CN103095455A - Storage method and storage system for private key of user - Google Patents
Storage method and storage system for private key of user Download PDFInfo
- Publication number
- CN103095455A CN103095455A CN2013100091792A CN201310009179A CN103095455A CN 103095455 A CN103095455 A CN 103095455A CN 2013100091792 A CN2013100091792 A CN 2013100091792A CN 201310009179 A CN201310009179 A CN 201310009179A CN 103095455 A CN103095455 A CN 103095455A
- Authority
- CN
- China
- Prior art keywords
- private key
- protection parameters
- key protection
- mobile terminal
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention provides a storage method and a storage system for a private key of a user. The storage method comprises the following steps: a mobile terminal generates a first random number, and a first private key protection parameter and a second private key protection parameter are obtained from a mobile bank server. A user private key file is deciphered according to the second private key protection parameter, the deciphered user private key file is verified, and if the verification succeeds, a transaction is carried out according to the user private key file. If the verification fails, the user private key file is deciphered according to the first private key protection parameter, and the deciphered user private key file is verified. If the verification succeeds, the transaction is carried out according to the user private key file. The private key protection parameters are updated and the identification is updated according to the verification results. Updated private key protection parameters are generated according to the received transaction results and sent to the mobile bank server. The mobile terminal encrypts and stores the user private key file by utilizing the updated private key protection parameters according to the successfully updated results. Therefore, after private key protection parameters are verified and a user private key file is successfully deciphered, a transaction is carried out, and safety is ensured.
Description
Technical field
The present invention relates to field of information security technology, particularly the storage system of a kind of storage means of private key for user and a kind of private key for user.
Background technology
In recent years, follow the fast development of the Internet and Financial Information, Web bank obtains rapidly the generally high praise of user and bank's industry because of its facility, the advantage such as efficient, wherein digital certificate is the identify label of user and bank server when concluding the business by Web bank, can guarantee the safety of online transaction.
User's digital certificate comprises a pair of client public key and private key, and client public key is stored in bank server, and private key for user is stored in the terminal that the user uses.The problem that exists at present is, in case the terminal that the user uses (such as smart mobile phone etc.) lost, private key for user is very easily cracked by other people, thereby obtains unlawful interests, and there is potential safety hazard in the mobile payment process.
Summary of the invention
Purpose of the present invention is intended to solve at least one of above-mentioned technological deficiency.
For achieving the above object, first purpose of the present invention is to propose a kind of storage means of private key for user, and the method comprises the following steps: a, mobile terminal are encrypted storage private key for user file at predeterminable area; B, described mobile terminal identifying user identity by after generate the first random number, obtain the first private key Protection parameters and the second private key Protection parameters according to described the first random number from mobile banking's server; C, described mobile terminal are deciphered the private key for user file of described storage according to described the second private key Protection parameters, and the described private key for user file after the checking deciphering; If the described private key for user file of d by checking, is carried out transaction according to described private key for user file; If the described private key for user file of e not by checking, is deciphered the private key for user file of described storage according to described the first private key Protection parameters, and the described private key for user file after the checking deciphering; If the described private key for user file of f by checking, is carried out transaction according to described private key for user file; G, described mobile terminal upgrade more new logo of private key Protection parameters according to the result that is verified of described step c and step e; H, described mobile terminal generate according to the transaction results that receives and upgrade the private key Protection parameters, send described renewal private key Protection parameters and described private key Protection parameters more new logo to mobile banking's server; I, described mobile terminal be according to the result that is updated successfully of described mobile banking service, utilizes to upgrade the private key Protection parameters private key for user file is encrypted storage.
Storage means according to the private key for user of the embodiment of the present invention; mobile terminal obtains the private key Protection parameters from mobile banking's server; and checking private key Protection parameters success decrypted user private key file; can carry out transaction after checking is errorless; make private key for user be difficult for being cracked, guarantee safety.
for achieving the above object, second purpose of the present invention is to propose a kind of storage system of private key for user, comprising: mobile terminal and mobile banking's server, described mobile terminal, be used for encrypting storage private key for user file at predeterminable area, identifying user identity by after generate the first random number, and obtain the first private key Protection parameters and the second private key Protection parameters according to described the first random number from described mobile banking server, and decipher the private key for user file of described storage according to described the second private key Protection parameters, and the described private key for user file after the checking deciphering, when passing through checking, described private key for user file carries out transaction according to described private key for user file, and when not passing through checking, described private key for user file deciphers the private key for user file of described storage according to described the first private key Protection parameters, and the described private key for user file after the checking deciphering, and when passing through checking, described private key for user file carries out transaction according to described private key for user file, described mobile terminal upgrades more new logo of private key Protection parameters according to being verified result, generate according to the transaction results that receives and upgrade the private key Protection parameters, send described renewal private key Protection parameters and described private key Protection parameters more new logo to mobile banking's server, according to the result that is updated successfully of described mobile banking service, utilize renewal private key Protection parameters to be encrypted storage to the private key for user file.
Storage system according to the private key for user of the embodiment of the present invention; mobile terminal obtains the private key Protection parameters from mobile banking's server; and checking private key Protection parameters success decrypted user private key file; can carry out transaction after checking is errorless; make private key for user be difficult for being cracked, guarantee safety.
The aspect that the present invention adds and advantage part in the following description provide, and part will become obviously from the following description, or recognize by practice of the present invention.
Description of drawings
Above-mentioned and/or the additional aspect of the present invention and advantage will become from the following description of the accompanying drawings of embodiments and obviously and easily understand, wherein:
Fig. 1 is the flow chart of the storage means of private key for user according to an embodiment of the invention;
Fig. 2 is the structural representation of the storage system of private key for user according to an embodiment of the invention.
Embodiment
The below describes embodiments of the invention in detail, and the example of described embodiment is shown in the drawings, and wherein same or similar label represents same or similar element or the element with identical or similar functions from start to finish.Be exemplary below by the embodiment that is described with reference to the drawings, only be used for explaining the present invention, and can not be interpreted as limitation of the present invention.On the contrary, embodiments of the invention comprise spirit and interior all changes, modification and the equivalent of intension scope that falls into additional claims.
In description of the invention, it will be appreciated that, term " first ", " second " etc. only are used for describing purpose, and can not be interpreted as indication or hint relative importance.In description of the invention, need to prove, unless clear and definite regulation and restriction are separately arranged, term " is connected ", " connection " should do broad understanding, for example, can be to be fixedly connected with, and can be also to removably connect, or connects integratedly; Can be mechanical connection, can be also to be electrically connected to; Can be directly to be connected, also can indirectly be connected by intermediary.For the ordinary skill in the art, can concrete condition understand above-mentioned term concrete meaning in the present invention.In addition, in description of the invention, except as otherwise noted, the implication of " a plurality of " is two or more.
Describe and to be understood in flow chart or in this any process of otherwise describing or method, expression comprises module, fragment or the part of code of the executable instruction of the step that one or more is used to realize specific logical function or process, and the scope of the preferred embodiment of the present invention comprises other realization, wherein can be not according to order shown or that discuss, comprise according to related function by the mode of basic while or by opposite order, carry out function, this should be understood by the embodiments of the invention person of ordinary skill in the field.
Describe according to the storage means of the private key for user of the embodiment of the present invention and the storage system of private key for user below with reference to accompanying drawing.
Fig. 1 is the flow chart of the storage means of private key for user according to an embodiment of the invention.
As shown in Figure 1, the storage means according to the private key for user of the embodiment of the present invention comprises the steps.
Step S101, mobile terminal is encrypted storage private key for user file at predeterminable area.
Concrete, mobile terminal can be encrypted and store the private key for user file according to the private key for user Protective Key.Wherein, the private key for user file comprises the hardware information of private key for user and mobile terminal; The private key for user Protective Key generates for all or part of information and the private key Protection parameters by all or part of information of the cryptographic Hash of the hardware information of mobile terminal/hardware characteristics information, login password/the log in cryptographic Hash of password.
Store the mode of private key for user by encryption, can guarantee the fail safe of the storage of private key for user.
Step S102, mobile terminal identifying user identity by after generate the first random number, obtain the first private key Protection parameters and the second private key Protection parameters according to the first random number from mobile banking's server.
Particularly, when each payment by the transfer of accounts, mobile terminal receives the payment information of user's input, at first will be according to the payment information identifying user identity; Can pass through the mode identifying user identities such as the checking of short-message verification code, verifying dynamic password, electric signing tools checking or trading password checking.Guaranteed that by identifying user identity it is real using the user of this mobile terminal, has improved fail safe.
Further, mobile terminal is encrypted the first random number according to the PKI of mobile banking's server, and the first random number after encrypting is sent to mobile banking's server; Mobile banking's server is decrypted to obtain the first random number according to the private key of mobile banking's server to the enciphered message that mobile terminal sends; Mobile banking's server is encrypted the first private key Protection parameters and the second private key Protection parameters according to the first random number, and the first private key Protection parameters and the second private key Protection parameters after encrypting are sent to mobile terminal; Mobile terminal is decrypted to obtain the first private key Protection parameters and the second private key Protection parameters according to the first random number to the information that mobile banking's server sends.
By the way, can guarantee the safety of transmission private key Protection parameters between mobile terminal and mobile banking's server.
Wherein, the first private key Protection parameters that obtains from mobile banking's server first and the second private key Protection parameters can be when registration assignment identical.
Step S103, mobile terminal is according to the private key for user file of the second private key Protection parameters deciphering storage, and the private key for user file after the checking deciphering.
Be verified rear execution in step S104 and step S107, not by execution in step S105.
Certainly, mobile terminal can utilize the private key for user file after hardware information checking deciphering, to improve fail safe.
Step S104 is if the private key for user file by checking, is carried out transaction according to the private key for user file.
Step S105, if the private key for user file is deciphered the private key for user file of storage not by checking according to the first private key Protection parameters, and the private key for user file after the checking deciphering.
Be verified rear execution in step S106 and step S107, not by needing to re-execute register flow path.
Certainly, mobile terminal can utilize the private key for user file after hardware information checking deciphering, to improve fail safe.
Step S106 is if the private key for user file by checking, is carried out transaction according to the private key for user file;
In this step, if the private key for user file does not pass through checking, feedback error information, at this moment, need the user to re-start registration and just can conclude the business.
Step S107, mobile terminal upgrades more new logo of private key Protection parameters according to being verified result;
This step can for: if the private key for user file by checking, upgrades more new logo of private key Protection parameters according to the first private key Protection parameters of decrypted user private key file or the second private key Protection parameters.
Particularly, if when utilizing the second private key Protection parameters decrypted user private key file, private key for user file after deciphering is by checking, can upgrade according to the second private key Protection parameters of decrypted user private key file more new logo of private key Protection parameters, for example the private key Protection parameters being upgraded identification renewal is 2; If utilize the first private key Protection parameters decrypted user private key file; private key for user file after deciphering is by checking; can upgrade according to the first private key Protection parameters of decrypted user private key file more new logo of private key Protection parameters, for example the private key Protection parameters being upgraded identification renewal is 1.
Step S108, mobile terminal generate according to the transaction results that receives and upgrade the private key Protection parameters, send upgrade private key Protection parameters and private key Protection parameters more new logo to mobile banking's server;
Wherein, no matter transaction results is success or failure, and mobile terminal all generates and upgrades the private key Protection parameters.
Concrete, mobile terminal can also according to the PKI of mobile banking's server to upgrade private key Protection parameters and private key Protection parameters more new logo be encrypted, and will encrypt renewal private key Protection parameters afterwards and private key Protection parameters more new logo be sent to mobile banking's server; Accordingly, the information that also according to the private key of mobile banking's server, mobile terminal sent of mobile banking's server is decrypted to obtain and upgrades more new logo of private key Protection parameters and private key Protection parameters.Mode by encrypted transmission guarantees safety.
In addition, mobile banking's server also the private key Protection parameters more new logo the first private key Protection parameters and the second private key Protection parameters are upgraded, concrete: if upgrading, the private key Protection parameters is designated the second sign corresponding to private key Protection parameters, mobile banking's server upgrades the second private key Protection parameters according to upgrading the private key Protection parameters, and upgrades the first private key Protection parameters according to the second private key Protection parameters; Be designated the first sign corresponding to private key Protection parameters if the private key Protection parameters upgrades, mobile banking's server upgrades the second private key Protection parameters according to upgrading the private key Protection parameters.By the way, guaranteed that mobile terminal all can adopt up-to-date private key Protection parameters can successfully decipher the private key for user file at every turn.
In addition, mobile banking's server also returns and is updated successfully result to mobile terminal after successfully upgrading.
Step S109, mobile terminal utilize renewal private key Protection parameters to be encrypted storage to the private key for user file according to the result that is updated successfully of mobile banking's service.
Particularly; after mobile terminal receives and is updated successfully result; calculate according to all or part of information of all or part of information of the cryptographic Hash of the hardware characteristics information of upgrading private key Protection parameters, mobile terminal/hardware characteristics information and login password/the log in cryptographic Hash of password and produce the private key for user Protective Key, and according to the private key for user Protective Key, the private key for user file is encrypted.
If mobile banking's server update failure; mobile terminal is according to the renewal failure result of mobile banking's server; the renewal private key Protection parameters that does not utilize step S108 to generate is encrypted storage to the private key for user file; and still adopting original mode to encrypt storage private key for user file, original mode can be in step S101 and according to the private key for user Protective Key, the private key for user file is encrypted and stores.
This shows; storage means according to the private key for user of the embodiment of the present invention; mobile terminal obtains the private key Protection parameters from mobile banking's server; and checking private key Protection parameters success decrypted user private key file; can carry out transaction after checking is errorless; make private key for user be difficult for being cracked, guarantee safety.
Fig. 2 is the structural representation of the storage system of private key for user according to an embodiment of the invention.
As shown in Figure 2, the storage system according to the private key for user of the embodiment of the present invention comprises mobile terminal 10 and mobile banking's server 20.
mobile terminal 10 is encrypted storage private key for user file at predeterminable area, identifying user identity by after generate the first random number, and obtain the first private key Protection parameters and the second private key Protection parameters according to the first random number from mobile banking's server 20, private key for user file according to the second private key Protection parameters deciphering storage, and the private key for user file after the checking deciphering, when passing through checking, the private key for user file carries out transaction according to the private key for user file, the private key for user file of storing according to the first private key Protection parameters deciphering when the private key for user file does not pass through checking, and the private key for user file after the checking deciphering, and when passing through checking, the private key for user file carries out transaction according to the private key for user file.Wherein, mobile terminal 10 also utilizes hardware information checking deciphering private key for user file afterwards; Mobile terminal 10 is also by short-message verification code, dynamic password, electric signing tools or trading password identifying user identity.
Mobile terminal 10 upgrades more new logo of private key Protection parameters according to being verified result; generate according to the transaction results that receives and upgrade the private key Protection parameters; send to upgrade private key Protection parameters and private key Protection parameters more new logo to mobile banking's server 20; according to the result that is updated successfully of mobile banking's service 20, utilize renewal private key Protection parameters to be encrypted storage to the private key for user file.If mobile banking's server update failure; mobile terminal 10 is according to the renewal failure result of mobile banking's server 20; do not utilize the renewal private key Protection parameters of generation to be encrypted storage to the private key for user file; and still adopting original mode to encrypt storage private key for user file, original mode can be according to the private key for user Protective Key private key for user file is encrypted and stores.
In addition, the result that mobile terminal 10 does not all pass through according to twice checking re-executes register flow path.
Preferably, mobile terminal 10 also is encrypted and stores the private key for user file according to the private key for user Protective Key.Wherein, the private key for user file comprises the hardware information of private key for user and mobile terminal; The private key for user Protective Key generates for all or part of information and the private key Protection parameters by all or part of information of the cryptographic Hash of the hardware information of mobile terminal/hardware characteristics information, login password/the log in cryptographic Hash of password.
Preferably, mobile terminal 10 also after the private key for user file is by checking, upgrades more new logo of private key Protection parameters according to the first private key Protection parameters of decrypted user private key file or the second private key Protection parameters.
Preferably, mobile banking's server 20 also upgrades when being designated sign corresponding to the second private key Protection parameters at the private key Protection parameters, upgrade the second private key Protection parameters according to upgrading the private key Protection parameters, and upgrade the first private key Protection parameters according to the second private key Protection parameters; Upgrade when being designated sign corresponding to the first private key Protection parameters at the private key Protection parameters, upgrade the second private key Protection parameters according to upgrading the private key Protection parameters; And return and be updated successfully result to mobile terminal 10.
In addition, mobile terminal 10 also according to the PKI of mobile banking's server to upgrade private key Protection parameters and private key Protection parameters more new logo be encrypted, and will encrypt renewal private key Protection parameters afterwards and private key Protection parameters more new logo be sent to mobile banking's server 20; The information that mobile banking's server 20 also sends mobile terminal according to the private key of mobile banking's server is decrypted to obtain upgrades more new logo of private key Protection parameters and private key Protection parameters.
Preferably, mobile terminal 10 also is encrypted the first random number according to the PKI of mobile banking's server, and the first random number after encrypting is sent to mobile banking's server 20; It is first random that the enciphered message that mobile banking's server 20 also sends mobile terminal according to the private key of mobile banking's server is decrypted to obtain, according to the first random number, the first private key Protection parameters and the second private key Protection parameters are encrypted, and the first private key Protection parameters and the second private key Protection parameters after encrypting are sent to mobile terminal 10; Mobile terminal 10 also is decrypted to obtain the first private key Protection parameters and the second private key Protection parameters according to the first random number to the information that mobile banking's server sends.
This shows; storage system according to the private key for user of the embodiment of the present invention; mobile terminal obtains the private key Protection parameters from mobile banking's server; and checking private key Protection parameters success decrypted user private key file; can carry out transaction after checking is errorless; make private key for user be difficult for being cracked, guarantee safety.
In above-mentioned preferred embodiment of the present invention, the safety of private key not only depends on client, but is subject to the duplicate protection of client and service end, and namely service end participates in the safeguard protection flow process of private key, the fail safe that has further improved private key.
Although illustrated and described embodiments of the invention, for the ordinary skill in the art, be appreciated that without departing from the principles and spirit of the present invention and can carry out multiple variation, modification, replacement and modification to these embodiment, scope of the present invention is by claims and be equal to and limit.
Claims (16)
1. the storage means of a private key for user, is characterized in that, the method comprises:
A, mobile terminal are encrypted storage private key for user file at predeterminable area;
B, described mobile terminal identifying user identity by after generate the first random number, obtain the first private key Protection parameters and the second private key Protection parameters according to described the first random number from mobile banking's server;
C, described mobile terminal are deciphered the private key for user file of described storage according to described the second private key Protection parameters, and the described private key for user file after the checking deciphering;
If the described private key for user file of d by checking, is carried out transaction according to described private key for user file;
If the described private key for user file of e not by checking, is deciphered the private key for user file of described storage according to described the first private key Protection parameters, and the described private key for user file after the checking deciphering;
If the described private key for user file of f by checking, is carried out transaction according to described private key for user file;
G, described mobile terminal upgrade more new logo of private key Protection parameters according to the result that is verified of described step c and step e;
H, described mobile terminal generate according to the transaction results that receives and upgrade the private key Protection parameters, send described renewal private key Protection parameters and described private key Protection parameters more new logo to mobile banking's server;
I, described mobile terminal be according to the result that is updated successfully of described mobile banking service, utilizes to upgrade the private key Protection parameters private key for user file is encrypted storage.
2. method according to claim 1, is characterized in that, described step a comprises:
According to the private key for user Protective Key, described private key for user file is encrypted and stores;
Described private key for user file comprises the hardware information of private key for user and described mobile terminal;
Described private key for user Protective Key generates for all or part of information and the private key Protection parameters by all or part of information of the cryptographic Hash of the hardware information of described mobile terminal/hardware characteristics information, login password/the log in cryptographic Hash of password.
3. method according to claim 1, is characterized in that, described step g comprises:
If described private key for user file is by checking, described the first private key Protection parameters or described the second private key Protection parameters according to the described private key for user file of deciphering upgrades more new logo of private key Protection parameters.
4. method according to claim 1, is characterized in that, also comprises between described step h and described step I:
If upgrading, described private key Protection parameters is designated described the second sign corresponding to private key Protection parameters, described mobile banking server upgrades described the second private key Protection parameters according to described renewal private key Protection parameters, and upgrades described the first private key Protection parameters according to described the second private key Protection parameters; And
Be designated described the first sign corresponding to private key Protection parameters if described private key Protection parameters upgrades, described mobile banking server upgrades described the second private key Protection parameters according to described renewal private key Protection parameters;
Described mobile banking server returns and is updated successfully result to described mobile terminal.
5. method according to claim 4, is characterized in that,
The described transmission of step h described renewal private key Protection parameters and described private key Protection parameters more new logo to mobile banking's server comprise:
Described mobile terminal according to the PKI of described mobile banking server to described renewal private key Protection parameters and described private key Protection parameters more new logo be encrypted, and the described renewal private key Protection parameters after encrypting and described private key Protection parameters more new logo be sent to described mobile banking server;
Also comprise between described step h and described step I: the information that described mobile banking server sends described mobile terminal according to the private key of described mobile banking server is decrypted to obtain more new logo of described renewal private key Protection parameters and described private key Protection parameters.
6. method according to claim 1, is characterized in that, the described private key for user file after the deciphering of checking described in step c comprises:
Utilize described hardware information checking deciphering described private key for user file afterwards.
7. according to claim 1-6 described methods of any one, is characterized in that, comprises from the step that mobile banking's server obtains the first private key Protection parameters and the second private key Protection parameters according to described the first random number described in step b:
Described mobile terminal is encrypted described the first random number according to the PKI of described mobile banking server, and described the first random number after encrypting is sent to described mobile banking server;
Described mobile banking server is decrypted to obtain described the first random number according to the private key of described mobile banking server to the enciphered message that described mobile terminal sends;
Described mobile banking server is encrypted described the first private key Protection parameters and described the second private key Protection parameters according to described the first random number, and described the first private key Protection parameters and the second private key Protection parameters after encrypting are sent to described mobile terminal; And
Described mobile terminal is decrypted to obtain described the first private key Protection parameters and the second private key Protection parameters according to described the first random number to the information that described mobile banking server sends.
8. according to claim 1-6 described methods of any one, is characterized in that, the step of identifying user identity described in step b comprises the checking of short-message verification code, verifying dynamic password, electric signing tools checking or trading password checking.
9. the storage system of a private key for user, is characterized in that, this system comprises: mobile terminal and mobile banking's server,
described mobile terminal, be used for encrypting storage private key for user file at predeterminable area, identifying user identity by after generate the first random number, and obtain the first private key Protection parameters and the second private key Protection parameters according to described the first random number from described mobile banking server, and decipher the private key for user file of described storage according to described the second private key Protection parameters, and the described private key for user file after the checking deciphering, when passing through checking, described private key for user file carries out transaction according to described private key for user file, and when not passing through checking, described private key for user file deciphers the private key for user file of described storage according to described the first private key Protection parameters, and the described private key for user file after the checking deciphering, and when passing through checking, described private key for user file carries out transaction according to described private key for user file,
Described mobile terminal upgrades more new logo of private key Protection parameters according to being verified result; generate according to the transaction results that receives and upgrade the private key Protection parameters; send described renewal private key Protection parameters and described private key Protection parameters more new logo to mobile banking's server; according to the result that is updated successfully of described mobile banking service, utilize renewal private key Protection parameters to be encrypted storage to the private key for user file.
10. system according to claim 9, is characterized in that, described mobile terminal also is encrypted and stores described private key for user file according to the private key for user Protective Key;
Described private key for user file comprises the hardware information of private key for user and described mobile terminal;
Described private key for user Protective Key generates for all or part of information and the private key Protection parameters by all or part of information of the cryptographic Hash of the hardware information of described mobile terminal/hardware characteristics information, login password/the log in cryptographic Hash of password.
11. system according to claim 9; it is characterized in that; described mobile terminal also after described private key for user file is by checking, upgrades more new logo of private key Protection parameters according to described the first private key Protection parameters of deciphering described private key for user file or described the second private key Protection parameters.
12. system according to claim 9, it is characterized in that, described mobile banking server also upgrades when being designated sign corresponding to described the second private key Protection parameters at described private key Protection parameters, upgrade described the second private key Protection parameters according to described renewal private key Protection parameters, and upgrade described the first private key Protection parameters according to described the second private key Protection parameters; Upgrade when being designated sign corresponding to described the first private key Protection parameters at described private key Protection parameters, upgrade described the second private key Protection parameters according to described renewal private key Protection parameters; And return and be updated successfully result to described mobile terminal.
13. system according to claim 12 is characterized in that,
Described mobile terminal also according to the PKI of described mobile banking server to described renewal private key Protection parameters and described private key Protection parameters more new logo be encrypted, and the described renewal private key Protection parameters after encrypting and described private key Protection parameters more new logo be sent to described mobile banking server;
The information that described mobile banking server also sends described mobile terminal according to the private key of described mobile banking server is decrypted to obtain more new logo of described renewal private key Protection parameters and described private key Protection parameters.
14. system according to claim 9 is characterized in that, described mobile terminal also utilizes the described private key for user file after described hardware information checking deciphering.
15. according to claim 9-14 any one described systems, it is characterized in that, described mobile terminal also is encrypted described the first random number according to the PKI of described mobile banking server, and described the first random number after encrypting is sent to described mobile banking server;
It is described first random that the enciphered message that described mobile banking server also sends described mobile terminal according to the private key of described mobile banking server is decrypted to obtain, according to described the first random number, described the first private key Protection parameters and described the second private key Protection parameters are encrypted, and described the first private key Protection parameters and the second private key Protection parameters after encrypting are sent to described mobile terminal;
Described mobile terminal also is decrypted to obtain described the first private key Protection parameters and the second private key Protection parameters according to described the first random number to the information that described mobile banking server sends.
16. according to claim 9-14 any one described systems is characterized in that, described mobile terminal is also by short-message verification code, dynamic password, electric signing tools or trading password identifying user identity.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310009179.2A CN103095455B (en) | 2013-01-10 | 2013-01-10 | The storage means of private key for user and the storage system of private key for user |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310009179.2A CN103095455B (en) | 2013-01-10 | 2013-01-10 | The storage means of private key for user and the storage system of private key for user |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103095455A true CN103095455A (en) | 2013-05-08 |
CN103095455B CN103095455B (en) | 2015-11-18 |
Family
ID=48207619
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310009179.2A Active CN103095455B (en) | 2013-01-10 | 2013-01-10 | The storage means of private key for user and the storage system of private key for user |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103095455B (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110881063A (en) * | 2019-11-20 | 2020-03-13 | 腾讯科技(深圳)有限公司 | Storage method, device, equipment and medium of private data |
CN112235115A (en) * | 2020-10-12 | 2021-01-15 | 宋煜 | Cipher algorithm private key protection method based on repudiation authentication relationship |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101557289A (en) * | 2009-05-13 | 2009-10-14 | 大连理工大学 | Storage safe key management method based on ID authentication |
CN101989991A (en) * | 2010-11-24 | 2011-03-23 | 北京天地融科技有限公司 | Method for importing secret keys safely, electronic signature tool, authentication device and system |
US20120089519A1 (en) * | 2010-10-06 | 2012-04-12 | Prasad Peddada | System and method for single use transaction signatures |
-
2013
- 2013-01-10 CN CN201310009179.2A patent/CN103095455B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101557289A (en) * | 2009-05-13 | 2009-10-14 | 大连理工大学 | Storage safe key management method based on ID authentication |
US20120089519A1 (en) * | 2010-10-06 | 2012-04-12 | Prasad Peddada | System and method for single use transaction signatures |
CN101989991A (en) * | 2010-11-24 | 2011-03-23 | 北京天地融科技有限公司 | Method for importing secret keys safely, electronic signature tool, authentication device and system |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110881063A (en) * | 2019-11-20 | 2020-03-13 | 腾讯科技(深圳)有限公司 | Storage method, device, equipment and medium of private data |
CN110881063B (en) * | 2019-11-20 | 2022-03-15 | 腾讯科技(深圳)有限公司 | Storage method, device, equipment and medium of private data |
CN112235115A (en) * | 2020-10-12 | 2021-01-15 | 宋煜 | Cipher algorithm private key protection method based on repudiation authentication relationship |
Also Published As
Publication number | Publication date |
---|---|
CN103095455B (en) | 2015-11-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103067401B (en) | Method and system for key protection | |
US11588637B2 (en) | Methods for secure cryptogram generation | |
US20220116745A1 (en) | Methods and systems for asset obfuscation | |
CN100561916C (en) | A kind of method and system that upgrades authenticate key | |
CN106656488B (en) | Key downloading method and device for POS terminal | |
CN103078742B (en) | Generation method and system of digital certificate | |
CN103095456A (en) | Method and system for processing transaction messages | |
CN103051453B (en) | A kind of mobile terminal network affaris safety trade system based on digital certificate and method | |
CN107742212B (en) | Asset verification method, device and system based on block chain | |
CN103067402B (en) | The generation method and system of digital certificate | |
WO2020065633A1 (en) | Method, user device, management device, storage medium and computer program product for key management | |
CN103036681B (en) | A kind of password safety keyboard device and system | |
CN104412273A (en) | Method and system for activation | |
CN112565265B (en) | Authentication method, authentication system and communication method between terminal devices of Internet of things | |
CN104393993A (en) | A security chip for electricity selling terminal and the realizing method | |
CN103269271A (en) | Method and system for back-upping private key in electronic signature token | |
CN103781064A (en) | Short message verification system and verification method | |
CN103854180A (en) | Credit voucher generating method and system, and application authorization method and system | |
CN102385710A (en) | Method and system for verifying fact or fiction | |
CN111355591A (en) | Block chain account safety management method based on real-name authentication technology | |
KR20120053929A (en) | The agent system for digital signature using sign private key with double encryption and method thereof features to store in web storage | |
CN104486087A (en) | Digital signature method based on remote hardware security modules | |
CN112765626A (en) | Authorization signature method, device and system based on escrow key and storage medium | |
CN113612852A (en) | Communication method, device, equipment and storage medium based on vehicle-mounted terminal | |
CN103152732A (en) | Cloud password system and operation method thereof |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant |