Embodiment
By describing technology contents of the present invention, structural feature in detail, being realized object and effect, below in conjunction with execution mode and coordinate accompanying drawing to be explained in detail.
First, the abbreviation the present invention relates to and Key Term are defined and are illustrated:
The abbreviation of AUK:Authentication Key, authentication authorization and accounting key, for the two-way authentication between PINPAD and key management system KMS;
CA center: so-called CA(Certificate Authority) center, it is to adopt PKI(Public Key Infrastructure) public key infrastructure technology, network ID authentication service is provided specially, be responsible for signing and issuing and managing digital certificate, and third party's trust authority with authoritative and fairness, its effect is just as the company of issue certificates in our actual life, as passport is handled mechanism;
The abbreviation of HSM:High Security Machine, high safety means are hardware encipher machine in this system;
KMS system: Key Management System, key management system, for office terminal master key TMK;
The abbreviation of MAK:Mac Key, MAC computation key, consults to determine 24 byte symmetric keys with client, for the MAC value of TK between MTMS system and KMS system, calculates;
MTMS: full name Material Tracking Management System, Tracing Material management system is mainly used when plant produced;
The abbreviation of PIK:Pin Key, Pin encryption key, is a kind of of working key;
PINPAD: code keypad;
The abbreviation of PK:Protect Key, Protective Key, consults to determine with client, 24 byte symmetric keys.Encrypted transmission for TK between MTMS/TCS and KMS;
The abbreviation of POS:Point Of Sale, i.e. point-of-sale terminal
SNpinpad: the sequence number of code keypad, when PINPAD is built-in, SNpos is consistent with POS terminal serial number;
SN: the sequence number of payment terminal;
The abbreviation of TEK:Transmission Encrypt Key, i.e. traffic encryption key, 24 byte symmetric keys, for the encrypted transmission of TMK between PINPAD and key management system KMS;
The abbreviation of TK:Transmission Key, i.e. transmission security key.Transmission security key is comprised of traffic encryption key TEK and two-way authentication key A UK;
The abbreviation of TMS:Terminal Management System, i.e. terminal management system, for completing the functions such as payment terminal information management, software and parameter configuration, remote download, the management of terminal running state information, remote diagnosis;
The abbreviation of TMK:Terminal Master Key, i.e. terminal master key, for payment terminal with pay the encrypted transmission of receiving working key between single system;
Safe house: have higher security level other, for the room of service device, this room needs just can enter after authentication.
Intellective IC card: be CPU card, integrated circuit in card comprises central processor CPU, programmable read only memory EEPROM, random access memory ram and is solidificated in the card internal operating system COS (Chip Operating System) in read only memory ROM, and in card, data are divided into outside and read and inter-process part.
Symmetric key: the both sides that transmit and receive data must use identical key to being expressly encrypted and decrypt operation.Symmetric key encryption algorithm mainly comprises: DES, 3DES, IDEA, FEAL, BLOWFISH etc.
Unsymmetrical key: rivest, shamir, adelman needs two keys: public-key cryptography (private key Public key) and private cipher key (PKI Private key).Public-key cryptography and private cipher key are a pair of, if data are encrypted with public-key cryptography, only have with corresponding private cipher key and could decipher; If data are encrypted with private cipher key, only have so with corresponding public-key cryptography and could decipher.Because what encryption and decryption were used is two different keys, so this algorithm is called rivest, shamir, adelman.The basic process that rivest, shamir, adelman is realized confidential information exchange is: Party A generates a pair of secret keys handle wherein is open as Public key to other side; After using this key to be encrypted confidential information, the Party B who obtains this Public key sends to again Party A; Another private key that Party A preserves with oneself is again decrypted the information after encrypting.Party A sends to Party B after can using Party B's PKI to be encrypted confidential information again; Party B is decrypted the information after encrypting with the private spoon of oneself again.Main algorithm has RSA, Elgamal, knapsack algorithm, Rabin, D-H, ECC(elliptic curve encryption algorithm).
RSA: a kind of asymmetric key algorithm.RSA public key encryption algorithm is by Ron Rivest, Adi Shamirh and Len Adleman, in (Massachusetts Institute Technology), to be developed for 1977.RSA is named the name from they three of exploitation.RSA is the most influential public key encryption algorithm at present, and it can resist up to the present known all cryptographic attacks, by ISO, is recommended as public key data encryption standard.RSA Algorithm is true based on a foolproof number theory: two large prime numbers are multiplied each other very easy.RSA Algorithm be first can be simultaneously for encrypting the algorithm with digital signature, also easy to understand and operation.RSA is studied public key algorithm the most widely, from proposing three ten years till now, has experienced the test of various attack, for people accept, generally believes it is one of current classic PKI scheme gradually.
TDES Triple-DES:DES is a kind of symmetric encipherment algorithm, and key is 8 bytes.TDES is the cryptographic algorithm based on DES, and its key is 16 bytes or 24 bytes.TDES/3DES is the abbreviated expression (being triple DES) of English TripleDES, and DES is that English Data Encryption Standard(counts encryption standard) abbreviated expression.DES is a kind of symmetric key encryption algorithm, i.e. the data encryption key cryptographic algorithm identical with decruption key.DESYou IBM Corporation develops and discloses at 20 century 70s, and for U.S. government adopts, Bing Bei NBS and ANSI (ANSI) are admitted subsequently.TDES/3DES is a kind of pattern of des encryption algorithm, and it uses the key of 3 64 to carry out three encryptions to data.It is a safer distortion of DES.
For solving the technical problem existing in background technology, the present invention adopts a kind of new master key download scenarios, by POS terminal, produce at random TK(Transmission Key, transmission security key), TK after producing is stored in the code keypad of POS terminal, and TK is sent to KMS(Key Management System by transmission means required under various application scenarioss, key management system, for office terminal master key TMK).
When POS terminal to apply download terminal master key TMK, KMS system is used TK to encrypt terminal master key TMK, and the terminal master key ciphertext after encrypting is sent to POS terminal, POS terminal is decrypted master key ciphertext with TK after receiving, obtain terminal master key TMK, and terminal master key TMK is kept in code keypad.
So, by TK, encrypt terminal master key TMK, make TMK can carry out remote transmission, facilitate the secure download of TMK.
Above-mentionedly by POS terminal, gather and to be sent to bank's end after transmission security key TK TMK is encrypted, then by the method that POS terminal remote is downloaded the TMK after TK encrypts, can guarantee the transmission security of TMK.But TK uploads by POS terminal is scattered, every POS terminal all must communicate to connect with KMS system made, has therefore greatly increased work load and the difficulty of KMS system, meanwhile, is also difficult to TK to upload and manage and security management and control.
Below just the present invention is overcome to the problems referred to above technical scheme be elaborated.
As shown in Figure 1, for the structured flowchart of a kind of terminal master key TMK of present embodiment secure download system, this terminal master key TMK secure download system comprises: the first hardware encipher machine 40, the second hardware encipher machine 50, POS terminal 10, with the MTMS system 20 of POS terminal 10 communication connections and with the KMS system 30 of MTMS system 20 communication connections; Described POS terminal 10 comprises TK generation module 101, the upper transmission module 102 of a TK, master key download request module 103, two-way authentication A module 105 and TMK receiver module 104,
Described MTMS system 20 comprises the upper transmission module 203 of public and private key generation module 201, arranging key A module 202 and the 2nd TK,
Described KMS system 30 comprises arranging key B module 301, TK receiver module 302, request respond module 303, two-way authentication B module 304 and TMK sending module 305;
Described the first hardware encipher machine 40 is for calling for MTMS system 20, and described the second hardware encipher machine 50 is for calling for KMS system 30;
Public and private key generation module 201 produces PKI Pu and private key Pr for calling the first hardware encipher machine 40, and PKI Pu is sent to POS terminal 10 and is stored in code keypad;
Arranging key A module 202 and arranging key B module 301 are for calling the first hardware encipher machine 40 and the second hardware encipher machine 50, in hardware encipher machine separately, MTMS system 20 authority components and KMS authority component are synthesized to Protective Key PK and MAC key MAK respectively, and described Protective Key PK and MAC key MAK are stored in the first hardware encipher machine 40 and the second hardware encipher machine 50 in the lump;
TK generation module 101 produces symmetrical transmission security key TK for calling code keypad, and described transmission security key TK comprises traffic encryption key TEK and certified transmission key A UK;
The upper transmission module 102 of the one TK generates the first transmission security key ciphertext Ctk_Pu for calling the code keypad Pu encrypted transmission cipher key T K that uses public-key, and transmission the first key ciphertext Ctk_Pu and terminal serial number SN are sent to MTMS system 20;
The upper transmission module 203 of the 2nd TK for by the terminal serial number SN receiving associated with the first transmission security key ciphertext Ctk_Pu be stored in MTMS system database;
The upper transmission module 203 of the 2nd TK is used private key Pr to decipher the first transmission security key ciphertext Ctk_Pu acquisition transmission security key TK for calling the first hardware encipher machine, then use Protective Key PK encrypted transmission cipher key T K and use MAC key MAK to calculate MAC value, generate the second transmission security key ciphertext Ctk_pk, then terminal serial number SN and the second transmission security key ciphertext Ctk_pk are sent to KMS system 30;
TK receiver module 302 for terminal serial number SN that MTMS system 20 is sent associated with the second transmission security key ciphertext Ctk_pk be stored in KMS database;
Master key download request module 103 is for being sent to KMS system 30 by terminal serial number SN and the application of download master key;
Request respond module 303, for receiving the terminal serial number SN of POS terminal 10 transmissions when KMS system 30 and downloading after master key application, is inquired about the second transmission security key ciphertext Ctk_pk corresponding with terminal serial number SN;
Request respond module 303 is used MAC key MAK to the second transmission security key ciphertext Ctk_pk verification MAC legitimacy inquiring for calling the second hardware encipher machine 50, if verification is passed through, use Protective Key PK to decipher the second transmission security key ciphertext Ctk_pk and obtain transmission security key TK and be stored in described the second hardware encipher machine 50;
Two-way authentication A module 105 and two-way authentication B module 304 are for obtaining after transmission security key TK when KMS system 30, and the second hardware encipher machine 50 that calls uses authenticate key AUK and POS terminal to carry out two-way authentication;
TMK sending module 305 is for when authentication is passed through, and the second hardware encipher machine 50 that calls uses traffic encryption key TEK to encrypt terminal master key TMK and generates master key ciphertext Ctmk and master key ciphertext Ctmk is sent to POS terminal 10;
TMK receiver module 104 is used traffic encryption key TEK deciphering master key ciphertext Ctmk obtain terminal master key TMK and terminal master key TMK is stored in to code keypad for calling code keypad.
Wherein, described MTMS system 20 also comprises digital digest module.
Described digital digest module, for the terminal serial number SN receiving and the first transmission security key ciphertext Ctk_Pu are packed and generate the first digital digest, is separated described terminal serial number SN and the first transmission security key ciphertext Ctk_Pu to be stored in MTMS system database with described the first digital digest;
And generate the second digital digest for extracting terminal serial number SN and the first transmission security key ciphertext Ctk_Pu of described packing, judge whether described the second digital digest equates with the first digital digest, described digital digest module is also for when the first digital digest equates with the second digital digest, and the first hardware encipher machine that calls uses private key Pr to decipher the first transmission security key ciphertext Ctk_Pu and obtains transmission security key TK.
By described digital digest module, can judge at TK described in MTMS system 20 whether be modified, thereby the TK that the TK that assurance is uploaded from MTMS system 20 uploads with POS terminal 10 is consistent.
Refer to Fig. 2 and Fig. 3, Fig. 2 is the structured flowchart of described two-way authentication A module, and Fig. 3 is the structured flowchart of described two-way authentication B module.Wherein, described two-way authentication A module 105 comprises the first random number generation unit 1051, the first data transmit-receive unit 1052, the first encryption/decryption element 1053 and the first judging unit 1054, and described two-way authentication B module 304 comprises the second random number generation unit 3041, the second data transmit-receive unit 3042, the second encryption/decryption element 3043 and the second judging unit 3044.
The first random number generation unit 1051 is for generation of the first random number R nd1; The first data transmit-receive unit is for being sent to KMS system by the first random number R nd1 producing; The second data transmit-receive unit 3042 is for receiving the first random number R nd1; The second random number generation unit 3041, for when receiving the first random number R nd1, produces random number the 2nd Rnd2; The second encryption/decryption element 3043 is for when receiving the first random number R nd1, and the second hardware encipher machine 50 that calls uses certified transmission key A UK to encrypt the first random number R nd1 and obtains the first random number ciphertext Crnd1; The second data transmit-receive unit is for sending to POS terminal by the first random number ciphertext Crnd1 and the second random number R nd2;
The first encryption/decryption element 1053 is for when receiving the first random number ciphertext Crnd1 and the second random number R nd2, and the first random number ciphertext Crnd1 that uses certified transmission key A UK deciphering to receive obtains the 3rd random number R nd1 '; Whether the first judging unit 1054 is consistent with the first random number R nd1 for judging the 3rd random number R nd1 ';
The first encryption/decryption element 1053 is for judging that when described the first judging unit the 3rd random number R nd1 ' is with the first random number R nd1 when consistent, and use certified transmission key A UK encrypts the second random number R nd2 and generates the second random number ciphertext Crnd2; The first data transmit-receive unit 1052 is for sending to KMS system 30 by the second random number ciphertext Crnd2;
The second encryption/decryption element 3043 is for when receiving the second random number ciphertext Crnd2, call the second random number ciphertext Crnd2 acquisition the 4th random number R nd2 ' that hardware encipher machine uses certified transmission key A UK deciphering to receive, whether the second judging unit 3043 is consistent with the second random number R nd2 for judging the 4th random number R nd2 ', and when judging that the 4th random number R nd2 ' is with the second random number R nd2 when consistent, the two-way authentication between confirmation KMS system 30 and POS terminal 10 is passed through.
Referring to Fig. 4, is the general flow chart of a kind of terminal master key TMK of present embodiment method for safely downloading, and this terminal master key TMK method for safely downloading comprises:
S1, TK upload flow process;
S2, TMK download flow process;
Referring to Fig. 5, is the particular flow sheet of step S1, and this step specifically comprises:
S11, MTMS system call the first hardware encipher machine produce PKI Pu and private key Pr, and PKI Pu is sent to POS terminal and is stored in code keypad;
S12, MTMS system call the first hardware encipher machine, KMS system call the second hardware encipher machine, in hardware encipher machine separately, MTMS System Privileges component and KMS authority component are synthesized to Protective Key PK and MAC key MAK respectively, and described Protective Key PK and MAC key MAK are stored in the first hardware encipher machine and the second hardware encipher machine in the lump;
S13, POS terminal are called code keypad and are produced symmetrical transmission security key TK, and described transmission security key TK comprises traffic encryption key TEK and certified transmission key A UK;
S14, POS terminal are called the code keypad Pu encrypted transmission cipher key T K that uses public-key and are generated the first transmission security key ciphertext Ctk_Pu, and transmission the first key ciphertext Ctk_Pu and terminal serial number SN are sent to MTMS system;
S15, MTMS system by the terminal serial number SN receiving associated with the first transmission security key ciphertext Ctk_Pu be stored in MTMS system database;
S16, MTMS system call the first hardware encipher machine use private key Pr to decipher the first transmission security key ciphertext Ctk_Pu and obtain transmission security key TK, then use Protective Key PK encrypted transmission cipher key T K and use MAC key MAK to calculate MAC value, generate the second transmission security key ciphertext Ctk_pk, then terminal serial number SN and the second transmission security key ciphertext Ctk_pk are sent to KMS system;
The terminal serial number SN that S17, KMS system send MTMS system is stored in KMS database associatedly with the second transmission security key ciphertext Ctk_pk;
Referring to Fig. 6, is the particular flow sheet of step S2, and this step specifically comprises:
S21, POS terminal are sent to KMS system by terminal serial number SN and the application of download master key;
S22, KMS system receive the terminal serial number SN of POS terminal transmission and download after master key application, inquire about the second transmission security key ciphertext Ctk_pk corresponding with terminal serial number SN;
S23, KMS system call the second hardware encipher machine use MAC key MAK to the second transmission security key ciphertext Ctk_pk verification MAC legitimacy inquiring, if verification is passed through, use Protective Key PK to decipher the second transmission security key ciphertext Ctk_pk and obtain transmission security key TK and be stored in described the second hardware encipher machine;
After S24, KMS system acquisition transmission security key TK, calling the second hardware encipher machine uses authenticate key AUK and POS terminal to carry out two-way authentication;
If S25 authentication is passed through, KMS system call the second hardware encipher machine uses traffic encryption key TEK to encrypt terminal master key TMK and generates master key ciphertext Ctmk and master key ciphertext Ctmk is sent to POS terminal;
S26, POS terminal are called code keypad and are used traffic encryption key TEK deciphering master key ciphertext Ctmk obtain terminal master key TMK and terminal master key TMK is stored in code keypad.
Wherein, described " MTMS system call the first hardware encipher machine produces PKI Pu and private key Pr, and PKI Pu is sent to POS terminal and is stored in code keypad " specifically comprises:
MTMS system call the first hardware encipher machine produces PKI Pu and private key Pr, and PKI Pu is issued to CA center;
MTMS system CongCA center obtains the work certificate HsmWCRT generating and is kept in database, and work certificate HsmWCRT is sent to POS terminal, and work certificate HsmWCRT is used root certificate HsmRCRT to generate PKI Pu signature;
POS terminal is used the legitimacy of the root certificate HsmRCRT checking work certificate HsmWCRT that burns sheet prepackage, and POS terminal is extracted PKI Pu and is stored in code keypad from work certificate HsmWCRT after being verified.
Wherein, described " MTMS system by the terminal serial number SN receiving associated with the first transmission security key ciphertext Ctk_Pu be stored in MTMS system database " specifically comprise:
MTMS system is packed the terminal serial number SN receiving and the first transmission security key ciphertext Ctk_Pu generate the first digital digest, and described terminal serial number SN and the first transmission security key ciphertext Ctk_Pu are separated and are stored in MTMS system database with described the first digital digest;
Described " MTMS system call the first hardware encipher machine uses private key Pr to decipher the first transmission security key ciphertext Ctk_Pu and obtains transmission security key TK " specifically comprises:
Terminal serial number SN and the first transmission security key ciphertext Ctk_Pu that MTMS system is extracted described packing generate the second digital digest;
Judge whether described the second digital digest equates with the first digital digest, if equated, the first hardware encipher machine that calls uses private key Pr to decipher the first transmission security key ciphertext Ctk_Pu and obtains transmission security key TK.
Wherein, described " after KMS system acquisition transmission security key TK, calling the second hardware encipher machine uses authenticate key AUK and POS terminal to carry out two-way authentication " specifically comprises:
POS terminal produces the first random number R nd1 and the first random number R nd1 is sent to KMS system;
KMS system produces random number the 2nd Rnd2 after receiving the first random number R nd1, the second hardware encipher machine that calls uses authenticate key AUK to encrypt the first random number R nd1 and obtains the first random number ciphertext Crnd1, and the first random number ciphertext Crnd1 and the second random number R nd2 are sent to POS terminal;
The first random number ciphertext Crnd1 that POS terminal is used authenticate key AUK deciphering to receive obtains the 3rd random number R nd1 ', judges that whether the 3rd random number R nd1 ' is consistent with the first random number R nd1:
If the 3rd random number R nd1 ' is consistent with the first random number R nd1, POS terminal is used authenticate key AUK to encrypt the second random number R nd2 and is generated the second random number ciphertext Crnd2, and the second random number ciphertext Crnd2 is sent to KMS system;
The second random number ciphertext Crnd2 that KMS system call the second hardware encipher machine uses authenticate key AUK deciphering to receive obtains the 4th random number R nd2 ', judges that whether the 4th random number R nd2 ' is consistent with the second random number R nd2;
If the 4th random number R nd2 ' is consistent with the second random number R nd2, KMS system and POS terminal authentication pass through.
In the present invention, transmission security key TK calculates the original uncommon Kazakhstan value of TK while producing, and when each storage, transmission or use TK, the uncommon Kazakhstan value of first verification TK just can be used TK after upchecking.Uncommon Kazakhstan value by verification TK can prevent that memory device from causing the error in data of storage extremely, determines that whether key is correct.
Beneficial effect of the present invention is: the essential technological deficiency of concentrating download terminal master key that is different from prior art, the present invention is by POS terminal upload transfers cipher key T K, after encrypting terminal master key TMK by TK, download to POS terminal, realized POS terminal remote download terminal master key TMK, after having avoided POS terminal by concentrated download master key, cloth is put into trade company again, logistics cost and concentrated download-maintenance cost have been reduced, and before transmitting master key between POS terminal and KMS, also carried out two-way authentication, improved the download safety of master key.Further, master key TMK of the present invention is generated by KMS system, therefore facilitates KMS system to the follow-up maintenance of master key TMK and management.Further, the present invention unifies to gather and upload to TK by MTMS system, collection and the management of TK have been facilitated, simultaneously, between POS terminal and KMS system, by MTMS system, carry out TK and upload, avoided every POS terminal and the direct communication of KMS system, alleviated work load and the difficulty of KMS system, also the authenticity of the TK that facilitates KMS system identification to communicate with the identity of connecting object and upload, has improved the accurate transmission of TK and the operating efficiency of KMS system simultaneously.
The foregoing is only embodiments of the invention; not thereby limit the scope of the claims of the present invention; every equivalent structure or conversion of equivalent flow process that utilizes specification of the present invention and accompanying drawing content to do; or be directly or indirectly used in other relevant technical fields, be all in like manner included in scope of patent protection of the present invention.