TWI549468B - Information transmission protection system and its signature key security transmission method and confidential data encryption transmission method - Google Patents

Information transmission protection system and its signature key security transmission method and confidential data encryption transmission method Download PDF

Info

Publication number
TWI549468B
TWI549468B TW102141988A TW102141988A TWI549468B TW I549468 B TWI549468 B TW I549468B TW 102141988 A TW102141988 A TW 102141988A TW 102141988 A TW102141988 A TW 102141988A TW I549468 B TWI549468 B TW I549468B
Authority
TW
Taiwan
Prior art keywords
key
signature
encrypted
security device
confidential information
Prior art date
Application number
TW102141988A
Other languages
Chinese (zh)
Other versions
TW201521410A (en
Inventor
Ling Chih Hsu
Gan How Chang
Ming Hsin Chang
Original Assignee
Chunghwa Telecom Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chunghwa Telecom Co Ltd filed Critical Chunghwa Telecom Co Ltd
Priority to TW102141988A priority Critical patent/TWI549468B/en
Publication of TW201521410A publication Critical patent/TW201521410A/en
Application granted granted Critical
Publication of TWI549468B publication Critical patent/TWI549468B/en

Links

Landscapes

  • Storage Device Security (AREA)

Description

資訊傳輸防護系統及其簽章金鑰安全傳輸方法及機密資料加密傳送方法 Information transmission protection system and its signature key security transmission method and confidential data encryption transmission method

本發明是有關於一種資訊傳輸防護系統及方法,特別是有關於一種資訊傳輸防護及其簽章金鑰安全傳輸方法及機密資料加密傳送方法。 The invention relates to an information transmission protection system and method, in particular to an information transmission protection and a signature key security transmission method thereof and a confidential data encryption transmission method.

近年來,雲端的建設增多,各企業內數以百計的設備採用各自的加密協定,然而,加密技術之所以難以普及,其最大的障礙在於企業深怕不同協定加密後的資料會遺失或難以還原,因此需要採用一套金鑰管理系統來進行統一控管。金鑰管理在資料管理流程中相當重要,而金鑰的安全與方便性更會直接影響客戶端的使用意願。 In recent years, the construction of the cloud has increased. Hundreds of devices in each enterprise use their own encryption protocols. However, the biggest obstacle to the inconvenience of encryption technology is that enterprises are afraid that the data encrypted by different protocols will be lost or difficult. Restore, so a set of key management system is needed for unified control. Key management is very important in the data management process, and the security and convenience of the key will directly affect the client's willingness to use.

金鑰管理互通協定(Key Management Interoperability Protocol,KMIP)是一個2010年所提出的企業金鑰管理標準,定義了使用端及金鑰管理伺服器的通訊協定,希望透過相同協定以簡化資料加密與防護。另外,由於個資保護的自我意識日漸普及,如何取信客戶端於相信資料傳送時的安全進而願意使用,也是現今的一大課題。 The Key Management Interoperability Protocol (KMIP) is a corporate key management standard proposed in 2010. It defines the communication protocol for the client and the key management server. It hopes to simplify data encryption and protection through the same agreement. . In addition, as the self-awareness of personal protection is becoming more and more popular, how to trust the client to believe in the security of data transmission and then willing to use it is also a major issue today.

有鑑於上述習知技藝之問題,本發明之目的就是在提供一種資訊傳輸防護系統及其簽章金鑰安全傳輸方法及機密資料加密傳送方法,採用了KMIP的元件來主導金鑰協定統一的動作,包括產出、使用及廢止,並透過簽章通訊閘(Sign Gateway)來轉傳簽章前後的機密資料,且透過保密器來進行機密資料及簽章金鑰加解密,並將簽章金鑰以密文的方式保存在KMIP資料庫,使客戶端除了可以實際握有資料及金鑰的主操控權之外,透過硬體保密器(Hardware Security Module,HSM)執行,更可確保於HSM內運作的安全性,過程行經的伺服器和資料庫均無法得知相關內容。 In view of the above problems of the prior art, the object of the present invention is to provide an information transmission protection system, a signature key transmission method thereof and a confidential data encryption transmission method, and use KMIP components to dominate the unified action of the key agreement. , including output, use and abolition, and transfer the confidential information before and after the signature through the Sign Gateway, and use the security device to encrypt and decrypt the confidential information and signature key, and sign the seal The key is stored in the KMIP database in cipher text, so that the client can execute the hardware security device (HSM) in addition to the main control right of the data and the key, which ensures the HSM. The security of the internal operation, the server and the database of the process are not known.

根據本發明之目的,提出一種簽章金鑰安全傳輸方法,其包含下列步驟:經由一客戶端向一簽章通訊閘提出簽章金鑰之需求;經由簽章通訊閘向一金鑰管理互通協定伺服器要求一把對應之簽章金鑰來進行簽章,使金鑰管理互通協定伺服器自一金鑰管理互通協定資料庫中取得經加密之簽章金鑰;經由金鑰管理互通協定伺服器將經加密之簽章金鑰傳至一金鑰管理互通協定保密器;經由金鑰管理互通協定保密器將加密之簽章金鑰解密後再進行加密成為經再次加密之簽章金鑰,並將經再次加密之簽章金鑰透過該金鑰管理互通協定伺服器傳至簽章通訊閘;以及經由簽章通訊閘傳送該經再次加密之簽章金鑰至一簽章保密器,以透過簽章保密器將經再次加密之簽章金鑰解密,再經由簽章通訊閘回傳需求確認訊息至客戶端。 According to the purpose of the present invention, a method for secure transmission of a signature key is provided, which comprises the steps of: requesting a signature key to a signature communication gate via a client; and managing communication with a key via a signature communication gate The protocol server requires a corresponding signature key to be signed, so that the key management interworking protocol server obtains the encrypted signature key from a key management interworking agreement database; the key agreement is managed via the key management protocol. The server transmits the encrypted signature key to a key management interworking agreement security device; decrypts the encrypted signature key through the key management mutual agreement security device and encrypts it into a re-encrypted signature key And transmitting the re-encrypted signature key to the signature gateway through the key management interworking protocol server; and transmitting the re-encrypted signature key to a signature security device via the signature gateway The re-encrypted signature key is decrypted by the signature security device, and the request confirmation message is sent back to the client via the signature gateway.

較佳地,本發明之簽章金鑰安全傳輸方法更包含下列步驟:簽章通訊閘透過一動態密碼伺服器進行身份驗證。 Preferably, the signature key secure transmission method of the present invention further comprises the following steps: the signature gateway is authenticated by a dynamic password server.

較佳地,金鑰管理互通協定保密器事先係以主要金鑰對簽章金鑰進行加密成為經加密之簽章金鑰後,再透過金鑰管理互通協定伺服器存放至金鑰管理互通協定資料庫,而金鑰管理互通協定伺服器向金鑰管理互通協定資料庫取得經加密之簽章金鑰後,係由金鑰管理互通協定保密器以主要金鑰將經加密之簽章金鑰進行解密。 Preferably, the key management interworking agreement security device encrypts the signature key with the primary key into an encrypted signature key, and then deposits it into the key management interworking protocol through the key management mutual agreement server. The database, and the key management interworking protocol server obtains the encrypted signature key from the key management interworking agreement database, and the key certificate is encrypted by the key management interoperability agreement security key with the primary key. Decrypt.

較佳地,金鑰管理互通協定保密器以主要金鑰將經加密之簽章金鑰解密後,係以對稱金鑰再次對簽章金鑰進行加密成為經再次加密之簽章金鑰。 Preferably, after the key management mutual security protocol decrypts the encrypted signature key with the primary key, the signature key is encrypted again by the symmetric key to become the re-encrypted signature key.

較佳地,簽章保密器係以對稱金鑰將經再次加密之簽章金鑰解密。 Preferably, the signature security decrypts the re-encrypted signature key with a symmetric key.

根據本發明之目的,又提出一種機密資料加密傳送方法,其包含下列步驟:當上述之簽章金鑰安全傳輸方法中所述之客戶端接收到需求確認訊息後,經由客戶端依據一啟動金鑰將一機密資料進行加密為一次加密機密資料,並將一次加密機密資料附加自身公鑰後用簽章保密器所提供之公鑰加密為一再加密之機密資料,再將再加密之機密資料傳至簽章通訊閘;經由簽章通訊閘傳送再加密之機密資料至簽章保密器,以透過簽章保密器依據自身私鑰解開再加密之機密資料所附之所有公鑰,並保留一次 加密機密資料,簽章保密器再將對稱金鑰附加至一次加密機密資料,並以客戶端所提供之公鑰對一次加密機密資料進行二次加密為一二次加密之機密資料;經由簽章保密器將經二次加密之機密資料透過簽章通訊閘回傳至客戶端,以使客戶端以自身私鑰解開二次加密之機密資料後取得所附之對稱金鑰,再以啟動金鑰解開機密資料,進而以機密資料之內容確認簽章保密器之身份;經由客戶端將附有對稱金鑰之啟動金鑰,透過簽章通訊閘傳至簽章保密器,以透過簽章保密器依據對稱金鑰解開取得啟動金鑰,再以啟動金鑰解開一次加密機密資料,以取得機密資料,並以簽章金鑰對機密資料做簽章為一經簽章之機密資料;以及經由簽章保密器將經簽章之機密資料透過簽章通訊閘回傳至客戶端。 According to the purpose of the present invention, a confidential data encryption transmission method is further provided, which comprises the following steps: after the client described in the above-mentioned signature key secure transmission method receives the demand confirmation message, the client initiates a The key encrypts a confidential data into one encrypted secret data, and encrypts the encrypted secret data with its own public key, encrypts it with the public key provided by the signature security device, and encrypts the secret confidential data. To the signature communication gate; the re-encrypted confidential information is transmitted to the signature security device via the signature communication gate, and all the public keys attached to the re-encrypted confidential information are decrypted according to the private key of the signature by the signature security device, and are retained once. Encrypt the confidential information, the signature security device then attaches the symmetric key to the encrypted confidential information, and encrypts the encrypted confidential information twice with the public key provided by the client into a second encrypted secret data; The security device transmits the secret data encrypted by the second encryption to the client through the signature communication gate, so that the client decrypts the confidential information of the second encryption with its own private key, and obtains the attached symmetric key, and then starts the gold. The key is unlocked and the identity of the signature is confirmed by the content of the confidential information; the activation key with the symmetric key is transmitted to the signature security device through the signature gateway through the client to pass the signature The security device obtains the activation key according to the symmetric key unlocking, and then unlocks the encrypted confidential information with the activation key to obtain the confidential information, and uses the signature key to sign the confidential information as a signed confidential information; And the signed confidential information is transmitted back to the client through the signature gateway via the signature security device.

根據本發明之目的,再提出一種資訊傳輸防護系統,包含:一金鑰管理互通協定保密器,係對一簽章金鑰進行加密為一經加密之簽章金鑰或將該經加密之簽章金鑰解密為該簽章金鑰,並對該簽章金鑰加密為一經再次加密之簽章金鑰;一金鑰管理互通協定資料庫,用以儲存經加密之簽章金鑰;一簽章保密器,用以對該經再次加密之簽章金鑰進行解密;一金鑰管理互通協定伺服器,連接金鑰管理互通協定資料庫及金鑰管理互通協定保密器;以及一簽章通訊閘,係連接簽章保密器及金鑰管理互通協定伺服器,當簽章通訊閘接收一客戶端所提出簽章金鑰之需求,以向金鑰管理互通協定伺服器要求一把對應之簽章金鑰來進行簽章時,金鑰管理互通協定伺服器係自金鑰管理互通協定資料庫中取得經加密之簽章金鑰,並將取得之加密之簽章金鑰傳至金鑰管理互通協定保密器,再由金鑰管理互通協定保密器將加密之簽章金鑰解密後再進行加密為一經再次加密之簽章金鑰,並將經再次加密之簽章金鑰透過金鑰管理互通協定伺服器回傳至簽章通訊閘,再由簽章通訊閘傳送經再次加密之簽章金鑰至簽章保密器,以透過簽章保密器將經再次加密之簽章金鑰解密,再經由簽章通訊閘回傳需求確認訊息至客戶端。 According to the purpose of the present invention, an information transmission protection system is further provided, comprising: a key management mutual agreement security device, which encrypts a signature key into an encrypted signature key or the encrypted signature The key is decrypted as the signature key, and the signature key is encrypted into a re-encrypted signature key; a key management interworking agreement database is used to store the encrypted signature key; a secret security device for decrypting the re-encrypted signature key; a key management interworking protocol server, a connection key management mutual agreement database and a key management interworking agreement security device; and a signature communication The gate is connected to the signature security device and the key management interworking protocol server. When the signature communication gate receives the request of the signature key issued by the client, it requests a corresponding signature from the key management interworking protocol server. When the key is signed, the key management mutual agreement server obtains the encrypted signature key from the key management mutual agreement database, and transmits the obtained encrypted signature key to the key management. Interoperability The security device is decrypted by the key management secret security device, and then the encrypted signature key is decrypted and then encrypted into a re-encrypted signature key, and the re-encrypted signature key is communicated through the key management. The agreement server is transmitted back to the signature communication gate, and then the re-encrypted signature key is transmitted to the signature security device by the signature communication gate to decrypt the re-encrypted signature key through the signature security device, and then The request confirmation message is sent back to the client via the signature gateway.

較佳地,本發明之資訊傳輸防護系統中,當客戶端接收到需求確認訊息後,客戶端將依據一啟動金鑰將一機密資料進行加密為一次加密機密資料,並附加自身公鑰後用簽章保密器所提供之公鑰加密為一再加 密之機密資料,再將再加密之機密資料透過簽章通訊閘傳送至簽章保密器,以透過簽章保密器依據自身私鑰解開再加密之機密資料所附之所有公鑰,並保留經一次加密機密資料,簽章保密器再將對稱金鑰附加至一次加密機密資料,並以客戶端所提供之公鑰對一次加密機密資料進行二次加密為二次加密之機密資料,再透過簽章通訊閘將經二次加密之機密資料回傳至客戶端,以使客戶端以自身私鑰解開二次加密之機密資料後取得所附之對稱金鑰,再以啟動金鑰解開一次加密機密資料,以取得機密資料,進而以機密資料之內容確認簽章保密器之身份,再透過簽章通訊閘將以對稱金鑰加密啟動金鑰並傳至簽章保密器,以透過簽章保密器依據對稱金鑰解開取得啟動金鑰,再以啟動金鑰解開一次加密機密資料,並以簽章金鑰對機密資料做簽章,再透過簽章通訊閘將經簽章之機密資料回傳至客戶端。 Preferably, in the information transmission protection system of the present invention, after the client receives the demand confirmation message, the client encrypts a confidential data according to a startup key to encrypt the confidential information, and attaches the public key. The public key encryption provided by the signature security device is added Confidential confidential information, and then re-encrypted confidential information is transmitted to the signature security device through the signature gateway, to unlock all public keys attached to the re-encrypted confidential information according to the private key of the signature, and retain After encrypting the confidential information once, the signature security device then attaches the symmetric key to the encrypted secret data, and encrypts the encrypted confidential information twice with the public key provided by the client into the secondary encrypted secret data. The signature communication gate transmits the secret data encrypted by the second encryption to the client, so that the client unlocks the secret data of the second encryption with its own private key, and obtains the attached symmetric key, and then unlocks the activation key. Encrypt confidential information once to obtain confidential information, and then confirm the identity of the signature security device with the contents of the confidential information, and then use the signature gateway to encrypt the activation key with the symmetric key and pass it to the signature security device to pass the signature. The chapter security device obtains the activation key according to the symmetric key unlocking, and then unlocks the confidential information with the activation key, and signs the confidential information with the signature key, and then signs the communication. The signature by the confidential information back to the client.

較佳地,本發明之資訊傳輸防護系統更包含一動態密碼伺服器,係連接簽章通訊閘,使簽章通訊閘得以透過動態密碼伺服器進行身份驗證。 Preferably, the information transmission protection system of the present invention further comprises a dynamic password server, which is connected to the signature communication gate, so that the signature communication gate can be authenticated through the dynamic password server.

承上所述,依本發明之資訊傳輸防護系統及其簽章金鑰安全傳輸方法及機密資料加密傳送方法,其具有下列一或多個特點: According to the above description, the information transmission protection system and the signature key transmission method thereof and the confidential data encryption transmission method according to the invention have one or more of the following characteristics:

1、本發明之機密資料加密傳送是採用加密兩層的方式於第一次送出,並將解密的啟動金鑰於第二次用對稱金鑰(Session Key)加密送出,將重要的訊息分開傳送,可以減少訊息被還原的機會。 1. The encrypted data transmission of the present invention is sent in the first time by means of two layers of encryption, and the decrypted activation key is encrypted and sent by the second session with a symmetric key, and the important information is transmitted separately. Can reduce the chances that the message will be restored.

2、本發明之簽章金鑰安全傳輸係以金鑰管理互通協定為主要元件,其特色是可對不同協定的加密設備進行金鑰統一管理,並主導金鑰的生命週期及傳送流程。 2. The signature key secure transmission of the present invention is mainly composed of a key management interworking agreement, and is characterized in that it can perform unified management of keys for encryption devices of different protocols, and leads the life cycle and transmission process of the key.

3、本發明之簽章金鑰安全傳輸係採用兩台保密器來替簽章金鑰的加密金鑰進行轉換加解密的動作,簽章金鑰的明文只會在保密器內進行還原,於資料庫和傳送過程都以密文的方式存在。而採用保密器的方式可以確保機密資料及簽章金鑰於加解密及後續簽章時不會被未授權的取出。 3. The signature key secure transmission system of the present invention uses two security devices to perform the conversion and decryption of the encryption key of the signature key, and the plaintext of the signature key is only restored in the security device. Both the database and the transfer process exist in ciphertext. The use of a security device ensures that confidential information and signature keys are not unauthorizedly removed during encryption and decryption and subsequent signatures.

1‧‧‧簽章通訊閘 1‧‧‧Signature communication gate

2‧‧‧簽章保密器 2‧‧‧Signature Security

3‧‧‧金鑰管理互通協定伺服器 3‧‧‧Key Management Interworking Agreement Server

4‧‧‧金鑰管理互通協定資料庫 4‧‧‧Key Management Interoperability Agreement Database

5‧‧‧金鑰管理互通協定保密器 5‧‧‧Key Management Interoperability Agreement Security

6‧‧‧動態密碼伺服器 6‧‧‧Dynamic password server

100‧‧‧客戶端 100‧‧‧Client

S11~S15、S21~S25‧‧‧步驟 S11~S15, S21~S25‧‧‧ steps

第1圖 係為本發明之資訊傳輸防護系統之示意圖。 Figure 1 is a schematic diagram of the information transmission protection system of the present invention.

第2圖 係為本發明之簽章金鑰安全傳輸方法之流程圖。 Figure 2 is a flow chart of the method for securely transmitting a signature key of the present invention.

第3圖 係為本發明之機密資料加密傳送方法之流程圖。 Figure 3 is a flow chart of the method for encrypting and transmitting confidential data of the present invention.

為利 貴審查員瞭解本發明之技術特徵、內容與優點及其所能達成之功效,茲將本發明配合附圖,並以實施例之表達形式詳細說明如下,而其中所使用之圖式,其主旨僅為示意及輔助說明書之用,未必為本發明實施後之真實比例與精準配置,故不應就所附之圖式的比例與配置關係解讀、侷限本發明於實際實施上的權利範圍,合先敘明。 The technical features, contents, and advantages of the present invention, as well as the advantages thereof, can be understood by the present inventors, and the present invention will be described in detail with reference to the accompanying drawings. The subject matter is only for the purpose of illustration and description. It is not intended to be a true proportion and precise configuration after the implementation of the present invention. Therefore, the scope and configuration relationship of the attached drawings should not be interpreted or limited. First described.

請參閱第1圖,其係為本發明之資訊傳輸防護系統之示意圖。圖中,本發明之資訊傳輸防護系統包含一簽章通訊閘(Sign Gateway)1、一簽章保密器(Sign HSM)2、一金鑰管理互通協定伺服器(KMIP Server)3、一金鑰管理互通協定資料庫(KMIP Database)4、一金鑰管理互通協定保密器(KMIP HSM)5及一動態密碼伺服器(One-Time Password Server,OTP Server)6,簽章通訊閘1係連接簽章保密器2、金鑰管理互通協定伺服器3及動態密碼伺服器6,金鑰管理互通協定伺服器3又連接金鑰管理互通協定資料庫4及金鑰管理互通協定保密器5。 Please refer to FIG. 1 , which is a schematic diagram of the information transmission protection system of the present invention. In the figure, the information transmission protection system of the present invention comprises a signature gateway (Sign Gateway) 1, a signature security (Sign HSM) 2, a key management interworking protocol server (KMIP Server) 3, a key. Management Interchange Agreement Database (KMIP Database) 4, a Key Management Interworking Agreement Security (KMIP HSM) 5 and a One-Time Password Server (OTP Server) 6, Signature Communication Gate 1 Connection Sign The chapter security device 2, the key management interworking protocol server 3 and the dynamic cryptographic server 6, the key management interworking protocol server 3 is connected to the key management interworking agreement database 4 and the key management interworking agreement security device 5.

此資訊傳輸防護系統可執行二個部份,一為簽章金鑰安全傳輸部份:當簽章通訊閘1接收一客戶端100所提出簽章金鑰之需求時,簽章通訊閘1透過動態密碼伺服器6進行身份驗證,以向金鑰管理互通協定伺服器3要求一把對應之簽章金鑰來進行簽章,而金鑰管理互通協定伺服器3則自金鑰管理互通協定資料庫4中取得經加密之簽章金鑰,並將取得之加密之簽章金鑰傳至金鑰管理互通協定保密器5,再由金鑰管理互通協定保密器5將經加密之簽章金鑰解密後再進行加密成為一經再次加密之簽章金鑰,並將經再次加密之簽章金鑰透過金鑰管理互通協定伺服器3回傳至簽章通訊閘1,再由簽章通訊閘1傳送該經再次加密之簽章金鑰至簽章保密器2,以透過簽章保密器2將該經再次加密之簽章金鑰解密,再經由簽章通訊閘1回傳需求確認訊息至客戶端100。其中,金鑰管理互通協定保密器5事先係以主要金鑰(Master Key)對簽章金鑰進行加密成為該經加密之簽章金鑰 後,再透過金鑰管理互通協定伺服器3存放至金鑰管理互通協定資料庫4,而金鑰管理互通協定伺服器3向金鑰管理互通協定資料庫4取得經加密之簽章金鑰後,係由金鑰管理互通協定保密器5以主要金鑰將經加密之簽章金鑰進行解密,再以對稱金鑰(Session Key)再次對簽章金鑰進行加密成為經再次加密之簽章金鑰。而簽章保密器2係以對稱金鑰將經再次加密之簽章金鑰解密。 The information transmission protection system can execute two parts, one is the signature key security transmission part: when the signature communication gate 1 receives the request of the signature key issued by the client 100, the signature communication gate 1 transmits The dynamic cryptographic server 6 performs authentication to request a key signature to the key management interworking server 3 for signature, and the key management interworking protocol server 3 manages the interworking agreement data from the key management protocol. The encrypted signature key is obtained in the library 4, and the obtained encrypted signature key is transmitted to the key management interworking agreement security device 5, and then the encrypted signature is issued by the key management interworking agreement security device 5. The key is decrypted and then encrypted to become a re-encrypted signature key, and the re-encrypted signature key is transmitted back to the signature communication gate 1 through the key management interworking protocol server 3, and then the signature communication gate 1 transmitting the re-encrypted signature key to the signature security device 2, decrypting the re-encrypted signature key through the signature security device 2, and transmitting the request confirmation message via the signature communication gate 1 to Client 100. The key management interworking agreement security device 5 encrypts the signature key with the master key in advance to become the encrypted signature key. Then, the key agreement management server 3 is stored in the key management interworking protocol database 4, and the key management interworking agreement server 3 obtains the encrypted signature key from the key management interworking agreement database 4. The key management key 5 is used to decrypt the encrypted signature key with the primary key, and then the signature key is encrypted again by the symmetric key to become the re-encrypted signature. Key. The signature security device 2 decrypts the re-encrypted signature key with a symmetric key.

二為機密資料加密傳送部份:當上述簽章金鑰安全傳輸部份執行完成,客戶端100接收到需求確認訊息後,客戶端100將依據一啟動金鑰(Activation Key)將一機密資料進行加密為一次加密機密資料,並將一次加密機密資料附加自身公鑰後用簽章保密器所提供之公鑰加密為一再加密之機密資料,再將再加密之機密資料透過簽章通訊閘1傳送至簽章保密器2,以透過簽章保密器2依據自身私鑰解開再加密之機密資料所附之所有公鑰,並保留一次加密機密資料,簽章保密器2再將對稱金鑰附加至一次加密機密資料,並以客戶端100所提供之公鑰對一次加密機密資料進行二次加密為二次加密之機密資料,再透過簽章通訊閘1將經二次加密之機密資料回傳至客戶端100,以使客戶端100以自身私鑰解開二次加密之機密資料後取得所附之對稱金鑰,再以啟動金鑰解開機密資料,進而以機密資料之內容確認簽章保密器2之身份,再透過簽章通訊閘1將附有對稱金鑰之啟動金鑰傳至簽章保密器2,以透過簽章保密器2依據對稱金鑰解開取得啟動金鑰,再以啟動金鑰解開一次加密機密資料,以取得機密資料,並以簽章金鑰對機密資料做簽章為一經簽章之機密資料,再透過簽章通訊閘1將經簽章之機密資料回傳至客戶端100。 The second is the confidential data encryption transmission part: when the security execution part of the signature key is completed, and the client 100 receives the demand confirmation message, the client 100 will perform a confidential data according to an activation key (Activation Key). Encryption encrypts the confidential information once, and encrypts the encrypted confidential information with its own public key, encrypts it with the public key provided by the signature security device, and then encrypts the encrypted confidential information through the signature communication gate 1. To the signature security device 2, through the signature security device 2, according to its private key, unlock all public keys attached to the re-encrypted confidential information, and retain the encrypted confidential information once, and the signature security device 2 attaches the symmetric key. The encrypted secret data is encrypted once, and the encrypted secret data is secondarily encrypted into the secondary encrypted secret data by the public key provided by the client 100, and then the secondary encrypted secret data is transmitted back through the signature communication gate 1. To the client 100, so that the client 100 unlocks the secret data of the second encryption with its own private key, and obtains the attached symmetric key, and then unlocks the secret data with the activation key, and then The content of the confidential information confirms the identity of the signature security device 2, and then transmits the activation key with the symmetric key to the signature security device 2 through the signature communication gate 1 to solve the symmetric key by the signature security device 2 Open the activation key, and then use the activation key to unlock the encrypted confidential information to obtain the confidential information, and sign the confidential information with the signature key as the signed confidential information, and then pass the signature communication gate 1 The signed confidential information is transmitted back to the client 100.

以下透過一實施範例簡要說明本發明之資訊傳輸流程。首先,進行簽章金鑰(設為Pvk)之安全傳遞,由客戶端100向簽章通訊閘1提出簽章金鑰Pvk的需求。接著,簽章通訊閘1透過動態密碼伺服器6驗證身份。再由簽章通訊閘1向金鑰管理互通協定伺服器3要求一把對應的簽章金鑰Pvk來做簽章。然後,金鑰管理互通協定伺服器3向金鑰管理互通協定資料庫4取出相對應經加密之簽章金鑰(設為{(Pvk)MK...})。其中,簽章金鑰Pvk已事前先被金鑰管理互通協定保密器5用主要金鑰(設為MK)加密 放至金鑰管理互通協定資料庫4中。接著,金鑰管理互通協定資料庫4將經加密之簽章金鑰{(Pvk)MK...}透過金鑰管理互通協定伺服器3傳給金鑰管理互通協定保密器5,由金鑰管理互通協定保密器5利用主要金鑰MK解開經加密之簽章金鑰{(Pvk)MK...}後,換用對稱金鑰(設為SK2)將簽章金鑰加密成{(Pvk)SK2...}(經再次加密之簽章金鑰),再透過金鑰管理互通協定伺服器3回傳給簽章通訊閘1。其中,對稱金鑰SK2係金鑰管理互通協定保密器5與簽章保密器2所事先協定好。再接著,由簽章通訊閘1將經再次加密之簽章金鑰{(Pvk)SK2...}傳給簽章保密器2,由簽章保密器2用對稱金鑰SK2解開經再次加密之簽章金鑰{(Pvk)SK2...},進而取得簽章金鑰Pvk的明文,且簽章保密器2將透過簽章通訊閘1回傳需求確認訊息告知客戶端100已準備好簽章金鑰Pvk。當簽章保密器2與金鑰管理互通協定資料庫4完成簽章金鑰Pvk的傳輸後,簽章保密器2取得簽章金鑰Pvk的明文,即可透過簽章通訊閘1通知客戶端100準備傳送欲簽章的資料,於是,可執行機密資料(設為Secret Data)之加密傳送,客戶端100將機密資料Secret Data用啟動金鑰(設為AK)加密成{(Secret Data)AK...}(即一次加密機密資料),並將附上客戶端100之自身公鑰(設為Cpub),再利用簽章保密器2所提供之公鑰(設為Kpub)將附上自身公鑰的一次加密機密資料(Secret Data)AK,Cpub...)包成{((Secret Data)AK,Cpub...)Kpub}(即為再加密之機密資料)後傳送給簽章通訊閘1。接著,簽章通訊閘1把再加密之機密資料{((Secret Data)AK,Cpub...)Kpub}傳給簽章保密器2,以透過簽章保密器2依據自身的私鑰(設為Kpvk)解開{((Secret Data)AK,Cpub...)Kpub}(再加密之機密資料所附有之自身公鑰),並保留僅經啟動金鑰AK加密之機密資料{(Secret Data)AK...}(即一次加密機密資料),簽章保密器2再將對稱金鑰(設為SK1)附加至一次加密機密資料{(Secret Data)AK...},再用客戶端100之公鑰Cpub對機密資料Secret Data進行二次加密以成為{((Secret Data)AK,SK1...)Cpub}(即二次加密之機密資料)。然後,簽章保密器2將二次加密之機密資料{((Secret Data)AK,SK1...)Cpub}透過簽章通訊閘1回傳給客戶端100,由客戶端100以自身之私鑰(設為Cpvk)解開二次加密之機密資料{((Secret Data)AK,SK1...)Cpub},以得到對稱金鑰SK1,同時客戶端100利用啟動金鑰AK解開機密資料Secret Data,比對了 機密資料Secret Data的內容後,可確定簽章保密器2的身份。再者,客戶端100將附有對稱金鑰SK1之啟動金鑰{(AK)SK1}透過簽章通訊閘1傳給簽章保密器2,簽章保密器2則可透過對稱金鑰SK1來解開{(AK)SK1},以取得啟動金鑰AK。隨後,簽章保密器2便可以透過啟動金鑰AK來解開一次加密機密資料{(Secret Data)AK},並取得機密資料Secret Data的值,再以簽章金鑰Pvk將機密資料Secret Data做簽章為一經簽章之機密資料。最後,簽章保密器2將經簽章之機密資料Secret Data透過簽章通訊閘1回傳給客戶端100,並結束所有流程工作。 The information transmission process of the present invention will be briefly described below through an embodiment. First, the secure transfer of the signature key (set to Pvk) is performed, and the client 100 proposes the signature key Pvk to the signature gateway 1. Next, the signature gateway 1 verifies the identity through the dynamic password server 6. The signature communication gate 1 then requests a corresponding signature key Pvk to sign the certificate to the key management interworking protocol server 3. Then, the key management interworking agreement server 3 extracts the corresponding encrypted signature key (set to {(Pvk) MK...}) to the key management interworking agreement database 4. Among them, the signature key Pvk has been encrypted by the key management key security device 5 with the main key (set to MK). Put it in the Key Management Interoperability Agreement Database 4. Next, the key management interworking agreement database 4 transmits the encrypted signature key {(Pvk) MK...} to the key management interworking agreement security device 5 through the key management interworking agreement server 3, by the key The management interworking agreement security device 5 uses the primary key MK to unlock the encrypted signature key {(Pvk) MK...}, and then uses the symmetric key (set to SK2) to encrypt the signature key into {( Pvk)SK2...} (re-encrypted signature key), and then passed back to the signature communication gate 1 through the key management interworking protocol server 3. Among them, the symmetric key SK2 key management interworking agreement security device 5 and the signature security device 2 are agreed in advance. Then, the signature key 1 (Pvk) SK2...} which is re-encrypted is transmitted to the signature security device 2 by the signature communication gate 1, and is unlocked by the signature security device 2 with the symmetric key SK2. The encrypted signature key {(Pvk)SK2...}, and then obtain the plaintext of the signature key Pvk, and the signature security device 2 will notify the client 100 that the request is confirmed by the signature communication gate 1 Good signature key Pvk. After the signature security device 2 and the key management interworking agreement database 4 complete the transmission of the signature key Pvk, the signature security device 2 obtains the plaintext of the signature key Pvk, and can notify the client through the signature communication gate 1. 100 is ready to transmit the data to be signed, and thus, the encrypted transmission of the confidential data (set to Secret Data) can be performed, and the client 100 encrypts the confidential data Secret Data with the activation key (set to AK) into {(Secret Data) AK. ...} (ie encrypting confidential information once), and attaching the client's own public key (set to Cpub), and then attaching itself with the public key provided by the signature security 2 (set to Kpub) The public key's encrypted data (Secret Data) AK, Cpub...) is packaged into {((Secret Data)AK, Cpub...)Kpub} (that is, the re-encrypted confidential information) and transmitted to the signature communication. Gate 1. Next, the signature communication gate 1 transmits the re-encrypted confidential information {((Secret Data) AK, Cpub...) Kpub} to the signature security device 2 to pass the signature security device 2 according to its private key (set Unlock {((Secret Data)AK, Cpub...)Kpub} for Kpvk) (re-encrypted confidential information attached to its own public key), and retain confidential information encrypted only by the activation key AK {(Secret) Data) AK...} (that is, encrypting confidential information once), and the signature security device 2 attaches the symmetric key (set to SK1) to the encrypted secret data {(Secret Data) AK...}, and then uses the client. The public key Cpub of the terminal 100 re-encrypts the confidential data Secret Data to become {((Secret Data) AK, SK1...) Cpub} (ie, the secret information of the secondary encryption). Then, the signature security device 2 transmits the secondary encrypted secret information {((Secret Data) AK, SK1...) Cpub} to the client 100 through the signature communication gate 1, and the client 100 takes its own privacy. The key (set to Cpvk) unlocks the secondary encrypted secret data {((Secret Data) AK, SK1...) Cpub} to obtain the symmetric key SK1, and the client 100 uses the activation key AK to unlock the secret data. Secret Data, the comparison After the confidential information of Secret Data, the identity of the signature security device 2 can be determined. Furthermore, the client 100 transmits the activation key {(AK)SK1} with the symmetric key SK1 to the signature security device 2 via the signature communication gate 1, and the signature security device 2 transmits the symmetric key SK1. Unlock {(AK)SK1} to get the start key AK. Subsequently, the signature security device 2 can unlock the encrypted secret information {(Secret Data) AK} through the activation key AK, and obtain the value of the confidential data Secret Data, and then use the signature key Pvk to secret data Secret Data Make a signature as a confidential information that has been signed. Finally, the signature security device 2 transmits the signed confidential data Secret Data to the client 100 through the signature gateway 1 and ends all process work.

請參閱第2圖,其係為本發明之簽章金鑰安全傳輸方法之流程圖,其流程步驟為: Please refer to FIG. 2, which is a flowchart of the method for securely transmitting a signature key of the present invention, and the process steps are as follows:

步驟S11:經由一客戶端向一簽章通訊閘提出簽章金鑰之需求。 Step S11: requesting a signature key to a signature communication gate via a client.

步驟S12:經由簽章通訊閘向一金鑰管理互通協定伺服器要求一把對應之簽章金鑰來進行簽章,使金鑰管理互通協定伺服器自一金鑰管理互通協定資料庫中取得經加密之簽章金鑰。其中,在簽章通訊閘向金鑰管理互通協定伺服器要求簽章金鑰前,簽章通訊閘係先透過一動態密碼伺服器進行身份驗證。 Step S12: requesting a signature key to the signature management gateway through a signature gateway to obtain a signature key, so that the key management interworking protocol server obtains from a key management interworking agreement database Encrypted signature key. Wherein, before the signature communication gate requests the signature key from the key management mutual agreement server, the signature communication gate first authenticates through a dynamic password server.

步驟S13:經由金鑰管理互通協定伺服器將經加密之簽章金鑰傳至一金鑰管理互通協定保密器。 Step S13: The encrypted signature key is transmitted to a key management interworking agreement security device via the key management interworking protocol server.

步驟S14:經由金鑰管理互通協定保密器將加密之簽章金鑰解密後再進行加密成為一經再次加密之簽章金鑰,並將經再次加密之簽章金鑰透過該金鑰管理互通協定伺服器傳至簽章通訊閘。 Step S14: decrypting the encrypted signature key through the key management interworking secret security device and then encrypting it into a re-encrypted signature key, and passing the re-encrypted signature key through the key management interworking agreement The server is passed to the signature gateway.

步驟S15:經由簽章通訊閘傳送經再次加密之簽章金鑰至一簽章保密器,以透過簽章保密器將經再次加密之簽章金鑰解密,再經由簽章通訊閘回傳需求確認訊息至客戶端。 Step S15: transmitting the re-encrypted signature key to a signature security device via the signature communication gate to decrypt the re-encrypted signature key through the signature security device, and then returning the request through the signature communication gate Confirm the message to the client.

上述中,金鑰管理互通協定保密器事先係以主要金鑰對簽章金鑰進行加密成為經加密之簽章金鑰後,再透過金鑰管理互通協定伺服器存放至金鑰管理互通協定資料庫,而金鑰管理互通協定伺服器向金鑰管理互通協定資料庫取得經加密之簽章金鑰後,係由金鑰管理互通協定保密器 以主要金鑰將經加密之簽章金鑰進行解密,再以對稱金鑰再次對簽章金鑰進行加密成為該經再次加密之簽章金鑰。簽章保密器則以對稱金鑰將該經再次加密之簽章金鑰解密。 In the above, the key management mutual agreement security device encrypts the signature key with the primary key to become the encrypted signature key, and then deposits the information to the key management agreement through the key management mutual agreement server. The library, and the key management interworking protocol server obtains the encrypted signature key from the key management interworking agreement database, and is managed by the key management interworking agreement security device. The encrypted signature key is decrypted with the primary key, and the signature key is again encrypted with the symmetric key to become the re-encrypted signature key. The signature security decrypts the re-encrypted signature key with a symmetric key.

請參閱第3圖,其係為本發明之機密資料加密傳送方法之流程圖,其流程步驟為: Please refer to FIG. 3 , which is a flowchart of a method for encrypting and transmitting confidential data according to the present invention. The process steps are as follows:

步驟S21:當上述之簽章金鑰安全傳輸方法中所述之客戶端接收到需求確認訊息後,經由客戶端依據一啟動金鑰將一機密資料進行加密為一次加密機密資料,並將一次加密機密資料附加自身公鑰後用簽章保密器所提供之公鑰加密為再加密之機密資料,再將再加密之機密資料傳至簽章通訊閘。 Step S21: After receiving the requirement confirmation message, the client described in the above-mentioned signature key secure transmission method encrypts a confidential data into a encrypted confidential data according to a startup key, and encrypts once. The confidential information is encrypted with the public key provided by the signature security device and then encrypted with the public key provided by the signature security device, and the encrypted information is transmitted to the signature communication gate.

步驟S22:經由簽章通訊閘傳送再加密之機密資料至簽章保密器,以透過簽章保密器依據自身私鑰解開再加密之機密資料所附之所有公鑰,並保留一次加密機密資料,簽章保密器再將對稱金鑰附加至一次加密機密資料,並以客戶端所提供之公鑰對一次加密機密資料進行二次加密為二次加密之機密資料。 Step S22: transmitting the re-encrypted confidential information to the signature security device via the signature communication gate, so as to unlock all the public keys attached to the re-encrypted confidential information according to the private key of the signature, and retain the encrypted confidential information once. The signature security device then attaches the symmetric key to the encrypted secret data, and encrypts the encrypted confidential information to the secondary encrypted secret data by using the public key provided by the client.

步驟S23:經由簽章保密器將二次加密之機密資料透過簽章通訊閘回傳至客戶端,以使客戶端以自身私鑰解開二次加密之機密資料後取得所附之對稱金鑰,再以啟動金鑰解開機密資料,進而以機密資料之內容確認簽章保密器之身份。 Step S23: The secondary encrypted secret data is transmitted back to the client through the signature gateway via the signature security device, so that the client unlocks the second encrypted confidential information with its own private key and obtains the attached symmetric key. Then, use the activation key to unlock the confidential information, and then confirm the identity of the signature security device with the contents of the confidential information.

步驟S24:經由客戶端將附有對稱金鑰之啟動金鑰,透過簽章通訊閘傳至簽章保密器,以透過簽章保密器依據對稱金鑰解開取得啟動金鑰,再以啟動金鑰解開一次加密機密資料,以取得機密資料,並以簽章金鑰對機密資料做簽章為經簽章之機密資料。 Step S24: The activation key with the symmetric key is transmitted to the signature security device through the signature gateway through the client, and the activation key is obtained by the signature security device according to the symmetric key, and then the activation key is obtained. The key unlocks the encrypted confidential information to obtain the confidential information, and uses the signature key to sign the confidential information as the signed confidential information.

步驟S25:經由簽章保密器將經簽章之機密資料透過簽章通訊閘回傳至客戶端。 Step S25: The signed confidential information is transmitted back to the client through the signature gateway via the signature security device.

綜合上述,本發明於簽章金鑰安全傳輸部份,其讓客戶端可以要求將簽章金鑰從後端的資料庫安全傳送到簽章保密器中。當中透過兩台保密器(HSM)來存放保護簽章金鑰的主要金鑰及對稱金鑰,而兩台HSM分別為簽章保密器和金鑰管理互通協定保密器。其中簽章保密器為簽章通 訊閘所控管;金鑰管理互通協定保密器為金鑰管理互通協定伺服器所控管,而簽章金鑰只有在HSM中才得以還原,其它傳輸過程及儲存分別是以對稱金鑰和主要金鑰加密過,因此傳輸過程中,簽章通訊閘、金鑰管理互通協定伺服器雖然主導著金鑰傳遞的動作,但均無法從中解開簽章金鑰。而資料庫當中的簽章金鑰也是以主要金鑰加密後的密文型態存放,如此可提高伺服器及資料庫中簽章金鑰的安全性。另外,透過金鑰管理互通協定主導金鑰的運作,可統一管控各種協定的加密設備,因此簡化了加密的程序,且不影響金鑰的安全性。而在本發明之機密資料加密傳送部份,可讓客戶端可以將機密資料安全的傳送至簽章保密器中進行簽章後回傳。欲簽章的機密資料先使用客戶端的啟動金鑰加密後,再用簽章保密器的公鑰加密,而啟動金鑰可透過簽章保密器傳來的對稱金鑰再加密回給簽章保密器來解開機密資料。採用雙層的方式加密再將資料分散傳送,因此機密資料即使透過簽章通訊閘傳遞,簽章通訊閘也無法得知機密資料的內容。同時,資料進入保密器後,保密器也可確保資料運作時的安全性。 In summary, the present invention is in the secure transmission portion of the signature key, which allows the client to request that the signature key be securely transferred from the backend repository to the signature security. The two keys (HSMs) are used to store the primary key and the symmetric key of the protection signature key, and the two HSMs are the signature security device and the key management interworking agreement security device. The signature security device is signed Controlled by the gatekeeper; the Key Management Interoperability Agreement is controlled by the Key Management Interworking Agreement Server, and the signature key is restored only in the HSM. The other transmission processes and storage are respectively symmetric keys and The main key is encrypted. Therefore, during the transmission process, the signature gateway and the key management interworking protocol server dominate the key transfer action, but they cannot unlock the signature key. The signature key in the database is also stored in the ciphertext type encrypted by the main key, which improves the security of the signature key in the server and the database. In addition, through the operation of the key management interworking agreement master key, the encryption devices of various protocols can be uniformly controlled, thus simplifying the encryption process without affecting the security of the key. In the encrypted transmission part of the confidential data of the present invention, the client can safely transmit the confidential information to the signature security device for signature and postback. The confidential information to be signed is encrypted by the client's activation key, and then encrypted with the public key of the signature security. The activation key can be encrypted back to the signature by the symmetric key transmitted by the signature security. To unlock the secret data. Double-layer encryption is used to distribute the data. Therefore, even if the confidential information is transmitted through the signature gateway, the signature communication gate cannot know the contents of the confidential information. At the same time, after the data enters the security device, the security device also ensures the security of the data operation.

以上所述僅為舉例性,而非為限制性者。任何未脫離本發明之精神與範疇,而對其進行之等效修改或變更,均應包含於後附之申請專利範圍中。 The above is intended to be illustrative only and not limiting. Any equivalent modifications or alterations to the spirit and scope of the invention are intended to be included in the scope of the appended claims.

1‧‧‧簽章通訊閘 1‧‧‧Signature communication gate

2‧‧‧簽章保密器 2‧‧‧Signature Security

3‧‧‧金鑰管理互通協定伺服器 3‧‧‧Key Management Interworking Agreement Server

4‧‧‧金鑰管理互通協定資料庫 4‧‧‧Key Management Interoperability Agreement Database

5‧‧‧金鑰管理互通協定保密器 5‧‧‧Key Management Interoperability Agreement Security

6‧‧‧動態密碼伺服器 6‧‧‧Dynamic password server

100‧‧‧客戶端 100‧‧‧Client

Claims (12)

一種簽章金鑰安全傳輸方法,其包含下列步驟:經由一客戶端向一簽章通訊閘提出一簽章金鑰之需求;經由該簽章通訊閘向一金鑰管理互通協定伺服器要求一把對應之簽章金鑰來進行簽章,使該金鑰管理互通協定伺服器自一金鑰管理互通協定資料庫中取得一經加密之簽章金鑰;經由該金鑰管理互通協定伺服器將該經加密之簽章金鑰傳至一金鑰管理互通協定保密器;經由該金鑰管理互通協定保密器將該經加密之簽章金鑰解密後再進行加密成為一經再次加密之簽章金鑰,並將該經再次加密之簽章金鑰透過該金鑰管理互通協定伺服器傳至該簽章通訊閘;以及經由該簽章通訊閘傳送該經再次加密之簽章金鑰至一簽章保密器,以透過該簽章保密器將該經再次加密之簽章金鑰解密,再經由該簽章通訊閘回傳需求確認訊息至該客戶端。 A signature key secure transmission method includes the following steps: a request for a signature key to a signature gate via a client; and a request for a key management interworking protocol server via the signature gateway Signing the corresponding signature key to enable the key management interworking protocol server to obtain an encrypted signature key from a key management interworking agreement database; the interworking protocol server will be managed via the key The encrypted signature key is transmitted to a key management interworking agreement security device; the encrypted signature key is decrypted by the key management interworking secret security device and then encrypted to become a re-encrypted signature gold Key, and transmitting the re-encrypted signature key to the signature gateway through the key management interworking protocol server; and transmitting the re-encrypted signature key to a sign via the signature gateway The security device decrypts the re-encrypted signature key through the signature security device, and then sends a request confirmation message to the client via the signature gateway. 如申請專利範圍第1項之簽章金鑰安全傳輸方法,其更包含下列步驟:該簽章通訊閘透過一動態密碼伺服器進行身份驗證。 For example, the method for securely transmitting a signature key according to claim 1 of the patent scope further includes the following steps: the signature gateway is authenticated by a dynamic password server. 如申請專利範圍第1項之簽章金鑰安全傳輸方法,其中該金鑰管理互通協定保密器事先係以一主要金鑰對該簽章金鑰進行加密成為該經加密之簽章金鑰後,再透過該金鑰管理互通協定伺服器存放至該金鑰管理互通協定資料庫,而該金鑰管理互通協定伺服器向該金鑰管理互通協定資料庫取得該經加密之簽章金鑰後,係由該金鑰管理互通協定保密器以該主要金鑰將該經加密之簽章金鑰進行解密。 The method for securely transmitting a signature key according to claim 1, wherein the key management interworking agreement security device encrypts the signature key with a primary key to become the encrypted signature key. And storing, by the key management interworking protocol server, the key management mutual agreement database, and the key management interworking agreement server obtains the encrypted signature key from the key management interworking agreement database And decrypting the encrypted signature key with the primary key by the key management interworking agreement security. 如申請專利範圍第3項之簽章金鑰安全傳輸方法,其中該金鑰管理互通協定保密器以該主要金鑰將該經加密之簽章金鑰解密後,係以一對稱金鑰再次對該簽章金鑰進行加密成為該經再次加密之簽章金鑰。 For example, the method for securely transmitting a signature key according to item 3 of the patent application scope, wherein the key management interworking agreement security device decrypts the encrypted signature key with the primary key, and then uses a symmetric key to The signature key is encrypted to become the re-encrypted signature key. 如申請專利範圍第4項之簽章金鑰安全傳輸方法,其中該簽章保密器係以該對稱金鑰將該經再次加密之簽章金鑰解密。 For example, the signature key secure transmission method of claim 4, wherein the signature security decrypts the re-encrypted signature key with the symmetric key. 一種機密資料加密傳送方法,其包含下列步驟:當如申請專利範圍第1項之簽章金鑰安全傳輸方法中所述之該客戶端接收到該需求確認訊息後,經由該客戶端依據一啟動金鑰將一機密資料進行 加密為一次加密機密資料,並將該一次加密機密資料附加一自身公鑰後用該簽章保密器所提供之公鑰加密為一再加密之機密資料,再將該再加密之機密資料傳至該簽章通訊閘;經由該簽章通訊閘傳送該再加密之機密資料至該簽章保密器,以透過該簽章保密器依據一自身私鑰解開該再加密之機密資料所附之所有公鑰,並保留該一次加密機密資料,該簽章保密器再將一對稱金鑰附加至該一次加密經機密資料,並以該客戶端所提供之公鑰對該一次加密機密資料進行二次加密為一二次加密之機密資料;經由該簽章保密器將該二次加密之機密資料透過該簽章通訊閘回傳至該客戶端,以使該客戶端以一自身私鑰解開該二次加密之機密資料後取得所附之該對稱金鑰,再以該啟動金鑰解開該機密資料,進而以該機密資料之內容確認該簽章保密器之身份;經由該客戶端將附有對稱金鑰之該啟動金鑰,透過該簽章通訊閘傳至該簽章保密器,以透過該簽章保密器依據該對稱金鑰解開取得該啟動金鑰,再以該啟動金鑰解開該一次加密機密資料,以取得該機密資料,並以該簽章金鑰對該機密資料做簽章為一經簽章之機密資料;以及經由該簽章保密器將該經簽章之機密資料透過該簽章通訊閘回傳至該客戶端。 A confidential data encryption transmission method, comprising the following steps: when the client receives the requirement confirmation message as described in the signature key secure transmission method of claim 1 of the patent application, the client initiates the activation according to the client The key will be a confidential data Encrypting is to encrypt the confidential information once, and attaching the encrypted secret data to its own public key and encrypting it with the public key provided by the signature security device into the encrypted data, and then transmitting the re-encrypted confidential information to the Signing a communication gate; transmitting the re-encrypted confidential information to the signature security device via the signature gateway to decrypt all the public information attached to the re-encrypted confidential information by the signature security device according to a private key Key, and retaining the encrypted confidential information once, the signature security device then attaches a symmetric key to the one-time encrypted confidential data, and performs secondary encryption on the encrypted encrypted secret data with the public key provided by the client. a confidential information that is encrypted twice; the secret encrypted data is transmitted back to the client through the signature gateway via the signature security device, so that the client unlocks the second private key After encrypting the confidential information, obtaining the attached symmetric key, and then unlocking the confidential information by using the activation key, and confirming the identity of the signature security device by the content of the confidential information; Transmitting the activation key with the symmetric key to the signature security device through the signature gateway to obtain the activation key according to the signature key, and then starting the activation key The key unlocks the encrypted confidential information to obtain the confidential information, and uses the signature key to sign the confidential information as a signed confidential information; and the signature is signed by the signature security device. The confidential information is transmitted back to the client through the signature gateway. 一種資訊傳輸防護系統,包含:一金鑰管理互通協定保密器,係對一簽章金鑰進行加密為一經加密之簽章金鑰或將該經加密之簽章金鑰解密為該簽章金鑰,並對該簽章金鑰加密為一經再次加密之簽章金鑰;一金鑰管理互通協定資料庫,用以儲存該經加密之簽章金鑰;一簽章保密器,用以對該經再次加密之簽章金鑰進行解密;一金鑰管理互通協定伺服器,連接該金鑰管理互通協定資料庫及該金鑰管理互通協定保密器;以及一簽章通訊閘,係連接該簽章保密器及該金鑰管理互通協定伺服器,當該簽章通訊閘接收一客戶端所提出簽章金鑰之需求,以向該金鑰管理互通協定伺服器要求一把對應之簽章金鑰來進行簽章時,該金鑰管理互通協定伺服器係自該金鑰管理互通協定資料庫中取得該經加密之簽章金鑰,並將 取得之該加密之簽章金鑰傳至該金鑰管理互通協定保密器,再由該金鑰管理互通協定保密器將該加密之簽章金鑰解密後再進行加密為一經再次加密之簽章金鑰,並將該經再次加密之簽章金鑰透過該金鑰管理互通協定伺服器回傳至該簽章通訊閘,再由該簽章通訊閘傳送該經再次加密之簽章金鑰至該簽章保密器,以透過該簽章保密器將該經再次加密之簽章金鑰解密,再經由該簽章通訊閘回傳一需求確認訊息至該客戶端。 An information transmission protection system comprising: a key management mutual agreement security device, encrypting a signature key into an encrypted signature key or decrypting the encrypted signature key into the signature gold Key, and encrypting the signature key into a re-encrypted signature key; a key management interworking agreement database for storing the encrypted signature key; a signature security device for Decrypting the re-encrypted signature key; a key management interworking protocol server connecting the key management interworking agreement database and the key management interworking agreement security device; and a signature communication gate connecting the The signature security device and the key management interworking protocol server, when the signature communication gate receives a request for a signature key issued by the client, to request a corresponding signature to the key management interworking protocol server When the key is signed, the key management interworking protocol server obtains the encrypted signature key from the key management interworking agreement database, and The encrypted signature key obtained is transmitted to the key management interworking agreement security device, and then the encrypted transaction signature key is decrypted by the key management mutual agreement security device and then encrypted to be a re-encrypted signature. Key, and the re-encrypted signature key is transmitted back to the signature gateway through the key management interworking protocol server, and then the re-encrypted signature key is transmitted by the signature gateway to The signature security device decrypts the re-encrypted signature key through the signature security device, and transmits a demand confirmation message to the client via the signature communication gateway. 如申請專利範圍第7項所述之資訊傳輸防護系統,其中當該客戶端接收到該需求確認訊息後,該客戶端將依據一啟動金鑰將一機密資料進行加密為一次加密機密資料,並附加一自身公鑰後用該簽章保密器所提供之公鑰加密為一再加密之機密資料,再將該再加密之機密資料透過該簽章通訊閘傳送至該簽章保密器,以透過該簽章保密器依據一自身私鑰解開該再加密之機密資料所附之所有公鑰,並保留該一次加密機密資料,該簽章保密器再將一對稱金鑰附加至該一次加密機密資料,並以該客戶端所提供之公鑰對該一次加密機密資料進行二次加密為一二次加密之機密資料,再透過該簽章通訊閘將該二次加密之機密資料回傳至該客戶端,以使該客戶端以一自身私鑰解開該二次加密之機密資料後取得所附之該對稱金鑰,再以該啟動金鑰解開該一次加密機密資料,以取得該機密資料,進而以該機密資料之內容確認該簽章保密器之身份,再透過該簽章通訊閘將以該對稱金鑰加密該啟動金鑰並傳至該簽章保密器,以透過該簽章保密器依據該對稱金鑰解開取得該啟動金鑰,再以該啟動金鑰解開該一次加密機密資料,並以該簽章金鑰對該機密資料做簽章,再透過該簽章通訊閘將該經簽章之該機密資料回傳至該客戶端。 The information transmission protection system of claim 7, wherein when the client receives the requirement confirmation message, the client encrypts a confidential data into an encrypted confidential information according to a startup key, and After attaching a self-public key, the public key provided by the signature security device is used to encrypt the encrypted data, and the re-encrypted confidential information is transmitted to the signature security device through the signature gateway to transmit the public key. The signature security device unlocks all the public keys attached to the re-encrypted confidential information according to a private key, and retains the encrypted confidential information, and the signature security device then attaches a symmetric key to the one-time encrypted confidential information. And encrypting the once encrypted secret data into a second encrypted secret data by using the public key provided by the client, and transmitting the second encrypted confidential information to the client through the signature gateway End, so that the client unlocks the secondary encrypted secret data with a self-private key, obtains the attached symmetric key, and then unlocks the encrypted confidential information by using the activation key. Obtaining the confidential information, and confirming the identity of the signature security device with the content of the confidential information, and then encrypting the activation key with the symmetric key through the signature communication gate and transmitting the activation key to the signature security device, The activation key is obtained by the signature security device according to the symmetry key, and the encrypted secret information is unlocked by the activation key, and the confidential information is signed and signed by the signature key. The signature communication gate returns the signed confidential information to the client. 如申請專利範圍第7項之資訊傳輸防護系統,其更包含一動態密碼伺服器,係連接該簽章通訊閘,使該簽章通訊閘得以透過該動態密碼伺服器進行身份驗證。 For example, the information transmission protection system of claim 7 further includes a dynamic password server, which is connected to the signature communication gate, so that the signature communication gate can be authenticated through the dynamic password server. 如申請專利範圍第7項之資訊傳輸防護系統,其中該金鑰管理互通協定保密器事先係以一主要金鑰對該簽章金鑰進行加密成為該經加密之簽章金鑰後,再透過該金鑰管理互通協定伺服器存放至該金鑰管理互通協定資料庫,而該金鑰管理互通協定伺服器向該金鑰管理互通協定資料庫取得該經加密之簽章金鑰後,係由該金鑰管理互通協定保密器以該主要金鑰將該經 加密之簽章金鑰進行解密。 For example, in the information transmission protection system of claim 7, wherein the key management interworking agreement security device encrypts the signature key with a primary key to become the encrypted signature key, and then transmits The key management interworking agreement server is stored in the key management interworking agreement database, and the key management interworking agreement server obtains the encrypted signature key from the key management interworking agreement database, The key management interworking agreement security device uses the primary key to The encrypted signature key is decrypted. 如申請專利範圍第10項之資訊傳輸防護系統,其中該金鑰管理互通協定保密器以該主要金鑰將該經加密之簽章金鑰解密後,係以一對稱金鑰再次對該簽章金鑰進行加密成為該經再次加密之簽章金鑰。 For example, in the information transmission protection system of claim 10, wherein the key management mutual agreement security device decrypts the encrypted signature key with the primary key, and then signs the signature again with a symmetric key. The key is encrypted to become the re-encrypted signature key. 如申請專利範圍第11項之資訊傳輸防護系統,其中該簽章保密器係以該對稱金鑰將該經再次加密之簽章金鑰解密。 The information transmission protection system of claim 11, wherein the signature security decrypts the re-encrypted signature key with the symmetric key.
TW102141988A 2013-11-19 2013-11-19 Information transmission protection system and its signature key security transmission method and confidential data encryption transmission method TWI549468B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW102141988A TWI549468B (en) 2013-11-19 2013-11-19 Information transmission protection system and its signature key security transmission method and confidential data encryption transmission method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW102141988A TWI549468B (en) 2013-11-19 2013-11-19 Information transmission protection system and its signature key security transmission method and confidential data encryption transmission method

Publications (2)

Publication Number Publication Date
TW201521410A TW201521410A (en) 2015-06-01
TWI549468B true TWI549468B (en) 2016-09-11

Family

ID=53935177

Family Applications (1)

Application Number Title Priority Date Filing Date
TW102141988A TWI549468B (en) 2013-11-19 2013-11-19 Information transmission protection system and its signature key security transmission method and confidential data encryption transmission method

Country Status (1)

Country Link
TW (1) TWI549468B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI649997B (en) * 2017-12-20 2019-02-01 中華電信股份有限公司 Internet of things system and information security communication method thereof
CN112448806A (en) * 2020-09-29 2021-03-05 尚承科技股份有限公司 Electronic information safety transmission system and method

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101162513A (en) * 2006-10-11 2008-04-16 中国民生银行股份有限公司 Electric signing and sealing system and method for signing electric signing and sealing
US20120173885A1 (en) * 2010-12-30 2012-07-05 Microsoft Corporation Key management using trusted platform modules

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101162513A (en) * 2006-10-11 2008-04-16 中国民生银行股份有限公司 Electric signing and sealing system and method for signing electric signing and sealing
US20120173885A1 (en) * 2010-12-30 2012-07-05 Microsoft Corporation Key management using trusted platform modules

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
Marko Vukolic, "KMIP Server-to-server:recapitulation," IBM, Sep. 29, 2010. *

Also Published As

Publication number Publication date
TW201521410A (en) 2015-06-01

Similar Documents

Publication Publication Date Title
US20220078029A1 (en) System Access Using a Mobile Device
TW201701226A (en) System, method, and apparatus for electronic prescription
TW201815123A (en) Method and system for quantum key distribution based on trusted computing
TWI642288B (en) Instant communication method and system
US11134069B2 (en) Method for authorizing access and apparatus using the method
WO2018095322A1 (en) Method for issuing quantum key chip, application method, issuing platform and system
CN106713279B (en) video terminal identity authentication system
CN113553574A (en) Internet of things trusted data management method based on block chain technology
US11044082B2 (en) Authenticating secure channel establishment messages based on shared-secret
WO2009000175A1 (en) A certification method, client end, server and system
US8856510B2 (en) Method for joining user domain and method for exchanging information in user domain
WO2019200530A1 (en) Remote distribution method and system for terminal master key
CN101605137A (en) Safe distribution file system
KR102098370B1 (en) Car sharing service providing system based on social network service and method thereof
WO2014187210A1 (en) Method and system for backing up private key of electronic signature token
CN104735070A (en) Universal data sharing method for heterogeneous encryption clouds
TWI501614B (en) Symmetric Dynamic Authentication and Key Exchange System and Its
WO2014183671A1 (en) Safety control method for cloud storage
CN104767766A (en) Web Service interface verification method, Web Service server and client side
WO2014146609A1 (en) Information processing method, trust server and cloud server
JP2019507971A5 (en)
CN104125239A (en) Network authentication method and system based on data link encryption transmission
JP2009303188A5 (en)
US20240113885A1 (en) Hub-based token generation and endpoint selection for secure channel establishment
TWI549468B (en) Information transmission protection system and its signature key security transmission method and confidential data encryption transmission method

Legal Events

Date Code Title Description
MM4A Annulment or lapse of patent due to non-payment of fees