CN104636681A - Security transmission method and device for banknote storage data - Google Patents
Security transmission method and device for banknote storage data Download PDFInfo
- Publication number
- CN104636681A CN104636681A CN201410805328.0A CN201410805328A CN104636681A CN 104636681 A CN104636681 A CN 104636681A CN 201410805328 A CN201410805328 A CN 201410805328A CN 104636681 A CN104636681 A CN 104636681A
- Authority
- CN
- China
- Prior art keywords
- handheld terminal
- operation system
- authentication
- data
- described operation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
- G06F21/35—User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Mobile Radio Communication Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a security transmission method and device for banknote storage data, and relates to the field of special application of banknote storage logistics management. The method comprises the steps that bidirectional authentication is started and executed when a business system or a hand-held terminal for reading banknote transport bag electronic signing and sealing data detects that an opposite party conducts wireless USB connection; the business system or the hand-held terminal refuses to transmit data to the opposite party according to a bidirectional authentication failure result; the business system or the hand-held terminal starts an encrypted data transmission function according to a bidirectional authentication success result; after the business system or the hand-held terminal starts the encrypted data transmission function, the business system or the hand-held terminal encrypts the data according to a dynamic public key transmitted by the opposite party, and transmits the encrypted data to the opposite party through a wireless USB link. By means of the security transmission method and device for the banknote storage data, the aim of preventing banknote storage information from being revealed, forged and tampered is achieved, the security of banknote storage information transmission is improved, and the security protection of data interactive transmission between the business system and the hand-held terminal is achieved.
Description
Technical field
The present invention relates to the extraordinary application of paper money storing flow management, particularly a kind of safe transmission method and device storing data for banknote.
Background technology
USB (universal serial bus) (USB:Universal Serial Bus) is being got lines crossed referred to as logical, is an external bus standard, is applied to the interfacing field of computing machine, for connection and the communication of specification computer and external unit.The plug and play of USB interface support equipment and warm connection function.
In paper money storage logistics field, relate to data and be sensitive data, because bottom adopts standard USB communications protocol, data stream can be monitored, along with monitored increased frequency, instruction stream just can be stolen, once adopt, the data stream of plaintext transmission is monitored to be cracked, offender just can utilize the leak of grasp to carry out data falsification, altered data, causes safely immeasurable loss to national wealth.Therefore, solution is needed for the safe transmission protection carrying out data transmission via Wireless USB badly.
Summary of the invention
The object of the present invention is to provide a kind of safe transmission method and the device that store data for banknote, can solve when carrying out data transmission via Wireless USB, the problem that paper money storage information is revealed, forges and distorted.
According to an aspect of the present invention, provide a kind of safe transmission method storing data for banknote, comprising:
Operation system or the handheld terminal that reads fortune paper money bag electronic sealing data detect the other side and its carry out Wireless USB be connected time, start and perform two-way authentication;
Described operation system or described handheld terminal, according to the result of two-way authentication failure, are refused to transmit to the other side;
Described operation system or described handheld terminal, according to the successful result of two-way authentication, start encrypted data transmission function;
After described operation system or described handheld terminal start encrypted data transmission function, according to the dynamic public key encryption data that the other side transmits, and the data after encryption are transferred to the other side by Wireless USB Link.
Preferably, described operation system detect the other side and its carry out Wireless USB be connected time, to start and the step performing two-way authentication comprises:
Described operation system detecting that the other side and its carry out starting two-way authentication function when Wireless USB is connected, and sends authentication request information and the first random number to handheld terminal;
Described operation system receives from the handheld terminal authentication information of described handheld terminal according to described authentication request information and the first generating random number;
Described operation system carries out certification according to described handheld terminal authentication information to described handheld terminal, and sends operation system authentication information to described handheld terminal after the authentication has been successful;
Described handheld terminal carries out certification according to described operation system authentication information to described operation system, obtains two-way authentication result.
Preferably, described handheld terminal detect the other side and its carry out Wireless USB be connected time, to start and the step performing two-way authentication comprises:
Described handheld terminal detecting that the other side and its carry out starting two-way authentication function when Wireless USB is connected, and sends authentication request information and the first random number to operation system;
Described handheld terminal receives from the operation system authentication information of described operation system according to described authentication request information and the first generating random number;
Described handheld terminal carries out certification according to described operation system authentication information to described operation system, and sends handheld terminal authentication information to described operation system after the authentication has been successful;
Described operation system carries out certification according to described handheld terminal authentication information to described operation system, obtains two-way authentication result.
Preferably, described handheld terminal comprises according to the step of the handheld terminal authentication information of described authentication request information and the first generating random number:
Described handheld terminal generates authentication calculations solicited message according to described authentication request information, and described authentication calculations solicited message and the first random number is sent to the processor of handheld terminal;
Described processor calculates the first random number according to described authentication calculations solicited message, obtains first information authentication code;
The first information authentication code that described processor will calculate, handheld terminal identify label (ID:Identity) number sends to handheld terminal with the second random number generated as handheld terminal authentication information.
Preferably, described operation system comprises the step that described handheld terminal carries out certification according to described handheld terminal authentication information:
Described operation system calculates the message authentication code for certification handheld terminal according to the first nonce count;
The described message authentication code calculated and the first information authentication code from described handheld terminal are compared, whether both judgements are consistent;
If both are consistent, then to described handheld terminal authentication success, otherwise, then to described handheld terminal authentification failure.
Preferably, if described operation system transmits data to handheld terminal, then the step of dynamic public key encryption data that described operation system transmits according to handheld terminal comprises:
If described operation system transmits data to handheld terminal, then described operation system sends data transfer request to described handheld terminal;
Described operation system receives the dynamic PKI sent according to described data transfer request from described handheld terminal;
Described operation system utilizes the dynamic PKI received to be encrypted data, obtains enciphered data.
Preferably, described operation system also comprises the data after encryption are transferred to the step of handheld terminal by Wireless USB Link after, and described handheld terminal utilizes preset dynamic private key to be decrypted described enciphered data, obtains raw data.
According to a further aspect in the invention, provide a kind of safe transmission device storing data for banknote, comprising:
Start module, for operation system or the handheld terminal that reads fortune paper money bag electronic sealing data detect the other side and its carry out Wireless USB be connected time, start and perform two-way authentication;
Failure module, for described operation system or described handheld terminal according to the result of two-way authentication failure, refuses to transmit to the other side;
Success module, for described operation system or described handheld terminal according to the successful result of two-way authentication, starts encrypted data transmission function;
Data after encryption for after described operation system or described handheld terminal start encrypted data transmission function, according to the dynamic public key encryption data that the other side transmits, and are transferred to the other side by Wireless USB Link by encrypting module.
Preferably, described startup module comprises further:
First detection sub-module, for described operation system detecting that the other side and its carry out starting two-way authentication function when Wireless USB is connected, and sends authentication request information and the first random number to handheld terminal;
First receives submodule, receives from the handheld terminal authentication information of described handheld terminal according to described authentication request information and the first generating random number for described operation system;
First authentication sub module, carries out certification according to described handheld terminal authentication information to described handheld terminal for described operation system, and sends operation system authentication information to described handheld terminal after the authentication has been successful;
First bears fruit module, carries out certification, obtain two-way authentication result for described handheld terminal according to described operation system authentication information to described operation system.
Preferably, described startup module further comprises:
Second detection sub-module, for described handheld terminal detecting that the other side and its carry out starting two-way authentication function when Wireless USB is connected, and sends authentication request information and the first random number to operation system;
Second receives submodule, receives from the operation system authentication information of described operation system according to described authentication request information and the first generating random number for described handheld terminal;
Second authentication sub module, carries out certification according to described operation system authentication information to described operation system for described handheld terminal, and sends handheld terminal authentication information to described operation system after the authentication has been successful;
Second bears fruit module, carries out certification, obtain two-way authentication result for described operation system according to described handheld terminal authentication information to described operation system.
Compared with prior art; beneficial effect of the present invention is: can by paper money storage logistics field; there is provided a kind of via the operation system of Wireless USB and the two-way authentication of handheld terminal; and after authentication success; dynamic key is utilized to be encrypted the method for Security Data Transmission; reach the object avoiding paper money storage information to be revealed, forge and distort, improve the security of paper money storage information transmission, realize the safeguard protection to data interaction transmission between operation system and handheld terminal.
Accompanying drawing explanation
Fig. 1 is the Method And Principle figure storing the safe transmission of data for banknote that the embodiment of the present invention provides;
Fig. 2 is the structure drawing of device storing the safe transmission of data for banknote that the embodiment of the present invention provides;
Fig. 3 is the two-way authentication process flow diagram storing the safe transmission of data for banknote that the embodiment of the present invention provides;
Fig. 4 is the data interaction process flow diagram storing the safe transmission of data for banknote that the embodiment of the present invention provides.
Embodiment
Below in conjunction with accompanying drawing to a preferred embodiment of the present invention will be described in detail, should be appreciated that following illustrated preferred embodiment is only for instruction and explanation of the present invention, is not intended to limit the present invention.
Fig. 1 is the Method And Principle figure storing the safe transmission of data for banknote that the embodiment of the present invention provides, and as shown in Figure 1, concrete steps are as follows:
Step S1: operation system or the handheld terminal that reads fortune paper money bag electronic sealing data detect the other side and its carry out Wireless USB be connected time, start and perform two-way authentication.
In step sl, when operation system carries out certification to handheld terminal, described operation system detecting that the other side and its carry out starting two-way authentication function when Wireless USB is connected, and sends authentication request information and the first random number to handheld terminal;
Described operation system receives from the handheld terminal authentication information of described handheld terminal according to described authentication request information and the first generating random number;
Described operation system carries out certification according to described handheld terminal authentication information to described handheld terminal, and sends operation system authentication information to described handheld terminal after the authentication has been successful;
Described handheld terminal carries out certification according to described operation system authentication information to described operation system, obtains two-way authentication result.
Further, when handheld terminal carries out certification to operation system, described handheld terminal detecting that the other side and its carry out starting two-way authentication function when Wireless USB is connected, and sends authentication request information and the first random number to operation system;
Described handheld terminal receives from the operation system authentication information of described operation system according to described authentication request information and the first generating random number;
Described handheld terminal carries out certification according to described operation system authentication information to described operation system, and sends handheld terminal authentication information to described operation system after the authentication has been successful;
Described operation system carries out certification according to described handheld terminal authentication information to described operation system, obtains two-way authentication result.
Further, when operation system carries out certification to handheld terminal, described handheld terminal comprises according to the step of the handheld terminal authentication information of described authentication request information and the first generating random number:
Described handheld terminal generates authentication calculations solicited message according to described authentication request information, and described authentication calculations solicited message and the first random number is sent to the processor of handheld terminal;
Described processor calculates the first random number according to described authentication calculations solicited message, obtains first information authentication code;
The first information authentication code that described processor will calculate, No. ID, handheld terminal and the second random number generated send to handheld terminal as handheld terminal authentication information.
Further, when operation system carries out certification to handheld terminal, described operation system comprises the step that described handheld terminal carries out certification according to described handheld terminal authentication information:
Described operation system calculates the message authentication code for certification handheld terminal according to the first nonce count;
The described message authentication code calculated and the first information authentication code from described handheld terminal are compared, whether both judgements are consistent;
If both are consistent, then to described handheld terminal authentication success, otherwise, then to described handheld terminal authentification failure.
Step S2: described operation system or described handheld terminal, according to the result of two-way authentication failure, are refused to transmit to the other side.
Step 3: described operation system or described handheld terminal, according to the successful result of two-way authentication, start encrypted data transmission function.
Step S4: after described operation system or described handheld terminal start encrypted data transmission function, according to the dynamic public key encryption data that the other side transmits, and the data after encryption are transferred to the other side by Wireless USB Link.
In step s 4 which, if described operation system transmits data to handheld terminal, then the step of dynamic public key encryption data that described operation system transmits according to handheld terminal comprises:
If described operation system transmits data to handheld terminal, then described operation system sends data transfer request to described handheld terminal;
Described operation system receives the dynamic PKI sent according to described data transfer request from described handheld terminal;
Described operation system utilizes the dynamic PKI received to be encrypted data, obtains enciphered data.
Further, described operation system also comprises the data after encryption are transferred to the step of handheld terminal by Wireless USB Link after, and described handheld terminal utilizes preset dynamic private key to be decrypted described enciphered data, obtains raw data.
Wherein, the fortune paper money bag electronic sealing corresponding to the handheld terminal reading fortune paper money bag electronic sealing data is the electronic sealing possessing functional processor, comprising: antenna, radio-frequency (RF) identification chip (RFID:Radio Frequency Identification), for the processor of data encryption with to unblank the controller of locking for controlling electric lock.
Fig. 2 is the structure drawing of device storing the safe transmission of data for banknote that the embodiment of the present invention provides, and as shown in Figure 2, comprising: start module, failed module, successful module and encrypting module.
The handheld terminal that described startup module is used for operation system or reads fortune paper money bag electronic sealing data detect the other side and its carry out Wireless USB be connected time, start and perform two-way authentication.Wherein, when operation system carries out certification to handheld terminal, first detection sub-module of described startup module is used for described operation system detecting that the other side and its carry out starting two-way authentication function when Wireless USB is connected, and sends authentication request information and the first random number to handheld terminal.First of described startup module receives submodule and is used for described operation system and receives from the handheld terminal authentication information of described handheld terminal according to described authentication request information and the first generating random number.First authentication sub module of described startup module is used for described operation system and carries out certification according to described handheld terminal authentication information to described handheld terminal, and sends operation system authentication information to described handheld terminal after the authentication has been successful.First of described startup module bears fruit module, carries out certification, obtain two-way authentication result for described handheld terminal according to described operation system authentication information to described operation system.
When operation system carries out certification to handheld terminal, second detection sub-module of described startup module is used for described handheld terminal detecting that the other side and its carry out starting two-way authentication function when Wireless USB is connected, and sends authentication request information and the first random number to operation system.Second of described startup module receives submodule and is used for described handheld terminal and receives from the operation system authentication information of described operation system according to described authentication request information and the first generating random number.Second authentication sub module of described startup module is used for described handheld terminal and carries out certification according to described operation system authentication information to described operation system, and sends handheld terminal authentication information to described operation system after the authentication has been successful.Second of the described startup module module that bears fruit carries out certification according to described handheld terminal authentication information to described operation system for described operation system, obtains two-way authentication result.
Described failed module is used for described operation system or described handheld terminal according to the result of two-way authentication failure, refuses to transmit to the other side.
Described successful module is used for described operation system or described handheld terminal according to the successful result of two-way authentication, starts encrypted data transmission function.
Described encrypting module is used for, after described operation system or described handheld terminal start encrypted data transmission function, according to the dynamic public key encryption data that the other side transmits, and the data after encryption being transferred to the other side by Wireless USB Link.
Fig. 3 is the two-way authentication process flow diagram storing the safe transmission of data for banknote that the embodiment of the present invention provides, as shown in Figure 3, for the two-way authentication of operation system and handheld terminal, the legitimacy of operation system certification handheld terminal, the legitimacy of handheld terminal authentication business system.Concrete implementation method is as follows:
(1), after certification instruction and random number R DM1 are packaged into complete package data by operation system, handheld terminal is sent to via USB.
(2) handheld terminal generates computation requests according to the certification instruction in complete package data, and the computation requests of generation and random number R DM1 is transmitted to the point of sales terminal secure access module (PSAM:Purchase Secure Access Module) of handheld terminal inside.
(3) PSAM card is according to after receiving computation requests and random number R DM1, return No. ID, PSAM card, and according to random number R DM1, computation requests according to Effect-based operation authentication code (MAC:Message Authentication Code) calculates message authentication code MAC1, generates random number R DM2 simultaneously.
(4) handheld terminal by No. ID, message authentication code MAC1 and random number R DM2 turns back to operation system via USB.
(5) the message authentication code MAC1 that the message authentication code MAC1 that returned by handheld terminal of operation system and operation system calculate according to random number R DM1 contrasts.
If message authentication code MAC1 is identical, then finishing service system is to the certification of handheld terminal, and Record ID number preserves authentication success record, otherwise, stop subsequent authentication flow process, Record ID number, preserve certification exception record.
(6) operation system calculates message authentication code MAC2 according to the random number R DM2 that handheld terminal returns, and is back to handheld terminal.
(7) the message authentication code MAC2 received is sent to PSAM card by handheld terminal, and PSAM card calculates message authentication code MAC2 according to random number R DM2, and message authentication code MAC2 is sent to handheld terminal.Calculated message authentication code MAC2 and the message authentication code MAC2 received compare by handheld terminal, if identical, then complete the certification of handheld terminal to operation system, and return successful message to operation system.
(8), after completing two-way authentication, the encrypt data transmission between operation system and handheld terminal can just be carried out.Encrypt data transmission adopts RSA asymmetric arithmetic, and the cipher mode utilizing public and private key right carries out data encryption.
Fig. 4 is the data interaction process flow diagram storing the safe transmission of data for banknote that the embodiment of the present invention provides, as shown in Figure 4, for the data interaction of operation system and handheld terminal, operation system sends data transfer command to after handheld terminal, dynamic PKI is utilized to carry out data encryption, and enciphered data is sent to handheld terminal, handheld terminal utilizes private key to carry out data deciphering, and finishing service system is transmitted to the data of handheld terminal; Handheld terminal sends data transfer command to operation system, and after utilizing dynamic PKI to carry out data encryption, enciphered data is sent to operation system, operation system utilizes private key to carry out data deciphering, completes handheld terminal and transmits to the data of operation system.Concrete implementation method is as follows:
(1) operation system sends data to handheld terminal.Operation system sends data to handheld terminal and sends order, and handheld terminal obtains dynamic PKI A, and is uploaded to operation system after receiving data transmission order from PSAM card.After operation system uses dynamic PKI A to carry out data encryption, enciphered data is sent to handheld terminal, enciphered data is sent to PSAM card by handheld terminal, and PSAM card uses corresponding dynamically private key A to carry out data deciphering, and finishing service system is transmitted to the data of handheld terminal.
(2) handheld terminal sends data to operation system.Handheld terminal sends data to operation system and sends order, and operation system generates dynamic PKI B, and is sent to handheld terminal after receiving data transmission order.Enciphered data is sent to operation system after using dynamic PKI B to carry out data encryption by handheld terminal, and operation system uses corresponding dynamically private key B to carry out data deciphering, and finishing service system is transmitted to the data of handheld terminal.
In sum; the present invention has following technique effect: can by being provided in paper money storage logistics field; a kind of via the operation system of USB and the two-way authentication of handheld terminal; and after authentication success; dynamic key is utilized to be encrypted the method for Security Data Transmission; reach the object avoiding paper money storage information to be revealed, forge and distort, improve the security of paper money storage information transmission, realize the safeguard protection to data interaction transmission between operation system and handheld terminal.
Although above to invention has been detailed description, the present invention is not limited thereto, those skilled in the art of the present technique can carry out various amendment according to principle of the present invention.Therefore, all amendments done according to the principle of the invention, all should be understood to fall into protection scope of the present invention.
Claims (10)
1. store a safe transmission method for data for banknote, it is characterized in that, comprising:
Operation system or the handheld terminal that reads fortune paper money bag electronic sealing data detect the other side and its carry out Wireless USB be connected time, start and perform two-way authentication;
Described operation system or described handheld terminal, according to the result of two-way authentication failure, are refused to transmit to the other side;
Described operation system or described handheld terminal, according to the successful result of two-way authentication, start encrypted data transmission function;
After described operation system or described handheld terminal start encrypted data transmission function, according to the dynamic public key encryption data that the other side transmits, and the data after encryption are transferred to the other side by Wireless USB Link.
2. method according to claim 1, is characterized in that, described operation system detect the other side and its carry out Wireless USB be connected time, to start and the step performing two-way authentication comprises:
Described operation system detecting that the other side and its carry out starting two-way authentication function when Wireless USB is connected, and sends authentication request information and the first random number to handheld terminal;
Described operation system receives from the handheld terminal authentication information of described handheld terminal according to described authentication request information and the first generating random number;
Described operation system carries out certification according to described handheld terminal authentication information to described handheld terminal, and sends operation system authentication information to described handheld terminal after the authentication has been successful;
Described handheld terminal carries out certification according to described operation system authentication information to described operation system, obtains two-way authentication result.
3. method according to claim 1, is characterized in that, described handheld terminal detect the other side and its carry out Wireless USB be connected time, to start and the step performing two-way authentication comprises:
Described handheld terminal detecting that the other side and its carry out starting two-way authentication function when Wireless USB is connected, and sends authentication request information and the first random number to operation system;
Described handheld terminal receives from the operation system authentication information of described operation system according to described authentication request information and the first generating random number;
Described handheld terminal carries out certification according to described operation system authentication information to described operation system, and sends handheld terminal authentication information to described operation system after the authentication has been successful;
Described operation system carries out certification according to described handheld terminal authentication information to described operation system, obtains two-way authentication result.
4. method according to claim 2, is characterized in that, described handheld terminal comprises according to the step of the handheld terminal authentication information of described authentication request information and the first generating random number:
Described handheld terminal generates authentication calculations solicited message according to described authentication request information, and described authentication calculations solicited message and the first random number is sent to the processor of handheld terminal;
Described processor calculates the first random number according to described authentication calculations solicited message, obtains first information authentication code;
The first information authentication code that described processor will calculate, No. ID, handheld terminal and the second random number generated send to handheld terminal as handheld terminal authentication information.
5. the method according to claim 2 or 4, is characterized in that, described operation system comprises the step that described handheld terminal carries out certification according to described handheld terminal authentication information:
Described operation system calculates the message authentication code for certification handheld terminal according to the first nonce count;
The described message authentication code calculated and the first information authentication code from described handheld terminal are compared, whether both judgements are consistent;
If both are consistent, then to described handheld terminal authentication success, otherwise, then to described handheld terminal authentification failure.
6. method according to claim 2, is characterized in that, if described operation system transmits data to handheld terminal, then the step of dynamic public key encryption data that described operation system transmits according to handheld terminal comprises:
If described operation system transmits data to handheld terminal, then described operation system sends data transfer request to described handheld terminal;
Described operation system receives the dynamic PKI sent according to described data transfer request from described handheld terminal;
Described operation system utilizes the dynamic PKI received to be encrypted data, obtains enciphered data.
7. method according to claim 6, it is characterized in that, described operation system also comprises the data after encryption are transferred to the step of handheld terminal by Wireless USB Link after, and described handheld terminal utilizes preset dynamic private key to be decrypted described enciphered data, obtains raw data.
8. store a safe transmission device for data for banknote, it is characterized in that, comprising:
Start module, for operation system or the handheld terminal that reads fortune paper money bag electronic sealing data detect the other side and its carry out Wireless USB be connected time, start and perform two-way authentication;
Failure module, for described operation system or described handheld terminal according to the result of two-way authentication failure, refuses to transmit to the other side;
Success module, for described operation system or described handheld terminal according to the successful result of two-way authentication, starts encrypted data transmission function;
Data after encryption for after described operation system or described handheld terminal start encrypted data transmission function, according to the dynamic public key encryption data that the other side transmits, and are transferred to the other side by Wireless USB Link by encrypting module.
9. device according to claim 8, is characterized in that, described startup module comprises further:
First detection sub-module, for described operation system detecting that the other side and its carry out starting two-way authentication function when Wireless USB is connected, and sends authentication request information and the first random number to handheld terminal;
First receives submodule, receives from the handheld terminal authentication information of described handheld terminal according to described authentication request information and the first generating random number for described operation system;
First authentication sub module, carries out certification according to described handheld terminal authentication information to described handheld terminal for described operation system, and sends operation system authentication information to described handheld terminal after the authentication has been successful;
First bears fruit module, carries out certification, obtain two-way authentication result for described handheld terminal according to described operation system authentication information to described operation system.
10. device according to claim 8, is characterized in that, described startup module further comprises:
Second detection sub-module, for described handheld terminal detecting that the other side and its carry out starting two-way authentication function when Wireless USB is connected, and sends authentication request information and the first random number to operation system;
Second receives submodule, receives from the operation system authentication information of described operation system according to described authentication request information and the first generating random number for described handheld terminal;
Second authentication sub module, carries out certification according to described operation system authentication information to described operation system for described handheld terminal, and sends handheld terminal authentication information to described operation system after the authentication has been successful;
Second bears fruit module, carries out certification, obtain two-way authentication result for described operation system according to described handheld terminal authentication information to described operation system.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410805328.0A CN104636681B (en) | 2014-12-19 | 2014-12-19 | Safe transmission method and device for banknote storage data |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410805328.0A CN104636681B (en) | 2014-12-19 | 2014-12-19 | Safe transmission method and device for banknote storage data |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104636681A true CN104636681A (en) | 2015-05-20 |
| CN104636681B CN104636681B (en) | 2020-05-26 |
Family
ID=53215415
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410805328.0A Active CN104636681B (en) | 2014-12-19 | 2014-12-19 | Safe transmission method and device for banknote storage data |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104636681B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110059489A (en) * | 2018-01-19 | 2019-07-26 | 旭景科技股份有限公司 | Safe electronic equipment |
| CN110581832A (en) * | 2018-06-11 | 2019-12-17 | 鸿富锦精密工业(武汉)有限公司 | Interface data transmission method and electronic equipment thereof |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6073236A (en) * | 1996-06-28 | 2000-06-06 | Sony Corporation | Authentication method, communication method, and information processing apparatus |
| CN1571335A (en) * | 2004-04-30 | 2005-01-26 | 北京航空航天大学 | A source authentication method applied in multicast communication system |
| CN103716794A (en) * | 2013-12-25 | 2014-04-09 | 北京握奇数据系统有限公司 | Two-way safety verification method and system based on portable device |
| CN103824185A (en) * | 2014-03-05 | 2014-05-28 | 平安付智能技术有限公司 | mobile intelligent terminal payment method and system based on low-power-consumption Bluetooth |
-
2014
- 2014-12-19 CN CN201410805328.0A patent/CN104636681B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6073236A (en) * | 1996-06-28 | 2000-06-06 | Sony Corporation | Authentication method, communication method, and information processing apparatus |
| CN1571335A (en) * | 2004-04-30 | 2005-01-26 | 北京航空航天大学 | A source authentication method applied in multicast communication system |
| CN103716794A (en) * | 2013-12-25 | 2014-04-09 | 北京握奇数据系统有限公司 | Two-way safety verification method and system based on portable device |
| CN103824185A (en) * | 2014-03-05 | 2014-05-28 | 平安付智能技术有限公司 | mobile intelligent terminal payment method and system based on low-power-consumption Bluetooth |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110059489A (en) * | 2018-01-19 | 2019-07-26 | 旭景科技股份有限公司 | Safe electronic equipment |
| CN110059489B (en) * | 2018-01-19 | 2021-08-17 | 旭景科技股份有限公司 | Secure electronic device |
| CN110581832A (en) * | 2018-06-11 | 2019-12-17 | 鸿富锦精密工业(武汉)有限公司 | Interface data transmission method and electronic equipment thereof |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104636681B (en) | 2020-05-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108234132B (en) | Secure communication system and method for main control chip and encryption chip | |
| CN101114901B (en) | Safety authentication system, apparatus and method for non-contact type wireless data transmission | |
| RU2659488C2 (en) | Wireless communication system | |
| US7735132B2 (en) | System and method for encrypted smart card PIN entry | |
| EP3001598B1 (en) | Method and system for backing up private key in electronic signature token | |
| EP2937806A1 (en) | Method and system for securing electronic data exchange between an industrial programmable device and a portable programmable device | |
| CN101789068B (en) | Card reader safety certification device and method | |
| CN108323230B (en) | Method for transmitting key, receiving terminal and distributing terminal | |
| CN104393993A (en) | A security chip for electricity selling terminal and the realizing method | |
| CN103701757A (en) | Identity authentication method and system for service access | |
| CN111131300A (en) | Communication method, terminal and server | |
| CN106411902A (en) | Data secure transmission method and system | |
| CN101944216A (en) | Two-factor online transaction safety authentication method and system | |
| CN101540675B (en) | Smart key equipment and communication method and system of application software | |
| CN102082669A (en) | Security certification method and device | |
| CN104796262B (en) | Data ciphering method and terminal system | |
| WO2009069872A1 (en) | System and method for authenticating one-time virtual secret information | |
| CN103606223A (en) | Card authentication method and device | |
| KR102219086B1 (en) | HMAC-based source authentication and secret key sharing method and system for Unnamed Aerial vehicle systems | |
| CN104636681A (en) | Security transmission method and device for banknote storage data | |
| CN102571346B (en) | Method and device for preventing password of intelligent secret key device user from being stolen | |
| CN104883260A (en) | Certificate information processing and verification methods, processing terminal, and verification server | |
| EP2965488B1 (en) | Method and system for preparing a communication between a user device and a server | |
| EP2838224B1 (en) | Air interface security method and device | |
| CN105516182A (en) | Bidirectional authentication method and system used between smart card and reader-writer |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20180809 Address after: 100044 No. 143, West Gate Street, Xicheng District, Beijing. Applicant after: CHINA BANKNOTE PRINTING AND MINTING Corp. Applicant after: ZHONGCHAO CREDIT CARD INDUSTRY DEVELOPMENT Co.,Ltd. Address before: 100044 No. 143, West Gate Street, Xicheng District, Beijing. Applicant before: CHINA BANKNOTE PRINTING AND MINTING Corp. Applicant before: ZHONGCHAO CREDIT CARD INDUSTRY DEVELOPMENT Co.,Ltd. Applicant before: CHIAN BANKNOTE HISMART INFORMATION TECHNOLOGY (BEIJING) Co.,Ltd. |
|
| TA01 | Transfer of patent application right | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 100044 Beijing city Xicheng District Xizhimen Street No. 143 Patentee after: China Banknote Printing and Minting Group Co.,Ltd. Patentee after: ZHONGCHAO CREDIT CARD INDUSTRY DEVELOPMENT Co.,Ltd. Address before: 100044 Beijing city Xicheng District Xizhimen Street No. 143 Patentee before: CHINA BANKNOTE PRINTING AND MINTING Corp. Patentee before: ZHONGCHAO CREDIT CARD INDUSTRY DEVELOPMENT Co.,Ltd. |
|
| CP01 | Change in the name or title of a patent holder |