CN103108245A - Smart television payment secret key system and payment method based on smart television - Google Patents

Smart television payment secret key system and payment method based on smart television Download PDF

Info

Publication number
CN103108245A
CN103108245A CN2011103617207A CN201110361720A CN103108245A CN 103108245 A CN103108245 A CN 103108245A CN 2011103617207 A CN2011103617207 A CN 2011103617207A CN 201110361720 A CN201110361720 A CN 201110361720A CN 103108245 A CN103108245 A CN 103108245A
Authority
CN
China
Prior art keywords
module
payment
digest value
intelligent television
pki
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2011103617207A
Other languages
Chinese (zh)
Other versions
CN103108245B (en
Inventor
刘风军
徐晓强
杨建辉
肖波
刘源
徐蓉
孙立林
金正博
王春晖
海涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Unionpay Co Ltd
Original Assignee
China Unionpay Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Unionpay Co Ltd filed Critical China Unionpay Co Ltd
Priority to CN201110361720.7A priority Critical patent/CN103108245B/en
Priority to PCT/CN2012/084565 priority patent/WO2013071858A1/en
Publication of CN103108245A publication Critical patent/CN103108245A/en
Application granted granted Critical
Publication of CN103108245B publication Critical patent/CN103108245B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/302Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the integer factorization problem, e.g. RSA or quadratic sieve [QS] schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/426Internal components of the client ; Characteristics thereof
    • H04N21/42607Internal components of the client ; Characteristics thereof for processing the incoming bitstream
    • H04N21/42623Internal components of the client ; Characteristics thereof for processing the incoming bitstream involving specific decryption arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/462Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
    • H04N21/4623Processing of entitlement messages, e.g. ECM [Entitlement Control Message] or EMM [Entitlement Management Message]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • H04L2209/601Broadcast encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • Multimedia (AREA)
  • Databases & Information Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)

Abstract

The invention relates to a smart television payment secret key system and a payment method based on a smart television. The smart television payment secret key system comprises a client device (100) and a TVP encryption device (200), wherein, the client device (100) is provided with a public key storage module (101), a user interface module (102), an encryption module (103) and a sending module (104), the TVP encryption device (200) is provided with a secret key producing module (201), a private key storage module (202), a receiving module (203) and a deciphering module (204). The smart television payment secret key system and the payment method based on the smart television are capable of improving payment safety and saving cost.

Description

A kind of intelligent television payment cipher key system and based on the method for payment of intelligent television
Technical field
The present invention relates to a kind of intelligent television payment cipher key system and based on the method for payment of intelligent television, relate in particular to the intelligent television payment cipher key system of unsymmetrical key and based on the method for payment of intelligent television.
Background technology
TV payment at present is main uses and two kinds of scenes: small amount payment and wholesale payment.Small amount payment is mainly the expense that TV user is used to buy the movie and television play Video service, TV service operator provides a virtual account for the user, the user can supplement with money in account in advance, when the needs small amount payment, deducts the fee from this virtual user account number; Wholesale payment generally is applied to TV commercial affairs, management of personal money, pay the fees and supplement with money and the supplementing with money of user's virtual account number.TV payment is based on without card payment solution, and the holder operates menu to video screen by remote controller and operates and complete payment.Bank card number, input personal identification number or the bank's sensitive informations such as the term of validity or CVN2 (being check code) that the user can the remote controller by Intelligent television terminal selects to have bound are realized without card payment (binding in advance need the user to input holder's assistant authentification information send the card issuer to verify); The perhaps directly manually element of transactions realization nothing card transaction such as input bank card sensitive information and holder's assistant authentification information.
The television payment system of prior art comprises: payment client terminal, payment channel front-end system (being TPP), intelligent television payment front device (being TVP) and associated content providing platform (also referred to as integrated Broadcast Control platform).Whole television payment system carries out security control to data when the transmission transaction message.
On the other hand, the payment of the online television of the Internet-based pattern that has occurred on market, its transaction finance transaction data is to encrypt and transmission by SSL and HTTPS agreement.Television terminal and server end authenticate mutually by digital certificate, carry out cipher key change; By unsymmetrical key, the data that transmit are encrypted and hide; Reach the safe transmission purpose of data.It is more that terminal only is encrypted with PKI user PIN that existing asymmetric encryption techniques is used, and turns encryption at server end.
There is in the prior art following problem: can not guarantee definitely that server oneself is safe.Because SSL and HTTPS agreement cryptographic algorithm and authentication mechanism are all disclosed, and algorithm is simpler, so server end is easy to be copied; This some victim utilization even, common examples is to imitate the phishing attack of bank's domain name.Conclude the business with client by copying the server end simulation, obtain the financial sensitive informations such as bank's card number, trading password.And if can avoid above defective by the technology of two-way authentication, but increased exploitation and operation cost.In addition, without blocking the growing of payment, the card issuer more needs other key elements except PIN are verified, comprises CVN2, the term of validity etc. for present, card number even, therefore how these key elements being carried out the existing system of safe transmission in trading channel can't ensure fully.
Summary of the invention
The present invention aims to provide a kind of safe, cost-effective intelligent television payment cipher key system and in view of the above problems based on the method for payment of intelligent television.
Intelligent television payment cipher key system of the present invention is characterized in that possessing payment client terminal device and TVP encryption device, and described payment client terminal device possesses: the PKI memory module, preset following PKI; Subscriber interface module obtains Transaction Information and sensitive data, the Transaction Information that obtains is generated the message body, and call PKI from described PKI memory module; Encrypting module utilizes the PKI that calls by described subscriber interface module that described sensitive information is encrypted and obtains the client encrypt data; And sending module, with described client encrypt data and described message body as the transaction message body to described TVP encryption device, described TVP encryption device possesses: key production module, be used for generating private key and with this private key PKI one to one; Secret storage module is used for storing described private key, and receiver module is used for receiving the transaction message body that sends from described payment client terminal device; Deciphering module calls the private key that is stored in described secret storage module the described client encrypt data in described transaction message body is decrypted.
Preferably, described sending module has described transaction message is compressed and the compressed encoding unit of encoding and send the transmitting element of the described transaction message of compressed and coding, and described receiver module has the decoding decompression unit that the receiving element that receives described transaction message and the described transaction message of docking are decoded and decompressed.
Preferably, described encrypting module utilizes described PKI to carry out the RSA rivest, shamir, adelman to described sensitive information and is encrypted, and described deciphering module utilizes the described client encrypt data of described private key to carry out the asymmetric privacy keys deciphering.
Preferably, described payment client terminal device also possesses: be used for described transaction message body is calculated digest value and with the digest value that calculates the first digest value computing module as described sensitive data, described TVP encryption device also possesses: the second digest value computing module that is used for the described transaction message body that receives is calculated digest value; The digest value comparison module, whether the digest value that calculates in more described the second digest value computing module is with consistent by the digest value that contains in the sensitive data that obtains after described decoding decompression unit decoding decompress(ion).
Preferably, described the first digest value computing module and the second digest value computing module utilize Secure Hash Algorithm to calculate digest value to described transaction message body.
Preferably, described digest value comparison module is being judged as dropping packets in the inconsistent situation of described digest value.
Preferably, described PKI is to have the corresponding term of validity and the intensity passage of time of passing in time to strengthen gradually.
Preferably, described PKI is 3, is respectively 1152,1408,1984.
Preferably, described private key and described PKI are corresponding by call number.
Preferably, described sending module also sends to described TVP encryption device with described call number together with described transaction message body.
Preferably, the PINBLOCK (password form) after described deciphering module also is used for utilizing symmetric key to deciphering turns encryption.
Preferably, described TVP encryption device possesses: the dynamic code generation module generates dynamic code and stores this dynamic code according to the request from described payment client terminal device, and this dynamic code is sent to the user; The dynamic code comparison module, the dynamic code that comprises in the dynamic code of having stored in more described dynamic code generation module and described transaction message body.
Preferably, described dynamic code comparison module dropping packets in dynamic code that judgement has been stored in described dynamic code generation module and the inconsistent situation of dynamic code in described transaction message body.
Method of payment based on intelligent television of the present invention utilizes payment client terminal device and TVP encryption device to carry out the TV payment, it is characterized in that, comprising: the obtaining step that obtains Transaction Information and sensitive data; The encrypting step that utilizes PKI that the described sensitive data that obtains is encrypted; Sensitive data and Transaction Information after encrypting are sent to the forwarding step of described TVP encryption device from described payment client terminal apparatus; The sensitive data that reception is sent from described payment client terminal device and the receiving step of Transaction Information; With with described PKI private key decryption step that the sensitive data that receives is decrypted one to one.
Preferably, in described encrypting step, utilize PKI to carry out the RSA asymmetric encryption to described sensitive information, in described decryption step, utilize private key to carry out asymmetric title private key deciphering to described sensitive data.
Preferably, in described forwarding step, to described transaction message compress and encode after send again, receive in step in described reception, receives described transaction message and docks described transaction message afterwards and decode and decompress.
Preferably, the method for payment based on intelligent television of the present invention also possesses: at described payment client terminal device, described transaction message body is calculated digest value and with the digest value that calculates the first digest value calculation procedure as described sensitive data; At described TVP encryption device, the described transaction message body that receives is calculated the second digest value calculation procedure of digest value; Relatively by the digest value that calculates in described the second digest value calculation procedure with by the digest value that contains in the sensitive data that obtains after described decoding solution step deciphering consistent digest value comparison step whether.
Preferably, utilize Secure Hash Algorithm to calculate digest value to described transaction message body in described the first digest value calculation procedure and described the second digest value calculation procedure.
Preferably, in described digest value comparison step, be judged as dropping packets in the inconsistent situation of described digest value.
Preferably, described PKI is to have the corresponding term of validity and the intensity passage of time of passing in time to strengthen gradually.
Preferably, described PKI is 3, is respectively 1152,1408,1984.
Preferably, described private key and described PKI are corresponding one by one by call number.
Preferably, in described forwarding step, also described call number is sent to described TVP encryption device together with described transaction message body.
Preferably, in described decryption step, utilize symmetric key the PINBLOCK (password form) after deciphering to be carried out the encrypting step that turns of symmetric key encryption.
Preferably, method of payment based on intelligent television of the present invention also possesses: generate dynamic code and this dynamic code is stored in described TVP encryption device according to the request from described payment client terminal device, simultaneously this dynamic code being sent to user's dynamic code to generate step; Relatively be stored in the dynamic code comparison step that dynamic code in described TVP encryption device and user are input to described payment client terminal as sensitive data and send to the dynamic code in described TVP encryption device as the transaction message body.
Preferably, in described dynamic code comparison step, dropping packets in the inconsistent situation of dynamic code.
The payment client terminal device of intelligent television payment cipher key system of the present invention is characterized in that, the PKI memory module is used for storing in advance the PKI file; Subscriber interface module is used for obtaining Transaction Information and sensitive data, and the Transaction Information that obtains is generated the message body, and is used for calling PKI from described PKI memory module; Encrypting module utilizes the PKI that calls by described subscriber interface module that described sensitive information is encrypted and obtains the client encrypt data; Sending module sends the transaction message that described client encrypt data and described message body form.
Preferably, this payment client terminal device also possesses for described transaction message body being calculated the digest value computing module of digest value.
Preferably, described digest value computing module utilizes Secure Hash Algorithm to calculate digest value to described transaction message body.
Preferably, described PKI is to have the corresponding term of validity and the intensity passage of time of passing in time to strengthen gradually.
Preferably, described PKI is 3, is respectively 1152,1408,1984.
Preferably, described encrypting module adopts described PKI to carry out the RSA rivest, shamir, adelman described sensitive information is encrypted obtains the client encrypt data.
Preferably, described encrypting module described transaction message is compressed and encode after send again.
TVP encryption device in intelligent television payment cipher key system of the present invention is characterized in that key production module is used for generating private key; Secret storage module is used for storing described private key; Receiver module is used for receiving the transaction message body that comprises the client encrypt data; Deciphering module calls the private key that is stored in described secret storage module the client encrypt data in described transaction message body is decrypted.
Preferably, the PINBLOCK (password form) after described deciphering module also is used for utilizing symmetric key to deciphering turns encryption.Utilize the intelligent television payment cipher key system of the invention described above, based on the method for payment of intelligent television, owing to having utilized PKI, even therefore transaction message victim in transmitting procedure is distorted, owing to not utilizing private key, security information after encryption also can't decryptedly be obtained, and has improved Security of the system.And, by message being calculated digest value, and compare, therefore, even transaction message victim in transmitting procedure is distorted, by the checking digest value, just can accurately judge transaction message and whether be tampered.Further, on the basis of checking digest value, by the checking dynamic code, can further guarantee the accuracy of holder's identity.And in the links of whole transaction, trading password is all the ciphertext state, therefore, has guaranteed the fail safe of transaction property breath.In addition, adopted in the present invention the mode that presets PKI, the PKI operating period is long, and encryption density is strong, can take into account security performance and saving cost two aspects.
Description of drawings
Fig. 1 means the schematic configuration diagram of intelligent television payment cipher key system of the present invention.
Fig. 2 means the further schematic configuration diagram of intelligent television payment cipher key system of the present invention.
Fig. 3 means the flow chart of the method for payment based on intelligent television of the present invention.
Embodiment
The below introduces is a plurality of some in may embodiment of the present invention, aims to provide basic understanding of the present invention.Be not intended to confirm key of the present invention or conclusive key element or limit claimed scope.
For making the purpose, technical solutions and advantages of the present invention clearer, the present invention is described in further detail below in conjunction with accompanying drawing.
Fig. 1 means the schematic configuration diagram of intelligent television payment cipher key system of the present invention.
As shown in Figure 1, intelligent television payment cipher key system of the present invention is made of payment client terminal device 100 (being television terminal) and TVP encryption device 200.Payment client terminal device 100 mainly comprises PKI memory module 101, subscriber interface module 102 (in figure referred to as the UI module), encrypting module 103, sending module 104, and TVP encryption device 200 mainly comprises key production module 201, secret storage module 202, receiver module 203, deciphering module 204.
In payment client terminal device 100, be placed in advance the PKI that will be described later in PKI memory module 101.Subscriber interface module 102 obtains Transaction Information and sensitive data, the Transaction Information that obtains is generated the message body, and call PKI from the PKI memory module.
Transaction Information mainly refers to the information that dealing money, transaction content, exchange hour etc. are relevant with transaction.Sensitive data comprises the information such as bank card account number, trading password, digest value (be the HASH value, will be described later), bank card check digit (being CVN2), the card term of validity, dynamic code (will be described later).
Encrypting module 103 utilizes the PKI that calls by subscriber interface module 102 that sensitive information is encrypted, and obtains thus the client encrypt data.Sending module 104 with these client encrypt data and described message body as the transaction message body to TVP encryption device 200.
Here, encrypting module 103 adopts the RSA rivest, shamir, adelman to be encrypted when sensitive information is encrypted.The RSA rivest, shamir, adelman is one of the most frequently used rivest, shamir, adelman.
Following simple declaration is the process of RSA asymmetric encryption, deciphering once.
At first, RSA key generation step comprises following three steps:
(1) choose independently two large prime number p and q, calculate n=p * q, and calculate
Figure BSA00000613229000071
(2) select an integer e, (
Figure BSA00000613229000072
Figure BSA00000613229000073
Coprime with e).At mould Under, e has unique inverse element, calculates
Figure BSA00000613229000075
(3) get PKI for (n, e), private key is (n, d) and destroy p, q.
Then, rsa encryption and decryption step are as follows:
Before encrypting messages, first it is divided into the packet less than n, then to each block encryption.
Encrypt: C=M e(mod n)
Deciphering: M=C d(mod n)
Again, in TVP encryption device 200, key production module 201 is used for generating private key and PKI.Secret storage module 202 is used for the private key that storage key generation module 201 generates.Receiver module 203 receives the transaction message body that sends from payment client terminal device 100.Deciphering module 204 calls the private key that is stored in secret storage module 202 the client encrypt data in the transaction message body is carried out the asymmetric privacy keys deciphering.
In the present invention, the PKI that key production module 201 generates and private key are corresponding one by one, and they can set up corresponding relation by a call number.Private key can not obtain from the outside, and PKI can be obtained by the outside by the mode of interface interchange.In the present invention, convert a PKI file to by the PKI that will generate in TVP encryption device 200 and be placed in advance above-mentioned payment client terminal device 100.Like this, when 100 pairs of data of payment client terminal device are encrypted, just call out this PKI by subscriber interface module 102 data are encrypted.The sending module 104 of paying at the same time client terminal device 100 also can send to TVP encryption device 200 together with the call number corresponding with PKI.Like this, in TVP encryption device 200, just can find and this PKI private key one to one according to this call number.
Frequently upgrade for fear of PKI, the present inventor propose a kind of in the PKI file of binary format altogether default 3 the mode of key.In this mode, every the public key setting corresponding term of validity and intensity passage of time are increased gradually.As an example, can arrange be respectively 1152,1408,1984 3 key.Payment client terminal device 100 is inputted bank card sensitive information and checking key element by subscriber interface module 102 prompting users, and after collecting, which time period of living according to current date takes out the PKI of correspondence and be encrypted processing by encrypting module 103 from the PKI file.Like this, not only can solve the problem that needs the frequent updating key in existing encryption technology, can also provide and pass in time the higher key of confidentiality.
In payment client terminal device 100, sending module 104 comprises particularly: described transaction message is compressed and the compressed encoding unit of BASE64 coding and the transmitting element (not shown) of the compressed described transaction message with encoding of transmission.
Correspondingly, in TVP encryption device 200, receiver module 203 comprises particularly: receive the receiving element of described transaction message and the decoding decompression unit that the described transaction message of docking is carried out the BASE64 decoding and decompressed.
Here, the PIN BLOCK (password form) after the deciphering module 204 in TVP encryption device 200 also further utilizes symmetric key and deciphers turns encryption.In the present invention, the reason that need to turn encryption is, the sensitive information such as bank card password does not allow in application system in financial sector, comprises in database, internal memory residently, therefore, must carry out this in TVP encryption device 200 and turn ciphering process.
Fig. 2 means the further schematic configuration diagram of intelligent television payment cipher key system of the present invention.
Fail safe for the guarantee information transmission, on architecture basics shown in Figure 1, as shown in Figure 2, also possess at payment client terminal device 100: be used for described transaction message body is calculated digest value (being the HASH value) and with the digest value that calculates the first digest value computing module 105 as described sensitive data.Correspondingly.Also possess at TVP encryption device 200: the second digest value computing module 205 that is used for the transaction message body that receives is calculated digest value; Digest value comparison module 206, whether the digest value that relatively calculates in the second digest value computing module is with consistent by the digest value that contains in the sensitive data that obtains after decoding decompression unit decoding decompress(ion).Here, as the method for calculating digest value, adopt Secure Hash Algorithm.
Like this, at payment client terminal device 100, calculate digest value by 105 pairs of transaction message bodies of the first digest value computing module, and this digest value is carried out above-mentioned encryption as sensitive information.The message body that utilizes 205 pairs of the second digest value computing modules to receive at TVP encryption device 200 also calculates digest value, compared by the digest value that contains in the sensitive information after 206 pairs of these digest value that calculate of digest value comparison module and deciphering simultaneously, if both are unequal, show that transaction message may be tampered in transmitting procedure, dropping packets.
On this basis, for the further fail safe of guarantee information transmission again, except utilizing digest value compares, can also utilize the comparison of dynamic code further to guarantee fail safe.As shown in Figure 2, particularly, TVP encryption device 200 can also further possess: dynamic code generation module 208 and dynamic code comparison module 209.Dynamic code generation module 208 generates dynamic code and stores this dynamic code according to the request from payment client terminal device 100, and the mode by note or other etc. sends to the user with this dynamic code simultaneously.The user inputs this dynamic code in when payment according to the prompting of Subscriber Interface Module SIM 102, and with this dynamic code as sensitive information, send to TVP encryption device 200 by sending module 104 after being encrypted by encrypting module 103.Receiver module 203 in TVP encryption device 200 receives and is imported into dynamic code comparison module 209 by the dynamic code after deciphering module 204 deciphering, simultaneously, the dynamic code of having stored in dynamic code generation module 208 (dynamic code that is namely generated by dynamic code generation module 208 the earliest) also is transfused to dynamic code comparison module 209, by dynamic code comparison module 209, both are carried out, if both are unequal, show that transaction message may be tampered in transmitting procedure, dropping packets.
In intelligent television of the present invention payment cipher key system, utilize PKI and do not utilized private key, even therefore transaction message victim in transmitting procedure is distorted, the security information after encryption also can't decryptedly be obtained, and has improved Security of the system.
And, in intelligent television payment cipher key system of the present invention, by message is calculated digest value, and compare, therefore, even transaction message victim in transmitting procedure is distorted, by the checking digest value, can judge transaction message and whether be tampered, improved Security of the system.
And, in intelligent television payment cipher key system of the present invention, by adopting the dynamic code authentication mechanism, can guarantee the accuracy of holder's identity, improved Security of the system.
And, in intelligent television payment cipher key system of the present invention, in the links of whole transaction, trading password is all the ciphertext state, be all sightless, trading password expressly can not be recorded in any physical medium, therefore yet, further guarantee the fail safe of transaction property breath, improved Security of the system.
And in intelligent television payment cipher key system of the present invention, the PKI operating period is long, and encryption density is strong, can on the basis that guarantees system safety, save cost.
Under regard to the method for payment based on intelligent television of the present invention and describe.
Fig. 3 means the flow chart of the method for payment based on intelligent television of the present invention.
As shown in Figure 3, in payment client terminal device 100 sides, obtain Transaction Information and form the transaction message body, the message body is calculated digest value.Wherein, the transaction message body is by Transaction Information and sensitive data.Transaction Information mainly refers to the information that dealing money, transaction content, exchange hour etc. are relevant with transaction.Sensitive data comprises the information such as bank card account number, trading password, digest value, bank card check digit (being CVN2), the card term of validity, dynamic code.
At payment client terminal device 100 sides other sensitive informations from acquisition bank card number, trading password etc., with the digest value that calculates also as sensitive information together by utilizing the PKI of storing in the PKI file to carry out the RSA asymmetric encryption, generate the client name sense data after encrypting.Then, client sensitive data and message body after encrypting are sent to TVP encryption device 200 together as transaction message.
In TVP encryption device 200 sides, after receiving transaction message, utilize private key to carry out asymmetric privacy keys deciphering to client sensitive data after the encryption of sending, by asymmetric privacy keys decipher the style that obtains delivering newspaper digest value, on the dynamic code, deciphering that send sensitive information afterwards.
PIN BLOCK (password form) after the utilization deciphering and symmetric key carry out the symmetric key key and turn encryption, generate the PIN BLOCK (password form) after encrypting.After deciphering, the rear PIN BLOCK (password form) of sensitive information and encryption can be applied to trading processing.
On the other hand, after receiving transaction message, the message body that receives is calculated digest value.Relatively the digest value of this message body that calculates and above-mentioned on the deliver newspaper digest value of style, verify whether both consistent, in both inconsistent situations of judgement, dropping packets.In the situation that judge that both are consistent, continue to process.
On the basis of checking digest value, further after the checking deciphering on the dynamic code stored of the dynamic code that send and TVP encryption device 200 whether consistent, judging in both inconsistent situations dropping packets.In the situation that judge that both are consistent, continuous business is processed.
It is that television terminal and TVP encryption device 200 are realized that method of payment based on intelligent television of the present invention is utilized payment client terminal 100, utilize the method for payment based on intelligent television of the present invention, adopt PKI, even therefore transaction message victim in transmitting procedure is distorted, owing to not adopting private key, security information after encryption also can't decryptedly be obtained, and has improved Security of the system.
And, utilize the method for payment based on intelligent television of the present invention, by message is calculated digest value, and compare, therefore, even transaction message victim in transmitting procedure is distorted, by the checking digest value, can judge transaction message and whether be tampered, improved Security of the system.
And, utilize the method for payment based on intelligent television of the present invention,, by adopting the dynamic code authentication mechanism, can guarantee the accuracy of holder's identity, improved Security of the system.
And, utilize the method for payment based on intelligent television of the present invention, in the links of whole transaction, trading password is all the ciphertext state, be all sightless, trading password expressly can not be recorded in any physical medium, therefore yet, further guarantee the fail safe of transaction property breath, improved Security of the system.
And, utilize the method for payment based on intelligent television of the present invention, the PKI operating period is long, and encryption density is strong, can on the basis that guarantees system safety, save cost.
Above example has mainly illustrated system of the present invention and various application process.Although only the some of them embodiments of the present invention are described, those of ordinary skills should understand, and the present invention can be within not departing from its purport and scope implements with many other forms.Therefore, the example of showing and execution mode are regarded as illustrative and not restrictive, in the situation that do not break away from spirit of the present invention as defined in appended each claim and scope, the present invention may be contained various modifications and replacement.
In the situation that can also consist of without departing from the spirit and scope of the present invention many very embodiment of big difference that have.Should be appreciated that except as defined by the appended claims, the invention is not restricted at the specific embodiment described in specification.

Claims (33)

1. an intelligent television payment cipher key system, is characterized in that possessing payment client terminal device (100) and TVP encryption device (200),
Described payment client terminal device (100) possesses:
PKI memory module (101) presets following PKI;
Subscriber interface module (102) obtains Transaction Information and sensitive data, the Transaction Information that obtains is generated the message body, and call described PKI from described PKI memory module;
Encrypting module (103) utilizes the PKI that calls by described subscriber interface module, and described sensitive information is encrypted, and obtains the client encrypt data; And
Sending module (104) sends to described TVP encryption device with described client encrypt data and described message body as the transaction message body,
Described TVP encryption device (200) possesses:
Key production module (201), be used for to generate private key and with this private key PKI one to one;
Secret storage module (202) is used for storing described private key;
Receiver module (203) is used for receiving the transaction message body that sends from described payment client terminal device;
Deciphering module (204) calls the private key that is stored in described secret storage module the described client encrypt data in described transaction message body is decrypted.
2. intelligent television payment cipher key system as claimed in claim 3, is characterized in that,
Described sending module (104) has described transaction message is compressed and the compressed encoding unit of encoding and send the transmitting element of the described transaction message of compressed and coding,
Described receiver module (203) has the receiving element that receives described transaction message and docks the decoding decompression unit that described transaction message is decoded and decompressed.
3. intelligent television payment cipher key system as claimed in claim 2, is characterized in that,
Described encrypting module (103) utilizes described PKI to carry out the RSA rivest, shamir, adelman to described sensitive information and is encrypted,
Described deciphering module (204) utilizes the described client encrypt data of described private key to carry out the asymmetric privacy keys deciphering.
4. intelligent television payment cipher key system as claimed in claim 2, is characterized in that,
Described payment client terminal device (100) also possesses: is used for described transaction message body is calculated digest value and with the digest value that calculates the first digest value computing module (105) as described sensitive data,
Described TVP encryption device (200) also possesses:
Be used for the described transaction message body that receives is calculated the second digest value computing module (205) of digest value;
Digest value comparison module (206), whether the digest value that calculates in more described the second digest value computing module is with consistent by the digest value that contains in the sensitive data that obtains after described decoding decompression unit decoding decompress(ion).
5. intelligent television payment cipher key system as claimed in claim 4, is characterized in that,
Described the first digest value computing module (105) and the second digest value computing module (205) utilize Secure Hash Algorithm to calculate digest value to described transaction message body.
6. intelligent television payment cipher key system as claimed in claim 5, is characterized in that,
Described digest value comparison module (206) is being judged as dropping packets in the inconsistent situation of described digest value.
7. intelligent television payment cipher key system as claimed in claim 4, is characterized in that,
Described PKI is to have the corresponding term of validity and the intensity passage of time of passing in time to strengthen gradually.
8. intelligent television payment cipher key system as claimed in claim 7, is characterized in that,
Described PKI is 3, is respectively 1152,1408,1984.
9. intelligent television payment cipher key system as claimed in claim 1, is characterized in that,
Described private key and described PKI are corresponding one by one by call number.
Described sending module (104) also sends to described TVP encryption device with described call number together with described transaction message body.
10. intelligent television payment cipher key system as claimed in claim 3, is characterized in that,
Password form after described deciphering module (204) also is used for utilizing symmetric key to deciphering turns encryption.
11. intelligent television payment cipher key system as claimed in claim 3 is characterized in that,
Described TVP encryption device possesses dynamic code generation module (208), generates dynamic code and stores this dynamic code according to the request from described payment client terminal device (100), also this dynamic code is sent to the user simultaneously,
This dynamic code that described subscriber interface module (102) also obtains to input by the user as sensitive data, dynamic code after by described encrypting module (103), this dynamic code being encrypted as described sensitive information and being encrypted by described sending module (104) sends to described TVP encryption device with described message body as described client encrypt data together with the transaction message body
Described TVP encryption device also possesses dynamic code comparison module (209), the dynamic code that comprises in the described dynamic code of having stored in more described dynamic code generation module (208) and described transaction message body.
12. intelligent television payment cipher key system as claimed in claim 11 is characterized in that,
Dropping packets in the dynamic code that described dynamic code comparison module (209) has been stored in the described dynamic code generation module of judgement (208) and the inconsistent situation of dynamic code in described transaction message body.
13. the method for payment based on intelligent television utilizes payment client terminal device and TVP encryption device to carry out the TV payment, it is characterized in that, comprising:
Obtain the obtaining step of Transaction Information and sensitive data;
The encrypting step that utilizes PKI that the described sensitive data that obtains is encrypted;
Sensitive data and Transaction Information after encrypting are sent to the forwarding step of described TVP encryption device from described payment client terminal apparatus;
The sensitive data that reception is sent from described payment client terminal device and the receiving step of Transaction Information;
With with described PKI private key decryption step that the sensitive data that receives is decrypted one to one.
14. the method for payment based on intelligent television as claimed in claim 13 is characterized in that,
In described encrypting step, utilize PKI to carry out the RSA asymmetric encryption to described sensitive information,
In described decryption step, utilize private key to carry out asymmetric title private key deciphering to described sensitive data.
15. the method for payment based on intelligent television as claimed in claim 14 is characterized in that,
In described forwarding step, to described transaction message compress and encode after send again,
Receive in step in described reception, receives described transaction message and dock described transaction message afterwards and decode and decompress.
16. the method for payment based on intelligent television as claim 15 is characterized in that, also possesses:
At described payment client terminal device, described transaction message body is calculated digest value and with the digest value that calculates the first digest value calculation procedure as described sensitive data;
At described TVP encryption device, the described transaction message body that receives is calculated the second digest value calculation procedure of digest value;
Relatively by the digest value that calculates in described the second digest value calculation procedure with by the digest value that contains in the sensitive data that obtains after described decoding solution step deciphering consistent digest value comparison step whether.
17. the method for payment based on intelligent television as claimed in claim 16 is characterized in that,
Utilize Secure Hash Algorithm to calculate digest value to described transaction message body in described the first digest value calculation procedure and described the second digest value calculation procedure.
18. the method for payment based on intelligent television as claimed in claim 17 is characterized in that,
In described digest value comparison step, be judged as dropping packets in the inconsistent situation of described digest value.
19. the method for payment based on intelligent television as claimed in claim 18 is characterized in that, in described decryption step, utilizes symmetric key to turn encryption to the password form after deciphering.
20. the method for payment based on intelligent television as claimed in claim 19 is characterized in that, also possesses:
Generate dynamic code and this dynamic code is stored in described TVP encryption device according to the request from described payment client terminal device, simultaneously this dynamic code being sent to user's dynamic code to generate step;
Relatively be stored in the dynamic code comparison step that dynamic code in described TVP encryption device and user are input to described payment client terminal (100) as sensitive data and send to the dynamic code in described TVP encryption device (200) as the transaction message body.
21. intelligent television payment cipher key system as claimed in claim 20 is characterized in that,
In described dynamic code comparison step, dropping packets in the inconsistent situation of dynamic code.
22. the method for payment based on intelligent television as described in claim 13~21 any one is characterized in that,
Described PKI is to have the corresponding term of validity and the intensity passage of time of passing in time to strengthen gradually.
23. the method for payment based on intelligent television as claimed in claim 22 is characterized in that,
Described PKI is 3, is respectively 1152,1408,1984.
24. the method for payment based on intelligent television as claimed in claim 23 is characterized in that,
Described private key and described PKI are corresponding one by one by call number.
In described forwarding step module, also described call number is sent to described TVP encryption device together with described transaction message body.
25. the payment client terminal device of an intelligent television payment cipher key system is characterized in that, the PKI memory module is used for storing in advance the PKI file;
Subscriber interface module is used for obtaining Transaction Information and sensitive data, and the Transaction Information that obtains is generated the message body, and is used for calling PKI from described PKI memory module;
Encrypting module utilizes the PKI that calls by described subscriber interface module that described sensitive information is encrypted and obtains the client encrypt data;
Sending module sends the transaction message that described client encrypt data and described message body form.
26. the payment client terminal device of intelligent television payment cipher key system as claimed in claim 25 is characterized in that,
This payment client terminal device also possesses for described transaction message body being calculated the digest value computing module of digest value.
27. the payment client terminal device of intelligent television payment cipher key system as claimed in claim 4 is characterized in that,
Described digest value computing module utilizes Secure Hash Algorithm to calculate digest value to described transaction message body.
28. the payment client terminal device of intelligent television payment cipher key system as claimed in claim 27 is characterized in that,
Described encrypting module adopts described PKI to carry out the RSA rivest, shamir, adelman and described sensitive information is encrypted obtains the client encrypt data.
29. the payment client terminal device of intelligent television payment cipher key system as claimed in claim 28 is characterized in that,
Described encrypting module described transaction message is compressed and encode after send again.
30. the payment client terminal device of intelligent television payment cipher key system as described in claim 25~29 any one is characterized in that,
Described PKI is to have the corresponding term of validity and the intensity passage of time of passing in time to strengthen gradually.
31. the payment client terminal device of intelligent television payment cipher key system as claimed in claim 30 is characterized in that,
Described PKI is 3, is respectively 1152,1408,1984.
32. the TVP encryption device in intelligent television payment cipher key system is characterized in that,
Key production module (201) is used for generating private key.
Secret storage module (202) is used for storing described private key,
Receiver module (203) is used for receiving the transaction message body that comprises the client encrypt data;
Deciphering module (204) calls the private key that is stored in described secret storage module the client encrypt data in described transaction message body is decrypted.
33. the TVP encryption device in intelligent television payment cipher key system as claimed in claim 32 is characterized in that also possessing:
Password form after described deciphering module (204) also is used for utilizing symmetric key to deciphering turns encryption.
CN201110361720.7A 2011-11-15 2011-11-15 A kind of intelligent television pays cipher key system and method for payment based on intelligent television Active CN103108245B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201110361720.7A CN103108245B (en) 2011-11-15 2011-11-15 A kind of intelligent television pays cipher key system and method for payment based on intelligent television
PCT/CN2012/084565 WO2013071858A1 (en) 2011-11-15 2012-11-14 Payment secret key system of intelligent tv and payment method based on intelligent tv

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201110361720.7A CN103108245B (en) 2011-11-15 2011-11-15 A kind of intelligent television pays cipher key system and method for payment based on intelligent television

Publications (2)

Publication Number Publication Date
CN103108245A true CN103108245A (en) 2013-05-15
CN103108245B CN103108245B (en) 2016-09-28

Family

ID=48315761

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201110361720.7A Active CN103108245B (en) 2011-11-15 2011-11-15 A kind of intelligent television pays cipher key system and method for payment based on intelligent television

Country Status (2)

Country Link
CN (1) CN103108245B (en)
WO (1) WO2013071858A1 (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103546454A (en) * 2013-08-28 2014-01-29 深圳市龙视传媒有限公司 Encryption method, encryption system and related equipment
CN103686437A (en) * 2013-12-06 2014-03-26 康佳集团股份有限公司 Television interactive dynamic password authorization payment method and system
CN105516056A (en) * 2014-09-24 2016-04-20 腾泰科技股份有限公司 Encrypted file protection system and protection method thereof
CN105654281A (en) * 2015-12-30 2016-06-08 中国银联股份有限公司 Safe payment system and safe payment method
CN109034796A (en) * 2018-06-15 2018-12-18 重庆金融资产交易所有限责任公司 Transaction monitoring and managing method, electronic device and readable storage medium storing program for executing based on alliance's chain

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111478917B (en) * 2016-10-25 2022-04-15 上海秋庚咨询管理有限公司 Background system for providing network service for access control device and user terminal
TWI743860B (en) * 2020-06-30 2021-10-21 瑞昱半導體股份有限公司 Communication device and network management method

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030237004A1 (en) * 2002-06-25 2003-12-25 Nec Corporation Certificate validation method and apparatus thereof
CN1766920A (en) * 2005-11-01 2006-05-03 广州好易联支付网络有限公司 On-line safety payment system
CN101087189A (en) * 1998-05-05 2007-12-12 杰伊·C·陈 A cryptographic system and method for electronic trade
CN101098225A (en) * 2006-06-29 2008-01-02 中国银联股份有限公司 Safety data transmission method and paying method, paying terminal and paying server
CN101119471A (en) * 2007-08-29 2008-02-06 北京数码视讯科技有限公司 System and method for implementing digital television on-line payment

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101853453A (en) * 2009-04-03 2010-10-06 中兴通讯股份有限公司 System and method for realizing mobile payment

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101087189A (en) * 1998-05-05 2007-12-12 杰伊·C·陈 A cryptographic system and method for electronic trade
US20030237004A1 (en) * 2002-06-25 2003-12-25 Nec Corporation Certificate validation method and apparatus thereof
CN1766920A (en) * 2005-11-01 2006-05-03 广州好易联支付网络有限公司 On-line safety payment system
CN101098225A (en) * 2006-06-29 2008-01-02 中国银联股份有限公司 Safety data transmission method and paying method, paying terminal and paying server
CN101119471A (en) * 2007-08-29 2008-02-06 北京数码视讯科技有限公司 System and method for implementing digital television on-line payment

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103546454A (en) * 2013-08-28 2014-01-29 深圳市龙视传媒有限公司 Encryption method, encryption system and related equipment
CN103686437A (en) * 2013-12-06 2014-03-26 康佳集团股份有限公司 Television interactive dynamic password authorization payment method and system
CN103686437B (en) * 2013-12-06 2018-12-21 康佳集团股份有限公司 A kind of television interactive dynamic password authorization payment method and system
CN105516056A (en) * 2014-09-24 2016-04-20 腾泰科技股份有限公司 Encrypted file protection system and protection method thereof
CN105516056B (en) * 2014-09-24 2018-10-26 腾泰科技股份有限公司 Encrypt file protecting system and its guard method
CN105654281A (en) * 2015-12-30 2016-06-08 中国银联股份有限公司 Safe payment system and safe payment method
CN109034796A (en) * 2018-06-15 2018-12-18 重庆金融资产交易所有限责任公司 Transaction monitoring and managing method, electronic device and readable storage medium storing program for executing based on alliance's chain
CN109034796B (en) * 2018-06-15 2023-09-22 安达数据技术(深圳)有限公司 Alliance chain-based transaction supervision method, electronic device and readable storage medium

Also Published As

Publication number Publication date
CN103108245B (en) 2016-09-28
WO2013071858A1 (en) 2013-05-23

Similar Documents

Publication Publication Date Title
US20200372503A1 (en) Transaction messaging
CN109818749B (en) Quantum computation resistant point-to-point message transmission method and system based on symmetric key pool
CN102802036B (en) System and method for identifying digital television
CN105553654B (en) Key information processing method and device, key information management system
CN103108245A (en) Smart television payment secret key system and payment method based on smart television
CN109495445A (en) Identity identifying method, device, terminal, server and medium based on Internet of Things
CN102118710A (en) System and method for transmitting data between mobile terminals
JP2005515701A6 (en) Data transmission link
CN101436280A (en) Method and system for implementing electronic payment of mobile terminal
CN103036681B (en) A kind of password safety keyboard device and system
CN101631305B (en) Encryption method and system
CN101216923A (en) A system and method to enhance the data security of e-bank dealings
CN111931209B (en) Contract information verification method and device based on zero knowledge proof
WO2021041771A1 (en) Decentralized techniques for verification of data in transport layer security and other contexts
CN103795546A (en) Generating method and authentication method of data label and system of generating method and authentication method
CN115567326B (en) Data transaction method and device based on block chain
CN104125064B (en) A kind of dynamic cipher authentication method, client and Verification System
CN102404337A (en) Data encryption method and device
CN104182876A (en) Secure payment trading method and secure payment trading system
CN101931623B (en) Safety communication method suitable for remote control with limited capability at controlled end
CN112084521A (en) Unstructured data processing method, device and system for block chain
CN107919958B (en) Data encryption processing method, device and equipment
Kisore et al. A secure SMS protocol for implementing digital cash system
CN202978979U (en) Password security keypad device and password security pad system
CN103929743B (en) A kind of encryption method to mobile intelligent terminal transmission data

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant