CN103118351A - Generation method and device of rechargeable card data - Google Patents
Generation method and device of rechargeable card data Download PDFInfo
- Publication number
- CN103118351A CN103118351A CN2013100180917A CN201310018091A CN103118351A CN 103118351 A CN103118351 A CN 103118351A CN 2013100180917 A CN2013100180917 A CN 2013100180917A CN 201310018091 A CN201310018091 A CN 201310018091A CN 103118351 A CN103118351 A CN 103118351A
- Authority
- CN
- China
- Prior art keywords
- card
- key
- operator
- rechargeable
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention provides a generation method of rechargeable card data and a device of the rechargeable card data. The method mainly comprises steps that identity cards of an operator and a card manufacturer are initialized, a password secret key, an encryption key and a service supplier secret key are set for each operator; a card number and a password of a rechargeable card are generated according to a set generative rule by the adoption of the identity card and secret key information, a service supplier data file and a card manufacturer data file are manufactured through encryption processing, and the service supplier data file and the card manufacturer data file contain the card number and password of the rechargeable card; a rechargeable system of the service supplier guide the card number and password of the rechargeable card into the rechargeable system, and the identity card of the card manufacturer is utilized to decipher the card manufacturer data file. The generation method of the rechargeable card data and the device of the rechargeable card data comprehensively apply an asymmetrical secret key encryption and decryption technique and a symmetric key encryption and decryption technique and ensure the safety of the rechargeable card data with the help of hardware equipment such as the identity cards.
Description
Technical field
The present invention relates to the rechargeable card technical field, relate in particular to a kind of generation method and apparatus of repaid card data.
Background technology
Along with the development of science and technology, the sharply increase of cellphone subscriber, cable TV subscriber, network gaming user etc., the subscriber payment pressure that a little faces of respectively paying the fees is increasing.Rechargeable card can obviously alleviate the pressure of paying the fees a little, and it also have save time, save trouble, the characteristic such as convenient, easy to operate.
Rechargeable card is topmost is exactly fail safe and the authenticity that guarantees data, and rechargeable card is generated to the whole process that fabrication completes from data and has a lot of human factors to participate, and this just may cause the leakage of data or distort.Be the value card card of market circulation due to rechargeable card, if the data of rechargeable card are revealed, direct economic interests to operator and user caused damage.Therefore, the generation method of a kind of safe and reliable repaid card data of exploitation is very necessary.
Summary of the invention
Embodiments of the invention provide a kind of generation method and apparatus of repaid card data, to improve the fail safe of repaid card data.
A kind of generation method of repaid card data comprises:
Add operator and the card member of manufacturer, the ID card of operator and card manufacturer is carried out initialization, cryptographic key, encryption key and operator's key are set for each operator;
Utilize described operator's ID card and key information to generate card number and the password of rechargeable card according to the create-rule of setting, make through the card number that comprises described rechargeable card of encryption and operator's data file and the card of password and make the quotient data file;
The charging system of operator imports card number and the password ciphertext of the rechargeable card in the operator's data file that receives in charging system, utilize the ID card of card manufacturer to make the quotient data file to described card and be decrypted, the entity that utilizes described rechargeable card card number and password to carry out rechargeable card is made.
A kind of generating apparatus of repaid card data comprises:
Member's ID card administration module be used for to add operator and the card member of manufacturer, and the ID card of operator and card manufacturer is carried out initialization,
Key management module is used for to each operator, cryptographic key, encryption key and operator's key being set;
Card number and password generation module are used for utilizing described operator's ID card and key information to generate card number and the password of rechargeable card according to the create-rule of setting;
Data file is made module, be used for making through the card number that comprises described rechargeable card of encryption and operator's data file and the card of password and make the quotient data file, so that in the card number and password importing charging system of the charging system of operator with the rechargeable card in the operator's data file that receives, card manufacturer utilizes its ID card to make the quotient data file to described card and is decrypted, and the entity that utilizes described rechargeable card card number and password to carry out rechargeable card is made.
can be found out by the technical scheme that the embodiment of the invention described above provides, the embodiment of the present invention in the process that repaid card data is produced integrated use unsymmetrical key encryption and decryption technology and symmetric key encryption and decryption technology, being combined with of multiple key guaranteed that namely safety has improved again efficient, and used hardware device encryption equipment and ID card to guarantee that repaid card data is safer, namely take into account efficient and guaranteed again integrality and the authenticity of data, improved the fail safe of repaid card data, prevent the possibility of distorting of data, be down to the risk class that key is decrypted minimum, guaranteed the authenticity of repaid card data.
