing sends and receives a secret shared PIN out-of-band as this process proceeds.

The pairing process is used for key management or key exchange. When Bluetooth security is temporarily used, 128-bit random numbers can be used as a connection key or semi-permanently used between a pair of devices through the same authentication on a pair of devices.

The security mode at the service level also defines the security levels for the services and devices used for users with limited access. This will refer to the service security level.

Authentication and encryption are each performed on a Bluetooth device, which is also a feature for forming networks for special purposes.

Connections are one-way and sometimes one-way, two-way, or do not require authentication. Authentication is based on the challenge response algorithm. Authentication is a very important part of a Bluetooth system. In order for a user to communicate with another user's device, this attempt response allows a reliable connection.

Bluetooth authentication is a preliminary procedure to prove that you have an encryption key before the connection between other devices is encrypted. Connection management results are also used to prevent confusion using different encryption keys.

Encryption is used to keep the connection confidential. Bluetooth, along with the stream cipher algorithm, provides flexibility in key lengths. Key management is provided at a higher software layer, which defines three levels of security for the service.

Authorization request: Authorization for access proceeds and is automatically approved by trusted or untrusted devices. Authorization will always require proof that the authentication from the device is not different.

Authentication requirement: The device must be authenticated before the connection can be made from an application point of view.

Encryption request: This step is a request for an encryption method before access to the service.

This information is recorded in the service database by the security officer and, if not registered, is defined as the general security level. The Bluetooth Specification defines three security modes according to the security type:

Security Mode 1: The device does not have any security procedures.

Security mode 2: The device cannot obtain the security procedure prior to channel establishment at the L2CAP level. This mode allows for heterogeneous and flexible access policies for applications, especially in applications with different security requirements.

Security Mode 3: Devices can have security procedures before LMP level link set-up is complete.

Bluetooth distinguishes between three different levels of reliability between two different devices:

Trusted devices: Bluetooth devices are pre-qualified devices that have been pre-trusted, where the link key is stored and reliability is indicated in the device's database.

Untrusted device: Bluetooth device devices are proven to be reliable and link keys are stored but no trust is indicated in the device's database.

Unknown device: A device that does not contain security information. C. Gamage et al. Proposed a surrogate-signcryption scheme that simultaneously applied the surrogate signature scheme and the proposed signcryption scheme to provide recipient specification. It is configured to entrust the proxy agent, which has a relatively high computation capability, to calculate the signature required when generating a signature in such a way that a user-selected agent can perform a legitimate recipient-specific signature on behalf of itself.

In addition, Bluetooth can be connected to multiple slaves centered on the master. In this case, it is called a piconet. That is, one master in a piconet can simultaneously connect with up to seven slave devices. When a piconet is formed, mutual channels are exchanged. When several piconets are connected to each other, this is called a scarternet.

However, the current security service provided by Bluetooth has not only a weakness due to PIN length, which is a problem in the standard itself, but also a problem that it cannot maintain safety from malicious attacks on the wireless channel.

In addition, piconets based on insecure security services naturally lead to insecure problems. In addition, there is a problem in the practical application for various applications in wireless communication because it is very vulnerable to power consumption attack and eavesdropping attacks when it is extended to scarternet.

Bluetooth, which has been researched as a current short-range wireless communication standard as described above, provides various security services, but has many problems to be practically applied, and has a problem that may greatly affect a user on wireless communication.

An object of the present invention is to provide a secure payment processing method using Bluetooth that can secure the stability of the short-range wireless communication in the actual wireless payment environment.

Another object of the present invention is to provide a payment processing method capable of ensuring the privacy, confidentiality and stability of a user in a protocol related to payment using near field communication.

The secure payment processing method using Bluetooth according to the present invention for achieving this object is characterized by using an ECC (Elliptic Curve Encryption Algorithm) that can reduce the load in consideration of the traffic.

Another feature of the secure payment processing method using Bluetooth according to the present invention is that it uses a non-anonymous group key.

1 is a flowchart illustrating a secure payment processing process using Bluetooth according to the present invention.

Hereinafter, the present invention will be described with reference to the accompanying drawings. First, the requirements of the secure payment method using Bluetooth that can be implemented by the present invention will be described.

First, requirements for transmitting and receiving wireless mobile communication information

① Confidentiality: All information sent and received must be encrypted to prevent illegal information theft by third parties.

② Authentication: Digital signature technique is applied to guarantee that the origin of the message is sent and received and that it is not forged or altered by an illegal third party during transmission.

③ Integrity: Through mutual authentication between each object, the integrity of information between each subject to be paid must be guaranteed.

Second, the requirements for components in Bluetooth

① Effectiveness: The wireless mobile communication uses a wireless terminal that has a relatively low computing power compared to a general network for sending and receiving messages. Therefore, it should be available enough from the user's perspective.

② Verifiability: Forgers and tampering should be impossible even for entities participating in message transmission and reception in wireless mobile communication.

The Bluetooth master and the slave have a certificate that is renewed every 25 hours based on the PIN number and use ECC-based ECDSA signature. The generation of session key K for group key distribution is based on the use of ECDH. Piconet formation through group keys protects each other from unauthorized mobile device fraud in the event of future disputes because authentication of the piconet objects is made. This not only allows the formation and maintenance of secure scarternets when expanding them, but also the authentication of devices for secure payments.

Symbols displayed in the present invention are defined as follows.

* (Notebook: N, Mobile Phone: H, AP: A, Bank: B)

p _* : public key of * based on ECC cryptographic algorithm (p≥128 bits)

q _* : Secret key of * based on ECC cryptographic algorithm (q = aP, P in E (Z _P ))

g, : System coefficients shared by all objects

h _* : Secure hash value generated by *

r _* : pseudorandom number of each corresponding object

T _* : * Timestamp

H (): Secure Hash Algorithm

G: Base Point

EC * A signature value generated by R _* , S _* : *

ID _infor : * Info

EC: Elliptic Curve Cryptographic Algorithm

E: Tolerant Cryptographic Algorithm

S _j : Bluetooth piconet group key signature

TD _* : Data type containing transaction date and time and amount of money as *

Payment Information of PI _* : *

(TD _N ∥ PI _N ) _res : Receipt information about payment

V @ _ # $: Encrypted value transmitted from @ to # encrypted with $ key

1 is a flow chart showing the progress of a secure payment method according to the present invention. The subjects and objects of each process are shown for clarity. The sign used is as follows. The laptop is labeled N, the cell phone is H, the Access Pointer is A, and the bank is B. In the following description, the payment process is performed at a gas station equipped with an AP.

First, the Master generates a secret key Q _N based on the elliptic curve cryptographic algorithm using random random values (r), and then generates its own information (A-1). ) And take a hash (A-2) and return its value with its private key ( To calculate VN_BqN and send it to the bank (A-3).

Q _N = r _N x G. … … … … … … … … … … … (A-1)

h _N = H (Q _N ∥ )… … … … … … … … … … … … (A-2)

VN_BqN = (Q _N ∥ ∥T _N ∥h _N … … … … … … (A-3)

The bank checks the master cryptographic information provided from the master, generates a secret key (B-1) based on the elliptic curve cryptographic algorithm (ECC), and concatenates the bank information with the secret key value. The value (B-2) calculated by the hash function is extracted, and the result value is encrypted (B-3) using an elliptic curve cryptographic algorithm (ECC) and transmitted to the master.

Q _B = r _B × G... … … … … … … … … … (B-1)

h _B = H (Q _B ∥ )… … … … … … … … (B-2)

VB_NqB = (Q _B ∥ ∥T _B ∥h _B )…. … (B-3)

The master checks whether the formula provided by the bank is normal, and if the formula is abnormal, transmits a message requesting to regenerate the legitimate information and the session key information of the slave. To check whether the provided formula is normal, VB_NqB is decrypted with its own private key to check the confidentiality of VB_NqB, and a hash value is generated by concatenating Q _B and ID _info . If h _B 'is (h _B ' = H (Q _B ∥ID _info )) and h _B '= h _B, integrity can be proved. If confidentiality and integrity are abnormal, legitimate information is required. Information transmitted from the master will include information of the piconet to which the current master belongs. Therefore, since this includes information (ID) of which piconet is formed in the master ID _N , it requires slave information, that is, (ID _N ) of the legitimate piconet master.

An Access Pointer (AP) installed at a gas station transmits payment information (C-1) to a cellular phone, which is a slave to the piconet, and switches the usage mode of the cellular phone to a standby mode for responding to the payment information. Generally, mobile devices equipped with Bluetooth operate in seven standby modes. Among them, the sleep mode is a mode that minimizes the power mode. Sleep mode is a mode in which the phone minimizes power when no processing is in progress. When the phone receives payment information, it enters standby mode. In other words, the transition to the standby mode for the payment information response is the conversion of the power mode to the activation state for requesting the payment information, and the mobile phone that recognizes the payment information transmits the payment information to the notebook.

( ∥TD _A )… … … … … … … … … … (C-1)

The mobile phone that has received the payment information transmits VH_NK (C-2) and T _H to the laptop, the master of the piconet.

VH_NK = E _K ( ∥TD _{A ，} R _{H ，} S _H ∥S _j )… … … … … … … (C-2)

The piconet's master notebook decrypts the transmitted VH_NK with a previously shared session key (K) to verify the payment information and the group signature of the transmitted slave.

VH_NK = E _K ( ∥TD _A ∥R _H ∥S _H ∥S _j ) decryption process using previously shared session key K ∥TD _A ∥R _H ∥S _H ∥S _j can be checked and shared in secret beforehand, so after confirming TD _A , the prerequisite is to form a safe piconet. S _j (safe piconet group key) You can check. The decryption formula is the session key (K), VH_NK = E _K ( ∥TD _A ∥ R _H ∥S _H ∥S _j )

Since D _K and E _K cancel out Only remains.

After that, VN_Bχ (C-3) is obtained by using the session key (χ) shared between the bank and the master, and the hashed value (C-4) is obtained from the generated VN_Bχ (C-3), and then shared in advance. VN_HK (C-5) is generated using the session key K, and transmitted to the mobile phone with h _N and T _N.

VN_Bχ = Eχ (TD _N ∥ PI _N ∥ R _N ∥ S _N ∥ T _N )… … … (C-3)

h _N = H (VN_Bχ)... … … … … … … … … … … … … … … (C-4)

_{VN_HK = E K (VN_Bχ∥ h N} ∥R N ∥ S N) ... … … … … … (C-5)

The session key (χ) is a value (χ = r _B × r _N × G) shared between the master notebook and the bank and is used to transmit data including a response value for payment data transmitted from the master to the bank.

The mobile phone receiving VN_HK, h _N , and T _N checks the validity and integrity of the received data, and if so, decrypts the VN_HK with the session key (K). In other words, the VN_Bχ included in the decrypted value has a value encrypted with the session key secretly shared between the notebook and the bank, so that the encrypted value is inserted in the encrypted value to prevent the attacker from knowing the contents. After that, the VN_Bχ is stored in a temporary buffer and then encrypted using the public key of the AP. The encrypted value (C-6) and the hashed value of the value (C-7) are transmitted along with T _H to the AP.

VH_AqH = ECq _H (VN_Bχ)... … … … (C-6)

h _H = H (VH_AqH)... … … … … … … … … … … (C-7)

The AP verifies the integrity by using the received hash value (h _H ) and time stamp (T _H ). Integrity check can verify integrity by decrypting the transmitted VH_Aq _H with its own private key, applying VH_Aq _H to the hash function, and comparing it with the transmitted hash value h _{H. The} time stamp T _H is used for time verification. The confidentiality is verified by decrypting VH_AqH with its private key. Thereafter, VN_Bχ is concatenated with its own signature values (S _A , R _A ) and the VA_BPB (C-8), which is encrypted with the bank's public key (ECp _B ), is transmitted to the bank along with the time stamp (T _A ).

