KR20040062224A - A method and its system of publishing and selling digital instant lottery - Google Patents

Abstract

PURPOSE: A method and a system for issuing/selling a digital instant lottery are provided to maximize the reliability of the digital instant lottery ticket by fundamentally blocking a probability for injustice of a system operator. CONSTITUTION: An agent server(2) generates a title part of the lottery ticket, manages an account of a buyer member(6), certifies the buyer member, sells the lottery ticket exposing the title part, and performs a financial transaction such as lottery ticket price settlement and prize payment with the buyer member. A mapping server(1) generates/manages a combined part that is the information combining the title part and a prize part of the lottery ticket. A prize server(3) generates the prize part of the lottery ticket and produces a drawing result of the sold lottery ticket. The buyer member connects to the server by using a PC, a wireless communication terminal, or a PDA(Personal Digital Assistant).

Description

A method and its system of publishing and selling digital instant lottery}

The present invention relates to a digital instant lottery, in which the winning prize is determined at the time of issuance, the winning result is immediately recognized, the digital prize is generated and stored in a digital record format by a computer, and traded through a network such as the Internet or wireless communication. With the development of networks such as e-commerce, many fields of life are rapidly becoming online, and in particular, the fields such as securities trading and lottery, which do not need to be delivered, are moving toward full digitalization. Instant lotteries are virtually impossible due to the nature of stripping the surface of a lottery ticket and finding the winning result, and digital instant lotteries are not yet common due to various technical issues. However, the lottery, especially the instant lottery, is in urgent need of digitization, considering the characteristics of online users who prefer the instantaneous cost and instantaneous lottery.

Conventional techniques for digital instant lottery show that one entity creates and operates a lottery database (DB), but the entity that created the lottery encrypts the lottery and then decrypts the two. And encrypted lottery tickets are separately stored and operated.

However, such techniques have a fatal flaw that at least one individual learns the winning information of the issued lottery, which cannot be solved by security policies such as encryption. Although the primitive issuer of the lottery who knows the winning information is a trustworthy organization and the publication process is logically fair, it is difficult for the public to wash away the ultimate distrust of the proceedings beyond view. In reality, winning information in a lottery may be unfairly used by a system administrator, and if the program developer of the lottery system improperly codes a small part of a large amount of source code, it is not easy to detect this.

The present invention aims to solve the problem of the instant lottery system trust raised by the lottery issuer to recognize the winning information of the lottery.

Another object of the present invention is to maximize the user convenience, such as lightweight client-side software while maintaining multiple security of the instant lottery system.

Another object of the present invention is to securely and efficiently authenticate various types of user identity in an instant lottery system under a distributed network environment.

It is another object of the present invention to enable buyers to purchase various lottery tickets.

1 is a schematic diagram of a system between individuals according to the present invention;

Figure 2 is a schematic diagram of the result of winning between multiple servers according to the present invention;

3 is a block diagram of a hash value column digital signature according to the present invention;

4 is a distributed generation configuration diagram of lottery records by three individuals according to the present invention;

5 is a distributed generation configuration diagram of lottery records by two individuals according to the present invention;

6 is a block diagram of the distribution of lottery records generated by two entities and encryption according to the present invention;

7 is a block diagram of the distribution of lottery records by three entities and encryption according to the present invention;

8 is a schematic diagram of a database for selling lottery tickets according to the present invention;

9 is a block diagram of ownership and winning ticket records according to the present invention;

10 is a flowchart of purchase and winning of the lottery ticket according to the present invention.

[Hashing] In the present invention, a hash value is digitally signed for confidentiality, integrity, and nonrepudiation of a multifield record. Since the hash function is an on-way function, it is impossible to recover the original text only with the hash value, and once a digital signature of the hash value is issued, no one can forge the original text. Representative hash functions include 'MD5' and 'SHA-1'. The hash value of MD5 is 128 bits long and SHA-1 is 160 bits long. Although embodiments of the present invention use SHA-1 as a hash function, other hash functions, including MD5, may be used as long as they are cryptographically secure, or they may be mixed or combined.

[Electronic Signature] In the embodiment of the present invention, an asymmetric key type digital signature is used, and the electronic signature specifically refers to the 'electronic signature with the original text attached', and the digital signature without the original text is referred to as the 'digital signature of the hash value'. Specify it.

[Encryption] Encryption methods include symmetric key method and asymmetric key method. The symmetric key method is about 1000 times faster than the asymmetric key method, and the 80-bit symmetric key method is similar in security strength to the 1024-bit public key method. On the other hand, the symmetric key scheme has a problem in key distribution, and the asymmetric key scheme has a merit that it can be used for digital signature. Therefore, in the present invention, individual lottery records are based on a symmetric key method, and asymmetric key method is used for transmission between objects, but when transmitting a large number of messages, a session key is generated and then a message is encrypted and transmitted as a session key. The session key itself uses a hybrid method of encrypting and transmitting the asymmetric key method.

In the present invention, each lottery is a lottery number corresponding to the prize money even if no one knows the prize money or knows the prize money, unless the record is divided into two or more parts and all the pieces of information are combined. Distributed information is created and managed in two or more independent servers so that the information of the lottery cannot be found. Therefore, the instant lottery system according to the present invention has a distributed network structure, and the client has an authentication system that can authenticate identity to a plurality of servers with a single sign-on. A single login eliminates the need to repeatedly enter your identity (ID and password), which is convenient on the server and client side as well as the relatively small chance of a password being compromised. In addition, in the instant lottery system according to the present invention, the server other than the agent server (header generator) is an automated tool for enhancing the reliability and security of the system. It is desirable not to keep.

