Summary of the invention
The object of the present invention is to provide a kind of electronic ticket service system and its implementation.Simplify the safety and precise transmission of bill data and the flow process of using, and realize many service evidences of an electronic ticket smart card support.
Technical scheme of the present invention is as follows:
A kind of implementation method of electronic ticket wherein, comprises the following step of drawing a bill:
A, ticket server generate the electronic ticket ticket information, and described electronic ticket ticket information is sent to the electronic ticket certificate server;
B, described electronic ticket certificate server carry out the asymmetric cryptography computing with first key to described electronic ticket ticket information and obtain the electronic ticket identifying code, and electronic ticket ticket information, electronic ticket identifying code are encrypted to first ciphertext, and first ciphertext is sent to the terminal of drawing a bill with second key;
C, the terminal of drawing a bill are forwarded to the electronic ticket smart card with described first ciphertext;
D, electronic ticket smart card receive and decipher described first ciphertext and obtain electronic ticket ticket information, electronic ticket identifying code and preservation.
Described implementation method, wherein, first key of described electronic ticket certificate server is one of the sign private key in the sign cryptographic algorithm, the private key in the public key algorithm, and described electronic ticket identifying code is that first key carries out the result that the asymmetric cryptography computing obtains to described all data of electronic ticket ticket information;
The algorithm of the asymmetric cryptography computing that described ticket server carries out is the private key signature algorithm in corresponding identification cryptographic private key signature algorithm or the public key algorithm.
Described implementation method, wherein, it further comprises the following ticket step of reading:
E, ticket checking terminal send the ticket checking order to the electronic ticket smart card, electronic ticket smart card inquiry electronic ticket ticket information, and feedback query result.
Described implementation method, wherein, it further comprises following ticket checking step:
F1, described ticket checking terminal send the ticket checking order data to the electronic ticket smart card;
F2, described electronic ticket smart card check according to the ticket checking order whether it has corresponding electronic ticket;
F3, when described electronic ticket smart card checks that according to the ticket checking order it has corresponding electronic ticket, then this electronic ticket information encryption is become second ciphertext with the 4th key; And return second ciphertext to ticket checking terminal;
F4, described ticket checking terminal receive second ciphertext that the electronic ticket smart card returns, and with the 5th secret key decryption second ciphertext;
Whether F5, ticket checking terminal be correct with the 6th key authentication electronic ticket identifying code, with next step service measures of determining to take.
Described implementation method, wherein, it also comprises following electronic ticket service recorder step:
G1, described ticket checking terminal organize unique code and the electronic ticket in the electronic ticket ticket information to use information, and with the 5th key it are encrypted formation the 3rd ciphertext;
G2, described ticket checking terminal send to the electronic ticket smart card and write electronic ticket use message command data, and this order data is described the 3rd ciphertext;
G3, electronic ticket smart card receive the described ticket of writing and use message command, and with the 4th key described the 3rd ciphertext are decrypted, and write this electronic ticket and use information in having the electronic ticket of this unique code, return simultaneously and write object information accordingly.
Described implementation method, wherein, it also comprises following electronic ticket deletion step:
H1, described ticket checking terminal are organized electronic ticket unique code data, and with the 5th key it are encrypted, and form the 3rd ciphertext;
H2, ticket checking terminal send deletion electronic ticket order data to the electronic ticket smart card, and this order data is described the 3rd ciphertext;
H3, electronic ticket smart card are decrypted described the 3rd ciphertext with the 3rd key after receiving described deletion electronic ticket order data, and the sequence number that will have an electronic ticket of this unique code is recorded as " 0 ", are invalidated ticket to show this electronic ticket.
A kind of service system of electronic ticket, wherein, this system comprises: ticket server, electronic ticket certificate server, the terminal of drawing a bill, electronic ticket smart card and ticket checking terminal; Described ticket server communication link electronic ticket certificate server, described electronic ticket certificate server connects the terminal of drawing a bill by secure communication means, and described terminal and the described ticket checking terminal of drawing a bill is mutual with encrypted test mode and electronic ticket smart card;
Described ticket server is used to generate the electronic ticket ticket information, and is sent in certificate server;
Described electronic ticket certificate server is used to receive described electronic ticket ticket information, and with first key described electronic ticket ticket information is carried out the asymmetric cryptography computing and obtain the electronic ticket identifying code; And be used for described electronic ticket ticket information is become first ciphertext and sends to the terminal of drawing a bill with second secret key encryption with described electronic ticket identifying code;
The described terminal of drawing a bill is used for described first ciphertext is transmitted in the electronic ticket smart card;
Described electronic ticket smart card, be used to receive described first ciphertext, and decipher described first ciphertext and obtain electronic ticket ticket information and electronic ticket identifying code and storage safely, and this electronic ticket used the storage space initialization of information, the ticket that sends for use in the described ticket checking terminal of record uses the new value of information; And
Be used for when receiving that ticket checking terminal reads the electronic ticket message command of appointment, give ticket checking terminal with encrypted test mode loopback electronic ticket information;
Described ticket checking terminal is used for reading electronic ticket information in the electronic ticket smart card with encrypted test mode, and verifies described electronic ticket identifying code, and
Be used for the electronic ticket use information in the electronic ticket smart card is rewritten, formed the 3rd ciphertext of the new value of rewriting is sent to the electronic ticket smart card.The 3rd ciphertext that becomes is sent to the electronic ticket smart card.
Described system, wherein, described electronic ticket certificate server is provided with second key, is used for electronic ticket ticket information and electronic ticket identifying code are encrypted as first ciphertext;
Described system wherein, is provided with the 3rd key in the described electronic ticket smart card, is used for: decipher first ciphertext and be reduced into electronic ticket ticket information, electronic ticket identifying code; Decipher the 3rd ciphertext and be reduced into electronic ticket use information; And
Be provided with the 4th key in the described electronic ticket smart card, being used for encrypted electronic ticket ticket information, electronic ticket identifying code and electronic ticket use information is second ciphertext;
Described system, wherein, described ticket checking terminal is provided with the 5th key, is used to decipher second ciphertext of receiving from described electronic ticket smart card and is reduced into electronic ticket ticket information, electronic ticket identifying code and electronic ticket use information, also is used for using information encryption to become the 3rd ciphertext new electronic ticket; And
Described ticket checking terminal is provided with the 6th key, is used to verify the electronic ticket identifying code.
A kind of electronic ticket service system provided by the present invention and its implementation, its method adopts ticket server to generate the electronic ticket ticket information, generate identifying code by the electronic ticket certificate server, it is sent out safely in the terminal of drawing a bill, the terminal of drawing a bill is transmitted in the electronic ticket smart card with encrypted test mode, the mode that the electronic ticket smart card is preserved has realized electronization, verifiability, accurately transmission, safe storage, the anti-replicability of bill, the use information recorded electronicization of bill.
Embodiment
A kind of electronic ticket service system provided by the invention and its implementation mainly are based on electronic ticket service system and its implementation of asymmetric cryptographic algorithm, and described asymmetric cryptographic algorithm comprises RSA (PKI) cryptographic algorithm and sign cryptographic algorithm; For making purpose of the present invention, technical scheme and advantage clearer, clear and definite, below develop simultaneously with reference to accompanying drawing that the present invention is described in more detail for embodiment.
A kind of electronic ticket service implementation method based on asymmetric cryptographic algorithm provided by the invention as shown in Figure 1, comprises ticket server 100, electronic ticket certificate server 200, the terminal of drawing a bill 300, electronic ticket smart card 400 and ticket checking terminal 500.Described implementation method as shown in Figure 2, comprises the step 610 of drawing a bill, and reads ticket step 620, ticket checking step 630, and wherein, the described step of drawing a bill comprises, as shown in Figure 3:
Step 611, ticket server 100 generate electronic ticket ticket information TF_A;
Step 612, ticket server 100 are sent to electronic ticket certificate server 200 with described electronic ticket ticket information TF_A;
Step 613, described electronic ticket certificate server 200 usefulness first key carry out the asymmetric cryptography computing to described electronic ticket ticket information TF_A and obtain electronic ticket identifying code TF_V, and electronic ticket ticket information TF_A, electronic ticket identifying code TF_V are encrypted to first ciphertext, and are transmitted to the terminal of drawing a bill by secured fashion with second key; Wherein, described first key is one of the sign private key in the sign cryptographic algorithm, the private key in the public key algorithm.
Step 614, the terminal of drawing a bill are transmitted described first ciphertext in the electronic ticket smart card;
Step 614, electronic ticket smart card receive back described first ciphertext of deciphering and obtain electronic ticket ticket information, electronic ticket identifying code and preservation.
Below by concrete enforcement the present invention is explained in detail:
Enforcement one of the present invention provides a kind of electronics fire electronic ticket smart card service system that adopts the rsa cryptosystem algorithm, as shown in Figure 1, comprise ticket server 100, electronic ticket certificate server 200, the terminal of drawing a bill 300, electronic ticket smart card 400 (this implements also chauffeur ticket smart card of electronic ticket smart card), ticket checking terminal 500; Wherein, described ticket server 100 and electronic ticket certificate server 200 communication link, 400 communications are connected the terminal of drawing a bill 300 with the electronic ticket smart card with electronic ticket certificate server 200 respectively; These electronic ticket smart card 400 communications are connected in described ticket checking terminal 500.
Wherein, the step 610 of at first drawing a bill, described ticket server 100 generates electronic ticket ticket information TF_A, and described electronic ticket ticket information TF_A comprises following field name as shown in Table 1:
Table one electronic ticket form TF_A
Sequence number |
Field name |
Length |
Byte |
??1 |
Ticket code TID |
??4 |
??1-4 |
??2 |
Train number |
??5 |
??5-9 |
Sequence number |
Field name |
Length |
Byte |
??3 |
Date |
??3 |
??10-12 |
??4 |
The originating station code |
??2 |
??13-14 |
??5 |
The terminus code |
??2 |
??15-16 |
??6 |
The driving time |
??2 |
??17-18 |
??7 |
Vehicle |
??1 |
??19 |
??8 |
Coach number |
??1 |
??20 |
??9 |
Seat/shop item |
??1 |
??21 |
??10 |
Admission fee |
??2 |
??22-23 |
??11 |
Type of offer |
??1 |
??24 |
Described ticket server 100 also is sent to electronic ticket certificate server 200 with described electronic ticket ticket information TF_A;
Described electronic ticket certificate server 200 is provided with first key and second key, and first key of this embodiment is an electronic ticket certificate server RSA private key; Second key is an electronic ticket smart card RSA PKI.
Described electronic ticket certificate server 200 usefulness first key carries out the asymmetric cryptography computing to all field datas of described electronic ticket ticket information TF_A and obtains electronic ticket identifying code TF_V; The described asymmetric cryptography computing of this embodiment is the computing of RSA private key signature.
Electronic ticket certificate server 200 usefulness second key is encrypted as first ciphertext with described electronic ticket ticket information TF_A and described electronic ticket identifying code TF_V; This cryptographic algorithm is the public key encryption algorithm of rsa cryptosystem algorithm.
Electronic ticket certificate server 200 also is sent in the terminal 300 of drawing a bill with first ciphertext in the secure data communication mode.
The described terminal 300 of drawing a bill can be transmitted the electronic ticket load command to the electronic ticket smart card by the several data transmission channel after receiving first ciphertext, and this order data is first ciphertext; Wherein, described several data transmission channel can realize for waiting by note, GPRS, 3G network, internet.Described electronic ticket load command form is shown in following table two:
Table two electronic ticket load command form
Code |
Value |
??CLA |
??‘80’ |
??INS |
??‘D8’ |
??P1 |
??‘00’ |
Code |
Value |
??P2 |
??‘00’ |
??Lc |
The first ciphertext length |
??Data |
First ciphertext |
Described electronic ticket smart card 400 is provided with the 3rd key and the 4th key, and described the 3rd key of this embodiment is an electronic ticket smart card RSA private key, and described the 4th key is a ticket checking terminal RSA PKI.
After described electronic ticket smart card 400 receives the electronic ticket load command, this first ciphertext is decrypted computing, obtains electronic ticket ticket information TF_A and electronic ticket identifying code TF_V with the 3rd key; Decrypt operation herein is the private key decrypt operation of rsa cryptosystem algorithm.
Whether electronic ticket smart card 400 inspections self inner space is sufficient, if deficiency is then returned " inner space deficiency " information, otherwise add an electronic ticket recorded information to preserve electronic ticket ticket information TF_A and electronic ticket identifying code TF_V, and all field store space initialization that are used for store electrons ticket use information TF_B in will writing down, use information for use in the record ticket, and return " success " information.
Below enter and read ticket step 620: as shown in Figure 4.Step 621, described ticket checking terminal 500 send to electronic ticket smart card 400 (ticket smart card) and read the ticket order data, promptly read the electronic ticket message command of appointment, and this order data can comprise date and/or train number information; The described ticket command format of reading is shown in following table three:
Table third reading ticket command format:
Code |
Value |
??CLA |
??‘80’ |
??INS |
??‘B8’ |
??P1 |
??‘01’ |
??P2 |
' 00 ' next open; ' 01 ' reads ticket by date; ' 02 ' reads ticket by train number; ' 03 ' by date train number read ticket |
??Lc |
Determine according to P2 |
??Data |
Determine according to P2 |
When step 622, described ticket smart card receive ticket checking terminal and read the electronic ticket message command of appointment, give ticket checking terminal with encrypted test mode loopback electronic ticket information, present embodiment promptly is after described ticket smart card receives described order data, check whether this date and later ticket self are arranged, do not return " not finding record " if having, otherwise return the ticket ticket information TF_A that meets the date;
This step is according to actual conditions, when the terminal of drawing a bill need read many electronic ticket, then repeats repeatedly described step 621 and 622 in turn.
Below enter ticket checking step 630: as shown in Figure 5.
Step 631, described ticket checking terminal 500 send the ticket checking order data to the ticket smart card, and this order data comprises TID or date train number information; Described ticket checking command format is shown in following table four:
Table four ticket checking command format:
Code |
Value |
??CLA |
??‘80’ |
??INS |
??‘B8’ |
??P1 |
??‘02’ |
??P2 |
' 01 ' presses TID; ' 02 ' train number ticket checking by date |
??Lc |
Determine according to P2 |
??Data |
Determine according to P2 |
Whether step 632, ticket smart card have the electronic ticket of this date and train number according to ticket checking order inspection self;
Step 633, if do not have and then to return " not finding record " information, illustrate that this passenger is by described electronic ticket smart card realization e-ticketing this moment;
Step 634, when described ticket smart card is checked its electronic ticket that this date and train number are arranged according to the ticket checking order, then use the ticket information of the 4th key to this date and train number: electronic ticket ticket information TF_A, electronic ticket identifying code TF_V, electronic ticket use information TF_B (the ticket information that is present embodiment is electronic ticket information, and it comprises electronic ticket surface information, electronic ticket identifying code, electronic ticket use information) to be encrypted to second ciphertext; And return second ciphertext to ticket checking terminal;
Step 635, described ticket checking terminal 500 receive second ciphertext that ticket smart card 400 returns, and obtain described electronic ticket ticket information TF_A, electronic ticket identifying code TF_V, electronic ticket use information TF_B with the 5th secret key decryption second ciphertext.
And be electronic ticket certificate server RSA PKI according to described electronic ticket ticket information TF_A checking electronic ticket identifying code TF_V with the 6th key, checking uses according to described electronic ticket ticket information TF_A and electronic ticket by the back that data determine the service measures that next step is taked among the information TF_B;
Below enter electronic ticket service recorder step 640, referring to Fig. 6.
The passenger before by bus after get off some the action behavior information in the time all need in ticket, carry out record, to realize safety management; This information comprises: passenger's the number of times that enters the station, temporarily set off number of times, whether set off, punch a ticket, whether printed information such as papery ticket;
Described ticket checking terminal is provided with the 5th key, and the described the 5th is ticket checking terminal RSA private key;
Step 641, described ticket checking terminal 500 organize unique code TID information in electronic ticket (ticket) ticket information and electronic ticket (ticket) to use information TF_B, and are that ticket checking terminal RSA private key is encrypted formation the 3rd ciphertext to it with the 5th key;
Step 642, described ticket checking terminal 500 send to electronic ticket smart card 400 and write electronic ticket use information TF_B order data, and this order data is described the 3rd ciphertext; This is write ticket and uses the message command form shown in following table five:
Table five is write ticket and is used the message command form
Code |
Value |
??CLA |
??‘80’ |
??INS |
??‘D8’ |
??P1 |
??‘03’ |
??P2 |
' 01 '=punching of a ticket; ' 02 '=printing papery ticket; ' 03 '=departures |
??Lc |
Determine according to P2 |
??Data |
The 3rd ciphertext |
Step 643, electronic ticket smart card 400 receive described write ticket and use message command after, with the 4th key is that ticket checking terminal RSA PKI is decrypted described the 3rd ciphertext, and in having the electronic ticket of this unique code, write ticket (electronic ticket) the use information of this date train number, return " success " information simultaneously, otherwise return " makeing mistakes " information;
After electronic ticket is used, need a deletion processing procedure; Wherein, step 650, delete the ticket step, as shown in Figure 7.
Step 651, described ticket checking terminal 500 are organized electronic ticket (ticket) unique code TID data, with the 5th key it are encrypted, and form the 3rd ciphertext;
Step 652, ticket checking terminal 500 send deletion electronic ticket order data to electronic ticket smart card 400, and this order data is described the 3rd ciphertext; Wherein, described deletion electronic ticket command format as shown in Table 6;
Table six
Code |
Value |
??CLA |
??‘80’ |
??INS |
??‘D8’ |
??P1 |
??‘04’ |
??P2 |
??‘00’ |
??Lc |
The length of the 3rd ciphertext |
Code |
Value |
??Data |
The 3rd ciphertext |
After step 653, electronic ticket smart card 400 are received described deletion electronic ticket (electronic ticket) order data, with the 3rd key is that electronic ticket smart card RSA PKI is decrypted described the 3rd ciphertext, and the sequence number that will have the electronic ticket of this unique code is recorded as " 0 ", is invalidated ticket to show this ticket (electronic ticket).
In actual use, usually occur that the passenger is interim busyly need to be got off in advance, delay and get off or interim special train, at this moment, just need change the label ticket.
500 pairs of ticket segmentations of ticket checking terminal ticket checking turnover station is confirmed, and this confirmation is sent in electronic ticket smart card 400, electronic ticket smart card 400 should date train number ticket according to this information deletion, and the terminal of drawing a bill then regenerates a new ticket, is issued to the electronic ticket smart card.
Wherein, in the enforcement that the invention described above provides, have two public key algorithm keys to a pair of symmetry algorithm key:
The certificate server key is right: first key is the certificate server private key, and the 6th key is the certificate server PKI; The electronic ticket identifying code that generates with first key can only have been realized the verifiability of electronic ticket with the 6th key authentication.
The electronic ticket secrete key of smart card is right: second key is an electronic ticket smart card PKI, and the 3rd key is an electronic ticket smart card private key; With first ciphertext that the public key encryption of a certain electronic ticket smart card obtains, have only this smart card just can untie, guarantee the anti-replicability of electronic ticket and can only download to the electronic ticket smart card of appointment.
Ticket checking symmetry sub-key: the 4th key, the 5th key are ticket checking symmetry sub-key; Number encryption generates to smart card electronic ticket application sequence by ticketing service side's ticket checking master key; Symmetric key algorithm speed is very fast, ticket checking, writes ticket and uses information (punching of a ticket) time to lack, and has improved traffic efficiency.
Therefore, adopt the present invention can realize the checking of user identity, can realize the transmission of ticket user data security again, the danger that has stoped the ticket user data to be plagiarized and/or distort in transmission course has effectively prevented the behavior of scalp train ticket effectively.
The electronics fire electronic ticket smart card service system that enforcement two of the present invention provides a kind of employing to identify cryptographic algorithm, similar with embodiment one, as shown in Figure 1, comprise ticket server 100, electronic ticket certificate server 200, the terminal of drawing a bill 300, electronic ticket smart card 400, ticket checking terminal 500; Wherein, described ticket server 100 and electronic ticket certificate server 200 communication link, 400 communications are connected the terminal of drawing a bill 300 with the electronic ticket smart card with electronic ticket certificate server 200 respectively; These electronic ticket smart card 400 communications are connected in described ticket checking terminal 500.
Wherein, described ticket server 100 generates electronic ticket ticket information TF_A, and TF_A sees above-mentioned table one;
Described ticket server 100 sends electronic ticket ticket information TF_A to electronic ticket certificate server 200;
Described electronic ticket certificate server 200 usefulness first key carries out the asymmetric cryptography computing to all field datas of electronic ticket ticket information TF_A and obtains electronic ticket identifying code TF_V; Described first key of embodiment two is electronic ticket certificate server sign private key; Described asymmetric cryptography computing is the computing of sign private key signature;
Electronic ticket certificate server 200 usefulness second key is encrypted as first ciphertext with described electronic ticket ticket information TF_A and described electronic ticket identifying code TF_V; Second key of this enforcement two is the electronic ticket smartcard identification, and cryptographic algorithm is the mark encryption algorithm of sign cryptographic algorithm;
Electronic ticket certificate server 200 also is sent in the terminal 300 of drawing a bill with first ciphertext in the secure data communication mode.
The described terminal 300 of drawing a bill can be transmitted the electronic ticket load command to the electronic ticket smart card by the several data transmission channel after receiving first ciphertext, and this order data is first ciphertext; Wherein, described several data transmission channel can realize for waiting by note, GPRS, 3G network, internet.Described electronic ticket load command form is shown in above-mentioned table two.
After described electronic ticket smart card 400 receives the electronic ticket load command, be that electronic ticket smartcard identification private key is decrypted computing to this first ciphertext, obtain electronic ticket ticket information TF_A and electronic ticket identifying code TF_V with the 3rd key; The decrypt operation of this embodiment is the private key decrypt operation of sign cryptographic algorithm.
Whether electronic ticket smart card 400 inspections self inner space is sufficient, if deficiency is then returned " inner space deficiency " information, otherwise add an electronic ticket recorded information to preserve electronic ticket ticket information TF_A and electronic ticket identifying code TF_V, and all field store space initialization that are used for store electrons ticket use information TF_B in will writing down, use information for use in the record ticket, and return " success " information;
Below enter and read ticket step 620: as shown in Figure 4.Step 621, described ticket checking terminal 500 send to car mark smart card (electronic ticket smart card) and read the ticket order data, promptly read the electronic ticket message command of appointment, and this order data can comprise date and/or train number information; The described ticket command format of reading is shown in above-mentioned table three;
When step 622, described ticket smart card receive ticket checking terminal and read the electronic ticket message command of appointment, give ticket checking terminal with encrypted test mode loopback electronic ticket information, present embodiment promptly is after described electronic ticket smart card receives described order data, check whether this date and later ticket self are arranged, do not return " not finding record " if having, otherwise return the ticket ticket information TF_A that meets the date;
This step is according to actual conditions, when the terminal of drawing a bill need read many electronic ticket, then repeats repeatedly described step 621 and 622 in turn.
Below enter ticket checking step 630: as shown in Figure 5.
Step 631, described ticket checking terminal 500 send the ticket checking order data to the electronic ticket smart card, and this order data comprises TID or date train number information; Described ticket checking command format is shown in above-mentioned table four.
Whether step 632, described electronic ticket smart card have the electronic ticket of this date and train number according to ticket checking order inspection self;
Step 633, if do not have and then to return " not finding record " information, illustrate that this passenger is by described electronic ticket smart card realization e-ticketing this moment;
Step 634, when described electronic ticket smart card 400 is checked its electronic ticket that this date and train number are arranged according to the ticket checking order, be the ticket information of ticket checking terminal sign to this date and train number with the 4th key then: electronic ticket ticket information TF_A, electronic ticket identifying code TF_V, electronic ticket use information TF_B (the ticket information that is present embodiment is electronic ticket information, and it comprises electronic ticket surface information, electronic ticket identifying code, electronic ticket use information) to be encrypted to second ciphertext; And return second ciphertext to ticket checking terminal;
Step 635, described ticket checking terminal 500 receives second ciphertext that the electronic ticket smart cards return, and is that ticket checking terminal sign private key is deciphered second ciphertext and obtained described electronic ticket ticket information TF_A, electronic ticket identifying code TF_V, electronic ticket use information TF_B with the 5th key.
And with the 6th key be electronic ticket certificate server sign according to TF_A checking electronic ticket identifying code TF_V, checking determines the service measures that next step is taked by the back according to data among TF_A and the TF_B;
Below enter electronic ticket service recorder step 640, referring to Fig. 6.
The passenger before by bus after get off some the action behavior information in the time all need in ticket, carry out record, to realize safety management; This information comprises: passenger's the number of times that enters the station, temporarily set off number of times, whether set off, punch a ticket, whether printed information such as papery ticket;
Step 641, described ticket checking terminal 500 organize unique code TID information in electronic ticket (electronic ticket) ticket information and electronic ticket (ticket) to use information TF_B, and are that ticket checking terminal RSA private key is encrypted formation the 3rd ciphertext to it with the 5th key;
Step 642, described ticket checking terminal 500 send to electronic ticket smart card 400 and write electronic ticket use information TF_B order data, and this order data is described the 3rd ciphertext; This is write ticket and uses the message command form shown in above-mentioned table five;
Step 643, electronic ticket smart card 400 receive described write ticket and use message command after, with the 4th key is that the ticket checking terminal sign is decrypted described the 3rd ciphertext, and in having the electronic ticket of this unique code, write ticket (electronic ticket) the use information of this date train number, return " success " information simultaneously, otherwise return " test and sign mistake " information;
Electronic ticket smart card service system of the present invention makes the electronic ticket smart card load multiple service evidence add new message processing flow in existing smart card techniques, to make things convenient for the convenient consumption of user.
Wherein, in the enforcement that the invention described above provides, have three signs and sign private key right:
The certificate server key is right: first key is a certificate server sign private key, and the 6th key is the certificate server sign; The electronic ticket identifying code that generates with first key can only have been realized the verifiability of electronic ticket with the 6th key authentication.
The electronic ticket secrete key of smart card is right: second key is the electronic ticket smartcard identification, and the 3rd key is an electronic ticket smartcard identification private key; With first ciphertext that the mark encryption of a certain electronic ticket smart card obtains, have only this smart card just can untie, guarantee the anti-replicability of electronic ticket and can only download to the electronic ticket smart card of appointment.
The ticket checking terminal key is right: the 4th key is the ticket checking terminal sign, and the 5th key is a ticket checking terminal sign private key; The 3rd ciphertext that obtains with the 5th secret key encryption the 4th key is again untied, and checks that terminal iidentification just can guarantee to have only the terminal of appointment just can write the use information of electronic ticket.
A kind of electronic ticket service system disclosed by the invention and its implementation, method comprises: ticket server generates the electronic ticket ticket information, the electronic ticket certificate server generates the electronic ticket identifying code, and electronic ticket ticket information, electronic ticket identifying code be encrypted to first ciphertext, and send to the terminal of drawing a bill by secured fashion; The terminal of drawing a bill is forwarded to the electronic ticket smart card with described first ciphertext; The electronic ticket smart card receives back described first ciphertext of deciphering and obtains electronic ticket ticket information, identifying code and preservation, realized that an electronic ticket smart card supports the function of multiple service, promptly realized the checking of user's identity and electronic ticket simultaneously, prevented effectively that again electronic ticket from being plagiarized and/or distorting in transmission course.
Should be understood that the description of above-mentioned specific embodiment is comparatively detailed, can not therefore be interpreted as the restriction to scope of patent protection of the present invention, scope of patent protection of the present invention should be as the criterion with claims.