Description of drawings
In order to be illustrated more clearly in the technical scheme of the embodiment of the present invention, during the below will describe embodiment, the accompanying drawing of required use is done to introduce simply, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skills, under the prerequisite of not paying creative work, can also obtain according to these accompanying drawings other accompanying drawing.
The concrete processing figure of the generation method of a kind of repaid card data that Fig. 1 provides for the embodiment of the present invention one;
The concrete structure schematic diagram of the generating apparatus of a kind of repaid card data that Fig. 2 provides for the embodiment of the present invention two.
Embodiment
For ease of the understanding to the embodiment of the present invention, be further explained explanation below in conjunction with accompanying drawing as an example of several specific embodiments example, and each embodiment does not consist of the restriction to the embodiment of the present invention.
Embodiment one
The main thought of the embodiment of the present invention is, operator is when making repaid card data, and data must just can generate through the participation of ID card, thereby avoided artificial data falsification and guaranteed the integrality of data.And all sensitive datas all adopt and encrypt storage and transmission, avoid data reveal and distort.
The concrete handling process of the generation method of a kind of repaid card data that this embodiment provides comprises following treatment step as shown in Figure 1:
In embodiments of the present invention, the operator is responsible for generating repaid card data, and card manufacturer is responsible for making rechargeable card in kind according to repaid card data.
When adding new operator or card manufacturer, the keeper of rechargeable card manufacturing system is entered into the identity information of operator or card manufacturer in the rechargeable card manufacturing system.And choose brand-new ID card for new operator or card manufacturer, this ID card can be USIM(Universal Subscriber ldentity Module, whole world Subscriber Identity Module) card, USB flash disk, SD(Secure Digital Memory Card, safe digital card) portable equipment such as card grade.
ID card possesses operational capability, and it can complete unsymmetrical key encryption and decryption and symmetric key encryption and decryption.At present the cryptographic means of rechargeable card main flow has two kinds: a kind of PKI(of being based on PKIX, Public Key Infrastructure) asymmetric-key encryption of system; A kind of is the symmetric key encryption and decryption.
The system manager chooses and uses brand-new ID card, and ID card is carried out initialization operation, the identity information of operator or card manufacturer need to be entered into ID card when carrying out the ID card initialization in, and public private key pair, master key, the communication key of each ID card are set.If operator's identity need be made two ID cards, operator's ID card A and operator's ID card B.If card manufacturer identity need be made an ID card.The communication key of every ID card presets into when ID card is dispatched from the factory, and no longer needs independent setting.
In embodiments of the present invention, each operator has cover cryptographic key, encryption key and operator's key, and above-mentioned cryptographic key is mainly used in generating the prepaid card password data, and above-mentioned encryption key is mainly used in the encryption to the prepaid card password data.Code data ciphertext storage in system is also enciphered data without any meaning even system is broken leakage.
Aforesaid operations person's cryptographic key and the generative process of encryption key are as follows: cryptographic key and encryption key generate need to use operator's ID card A and operator's ID card B.At first the keeper of rechargeable card manufacturing system inputs the first paragraph key, this key can be passed in operator's ID card A as dispersion factor, the symmetrical encryption and decryption module of operator's ID card A can use above-mentioned dispersion factor to disperse computing to the master key of this operator's ID card A, operator's ID card A returns to system with above-mentioned dispersion operation result, and this result is final first paragraph key.
After obtaining above-mentioned final first paragraph key, the rechargeable card manufacturing system can point out the keeper to input the second segment key, this key can be passed in operator's ID card B as dispersion factor, the symmetrical encryption and decryption module of operator's ID card B can use this dispersion factor to disperse computing to the master key of operator's ID card B, operator's ID card B returns to system with operation result, and this result is final second segment key.
The rechargeable card manufacturing system can be spliced into a complete cryptographic key or encryption key with above-mentioned final first paragraph key and final second segment key.
Operator's cryptographic key or encryption key are that two common interventions of ID card by the operator just can generate, and have an ID card to lose also can not affect it and produce repaid card data even be like this operator.The ID card of card manufacturer does not need the typing key.
Operator's key is mainly used in the code data of transferring operator to is encrypted, and obtains the prepaid card password data.Operator's key is generated and management by encryption equipment, and this key is can expressly cruelly not leak outside encryption equipment.Because operator's key is to be stored in encryption equipment, for realizing that operator's key imports, embodiment of the present invention spy has invented operator's key deriving method, the method mainly comprises: after connecting encryption equipment, output in a key file after the operator key of storing in encryption equipment being adopted the public key encryption of operator's ID card, this key file is uploaded to the rechargeable card manufacturing system.
Described rechargeable card manufacturing system uses the PKI of operator ID card A and operator's ID card B to carry out respectively being stored in the database of rechargeable card manufacturing system after asymmetric encryption operator member's cryptographic key, encryption key and operator's key.Namely stored respectively the ciphertext of corresponding cryptographic key, encryption key and operator's key of operator's ID card A in the rechargeable card manufacturing system, and the ciphertext of corresponding cryptographic key, encryption key and the operator's key of operator's ID card B.
Also need to store PKI and the communication key of each operator's ID card in the database of rechargeable card manufacturing system.
ID card and concrete operator or card manufacturer are bound, carry out the ID card batch operation.After aforesaid operations was all completed, the ID card of operator or card manufacturer just formally completed, and can be handed down to operator or card manufacturer and use its creation data.
Operator in the embodiment of the present invention need use an ID card when making repaid card data, relevant information that repaid card data is produced in operator's typing in the rechargeable card manufacturing system is as the producer of Card Type, quantity, production card etc.The rechargeable card manufacturing system will be corresponding with this operator's ID card cryptographic key, encryption key, the ciphertext of operator's key import ID card into, this ID card is decrypted computing with the private key of storage to the ciphertext of above-mentioned cryptographic key, encryption key, operator's key, obtains the plaintext of cryptographic key, encryption key, operator's key.Then, above-mentioned rechargeable card manufacturing system is utilized the relevant information of above-mentioned production repaid card data, and the plaintext of cryptographic key, encryption key, operator's key generates the card number of rechargeable card according to the card number create-rule of setting.
Described card number create-rule can customize according to the demand of operator.For example: totally 20 of Card Type (0 whole nation, 1 province, 2 cities)+zone number (3)+production code member (2, not binding set meal is 00)+day issue (6, the fabrication date)+same day production batch number (2)+production sequences (6).
Then, ID card can use the communication key of self to encrypt the plaintext of above-mentioned cryptographic key, encryption key, operator's key, and ID card will send to the rechargeable card manufacturing system through above-mentioned cryptographic key, encryption key, the operator's key of encrypting.The rechargeable card manufacturing system also uses the communication key of above-mentioned ID card that above-mentioned cryptographic key, encryption key, the operator's key through encrypting that above-mentioned ID card transmits is decrypted, and obtains the plaintext of above-mentioned cryptographic key, encryption key, operator's key.
The data file of rechargeable card manufacturing system is made module and is generated the password of rechargeable card according to the access to your password plaintext of key of the password production rule of setting.
Described key production rule mainly comprises: password head data, password body data and operator's cipher key index data.Password head data are to adopt particular data assembled, for example: lot data+date data; The password volume data mainly adopts by the password master key carries out MAC algorithm (Message Authentication Codes) calculating acquisition to random number; Operator's cipher key index is the cipher key index value in operator's encryption equipment.The rechargeable card manufacturing system can be assembled into complete code data with password head data, password body data and operator's cipher key index data.
The data file of rechargeable card manufacturing system is made module and is re-used above-mentioned encryption key card number and the password of the rechargeable card of above-mentioned generation is encrypted.After data creating was completed, system can generate two data files, and one is the operator's data file to operator, and one is the card manufacturing quotient data file to card manufacturer, all comprises card number and the password of above-mentioned rechargeable card in above-mentioned two data files.Data in operator's data file are to adopt operator's secret key encryption, even can guarantee that like this related personnel of operator is also the plaintext that can't see card number and password.It is that in employing PKI system, the digital envelope form generates that card is made the quotient data file, the header that described card is made the quotient data file is the ciphertext of the symmetric key that adopts card manufacturer public key encryption, and the data integral body that above-mentioned card is made in the quotient data file is encrypted by above-mentioned symmetric key.
The operator data file of the charging system of step 14, operator to receiving, card number and the password of rechargeable card are imported in charging system, card manufacturer makes the quotient data file to the card that receives and is decrypted, and the entity that utilizes above-mentioned rechargeable card card number and password to carry out rechargeable card is made.
The charging system of above-mentioned operator imports card number and the password ciphertext of above-mentioned rechargeable card in the load value data storehouse, fill the recharge amount of appointment in above-mentioned rechargeable card, and card number, password and the recharge amount of above-mentioned rechargeable card are carried out association store in the load value data storehouse.The user is when supplementing with money the terminal of oneself with above-mentioned rechargeable card, the charging system of operator imports the prepaid card password data of user's input to be encrypted in encryption equipment to process into and returns to encrypt data, this encrypt data and pre-stored encrypt data are compared, if compare unsuccessfully, the prepaid card password data existing problems that the user inputs are described, judge and supplement with money unsuccessfully; If compare successfully, illustrate that the prepaid card password data that the user inputs are correct, allow the user to carry out the follow-up operation of supplementing with money.
after the client of above-mentioned card manufacturer is made the quotient data file to described card, at first verify the integrality of card manufacturer data file, after data integrity is verified, file header information is imported into the ID card of card manufacturer, this ID card is decrypted processing acquisition symmetric key with the private key of storage to described file header information, this symmetric key is sent to described client, the data integral body that described client uses described symmetric key to make the quotient data file to described card is decrypted the plaintext that obtains above-mentioned card manufacturing quotient data file, card number and password comprising above-mentioned rechargeable card.This flow process is consistent with the digital envelope flow process of the solution in the PKI system.The PKI of the ID card of above-mentioned card manufacturer and private key can periodic modification, make fail safe higher.
Then, the above-mentioned card manufacturer entity that just can utilize above-mentioned rechargeable card card number and password to carry out rechargeable card is made.
Embodiment two
The concrete structure of the generating apparatus of a kind of repaid card data that this embodiment provides comprises following module as shown in Figure 2:
Member's ID card administration module 21 be used for to add operator and the card member of manufacturer, and the ID card of operator and card manufacturer is carried out initialization,
Card number and password generation module 23 are used for utilizing described operator's ID card and key information to generate card number and the key of rechargeable card according to the create-rule of setting;
Data file is made module 24, be used for making through the card number that comprises described rechargeable card of encryption and operator's data file and the card of password ciphertext and make the quotient data file, so that in the card number and password ciphertext importing charging system of the charging system of operator with rechargeable card, card manufacturer utilizes its ID card to make the quotient data file to described card and is decrypted, and the entity that utilizes described rechargeable card card number and password to carry out rechargeable card is made.
Concrete, described member's ID card administration module 21, concrete being used for chosen brand-new ID card to operator and the card member of manufacturer, makes two ID cards for operator member, operator's ID card A and operator's ID card B make an ID card for the card member of manufacturer;
ID card to operator and the card member of manufacturer is carried out initialization operation, and operator and the card member's of manufacturer identity information is entered in ID card, and public private key pair, master key, communication key are set in each ID card.
Concrete, described key management module 22, concrete being used for arranges cryptographic key, encryption key and operator's key to each operator member, the first paragraph key is passed in operator's ID card A as dispersion factor, this dispersion factor of use of operator's ID card A disperses computing to the master key of this operator's ID card A, and described dispersion operation result is returned to key management module as final first paragraph key;
Described key management module is passed to the second segment key in operator's ID card B as dispersion factor, the symmetrical encryption and decryption module of operator's ID card B is disperseed computing with this dispersion factor to the master key of operator's ID card B, and described dispersion operation result is returned to key management module as final second segment key;
Described key management module is spliced into a complete cryptographic key or encryption key with described final first paragraph key and final second segment key.
Further, described device can also comprise:
Concrete, described card number and password generation module 23, concrete being used for after the operator produces the relevant information of repaid card data in the typing of rechargeable card manufacturing system, the ciphertext of cryptographic key that will be corresponding with described ID card, encryption key, operator's key is imported described ID card into, described ID card is decrypted computing with the private key of storage to the ciphertext of described cryptographic key, encryption key, operator's key, obtains the plaintext of cryptographic key, encryption key, operator's key; Described rechargeable card manufacturing system is utilized the relevant information of described production repaid card data, and the plaintext of cryptographic key, encryption key, operator's key generates the card number of rechargeable card according to the card number create-rule of setting;
Described cryptographic key, encryption key, operator's key that described ID card uses the communication key of self to encrypt send to card number and password generation module, card number and password generation module also use the communication key of described ID card that above-mentioned cryptographic key, encryption key, the operator's key through encrypting that described ID card transmits is decrypted, and obtain the plaintext of described cryptographic key, encryption key, operator's key;
Described card number and password generation module use the plaintext of described cryptographic key to generate the password of rechargeable card according to the password production rule of setting.
concrete, described data file is made module 24, specifically be encrypted for card number and the password of described encryption key to described rechargeable card, generation comprises the card number of described rechargeable card and operator's data file and the card of password made the quotient data file, operator's secret key encryption of the described ID card of the data in described operator data file, described card is made the quotient data file and is adopted digital envelope form generation in PKIX PKI system, the header that described card is made the quotient data file is the ciphertext of the symmetric key that adopts card manufacturer public key encryption, the data integral body that described card is made in the quotient data file is encrypted by described symmetric key.
Detailed process and the preceding method embodiment of generation that carries out repaid card data with the device of the embodiment of the present invention is similar, repeats no more herein.
One of ordinary skill in the art will appreciate that: accompanying drawing is the schematic diagram of an embodiment, and the module in accompanying drawing or flow process might not be that enforcement the present invention is necessary.
One of ordinary skill in the art will appreciate that: the module in the equipment in embodiment can be described according to embodiment and be distributed in the equipment of embodiment, also can carry out respective change and be arranged in the one or more equipment that are different from the present embodiment.The module of above-described embodiment can be merged into a module, also can further split into a plurality of submodules.
In sum, the embodiment of the present invention in the process that repaid card data is produced integrated use unsymmetrical key encryption and decryption technology and symmetric key encryption and decryption technology, being combined with of multiple key guaranteed that namely safety has improved again efficient, and used hardware device encryption equipment and ID card to guarantee that repaid card data is safer, namely take into account efficient and guaranteed again integrality and the authenticity of data, improved the fail safe of repaid card data, prevent the possibility of distorting of data, the risk class that key is decrypted is down to minimum, has guaranteed the authenticity of repaid card data.
The public and private key of user in the embodiment of the present invention is stored in the hardware device ID card, further guaranteed key safety, the use of the ID card of operator and card manufacturer has reduced the possibility that human factor causes data to reveal, and has reduced simultaneously the divulge a secret risk of data in paying production process.
The above; only for the better embodiment of the present invention, but protection scope of the present invention is not limited to this, anyly is familiar with those skilled in the art in the technical scope that the present invention discloses; the variation that can expect easily or replacement are within all should being encompassed in protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection range of claim.
Claims (13)
1. the generation method of a repaid card data, is characterized in that, comprising:
Add operator and the card member of manufacturer, the ID card of operator and card manufacturer is carried out initialization, cryptographic key, encryption key and operator's key are set for each operator;
Utilize described operator's ID card and key information to generate card number and the password of rechargeable card according to the create-rule of setting, make through the card number that comprises described rechargeable card of encryption and operator's data file and the card of password and make the quotient data file;
The charging system of operator imports card number and the password ciphertext of the rechargeable card in the operator's data file that receives in charging system, utilize the ID card of card manufacturer to make the quotient data file to described card and be decrypted, the entity that utilizes described rechargeable card card number and password to carry out rechargeable card is made.
2. the generation method of repaid card data according to claim 1, is characterized in that, described interpolation operator and the card member of manufacturer carry out initialization and key setting to the ID card of operator and card manufacturer, comprising:
Choose brand-new ID card for operator and the card member of manufacturer, make two ID cards for operator member, operator's ID card A and operator's ID card B make an ID card for the card member of manufacturer;
ID card to operator and the card member of manufacturer is carried out initialization operation, and operator and the card member's of manufacturer identity information is entered in ID card, and public private key pair, master key, communication key are set in each ID card;
Cryptographic key, encryption key and operator's key are set for each operator member, described cryptographic key, encryption key utilize operator's ID card A and operator's ID card B to obtain by segmentation key synthetic method, and described operator key storage is in encryption equipment.
3. the generation method of repaid card data according to claim 2, it is characterized in that, describedly cryptographic key, encryption key and operator's key are set for each operator member, described cryptographic key, encryption key utilize operator's ID card A and operator's ID card B to obtain by segmentation key synthetic method, described operator key storage comprises in encryption equipment:
The rechargeable card manufacturing system is passed to the first paragraph key in operator's ID card A as dispersion factor, the symmetrical encryption and decryption module of operator's ID card A is disperseed computing with this dispersion factor to the master key of this operator's ID card A, and described dispersion operation result is returned to the rechargeable card manufacturing system as final first paragraph key;
Described rechargeable card manufacturing system is passed to the second segment key in operator's ID card B as dispersion factor, the symmetrical encryption and decryption module of operator's ID card B is disperseed computing with this dispersion factor to the master key of operator's ID card B, and described dispersion operation result is returned to the rechargeable card manufacturing system as final second segment key;
Described rechargeable card manufacturing system can be spliced into a complete cryptographic key or encryption key with described final first paragraph key and final second segment key,
Described rechargeable card manufacturing system uses the PKI of operator ID card A and operator's ID card B to carry out respectively being stored in the database of rechargeable card manufacturing system after asymmetric encryption operator member's cryptographic key, encryption key and operator's key.
4. the generation method of repaid card data according to claim 1, is characterized in that, described ID card is global Subscriber Identity Module usim card, USB flash disk or safe digital SD card.
5. the generation method of the described repaid card data of according to claim 1 to 4 any one, it is characterized in that, described described operator's ID card and the key information of utilizing generates card number and the password of rechargeable card according to the create-rule of setting, make through the card number that comprises described rechargeable card of encryption and operator's data file and the card of password and make the quotient data file, comprising:
Operator's relevant information that repaid card data is produced in typing in the rechargeable card manufacturing system, the rechargeable card manufacturing system will be corresponding with described ID card cryptographic key, encryption key, the ciphertext of operator's key import described ID card into, described ID card is decrypted computing with the private key of storage to the ciphertext of described cryptographic key, encryption key, operator's key, obtains the plaintext of cryptographic key, encryption key, operator's key; Described rechargeable card manufacturing system is utilized the relevant information of described production repaid card data, and the plaintext of cryptographic key, encryption key, operator's key generates the card number of rechargeable card according to the card number create-rule of setting;
Described cryptographic key, encryption key, operator's key that described ID card uses the communication key of self to encrypt send to the rechargeable card manufacturing system, the rechargeable card manufacturing system also uses the communication key of described ID card that above-mentioned cryptographic key, encryption key, the operator's key through encrypting that described ID card transmits is decrypted, and obtains the plaintext of described cryptographic key, encryption key, operator's key;
Described rechargeable card manufacturing system uses the plaintext of described cryptographic key to generate the password of rechargeable card according to the password production rule of setting, re-use described encryption key the password of described rechargeable card is encrypted, described rechargeable card manufacturing system generates the card number that comprises described rechargeable card and operator's data file and the card of password made the quotient data file.
6. the generation method of repaid card data according to claim 5, it is characterized in that, the data operator secret key encryption in described operator data file, described card is made the quotient data file and is adopted digital envelope form generation in PKIX PKI system, the header that described card is made the quotient data file is the ciphertext of the symmetric key that adopts card manufacturer public key encryption, and the data integral body that described card is made in the quotient data file is encrypted by described symmetric key.
7. the generation method of repaid card data according to claim 6, it is characterized in that, the charging system of described operator imports card number and the password ciphertext of rechargeable card in the operator's data file that receives in charging system, utilizing the ID card of card manufacturer to make the quotient data file to described card is decrypted, the entity that utilizes described rechargeable card card number and password to carry out rechargeable card is made, and comprising:
After the charging system of operator receives described operator data file, described charging system imports card number and the password ciphertext of described rechargeable card in the load value data storehouse, fill the recharge amount of appointment in described rechargeable card, card number, password and the recharge amount of described rechargeable card are carried out association store in the load value data storehouse;
after the client of described card manufacturer is made the quotient data file to described card, at first verify the integrality of card manufacturer data file, after data integrity is verified, file header information is imported into the ID card of card manufacturer, described ID card is decrypted processing acquisition symmetric key with the private key of storage to described file header information, this symmetric key is sent to described client, the data integral body that described client uses described symmetric key to make the quotient data file to described card is decrypted card number and the password that obtains described rechargeable card, the entity that described card manufacturer utilizes described rechargeable card card number and password to carry out rechargeable card is made.
8. the generating apparatus of a repaid card data, is characterized in that, comprising:
Member's ID card administration module be used for to add operator and the card member of manufacturer, and the ID card of operator and card manufacturer is carried out initialization,
Key management module is used for to each operator, cryptographic key, encryption key and operator's key being set;
Card number and password generation module are used for utilizing described operator's ID card and key information to generate card number and the password of rechargeable card according to the create-rule of setting;
Data file is made module, be used for making through the card number that comprises described rechargeable card of encryption and operator's data file and the card of password and make the quotient data file, so that in the card number and password importing charging system of the charging system of operator with the rechargeable card in the operator's data file that receives, card manufacturer utilizes its ID card to make the quotient data file to described card and is decrypted, and the entity that utilizes described rechargeable card card number and password to carry out rechargeable card is made.
9. the generating apparatus of repaid card data according to claim 8 is characterized in that:
Described member's ID card administration module, concrete being used for chosen brand-new ID card to operator and the card member of manufacturer, make two ID cards for operator member, operator's ID card A and operator's ID card B make an ID card for the card member of manufacturer;
ID card to operator and the card member of manufacturer is carried out initialization operation, and operator and the card member's of manufacturer identity information is entered in ID card, and public private key pair, master key, communication key are set in each ID card.
10. the generating apparatus of repaid card data according to claim 9 is characterized in that:
Described key management module, concrete being used for arranges cryptographic key, encryption key and operator's key to each operator member, the first paragraph key is passed in operator's ID card A as dispersion factor, this dispersion factor of use of operator's ID card A disperses computing to the master key of this operator's ID card A, and described dispersion operation result is returned to key management module as final first paragraph key;
Described key management module is passed to the second segment key in operator's ID card B as dispersion factor, the symmetrical encryption and decryption module of operator's ID card B is disperseed computing with this dispersion factor to the master key of operator's ID card B, and described dispersion operation result is returned to key management module as final second segment key;
Described key management module is spliced into a complete cryptographic key or encryption key with described final first paragraph key and final second segment key.
11. the generating apparatus of repaid card data according to claim 9 is characterized in that, described device also comprises:
Data memory module, be used for utilizing cryptographic key, encryption key and operator's key with operator member to use the PKI of operator ID card A and operator's ID card B to carry out respectively being stored in database after asymmetric encryption, and store PKI and the communication key of each operator's ID card in described database
12. the generating apparatus of repaid card data according to claim 9 is characterized in that:
Described card number and password generation module, concrete being used for after the operator produces the relevant information of repaid card data in the typing of rechargeable card manufacturing system, the ciphertext of cryptographic key that will be corresponding with described ID card, encryption key, operator's key is imported described ID card into, described ID card is decrypted computing with the private key of storage to the ciphertext of described cryptographic key, encryption key, operator's key, obtains the plaintext of cryptographic key, encryption key, operator's key; Described rechargeable card manufacturing system is utilized the relevant information of described production repaid card data, and the plaintext of cryptographic key, encryption key, operator's key generates the card number of rechargeable card according to the card number create-rule of setting;
Described cryptographic key, encryption key, operator's key that described ID card uses the communication key of self to encrypt send to card number and password generation module, card number and password generation module also use the communication key of described ID card that above-mentioned cryptographic key, encryption key, the operator's key through encrypting that described ID card transmits is decrypted, and obtain the plaintext of described cryptographic key, encryption key, operator's key;
Described card number and password generation module use the plaintext of described cryptographic key to generate the password of rechargeable card according to the password production rule of setting.
13. the generating apparatus of the described repaid card data of according to claim 8 to 12 any one is characterized in that:
described data file is made module, specifically be encrypted for card number and the password of described encryption key to described rechargeable card, generation comprises the card number of described rechargeable card and operator's data file and the card of password made the quotient data file, the data described operator secret key encryption in described operator data file, described card is made the quotient data file and is adopted digital envelope form generation in PKIX PKI system, the header that described card is made the quotient data file is the ciphertext of the symmetric key that adopts card manufacturer public key encryption, the data integral body that described card is made in the quotient data file is encrypted by described symmetric key.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310018091.7A CN103118351B (en) | 2013-01-17 | 2013-01-17 | The generation method and apparatus of repaid card data |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310018091.7A CN103118351B (en) | 2013-01-17 | 2013-01-17 | The generation method and apparatus of repaid card data |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103118351A true CN103118351A (en) | 2013-05-22 |
| CN103118351B CN103118351B (en) | 2015-08-05 |
Family
ID=48416594
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310018091.7A Expired - Fee Related CN103118351B (en) | 2013-01-17 | 2013-01-17 | The generation method and apparatus of repaid card data |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103118351B (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103944878A (en) * | 2014-03-10 | 2014-07-23 | 航天数字传媒有限公司 | Application and manufacturing method and system for satellite digital service rechargeable cards |
| CN103944879A (en) * | 2014-03-10 | 2014-07-23 | 航天数字传媒有限公司 | Satellite digital service rechargeable card system |
| CN105991276A (en) * | 2015-01-27 | 2016-10-05 | 北京数码视讯科技股份有限公司 | Key transmission system, method and apparatus for integrated circuit card |
| CN106815366A (en) * | 2017-01-23 | 2017-06-09 | 北京思特奇信息技术股份有限公司 | A kind of method and system of Mass production data |
| CN107767132A (en) * | 2016-08-23 | 2018-03-06 | 百度在线网络技术(北京)有限公司 | Method and apparatus for generating prepaid card password |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101887608A (en) * | 2010-06-29 | 2010-11-17 | 中兴通讯股份有限公司 | Rechargeable card manufacturing method and device in demand of authentication of card manufacturing permissions |
| CN102098401A (en) * | 2009-12-11 | 2011-06-15 | 华为技术有限公司 | Voucher card generating, charging and inquiring methods and systems |
| CN102833077A (en) * | 2012-09-25 | 2012-12-19 | 东信和平科技股份有限公司 | Encryption and decryption methods of remote card-issuing data transmission of financial IC (Integrated Circuit) card and financial social security IC card |
-
2013
- 2013-01-17 CN CN201310018091.7A patent/CN103118351B/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102098401A (en) * | 2009-12-11 | 2011-06-15 | 华为技术有限公司 | Voucher card generating, charging and inquiring methods and systems |
| CN101887608A (en) * | 2010-06-29 | 2010-11-17 | 中兴通讯股份有限公司 | Rechargeable card manufacturing method and device in demand of authentication of card manufacturing permissions |
| CN102833077A (en) * | 2012-09-25 | 2012-12-19 | 东信和平科技股份有限公司 | Encryption and decryption methods of remote card-issuing data transmission of financial IC (Integrated Circuit) card and financial social security IC card |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103944878A (en) * | 2014-03-10 | 2014-07-23 | 航天数字传媒有限公司 | Application and manufacturing method and system for satellite digital service rechargeable cards |
| CN103944879A (en) * | 2014-03-10 | 2014-07-23 | 航天数字传媒有限公司 | Satellite digital service rechargeable card system |
| CN103944879B (en) * | 2014-03-10 | 2017-08-25 | 航天数字传媒有限公司 | A kind of satellite digital service rechargeable card system |
| CN103944878B (en) * | 2014-03-10 | 2018-07-03 | 航天数字传媒有限公司 | The application production method and system of a kind of satellite digital service rechargeable card |
| CN105991276A (en) * | 2015-01-27 | 2016-10-05 | 北京数码视讯科技股份有限公司 | Key transmission system, method and apparatus for integrated circuit card |
| CN107767132A (en) * | 2016-08-23 | 2018-03-06 | 百度在线网络技术(北京)有限公司 | Method and apparatus for generating prepaid card password |
| CN107767132B (en) * | 2016-08-23 | 2022-01-14 | 百度在线网络技术(北京)有限公司 | Method and device for generating rechargeable card password |
| CN106815366A (en) * | 2017-01-23 | 2017-06-09 | 北京思特奇信息技术股份有限公司 | A kind of method and system of Mass production data |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103118351B (en) | 2015-08-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107579819B (en) | A kind of SM9 digital signature generation method and system | |
| CN101436280B (en) | Method and system for implementing electronic payment of mobile terminal | |
| CN101789865B (en) | Dedicated server used for encryption and encryption method | |
| CN100468438C (en) | Encryption and decryption method for realizing hardware and software binding | |
| CN108377189A (en) | User's communication encrypting method, device, terminal device and storage medium on block chain | |
| CN108600272A (en) | A kind of block chain data processing method, device, processing equipment and system | |
| CN108880800B (en) | Power distribution and utilization communication system and method based on quantum secret communication | |
| CN106603496B (en) | A kind of guard method, smart card, server and the communication system of data transmission | |
| AU2021323524A1 (en) | Transferring cryptocurrency from a remote limited access wallet | |
| CN109617675B (en) | Method and system for authenticating identifiers of both sides between charge and discharge facility and user terminal | |
| CN103580855B (en) | Usbkey management method based on sharing technology | |
| CN102088349B (en) | Personalized method and system of intelligent card | |
| CN113536362B (en) | Quantum key management method and system based on security chip carrier | |
| CN109816383A (en) | A kind of block chain endorsement method, block chain wallet and block chain | |
| CN102123027A (en) | Information security processing method and mobile terminal | |
| US10044684B2 (en) | Server for authenticating smart chip and method thereof | |
| CN109861956B (en) | Data verification system, method, device and equipment based on state channel | |
| CN103118351B (en) | The generation method and apparatus of repaid card data | |
| CN109615030A (en) | Dimension code anti-counterfeit method, equipment and system based on security application | |
| CN107302436A (en) | A kind of USB interface id password key | |
| CN109478214A (en) | Device and method for certificate registration | |
| CN106327723A (en) | mPOS transaction system based on intelligent platform | |
| CN107257350A (en) | The offline authentication or method of payment of a kind of " wearable " equipment or mobile phone | |
| CN108696518A (en) | User's communication encrypting method, device, terminal device and storage medium on block chain | |
| CN107172043A (en) | A kind of smart power grid user sale of electricity method based on homomorphic cryptography |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20150805 Termination date: 20220117 |