CN102568097B - Method and system for improving safety of electronic wallets - Google Patents
Method and system for improving safety of electronic wallets Download PDFInfo
- Publication number
- CN102568097B CN102568097B CN201010578562.6A CN201010578562A CN102568097B CN 102568097 B CN102568097 B CN 102568097B CN 201010578562 A CN201010578562 A CN 201010578562A CN 102568097 B CN102568097 B CN 102568097B
- Authority
- CN
- China
- Prior art keywords
- card
- key
- stored value
- value card
- pin code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention aims to provide the technical scheme, which realizes pin codes in electronic wallets by storing consumption keys into the electronic wallets. Accordingly, the pin codes are not required during credit payment but required during non-credit payment, and the same electronic wallet is used. Besides, uniformity of quick consumption and safety consumption in credit shops such as a public transportation system is achieved. The invention further provides a method for protecting card issue functions.
Description
Technical field
The invention belongs to information security field.The present invention relates to a kind of strengthen the method for stored value card safety and be
System.Specifically, it is related to an a kind of stored value card can use on trusting beneficiary and non-trusted beneficiary terminal simultaneously
Method and system.
Background technology
The application of campus card and stored value card is increasingly popularized, and general stored value card uses the mark of ISO14443 less radio-frequency
Standard and agreement.The radio frequency only communication interface between radio-frequency card and card-reading terminal.Application in the stored value card of campus card
In scheme, the problem of core is to carry out being mutually authenticated of card and card-reading terminal, i.e. three certifications of symmetric cryptography using symmetric cryptography.
The purpose of certification is that certification both sides confirm to have identical key, if key is identical or certification is somebody's turn to do it is possible to use by rear
The key that both sides have carries out secret communication.
If do not specialized in the following description, we use term " wallet " expression " stored value card ".I.e. two words
General.Claims are also such.
Being achieved in that, according to the global unique ID number of different cards, card sender of the stored value card of general campus card at present
Structure Choice encryption hash function HX and HZ is as depreciation (consumption) function of the stored value card of card sending mechanism and the increasing of stored value card
Value function.In new CPU card, it is typically chosen DES (or 3DES) as HX and HZ, certainly needs for depreciation (consumption) key
SX and increment key SZ could become DES into cryptographic Hash function HX and HZ.
For example, the card to a new issue for the card sending mechanism, reads the ID of card first, then calculates DESSX(ID) as depreciation
(consumption) key, calculates DESSZ(ID) as increment key.When consumption uses, card reader reads No. ID of card, then uses hair fastener
When identical function calculate DESSX(ID), and with depreciation (consumption) key of storage in card carry out symmetrical password authentication, identical
Show that this card is that card sending mechanism is issued.The payment of stored value card after cipher authentication, can be carried out, then accordingly reduce electronic money
Stored Value in bag.When supplementing with money, card reader reads No. ID of card, then with calculating DES with identical function during hair fastenerSZ(ID),
And carry out symmetrical password authentication with the increment key of storage in card, identical show that this card is that card sending mechanism is issued.Cipher authentication
Afterwards, the Stored Value in stored value card can be increased.So every card, due to the difference of card number (ID), key is also different.It is exactly in the industry
A card one referred to as is close.
It can be seen that the secrecy to cryptographic Hash function HX and HZ (or key SX and SZ) is system from above explanation
The key of safety.Cracking of Mifare encryption function, makes the protection that everybody only relies on key to encryption system have more deep
Understanding.But it is above in the application process of stored value card it can be seen that depreciation (consumption) key must be present in consumption terminal
In (or on PSAM card of terminal), but the loss of this key does not result in the collapse of electronic purse system, reason is to know to disappear
What fermi key can only be blocked withholds, and obtains commodity for a user and service just can be withholdd accordingly.Will not have
Be provided with commodity or service just carry out the operation that user withholds, if simultaneously using new ID forge card carry out buckleing value, will not from send out
Mechanism for card obtains real fund and is found;If forged using issuing card ID, can will be sent out by transaction record
Now illegally obtain the terminal of transaction record, this equally easily tracked discovery, fake producer cannot interests economically.Blacklist
It is also the effective means preventing complete copy card from attacking.
But the loss of increment key HZ (ID), the leakage of the function HZ that particularly rises in value, will cause serious safety problem,
This allows to forge the amount of money of stored value card, after obtaining commodity and service, not real payment funding.Although it is permissible
Stoped using the method for blacklist and forge being continuing with of card, but the behavior forging card can constantly be carried out, and will cause business
Family and the contradiction of card sending mechanism.The method solving can only be that real-time online is paid, and this is again topmost for stored value card fast
Speed is given discarded using the benefit using with off line.Also a method is, using other AES and key to electronics The data such as the amount of money in wallet are encrypted.Take precautions against the attacker obtaining card readwrite key, the amount of money in modification or generation card.Again Auxiliary blacklist means, can very limits ensure stored value card safety.