The core of the Kerberos authentication scheme is that the client connects to the Kerberos Server, enters an ID and password, authenticates the identity, and then the Kerberos Server authenticates the client's ID and network address (IP address). And issuing a ticket containing the current timestamp information to the client, the client is presented with the ticket to the destination server to complete identity verification and receive service.

In the digital lottery, a ticket containing a lottery number and unique information of the buyer is issued to prove the ownership of the purchased lottery to the buyer. Therefore, the combination of a ticket for proof of ownership of the purchased lottery ticket and a Kerberos type ticket for identification is a legitimate outcome, which is one of the core technical ideas of the present invention. In this invention, client identity authentication is accomplished by login or e-mail, for convenience of discussion only the login is mentioned here and will be detailed later. In addition, the ticket issued by the server is specifically divided into an ownership ticket and a winning ticket, but for convenience of discussion, the two types of tickets are not distinguished.

2 is a configuration diagram in which the client 6 sequentially accesses a plurality of servers to derive a winning result. According to the core idea of the present invention, two or more servers may be used, but FIG. 2 includes three servers of an authentication server (agent server 2), a mapping server (1), and a prize server (3). have.

Step 901: The client connects to the authentication server, logs in, and purchases a lottery ticket.

Step 902: The authentication server issues a 'first ticket' containing the header of the purchased lottery and the authentication information of the client. The authentication information includes a client ID, a network address, and a valid time. The network address and validity time are encrypted so that only the specified server can see it, and the ticket is digitally signed.

Step 903: The client connects to the mapping server and presents the initial ticket.

Step 904: The mapping server verifies the digital signature and decrypts the encrypted authentication information. Only when the validity period included in the ticket has not expired and the network address of the client included in the ticket matches the actual address of the client, partial lottery information managed by the ticket is added to issue the 'intermediate ticket'.

Step 905: The client connects to a prize server and presents the intermediate ticket.

Step 906: The prize server verifies the digital signature and decrypts the encrypted authentication information. If the validity period included in the ticket has not expired and the network address of the client included in the ticket matches the actual address of the client, the result of the winning is derived, the partial lottery information managed by the ticket is added, and the result of the winning is added. The final ticket is issued and issued.

Step 907: If the final ticket is won, the client connects to the authentication server and receives the winning money.

[System Configuration] Fig. 1 is a block diagram of a digital instant lottery system according to a representative embodiment of the present invention.

Three distributed servers and multiple users (or buyers) are connected through the network. The three servers are each an agent server 2, a mapping server 1, and a prize server 3, which are separated from each other and operate independently. The agent server 2 generates the title section 121 of the lottery when the lottery is issued, manages the buyer member account when the lottery is sold, authenticates the buyer's identity, sells the lottery with only the title, and pays the lottery bill. Financial transactions, such as lottery winnings, are made with the buyer. Since the unit price of the lottery is a small amount, for the convenience of the transaction, the purchase member may deposit a certain amount or more in advance, and may make various payments such as electronic money, credit card, and bank transfer to the payment broker 4. Although it is common to use a payment broker for secure transactions and operational convenience on the network, the present invention does not discuss a known payment system for convenience of discussion. In response to the widely used payment methods such as electronic money, the lottery transaction method that does not require a member account and payment is also supported.

The mapping server 1 generates and maintains the combining unit 111 that is the combined information of the title and the prize pool of the lottery, and the prize server 3 generates the prize units 131 and 132 of the lottery, and the winning result of the purchased lottery is Finally derived from the prize server. Mapping servers and prize servers are automated servers that provide only a few formalized services, unlike agent servers that must provide various types of services.

The idea is that an agent server is an Internet service company that specializes in sales, user services, marketing and events, a mapping server is an authorized certification body that specializes in security and encryption, represents the public interest, and a prize server is a lottery issuer. It can be said that it is an example suitable for.

The above servers install a firewall 5 between the external network and the system to protect the internal system from unauthorized access, and to install the necessary facilities or perform procedures to ensure the access control and integrity of the database and the system. Examples include access control, system monitoring / reporting, system administrator authorization, and disaster preparedness.

Buyers 6 connect to the servers using a terminal such as a PC, a wireless communication terminal, or a PDA.

Each server must exchange the public key in advance for the transmission of encrypted messages and digital signatures. The public key is usually issued by a specialized certification authority and the public key of each server must also be disclosed to buyers.

Information that must be kept confidential during communication between entities must be encrypted and digital signatures must be used for message integrity or nonrepudiation. Although the present invention specifies encryption and digital signatures at the application level when necessary, it does not preclude the use of general-purpose security protocols such as Socket Security Layer (SSL) based on TCP / IP.

[Electronic Signature of Hash Value Column] The part records of the lottery, such as the title part, the combining part and the prize part, are called 'pair records' to emphasize the associability. Each pair record is generated by the number of copies of the lottery, and all pair records are digitally signed to disclose their hash values, thereby achieving confidentiality from the creator of the pair record, denial of the digital signature, and counterfeiting of entities other than the digital signature. .

3 is a procedure for digitally signing and issuing hash values of a plurality of pair records. Each pair record 311 is composed of two or more fields and is generated by the number of tickets (N) of the lottery to form a 'pair record row 31' database and is not disclosed to the creators other than the creator. The next step is to calculate the hash value 312 of each pair of records to temporarily create a 'hash value column 32'. Each hash value in the hash column itself serves as an identification key, and the indexing position in the hash column is not secure or operational. In the next step, the hash value strings are arranged in sequence and then digitally signed (33) and issued. Here, 'issuance' means disclosure to non-producers and broadly includes lottery buyers, but is limited to lottery servers in this embodiment of the invention.

In the lottery's sales flow, each individual encounters various types of lottery tickets (ownership tickets, first prize tickets, intermediate prize tickets, final prize tickets, etc.), and there are at least one pair of records in the lottery tickets. At this time, each entity must check the integrity of the pair record that is not created by itself. The procedure is as follows. Calculate the hash value of a pair record and then search for the hash value in a previously published 'hash value column'. The hash value columns are ordered so that you can quickly search them using binary search. If the search matches, the pair record is considered valid.

The probability that any data will be a valid pair record is N / 2 ^M (M is the bit length of the hash value, N is the number of copies of the lottery). Therefore, the hash function should be selected in consideration of the number of lottery tickets. If you use SHA-1 (the hash value is 160-bits long) as the hash function and the number of lottery tickets is 1 million, then the probability that any data becomes a valid pair record is about 1 / 1,460,000,000,000,000,000,000,000,000,000,000,000,000,000.

[Distributed Generation of Lottery Records] One of the key technical ideas of the present invention is to generate lottery records in a distributed manner so that no one can know the prize information. The mutual coupling of the generated partial records is based on the digital signature of the hash value column described above. Guaranteed.

4 is a block diagram in which 3 entities distribute and generate lottery records. The procedure is as follows.

Step 1: The mapping server (1) generates a plurality of different heading identifiers (IT) 1002 and a plurality of different prize money identifiers (IP, 1003) to give the heading identifier to the heading generator 2, the prize money identifier. Is transmitted to the prize server 3, and then the heading identifier and the prize identifier are randomly combined to generate a plurality of combining portions 111, and the hash value column of the combining portion is digitally signed (211).

Step 2: The title generator generates a plurality of titles 121 by randomly combining the lottery number 1001 and the title identifier, and digitally signs (211) the hash value column of the title.

Step 3: The prize money generator randomly combines the prize money identifier and the prize money information 1004 to generate a plurality of prize money parts 131, and digitally signs (231) the hash value column of the money money part.

FIG. 5 is a simplified form of a lottery identifier 1008 similar to that of FIG. 4 but with the same heading identifier and winning prize identifier, and FIG. 6 is similar to FIG. It is a block diagram to separate and store. 6 is a configuration diagram in which three entities encrypt the prize information to generate a lottery record, which will be described in detail below.

Issuance of Lottery

[Combination section generation] The mapping server 1 randomly generates different title heading identifiers 1002 and different prize heading identifiers 1003 by the number N of lottery tickets, respectively. The identifiers must have a fairly long bit length so that the probability that any number belongs to the identifier sets should be cryptographically low. The mapping server randomly combines the title identifier and the prize identifier to generate a combiner 111 (311).

The mapping server digitally signs and encrypts the hash value column 211 of the combiner and transmits it to the title generator and the prize server respectively (312), and electronically signs and encrypts the title identifier to the title creator (313), and sends the prize identifier to the title generator. The digital signature is encrypted and transmitted to the prize server (314). In FIG. 4, the public area 7 specifically refers to each server.

[Header Generation] The heading generator decrypts the hash value column and the heading identifier of the binding part sent by the mapping server, checks the digital signature, and keeps the electronic signature heading identifier. Next, the title generator generates a plurality of titles 121 by randomly combining the lottery number 1001 and the title identifiers (321). The title generator digitally signs and encrypts the hash value column of the header and transmits it to the mapping server and the prize server, respectively (322).

[Generation of prize money] The prize server decrypts the hash value string and the prize money identifier of the combiner sent by the mapping server and then checks the digital signature. Next, the prize server randomly generates the prize information 1004 corresponding to each prize money identifier based on the above-mentioned prize money details to generate a prize money record 131 composed of the prize money identifier and the prize money information (331). . The prize server randomly generates an encryption key and a decryption key 1005 corresponding to each prize portion, and encrypts the prize information of each prize portion with a corresponding encryption key to encrypt the prize portion identifier and the encrypted prize information 1007. The decryption key unit 133 composed of the prize money unit 132, the prize money unit identifier, and the corresponding decryption key is generated, and the original prize money unit and the encryption key are deleted (332). Next, the prize server electronically signs the hash value column 232 of the encrypted prize portion, and electronically signs the hash value column 233 of the decryption key portion, and transmits each of them to the mapping server and the prize server (333). The signature is encrypted, transmitted to the mapping server, and then the decryption key portion is deleted (334).

[Generating decryption key combining unit] The mapping server, which has received the decryption key unit hash value string and the decryption key unit from the prize server, decrypts it, verifies the digital signature, obtains the hash value of each decryption key unit, and the hash value is the hash value of the decryption key unit. Make sure you are in the column. This checks the integrity of the decryption key part record at the point in time when the decryption key part generated by the prize server is no longer stored by the prize server and is transferred to the mapping server. The prize server then combines the combiner and the decryption key to generate a decryption key combiner 112 composed of the title identifier 1002, the prize identifier 1003, and the decryption key 1005 (315).

DB initialization before sales

Each server must initialize its database to sell the lottery.

In FIG. 1, the agent server manages the member DB 15, and the agent server (title generator), the mapping server, and the prize server (the prize generator) each have a combined authentication DB 11 and a transaction DB 12, 13, and 14, respectively. Manage. 8 is a detailed configuration diagram of each DB.

The member DB 15 includes member account information of the buyer, such as a member number (ID, ID), password, name, social security number, e-mail address, address, telephone number, deposit, transfer bank account number.

The binding authentication DB 11 includes a binding part hash value column 211 issued by the mapping server digitally signed, a heading hash value column 221 issued and issued by the title creator electronically, and an encryption signed and issued by the prize server. A cash prize hash value column 232 and a decryption key portion hash value column 233. Each server creates a combined authentication DB with a total of four hash values generated by itself or transmitted from other servers.

The transaction DBs 12, 13, and 14 are different in each server type, and the records of each transaction DB are divided into 2 to 4 groups according to the progress of the lottery sale. It is shown differently.

Each record of the transaction DB ('A transaction DB', 12) generated and managed by the agent server is classified into four groups according to the progress of the lottery sale, and the fields of the first group are 'title 121' and the second group Fields are information generated during the sale of the lottery, 'Transaction Number 1201', 'Transaction Time 1202', 'Payment Information 1203', 'Buyer 1101' and 'Owner 1102' fields. The third group is the information generated or updated when the winning ticket is issued, and the owner 'network address 1103' and the ticket issuing time 1104 fields. The fourth group is information generated when the final winning ticket is collected. Prize 1004, prize payment information 1204, payment time 1205 and final ticket 24 fields.

The transaction DB ('M transaction DB') 13 generated and managed by the mapping server is a 'transaction time' generated or updated when the first group field of the decryption key combining unit 112 and the mapping server issue an intermediate lottery ticket. 1206 'and the second group fields of the' first ticket 22 '.

The transaction DB ('P transaction DB', 14) generated and managed by the prize server is the first group field of the encrypted prize unit 132 and the 'transaction time 1207' generated when the prize server issues a winning ticket. And second group fields of 'intermediate ticket 23'.

When the agent server sells the lottery ticket, it issues a title ticket 21 to prove the purchase price and the ownership of the purchased lottery ticket, and if the owner wants to derive the winning result of the lottery purchased by the owner later, To issue a lottery ticket, this is simply referred to as the 'first ticket 22', and the lottery ticket issued by the mapping server receiving the initial ticket added with the lottery information is referred to as the 'middle ticket 23' and the intermediate ticket is presented. The winning ticket received by the winning prize server by adding another lottery information including the winning result is called 'final ticket 24' and the owner presents this final ticket to the agent server and receives the winnings. 9 is a record configuration diagram of the various tickets described above.

The agent server, mapping server, and prize server initialize each transaction DB by adding the title, decryption key combination, and encrypted prize money generated to each transaction DB.

Sale and win

[User Authentication] The agent server is operated on a membership basis, and matters related to the member are stored in the member DB 15. In order to purchase a lottery ticket from the agent server, the user joins the agent server as a member, and the registration procedure inputs important personal information such as a social security number, an e-mail address, and a transfer account number, and receives a member number and password. For internet sites that sell lottery tickets, the lottery unit price or most of the winnings are relatively small, such as 500 won or 1,000 won. Therefore, it is advisable to use the virtual account for small frequent inputs and outputs by maintaining a member virtual account for the convenience of payment and winnings. Do. Therefore, membership management is essential to maintain these virtual accounts or to provide high quality services such as mileage.

On the other hand, the present invention supports the non-member purchasing method using e-mail under the expectation that the demand for lottery purchases of non-member one-time buyers will increase due to the development of micropayment means such as electronic money, while the basic operation of the agent server.

Accordingly, identification of the lottery buyer or owner includes a membership system for entering a member number and password (login) and an e-mail system using an e-mail address entered when purchasing a lottery ticket.

[Lottery Sale and Payment (FIG. 10A)] A purchaser who is a member of an agent server accesses the server (401), enters a member number and password (404), and logs in (404) a nonmember.

Next, when the buyer reveals the intention to purchase the lottery, the agent server searches the transaction DB and randomly selects a certain amount of the unsold lottery and presents it to the buyer. It is common to purchase several lotteries at the same time, but for the sake of discussion here, it is assumed that a buyer only purchases one lottery at a time. At this time, the purchaser notifies the agent server by determining who wants the owner of the lottery as well as the desired lottery number and payment method, and whether the winning result is immediately obtained. At this time, the owner information is a member number or an e-mail address, and in the case of a non-member who is not logged in, the e-mail address is entered as buyer information (403).

Next, if the lottery ticket of the number specified by the buyer is not yet sold, the agent server sells the lottery ticket of the number and pays the lottery ticket (405).

If the buyer and the owner are the same and the buyer chooses to draw the winning result immediately, the agent server issues an initial winning ticket 22 to the owner (407) and the fields of the second and third group of the lottery number in the transaction database. (409). The updating of the winning ticket and the transaction DB will be described later. The method of issuing winning tickets is immediately sent to the owner's web browser and mailed to the owner's e-mail address. The owner who receives the winning ticket proceeds to present the winning ticket by accessing the mapping server.

If the buyer and the owner are not the same or the buyer does not want to win immediately, the agent server issues a title ticket 21 to the buyer and owner, respectively (408). Of course, if the buyer and owner are the same, it is issued only once. The title ticket serves as a payment receipt to the buyer and guarantees the owner ownership of the lottery.

Ownership ticket 21 is a 'lottery number (1001)', 'transaction number (1201)', 'buyer 1101' information that is assigned by the agent server as a transaction identification number for each lottery sale (member number, non-member system if the membership system) If the e-mail address) and 'owner 1102' information (member number or e-mail address) specified by the buyer is generated by electronic signature.

The agent server immediately sends the ownership ticket to the buyer's web browser and mails it to the buyer's and owner's email addresses respectively.

Next, the agent server updates the transaction DB (409), specifically, the transaction number 1201, transaction time 1202, payment information 1203, buyer 1101, owner 1102, etc. The lottery in which the fields are set and the second group fields are set is treated as sold.

[Issuance of First Prize Ticket Ticket (FIG. 10B)] The owner of the ownership ticket 6 who wishes to derive the winning result connects to the agent server 2 (501).

If the agent server's membership number is specified as the owner of the ownership ticket:

In this case, the ticket owner logs in to the agent server (503) and presents (504) a ownership ticket. In some cases, you may log in after presenting a title ticket.

The agent server verifies the validity of the ownership ticket (505). Specifically, the agent server checks the electronic signature of the ownership ticket, checks whether the 'owner' and the logged-in member of the ownership ticket are the same, and checks the contents of the ownership ticket by comparing with the transaction DB 12.

After verifying the validity of the ownership ticket, the agent server issues a ticket 508 by sending the 'first prize ticket 22' to the owner-side web browser.

The initial winning ticket 22 is combined with ownership ticket information (ie 'lottery number 1001', 'transaction number 1201', 'buyer 1101' and 'owner 1102', authentication information and In addition to the prize information, the agent server issues this based on the ownership ticket, and the mapping server issues the 'intermediate winning ticket 23' based on the winning ticket ('initial winning ticket') issued by the agent server. Will issue the 'final winning ticket 24' based on the intermediate winning ticket issued by the mapping server. Combination information, authentication information and prize money information may be empty or always encrypted at time of issue, and a winning ticket may be issued repeatedly and notified to the owner if it is reissued, electronically signed at the time of issuing and always in lieu of the ownership ticket. Can be.

The first lottery ticket issued by the agent server includes the title title identifier 1002 as binding information in the ownership ticket information, the network address (IP address or terminal identifier, 1103) of the owner connecting to the server as authentication information, and the validity period. (1104) '. The validity period is from the time the agent server issues the winning ticket to a certain time, and usually about one hour will be appropriate. The network address and expiration date as authentication information are based on the Kerberos authentication scheme, and one of the key ideas of the present invention is the combination of the Kerberos ticket and the lottery ticket. The agent server encrypts the binding information and authentication information so that only the mapping server can see it and digitally signs the winning ticket.

In step 509, the agent server sets third group fields such as a network address 1103 and a ticket issuance time 1104 in the transaction DB 12.

If the email address is specified as the owner of the ownership ticket:

In this case, the ticket owner connects to the agent server without logging in and presents the ownership ticket (504). The agent server verifies the validity of the ownership ticket (505). Specifically, the agent server checks the electronic signature of the ownership ticket and checks the contents of the ownership ticket with the transaction DB.

After checking the validity of the ownership ticket, the agent server issues a 507 first prize ticket 22 by mailing the winning ticket to the owner's e-mail address. If the presenter who presented the ownership ticket is not the legitimate owner of the ticket, he or she will not be able to receive the original ticket, and this will take the place of owner identity verification.

Next, the agent server sets the third group fields such as the network address 1103 and the ticket issuance time 1104 in the transaction DB (509).

[Intermediate lottery ticket issuance (FIG. 10C)] The owner with the initial lottery ticket connects to the mapping server 1 and presents the initial lottery ticket 22 (601).

The mapping server verifies the digital signature of the presented ticket (602) and then decrypts (603) the encrypted association information and authentication information. The mapping server then verifies that the expiration date 1104 included in the original winning ticket has not expired and that the network address 1103 included in the original ticket matches the actual network address of the owner who is connecting (604). The mapping server then checks (605) whether the pair record of the ticket's heading (i.e., lottery number 1001 and heading identifier 1002) is valid. If any of the above checks or checks fail or fail, the mapping server rejects the service and warns the owner. If it is simply out of date, the owner may reissue the winning ticket from the agent server, but otherwise the mapping server should investigate the owner's misconduct.

The mapping server adds the 'prize identifier 1003' as the binding information and the 'decryption key 1005' as the prize information to the decrypted winning ticket with the digital signature removed, and the combination information, the prize information and the authentication information (i.e., Encrypt the heading identifier (1002), the winning identifier (1003), the decryption key (1005), the network address (1103), and the validity period (1104) so that only the prize server can see it. The entire ticket is electronically signed (606) and immediately sent (607) to the owner-side web browser. At this time, when the mapping server reissues the winning ticket 23, the owner is notified of this fact.

Next, the mapping server adds the first prize ticket 22 and the transaction time 1206 issued by the agent server to its transaction DB ('M transaction DB', 13) (608).

[Issuing Final Sweepstakes Ticket (FIG. 10D)] The owner with the intermediate winning tickets issued by the mapping server connects to the prize server and presents the intermediate ticket (701).

The prize server checks the digital signature of the presented ticket (702) and then decrypts the encrypted association information, prize information and authentication information (703). The prize server checks that the 'validity period 1104' included in the winning ticket has not expired and that the 'network address 1103' included in the winning ticket matches the actual network address of the owner who is accessing. The prize server then receives the ticket's heading (i.e., lottery number 1001 and heading identifier 1002), a combination (i.e., heading identifier 1002 and winnings identifier 1003) and decryption keying (i.e., a winnings identifier). The pair record of (1003) and decryption key (1005) is respectively checked (705). If any of the above checks or checks fail or fail, the prize server refuses service and warns the owner.

The prize server adds 'encrypted prize information 1007' as prize money information to the winning ticket decrypted with the decryption key and the electronic signature has been removed, and adds 'prime information 1004' which decrypted the encrypted prize information with the decryption key and authenticated. Remove the information and then combine the combined and winnings information (i.e., 'header identifier 1002', 'prize identifier 1003', 'decryption key 1005', 'encrypted prize information 1007') Encrypt the ticket so that only it can see it, and electronically sign the entire ticket (707) and immediately send it to the owner's web browser (708). At this time, when the prize server reissues the final winning ticket 24, the owner is notified of this fact.

Next, the prize server adds the intermediate winning ticket 23 and the transaction time 1207 issued by the mapping server to its transaction DB ('P transaction DB', 14) (709).

[Payment of winning prizes (FIG. 10E)] The owner who receives the final winning ticket from the prize server checks the winnings by viewing the 'prize information 1004' of the ticket. If no prize money is awarded, the lottery purchase process is terminated. If there is a winning prize, the owner decides whether to receive the winning prize or to use the winning lottery ticket as a repurchase amount.

If you use the winning lottery ticket to pay for the lottery:

If the owner intends to use the winning lottery ticket for the lottery purchase price, the owner can settle the payment as the winning lottery ticket and present the winning lottery ticket to the agent server in the "buying and paying lottery ticket" step. This would be preferred if the winnings are several times less than the lottery price. The procedure for checking the validity of the winning lottery ticket and updating the transaction DB by the agent server that received the winning lottery ticket as the lottery ticket shall apply mutatis mutandis below.

If you are paid a winning lottery ticket:

In this case, the owner of the winning ticket connects to the agent server and presents the winning lottery ticket (802).

The agent server presented with the final winning ticket checks the validity of the ticket. Specifically, the agent server checks the electronic signature of the prize server with respect to the presented ticket (803) and then decrypts the encrypted combination information and the prize money information (804). Next, the agent server checks whether the information of the lottery number 1001, the transaction number 1201, the purchaser 1101 and the owner 1102 of the winning ticket is the same as the contents of its transaction DB 12. The agent server may include the title of the ticket (i.e., the lottery number 1001 and the title identifier 1002), the combination (i.e., the title identifier 1002 and the prize identifier 1003), the decryption key (i.e., the prize identifier). 1003 and decryption key 1005) and a pair record of an encrypted prize money unit (i.e., prize money identifier 1003 and encrypted prize money 1007) are respectively checked (805). Finally, the agent server decrypts the encrypted prize information 1007 with a decryption key to confirm whether the prize information is the same as the prize information 1004 of the ticket decrypted by the prize server. If the above checks or checks fail or fail, the agent server refuses to pay the prize and warns the owner.

After checking the validity of the final winning ticket, the agent server pays the winning money to the owner. The prize payout procedure shall prevail over the terms and conditions of the relevant lottery. If the owner of the ticket is a member, the winner is paid in advance or in a manner desired by the owner, such as increasing the deposit of the member (808). If the e-mail address is specified as the owner of the final winning ticket, the agent server mails the electronic money to the e-mail address (807).

After the payout is completed, the agent server updates the 'prize 1004', 'prize payment information 1204', 'payment time 1205', and 'final prize ticket 24' fields of the transaction DB 12.

Multiple servers issue digital instant lotteries distributed and use hashing and digital signatures to implement the confidentiality, data integrity and non-repudiation of the issued lottery, encrypting the prize information By separating and storing encrypted prize money information and decryption key, the possibility of fraud by the system operator is fundamentally blocked to maximize the reliability of the digital instant lottery system.

Improper access to the system and forgery / falsification of lotteries by applying multiple encryption, digital signature, hashing, and Kerberos authentication techniques as well as physical and logical access control to the system and network security by security solutions such as firewalls and SSL. And the possibility of improper ownership of the lottery.

Various purchases of lottery tickets have been implemented, that is, the purchase of lotteries is not only a membership system but also a one-time non-membership system, even if the buyer and owner of the lottery are different, and the winning result can be obtained immediately or later.

Although the present invention does not exclude the use of a dedicated program for lottery trading, the user does not need encryption key management or processing of a cryptographic routine, so that a user can trade a lottery using a general-purpose web browser without a user-only program.

Ultimately, the digital instant lottery system according to the present invention not only overcomes the limitations of the high cost and low fund raising rate in issuance and distribution, which are disadvantages of the existing offline instant lottery system, but also satisfies the needs of Internet users who prefer instant access. By creating new markets that transcend time and space, we can increase lottery sales and raise fund raising rates.

Claims (21)

Randomly generating a plurality of different title identifiers 1002 and different prize identifiers 1003, respectively; Randomly combining the title identifier and the prize identifier to generate a combining portion (111) of a lottery ticket; Randomly combining the title identifier and the lottery number 1001 to generate a title portion 121 of the lottery ticket; Randomly combining the prize unit identifier and the prize information 1004 to generate a prize unit 131 of a lottery ticket; And And digitally signing and publishing the hash value columns 211, 221, and 231 of the lottery combining unit, the title unit, and the prize pool, wherein the title and prize units of the lottery are separately generated and stored by an independent entity. Issuance method of lottery The method for issuing a digital instant lottery ticket according to claim 1, characterized in that the encrypted prize money information (1007) and the decryption key (1005) are separately stored by encrypting the prize money information. Randomly generating a plurality of different lottery identifiers 1008; Randomly combining the lottery identifier and the lottery number 1001 to generate a title portion 122 of the lottery ticket; Randomly combining the lottery identifier and the prize information 1004 to generate a prize portion 134 of the lottery; And Electronic signatures of the hash value column (222, 234) of the lottery title section and the prize money, and comprises the step of issuing digital instant lottery, characterized in that the title portion and the prize portion of the lottery separately generated and stored by an independent entity The method for issuing a digital instant lottery ticket according to claim 3, wherein the encrypted prize money information 1007 and the decryption key 1005 are separately stored by encrypting the prize money information. The mapping server 1 generates a plurality of different title identifiers 1002 and a plurality of different prize identifiers 1003, and then transmits the title identifiers to the title generator 2 and awards the prize identifiers. Transmitting to the server 3; Mapping server (1) randomly combining the title identifier and the prize identifier to generate a plurality of combiners (111); A title generator (2) randomly combining the lottery number (1001) and the title identifier to generate a plurality of titles (121); And The prize server 3 is a method of issuing a digital instant lottery, characterized in that the step of generating a plurality of prize money unit 131 by randomly combining the prize money identifier and the prize information 1004. 6. The method of claim 5, further comprising: mapping server (1) digitally signing and publishing the hash value column (211) of the coupling unit; Electronically signing and publishing a hash value column (221) of the title section; And Digital prize issuing method, characterized in that the prize server 3, the step of digitally signing and publishing the hash value column 231 of the prize money unit is added. The method for issuing a digital instant lottery ticket according to claim 5, characterized in that the encrypted prize money information (1007) and the decryption key (1005) are separately stored by encrypting the prize money information. 6. The method of claim 5, wherein the mapping server 1 digitally signs the transmission targets 1002 and 1003 in the step of the mapping server 1 transmitting the heading identifier and the prize identifier to the heading generator and the prize server, respectively. Digital instant lottery issuing method characterized by It consists of two or more independent servers, including the authentication server (2), and each record of the digital instant lottery is divided into pieces and stored in the plurality of servers, and the portion including the lottery heading is stored in the authentication server. Saved, When the authentication server sells the lottery ticket to the authenticated client 6, it issues a ticket including the lottery heading, the client identifier and the client authentication information, Digital instant lottery system in a distributed server environment, characterized in that the client owning the ticket presents the ticket sequentially to a server other than an authentication server to obtain identity verification and to obtain additional lottery information. 10. The client authentication information of claim 9, wherein the client authentication information is a network address and an expiration date of the client, and identity authentication at a server other than the authentication server is not expired, and the network address of the client included in the ticket is Whether it matches the client's actual network address, The additional lottery information is combined information and prize money information, but the combined information is information necessary for recovering the original lottery record by combining a plurality of partial lottery tickets divided longitudinally. Instant Lottery System 10. The distributed server environment of claim 9, wherein each server encrypts authentication information and additional lottery information, issues a ticket electronically, and issues a ticket. The server presented with the ticket verifies the digital signature and decrypts the encrypted information. Digital Instant Lottery System 10. The method of claim 9, wherein the client identification authentication by the authentication server is performed by a client having a member account accessing the authentication server to log in by inputting a member number and password, and the client identifier is the member number. Digital instant lottery system under server environment 10. The digital instant lottery ticket in a distributed server environment of claim 9, wherein the client identity authentication by the authentication server is performed by a client connecting to the authentication server to input an email address, and the client identifier is the email address. system The mapping server 1 generates a plurality of heading identifiers 1002 different from each other, generates a plurality of different cash prize identifiers 1003, and then randomly combines the heading identifier and the cash prize identifier with a plurality of combiners ( 111); The mapping server (1) sending the heading identifier to the heading generator (2) and sending the prize money identifier to the prize server (3); A title generator (2) randomly combining the lottery number (1001) and the title identifier to generate a plurality of titles (121); Generating, by the prize server 3, a plurality of prize units 131 by randomly combining the prize unit identifier and the prize information 1004; Giving a purchaser (6) access to the heading; Giving the owner 6 of the title of the purchased lottery an access right to the coupling corresponding to the title; Giving the owner of the title and the combination of the purchased lottery access rights to the prize money corresponding to the title and the combination; And Digital instant lottery issuing and selling method comprising the step of paying the winnings of the lottery to the owner of the title, union and prize of the purchased lottery 15. The method of claim 14, further comprising: randomly generating, by the prize server, a plurality of encryption keys and decryption keys (1005) corresponding to each prize unit; Generating, by the prize server, the prize money information 1004 of each prize money portion with an encryption key corresponding thereto to generate encrypted prize money 1007 and deleting the encryption key and the prize money information; Generating, by the prize server, a plurality of decryption key units 133 with each prize unit identifier and a corresponding decryption key, and generating a plurality of encrypted prize units 132 with each prize unit identifier and the encrypted prize information corresponding thereto; ; The prize server electronically signing and publishing the hash value column 233 of the decryption key unit and the hash value column 232 of the encrypted prize unit, respectively; Encrypting, decrypting, and electronically signing the plurality of decryption key units by a prize server, and deleting the decryption key unit; The mapping server checks the hash value column of the decryption key unit and the digital signature of the decryption key unit, decrypts the decryption key unit, calculates a hash value for each pair of records of the decryption key unit, and checks whether the hash value is in the hash value column of the decryption key unit. Inspecting; And Mapping server combines the decryption key unit and combining unit to generate a decryption key combining unit 112 composed of a heading unit identifier, a prize unit identifier, and a decryption key. 15. The method of claim 14, wherein the mapping server electronically signs and issues a hash value column (211) of the combiner; And Issuing and selling the digital instant lottery ticket, characterized in that the title generator is added to issue the hash value string 221 of the heading section of the electronic signature. 17. The digital signature of issuing a hash value column of a pair record according to claim 15 or 16, wherein the hash value of each pair record is calculated, the plurality of hash values are sequentially arranged, and then the electronic signature is Digital instant lottery issuing and selling method characterized in that it transmits the electronic signature to the mapping server, the title generator and the prize server 15. The method of claim 14, wherein the agent server (title generator), the mapping server, and the prize server each add a step of initializing their own transaction DB before initiating the sale of the lottery; The step of giving the buyer access to the lottery heading 121 is specifically The purchaser authenticates his / her identity by contacting the agent server, The buyer pays the lottery and purchases the lottery, The agent server issuing a title ticket including the lottery number 1001, transaction number 1201, buyer 1101 and owner 1102 information purchased to the buyer and owner, Adding, by the agent server, ownership ticketing information to its transaction DB 12; The owner of the ownership ticket who wants to obtain the winning result, accesses the agent server, authenticates the identity, and presents the ownership ticket; and An agent server validating the ownership ticket, The agent server adding the title identifier 1002 and the owner authentication information as binding information to the ownership ticket to issue an initial winning ticket 22 to the owner, and The agent server adding the owner authentication information to its transaction DB; The step of giving access to the lottery combining unit 111 to the owner of the purchased lottery is specifically A ticket owner accessing a mapping server to present the initial winning ticket, The mapping server validates the initial winning ticket, The mapping server adding the prize unit identifier 1002 as the combined information and the decryption key 1005 as the prize information to issue an intermediate lottery ticket 23, and The mapping server updating its transaction DB 13; The step of giving the owner of the title and the combined portion of the purchased lottery access to the prize portion 131 corresponding to the title and the combined portion is specifically A ticket owner accessing the prize server to present an intermediate lottery ticket, The prize server validates the intermediate winning ticket, The prize server adds a prize part identifier 1003 as association information, a decryption key 1005 as prize money information, and prize money information 1004 decrypted with the decryption key encrypted prize information 1004 to the intermediate prize ticket and the owner. Removing the authentication information to issue a final winning ticket 24 to the owner, and The prize server updates its transaction DB 14; The step of paying the winnings of the lottery to the owner of the title, union and prize of the purchased lottery is specifically Checking, by the owner, the winning result through the prize information included in the final winning ticket issued by the prize server; The owner accessing the agent server and presenting a final winning ticket, The agent server validating the final winning ticket, The agent server paying the owner a prize, and The agent server is a digital instant lottery issuing and selling method comprising the step of adding the winning payment information to its transaction DB (12) 19. The method of claim 18, wherein the identity verification of the buyer by the agent server is performed by logging in by inputting a member name and password when the buyer has a member account on the agent server, and emailing when the buyer does not have a member account on the agent server. By entering the address, The identity verification of the owner by the agent server is performed by logging in by entering the member name and password if the owner has a member account on the agent server. If the buyer does not have a member account on the agent server, the agent server is presented with a ownership ticket. By mailing the winning ticket to the email address included in the ownership ticket, The agent server electronically signs and issues the ownership ticket, and the agent server, mapping server, and the prize server encrypt the combined information, the winning information, and the authentication information in the winning ticket so that only the destination server can see it, and then electronically sign the winning ticket. Issue; Issuance of a title ticket by the agent server causes the agent server to immediately send the ticket to the buyer's side of the ticket, mailing the ticket to the buyer's and owner's email addresses respectively, Issuance of a lottery ticket by the agent server immediately sends a ticket to the owner if the owner information included in the presented ownership ticket is a member name, and the ticket is sent to the email address if the owner information of the ticket is an email address. Mail to you, Issuance of a winning ticket by the mapping server and the prize server is to transmit the ticket immediately to the owner side; Specifically, the agent server validates the ownership ticket. Verifying the digital signature on the ownership ticket presented by the owner; Checking whether the contents of the ownership ticket is the same as their transaction DB (12), The step of the mapping server validating the initial winning ticket is specifically for the ticket. Checking the digital signature of the agent server, Decrypting the combination information, the winning information, and the authentication information, Verifying owner status, and Jointly authenticating the heading; The checking of the validity of the intermediate winning ticket by the prize server may be specifically performed on the ticket. Checking the digital signature of the mapping server, Decrypting the combination information, the winning information, and the authentication information, Verifying owner status, and Jointly authenticating a heading, a coupling portion, and a decryption key portion; The step of the agent server validating the final winning ticket is specifically for the ticket. Verifying the digital signature of the prize server, Decrypting the combination information and the winning information and confirming that the result of decrypting the encrypted prize money information with the decryption key is the same as the prize money information, Checking whether the title, transaction number, buyer, owner information of the ticket is the same as their transaction DB, and And combining and authenticating the combining unit, the decryption key unit, and the encrypted prize unit, Payment of winnings by agent server If the owner information of the ticket is a member name, the payment method prescribed by the member information is followed; if the owner information is an email address, electronic money is mailed to the email address; The transaction DB initialization of the agent server is the lottery title.In the transaction DB update, the ownership ticket issuance information is the transaction number, transaction time, payment information, buyer and owner information, and the owner authentication information is the owner's network address and ticket issuance time. The prize pay information shall be the prize money, prize money payment information, time of payment and final prize ticket; The transaction DB initialization of the mapping server is performed by the decryption key combination unit, and the transaction DB update is performed by the transaction time and the initial winning ticket. Transaction DB initialization of the prize server is encrypted with the prize money section and transaction DB update is a digital instant lottery issuing and selling method, characterized in that the transaction time and the intermediate lottery ticket 20. The method of claim 19, wherein the owner authentication information consists of the owner's network address and expiration date, The mapping server and the prize server verify the owner's identity by verifying that the validity period included in the presented winning ticket has not expired and that the network address of the owner accessing the server and the network address included in the winning ticket are the same. Issuing and selling digital instant lottery tickets 20. The method of claim 19, wherein the method of jointly authenticating the pair record comprises calculating a hash value of the pair record to be authenticated and checking whether the hash value is in the hash value column of the pair record in the joint authentication DB. How to issue and sell instant lottery tickets