VA_BPB = ECp _B (VN_Bχ ∥ S _A ∥ R _A ). … … … … … … (C-8)

Bank TD _N then decrypted using the session key (χ) was a sure sign value of after decoding the transmitted VA_BPB with his private key AP (S _A, R _A), and a laptop with the bank share VN_Bχ at an early stage Authenticate the notebook by checking the PI _N and the signature of the notebook, save TD _N , PI _N , encrypt it with the session key (χ) that was initially set, and generate VB_Nχ (C-9) The VB_ApA (C-10) encrypted using the AP's public key is transmitted to the AP.

VB_Nχ = Eχ (R _B ∥ S _B ∥ T _B ∥ (TD _N ∥ PI _N ) _res )… … … … (C-9)

VB_ApA = ECp _A (VB_Nχ∥ S _B ∥ R _B ∥ T _B ∥ χ)… … … … … (C-10)

The AP and the notebook decrypt the received VB_ApA and VB_Nχ respectively to authenticate the bank, and the AP checks (TD _N ∥ PI _N ) _res and stores it.

Here, ECDSA signature value is used to authenticate each object in secure payment system protocol using Bluetooth.

As described above, the user rides his own car at the gas station secure payment system. Each object forms a secure payment protocol based on a unique signature and a public and private key that is renewed every 25 hours based on the WPKI certificate.

The technical spirit of the present invention has been described above with reference to the accompanying drawings, which describes exemplary embodiments of the present invention by way of example and does not limit the present invention. In addition, it is obvious that any person with ordinary skill in the art may make various modifications and imitations without departing from the scope of the technical idea of the present invention.

As described above, this aspect attempts to overcome the security weaknesses of the conventional Bluetooth. In addition, the solution is solved using ECC in order to prevent the increase of the calculation amount and the efficiency deterioration in the wireless terminal.It is the most basic payment protocol that can realize M-Commerce as a payment protocol that can be actually applied by the formation of an initial secure piconet. . In addition, with the development of computer networks and mobile communications, it will be possible to provide a wider range of application services, including M-Commerce services, which are needed in the information society.

In such a short range wireless communication environment, the secure payment processing method for confidentiality and authentication is expected to have a great effect in contributing to the development of electronic commerce service and application services.

Claims (2)

The wireless public key certificate and session key (K) are updated every 25 hours. Each master and slave objects share a channel between the mobile devices in a wireless mobile communication system and a plurality of devices form a piconet of Bluetooth around a single master. In the secure payment method using Bluetooth while sharing a secure piconet and sharing a session key (χ) based on an elliptic curve cryptographic algorithm in advance between the piconet's master and the bank: An access pointer (AP) installed at a location for performing payment processing to transmit payment information to a mobile phone that is a slave of the piconet to switch the usage mode of the mobile phone to a standby mode for payment information response; Transmitting a value encrypted by the session key (K) on the basis of the payment information, the unique signature value and the group key signature value, to the master of the piconet in the mobile phone receiving the payment information; Validate the value received from the piconet's master, encrypt it with the session key (χ) shared between the bank and the master, convert it to a secure hash value, and concatenate the generated hash value with the ECDSA signature value generated by the master. Encrypting using the piconet shared session key (K) and transmitting it to the slave mobile phone with a secure hash value and time stamp; Checking the validity of the data received from the slave mobile phone and transmitting the encrypted value of the payment data with the public key of the AP, a hash function of the value, and a timestamp to the AP; The AP receives the information from the mobile phone and checks the validity of each information. The encryption value containing the payment data value is concatenated with its own signature value and encrypted with the bank's public key. Transmitting to; After receiving the encrypted data and the time stamp, the bank decrypts the payment data using the session key (χ) shared between the bank and the master, and encrypts the receipt information about the payment using the session key (χ). And transferring to a laptop; And a step of authenticating the bank by decrypting the encrypted data values in the AP and the notebook, respectively. In secure payment processing using Bluetooth: Forming a session key in advance by the bank and the piconet master; Requesting justification of confidential payment data with the bank through communication with a specific AP; Receiving a group signature value of the piconet from a slave of the piconet; Receiving the payment data response value transmitted from the bank by the corresponding piconet master and the AP at the same time; Verifying confidentiality and integrity of the payment data response value transmitted by the AP and the corresponding piconet master; A method of secure payment processing using Bluetooth, which includes terminating an event when the transmitted data is valid by verifying confidentiality and integrity.