It is true that there are two kinds of different businessmans in the use of stored value card:Credit businessman and non-credit businessman.Than
If this public public institution of public transport MTR is exactly credit payee (credit businessman).The feature of these units is base
Originally unit will not forge card to make a profit, and employee forges card again less than corresponding interests.And common businessman, particularly little in a large number
In businessman, it is understood that there may be have the lawless person forging card and attacking system.So, although Mifare is cracked, we can
To see not having big safety problem using the public transit system of the stored value card of Mifare in a large number;But if handle is collected money with public transport
After system identical cash receiving terminal is issued to substantial amounts of medium and small businessman, may just there is businessman that cashing machine is taken in crowd, utilize
" wireless " characteristic of Mifare card is illegally collected money.For this reason, Hong Kong just produces so-called " cutting ferrule ", its function is exactly to use electromagnetism
The method of shielding, puts into stored value card wherein, to prevent illegal businessman from using cashing machine near the fund of theft stored value card.
This method obviously affects promoting the use of of radio-frequency card stored value card.It is true that public transport gathering require quickly through, and businessman receive
Money requires with regard to so strong to quick.Input PIN code can be required when using as present bank card completely.
The security guaranteed payment with PIN code.
So, the use of stored value card is just divided into two kinds of situations:Credit payment, such as bus card-reading do not need PIN code;Non-
Credit payment, for example businessman swipes the card needs PIN code.Thus produce the electronic money how in existing credit payment no PIN code
The problem of PIN code is realized on bag card, that is, needs quickly no PIN code can be used to swipe the card in public transport terminal, and need in businessman
Uniform technical scheme using PIN code bankcard consumption.
Meanwhile, current stored value card, including CPU card stored value card and ISO14443 agreement, not using open code
The security to improve system for the thought learned.Do not provide after PSAM card and SAM card are cracked completely, that is, depreciation function HX and
After increment function HZ divulges a secret, whole system faces the problem of collapse.
Content of the invention
Now, the security of stored value card is under attack, and Mifare card is cracked and even more causes very big weight in the whole world
Depending on.Attacker can read all information in card, replicate and forged, this can be solved with blacklist.But, and such as
Cipher function HX and HZ of fruit hair fastener is compromised, and that attacker just can forge card, and blacklist method will be helpless.And deposit
The charging terminal of the SAM module of HZ function, particularly deposits the popularization of the consumption terminal of SAM (PSAM) module of HX function, increases
Add the disclosure risk of HZ and HX.Be exactly it is now recognized that safety CPU card key managing project in, equally have the close of hair fastener
Code function HX and HZ divulge a secret after system crash risk.So this problem must be solved.We can use public cryptography
Thought is strengthening the security of existing system.
So, a kind of method strengthening card safety, it includes:
In the hair fastener stage, card identification data is digitally signed, and is stored in the data field of card;
Operational phase, reads the digital signature of card identification data and card identification data;Compare the uniformity of previous step data,
Confirm as the card in system when identical, proceed work, be not otherwise the card in system, quit work.
Preferably, the identification data of card include No. ID of card or (and) user profile blocked or (and) card sending mechanism information
Deng.
Further, signature algorithm has encryption function.
It is also possible that also include in signed data other regions (or/and) key data of file.
Above card identification data it is simply that the data that distinguishes between different cards, such as:The sequence number (card number) of card, hair fastener
People, holder.In a word it is simply that the different card of any two, the different pieces of information of identical data region composition.
In theory, present stored value card, the particularly stored value card of less radio-frequency are it is only necessary to a memory block
Domain, that is, store the region of wallet balances.Certainly this region can have two keys to be protected, and that is, depreciation key and increment are close
Key.In order to increase PIN code protection, in addition someone has increased region another and to have stored PIN code (or form of its salt adding).But
Be add PIN code can also adopt other modes, see patent application document (a kind of symmetrical password authentication of ZL201010533245
Method), PIN code can be stored without another one area it may also be said to stored value card substantially can be with only one of which area completely:
Wallet balances area.
We are intended to a wallet key at the method for invention, and particularly depreciation key is stored in card, so wallet card is necessary
You Liangge area:Data area of wallet balances area.Wallet balances area is used for depositing the remaining sum of wallet, and data field is used for depositing wallet
Key, certainly can also deposit the other informations such as PIN code., we claim entirely taking Mifare card Bus Card as a example
Mifare card is stored value card;In card, the block (as the 4th piece) for stored balance is wallet balances area;The increment in remaining sum area
Key, depreciation key and other keys are referred to as wallet key;The region (as the 12nd piece) depositing wallet key is referred to as data field, should
The access control key in area is referred to as data field key.
A kind of method strengthening stored value card safety, it includes:It is divided into data area of remaining sum area in stored value card;In hair fastener
Stage, by electronic purse balance amount area key storage in data field, in stored value card, the PIN code of storage user;During use,
Card reader obtains user's PIN code, certification PIN code, and obtains wallet key from electronic purse data area, and card reader uses wallet close
Key is authenticated with stored value card, correct after operated accordingly.
Further, electronic purse data area also has key to be written and read protecting.
Preferably, stored value card key is to be stored in data field in the way of ciphering signature, so also will decipher when using
Wallet key just can be obtained.The mode of ciphering signature, is the primitive form using such as RSA Algorithm, rather than using universal at present
Using to informative abstract signature method.The function of the encipherment protection information of original RSA Algorithm so can be utilized.
Further, stored value card key and stored value card mark are stored jointly in the way of ciphering signature, when so using
The data obtaining from stored value card has to pass through deciphering and just can obtain wallet key and stored value card mark, and also has confirmation solution
The stored value card mark obtaining after close identifies consistent step with this stored value card.
More safely, can by using PIN code using combining closely with mark data in the way of store user's PIN code, accordingly
PIN code certification is also using the mode of combining closely.The so-called mode of combining closely is exactly the method described in embodiment 5.
Can store in the way of using salt adding typically, for PIN code, PIN code certification also will be adapted.
A kind of system strengthening stored value card safety, it includes:Electronic purse balance amount area, for storing the dress of wallet balances
Put;Electronic purse data area, for storing the device of wallet balances area key;Card reader, for reading and writing electronic purse data
Device.During use, electronic purse balance amount area key storage, in electronic purse data area, also stores user's in stored value card
PIN code;Card reader obtains user's PIN code, then stores user authentication PIN code, and it is close to obtain wallet from electronic purse data area
Key, then card reader be authenticated with electronic purse balance amount area using wallet key, correct after operated accordingly.
Further, also there is key read-write protection device in electronic purse data area.
Further, also has deciphering device in card reader, for deciphering the wallet key storing in ciphering signature mode.
More safely, also has ID authentication device in card reader, for from decrypted packet key containing stored value card and electronic money
The wallet mark data obtaining in bag mark data, is compared certification with the mark data of this card stored value card.
Brief description
Describe the present invention with reference to the accompanying drawings, wherein
Fig. 1 represents the schematic diagram of preferred embodiment 4 and 5;
Specific embodiment
[embodiment 1] card signature
In the first embodiment of the present invention, for identification card, all can there is a mark typically in card, for example
MifareS50 card has a globally unique sequence number.Certainly the hair fastener of application system is in addition it is also necessary to write personal information, hair fastener
Unit information, hair fastener temporal information etc..These information also can become identification data, referred to as ID, that is, distinguish this card and other
The data of card.
System selects rivest, shamir, adelman RSA and key to (S1, S2);ID is carried out the RSA that signsS1, and store (ID)
In the data area of card.When terminal uses, first read out the mark ID of this card and be stored in the ID signature RSA in cardS1(ID),
Terminal calculates RSAS2(RSAS1(ID)) obtain ID, and be compared with the ID reading.When consistent, terminal just can confirm that this card
Validity.
Through such process, when attacker attacks consumption terminal or charging terminal, obtain stored value card or all-purpose card system
It is also not possible to forge card after the consumption function HX of system or increment function HZ.Because signed data RSAS1(ID) protected by private key S1
Shield.By the thought of public-key cryptography, attacker is exactly thoroughly to crack terminal and SAM module obtains:Consumption function HX, increment function
HZ, RSA and S2, nor forge the card of other ID, because attacker still can not calculate RSAS1(ID).It should be noted that
RSA and S2 is also underground, and only compared with than the S1 being saved in hair fastener company, S2 is saved in the relatively low PSAM of security
And in SAM card.Security and the validity of blacklist protection mechanism so can be improved.
Below, in conjunction with stored value card, it is further discussed below this technical scheme.
In order to solve card simultaneously in credit terminal without PIN code, and the uniform technical of PIN code is needed on non-trusted terminal
Scheme has embodiment 2
[embodiment 2] no name
The core of the present invention is to adopt to store in stored value card by depreciation key (consumption key), and it is right to reoffer further
Depreciation (consumption key) protect to obtain method.Carried out respectively not according to credit gathering and the gathering of non-credit when using stored value card
Biconditional operation.According to second embodiment of the present invention, a kind of method of enhancing stored value card safety, we can use Mifare
S50 card is illustrating.
Every Mifare S50 card has one globally unique No. ID and 16 memory blocks, and numbering is 0~15.Each storage
There are two passwords in area:Increment password and depreciation password.When depreciation cipher authentication by after the data of memory block can be subtracted
Value Operations, when rise in value password authentification by after the data of memory block can be carried out increment operation.
Using the electronic purse system of Mifare card, including increment function HX, depreciation (consumption password) function HZ, strengthen letter
Number ZQ, electronic purse card mark ID, user's PIN code etc..Our selection regions 1 are as the storage region of remaining sum in stored value card.
Region 2 is the region of storage depreciation key.
So, the increment password in region 1 is HZ (ID);Depreciation password is HX (ID);The read-write password in region 2 is that enhancing is close
Code ZQ (ID);HX (ID) and user's PIN code are stored in the region 2 protected by enhancing password ZQ (ID).
When credit terminal uses, this is also the method that prior art reads and writes stored value card, and consumption terminal typically has depreciation
(consumption password) function HX;Consumption terminal first reads out the mark ID of stored value card, and calculates HX (ID), with HX (ID) with
Depreciation (consumption) key in stored value card is authenticated, operation of being withholdd accordingly when consistent;Terminal in card sending mechanism
On carry out increment operation when, this terminal have increment function HZ;Terminal first reads out the mark ID of stored value card, and calculates HZ
(ID), it is authenticated with HZ (ID) increment key, operation of being rised in value accordingly when consistent;Increment function HZ in terminal is permissible
Leave in the SAM card in terminal, to guarantee the safety of this function.Certainly depreciation (consumption) function HX is stored in terminal
On PSAM card on ensureing safety.
When non-credit terminal uses, user input PIN code;Terminal reads the mark ID of stored value card, and calculates
Go out ZQ (ID), be authenticated with region 2 with ZQ (ID), be stored in HX (ID) and the PIN code in region 2, PIN code by rear reading
After being verified, reuse HX (ID) and be authenticated with region 1, by after carry out corresponding depreciation or work of withholing.So non-
On credit terminal, avoid the need for storing depreciation (consumption) function HX.
The program can be realized same stored value card and can use on credit terminal and non-credit terminal.In credit eventually
End is all consistent with existing using method and internal processes when using;But it is necessary to defeated when using on non-credit terminal
Enter PIN code, reach and limit the potential safety hazard that " wireless " use of non-credit terminal brings.Method for reaching this security purpose,
It is mainly using data area depreciation key and PIN code being all put on card in the present patent application, and with strengthening password ZQ
(ID) protect this region.May also have more easily method, but our this scheme, it is possible to achieve on consumption terminal, thing
Can there is no HX function on real, so protect the safety of HX function to a great extent.
ID in this embodiment or card mark data, and it is not only sequence number.ID in following examples is not
Plus explanation, it is also such.For CPU card, the mode that it manages data is file.File can also arrange cryptographic key protection, also may be used
To be increment password and depreciation password.In a word, the region in embodiment is changed into file, substantially may be used for retouching of CPU card
State.Key problem or security model are exactly, for the one group of data (referred to as region or file) in card, can with increment code, subtract
Value password and read-write password are protected by, and the core of this embodiment is exactly these passwords and PIN code to be stored in other numbers of card
It is protected by according to area and with other password.In addition, the PIN code of storage should be the data after hash, to increase the peace of PIN code
Entirely, term is " salt adding ".In order to describe conveniently, the protection to PIN code is just not described in detail.
Because non-credit terminal is to be used by substantial amounts of medium and small businessman, though by PSAM card protection ZQ function it is also possible to
Attacked.Safety is wished be not a best selection in the protection rest entirely on PSAM card.
So, further it should HX (ID) is encrypted and signature process.Here it is embodiment 3
[embodiment 3] signs
According to the third embodiment of the present invention, a kind of method of safe electronic wallet, there are increment function HX, depreciation here
Function HZ, enhancing function ZQ, stored value card mark ID, rivest, shamir, adelman RSA and key are to (S1, S2), user's PIN code.
Our selection regions 1 are as the storage region of remaining sum in stored value card.Region 2 is the region of storage depreciation key.
So, increment password is HZ (ID);Consumption password is HX (ID);Enhancing password is ZQ (ID);Calculate RSAS1(ID,
HX (ID)) and be stored in together with PIN code in the region protected by enhancing password ZQ (ID).
When credit terminal uses, this terminal typically has depreciation function HX;Terminal first reads out mark ID of stored value card
Number, and calculate HX (ID), it is authenticated with the consumption key in stored value card with HX (ID), withholdd accordingly when consistent
Operation;When carrying out increment operation in the terminal of card sending mechanism, this terminal has increment function HZ;Terminal first reads out stored value card
Mark ID, and calculate HZ (ID), be authenticated with the increment key in stored value card with HZ (ID), when consistent, carry out phase
The increment operation answered;Increment function HZ in terminal may leave in the SAM card in terminal, to guarantee the safety of this function.
Certainly depreciation function HX is stored on the PSAM card in terminal.
Rivest, shamir, adelman RSA and key S2 are had on non-credit terminal and strengthens cipher function ZQ.During use, user is defeated
Enter PIN code;Terminal reads the mark ID of stored value card, and calculates ZQ (ID);It is authenticated with region 2 with ZQ (ID), lead to
Later read RSAS1(ID, HX (ID)) and PIN code, calculate RSAS2(RSAS1(ID, HX (ID))) obtain ID and HX (ID) and PIN
Code, after PIN code is verified, and this ID is consistent with the ID of card, is authenticated with region 1 using HX (ID), by after carry out
Withhold accordingly work.
RSA Algorithm, key S2 and ZQ can be stored on the PSAM card in terminal.
[embodiment 4] signature+PSAM
According to the 4th kind of embodiment of the present invention, a kind of method of safe electronic wallet is as shown in Figure 1.This is a kind of invention
Person thinks than more complete embodiment.In the figure, the publisher of tabulating equipment determines depreciation function HX, increment function HZ, increasing
Majorant ZQ142, rivest, shamir, adelman RSA141 and key are to (S1, S2), user's PIN code.Selection region 31 is as electronics
The storage region of remaining sum in wallet.Region 32 is the region of storage depreciation key.
In the hair fastener stage, the application according to consumer carries out the individualized of card, stores necessary other information on card;And
Determine the remaining sum storage area that region 31 is stored value card.Read mark ID of card, calculating increment password HZ (ID), depreciation are close
Code HX (ID) is the protection key of the 31 of region, deposits in wallet region keys area 311;Strengthening password ZQ (ID) is storage region
32 protection key, deposits in storage region 32 key zone 321;Calculate RSAS1(ID, HX (ID)) is simultaneously stored in together with PIN code
In the storage region 32 protected by enhancing password ZQ (ID).In SAM card in terminal 1 (non-trusted terminal), store RSA Algorithm
And S2 is RSA engine 141, ZQ function 142.
When terminal 5 (credit terminal) uses, the depreciation function HX521 of this terminal leaves in SAM module 52;Terminal 5
First pass through the mark ID connecting 4 reading stored value cards 3, and be sent to SAM module 52;SAM module 52 calculates HX (ID),
It is authenticated according to the key that wallet region keys area 311 stores with the wallet region 31 in stored value card 3 with HX (ID), pass through
After withholdd accordingly operation.When carrying out increment operation in terminal 5, the increment function HZ522 of this terminal leaves SAM module in
In 52;Terminal first reads out the mark ID of stored value card, and is sent to SAM module 52;SAM module 52 calculates HZ (ID),
It is authenticated according to the key that wallet region keys area 311 stores with the stored value card region 31 in stored value card 3 with HZ (ID),
Rised in value accordingly when consistent operation.
In SAM module 14 in terminal 1 (non-trusted terminal), rivest, shamir, adelman RSA and key S2 is had to be RSA engine
131 and enhancing function ZQ142.During use, after terminal 1 obtains the amount of money and user input PIN code, terminal 1 reads stored value card 3
Mark ID, is sent to terminal 1 and is sent to SAM module 14;SAM module 14 calculates ZQ (ID);SAM module 14 ZQ (ID)
With storage region 32 pass through terminal 1 and is connected 2 according to be stored in storage region 32 key zone 321 store key be authenticated,
RSA in storage region 32 is stored in by rear readingS1(ID, HX (ID)), is then counted with the RSA engine 141 in SAM module 14
Calculate RSAS2(RSAS1(ID, HX (ID))) obtain ID and HX (ID) and PIN code, PIN code is verified, and compares the ID of this ID and card
After consistent, pass through terminal 1 using HX (ID) with wallet region 31 and be connected 2 keys storing according to wallet region keys area 311
Be authenticated, by after withholdd accordingly work.Obviously all data occurring in terminal 1 and connecting on 2 can be through
Cross encryption.
It is in fact possible to PIN code more closely be coupled it is simply that embodiment 5 with ZQ function
[embodiment 5] signature+PIN+PSAM
According to the 5th kind of embodiment of the present invention, a kind of method of safe electronic wallet is as shown in Figure 1.This is a kind of invention
Person thinks reasonable embodiment.In the figure, the publisher of card determines depreciation function HX, increment function HZ, enhancing function
ZQ, rivest, shamir, adelman RSA and key are to (S1, S2), user's PIN code.Selection region 31 is as remaining sum in stored value card
Storage region.Region 32 is the region of storage depreciation key.
In the hair fastener stage, the application according to consumer carries out the individualized of card, stores necessary other information on card;And
Determine the remaining sum storage area that region 31 is stored value card.Read mark ID of card, calculating increment password HZ (ID), depreciation are close
Code HX (ID) is the protection key of the 31 of region, deposits in wallet region keys area 311;Read the PIN code of user, calculate and strengthen
Password ZQ (ID, PIN) is the protection key of storage region 32, deposits in storage region 32 key zone 321;Calculate RSAS1(ID, HX
) and be stored in by strengthening in password ZQ (ID, the PIN) region 32 protected (ID).In SAM module 14 card in terminal 1, store
RSA Algorithm and S2 are RSA engine 141, ZQ function.
When terminal 5 (credit terminal) uses, the depreciation function HX521 of this terminal leaves in SAM module 52;Terminal 5
First pass through the mark ID connecting 4 reading stored value cards 3, be sent in SAM module 52, SAM module 52 calculates HX (ID),
It is authenticated according to the key that wallet region keys area 311 stores with the wallet region 31 in stored value card 3 with HX (ID), pass through
After withholdd accordingly operation;When carrying out increment operation in terminal 5, the depreciation function HZ522 of this terminal leaves SAM module in
In 52;Terminal first reads out the mark ID of stored value card, is sent in SAM module 52;SAM module 52 calculates HZ (ID),
It is authenticated according to the key that wallet region keys area 311 stores with the stored value card region 31 in stored value card 3 with HZ (ID),
Rised in value accordingly when consistent operation.(read signature numeral, after HX and HZ function is divulged a secret or cracked, batch can be prevented
Produce pseudo- card)
In SAM module 14 in terminal 1 (non-credit terminal), rivest, shamir, adelman RSA and key S2 is had to be RSA engine
131 and enhancing function ZQ142.During use, terminal 1 obtains the amount of money and with producing after input PIN code, and terminal 1 reads stored value card 3
Mark ID, is sent to terminal 1 and is sent to SAM module 14;SAM module 14 calculates ZQ (ID, PIN);With ZQ (ID, PIN)
With region 2 pass through terminal 1 and is connected 2 according to be stored in storage region 32 key zone 321 store key be authenticated, by rear
Read the RSA being stored in region 2S1(ID, HX (ID)), then SAM module 14 calculating RSAS2(RSAS1(ID, HX (ID)))
To ID and HX (ID), compare this ID consistent with the ID of card after, pass through terminal 1 using HX (ID) and wallet region 31 and be connected 2
Key according to wallet region keys area 311 storage is authenticated, by after withholdd accordingly work.Obviously all occur in
Terminal 1 and the data connecting on 2 can may pass through encryption.
Different from embodiment 4, PIN code is not placed directly on region 2 here, but special using the present inventor's application
Profit, is shown in patent application document (a kind of method of symmetrical password authentication of ZL201010533245), to protect as PIN code control mode
The safety in card region 32.So after enhancing function ZQ divulges a secret or is cracked, there is no PIN code nor obtain RSAS1(ID, HX
(ID)), so protect the safety of HX (ID) further.
Special declaration uses RSA to represent rivest, shamir, adelman in an embodiment, does not represent and can only use RSA
Algorithm.This rivest, shamir, adelman is simply required to have two different keys, i.e. encryption key S1 and decruption key S2;Know solution
Key is difficult to obtain encryption key.Decruption key typically claims to become privacy key encryption key S1, and decruption key S2 is referred to as
Public-key cryptography, or S1 is called public-key cryptography on the contrary, and S2 is privacy key.But in the present invention, we are signed using S1
It is used, its encryption function can also be utilized simultaneously.S2 is stored in consumption terminal, and its effect can verify this card
Moreover it is possible to the signed HX key data of protection while whether ID is signed by S1, so can prevent from having forged card reuse
Through signing the ID card of name, can be solved by blacklist for ID card out of joint.Utilize the encryption function of S1 simultaneously, also may be used
To ensure No. ID and the safety corresponding to this consumption key of No. ID.So signature does not preferably use common digital digest skill
Art, but directly have the cipher system of signature function using this existing encryption function of RSA again.
S2 is commonly referred to as public-key cryptography, but is not intended in the present invention disclose this key;Even should algorithm RSA and
Decruption key S2 is placed in the PSAM card of read-write terminal, to ensure safety.
The method of the present invention and system are described with embodiment above.But the present invention simultaneously not exclusively limits for electronic money
Bag, is particularly not restricted to the stored value card of radio frequency card media.May not be stored value card, but be electronic bankbook.Although
In above embodiment, invention has been described, it is to be understood that, the description of above example is illustrative and description
Property, and nonrestrictive.It will be apparent to those skilled in the art that without departing from be defined by the claims this
On the premise of bright spirit and scope, various modifications, improvement, modification can be made and replace.Claims illustrate the present invention
Protection domain.
Claims (10)
1. a kind of method strengthening stored value card safety, it includes:
It is divided into data area of remaining sum area in stored value card;
The hair fastener stage
A, by electronic purse balance amount area key storage in data field;
B, in stored value card, storage user PIN code;
Operational phase
C, card reader obtain user's PIN code;
D, certification PIN code, and obtain wallet key from electronic purse data area;
E, card reader are authenticated using wallet key and stored value card, correct after operated accordingly.
2. method according to claim 1 is it is characterised in that data field also has key to be written and read protecting.
3. the method according to claim 1 or 2 it is characterised in that in step A stored value card key be in the way of ciphering signature
Storage, the data that step D obtains from stored value card has to pass through deciphering and just can obtain wallet key.
4. method according to claim 3 is it is characterised in that stored value card key and stored value card mark are jointly to add in step A
The mode of close signature stores, and the data that step D obtains from stored value card has to pass through deciphering and just can obtain wallet key and electronics
Wallet identifies, and also has the stored value card mark that confirmation obtains after the deciphering step consistent with the mark of this stored value card.
5. method according to claim 3 is it is characterised in that PIN code stores user with mark data by the way of combining closely
PIN code, corresponding PIN code certification is also using the mode of combining closely.
6. method according to claim 3 is it is characterised in that PIN code is stored by the way of salt adding, the PIN code certification of step D
Also to be adapted.
7. a kind of system strengthening stored value card safety, it includes:
Electronic purse balance amount area, for storing the device of wallet balances;
Electronic purse data area, for storing the device of wallet balances area key;
Card reader, for reading and writing the device of electronic purse data;
Electronic purse balance amount area key storage, in electronic purse data area, also stores the PIN code of user in stored value card;Card Reader
Device obtains user's PIN code, then stores user authentication PIN code, and obtains wallet key from electronic purse data area, then Card Reader
Device is authenticated with electronic purse balance amount area using wallet key, correct after operated accordingly.
8. system according to claim 7 is it is characterised in that also there is key read-write protection device in electronic purse data area.
9. the system according to claim 7 or 8 is it is characterised in that also have deciphering device, for deciphering to encrypt label in card reader
The wallet key that name mode stores.
10. system according to claim 8 is it is characterised in that also have ID authentication device in card reader, for containing from decrypted packet
The wallet mark data obtaining in stored value card key and stored value card mark data, is entered with the mark data of this card stored value card
Row compares certification.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201010578562.6A CN102568097B (en) | 2010-12-08 | 2010-12-08 | Method and system for improving safety of electronic wallets |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201010578562.6A CN102568097B (en) | 2010-12-08 | 2010-12-08 | Method and system for improving safety of electronic wallets |
Publications (2)
Publication Number | Publication Date |
---|---|
CN102568097A CN102568097A (en) | 2012-07-11 |
CN102568097B true CN102568097B (en) | 2017-02-22 |
Family
ID=46413431
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201010578562.6A Active CN102568097B (en) | 2010-12-08 | 2010-12-08 | Method and system for improving safety of electronic wallets |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102568097B (en) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2014154129A1 (en) * | 2013-03-26 | 2014-10-02 | Shao Tong | Two-time near distance connection secure payment device, method, and system |
CN104579674B (en) * | 2014-08-08 | 2018-07-20 | 深圳市金溢科技股份有限公司 | Terminal security module and its management method, vehicle toll management method and system |
CN106845967A (en) * | 2016-12-26 | 2017-06-13 | 广东工业大学 | Based on the credit payment new application method that national all-purpose card interconnects |
TWI668672B (en) * | 2018-02-07 | 2019-08-11 | 開曼群島商庫幣科技有限公司 | Method Of Creating And Recovering Digital Wallet |
CN110135840A (en) * | 2018-02-09 | 2019-08-16 | 库币科技有限公司 | The generation of electronic money packet and restoring method |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101247230A (en) * | 2008-02-28 | 2008-08-20 | 唐跃文 | Anti-counterfeiting method based on non-contact IC card |
CN101276431A (en) * | 2007-03-29 | 2008-10-01 | 西门子公司 | Copy-protected chip cards and method related to their production |
Family Cites Families (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
AU762708B2 (en) * | 1998-05-05 | 2003-07-03 | Jay C. Chen | A cryptographic system and method for electronic transactions |
JP4176898B2 (en) * | 1999-02-19 | 2008-11-05 | 株式会社東芝 | Personal authentication system, portable device and storage medium used therefor |
JP3617789B2 (en) * | 1999-05-26 | 2005-02-09 | 株式会社エヌ・ティ・ティ・データ | Public key certificate issuance method, verification method, system, and recording medium |
JP2008033789A (en) * | 2006-07-31 | 2008-02-14 | Oki Electric Ind Co Ltd | Identification/attribute authentication system and identification/attribute authentication method |
DE102007000589B9 (en) * | 2007-10-29 | 2010-01-28 | Bundesdruckerei Gmbh | Method for protecting a chip card against unauthorized use, chip card and chip card terminal |
CN100559393C (en) * | 2008-03-25 | 2009-11-11 | 华南理工大学 | RFID label and reader thereof, reading system and safety certifying method |
CN101686225A (en) * | 2008-09-28 | 2010-03-31 | 中国银联股份有限公司 | Methods of data encryption and key generation for on-line payment |
CN101853453A (en) * | 2009-04-03 | 2010-10-06 | 中兴通讯股份有限公司 | System and method for realizing mobile payment |
CN101655949A (en) * | 2009-08-13 | 2010-02-24 | 北京握奇数据系统有限公司 | Intelligent card charging system and method thereof |
CN101799954B (en) * | 2009-11-20 | 2012-08-08 | 飞天诚信科技股份有限公司 | Method for loading double electronic purses |
-
2010
- 2010-12-08 CN CN201010578562.6A patent/CN102568097B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101276431A (en) * | 2007-03-29 | 2008-10-01 | 西门子公司 | Copy-protected chip cards and method related to their production |
CN101247230A (en) * | 2008-02-28 | 2008-08-20 | 唐跃文 | Anti-counterfeiting method based on non-contact IC card |
Also Published As
Publication number | Publication date |
---|---|
CN102568097A (en) | 2012-07-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20220156732A1 (en) | Data protection with translation | |
EP2143028B1 (en) | Secure pin management | |
US10134033B2 (en) | Payment system and method using IC identification card | |
JP5050066B2 (en) | Portable electronic billing / authentication device and method | |
US7526652B2 (en) | Secure PIN management | |
US9361619B2 (en) | Secure and convenient mobile authentication techniques | |
US20100169223A1 (en) | Payment System and Method Using an IC Identification Card | |
US8620824B2 (en) | Pin protection for portable payment devices | |
CN102222389A (en) | Realization method and device of fingerprint comparison in financial IC (integrated circuit) card | |
EP3702991A1 (en) | Mobile payments using multiple cryptographic protocols | |
CN102568097B (en) | Method and system for improving safety of electronic wallets | |
CN102236607B (en) | Data security protection method and data security protection device | |
US20110178903A1 (en) | Personal identification number changing system and method | |
Mayes et al. | Transport ticketing security and fraud controls | |
CN102546163A (en) | Method for enhancing security of card | |
Markantonakis et al. | Overview of security threats for smart cards in the public transport industry | |
Rantos et al. | Analysis of potential vulnerabilities in payment terminals | |
CN117541244A (en) | Quantum-safe digital currency visible radio frequency card device and payment method thereof | |
CN201592575U (en) | Financial bill | |
Milosavljević | Payment Cards Counterfeiting Methods and Pin Uncovering | |
Rihaczek | TeleTrusT-OSIS and communication security | |
Nithyanand | Securing plastic money using an rfid based protocol stack | |
Daza et al. | SOLDI: Secure Off-Line Disposable CredIts to Secure Mobile Micro Payments | |
Kolapati | CRYPTOGRAPHY & SECURITY | |
Manaf et al. | Design an Improved Encrypting Key Pad Using AVR-ATXMEGA Microcontroller |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant |